#sidecar example
apiVersion: v1
kind: Pod
metadata:
name: pod-with-sidecar-same
spec:
shareProcessNamespace: true
containers:
# Main application container
- name: app-container
securityContext:
runAsUser: 1000
runAsGroup: 1000
image: python
command: ["/bin/sh"]
args: ["-c", "while true; do date >> /var/log/app.txt; sleep 6;done"]
# Sidecar container
- name: sidecar-container
securityContext:
runAsUser: 1000
runAsGroup: 1000
image: ubuntu
command: ["/bin/sh"]
args: ["-c", "while true; do date >> /var/log/app.txt; sleep 5;done"]
➜ coss kubectl exec -it pod-with-sidecar-same -c app-container /bin/bash
I have no name!@pod-with-sidecar-same:/$ id
uid=1000 gid=1000 groups=1000
I have no name!@pod-with-sidecar-same:/$ ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 1024 4 ? Ss 03:45 0:00 /pause
1000 7 0.0 0.0 2388 696 ? Ss 03:45 0:00 /bin/sh -c while true; do date >> /var/log/app.txt; sleep 6;done
1000 14 0.0 0.0 4628 832 ? Ss 03:45 0:00 /bin/sh -c while true; do date >> /var/log/app.txt; sleep 5;done
1000 20 0.0 0.0 4532 788 ? S 03:45 0:00 sleep 5
1000 21 0.0 0.1 5752 3572 pts/0 Ss 03:45 0:00 /bin/bash
1000 28 0.0 0.0 4048 684 ? S 03:45 0:00 sleep 6
1000 29 0.0 0.1 9392 3036 pts/0 R+ 03:45 0:00 ps aux
I have no name!@pod-with-sidecar-same:/$ cat /proc/14/maps
56296b5d7000-56296b5f3000 r-xp 00000000 fd:01 7318738 /bin/dash
56296b7f2000-56296b7f4000 r--p 0001b000 fd:01 7318738 /bin/dash
56296b7f4000-56296b7f5000 rw-p 0001d000 fd:01 7318738 /bin/dash
56296b7f5000-56296b7f7000 rw-p 00000000 00:00 0
56296d5ab000-56296d5cc000 rw-p 00000000 00:00 0 [heap]
7fce50ef8000-7fce510df000 r-xp 00000000 fd:01 7319064 /lib/x86_64-linux-gnu/libc-2.27.so
7fce510df000-7fce512df000 ---p 001e7000 fd:01 7319064 /lib/x86_64-linux-gnu/libc-2.27.so
7fce512df000-7fce512e3000 r--p 001e7000 fd:01 7319064 /lib/x86_64-linux-gnu/libc-2.27.so
7fce512e3000-7fce512e5000 rw-p 001eb000 fd:01 7319064 /lib/x86_64-linux-gnu/libc-2.27.so
7fce512e5000-7fce512e9000 rw-p 00000000 00:00 0
7fce512e9000-7fce51310000 r-xp 00000000 fd:01 7319046 /lib/x86_64-linux-gnu/ld-2.27.so
7fce5150c000-7fce5150e000 rw-p 00000000 00:00 0
7fce51510000-7fce51511000 r--p 00027000 fd:01 7319046 /lib/x86_64-linux-gnu/ld-2.27.so
7fce51511000-7fce51512000 rw-p 00028000 fd:01 7319046 /lib/x86_64-linux-gnu/ld-2.27.so
7fce51512000-7fce51513000 rw-p 00000000 00:00 0
7ffd253e1000-7ffd25402000 rw-p 00000000 00:00 0 [stack]
7ffd255e1000-7ffd255e4000 r--p 00000000 00:00 0 [vvar]
7ffd255e4000-7ffd255e6000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
I have no name!@pod-with-sidecar-same:/$
#sidecar example
apiVersion: v1
kind: Pod
metadata:
name: pod-with-sidecar-diff
spec:
shareProcessNamespace: true
containers:
# Main application container
- name: app-container
securityContext:
runAsUser: 1000
runAsGroup: 1000
image: python
command: ["/bin/sh"]
args: ["-c", "while true; do date >> /var/log/app.txt; sleep 6;done"]
# Sidecar container
- name: sidecar-container
image: ubuntu
command: ["/bin/sh"]
args: ["-c", "while true; do date >> /var/log/app.txt; sleep 5;done"]➜ coss kubectl exec -it pod-with-sidecar-diff -c sidecar-container /bin/bash
root@pod-with-sidecar-diff:/# id
uid=0(root) gid=0(root) groups=0(root)
root@pod-with-sidecar-diff:/# ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 1024 4 ? Ss 03:48 0:00 /pause
1000 7 0.0 0.0 2388 756 ? Ss 03:48 0:00 /bin/sh -c while true; do date >> /var/log/app.txt; sleep 6;done
root 13 0.0 0.0 4628 812 ? Ss 03:48 0:00 /bin/sh -c while true; do date >> /var/log/app.txt; sleep 5;done
root 33 0.0 0.1 18508 3368 pts/0 Ss 03:48 0:00 /bin/bash
1000 47 0.0 0.0 4048 684 ? S 03:48 0:00 sleep 6
root 49 0.0 0.0 4532 820 ? S 03:48 0:00 sleep 5
root 50 0.0 0.1 34400 2880 pts/0 R+ 03:48 0:00 ps aux
root@pod-with-sidecar-diff:/# cat /proc/7/maps
cat: /proc/7/maps: Permission denied
root@pod-with-sidecar-diff:/#
