Home / server / Questions / 1048425
In Process
cclloyd
Asked: 2021-01-04 12:33:55 +0800 CST

Define default container when using sidecar container

  • 772

I use keycloak gatekeeper as a sidecar container for multiple pods on my cluster to enable SSO for those services.

But when I try to exec, view logs, etc; it asks what container I want to use instead of just going into it. Is there a way to define the default container that it will use for something like kubectl exec -it PODNAME when I don't pass the -c flag?

kubernetes

1 Answers

  1. What you are asking is currently working but it's very limited. According to kubectl exec documentation you can miss -c flag:

    -c, --container="": Container name. If omitted, the first container in the pod will be chosen

    but you have also specify some action/command like date, bash or sh.

    Get output from running 'date' from pod 123456-7890, using the first container by default kubectl exec 123456-7890 date

    I mention it's very limited, as this will use first container from list which was specified in YAML manifest. If you will use -c flag you can specify which one you want to execute.

    spec:
  containers:
  - image: httpd
    name: httpd
  - image: busybox
    command:
      - sleep
      - "3600"
    imagePullPolicy: IfNotPresent
    name: busybox

    Output

    Without using any command:

    $ kubectl exec -ti test-pod
error: you must specify at least one command for the container

    With using command date, it will use first container from YAML/description of the pod.

    $ kubectl exec -ti test-pod -- date
Defaulting container name to httpd.
Use 'kubectl describe pod/test-pod -n default' to see all of the containers in this pod.
Mon Jan  4 14:06:27 UTC 2021

    Date command with specified pod

    $ kubectl exec -ti test-pod -c busybox -- date
Mon Jan  4 14:06:36 UTC 2021

    Kubectl exec annotation - default container

    In one of the Github enhancements you can find information, that there is plan to introduce this feature in stable kubernetes version (1.23).

    It would looks like:

    kubectl annotate pod test-pod kubectl.kubernetes.io/default-exec-container=<conatinerName>

    Kubectl logs annotation - default container

    Similar feature but regarding logs not exec was introduced in kubectl 1.18. It was mentioned in Github thread. To achieve that you have to add new annotation kubectl.kubernetes.io/default-logs-container=<containerName>

    Scenario my test-pod pod with busybox and httpd

    $ kubectl logs test-pod
error: a container name must be specified for pod test-pod, choose one of: [busybox httpd]

$ kubectl annotate pod test-pod kubectl.kubernetes.io/default-logs-container=httpd
pod/test-pod annotated

$ kubectl logs test-pod
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 10.4.1.12. Set the 'ServerName' directive globally to suppress this message
[Mon Jan 04 14:05:08.191117 2021] [mpm_event:notice] [pid 1:tid 140379730310272] AH00489: Apache/2.4.46 (Unix) configured -- resuming normal operations
[Mon Jan 04 14:05:08.191428 2021] [core:notice] [pid 1:tid 140379730310272] AH00094: Command line: 'httpd -D FOREGROUND'

$ kubectl logs test-pod -c httpd
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 10.4.1.12. Set the 'ServerName' directive globally to suppress this message
[Mon Jan 04 14:05:08.191117 2021] [mpm_event:notice] [pid 1:tid 140379730310272] AH00489: Apache/2.4.46 (Unix) configured -- resuming normal operations
[Mon Jan 04 14:05:08.191428 2021] [core:notice] [pid 1:tid 140379730310272] AH00094: Command line: 'httpd -D FOREGROUND'
    • 3