containerd 进入 nsenter

nerdctl namespace list

nerdctl ps --namespace k8s.io

nerdctl inspect cc4c313a70be --namespace k8s.io -f '{{.State.Pid}}'

nsenter -t $PID -n

~ $ nsenter -h

Usage:
 nsenter [options] [<program> [<argument>...]]

Run a program with namespaces of other processes.

Options:
- a, --all              enter all namespaces
- t, --target <pid>     target process to get namespaces from
- m, --mount[=<file>]   enter mount namespace
- u, --uts[=<file>]     enter UTS namespace (hostname etc)
- i, --ipc[=<file>]     enter System V IPC namespace
- n, --net[=<file>]     enter network namespace
- p, --pid[=<file>]     enter pid namespace
- C, --cgroup[=<file>]  enter cgroup namespace
- U, --user[=<file>]    enter user namespace
- S, --setuid <uid>     set uid in entered namespace
- G, --setgid <gid>     set gid in entered namespace
     --preserve-credentials do not touch uids or gids
- r, --root[=<dir>]     set the root directory
- w, --wd[=<dir>]       set the working directory
- F, --no-fork          do not fork before exec'ing <program>
- Z, --follow-context   set SELinux context according to --target PID
- h, --help             display this help
- V, --version          display version

For more details see nsenter(1).