[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] tools and systemtap containers are available in Fedora



Forgot to add Will Cohen (discussed stap errors with him briefly).  Also my replies won't make it to the dev list since I am not subscribed (just fyi I guess).

On Thu, Oct 5, 2017 at 9:10 AM, Jeremy Eder <jeder redhat com> wrote:
First of all, that readme is awesome.

spot checking the tools container...seems to all "just work" when I run it with atomic run ...
blktrace works
ethtool works (-K -i -c -S specifically)
netstat works
pstack works
perf top,record,report works
iotop works
slabtop works
lstopo works
htop works (wish this was in rhel)
nstat works
ss works (-tmpie)
ifpps works (wish this was in rhel)
numastat works (-mczs)
pmap works
all the sysstat tools work
strace works
tcpdump works
sar works but you have to prepend the /host directory (so, sar -f /host/var/log/sa/sa05)
my god tmux is in here?? yes!


​systemtap (aww, no readme?)

doesnt work:
[root 8b7437fed211 /]# cd /usr/share/systemtap/examples/process/                                                                                                                             
[root 8b7437fed211 process]# stap cycle_thief.stp
ERROR: Couldn't insert module '/tmp/stapslabb9/stap_0811c9eea1bbb81f2fbc5f7bf9df4506_8509.ko': Operation not permitted
WARNING: /usr/bin/staprun exited with status: 1
Pass 5: run failed.  [man error::pass5]
[root 8b7437fed211 process]# 



[root dhcp23-91 ~]# atomic run --spc candidate-registry.fedoraproject.org/f26/systemtap
docker run --cap-add SYS_MODULE -v /sys/kernel/debug:/sys/kernel/debug -v /usr/src/kernels:/usr/src/kernels -v /usr/lib/modules/:/usr/lib/modules/ -v /usr/lib/debug:/usr/lib/debug -t -i --name systemtap-spc candidate-registry.fedoraproject.org/f26/systemtap

This container uses privileged security switches:

INFO: --cap-add 
      Adding capabilities to your container could allow processes from the container to break out onto your host system.

For more information on these switches and their security implications, consult the manpage for 'docker run'.

[root 10accce504c2 /]# cd /usr/share/systemtap/examples/process/
[root 10accce504c2 process]# stap cycle_thief.stp 
ERROR: Couldn't insert module '/tmp/stapNEjJDX/stap_4f013e7562b546a0316af840de9f0713_8509.ko': Operation not permitted
WARNING: /usr/bin/staprun exited with status: 1
Pass 5: run failed.  [man error::pass5]



On Thu, Oct 5, 2017 at 3:09 AM, Tomas Tomecek <ttomecek redhat com> wrote:
Not sure if the question is for me -- I literally have no idea how to do that.


Let me know how I can help,

Tomas


On Thu, Oct 5, 2017 at 5:04 AM, Dusty Mabe <dusty dustymabe com> wrote:


On 09/18/2017 10:48 AM, Tomas Tomecek wrote:
> Hello,
>
> we managed to move tools container from Fedora Dockerfiles github repo to Fedora infra [1]. As a side effects, we put systemtap in a dedicated container.
>
> We would very much appreciate your feedback here: so if you have some time to take a look at these containers and try them out, it would mean a lot to us.
>
> Repos:
> https://src.fedoraproject.org/container/systemtap
> https://src.fedoraproject.org/container/tools
>
> The way to access the images:
> docker pull candidate-registry.fedoraproject.org/f26/tools <http://candidate-registry.fedoraproject.org/f26/tools>

just tested out the tools container. can we get this into the official registry?

> docker pull candidate-registry.fedoraproject.org/f26/systemtap <http://candidate-registry.fedoraproject.org/f26/systemtap>
>
> Both images have help files, so please read them prior using the containers:
> https://src.fedoraproject.org/container/tools/blob/master/f/root/README.md
> https://github.com/container-images/systemtap/blob/master/help/help.md
>
> (or `atomic help $the_container_image`)
>
> [1] https://pagure.io/atomic-wg/issue/214




--

-- Jeremy Eder



--

-- Jeremy Eder

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]