278

I'm now trying to run a simple container with shell (/bin/bash) on a Kubernetes cluster.

I thought that there was a way to keep a container running on a Docker container by using pseudo-tty and detach option (-td option on docker run command).

For example,

$ sudo docker run -td ubuntu:latest

Is there an option like this in Kubernetes?

I've tried running a container by using a kubectl run-container command like:

kubectl run-container test_container ubuntu:latest --replicas=1

But the container exits for a few seconds (just like launching with the docker run command without options I mentioned above). And ReplicationController launches it again repeatedly.

Is there a way to keep a container running on Kubernetes like the -td options in the docker run command?

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
springwell
  • 2,891
  • 2
  • 11
  • 6
  • 1
    Using this image (as [Kubernetes docs](https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#dns) suggests) is quite handy: `kubectl run curl --image=radial/busyboxplus:curl -i --tty` – Matheus Santana Sep 08 '17 at 15:15
  • 1
    This question has been mentioned at this video: [Kubernetes the very hard way at Datadog](https://youtu.be/2dsCwp_j0yQ?t=2150) with a slide-title of *"Cargo culting*. From wikipedia: The term *cargo cult programmer* may apply when an unskilled or novice computer programmer (or one inexperienced with the problem at hand) copies some program code from one place to another with little or no understanding of how it works or whether it is required in its new position. – tgogos Dec 19 '18 at 13:46
  • 1
    I'll admit that I'm still pretty early in my Kubernetes learning, but mentioning this as Cargo Culting seems unfair. There is a _very_ good reason why you might want a Kubernetes pod to live forever (or, until manually killed) - if you want to test the networking within the cluster using tools, environment, etc. available within a pod. Yes, you _could_ repeatedly spin up short-lived pods executing the commands you want, but isn't it easier to start a persistent pod and start a shell on it? – scubbo Sep 10 '22 at 15:48

14 Answers14

335

Containers are meant to run to completion. You need to provide your container with a task that will never finish. Something like this should work:

apiVersion: v1
kind: Pod
metadata:
  name: ubuntu
spec:
  containers:
  - name: ubuntu
    image: ubuntu:latest
    # Just spin & wait forever
    command: [ "/bin/bash", "-c", "--" ]
    args: [ "while true; do sleep 30; done;" ]
Joel B
  • 12,082
  • 10
  • 61
  • 69
  • 3
    But is this a best practice? – aneesh joshi Mar 19 '19 at 20:31
  • 16
    @aneeshjoshi I wouldn't say this is _best practice_. This is just an example providing a pod that will run without immediately exiting. Best practice is to create your containers to do the job they were designed for (a job that runs to completion, a webserver that runs perpetually, etc.). I posted this as an example because Kubernetes can feel initially frustrating when you keep creating pods only to have the disappear since the default command exits immediately. – Joel B Mar 20 '19 at 19:46
  • @JoelB Thanks. I was wondering what is the "right" way of doing it. – aneesh joshi Mar 21 '19 at 20:22
  • 2
    thanks for this as I am in need of a container that can live for awhile allowing me to enter it. I was trying to do the same with a lighter image than `ubuntu` and tried `bash` image but couldn't get it to work. Any idea how to do the same as this with `bash` image? – cryanbhu May 03 '19 at 02:49
  • 3
    I know this is an old issue; however, Kubernetes is started to support ephemeral containers. link:https://kubernetes.io/docs/concepts/workloads/pods/ephemeral-containers/. These containers have some limitations like resource limits, however they are designed for debugging purposes. – Shubham Singh Mar 26 '20 at 09:28
  • 5
    @cryanbhu For a lighter image, you may use alpine, the container spec can look like: `{"name": "util", "image": "alpine", "command": [ "/bin/sh", "-c", "--" ], "args": [ "while true; do sleep 30; done;" ]}` (only json because the yaml won't format in comments here.) The important bit being `/bin/sh` instead of `/bin/bash`. – bschlueter Jul 31 '20 at 18:49
  • "are meant to run to completion"? – dtc Sep 23 '21 at 16:29
  • should `CMD` command at Dockerfile be a better approach? see [this](https://stackoverflow.com/a/41710589/2042014) ref – Alex Feb 21 '23 at 16:27
  • Can you please explain what "-c --" flags are? I'm curious to learn more about it. – Arsham Arya May 01 '23 at 08:07
  • It's an argument to the BASH shell, telling it that everything after it should be viewed as executable and not flags to the shell. – Joel B May 02 '23 at 12:23
210

You could use this CMD in your Dockerfile:

CMD exec /bin/bash -c "trap : TERM INT; sleep infinity & wait"

This will keep your container alive until it is told to stop. Using trap and wait will make your container react immediately to a stop request. Without trap/wait stopping will take a few seconds.

