Kubernetes toolbox in a pod, with Sysdig and friends

kubectl apply -f https://raw.githubusercontent.com/virtuslab/ergaleia/master/kubernetes/ergaleia.yaml
kubectl exec -n toolbox -it ergaleia-0 bash

Note: to use with PodSecurityPolicy you need to provide a priviledged policy and role shown in privileged-psp.yaml

When you are done with ergaleia you the best way to remove it is be running:

kubectl delete -f https://raw.githubusercontent.com/virtuslab/ergaleia/master/kubernetes/ergaleia.yaml

To run csysdig with a Kubernetes service token, here's an alias:

ksysdig

The command will get its credentials from the service token, no special configuration needed:

kubectl version

The image is based on Debian, so if there's anything missing just use apt.

Most important pre-installed commands:

• sysdig and csysdig
• kubectl
• docker

Other selected pre-installed commands:

• vim
• curl
• gcc
• less
• dig and nslookup
• telnet
• tcpdump
• traceroute
• tracepath
• nmap
• wget
• socat
• ssh
• git

make docker-build -e KUBERNETES_VERSION=stable DOCKER_REGISTRY=custom.example.com REPO=my/ergaleia
docker login
make docker-push -e KUBERNETES_VERSION=stable DOCKER_REGISTRY=custom.example.com REPO=my/ergaleia

• kubectl dig plugin