First of all, that readme is awesome. spot checking the tools container...seems to all "just work" when I run it with atomic run ... blktrace works ethtool works (-K -i -c -S specifically) netstat works pstack works perf top,record,report works iotop works slabtop works lstopo works htop works (wish this was in rhel) nstat works ss works (-tmpie) ifpps works (wish this was in rhel) numastat works (-mczs) pmap works all the sysstat tools work strace works tcpdump works sar works but you have to prepend the /host directory (so, sar -f /host/var/log/sa/sa05) my god tmux is in here?? yes!
systemtap (aww, no readme?) doesnt work: [root@8b7437fed211 /]# cd /usr/share/systemtap/examples/process/ [root@8b7437fed211 process]# stap cycle_thief.stp ERROR: Couldn't insert module '/tmp/stapslabb9/stap_0811c9eea1bbb81f2fbc5f7bf9df4506_8509.ko': Operation not permitted WARNING: /usr/bin/staprun exited with status: 1 Pass 5: run failed. [man error::pass5] [root@8b7437fed211 process]# [root@dhcp23-91 ~]# atomic run --spc candidate-registry.fedoraproject.org/f26/systemtap docker run --cap-add SYS_MODULE -v /sys/kernel/debug:/sys/kernel/debug -v /usr/src/kernels:/usr/src/kernels -v /usr/lib/modules/:/usr/lib/modules/ -v /usr/lib/debug:/usr/lib/debug -t -i --name systemtap-spc candidate-registry.fedoraproject.org/f26/systemtap This container uses privileged security switches: INFO: --cap-add Adding capabilities to your container could allow processes from the container to break out onto your host system. For more information on these switches and their security implications, consult the manpage for 'docker run'. [root@10accce504c2 /]# cd /usr/share/systemtap/examples/process/ [root@10accce504c2 process]# stap cycle_thief.stp ERROR: Couldn't insert module '/tmp/stapNEjJDX/stap_4f013e7562b546a0316af840de9f0713_8509.ko': Operation not permitted WARNING: /usr/bin/staprun exited with status: 1 Pass 5: run failed. [man error::pass5] On Thu, Oct 5, 2017 at 3:09 AM, Tomas Tomecek <ttome...@redhat.com> wrote: > Not sure if the question is for me -- I literally have no idea how to do > that. > > > Let me know how I can help, > > Tomas > > > On Thu, Oct 5, 2017 at 5:04 AM, Dusty Mabe <du...@dustymabe.com> wrote: > >> >> >> On 09/18/2017 10:48 AM, Tomas Tomecek wrote: >> > Hello, >> > >> > we managed to move tools container from Fedora Dockerfiles github repo >> to Fedora infra [1]. As a side effects, we put systemtap in a dedicated >> container. >> > >> > We would very much appreciate your feedback here: so if you have some >> time to take a look at these containers and try them out, it would mean a >> lot to us. >> > >> > Repos: >> > https://src.fedoraproject.org/container/systemtap >> > https://src.fedoraproject.org/container/tools >> > >> > The way to access the images: >> > docker pull candidate-registry.fedoraproject.org/f26/tools < >> http://candidate-registry.fedoraproject.org/f26/tools> >> >> just tested out the tools container. can we get this into the official >> registry? >> >> > docker pull candidate-registry.fedoraproject.org/f26/systemtap < >> http://candidate-registry.fedoraproject.org/f26/systemtap> >> > >> > Both images have help files, so please read them prior using the >> containers: >> > https://src.fedoraproject.org/container/tools/blob/master/f/ >> root/README.md >> > https://github.com/container-images/systemtap/blob/master/help/help.md >> > >> > (or `atomic help $the_container_image`) >> > >> > [1] https://pagure.io/atomic-wg/issue/214 >> > > -- -- Jeremy Eder