Handy command to remotely capture tcpdump from a K8s container located in Google Kubernetes Engine and then display it (live!) in Wireshark running on your PC:
% gcloud beta compute ssh jumphost --quiet --command='kubectl exec tra-rt-ag1-0 --namespace=app-ns -- sudo /usr/sbin/tcpdump -i any -U --immediate-mode port 16553 or port 16560 or port 16570 -w -' | /Users/jhartman/Tools/Utilities/Wireshark.app/Contents/MacOS/Wireshark -k -i -Pre-requisites:
- Wireshark installed locally in your PC
- Configured gcloud access to the environment
- tcpdump available in the container
- Root or sudo available in the container (if not, a sidecar with tcpdump might be easiest option to get it)
Live Wireshark diameter capturing from K8s container (in Google Kubernetes Engine)