Re: [RFC v2 0/2] proc connector: get namespace events
Alban Crequywrites: > This is v2 of the patch set to add namespace events in the proc > connector. So while not totally wrong the way you report namespaces makes me grumpy. You are not including the device node of the filesystem those inodes are on. The inode number is meaningless if you don't specify which filesystem the inode is from. I absolutely do not want to have to implement a namespace for namespaces someday just because people have been sloppy like this. So please correct this to at least report the full information on namespaces. Thank you, Eric
Re: [RFC v2 0/2] proc connector: get namespace events
Alban Crequy writes: > This is v2 of the patch set to add namespace events in the proc > connector. So while not totally wrong the way you report namespaces makes me grumpy. You are not including the device node of the filesystem those inodes are on. The inode number is meaningless if you don't specify which filesystem the inode is from. I absolutely do not want to have to implement a namespace for namespaces someday just because people have been sloppy like this. So please correct this to at least report the full information on namespaces. Thank you, Eric
[RFC v2 0/2] proc connector: get namespace events
This is v2 of the patch set to add namespace events in the proc connector. The act of a process creating or joining a namespace via clone(), unshare() or setns() is a useful signal for monitoring applications. I am working on a monitoring application that keeps track of all the containers and all processes inside each container. The current way of doing it is by polling regularly in /proc for the list of processes and in /proc/*/ns/* to know which namespaces they belong to. This is inefficient on systems with a large number of containers and a large number of processes. Instead, I would inspect /proc only one time and get the updates with the proc connector. Unfortunately, the proc connector gives me the list of processes but does not notify me when a process changes namespaces. So I would still need to inspect /proc/*/ns/*. (1) Add namespace events for processes. It generates a namespace event each time a process changes namespace via clone(), unshare() or setns(). (2) Add a way for userspace to detect if proc connector is able to send namespace events. Changes since RFC-v1: https://lkml.org/lkml/2016/9/8/588 * Supports userns. * The reason field says exactly whether it is clone/setns/unshare. * Sends aggregated messages containing details of several namespaces changes. Suggested by Evgeniy Polyakov. * Add patch 2 to detect if proc connector is able to send namespace events. This patch set is available in the git repository at: https://github.com/kinvolk/linux.git alban/proc_ns_connector-v2-5 Alban Crequy (2): proc connector: add namespace events proc connector: add a "get feature" op drivers/connector/cn_proc.c | 163 --- include/linux/cn_proc.h | 25 +++ include/uapi/linux/cn_proc.h | 27 ++- kernel/fork.c| 10 +++ kernel/nsproxy.c | 6 ++ 5 files changed, 220 insertions(+), 11 deletions(-) -- 2.7.4
[RFC v2 0/2] proc connector: get namespace events
This is v2 of the patch set to add namespace events in the proc connector. The act of a process creating or joining a namespace via clone(), unshare() or setns() is a useful signal for monitoring applications. I am working on a monitoring application that keeps track of all the containers and all processes inside each container. The current way of doing it is by polling regularly in /proc for the list of processes and in /proc/*/ns/* to know which namespaces they belong to. This is inefficient on systems with a large number of containers and a large number of processes. Instead, I would inspect /proc only one time and get the updates with the proc connector. Unfortunately, the proc connector gives me the list of processes but does not notify me when a process changes namespaces. So I would still need to inspect /proc/*/ns/*. (1) Add namespace events for processes. It generates a namespace event each time a process changes namespace via clone(), unshare() or setns(). (2) Add a way for userspace to detect if proc connector is able to send namespace events. Changes since RFC-v1: https://lkml.org/lkml/2016/9/8/588 * Supports userns. * The reason field says exactly whether it is clone/setns/unshare. * Sends aggregated messages containing details of several namespaces changes. Suggested by Evgeniy Polyakov. * Add patch 2 to detect if proc connector is able to send namespace events. This patch set is available in the git repository at: https://github.com/kinvolk/linux.git alban/proc_ns_connector-v2-5 Alban Crequy (2): proc connector: add namespace events proc connector: add a "get feature" op drivers/connector/cn_proc.c | 163 --- include/linux/cn_proc.h | 25 +++ include/uapi/linux/cn_proc.h | 27 ++- kernel/fork.c| 10 +++ kernel/nsproxy.c | 6 ++ 5 files changed, 220 insertions(+), 11 deletions(-) -- 2.7.4