def __init__(
        self,
        long_id,
        inspect=None,
        host_namespace='',
        process_namespace=None,
    ):

        # Some quick sanity checks
        if not isinstance(long_id, basestring):
            raise TypeError('long_id should be a string')
        if inspect and not isinstance(inspect, dict):
            raise TypeError('inspect should be a dict.')

        if not inspect:
            try:
                inspect = exec_dockerinspect(long_id)
            except HTTPError:
                raise ContainerNonExistent('No docker container with ID: %s'
                                           % long_id)

        state = inspect['State']
        self.image = inspect['Image']

        assert(long_id == inspect['Id'])
        self.long_id = long_id
        self.host_namespace = host_namespace
        self.pid = str(state['Pid'])
        self.name = inspect['Name']
        self.running = state['Running']
        self.created = inspect['Created']
        self.network_settings = inspect['NetworkSettings']
        self.cmd = inspect['Config']['Cmd']
        self.mounts = inspect.get('Mounts')
        self.volumes = inspect.get('Volumes')
        self.image_name = inspect['Config']['Image']
        self.inspect = inspect

        self.process_namespace = (process_namespace or
                                  namespace.get_pid_namespace(self.pid))

        # This short ID is mainly used for logging purposes
        self.short_id = long_id[:12]

        # Docker prepends a '/' to the name. Let's remove it.
        if self.name[0] == '/':
            self.name = self.name[1:]

        self._set_image_fields(inspect.get('RepoTag', ''))
        self._set_mounts_list()

        try:
            self.root_fs = get_docker_container_rootfs_path(self.long_id)
        except (HTTPError, RuntimeError, DockerutilsException) as e:
            logger.exception(e)
            self.root_fs = None

        self._set_logs_list_input()
        self._set_environment_specific_options()
        self._set_logs_list()
    def crawl(self, container_id=None, avoid_setns=False,
              root_dir='/', **kwargs):
        logger.debug('Crawling packages for container %s' % container_id)
        inspect = exec_dockerinspect(container_id)
        state = inspect['State']
        pid = str(state['Pid'])

        if avoid_setns:
            rootfs_dir = get_docker_container_rootfs_path(
                container_id)
            return crawl_packages(
                root_dir=join_abs_paths(rootfs_dir, root_dir),
                reload_needed=True)
        else:  # in all other cases, including wrong mode set
            try:
                return run_as_another_namespace(pid,
                                                ALL_NAMESPACES,
                                                crawl_packages,
                                                None,
                                                root_dir, 0, False)
            except CrawlError:

                # Retry the crawl avoiding the setns() syscall. This is
                # needed for PPC where we can not jump into the container and
                # run its apt or rpm commands.

                rootfs_dir = get_docker_container_rootfs_path(
                    container_id)
                return crawl_packages(
                    root_dir=join_abs_paths(rootfs_dir, root_dir),
                    reload_needed=True)
Beispiel #3
0
    def get_container_namespace(self, long_id, options):
        assert isinstance(long_id, str) or unicode, "long_id is not a string"
        crawler_k8s_ns = ""
        container_meta = exec_dockerinspect(long_id)
        try:
            labels = container_meta.get(META_CONFIG).get(META_LABELS)
            if labels:
                podname = labels.get(K8S_POD_LABEL)
                if not podname:
                    logger.warning("%s is not icp managed container" % long_id)
                    return crawler_k8s_ns
                # (1). for reg crawler
                if regpod_pattern.search(podname):
                    crawler_k8s_ns = options.get("host_namespace")
                # (2). for live crawler
                else:
                    crawler_k8s_ns = CRAWLER_NAMESPACE_FORMAT.format(
                        K8S_NS=labels.get(K8S_NS_LABEL, ""),
                        K8S_POD=labels.get(K8S_POD_LABEL, ""),
                        K8S_CONT_NAME=labels.get(K8S_CONTAINER_NAME_LABEL, ""),
                        K8S_CONT_ID=long_id)
        except KeyError:
            logger.error('Error retrieving container labels for: %s' % long_id)
            pass

        return crawler_k8s_ns
Beispiel #4
0
    def __init__(
        self,
        long_id,
        inspect=None,
        host_namespace='',
        process_namespace=None,
    ):

