-
Notifications
You must be signed in to change notification settings - Fork 115
New issue
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
cgroups v2 container.id discovery #523
Comments
https://stackoverflow.com/questions/68816329/how-to-get-docker-container-id-from-within-the-container-with-cgroup-v2 discusses using iovisor/bcc#1119 discusses how there isn't a kernel concept of container ID, so this likely comes down to heuristics specific to each container runtime (docker, k8s, podman, systemd, etc.) ... or just being out of luck if nothing is exposed inside the container. Gil, you mentioned perhaps having assist from a host-local APM server. What breaks when a |
Good point, I'm not sure how that would work but it is worth considering if, as you wrote, the id is not reliably discoverable from within the container.
Workflows based on pivoting on that data are impacted. For example, viewing application service logs either are not shown or scoped only to the host/node level which may (likely!) be running various unrelated containers - sometimes useful, but usually you want to start at container and zoom out to that level if needed. That's a really simple example but I hope it demonstrates that type of issue missing this information causes. |
One workaround for those coming across this issue is to start containers with |
This is reportedly an issue with at least three of the APM agents so far, with 2/3 waiting for a decision in this thread before taking any action.
|
The current state of the art (StackOverflow, Jenkins, OpenTelemetry JS) seems to be to read and parse opencontainers/runtime-spec#1105 seems to be a/the issue to follow for there eventually/possibly being a standardize mechanism for this. Until then, we should update our spec to fallback to parsing |
Is your feature request related to a problem? Please describe.
cgroups v2 is increasingly seeing adoption as various distributions have made it the default for containers. As noted in elastic/beats#16958, Fedora 31 (late 2019) enables it by default, Ubuntu 21.10 does as well.
The current spec covers only cgroups v1, this issue is a feature request for v2 support.
Describe the solution you'd like
When running applications on systems with cgroups v2 enabled, for example on docker,
container.id
should be filled in for events produced by APM agents.Additional context
The current metrics spec touches on collecting cgroups v2 metrics without specific guidance on how to identify the cgroup itself, that should be updated as well. The java and python agents may provide insight into the updates required, like consulting
/proc/self/mountinfo
instead of/proc/self/cgroup
when cgroups v2 are detected.The text was updated successfully, but these errors were encountered: