Re: [PATCH v4 0/3] perf: add support for analyzing events for containers
From: Hari Bathini
Date: Wed Jan 04 2017 - 06:46:45 EST
On Wednesday 04 January 2017 02:34 PM, Krister Johansen wrote:
On Tue, Jan 03, 2017 at 04:57:54PM +0530, Hari Bathini wrote:
On Thursday 29 December 2016 07:11 AM, Krister Johansen wrote:
On Fri, Dec 16, 2016 at 12:06:55AM +0530, Hari Bathini wrote:
This patch-set overcomes this limitation by using cgroup identifier as
container unique identifier. A new PERF_RECORD_NAMESPACES event that
records namespaces related info is introduced, from which the cgroup
namespace's device & inode numbers are used as cgroup identifier. This
is based on the assumption that each container is created with it's own
cgroup namespace allowing assessment/analysis of multiple containers
using cgroup identifier.
Why choose cgroups when the kernel dispenses namespace-unique
identifiers. Cgroup membership can be arbitrary. Moreover, cgroup and
Agreed. But doesn't that hold for any other namespace or a combination
of namespaces as well?
I guess that's part of my concern. There is no container-unique
identifier on the system, since the notion of containers is a construct
of higer-level software. You're depending on the fact that some popular
container software packages put their processes in separate cgroups.
Some of the stranger problems I've debugged with containers involve
abuses of nsenter(1) and shared subtrees. In cases like that, if you
filter by cgroup you may miss other interfering processes that are in
one or more of the namespaces associated with the container, but not its
cgroup. It's possible I misunderstood. Is the cgroup id being used to
filter events, or just for display purposes?
All namespaces info for all threads is captured in perf.data with
PERF_RECORD_NAMESPACES events, which can be used
for post processing. We used cgroup namespace's id in
patch 3/3 for reporting, which can be improved later..
Thanks
Hari