Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extract cgroup in bpf programs #240

Merged
merged 13 commits into from
Feb 1, 2024
Merged

Extract cgroup in bpf programs #240

merged 13 commits into from
Feb 1, 2024

Conversation

banditopazzo
Copy link
Member

@banditopazzo banditopazzo commented Jan 16, 2024
edited
Loading

This PR wants to change the way cgroups are collected for processes at runtime.

The idea is to move cgroup extraction to BPF because procfs is not reliable.

remaining tasks

vadorovsky
vadorovsky requested changes Jan 17, 2024
View reviewed changes
Copy link
Member

@vadorovsky vadorovsky left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Amazing stuff! Just couple of comments. And since the podman PR is merged, let's rebase this one with main?

crates/modules/process-monitor/probes.bpf.c Outdated Show resolved Hide resolved
crates/modules/process-monitor/probes.bpf.c Outdated Show resolved Hide resolved
crates/modules/process-monitor/probes.bpf.c Outdated Show resolved Hide resolved
crates/modules/process-monitor/probes.bpf.c Outdated Show resolved Hide resolved
@banditopazzo banditopazzo force-pushed the improve-container-support branch from c8a9fc9 to 7f296f9 Compare January 29, 2024 09:20
@banditopazzo banditopazzo mentioned this pull request Jan 29, 2024
Merged
vadorovsky and others added 5 commits January 29, 2024 12:35
@vadorovsky @banditopazzo
fix: Handle libpod rootless containers, use sqlite as the source of info
c341dbb 
Before this change, we were using `podman inspect` command to get
information about libpod containers. But since Pulsar is running as
root, using CLI is not going to show any information about rootless
containers.

This is fixed by using sqlite (which is used internally by libpod)
and `images.json` file to resolve all necessary information about
containers. To handle rootless containers gracefully, we check
whether any user with their own home directory has a libpod database.
@banditopazzo
feat(bpf-common): add boltdb support to libpod container id resolve
0b29f65
@vadorovsky @banditopazzo
fix(bpf-common): Handle a libpod cgroup name from Fedora 39
483ba3e 
On such system, the following cgroup info was found:

```
0::/machine.slice/libpod-conmon-551ccf517b3394[...].scope
```

Handle it in our regular expression.
@vadorovsky @banditopazzo
chore: Fix clippy errors
014d850
@vadorovsky @banditopazzo
build: Use libsqlite3-sys with bundled sqlite3
ef3856d
@banditopazzo banditopazzo force-pushed the improve-container-support branch 5 times, most recently from 6bc2d74 to cb6ab46 Compare January 29, 2024 18:05
@banditopazzo banditopazzo force-pushed the improve-container-support branch from cb6ab46 to 78a962f Compare January 30, 2024 14:30
vadorovsky
vadorovsky approved these changes Jan 31, 2024
View reviewed changes
Copy link
Member

@vadorovsky vadorovsky left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just one nit, otherwise looks good 👍 I can also confirm that it works for me (with docker, podman and sudo podman). I would say - feel free to merge after addressing my comment about panic.

crates/modules/process-monitor/src/lib.rs Outdated Show resolved Hide resolved
crates/modules/process-monitor/src/lib.rs Outdated Show resolved Hide resolved
@banditopazzo banditopazzo marked this pull request as ready for review February 1, 2024 09:14
@banditopazzo banditopazzo merged commit a2bba2d into main Feb 1, 2024
17 checks passed
@banditopazzo banditopazzo deleted the improve-container-support branch February 15, 2024 11:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vadorovsky vadorovsky vadorovsky approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@banditopazzo @vadorovsky