Add description about custom profile (#48154)

* Add custom profile * fix1 * fix2 * fix3 * fix4
kubernetes · Nov 17, 2024 · 958ed3b · 958ed3b
1 parent 25c3672
commit 958ed3b
Showing 1 changed file with 72 additions and 2 deletions.
diff --git a/content/en/docs/tasks/debug/debug-application/debug-running-pod.md b/content/en/docs/tasks/debug/debug-application/debug-running-pod.md
@@ -640,14 +640,17 @@ Don't forget to clean up the debugging Pod when you're finished with it:
 kubectl delete pod node-debugger-mynode-pdx84
 ```
 
-## Debugging Profiles {#debugging-profiles}
+## Debugging a Pod or Node while applying a profile {#debugging-profiles}
 
 When using `kubectl debug` to debug a node via a debugging Pod, a Pod via an ephemeral container, 
-or a copied Pod, you can apply a debugging profile to them using the `--profile` flag.
+or a copied Pod, you can apply a profile to them.
 By applying a profile, specific properties such as [securityContext](/docs/tasks/configure-pod-container/security-context/)
 are set, allowing for adaptation to various scenarios.
+There are two types of profiles, static profile and custom profile.
 
+### Applying a Static Profile {#static-profile}
 
+A static profile is a set of predefined properties, and you can apply them using the `--profile` flag.
 The available profiles are as follows:
 
 | Profile      | Description                                                     |
@@ -718,3 +721,70 @@ Clean up the Pod when you're finished with it:
 ```shell
 kubectl delete pod myapp
 ```
+
+### Applying Custom Profile {#custom-profile}
+
+{{< feature-state for_k8s_version="v1.31" state="beta" >}}
+
+You can define a partial container spec for debugging as a custom profile in either YAML or JSON format, 
+and apply it using the `--custom` flag.
+
+{{< note >}}
+Custom profile only supports the modification of the container spec, 
+but modifications to `name`, `image`, `command`, `lifecycle` and `volumeDevices` fields of the container spec 
+are not allowed.
+It does not support the modification of the Pod spec.
+{{< /note >}}
+
+Create a Pod named myapp as an example:
+
+```shell
+kubectl run myapp --image=busybox:1.28 --restart=Never -- sleep 1d
+```
+
+Create a custom profile in YAML or JSON format.
+Here, create a YAML format file named `custom-profile.yaml`:
+
+```yaml
+env:
+- name: ENV_VAR_1
+  value: value_1
+- name: ENV_VAR_2
+  value: value_2
+securityContext:
+  capabilities:
+    add:
+    - NET_ADMIN
+    - SYS_TIME
+
+```
+
+Run this command to debug the Pod using an ephemeral container with the custom profile:
+
+```shell
+kubectl debug -it myapp --image=busybox:1.28 --target=myapp --profile=general --custom=custom-profile.yaml
+```
+
+You can check that the ephemeral container has been added to the target Pod with the custom profile applied:
+
+```shell
+kubectl get pod myapp -o jsonpath='{.spec.ephemeralContainers[0].env}'
+```
+
+```
+[{"name":"ENV_VAR_1","value":"value_1"},{"name":"ENV_VAR_2","value":"value_2"}]
+```
+
+```shell
+kubectl get pod myapp -o jsonpath='{.spec.ephemeralContainers[0].securityContext}'
+```
+
+```
+{"capabilities":{"add":["NET_ADMIN","SYS_TIME"]}}
+```
+
+Clean up the Pod when you're finished with it:
+
+```shell
+kubectl delete pod myapp
+```