tetragon
tetragon copied to clipboard
cilium
[Doc] Getting Started > File Access Monitoring, is the doc correct ?
I am reading the quick started document to test out tetragon, and I am at https://tetragon.io/docs/getting-started/file-events/ page.
However, with the current configuration: file_monitoring.yaml provided in github that is used for Docker to run tetragon-container of quay.io/cilium/tetragon-ci:latest as shown in the doc:
wget https://raw.githubusercontent.com/cilium/tetragon/main/examples/quickstart/file_monitoring.yaml
docker stop tetragon-container
docker run --name tetragon-container --rm --pull always \
--pid=host --cgroupns=host --privileged \
-v ${PWD}/file_monitoring.yaml:/etc/tetragon/tetragon.tp.d/file_monitoring.yaml \
-v /sys/kernel/btf/vmlinux:/var/lib/tetragon/btf \
quay.io/cilium/tetragon-ci:latest
causes the following error:
docker run --name tetragon-container --rm --pull always \
--pid=host --cgroupns=host --privileged \
-v ${PWD}/file_monitoring.yaml:/etc/tetragon/tetragon.tp.d/file_monitoring.yaml \
-v /sys/kernel/btf/vmlinux:/var/lib/tetragon/btf \
quay.io/cilium/tetragon-ci:latest
latest: Pulling from cilium/tetragon-ci
Digest: sha256:3613b95d768b680f4bd5c622648ae199eeb91abd4689899af4ee8d43c8e4ad85
Status: Image is up to date for quay.io/cilium/tetragon-ci:latest
time="2024-06-27T15:24:41Z" level=info msg="Starting tetragon" version=v1.2.0-pre.0-229-g0d85b38e4
time="2024-06-27T15:24:41Z" level=info msg="config settings" config="map[bpf-lib:/var/lib/tetragon/ btf: cgroup-rate: config-dir: cpuprofile: data-cache-size:1024 debug:false disable-kprobe-multi:false enable-export-aggregation:false enable-k8s-api:false enable-msg-handling-latency:false enable-pid-set-filter:false enable-pod-info:false enable-policy-filter:false enable-policy-filter-debug:false enable-process-ancestors:true enable-process-cred:false enable-process-ns:false enable-tracing-policy-crd:true event-queue-size:10000 export-aggregation-buffer-size:10000 export-aggregation-window-size:15s export-allowlist: export-denylist: export-file-compress:false export-file-max-backups:5 export-file-max-size-mb:10 export-file-perm:600 export-file-rotation-interval:0s export-filename: export-rate-limit:-1 expose-kernel-addresses:false expose-stack-addresses:false field-filters: force-large-progs:false force-small-progs:false generate-docs:false gops-address: health-server-address::6789 health-server-interval:10 k8s-kubeconfig-path: kernel: kmods:[] log-format:text log-level:info memprofile: metrics-label-filter:namespace,workload,pod,binary metrics-server: netns-dir:/var/run/docker/netns/ pprof-addr: process-cache-size:65536 procfs:/proc/ rb-queue-size:65535 rb-size:0 rb-size-total:0 redaction-filters: release-pinned-bpf:true server-address:localhost:54321 tracing-policy: tracing-policy-dir:/etc/tetragon/tetragon.tp.d username-metadata:disabled verbose:0]"
time="2024-06-27T15:24:41Z" level=info msg="Tetragon pid file creation succeeded" pid=140491 pidfile=/var/run/tetragon/tetragon.pid
time="2024-06-27T15:24:41Z" level=info msg="BPF detected features: override_return: true, buildid: true, kprobe_multi: false, uprobe_multi false, fmodret: true, fmodret_syscall: true, signal: true, large: true"
time="2024-06-27T15:24:41Z" level=info msg="BPF: successfully released pinned BPF programs and maps" bpf-dir=/sys/fs/bpf/tetragon
time="2024-06-27T15:24:41Z" level=info msg="BTF discovery: default kernel btf file found" btf-file=/sys/kernel/btf/vmlinux
time="2024-06-27T15:24:41Z" level=info msg="Cgroup mode detection succeeded" cgroup.fs=/sys/fs/cgroup cgroup.mode="Unified mode (Cgroupv2)"
time="2024-06-27T15:24:41Z" level=info msg="sensor controller waiting on channel"
time="2024-06-27T15:24:41Z" level=info msg="Supported cgroup controller 'memory' is active on the system" cgroup.controller.hierarchyID=0 cgroup.controller.index=4 cgroup.controller.name=memory cgroup.fs=/sys/fs/cgroup
