From 96b9e0f80e8f1921123d36a3e6396cb22e50a89e Mon Sep 17 00:00:00 2001
From: Paul Payne <paul@payne.io>
Date: Mon, 5 May 2025 09:40:00 -0700
Subject: [PATCH] Add netdebug script and Kubernetes configuration for
 debugging pod

---
 bin/netdebug                             | 39 +++++++++++++
 infrastructure_setup/utils/netdebug.yaml | 71 ++++++++++++++++++++++++
 2 files changed, 110 insertions(+)
 create mode 100755 bin/netdebug
 create mode 100644 infrastructure_setup/utils/netdebug.yaml

diff --git a/bin/netdebug b/bin/netdebug
new file mode 100755
index 0000000..15c05dd
--- /dev/null
+++ b/bin/netdebug
@@ -0,0 +1,39 @@
+#!/bin/bash
+set -e
+
+# First, ensure netdebug pod is installed
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+REPO_DIR="$(dirname "$SCRIPT_DIR")"
+
+# Source environment variables
+if [ -f "$REPO_DIR/load-env.sh" ]; then
+  source "$REPO_DIR/load-env.sh"
+fi
+
+# Check if netdebug is installed, if not deploy it
+if ! kubectl get namespace debug >/dev/null 2>&1; then
+  echo "Setting up netdebug pod..."
+  kubectl apply -f "$REPO_DIR/infrastructure_setup/utils/netdebug.yaml"
+  echo "Waiting for netdebug pod to be ready..."
+  sleep 5
+fi
+
+# Get the netdebug pod name
+NETDEBUG_POD=$(kubectl get pods -n debug -l app=netdebug -o jsonpath='{.items[0].metadata.name}' 2>/dev/null)
+
+if [ -z "$NETDEBUG_POD" ]; then
+  echo "Waiting for netdebug pod to start..."
+  kubectl get pods -n debug
+  exit 1
+fi
+
+# If arguments provided, run them as a command on the container
+if [ $# -gt 0 ]; then
+  kubectl exec -it -n debug "$NETDEBUG_POD" -- "$@"
+else
+  # Otherwise attach to the container with a shell
+  echo "Attaching to netdebug pod ($NETDEBUG_POD)..."
+  echo "Type 'exit' to detach"
+  echo ""
+  kubectl exec -it -n debug "$NETDEBUG_POD" -- /bin/bash
+fi
\ No newline at end of file
diff --git a/infrastructure_setup/utils/netdebug.yaml b/infrastructure_setup/utils/netdebug.yaml
new file mode 100644
index 0000000..3cc495f
--- /dev/null
+++ b/infrastructure_setup/utils/netdebug.yaml
@@ -0,0 +1,71 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: debug
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: netdebug
+  namespace: debug
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: netdebug
+subjects:
+- kind: ServiceAccount
+  name: netdebug
+  namespace: debug
+roleRef:
+  kind: ClusterRole
+  name: cluster-admin
+  apiGroup: rbac.authorization.k8s.io
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: netdebug
+  namespace: debug
+  labels:
+    app: netdebug
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: netdebug
+  template:
+    metadata:
+      labels:
+        app: netdebug
+    spec:
+      serviceAccountName: netdebug
+      containers:
+      - name: netdebug
+        image: nicolaka/netshoot:latest
+        command: ["/bin/bash"]
+        args: ["-c", "while true; do sleep 3600; done"]
+        resources:
+          limits:
+            cpu: 200m
+            memory: 256Mi
+          requests:
+            cpu: 100m
+            memory: 128Mi
+        securityContext:
+          privileged: true
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: netdebug
+  namespace: debug
+spec:
+  selector:
+    app: netdebug
+  ports:
+  - port: 22
+    targetPort: 22
+    name: ssh
+  type: ClusterIP
\ No newline at end of file