def __init__( self, long_id, inspect=None, host_namespace='', process_namespace=None, ): # Some quick sanity checks if not isinstance(long_id, basestring): raise TypeError('long_id should be a string') if inspect and not isinstance(inspect, dict): raise TypeError('inspect should be a dict.') if not inspect: try: inspect = exec_dockerinspect(long_id) except HTTPError: raise ContainerNonExistent('No docker container with ID: %s' % long_id) state = inspect['State'] self.image = inspect['Image'] assert(long_id == inspect['Id']) self.long_id = long_id self.host_namespace = host_namespace self.pid = str(state['Pid']) self.name = inspect['Name'] self.running = state['Running'] self.created = inspect['Created'] self.network_settings = inspect['NetworkSettings'] self.cmd = inspect['Config']['Cmd'] self.mounts = inspect.get('Mounts') self.volumes = inspect.get('Volumes') self.image_name = inspect['Config']['Image'] self.inspect = inspect self.process_namespace = (process_namespace or namespace.get_pid_namespace(self.pid)) # This short ID is mainly used for logging purposes self.short_id = long_id[:12] # Docker prepends a '/' to the name. Let's remove it. if self.name[0] == '/': self.name = self.name[1:] self._set_image_fields(inspect.get('RepoTag', '')) self._set_mounts_list() try: self.root_fs = get_docker_container_rootfs_path(self.long_id) except (HTTPError, RuntimeError, DockerutilsException) as e: logger.exception(e) self.root_fs = None self._set_logs_list_input() self._set_environment_specific_options() self._set_logs_list()
def crawl(self, container_id=None, avoid_setns=False, root_dir='/', **kwargs): logger.debug('Crawling packages for container %s' % container_id) inspect = exec_dockerinspect(container_id) state = inspect['State'] pid = str(state['Pid']) if avoid_setns: rootfs_dir = get_docker_container_rootfs_path( container_id) return crawl_packages( root_dir=join_abs_paths(rootfs_dir, root_dir), reload_needed=True) else: # in all other cases, including wrong mode set try: return run_as_another_namespace(pid, ALL_NAMESPACES, crawl_packages, None, root_dir, 0, False) except CrawlError: # Retry the crawl avoiding the setns() syscall. This is # needed for PPC where we can not jump into the container and # run its apt or rpm commands. rootfs_dir = get_docker_container_rootfs_path( container_id) return crawl_packages( root_dir=join_abs_paths(rootfs_dir, root_dir), reload_needed=True)
def get_container_namespace(self, long_id, options): assert isinstance(long_id, str) or unicode, "long_id is not a string" crawler_k8s_ns = "" container_meta = exec_dockerinspect(long_id) try: labels = container_meta.get(META_CONFIG).get(META_LABELS) if labels: podname = labels.get(K8S_POD_LABEL) if not podname: logger.warning("%s is not icp managed container" % long_id) return crawler_k8s_ns # (1). for reg crawler if regpod_pattern.search(podname): crawler_k8s_ns = options.get("host_namespace") # (2). for live crawler else: crawler_k8s_ns = CRAWLER_NAMESPACE_FORMAT.format( K8S_NS=labels.get(K8S_NS_LABEL, ""), K8S_POD=labels.get(K8S_POD_LABEL, ""), K8S_CONT_NAME=labels.get(K8S_CONTAINER_NAME_LABEL, ""), K8S_CONT_ID=long_id) except KeyError: logger.error('Error retrieving container labels for: %s' % long_id) pass return crawler_k8s_ns
def __init__( self, long_id, inspect=None, host_namespace='', process_namespace=None, ): # Some quick sanity checks if not isinstance(long_id, basestring): raise TypeError('long_id should be a string') if inspect and not isinstance(inspect, dict): raise TypeError('inspect should be a dict.') if not inspect: try: inspect = exec_dockerinspect(long_id) except HTTPError: raise ContainerNonExistent('No docker container with ID: %s' % long_id) state = inspect['State'] self.image = inspect['Image'] assert (long_id == inspect['Id']) self.long_id = long_id self.host_namespace = host_namespace self.pid = str(state['Pid']) self.name = inspect['Name'] self.running = state['Running'] self.created = inspect['Created'] self.network_settings = inspect['NetworkSettings'] self.cmd = inspect['Config']['Cmd'] self.mounts = inspect.get('Mounts') self.volumes = inspect.get('Volumes') self.image_name = inspect['Config']['Image'] self.inspect = inspect self.process_namespace = (process_namespace or namespace.get_pid_namespace(self.pid)) # This short ID is mainly used for logging purposes self.short_id = long_id[:12] # Docker prepends a '/' to the name. Let's remove it. if self.name[0] == '/': self.name = self.name[1:] self._set_image_fields(inspect.get('RepoTag', '')) self._set_mounts_list() try: self.root_fs = get_docker_container_rootfs_path(self.long_id) except (HTTPError, RuntimeError, DockerutilsException) as e: logger.exception(e) self.root_fs = None self._set_logs_list_input() self._set_environment_specific_options() self._set_logs_list()