time="2024-06-27T15:24:41Z" level=info msg="Supported cgroup controller 'pids' is active on the system" cgroup.controller.hierarchyID=0 cgroup.controller.index=11 cgroup.controller.name=pids cgroup.fs=/sys/fs/cgroup
time="2024-06-27T15:24:41Z" level=info msg="Supported cgroup controller 'cpuset' is active on the system" cgroup.controller.hierarchyID=0 cgroup.controller.index=0 cgroup.controller.name=cpuset cgroup.fs=/sys/fs/cgroup
time="2024-06-27T15:24:41Z" level=info msg="Cgroupv2 supported controllers detected successfully" cgroup.controllers="[cpuset cpu io memory hugetlb pids rdma]" cgroup.fs=/sys/fs/cgroup
time="2024-06-27T15:24:41Z" level=info msg="Cgroupv2 controller 'memory' will be used as a fallback for the default hierarchy" cgroup.controller.hierarchyID=0 cgroup.controller.index=4 cgroup.controller.name=memory cgroup.fs=/sys/fs/cgroup
time="2024-06-27T15:24:41Z" level=info msg="Cgroupv2 hierarchy validated successfully" cgroup.fs=/sys/fs/cgroup cgroup.path=/sys/fs/cgroup/docker/222ec284cd1d6167eaa6b4270fa5735dda870a0525b87cc002b560fced80e492
time="2024-06-27T15:24:41Z" level=info msg="Deployment mode detection succeeded" cgroup.fs=/sys/fs/cgroup deployment.mode=Container
time="2024-06-27T15:24:41Z" level=info msg="Updated TetragonConf map successfully" NSPID=140491 cgroup.controller.hierarchyID=0 cgroup.controller.index=4 cgroup.controller.name=memory cgroup.fs.magic=Cgroupv2 confmap-update=tg_conf_map deployment.mode=Container log.level=info
time="2024-06-27T15:24:41Z" level=info msg="Disabling Kubernetes API"
time="2024-06-27T15:24:41Z" level=info msg="Configured redaction filters" redactionFilters=
time="2024-06-27T15:24:41Z" level=info msg="Starting process manager" enableK8s=false enableProcessCred=false enableProcessNs=false
time="2024-06-27T15:24:41Z" level=info msg="Exporter configuration" enabled=false fileName=
time="2024-06-27T15:24:41Z" level=info msg="Successfully detected bpftool path" bpftool=/usr/bin/bpftool
time="2024-06-27T15:24:41Z" level=info msg="Successfully detected gops path" gops=/usr/bin/gops
time="2024-06-27T15:24:41Z" level=info msg="BPF: found active BPF resources" bpf-dir=/sys/fs/bpf/tetragon pinned-bpf="[tg_conf_map]"
time="2024-06-27T15:24:41Z" level=info msg="Starting gRPC health server" address=":6789" interval=10
time="2024-06-27T15:24:41Z" level=info msg="Starting gRPC server" address="localhost:54321" protocol=tcp
time="2024-06-27T15:24:41Z" level=info msg="Exit probe on acct_process"
time="2024-06-27T15:24:41Z" level=info msg="BTF file: using metadata file" metadata=/sys/kernel/btf/vmlinux
time="2024-06-27T15:24:41Z" level=info msg="Loading sensor" name=__base__
time="2024-06-27T15:24:41Z" level=info msg="Loading kernel version 6.6.31"
time="2024-06-27T15:24:41Z" level=info msg="tetragon, map loaded." map=execve_map path=/sys/fs/bpf/tetragon/execve_map sensor=__base__
time="2024-06-27T15:24:41Z" level=info msg="tetragon, map loaded." map=tg_execve_joined_info_map path=/sys/fs/bpf/tetragon/tg_execve_joined_info_map sensor=__base__
time="2024-06-27T15:24:41Z" level=info msg="tetragon, map loaded." map=execve_map_stats path=/sys/fs/bpf/tetragon/execve_map_stats sensor=__base__
time="2024-06-27T15:24:41Z" level=info msg="tetragon, map loaded." map=tg_execve_joined_info_map_stats path=/sys/fs/bpf/tetragon/tg_execve_joined_info_map_stats sensor=__base__
time="2024-06-27T15:24:41Z" level=info msg="tetragon, map loaded." map=execve_calls path=/sys/fs/bpf/tetragon/execve_calls sensor=__base__
time="2024-06-27T15:24:41Z" level=info msg="tetragon, map loaded." map=tcpmon_map path=/sys/fs/bpf/tetragon/tcpmon_map sensor=__base__
time="2024-06-27T15:24:41Z" level=info msg="tetragon, map loaded." map=tg_conf_map path=/sys/fs/bpf/tetragon/tg_conf_map sensor=__base__
