What would you like to be added: Targeting individual container namespaces using ephemeral containers
Why is this needed: Currently ephemeral containers get the default namespaces for the pod: if shareProcessNamespace is set the ephemeral container runs in the shared process namespace, otherwise it gets an isolated process namespace.
Running in the same process namespace as a target container is really useful for debugging, though, and the ephemeral containers KEP contains a provision for this. This issue is to track its implementation.
/sig node
What would you like to be added: Targeting individual container namespaces using ephemeral containers
Why is this needed: Currently ephemeral containers get the default namespaces for the pod: if
shareProcessNamespaceis set the ephemeral container runs in the shared process namespace, otherwise it gets an isolated process namespace.Running in the same process namespace as a target container is really useful for debugging, though, and the ephemeral containers KEP contains a provision for this. This issue is to track its implementation.
/sig node