Merge pull request #98431 from wawa0210/fix-98253

fix kubectl alpha debug node does not work on tainted(NoExecute) nodes
2025-07-23 11:50:44 +00:00 · 2021-07-06 21:04:42 -07:00 · 2021-07-06 21:04:42 -07:00 · 1affd894cf
commit 1affd894cf
parent e1acbbd8fd 3ec63238c5
2 changed files with 49 additions and 16 deletions
--- a/staging/src/k8s.io/kubectl/pkg/cmd/debug/debug.go
+++ b/staging/src/k8s.io/kubectl/pkg/cmd/debug/debug.go
@ -372,7 +372,7 @@ func (o *DebugOptions) Run(f cmdutil.Factory, cmd *cobra.Command) error {
 // Returns an already created pod and container name for subsequent attach, if applicable.
 func (o *DebugOptions) visitNode(ctx context.Context, node *corev1.Node) (*corev1.Pod, string, error) {
 	pods := o.podClient.Pods(o.Namespace)
-	newPod, err := pods.Create(ctx, o.generateNodeDebugPod(node.Name), metav1.CreateOptions{})
+	newPod, err := pods.Create(ctx, o.generateNodeDebugPod(node), metav1.CreateOptions{})
 	if err != nil {
 		return nil, "", err
 	}
@ -518,7 +518,7 @@ func (o *DebugOptions) generateDebugContainer(pod *corev1.Pod) *corev1.Ephemeral

 // generateNodeDebugPod generates a debugging pod that schedules on the specified node.
 // The generated pod will run in the host PID, Network & IPC namespaces, and it will have the node's filesystem mounted at /host.
-func (o *DebugOptions) generateNodeDebugPod(node string) *corev1.Pod {
+func (o *DebugOptions) generateNodeDebugPod(node *corev1.Node) *corev1.Pod {
 	cn := "debugger"
 	// Setting a user-specified container name doesn't make much difference when there's only one container,
 	// but the argument exists for pod debugging so it might be confusing if it didn't work here.
@ -529,9 +529,9 @@ func (o *DebugOptions) generateNodeDebugPod(node string) *corev1.Pod {
 	// The name of the debugging pod is based on the target node, and it's not configurable to
 	// limit the number of command line flags. There may be a collision on the name, but this
 	// should be rare enough that it's not worth the API round trip to check.
-	pn := fmt.Sprintf("node-debugger-%s-%s", node, nameSuffixFunc(5))
+	pn := fmt.Sprintf("node-debugger-%s-%s", node.Name, nameSuffixFunc(5))
 	if !o.Quiet {
-		fmt.Fprintf(o.Out, "Creating debugging pod %s with container %s on node %s.\n", pn, cn, node)
+		fmt.Fprintf(o.Out, "Creating debugging pod %s with container %s on node %s.\n", pn, cn, node.Name)
 	}

 	p := &corev1.Pod{
@ -559,7 +559,7 @@ func (o *DebugOptions) generateNodeDebugPod(node string) *corev1.Pod {
 			HostIPC:       true,
 			HostNetwork:   true,
 			HostPID:       true,
-			NodeName:      node,
+			NodeName:      node.Name,
 			RestartPolicy: corev1.RestartPolicyNever,
 			Volumes: []corev1.Volume{
 				{
@ -569,6 +569,11 @@ func (o *DebugOptions) generateNodeDebugPod(node string) *corev1.Pod {
 					},
 				},
 			},
+			Tolerations: []corev1.Toleration{
+				{
+					Operator: corev1.TolerationOpExists,
+				},
+			},
 		},
 	}

--- a/staging/src/k8s.io/kubectl/pkg/cmd/debug/debug_test.go
+++ b/staging/src/k8s.io/kubectl/pkg/cmd/debug/debug_test.go
@ -18,13 +18,13 @@ package debug

 import (
 	"fmt"
+	"github.com/spf13/cobra"
 	"strings"
 	"testing"
 	"time"

 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-cmp/cmp/cmpopts"
-	"github.com/spf13/cobra"
 	corev1 "k8s.io/api/core/v1"
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@ -1027,13 +1027,18 @@ func TestGenerateNodeDebugPod(t *testing.T) {
 	}

 	for _, tc := range []struct {
-		name, nodeName string
-		opts           *DebugOptions
-		expected       *corev1.Pod
+		name     string
+		node     *corev1.Node
+		opts     *DebugOptions
+		expected *corev1.Pod
 	}{
 		{
-			name:     "minimum options",
-			nodeName: "node-XXX",
+			name: "minimum options",
+			node: &corev1.Node{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "node-XXX",
+				},
+			},
 			opts: &DebugOptions{
 				Image:      "busybox",
 				PullPolicy: corev1.PullIfNotPresent,
@ -1070,12 +1075,21 @@ func TestGenerateNodeDebugPod(t *testing.T) {
 							},
 						},
 					},
+					Tolerations: []corev1.Toleration{
+						{
+							Operator: corev1.TolerationOpExists,
+						},
+					},
 				},
 			},
 		},
 		{
-			name:     "debug args as container command",
-			nodeName: "node-XXX",
+			name: "debug args as container command",
+			node: &corev1.Node{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "node-XXX",
+				},
+			},
 			opts: &DebugOptions{
 				Args:       []string{"/bin/echo", "one", "two", "three"},
 				Container:  "custom-debugger",
@ -1115,12 +1129,21 @@ func TestGenerateNodeDebugPod(t *testing.T) {
 							},
 						},
 					},
+					Tolerations: []corev1.Toleration{
+						{
+							Operator: corev1.TolerationOpExists,
+						},
+					},
 				},
 			},
 		},
 		{
-			name:     "debug args as container args",
-			nodeName: "node-XXX",
+			name: "debug args as container args",
+			node: &corev1.Node{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "node-XXX",
+				},
+			},
 			opts: &DebugOptions{
 				ArgsOnly:   true,
 				Container:  "custom-debugger",
@ -1161,6 +1184,11 @@ func TestGenerateNodeDebugPod(t *testing.T) {
 							},
 						},
 					},
+					Tolerations: []corev1.Toleration{
+						{
+							Operator: corev1.TolerationOpExists,
+						},
+					},
 				},
 			},
 		},
@ -1169,7 +1197,7 @@ func TestGenerateNodeDebugPod(t *testing.T) {
 			tc.opts.IOStreams = genericclioptions.NewTestIOStreamsDiscard()
 			suffixCounter = 0

-			pod := tc.opts.generateNodeDebugPod(tc.nodeName)
+			pod := tc.opts.generateNodeDebugPod(tc.node)
 			if diff := cmp.Diff(tc.expected, pod); diff != "" {
 				t.Error("unexpected diff in generated object: (-want +got):\n", diff)
 			}