-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmotd
52 lines (44 loc) · 2.29 KB
/
motd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
_ _
| | | |
__| | ___| |__ _ _ __ _
/ _` |/ _ \ '_ \| | | |/ _` |
| (_| | __/ |_) | |_| | (_| |
\__,_|\___|_.__/ \__,_|\__, |
__/ |
|___/
This is a Debug Container inspired by github.com/nicolaka/netshoot.
---------------------------------------------
TOOL OVERVIEW
This includes following tools on PATH:
- Linux Performance Tools: http://www.brendangregg.com/Perf/linux_observability_tools.png
- eBPF bpftrace tools: https://raw.githubusercontent.com/iovisor/bpftrace/master/images/bpftrace_probes_2018.png
Usage Examples: https://github.com/iovisor/bpftrace/blob/master/README.md#tools
- eBPF BCC tools: http://www.brendangregg.com/BPF/bpf_performance_tools_book.png
Usage Examples: https://github.com/iovisor/bcc#contents
MORE tools: https://github.com/brendangregg/bpf-perf-tools-book
- https://github.com/brendangregg/bpf-perf-tools-book/blob/master/originals/Ch10_Networking/soconnect.bt
+ some more (traceloop, jq, vim, calicoctl, websocat, docker CLI, tmux, screen)
---------------------------------------------
USAGE
- needs privileged mode (docker: --privileged; k8s: securityContext.privileged=true)
- needs Host PID namespace (docker: --pid=host; k8s: hostPID=true)
For eBPF tools, the following is needed:
- mount -t debugfs debugfs /sys/kernel/debug
- /usr/src/ must contain the kernel sources
- /lib/modules/ must be mounted from the host
You can run /prepare-bpf.sh which automates the above three steps.
If the directories are not mounted, they are copied from the host (via /proc/1/root).
By default, the kernel sources for a recent Docker for Mac
version are included in the image.
---------------------------------------------
FIRST STEPS
ps faux # process listing
bpftrace -l # list BPF probes
bpftrace -lv tracepoint:syscalls:sys_enter_connect
# get args of tracepoint
ls /proc/1/root/ # contains the HOST file system !!! WATCH OUT !!!
ls /bpf/ # our custom bpftrace scripts
tmux -CC # for opening a multiplexed console (iTerm on OSX only). ESC to send to BD
tmux -CC attach # for reconnecting to the BG shell (iTerm on OSX only)
screen # alternative to tmux
---------------------------------------------