Merge pull request #137 from coroot/talos_support

add support for Talos Linux runtime

cgroup/cgroup.go

@@ -23,6 +23,7 @@ var (
 	containerdIdRegexp  = regexp.MustCompile(`cri-containerd[-:]([a-z0-9]{64})`)
 	lxcIdRegexp         = regexp.MustCompile(`/lxc/([^/]+)`)
 	systemSliceIdRegexp = regexp.MustCompile(`(/(system|runtime)\.slice/([^/]+))`)
+	talosIdRegexp       = regexp.MustCompile(`/(system|podruntime)/([^/]+)`)
 )
 
 type Version uint8
@@ -43,6 +44,7 @@ const (
 	ContainerTypeLxc
 	ContainerTypeSystemdService
 	ContainerTypeSandbox
+	ContainerTypeTalosRuntime
 )
 
 func (t ContainerType) String() string {
@@ -121,8 +123,11 @@ func NewFromProcessCgroupFile(filePath string) (*Cgroup, error) {
 	return cg, nil
 }
 
-func containerByCgroup(path string) (ContainerType, string, error) {
-	parts := strings.Split(strings.TrimLeft(path, "/"), "/")
+func containerByCgroup(cgroupPath string) (ContainerType, string, error) {
+	parts := strings.Split(strings.TrimLeft(cgroupPath, "/"), "/")
+	if cgroupPath == "/init" {
+		return ContainerTypeTalosRuntime, "/talos/init", nil
+	}
 	if len(parts) < 2 {
 		return ContainerTypeStandaloneProcess, "", nil
 	}
@@ -131,43 +136,50 @@ func containerByCgroup(path string) (ContainerType, string, error) {
 		return ContainerTypeStandaloneProcess, "", nil
 	}
 	if prefix == "docker" || (prefix == "system.slice" && strings.HasPrefix(parts[1], "docker-")) {
-		matches := dockerIdRegexp.FindStringSubmatch(path)
+		matches := dockerIdRegexp.FindStringSubmatch(cgroupPath)
 		if matches == nil {
-			return ContainerTypeUnknown, "", fmt.Errorf("invalid docker cgroup %s", path)
+			return ContainerTypeUnknown, "", fmt.Errorf("invalid docker cgroup %s", cgroupPath)
 		}
 		return ContainerTypeDocker, matches[1], nil
 	}
-	if strings.Contains(path, "kubepods") {
-		crioMatches := crioIdRegexp.FindStringSubmatch(path)
+	if strings.Contains(cgroupPath, "kubepods") {
+		crioMatches := crioIdRegexp.FindStringSubmatch(cgroupPath)
 		if crioMatches != nil {
 			return ContainerTypeCrio, crioMatches[1], nil
 		}
-		if strings.Contains(path, "crio-conmon-") {
+		if strings.Contains(cgroupPath, "crio-conmon-") {
 			return ContainerTypeUnknown, "", nil
 		}
-		containerdMatches := containerdIdRegexp.FindStringSubmatch(path)
+		containerdMatches := containerdIdRegexp.FindStringSubmatch(cgroupPath)
 		if containerdMatches != nil {
 			return ContainerTypeContainerd, containerdMatches[1], nil
 		}
-		matches := dockerIdRegexp.FindStringSubmatch(path)
+		matches := dockerIdRegexp.FindStringSubmatch(cgroupPath)
 		if matches == nil {
 			return ContainerTypeSandbox, "", nil
 		}
 		return ContainerTypeDocker, matches[1], nil
 	}
 	if prefix == "lxc" {
-		matches := lxcIdRegexp.FindStringSubmatch(path)
+		matches := lxcIdRegexp.FindStringSubmatch(cgroupPath)
 		if matches == nil {
-			return ContainerTypeUnknown, "", fmt.Errorf("invalid lxc cgroup %s", path)
+			return ContainerTypeUnknown, "", fmt.Errorf("invalid lxc cgroup %s", cgroupPath)
 		}
 		return ContainerTypeLxc, matches[1], nil
 	}
+	if prefix == "system" || prefix == "podruntime" {
+		matches := talosIdRegexp.FindStringSubmatch(cgroupPath)
+		if matches == nil {
+			return ContainerTypeUnknown, "", fmt.Errorf("invalid talos runtime cgroup %s", cgroupPath)
+		}
+		return ContainerTypeTalosRuntime, path.Join("/talos/", matches[2]), nil
+	}
 	if prefix == "system.slice" || prefix == "runtime.slice" {
-		matches := systemSliceIdRegexp.FindStringSubmatch(path)
+		matches := systemSliceIdRegexp.FindStringSubmatch(cgroupPath)
 		if matches == nil {
-			return ContainerTypeUnknown, "", fmt.Errorf("invalid systemd cgroup %s", path)
+			return ContainerTypeUnknown, "", fmt.Errorf("invalid systemd cgroup %s", cgroupPath)
 		}
 		return ContainerTypeSystemdService, strings.Replace(matches[1], "\\x2d", "-", -1), nil
 	}
-	return ContainerTypeUnknown, "", fmt.Errorf("unknown container: %s", path)
+	return ContainerTypeUnknown, "", fmt.Errorf("unknown container: %s", cgroupPath)
 }