        # Some quick sanity checks
        if not isinstance(long_id, basestring):
            raise TypeError('long_id should be a string')
        if inspect and not isinstance(inspect, dict):
            raise TypeError('inspect should be a dict.')

        if not inspect:
            try:
                inspect = exec_dockerinspect(long_id)
            except HTTPError:
                raise ContainerNonExistent('No docker container with ID: %s' %
                                           long_id)

        state = inspect['State']
        self.image = inspect['Image']

        assert (long_id == inspect['Id'])
        self.long_id = long_id
        self.host_namespace = host_namespace
        self.pid = str(state['Pid'])
        self.name = inspect['Name']
        self.running = state['Running']
        self.created = inspect['Created']
        self.network_settings = inspect['NetworkSettings']
        self.cmd = inspect['Config']['Cmd']
        self.mounts = inspect.get('Mounts')
        self.volumes = inspect.get('Volumes')
        self.image_name = inspect['Config']['Image']
        self.inspect = inspect

        self.process_namespace = (process_namespace
                                  or namespace.get_pid_namespace(self.pid))

        # This short ID is mainly used for logging purposes
        self.short_id = long_id[:12]

        # Docker prepends a '/' to the name. Let's remove it.
        if self.name[0] == '/':
            self.name = self.name[1:]

        self._set_image_fields(inspect.get('RepoTag', ''))
        self._set_mounts_list()

        try:
            self.root_fs = get_docker_container_rootfs_path(self.long_id)
        except (HTTPError, RuntimeError, DockerutilsException) as e:
            logger.exception(e)
            self.root_fs = None

        self._set_logs_list_input()
        self._set_environment_specific_options()
        self._set_logs_list()
    def get_container_namespace(self, long_id, options):
        assert isinstance(long_id, str) or unicode, "long_id is not a string"
        crawler_k8s_ns = ""
        container_meta = exec_dockerinspect(long_id)
        try:
            labels = container_meta.get(META_CONFIG).get(META_LABELS)
            if labels:
                podname = labels.get(K8S_POD_LABEL)
                if not podname:
                    logger.warning("%s is not icp managed container" % long_id)
                    return crawler_k8s_ns
                # (1). for reg crawler
                if regpod_pattern.search(podname):
                    crawler_k8s_ns = options.get("host_namespace")
                # (2). for live crawler
                else:
                    crawler_k8s_ns = CRAWLER_NAMESPACE_FORMAT.format(
                        K8S_NS=labels.get(K8S_NS_LABEL, ""),
                        K8S_POD=labels.get(K8S_POD_LABEL, ""),
                        K8S_CONT_NAME=labels.get(K8S_CONTAINER_NAME_LABEL, ""),
                        K8S_CONT_ID=long_id
                    )
        except KeyError:
            logger.error('Error retrieving container labels for: %s' %
                         long_id)
            pass

        return crawler_k8s_ns
Beispiel #6
0
    def crawl(self,
              container_id=None,
              avoid_setns=False,
              root_dir='/',
              **kwargs):
        logger.debug('Crawling packages for container %s' % container_id)
        inspect = exec_dockerinspect(container_id)
        state = inspect['State']
        pid = str(state['Pid'])

        if avoid_setns:
            rootfs_dir = get_docker_container_rootfs_path(container_id)
            return crawl_packages(root_dir=join_abs_paths(
                rootfs_dir, root_dir),
                                  reload_needed=True)
        else:  # in all other cases, including wrong mode set
            try:
                return run_as_another_namespace(pid, ALL_NAMESPACES,
                                                crawl_packages, None, root_dir,
                                                0, False)
            except CrawlError:

                # Retry the crawl avoiding the setns() syscall. This is
                # needed for PPC where we can not jump into the container and
                # run its apt or rpm commands.

