Use more than a dozen lines of scripts to execute commands in the container network namespace and to execute host space commands
Usually there is no in the containernetstat tcpdumpNamed, evenipNone.
When you need to troubleshoot network problems in the container, you can only temporarily download these commands, which is a waste of time to operate.
Generally speaking, there are more commands carried by the host, so the host's commands can be used to observe the network status in the container.
- Use docker inspect to find the namespace path of the container
- Use the ip command to switch namespaces and execute commands
ip netns can only recognize namespaces in /var/run/netns
#!/bin/bash
container_name=${@:1:1}
command=${@:2}
if [ -z "$container_name" ]; then
echo "Usage: $0 <container_name> <command>"
exit 1
fi
if [ -z "$command" ]; then
echo "Usage: $0 <container_name> <command>"
exit 1
fi
exec_inside_container() {
set -e
sandbox_key=$(docker inspect $container_name --format '{{ . }}')
netns_name=$1-$(basename $sandbox_key)
set +e
rm -f /var/run/netns/$netns_name
ln -s $sandbox_key /var/run/netns/$netns_name
ip netns exec $netns_name $command
rm -f /var/run/netns/$netns_name
}
exec_inside_container $container_name $command
How to use: View network card information in the container in the host
$ ./ ubuntu ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
1116: eth0@if1117: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever