parse containerid for a pid from cgroup as a hex chain (#589)

Signed-off-by: Endre Sara <[email protected]> Co-authored-by: Mario Macias <[email protected]>
grafana · Feb 6, 2024 · aa3023b · aa3023b
1 parent ea5aeff
commit aa3023b
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 5 deletions.
diff --git a/pkg/internal/helpers/container/container.go b/pkg/internal/helpers/container/container.go
@@ -24,14 +24,18 @@ type Info struct {
 	PIDNamespace uint32
 }
 
-// A docker cgroup entry is a string like:
-// 0::/docker/<hex...>/kubelet.slice/kubelet-kubepods.slice/kubelet-kubepods-besteffort.slice/
-// kubelet-kubepods-besteffort-pod<hex...>.slice/cri-containerd-<hex...>.scope
+// A docker cgroup entry is a string like - when running beyla as a process on the node:
+// 0::/docker/<hex...>/kubelet.slice/kubelet-kubepods.slice/kubelet-kubepods-besteffort.slice/kubelet-kubepods-besteffort-pod<hex...>.slice/cri-containerd-<hex...>.scope
 // where the last <hex...> chain is the container ID inside its Pod
-// The /docker/<hex...> part might not be visible inside the Pod (e.g. deploying Beyla
-// as a sidecar). That's why we search for the "kubelet.slice" string.
 var dockerCgroup = regexp.MustCompile(`^\d+:.*:.*/.*-([\da-fA-F]+)\.scope`)
 
+// A k8s cgroup entry is a string like - when running beyla as daemonset in k8s:
+// GKE: /kubepods/burstable/pod4a163a05-439d-484b-8e53-2968bc15824f/cde6dfaf5007ed65aad2d6aed72af91b0f3d95813492f773286e29ae145d20f4
+// GKE-containerd: /kubepods/burstable/podb53dfa9e2dc9b890f7fadb2770857b03/bb959773d06ad1a07d469bced637bbc49b6f8573c493fd0548d7f5810eb3e5a8
+// EKS: /kubepods.slice/kubepods-burstable.slice/kubepods-burstable-poddde1244b_5bb5_4297_b544_85f3bc0d80bf.slice/cri-containerd-acb62391578595ec849d87d8556369cee7f935f0425097fd5f870df0e8aabd3c.scope
+// Containerd: /kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod7260904bbd08e72e4dff95d9fccd2ee8.slice/cri-containerd-d36686f9785534531160dc936aec9d711a26eb37f4fc7752a2ae27d0a24345c1.scope
+var k8sCgroup = regexp.MustCompile(`^\d+:.*:/kubepods.*([0-9a-f]{64})`)
+
 // InfoForPID returns the container ID and PID namespace for the given PID.
 func InfoForPID(pid uint32) (Info, error) {
 	ns, err := namespaceFinder(int32(pid))
@@ -43,12 +47,21 @@ func InfoForPID(pid uint32) (Info, error) {
 	if err != nil {
 		return Info{}, fmt.Errorf("reading %s: %w", cgroupFile, err)
 	}
+	// We look for the docker cgroup entry first, as it's the most common
 	for _, cgroupEntry := range bytes.Split(cgroupBytes, []byte{'\n'}) {
 		submatches := dockerCgroup.FindSubmatch(cgroupEntry)
 		if len(submatches) < 2 {
 			continue
 		}
 		return Info{PIDNamespace: ns, ContainerID: string(submatches[1])}, nil
 	}
+	// If we didn't find a docker entry, we look for a k8s entry
+	for _, cgroupEntry := range bytes.Split(cgroupBytes, []byte{'\n'}) {
+		submatches := k8sCgroup.FindSubmatch(cgroupEntry)
+		if len(submatches) < 2 {
+			continue
+		}
+		return Info{PIDNamespace: ns, ContainerID: string(submatches[1])}, nil
+	}
 	return Info{}, fmt.Errorf("%s: couldn't find any docker entry for process with PID %d", cgroupFile, pid)
 }
diff --git a/pkg/internal/helpers/container/container_test.go b/pkg/internal/helpers/container/container_test.go
@@ -31,6 +31,14 @@ var fixturesWithContainer = map[uint32]string{
 0::/system.slice/containerd.service`,
 	789: `0::/../cri-containerd-40c03570b6f4c30bc8d69923d37ee698f5cfcced92c7b7df1c47f6f7887378a9.scope`,
 	999: `0::/system.slice/docker-40c03570b6f4c30bc8d69923d37ee698f5cfcced92c7b7df1c47f6f7887378a9.scope/kubepods/burstable/podc55ba69a-e39f-44af-925d-c4794fd57878/264c1e319d1f6080a48a9fabcf9ac8fd9afd9a5930cf35e8d0eeb03b258c3152`,
+	// GKE cgroup entry
+	589: `0::/kubepods/burstable/pod4a163a05-439d-484b-8e53-2968bc15824f/40c03570b6f4c30bc8d69923d37ee698f5cfcced92c7b7df1c47f6f7887378a9`,
+	// GKE-containerd cgroup entry
+	689: `0::/kubepods/burstable/podb53dfa9e2dc9b890f7fadb2770857b03/40c03570b6f4c30bc8d69923d37ee698f5cfcced92c7b7df1c47f6f7887378a9`,
+	// EKS cgroup entry
+	788: `0::/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-poddde1244b_5bb5_4297_b544_85f3bc0d80bf.slice/cri-containerd-40c03570b6f4c30bc8d69923d37ee698f5cfcced92c7b7df1c47f6f7887378a9.scope`,
+	// Containerd cgroup entry
+	889: `0::/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod7260904bbd08e72e4dff95d9fccd2ee8.slice/cri-containerd-40c03570b6f4c30bc8d69923d37ee698f5cfcced92c7b7df1c47f6f7887378a9.scope`,
 }
 
 var fixturesWithoutContainer = map[uint32]string{