                rootfs_dir = get_docker_container_rootfs_path(container_id)
                return crawl_packages(root_dir=join_abs_paths(
                    rootfs_dir, root_dir),
                                      reload_needed=True)
    def get_container_namespace(self, long_id, options):
        assert isinstance(long_id, str) or unicode, "long_id is not a string"
        k8s_meta = dict()
        container_meta = exec_dockerinspect(long_id)
        try:
            labels = container_meta.get(META_CONFIG).get(META_LABELS)
            k8s_meta[META_UUID] = container_meta.get(META_UUID, None)
            if labels:
                k8s_meta.update(labels)

        except KeyError:
            logger.error('Error retrieving container labels for: %s' % long_id)
            pass

        return k8s_meta
Beispiel #8
0
    def get_container_namespace(self, long_id, options):
        assert isinstance(long_id, str) or unicode, "long_id is not a string"
        crawler_k8s_ns = ""
        container_meta = exec_dockerinspect(long_id)
        try:
            labels = container_meta.get(META_CONFIG).get(META_LABELS)
            if labels:
                crawler_k8s_ns = CRAWLER_NAMESPACE_FORMAT.format(
                    K8S_NS=labels.get(K8S_NS_LABEL, ""),
                    K8S_POD=labels.get(K8S_POD_LABEL, ""),
                    K8S_CONT_NAME=labels.get(K8S_CONTAINER_NAME_LABEL, ""),
                    K8S_CONT_ID=long_id)
        except KeyError:
            logger.error('Error retrieving container labels for: %s' %
                         long_id)
            pass

        return crawler_k8s_ns
    def get_container_namespace(self, long_id, options):
        assert isinstance(long_id, str) or unicode, "long_id is not a string"
        crawler_k8s_ns = ""
        container_meta = exec_dockerinspect(long_id)
        try:
            labels = container_meta.get(META_CONFIG).get(META_LABELS)
            if labels:
                podname = labels.get(K8S_POD_LABEL)
                if not podname:
                    logger.warning("%s is not k8s managed Container" % long_id)
                    return crawler_k8s_ns
                # for reg crawler
                if regpod_pattern.search(podname):
                    # expected repotag is "repository/k8s-ns/imagename:tag"
                    repotags = container_meta.get(META_REPOS)
                    repotag_format = ""
                    for repotag in repotags:
                        if len(repotag.split("/")) == 3:
                            repotag_format = repotag.split("/")
                            break
                    # check format
                    e_msg = "can not find proper repotag in this image"
                    assert repotag_format != "", e_msg
                    peaces = repotag.split("/")
                    ns_image_tag = peaces[1] + "/" + peaces[2]
                    crawler_k8s_ns = CRAWLER_IMAGE_NAMESPACE_FORMAT.format(
                        IMAGE_NAME=ns_image_tag
                    )
                # for live crawler
                else:
                    crawler_k8s_ns = CRAWLER_CONT_NAMESPACE_FORMAT.format(
                        K8S_NS=labels.get(K8S_NS_LABEL, ""),
                        K8S_POD=labels.get(K8S_POD_LABEL, ""),
                        K8S_CONT_ID=long_id
                    )
        except KeyError:
            logger.error('Error retrieving container labels for: %s' %
                         long_id)
            pass

        return crawler_k8s_ns
Beispiel #10
0
 def test_dockerinspect(self):
     inspect = exec_dockerinspect(self.container['Id'])
     print inspect
     assert self.container['Id'] == inspect['Id']
Beispiel #11
0
 def crawl(self, container_id, avoid_setns=False, **kwargs):
     inspect = exec_dockerinspect(container_id)
     yield (container_id, inspect, 'dockerinspect')
 def crawl(self, container_id, avoid_setns=False, **kwargs):
     inspect = exec_dockerinspect(container_id)
     yield (container_id, inspect, 'dockerinspect')
 def test_dockerinspect(self):
     inspect = exec_dockerinspect(self.container['Id'])
     print inspect
     assert self.container['Id'] == inspect['Id']