Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753852AbcJOM1y (ORCPT <rfc822;w@1wt.eu>);
        Sat, 15 Oct 2016 08:27:54 -0400
Received: from mail-wm0-f68.google.com ([74.125.82.68]:36845 "EHLO
        mail-wm0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752447AbcJOM1w (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 15 Oct 2016 08:27:52 -0400
From: Alban Crequy <alban.crequy@gmail.com>
X-Google-Original-From: Alban Crequy <alban@kinvolk.io>
To: linux-kernel@vger.kernel.org, containers@lists.linux-foundation.org,
        netdev@vger.kernel.org
Cc: Jesper Derehag <jderehag@hotmail.com>,
        "Serge E . Hallyn" <serge@hallyn.com>,
        Evgeniy Polyakov <zbr@ioremap.net>, Jiri Benc <jbenc@redhat.com>,
        Tejun Heo <tj@kernel.org>, Aditya Kali <adityakali@google.com>,
        Iago Lopez Galeiras <iago@kinvolk.io>,
        Dimitri John Ledkov <dimitri.j.ledkov@intel.com>,
        Aaron Campbell <aaron@monkey.org>, Alban Crequy <alban@kinvolk.io>
Subject: [RFC v2 0/2] proc connector: get namespace events
Date: Sat, 15 Oct 2016 14:26:08 +0200
Message-Id: <1476534370-4027-1-git-send-email-alban@kinvolk.io>
X-Mailer: git-send-email 2.7.4
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1961
Lines: 54

This is v2 of the patch set to add namespace events in the proc connector.

The act of a process creating or joining a namespace via clone(),
unshare() or setns() is a useful signal for monitoring applications.

I am working on a monitoring application that keeps track of all the
containers and all processes inside each container. The current way of
doing it is by polling regularly in /proc for the list of processes and
in /proc/*/ns/* to know which namespaces they belong to. This is
inefficient on systems with a large number of containers and a large
number of processes.

Instead, I would inspect /proc only one time and get the updates with
the proc connector. Unfortunately, the proc connector gives me the list
of processes but does not notify me when a process changes namespaces.
So I would still need to inspect /proc/*/ns/*.

 (1) Add namespace events for processes. It generates a namespace event each
     time a process changes namespace via clone(), unshare() or setns().

 (2) Add a way for userspace to detect if proc connector is able to send
     namespace events.


Changes since RFC-v1: https://lkml.org/lkml/2016/9/8/588

* Supports userns.

* The reason field says exactly whether it is clone/setns/unshare.

* Sends aggregated messages containing details of several namespaces
  changes. Suggested by Evgeniy Polyakov.

* Add patch 2 to detect if proc connector is able to send namespace events.


This patch set is available in the git repository at:

  https://github.com/kinvolk/linux.git alban/proc_ns_connector-v2-5


Alban Crequy (2):
  proc connector: add namespace events
  proc connector: add a "get feature" op

 drivers/connector/cn_proc.c  | 163 ++++++++++++++++++++++++++++++++++++++++---
 include/linux/cn_proc.h      |  25 +++++++
 include/uapi/linux/cn_proc.h |  27 ++++++-
 kernel/fork.c                |  10 +++
 kernel/nsproxy.c             |   6 ++
 5 files changed, 220 insertions(+), 11 deletions(-)

-- 
2.7.4