Cooltainer

Container with useful tools for developers and platform-engineers.

Made to run without issues in rootless environments like OpenShift.

Contains the following tools:

kubectl
virtctl
nats cli/nsc/top
mc (minio-client)
curl
wget
jq
tar
bash
traceroute
openssh
netcat
freeradius
vim
rclone
postgresl16

For an up to date list of available tools, check ./Dockerfile.

Usage

docker

docker run -it ghcr.io/nkzk/cooltainer -- /bin/sh

kubectl

namespace=default
kubectl -n $namespace run -it cooltainer --image=ghcr.io/nkzk/cooltainer:latest /bin/sh

Manifests

Kubernetes: Bare minimum with resource requests/limits

apiVersion: v1
kind: Pod
metadata:
  name: debug
  labels:
    app: debug
  namespace: default # update this
spec:
  containers:
    - name: debug
      image: 'ghcr.io/nkzk/cooltainer:latest'
      resources:
        requests:
          cpu: 5m
          memory: 50Mi
        limits:
          memory: 250Mi # increase if doing memory-intensive tasks

Openshift: with security context (drop all capabilities)

Run as nonroot in OpenShift

apiVersion: v1
kind: Pod
metadata:
  name: debug
  labels:
    app: debug
  namespace: default # update this
spec:
  securityContext:
    runAsNonRoot: true
  containers:
    - name: debug
      image: 'ghcr.io/nkzk/cooltainer:latest'
      resources:
        requests:
          cpu: 5m
          memory: 50Mi
        limits:
          memory: 250Mi # increase if doing memory-intensive tasks
      securityContext:
        seccompProfile:
          type: RuntimeDefault
        allowPrivilegeEscalation: false
        capabilities:
          drop:
            - ALL

Kubernetes: run as group 0

By default OpenShift runs images with a user with group-id 0. The dockerfile is optimized for this. To avoid issues - run it with group-id in other distributions.

apiVersion: v1
kind: Pod
metadata:
  name: debug
  labels:
    app: debug
  namespace: default # update this
spec:
  containers:
    - name: debug
      image: 'ghcr.io/nkzk/cooltainer:latest'
      resources:
        requests:
          cpu: 5m
          memory: 50Mi
        limits:
          memory: 250Mi # increase if doing memory-intensive tasks
      securityContext:
        runAsGroup: 0

Quickly start a debug-pod just by running `debugpod`

Add this to ~/.bashrc

debugpod(){
      if [[ "$#" -eq 1 ]];
      then
        echo "Starting"
        kubectl run -i -t --rm --image=ghcr.io/nkzk/cooltainer:latest --restart=Never debug -n $1 -- /bin/sh
      else
        echo "Illegal number of arguments. Include namespace as argument"
      fi
    }

Source .bashrc: . ~/.bashrc

You can now start a debug-pod in your current kubectl context using the alias/shortcut debugpod.

Name		Name	Last commit message	Last commit date
Latest commit History 177 Commits
.github		.github
functions		functions
CHANGELOG.md		CHANGELOG.md
Dockerfile		Dockerfile
README.md		README.md
profile.sh		profile.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Cooltainer

Usage

docker

kubectl

Manifests

Kubernetes: Bare minimum with resource requests/limits

Openshift: with security context (drop all capabilities)

Kubernetes: run as group 0

Quickly start a debug-pod just by running `debugpod`

About

Uh oh!

Releases 19

Packages

Uh oh!

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

Cooltainer

Usage

docker

kubectl

Manifests

Kubernetes: Bare minimum with resource requests/limits

Openshift: with security context (drop all capabilities)

Kubernetes: run as group 0

Quickly start a debug-pod just by running debugpod

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases 19

Packages 0

Uh oh!

Uh oh!

Contributors

Uh oh!

Languages

Quickly start a debug-pod just by running `debugpod`

Packages