containers

package
v0.22.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 10, 2024 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrContainerFSUnreachable = errors.New("container file system is unreachable in mount namespace because there are not living children")
	ErrNonAbsolutePath        = errors.New("file path is not absolute in its container mount point")
)

Functions

func GetContainerIdFromTaskDir

func GetContainerIdFromTaskDir(taskPath string) (string, error)

GetContainerIdFromTaskDir gets a containerID from a given task or process directory path.

func RuntimeInfoService added in v0.8.0

func RuntimeInfoService(sockets runtime.Sockets) runtimeInfoService

RuntimeInfoService initializes a service which can register enrichers for container runtimes

Types

type CgroupInfo

type CgroupInfo struct {
	Path          string
	Container     cruntime.ContainerMetadata
	Runtime       cruntime.RuntimeId
	ContainerRoot bool // is the cgroup directory the root of its container
	Ctime         time.Time
	Dead          bool // is the cgroup deleted
	// contains filtered or unexported fields
}

CgroupInfo represents a cgroup dir (might describe a container cgroup dir).

type ContainerPathResolver added in v0.12.0

type ContainerPathResolver struct {
	// contains filtered or unexported fields
}

ContainerPathResolver generates an accessible absolute path from the root mount namespace to a relative path in a container. **NOTE**: to resolve host mount namespace, tracee reads from /proc/1/ns, requiring CAP_SYS_PTRACE capability.

func InitContainerPathResolver added in v0.12.0

func InitContainerPathResolver(mountNSPIDsCache *bucketscache.BucketsCache) *ContainerPathResolver

InitContainerPathResolver creates a resolver for paths from within containers.

func (*ContainerPathResolver) GetHostAbsPath added in v0.12.0

func (cPathRes *ContainerPathResolver) GetHostAbsPath(mountNSAbsolutePath string, mountNS int) (
	string, error,
)

GetHostAbsPath translates an absolute path, which might be inside a container, to the correspondent abs path in the host mount namespace.

type Containers

type Containers struct {
	// contains filtered or unexported fields
}

Containers contains information about running containers in the host.

func New added in v0.8.1

func New(
	noContainersEnrich bool,
	cgroups *cgroup.Cgroups,
	sockets cruntime.Sockets,
	mapName string,
) (
	*Containers,
	error,
)

New initializes a Containers object and returns a pointer to it. User should further call "Populate" and iterate with Containers data.

func (*Containers) CgroupExists

func (c *Containers) CgroupExists(cgroupId uint64) bool

CgroupExists checks if there is a cgroupInfo data of a given cgroupId.

func (*Containers) CgroupMkdir

func (c *Containers) CgroupMkdir(cgroupId uint64, subPath string, hierarchyID uint32) (CgroupInfo, error)

CgroupMkdir adds cgroupInfo of a created cgroup dir to Containers struct.

func (*Containers) CgroupRemove

func (c *Containers) CgroupRemove(cgroupId uint64, hierarchyID uint32)

CgroupRemove removes cgroupInfo of deleted cgroup dir from Containers struct. There is an expiration logic of 30 seconds to avoid race conditions (if cgroup dir event arrives too fast and its cgroupInfo data is still needed).

func (*Containers) Close added in v0.8.1

func (c *Containers) Close() error

Close executes cleanup logic for Containers object.

func (*Containers) EnrichCgroupInfo added in v0.8.0

func (c *Containers) EnrichCgroupInfo(cgroupId uint64) (cruntime.ContainerMetadata, error)

EnrichCgroupInfo checks for a given cgroupId if it is relevant to some running container. It then calls the runtime info service to gather additional data from the container's runtime. Should not be called twice for the same cgroupId unless attempting a retry.

Returns the retrieved metadata and a relevant error. If the given cgroup does not belong to a container, no error will be returned, but the returned metadata's containerId will be empty. This should be checked separately.

func (*Containers) FindContainerCgroupID32LSB

func (c *Containers) FindContainerCgroupID32LSB(containerID string) ([]uint32, error)

FindContainerCgroupID32LSB returns the 32 LSB of the Cgroup ID for a given container ID.

func (*Containers) GetCgroupInfo

func (c *Containers) GetCgroupInfo(cgroupId uint64) CgroupInfo

GetCgroupInfo returns the contents of the Containers struct cgroupInfo data of a given cgroupId.

func (*Containers) GetCgroupVersion added in v0.10.0

func (c *Containers) GetCgroupVersion() cgroup.CgroupVersion

func (*Containers) GetContainers

func (c *Containers) GetContainers() map[uint32]CgroupInfo

GetContainers provides a list of all existing containers.

func (*Containers) GetDefaultCgroupHierarchyID added in v0.10.0

func (c *Containers) GetDefaultCgroupHierarchyID() int

func (*Containers) Populate

func (c *Containers) Populate() error

Populate populates Containers struct by reading mounted proc and cgroups fs.

func (*Containers) PopulateBpfMap

func (c *Containers) PopulateBpfMap(bpfModule *libbpfgo.Module) error

PopulateBpfMap populates the map with all the existing containers so eBPF programs can orchestrate new ones with the correct state.

func (*Containers) RemoveFromBPFMap added in v0.16.0

func (c *Containers) RemoveFromBPFMap(bpfModule *libbpfgo.Module, cgroupId uint64, hierarchyID uint32) error

RemoveFromBPFMap removes a container from the map so eBPF programs can stop tracking it.

type SignaturesDataSource added in v0.15.0

type SignaturesDataSource struct {
	// contains filtered or unexported fields
}

func NewDataSource added in v0.15.0

func NewDataSource(c *Containers) *SignaturesDataSource

func (SignaturesDataSource) Get added in v0.15.0

func (ctx SignaturesDataSource) Get(key interface{}) (map[string]interface{}, error)

func (SignaturesDataSource) ID added in v0.15.0

func (ctx SignaturesDataSource) ID() string

func (SignaturesDataSource) Keys added in v0.15.0

func (ctx SignaturesDataSource) Keys() []string

func (SignaturesDataSource) Namespace added in v0.15.0

func (ctx SignaturesDataSource) Namespace() string

func (SignaturesDataSource) Schema added in v0.15.0

func (ctx SignaturesDataSource) Schema() string

func (SignaturesDataSource) Version added in v0.15.0

func (ctx SignaturesDataSource) Version() uint

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL