How do you debug something when it’s running inside a container? Your app feels so hard-to-get at; so locked away from you, far away in the mists of your Kubernetes cluster… Well, it’s not as hard as you might think. In this article we’ll show you one way to get curl running in a Pod.
This is part of our mini-series on Kubernetes troubleshooting! Check out our other article with tips on troubleshooting your app in Kubernetes.
If you’re trying to diagnose an issue with your app in Kubernetes, you’ll probably want to look at curl. It’s a handy tool for testing APIs and network requests.
But what if your Pod doesn’t already contain curl?
Well, there is a way to run curl in Kubernetes:
Run curl in another Pod
A ‘clean’ way to run curl inside Kubernetes is to run it in a separate Pod.
You can create a Pod running curl, do the troubleshooting work you need to do, and then terminate the Pod.
First, we need to pick an image:
Find a utility image that contains curl
Since we’re using Kubernetes, we’re using containers!
So if we want to run a particular utility in our Kubernetes cluster, it’ll need to be packaged in a container image.
Fortunately, there are a couple of reliable images on Docker Hub, which contain curl:
|curlimages/curl||Docker Hub||The official curl image, seems to be regularly maintained (and less than 5MB, too!) ✅ ✅|
|redhat/ubi8||Docker Hub||Red Hat’s Universal Base Image, basically a containerised version of Red Hat Enterprise Linux. (And helpfully, it contains curl.)|
|radial/busyboxplus:curl||Docker Hub||This used to be great, but it’s not been updated in a while ❌|
What about Busybox?
Busybox is one of the other well-known “box of tools” type images. It doesn’t contain curl, but it does contain wget! (It’s a travesty, if you ask us.)
Docker Hub has limits on how much you can download. So if you’ve already exceeded your Docker Hub download limit, then you might run into problems!
If you’re blocked off
If you can’t get any of these images, because you’re perhaps running a cluster which is closed off from the internet, then you could try one of these instead:
Copy the image across. From a workstation which has access to both the internet and your Kubernetes cluster, pull, tag and push the image from Docker Hub into your internal registry.
Build your own curl image. It’s handy to have your own “toolbox” image for these types of situations!
Next we’ll fire up the curl Pod.
Create a new Pod that runs curl
Once you’ve picked an image that contains curl, the next thing to do is run it in Kubernetes, in a Pod.
To do that, I use the
kubectl run command, which creates a single Pod.
This command does the trick:
kubectl run mycurlpod --image=curlimages/curl -i --tty -- sh
Kubernetes will now pull the
curlimages/curl image, start the Pod, and drop you into a terminal session. So now you can use curl!
Make sure you run curl in the same Kubernetes namespace which you want to debug. If you run it in another namespace, the network environment could be quite different.
Use curl to make your test requests
Once you’re inside the Pod, you should be able to use curl just like normal.
Some of the things I normally try when troubleshooting are:
Try making a request to a hostname that I think should work – e.g. google.com
Try making a test to the service which my app can’t access – for example, try making a curl request to the backend API which I need to call.
Try making a request to my app itself. If the problem is that other apps can’t reach my Pod, then I’ll try making a curl request to it.
To show you what it looks like, I tested curl with a free silly facts API, run by aakhilv.me.
curl <hostname> tries to reach the host, and then prints out the response:
/ $ curl https://api.aakhilv.me/fun/facts ["Japan has one vending machine for every 40 people."]
Now that is an amazing fact. (Keep vending, Japan!)
Tidying up the curl Pod
Once you’ve finished testing, you can press Ctrl+D to escape the terminal session in the Pod.
The Pod will continue running afterwards. Look what happens when we do
kubectl get pod:
$ kubectl get pod NAME READY STATUS RESTARTS AGE mycurlpod 1/1 Running 1 72s
The Pod is still there!
So you can re-enter the Pod again using the
kubectl exec command:
kubectl exec -i --tty mycurlpod -- sh
Or, you can delete the Pod with the
kubectl delete pod command:
kubectl delete pod mycurlpod
That just about does it for another post!
I hope you’ve found this little Kubernetes troubleshooting tip useful. Now you know how to run curl in Kubernetes, the next time you have a gnarly problem to solve.
Want to share your feedback, or got another tricky problem for us? Let us know in the comments box below.