For busybox based images (used in alpine based images) sleep does not know about the infinity argument. This workaround gives you the same immediate response to a docker stop like in the above example:

CMD exec /bin/sh -c "trap : TERM INT; sleep 9999999999d & wait"
itsafire
  • 5,607
  • 3
  • 37
  • 48
  • 2
    I'm using the same on kubernetes deployment yaml for debugging purposes –  Dec 12 '17 at 03:03
  • this gives me "sleep: invalid number 'infinity'" – arunkjn Jun 25 '18 at 15:52
  • 1
    @arunkjn Thanks for this. You are probably stuck with an image that uses busybox (like alpine images). See the updated answer. – itsafire Jul 04 '18 at 13:35
  • Instead of sleep infinity, just use sleep 999999999d where d indicates days. – user674669 Aug 19 '20 at 21:29
  • Thank you for the info on trapping `TERM`/`INT`! I couldn't understand why my container wasn't stopping correctly, since `sleep` will respond to it from the terminal – Tobias J Jan 29 '21 at 17:00
  • 3
    If someone has working `args` version for Kubernetes YAML that would be superb. UPDATE: Use this: `command: ["/bin/bash"]` and `args: ["-c", "trap : TERM INT; sleep infinity & wait"]` – Tom Raganowicz Mar 23 '21 at 17:45
  • 2
    It's often preferred to use the ["json array"] syntax for CMD. If that's what you need, you could write it this way: `CMD ["/bin/bash", "-c", "exec /bin/bash -c 'trap : TERM INT; sleep 9999999999d & wait'"]` – h3r3 Sep 17 '22 at 01:20
76

A container exits when its main process exits. Doing something like:

docker run -itd debian

to hold the container open is frankly a hack that should only be used for quick tests and examples. If you just want a container for testing for a few minutes, I would do:

docker run -d debian sleep 300

Which has the advantage that the container will automatically exit if you forget about it. Alternatively, you could put something like this in a while loop to keep it running forever, or just run an application such as top. All of these should be easy to do in Kubernetes.

The real question is why would you want to do this? Your container should be providing a service, whose process will keep the container running in the background.

Adrian Mouat
  • 44,585
  • 16
  • 110
  • 102
  • Thank you for your answer. I'm now trying to understand the behavior of containers, with dozens of containers running at the same time. Endless loop and using other heavy command, prevent me to know what is the behavior of containers. That is the reason why I need simple container like only running /bin/bash. – springwell Aug 07 '15 at 17:36
  • For now, I'll try running `cat` without arguments and `top` and `sleep` with argument of large number. – springwell Aug 07 '15 at 17:39
  • 52
    `sleep infinity` works in a lot of cases (not busybox) – Reese Sep 21 '15 at 18:09
  • 1
    There's plenty of reasons to do this. For example, you might deploy your pods with helm releases and injected configuration, which is going to make recreation of similar environments annoying and cumbersome. But having a container with that configuration in cases where the other pods crash/are deleted can be infinitely useful. – Richard Løvehjerte Nov 26 '18 at 14:26
  • Because my _service_ consists of multiple processes. – Константин Ван Aug 05 '19 at 13:15
  • @Adrian: I thought Container is a process inside the Node, which is a VM. I am bit confused with all this basic concept. Even opened a question for this - https://stackoverflow.com/questions/66230733/node-is-a-vm-container-is-a-process-then-how-container-runs-many-processes-et............ if you have got some time to look at it, and answer if it's not too stupid to answer.. – pjj Feb 16 '21 at 19:17
  • 3
    @КонстантинВан Hey, younger me! You want to make a _Pod_ instead! You don't put everything in a single "_container_." – Константин Ван Jun 12 '21 at 21:02
  • 2
    _"The real question is why would you want to do this?"_ - debugging. Maybe your service isn't immediately crashing, so you need to keep the container alive while you check everything internally (by interactively executing a shell, for example). – ProgrammingLlama Aug 11 '21 at 10:04
70

  1. In your Dockerfile use this command:

    CMD ["sh", "-c", "tail -f /dev/null"]

  2. Build your docker image.

  3. Push it to your cluster or similar, just to make sure the image it's available.
  4. kubectl run debug-container -it --image=<your-image>
Soviut
  • 88,194
  • 49
  • 192
  • 260
Radu Gabriel
  • 2,841
  • 23
  • 15
62

In order to keep a POD running it should to be performing certain task, otherwise Kubernetes will find it unnecessary, therefore it stops. There are many ways to keep a POD running.

I have faced similar problems when I needed a POD just to run continuously without doing any useful operation. The following are the two ways those worked for me:

  1. Running sleep command while running the container.
  2. Running an infinite loop inside the container.

Although the first option is easier than the second one and may suffice the requirement, it is not the best option. As, there is a limit as far as the number of seconds you are going to assign in the sleep command. But a container with infinite loop running inside it never exits.

However, I will describe both the ways(Considering you are running busybox container):

1. Sleep Command

apiVersion: v1
kind: Pod
metadata:
  name: busybox
  labels:
    app: busybox
spec:
  containers:
  - name: busybox
    image: busybox
    ports:
    - containerPort: 80
    command: ["/bin/sh", "-ec", "sleep 1000"]

2. Infinite Loop

apiVersion: v1
kind: Pod
metadata:
  name: busybox
  labels:
    app: busybox
spec:
  containers:
  - name: busybox
    image: busybox
    ports:
    - containerPort: 80
    command: ["/bin/sh", "-ec", "while :; do echo '.'; sleep 5 ; done"]

Run the following command to run the pod:

kubectl apply -f <pod-yaml-file-name>.yaml

Hope it helps!

