First of all, that readme is awesome.

spot checking the tools container...seems to all "just work" when I run it
with atomic run ...
blktrace works
ethtool works (-K -i -c -S specifically)
netstat works
pstack works
perf top,record,report works
iotop works
slabtop works
lstopo works
htop works (wish this was in rhel)
nstat works
ss works (-tmpie)
ifpps works (wish this was in rhel)
numastat works (-mczs)
pmap works
all the sysstat tools work
strace works
tcpdump works
sar works but you have to prepend the /host directory (so, sar -f
/host/var/log/sa/sa05)
my god tmux is in here?? yes!


​systemtap (aww, no readme?)

doesnt work:
​[root@8b7437fed211 /]# cd /usr/share/systemtap/examples/process/


[root@8b7437fed211 process]# stap cycle_thief.stp
ERROR: Couldn't insert module
'/tmp/stapslabb9/stap_0811c9eea1bbb81f2fbc5f7bf9df4506_8509.ko': Operation
not permitted
WARNING: /usr/bin/staprun exited with status: 1
Pass 5: run failed.  [man error::pass5]
[root@8b7437fed211 process]#



[root@dhcp23-91 ~]# atomic run --spc
candidate-registry.fedoraproject.org/f26/systemtap
docker run --cap-add SYS_MODULE -v /sys/kernel/debug:/sys/kernel/debug -v
/usr/src/kernels:/usr/src/kernels -v /usr/lib/modules/:/usr/lib/modules/ -v
/usr/lib/debug:/usr/lib/debug -t -i --name systemtap-spc
candidate-registry.fedoraproject.org/f26/systemtap

This container uses privileged security switches:

INFO: --cap-add
      Adding capabilities to your container could allow processes from the
container to break out onto your host system.

For more information on these switches and their security implications,
consult the manpage for 'docker run'.

[root@10accce504c2 /]# cd /usr/share/systemtap/examples/process/
[root@10accce504c2 process]# stap cycle_thief.stp
ERROR: Couldn't insert module
'/tmp/stapNEjJDX/stap_4f013e7562b546a0316af840de9f0713_8509.ko': Operation
not permitted
WARNING: /usr/bin/staprun exited with status: 1
Pass 5: run failed.  [man error::pass5]



On Thu, Oct 5, 2017 at 3:09 AM, Tomas Tomecek <ttome...@redhat.com> wrote:

> Not sure if the question is for me -- I literally have no idea how to do
> that.
>
>
> Let me know how I can help,
>
> Tomas
>
>
> On Thu, Oct 5, 2017 at 5:04 AM, Dusty Mabe <du...@dustymabe.com> wrote:
>
>>
>>
>> On 09/18/2017 10:48 AM, Tomas Tomecek wrote:
>> > Hello,
>> >
>> > we managed to move tools container from Fedora Dockerfiles github repo
>> to Fedora infra [1]. As a side effects, we put systemtap in a dedicated
>> container.
>> >
>> > We would very much appreciate your feedback here: so if you have some
>> time to take a look at these containers and try them out, it would mean a
>> lot to us.
>> >
>> > Repos:
>> > https://src.fedoraproject.org/container/systemtap
>> > https://src.fedoraproject.org/container/tools
>> >
>> > The way to access the images:
>> > docker pull candidate-registry.fedoraproject.org/f26/tools <
>> http://candidate-registry.fedoraproject.org/f26/tools>
>>
>> just tested out the tools container. can we get this into the official
>> registry?
>>
>> > docker pull candidate-registry.fedoraproject.org/f26/systemtap <
>> http://candidate-registry.fedoraproject.org/f26/systemtap>
>> >
>> > Both images have help files, so please read them prior using the
>> containers:
>> > https://src.fedoraproject.org/container/tools/blob/master/f/
>> root/README.md
>> > https://github.com/container-images/systemtap/blob/master/help/help.md
>> >
>> > (or `atomic help $the_container_image`)
>> >
>> > [1] https://pagure.io/atomic-wg/issue/214
>>
>
>


-- 

-- Jeremy Eder

Reply via email to