You can enable debug mode for a VM. In debug mode, project members with Owner, Editor, and App Engine Admin roles have root access to the VM. While debug mode is turned on, the automatic rollout of operating system updates and security patches is disabled. However, the VM is still part of the load balancer pool, and continues to receive external requests.
Whenever you enable or disable debugging, a "VM instance debugging enable/disable"
event appears in the Google Cloud Console and the event will be logged in the VM's
/var/log/syslog.log file.
Enabling and disabling debug mode
You can use gcloud to enable and disable debug mode for an
instance.
To enable and disable debug mode in gcloud:
-
Use the gcloud
app instances enable-debug command to debug the VMs for a particular
instance and version, as follows:
gcloud app --project [PROJECT-ID] instances enable-debug
Replace PROJECT-ID with your own project ID, and follow the prompts to specify the instance version to debug. -
When finished debugging, disable debug mode as follows:
gcloud app --project [PROJECT-ID] instances disable-debug
Follow the prompts to specify the instance version
When you disable debug mode, the VM is stopped and a new instance of your app is started, running on a clean, new VM.
Connecting to the instance
Console
To connect to an instance in the console:
- Visit the Cloud Console instances page for your project:
-
Click SSH in the far right of the row containing the instance you
want to access:
This puts the instance into debug mode, and opens an SSH session for the instance in a terminal window.
You can also select different options to start an SSH session from the drop-down list.
- At this point you are in the instance host, which has several containers running in it. See Understanding common containers next for more information about these.
-
In the terminal window, list the containers running in the instance:
sudo docker ps
-
The output of the
sudo docker pscommand lists each container by row; locate the row that contains your project ID: this is the container running your code. Note the NAME of this container. -
Optionally, list logging information for your application by invoking:
sudo docker logs [CONTAINER-NAME]
-
Start a shell in the container that is running your code:
sudo docker exec -it [CONTAINER-NAME] /bin/bash
-
When finished debugging, enter
exitto exit the container, thenexitagain to exit the SSH session. - Disable debugging for your instance to allow it to resume normal operation.
gcloud
To connect to an instance using gcloud:
-
With the instance enabled
for debugging, invoke the command:
gcloud beta app instances --project [PROJECT-ID] ssh [INSTANCE-NAME] --service [SERVICE] --version [VERSION]
- At this point you are in the instance host, which has several containers running. See Understanding common containers next for more information about these.
-
In the terminal window, list the containers running in the instance:
sudo docker ps
-
The output of the
sudo docker pscommand lists each container by row; locate the row that contains your project ID: this is the container running your code. Note the NAME of this container. -
Optionally, list logging information for your application by invoking:
sudo docker logs [CONTAINER-NAME]
-
Start a shell in the container that is running your code:
docker exec -it [CONTAINER-NAME] /bin/bash
-
When finished debugging, enter
exitto exit the container, thenexitagain to exit the SSH session. - Disable debugging for your instance to allow it to resume normal operation.
Understanding common containers
In addition to the container running your application code, your instance may also have the following containers
| Container and Source Code | Open Source Org | Description |
|---|---|---|
| fluentd_logger | fluentd.org/ | Logging agent. |
| memcache_proxy | memcache proxy open source | Provides memcache functionality to the application. |
| nginx_proxy | nginx.org | Proxies requests to the application. |