Arbaaz
  • 911
  • 6
  • 9
56

The simplest command as it can be for k8s pod manifest to run container forever:

apiVersion: v1
kind: Pod
metadata:
  name: ubuntu
spec:
  containers:
  - name: ubuntu
    image: ubuntu:latest
    # Just sleep forever
    command: [ "sleep" ]
    args: [ "infinity" ]
Wlodek B.
  • 561
  • 4
  • 4
  • 5
    The most elegant and minimalistic solution. – 9ilsdx 9rvj 0lo Jun 02 '21 at 07:57
  • Getting an error with that exact code ```The Pod "ubuntu" is invalid: spec: Forbidden: pod updates may not change fields other than `spec.containers[*].image`, `spec.initContainers[*].image`, `spec.activeDeadlineSeconds` or `spec.tolerations` (only additions to existing tolerations) ``` – insideClaw Jul 06 '21 at 16:14
  • 1
    It means you're trying to change part of manifest which is immutable (with kubectl apply). Try with `kubectl replace` with optional `--force` flag – Wlodek B. Jul 07 '21 at 08:30
22

My few cents on the subject. Assuming that kubectl is working then the closest command that would be equivalent to the docker command that you mentioned in your question, would be something like this.

$ kubectl run ubuntu --image=ubuntu --restart=Never --command sleep infinity

Above command will create a single Pod in default namespace and, it will execute sleep command with infinity argument -this way you will have a process that runs in foreground keeping container alive.

Afterwords, you can interact with Pod by running kubectl exec command. 

$ kubectl exec ubuntu -it -- bash

This technique is very useful for creating a Pod resource and ad-hoc debugging.

Lukasz Dynowski
  • 11,169
  • 9
  • 81
  • 124
  • 2
    Works great. No need for the `--restart=Never`, just call `kubectl run ubuntu --image=ubuntu -- sleep infinity` – Noam Manos Mar 17 '20 at 15:20
  • or if you want to do old fashioned thicker commands you can always do something like `kubectl run busybox --image=busybox --restart=Never -- /bin/sh -c 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 1; done;'` – iamnicoj Oct 22 '21 at 17:36
15

I was able to get this to work with the command sleep infinity in Kubernetes, which will keep the container open. See this answer for alternatives when that doesn't work.

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Reese
  • 1,746
  • 1
  • 17
  • 40
  • 1
    This does not provide an answer to the question. To critique or request clarification from an author, leave a comment below their post. - [From Review](/review/low-quality-posts/11368189) – Will Feb 24 '16 at 02:47
  • 1
    @Will Sure it does. `sleep infinity` keeps the container open, providing the same type of functionality that the question asks about (for most types of containers). It also provides a link to alternatives for cases when that specific command doesn't work – Reese Feb 24 '16 at 22:07
  • This was from review. If you add the comment text there to the answer then it's a quality answer :) My initial flag/commend was based on saying your comment wasn't successful, making me think this was supposed to be a comment. Added a quick edit and upvoted. – Will Feb 24 '16 at 22:28
  • "...sleep infinity in Kubernetes" is an uninformed statement. It implies that there is no unix and no docker in the picture. – mmla Oct 26 '19 at 01:30
8

Use this command inside you Dockerfile to keep the container running in your K8s cluster:

  • CMD tail -f /dev/null
Omar Khaled
  • 401
  • 6
  • 11
8

add this : in template ->in spec-> in container ->in ports & after container port line

    command: ["/bin/sh", "-ec", "while :; do echo '.'; sleep 6 ; done"]
Maha Hamza
  • 81
  • 1
  • 1
3

In my case, a pod with an initContainer failed to initialize. Running docker ps -a and then docker logs exited-container-id-here gave me a log message which kubectl logs podname didn't display. Mystery solved :-)

Stefan L
  • 1,529
  • 13
  • 20
3

There are many different ways for accomplishing this, but one of the most elegant one is:

kubectl run -i --tty --image ubuntu:latest ubuntu-test --restart=Never --rm /bin/sh
Ivan Aracki
  • 4,861
  • 11
  • 59
  • 73
3

I did a hack by putting it in background:

[root@localhost ~]# kubectl run hello -it --image ubuntu -- bash &
[2] 128461

Exec on pod hello

[root@localhost ~]# kubectl exec -it hello -- whoami
root
[root@localhost ~]# kubectl exec -it hello -- hostname
hello

Getting a shell

[root@localhost ~]# kubectl exec -it hello -- bash
root@hello:/# ls
bin  boot  dev  etc  home  lib  lib32  lib64  libx32  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
Hackaholic
  • 19,069
  • 5
  • 54
  • 72
  • The -it part is what I was missing! So, `kubectl run test-container -it --image alpine -- sh` gave me exactly what I was looking for, a pod with alpine running inside the cluster. Thanks! – jhenriquez Sep 17 '22 at 20:30
0

This command may help

CMD exec /bin/bash -c "trap : TERM INT; sleep i infinity & wait"
Joel Wembo
  • 814
  • 6
  • 10