Sometimes it is useful to capture packet traffic of running applications for troubleshooting purposes. However, Most images used for applications do not include these networking tools. In addition, permissions to run an administrative command like tcpdump are not given by default to serviceAccounts or Users in OSD.
The following procedure will create a sample application, assign the necessary permissions to run tcpdump as a sidecar container, and load the sidecar in our example application.
This procedure works well for OSD clusters, where the cluster owner only has access to the dedicated-admin role and he wishes to assign other users/serviceAccounts permissions to capture traffic at the pod level.
Openshift Dedicated (OSD) v4+
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.