cgroup/cgroup_test.go

@@ -62,6 +62,13 @@ func TestNewFromProcessCgroupFile(t *testing.T) {
 	assert.Equal(t, "/system.slice/springboot.service", cg.ContainerId)
 	assert.Equal(t, ContainerTypeSystemdService, cg.ContainerType)
 
+	cg, err = NewFromProcessCgroupFile(path.Join("fixtures/proc/700/cgroup"))
+	assert.Nil(t, err)
+	assert.Equal(t, V2, cg.Version)
+	assert.Equal(t, "/podruntime/runtime", cg.Id)
+	assert.Equal(t, "/talos/runtime", cg.ContainerId)
+	assert.Equal(t, ContainerTypeTalosRuntime, cg.ContainerType)
+
 	baseCgroupPath = "/kubepods.slice/kubepods-besteffort.slice/kubepods-besteffort-podc83d0428_58af_41eb_8dba_b9e6eddffe7b.slice/docker-0e612005fd07e7f47e2cd07df99a2b4e909446814d71d0b5e4efc7159dd51252.scope"
 	defer func() {
 		baseCgroupPath = ""
@@ -136,4 +143,19 @@ func TestContainerByCgroup(t *testing.T) {
 	as.Equal(typ, ContainerTypeContainerd)
 	as.Equal("d4a9f9195eaf7e4a729f24151101e1de61f1398677e7b82acfb936dff0b4ce55", id)
 	as.Nil(err)
+
+	typ, id, err = containerByCgroup("/podruntime/kubelet")
+	as.Equal(typ, ContainerTypeTalosRuntime)
+	as.Equal("/talos/kubelet", id)
+	as.Nil(err)
+
+	typ, id, err = containerByCgroup("/system/dashboard")
+	as.Equal(typ, ContainerTypeTalosRuntime)
+	as.Equal("/talos/dashboard", id)
+	as.Nil(err)
+
+	typ, id, err = containerByCgroup("/init")
+	as.Equal(typ, ContainerTypeTalosRuntime)
+	as.Equal("/talos/init", id)
+	as.Nil(err)
 }

cgroup/fixtures/proc/700/cgroup

@@ -0,0 +1 @@
+0::/podruntime/runtime

containers/registry.go

@@ -403,13 +403,14 @@ func (r *Registry) getFQDN(ip netaddr.IP) string {
 }
 
 func calcId(cg *cgroup.Cgroup, md *ContainerMetadata) ContainerID {
-	if cg.ContainerType == cgroup.ContainerTypeSystemdService {
+	switch cg.ContainerType {
+	case cgroup.ContainerTypeSystemdService:
 		if strings.HasPrefix(cg.ContainerId, "/system.slice/crio-conmon-") {
 			return ""
 		}
 		return ContainerID(cg.ContainerId)
-	}
-	switch cg.ContainerType {
+	case cgroup.ContainerTypeTalosRuntime:
+		return ContainerID(cg.ContainerId)
 	case cgroup.ContainerTypeDocker, cgroup.ContainerTypeContainerd, cgroup.ContainerTypeSandbox, cgroup.ContainerTypeCrio:
 	default:
 		return ""