free counter
Science And Nature

How exactly to Run Commands Inside Kubernetes Pod Containers

Graphic showing the Kubernetes logo

Applications running in Kubernetes are usually long-lived services that you dont have to connect to. Sometimes you might like to manually run a command in the container though, perhaps for a one-off maintenance operation or even to assist a debugging procedure.

In this post well show how exactly to run commands and obtain interactive shell sessions inside Kubernetes containers. This can enable you to start processes in the container making use of your local terminal. Its fully integrated with Kubernetes and its own Kubectl CLI, which means you dont need to pollute your container images having an SSH daemon to enables remote access.

Using Kubectl Exec

kubectl exec executes a command in the running container. It gets the following basic syntax:

$ kubectl exec demo-pod -- demo-command

This can run demo-command in the first container of the demo-pod Pod. The command is executed with root privileges.

Additional flags are essential to create an interactive terminal session:

  • --stdin (-i) Pass your terminals standard input stream in to the container.
  • --tty (-t) Mark the typical input stream as a TTY, rendering it interactive.

Heres a good example of obtaining a shell to the initial container in a Pod:

$ kubectl exec -it demo-pod -- /bin/sh

Everything following the -- becomes portion of the command thats executed in the container. kubectl exec ignores the containers default entrypoint, instead launching a fresh process with the command you specify. You shouldnt wrap the command with quotation marks ("/bin/sh") unless youd utilize them normally when running the command locally.

Selecting a Different Container

kubectl exec connects to the Pods default container when no other arguments receive. The default container may be the one with the annotation. This is the initial container in the Pod if youve not manually added the annotation to any.

Heres a Pod that runs two containers:

apiVersion: v1kind: Podmetadata:   name: demo-podspec:   containers:     - name: app-container      image: nginx:latest    - name: sidecar-container      image: busybox:latest

It is possible to run a command in the sidecar-container with the addition of the -c flag to kubectl exec:

$ kubectl exec --it demo-pod -c sidecar-container -- /bin/sh

Looking forward to Pods to Be Running

Kubectl will wait one minute for the Pod to be Running if its containers havent already started once you run the exec command. This timeout value could be changed with the --pod-running-timeout flag. Its useful when you wish to perform a command straight after developing a new Pod, when it could not need been scheduled to a Node.

$ kubectl exec --pod-running-timeout=5m demo-pod -- demo-command


kubectl exec is most beneficial reserved for specialist situations where you will need to directly connect to a containers filesystem. You could utilize it to gain access to logs or caches following a problem or even to run an infrequently used housekeeping script thats provided in a container image.

Although kubectl exec enables you to run any command, you need to avoid dramatically modifying the containers environment. This may cause the container to drift from the expected state. Containers shouldnt normally require intervention so usage of kubectl exec inside production environments usually signals that somethings gone wrong.

Dont utilize this command to set up packages or apply updates in the container. This type of operation ought to be handled because they build a fresh container image which includes the changes, then replacing your Kubernetes Pods with ones that run the revised build. Third , principle ensures your changes wont be lost once the Pod restarts and reverts to its container images filesystem. Maintaining your containers immutable also guarantees they could be reliably reproduced from their images, which enhances reliability and simple debugging.


Owning a one-off command in the Kubernetes container enables you to debug issues, perform maintenance tasks, and inspect the containers filesystem. In each one of these situations, you may use kubectl exec to obtain a link with a container.

Adding the -it flag combination will forward your terminals standard input stream as a TTY, providing an interactive shell session. This wont continually be necessary based on the command you need to use: if it only produces output, without requiring any input, it is possible to safely omit the flags.

Read More

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker