In this article, we will look at the kubectl exec command to show how to get a shell into a running container in your Kubernetes (K8S) cluster and how to run individual commands on a container with some useful examples.
You can use kubectl exec to connect to a running container and also to execute single commands. Connecting to a container is useful to view logs, inspect processes, mount points, environment variables, and package versions, amongst other things.
kubectl exec will give you full shell access to the container, so modifying it and installing packages that are not part of the container image is possible but is not recommended unless for temporary troubleshooting purposes. If extra modifications or packages are required permanently for the container, the image should be modified, and the new version should be deployed to maintain immutability and reproducibility.
Let’s take a look at the syntax of the kubectl exec command with an example.
kubectl exec --stdin --tty aks-helloworld-one-56c7b8d79d-xqx5t -- /bin/bashaks-helloworld-one-56c7b8d79d-xqx5tis the name of the Pod with your container.- The double dash (
--) separates the arguments you want to pass to the command from thekubectlarguments. /bin/bashis the type of shell you want (it could also be/bin/shfor example).- The
--stdinoption passes the stdin (or standard input) to the container. Use-ifor short. - The
--ttyStdin is a TTY. Use-tfor short. - You can also specify the
--quietor-qoption to disable all output fromkubectlitself. You’ll only see output produced by the process running in the container. - You can also specify the length of time to wait until at least one pod is running, the default being 1m using
-pod-runnning-timeout. This is specified as the length of time (like 5s, 2m, or 3h, higher than zero), e.g.--pod-running-timeout=2m.
To get a shell to your container, first, find its name.
And to have all the commands in one place check out our Kubernetes Cheat Sheet with 15 Kubectl Commands & Objects.
kubectl get pods
Note that in order to get a shell, your container image has to have that shell available.
I have one running on my Azure Kubernetes Service (AKS) cluster called aks-helloworld-one-56c7b8d79d-lkz6s, which we will use for these examples. This uses the Hello world image, which is a simple Node.js web application used in Azure Container Instances for the examples on docs.microsoft.com.
Check out how to Provision Azure AKS Cluster Using Terraform.
This container is controlled by a deployment called aks-helloworld-one.
kubectl get deployments
My aks-helloworld-one.yaml deployment file looks like this:
apiVersion: apps/v1
kind: Deployment
metadata:
name: aks-helloworld-one
spec:
replicas: 1
selector:
matchLabels:
app: aks-helloworld-one
template:
metadata:
labels:
app: aks-helloworld-one
spec:
containers:
- name: aks-helloworld-one
image: mcr.microsoft.com/azuredocs/aks-helloworld:v1
ports:
- containerPort: 80
env:
- name: TITLE
value: "Welcome to Azure Kubernetes Service (AKS)"
---
apiVersion: v1
kind: Service
metadata:
name: aks-helloworld-one
spec:
type: ClusterIP
ports:
- port: 80
selector:
app: aks-helloworld-oneIf you are following along, you can create the file above and use the command below to deploy the container on your cluster:
kubectl create deployment aks-helloworld-one.yamlTo get a bash shell into the running container:
kubectl exec --stdin --tty aks-helloworld-one-56c7b8d79d-xqx5t -- /bin/bashOnce inside the container, you can run commands directly, e.g. ls to list the contents of the directory.
Or ps aux to view the running processes:
Once you are finished in the container, type exit to return to your console shell.
You can also run single commands directly using kubectl exec. Some useful examples are shown below:
- Get the time and date
kubectl exec <pod name> -- date
- List the running environment variables
kubectl exec <pod name> -- env
- Update packages
kubectl exec <pod name> -- apt-get update
- View the mount points
kubectl exec shell-demo -- cat /proc/1/mountsIf a Pod has more than one container, use --container or -c to specify a container in the kubectl exec command.
kubectl exec -i -t <pod name> --container <container name> -- /bin/bashYou can connect to a running container using kubectl exec and also use it to execute single commands. Connecting to a container is useful to view logs, inspect processes, mount points, environment variables, and package versions, amongst other things.
Also, check out how Spacelift helps you manage the complexities and compliance challenges of using Kubernetes. Anything that can be run via kubectl can be run within a Spacelift stack. Find out more about how Spacelift works with Kubernetes, and get started on your journey by creating a free trial account.
Cheers!
The most Flexible CI/CD Automation Tool
Spacelift is an alternative to using homegrown solutions on top of a generic CI. It helps overcome common state management issues and adds several must-have capabilities s for infrastructure management.
