Welcome to Netshoot

                    dP            dP                           dP   
                    88            88                           88   
88d888b. .d8888b. d8888P .d8888b. 88d888b. .d8888b. .d8888b. d8888P 
88'  `88 88ooood8   88   Y8ooooo. 88'  `88 88'  `88 88'  `88   88   
88    88 88.  ...   88         88 88    88 88.  .88 88.  .88   88   
dP    dP `88888P'   dP   `88888P' dP    dP `88888P' `88888P'   dP

Netshoot is a powerful, containerized toolkit designed to be a swiss-army knife for network troubleshooting in Docker and Kubernetes environments.

The Problem

Troubleshooting network issues in containerized environments can be complex. Production containers are often stripped of basic tools like ping or tcpdump for security and size reasons. Installing tools on-the-fly into a running container is often difficult or impossible, and installing them on the host can lead to configuration drift and maintenance overhead.

The Solution

Netshoot solves this by packaging a comprehensive set of networking tools into a single, portable Docker container. It allows you to attach to the network namespace of a problematic container, a Kubernetes pod, or even the host itself, giving you access to a rich diagnostic toolkit without altering your application's environment.

Core Concept: Network Namespaces

A key Linux feature that Netshoot leverages is Network Namespaces. Network namespaces provide isolation for network-related system resources. Each container or Kubernetes pod has its own isolated network stack, including network interfaces, IP addresses, routing tables, and firewall rules.

Netshoot's power comes from its ability to enter and share these namespaces. You can run Netshoot in the same network context as your application, allowing you to inspect its traffic and connectivity as if you were inside it, but with a full suite of tools at your disposal.

Key Features

  • Rich Toolset: Includes dozens of standard and advanced networking tools, from ping and iperf to tshark and nmap. See the Included Tools Reference for a full list.
  • Container-First: Designed specifically for troubleshooting containers and microservices.
  • Versatile: Works seamlessly with Docker, Docker Compose, and Kubernetes.
  • Non-Intrusive: Troubleshoot running applications without modifying their containers or installing packages on hosts.
  • Multi-Arch: Supports both linux/amd64 and linux/arm64 architectures.