Debugging Chainguard Containers

Course 10 of 14 in Chainguard Containers Onboarding Guide

Learn practical strategies to debug Chainguard’s minimal, secure container images in Docker and Kubernetes—without breaking their security model.

Cancel Apply

rate limit

Code not recognized.

About this course

Chainguard containers are secure, minimal images that strip away shells and debugging tools, making traditional troubleshooting approaches difficult. In this hands-on course, you’ll learn how to work around these constraints using debug containers, -dev image variants, CLI tools, and Kubernetes ephemeral containers. By the end, you’ll be equipped with practical techniques and best practices to confidently debug and troubleshoot Chainguard containers locally and in production environments.

By the end of this course, you will be able to:

  • Explain why Chainguard containers are designed without shells and traditional debugging tools.
  • Apply container debugging techniques in Docker using namespace-sharing, debug variants, and CLI tools.
  • Use kubectl debug and ephemeral containers to troubleshoot workloads in Kubernetes.
  • Distinguish between development-time debugging practices (e.g., using -dev images) and secure production debugging workflows.
  • Apply best practices for balancing security with effective debugging, including preparing custom debug containers and documenting runbooks.
Course Details

  • Software Engineers, DevOps, teams

  • 45-60 min

  • 9 Lessons

 

Curriculum

  • Welcome and Introduction
  • Recap: What Are Chainguard Containers?
  • The Debugging Challenge
  • 🛠️ Demo: Local Debugging in Docker
  • 🛠️ Demo: Local Debugging in Docker Desktop
  • Kubernetes Debugging Techniques
  • 🛠️ Demo: Kubernetes Debugging
  • Best Practices
  • Conclusion and Next Steps

About this course

Chainguard containers are secure, minimal images that strip away shells and debugging tools, making traditional troubleshooting approaches difficult. In this hands-on course, you’ll learn how to work around these constraints using debug containers, -dev image variants, CLI tools, and Kubernetes ephemeral containers. By the end, you’ll be equipped with practical techniques and best practices to confidently debug and troubleshoot Chainguard containers locally and in production environments.

By the end of this course, you will be able to:

  • Explain why Chainguard containers are designed without shells and traditional debugging tools.
  • Apply container debugging techniques in Docker using namespace-sharing, debug variants, and CLI tools.
  • Use kubectl debug and ephemeral containers to troubleshoot workloads in Kubernetes.
  • Distinguish between development-time debugging practices (e.g., using -dev images) and secure production debugging workflows.
  • Apply best practices for balancing security with effective debugging, including preparing custom debug containers and documenting runbooks.
Course Details

  • Software Engineers, DevOps, teams

  • 45-60 min

  • 9 Lessons

 

Curriculum

  • Welcome and Introduction
  • Recap: What Are Chainguard Containers?
  • The Debugging Challenge
  • 🛠️ Demo: Local Debugging in Docker
  • 🛠️ Demo: Local Debugging in Docker Desktop
  • Kubernetes Debugging Techniques
  • 🛠️ Demo: Kubernetes Debugging
  • Best Practices
  • Conclusion and Next Steps
Course

Learn the tools and fundamentals of vulnerability management and why it's critical that every developer understand it.