def get_container_namespace(self, long_id, options): assert isinstance(long_id, str) or unicode, "long_id is not a string" crawler_k8s_ns = "" container_meta = exec_dockerinspect(long_id) try: labels = container_meta.get(META_CONFIG).get(META_LABELS) if labels: podname = labels.get(K8S_POD_LABEL) if not podname: logger.warning("%s is not icp managed container" % long_id) return crawler_k8s_ns # (1). for reg crawler if regpod_pattern.search(podname): crawler_k8s_ns = options.get("host_namespace") # (2). for live crawler else: crawler_k8s_ns = CRAWLER_NAMESPACE_FORMAT.format( K8S_NS=labels.get(K8S_NS_LABEL, ""), K8S_POD=labels.get(K8S_POD_LABEL, ""), K8S_CONT_NAME=labels.get(K8S_CONTAINER_NAME_LABEL, ""), K8S_CONT_ID=long_id ) except KeyError: logger.error('Error retrieving container labels for: %s' % long_id) pass return crawler_k8s_ns
def crawl(self, container_id=None, avoid_setns=False, root_dir='/', **kwargs): logger.debug('Crawling packages for container %s' % container_id) inspect = exec_dockerinspect(container_id) state = inspect['State'] pid = str(state['Pid']) if avoid_setns: rootfs_dir = get_docker_container_rootfs_path(container_id) return crawl_packages(root_dir=join_abs_paths( rootfs_dir, root_dir), reload_needed=True) else: # in all other cases, including wrong mode set try: return run_as_another_namespace(pid, ALL_NAMESPACES, crawl_packages, None, root_dir, 0, False) except CrawlError: # Retry the crawl avoiding the setns() syscall. This is # needed for PPC where we can not jump into the container and # run its apt or rpm commands. rootfs_dir = get_docker_container_rootfs_path(container_id) return crawl_packages(root_dir=join_abs_paths( rootfs_dir, root_dir), reload_needed=True)
def get_container_namespace(self, long_id, options): assert isinstance(long_id, str) or unicode, "long_id is not a string" k8s_meta = dict() container_meta = exec_dockerinspect(long_id) try: labels = container_meta.get(META_CONFIG).get(META_LABELS) k8s_meta[META_UUID] = container_meta.get(META_UUID, None) if labels: k8s_meta.update(labels) except KeyError: logger.error('Error retrieving container labels for: %s' % long_id) pass return k8s_meta
def get_container_namespace(self, long_id, options): assert isinstance(long_id, str) or unicode, "long_id is not a string" crawler_k8s_ns = "" container_meta = exec_dockerinspect(long_id) try: labels = container_meta.get(META_CONFIG).get(META_LABELS) if labels: crawler_k8s_ns = CRAWLER_NAMESPACE_FORMAT.format( K8S_NS=labels.get(K8S_NS_LABEL, ""), K8S_POD=labels.get(K8S_POD_LABEL, ""), K8S_CONT_NAME=labels.get(K8S_CONTAINER_NAME_LABEL, ""), K8S_CONT_ID=long_id) except KeyError: logger.error('Error retrieving container labels for: %s' % long_id) pass return crawler_k8s_ns
def get_container_namespace(self, long_id, options): assert isinstance(long_id, str) or unicode, "long_id is not a string" crawler_k8s_ns = "" container_meta = exec_dockerinspect(long_id) try: labels = container_meta.get(META_CONFIG).get(META_LABELS) if labels: podname = labels.get(K8S_POD_LABEL) if not podname: logger.warning("%s is not k8s managed Container" % long_id) return crawler_k8s_ns # for reg crawler if regpod_pattern.search(podname): # expected repotag is "repository/k8s-ns/imagename:tag" repotags = container_meta.get(META_REPOS) repotag_format = "" for repotag in repotags: if len(repotag.split("/")) == 3: repotag_format = repotag.split("/") break # check format e_msg = "can not find proper repotag in this image" assert repotag_format != "", e_msg peaces = repotag.split("/") ns_image_tag = peaces[1] + "/" + peaces[2] crawler_k8s_ns = CRAWLER_IMAGE_NAMESPACE_FORMAT.format( IMAGE_NAME=ns_image_tag ) # for live crawler else: crawler_k8s_ns = CRAWLER_CONT_NAMESPACE_FORMAT.format( K8S_NS=labels.get(K8S_NS_LABEL, ""), K8S_POD=labels.get(K8S_POD_LABEL, ""), K8S_CONT_ID=long_id ) except KeyError: logger.error('Error retrieving container labels for: %s' % long_id) pass return crawler_k8s_ns
def test_dockerinspect(self): inspect = exec_dockerinspect(self.container['Id']) print inspect assert self.container['Id'] == inspect['Id']
def crawl(self, container_id, avoid_setns=False, **kwargs): inspect = exec_dockerinspect(container_id) yield (container_id, inspect, 'dockerinspect')