Inadequate Handling of Ephemeral Debug Containers or Distroless Images #4
Description
Feature handling request for ephemeral debug container and distroless images
We have a use case to use kubectl debug for troubleshooting.
It failed to use kubectl debug due to it couldn't attach to pod/sleep-*
I1211 12:00:58.355277 47983 round_trippers.go:463] POST https://127.0.0.1:14443/api/v1/namespaces/default/pods/sleep-87cfbc546-b5dk2/attach?container=debugger-6qjbk&stdin=true&stdout=true&tty=true
I1211 12:00:58.355294 47983 round_trippers.go:469] Request Headers:
I1211 12:00:58.355305 47983 round_trippers.go:473] User-Agent: kubectl/v1.28.2 (darwin/amd64) kubernetes/89a4ea3
I1211 12:00:58.355315 47983 round_trippers.go:473] X-Stream-Protocol-Version: v4.channel.k8s.io
I1211 12:00:58.355324 47983 round_trippers.go:473] X-Stream-Protocol-Version: v3.channel.k8s.io
I1211 12:00:58.355333 47983 round_trippers.go:473] X-Stream-Protocol-Version: v2.channel.k8s.io
I1211 12:00:58.355342 47983 round_trippers.go:473] X-Stream-Protocol-Version: channel.k8s.io
I1211 12:00:58.546856 47983 round_trippers.go:574] Response Status: 500 Internal Server Error in 191 milliseconds
I1211 12:00:58.546889 47983 round_trippers.go:577] Response Headers:
I1211 12:00:58.546903 47983 round_trippers.go:580] Date: Mon, 11 Dec 2023 20:00:58 GMT
I1211 12:00:58.546914 47983 round_trippers.go:580] Content-Length: 501
I1211 12:00:58.546925 47983 round_trippers.go:580] Audit-Id: 0c8e2fbf-c772-43b8-b08a-2cbb5053c6ca
I1211 12:00:58.546936 47983 round_trippers.go:580] Cache-Control: no-cache, private
I1211 12:00:58.546946 47983 round_trippers.go:580] Content-Type: application/json
warning: couldn't attach to pod/sleep-87cfbc546-b5dk2, falling back to streaming logs: Internal error occurred: failed calling webhook "validate-pod-exec.***.hookcfg": failed to call webhook: an error on the server ("") has prevented the request from succeeding
And for the other case, like distroless image container, it will also attach the TTL time and then delete the pod, even if the kubectl exec does not successfully execute.