time="2024-06-27T15:24:41Z" level=info msg="tetragon, map loaded." map=tg_stats_map path=/sys/fs/bpf/tetragon/tg_stats_map sensor=__base__
time="2024-06-27T15:24:41Z" level=info msg="Loading BPF program" Attach=acct_process Program=/var/lib/tetragon/bpf_exit.o Type=kprobe
time="2024-06-27T15:24:41Z" level=info msg="Loading BPF program" Attach=wake_up_new_task Program=/var/lib/tetragon/bpf_fork.o Type=kprobe
time="2024-06-27T15:24:41Z" level=info msg="Loading registered BPF probe" Attach=sched/sched_process_exec Program=/var/lib/tetragon/bpf_execve_event_v61.o Type=execve
time="2024-06-27T15:24:41Z" level=info msg="Read ProcFS /proc/ appended 175/229 entries"
time="2024-06-27T15:24:41Z" level=info msg="Loading BPF program" Attach=security_bprm_committing_creds Program=/var/lib/tetragon/bpf_execve_bprm_commit_creds.o Type=kprobe
time="2024-06-27T15:24:41Z" level=info msg="Loaded BPF maps and events for sensor successfully" sensor=__base__
time="2024-06-27T15:24:41Z" level=info msg="Cgroup rate disabled (0/0s)"
time="2024-06-27T15:24:41Z" level=info msg="sensor controller starts"
time="2024-06-27T15:24:41Z" level=info msg="Available sensors" sensors=
time="2024-06-27T15:24:41Z" level=info msg="Registered sensors (policy-handlers)" policy-handlers="loader sensor, tracing, enforcer, uprobe sensor"
time="2024-06-27T15:24:41Z" level=info msg="Registered probe types" types="execve, enforcer, generic_kprobe, generic_tracepoint, generic_uprobe, loader"
time="2024-06-27T15:24:41Z" level=warning msg="Kprobe spec pre-validation failed, but will continue with loading" error="type (long unsigned int) of argument 1 does not match spec type (uint32)\n" sensor=gkp-sensor-1
time="2024-06-27T15:24:41Z" level=info msg="Unloading sensor __base__"
time="2024-06-27T15:24:41Z" level=info msg="BPF prog was unloaded" label=kprobe/acct_process pin=event_exit
time="2024-06-27T15:24:41Z" level=info msg="BPF prog was unloaded" label=kprobe/wake_up_new_task pin=kprobe_pid_clear
time="2024-06-27T15:24:42Z" level=info msg="BPF prog was unloaded" label=tracepoint/sys_execve pin=event_execve
time="2024-06-27T15:24:42Z" level=info msg="BPF prog was unloaded" label=kprobe/security_bprm_committing_creds pin=tg_kp_bprm_committing_creds
time="2024-06-27T15:24:42Z" level=info msg="map was unloaded" map=execve_map pin=execve_map
time="2024-06-27T15:24:42Z" level=info msg="map was unloaded" map=tg_execve_joined_info_map pin=tg_execve_joined_info_map
time="2024-06-27T15:24:42Z" level=info msg="map was unloaded" map=execve_map_stats pin=execve_map_stats
time="2024-06-27T15:24:42Z" level=info msg="map was unloaded" map=tg_execve_joined_info_map_stats pin=tg_execve_joined_info_map_stats
time="2024-06-27T15:24:42Z" level=info msg="map was unloaded" map=execve_calls pin=execve_calls
time="2024-06-27T15:24:42Z" level=info msg="map was unloaded" map=tcpmon_map pin=tcpmon_map
time="2024-06-27T15:24:42Z" level=info msg="map was unloaded" map=tg_conf_map pin=tg_conf_map
time="2024-06-27T15:24:42Z" level=info msg="map was unloaded" map=tg_stats_map pin=tg_stats_map
time="2024-06-27T15:24:42Z" level=info msg="BPF events statistics: 0 received, 0% events loss"
time="2024-06-27T15:24:42Z" level=info msg="Observer events statistics" errors=0 filterDrop=0 filterPass=0 lost=0 received=0
time="2024-06-27T15:24:42Z" level=fatal msg="Failed to start tetragon" error="policy handler 'tracing' failed loading policy 'file-monitoring-filtered': validation failed: kprobe spec pre-validation failed: call \"security_path_truncate\" type name security_path_truncate: not found"
System Info:
- Docker version 26.1.4, build 5650f9b
- Darwin Kernel Version 23.5.0: Wed May 1 20:19:05 PDT 2024; root:xnu-10063.121.3~5/RELEASE_ARM64_T8112 arm64
I am not sure what I did wrong.
Hello, thanks for taking the time to write this issue. From what I can read I can see you are running Docker Desktop on macOS arm64 and it might be that the Linux kernel provided by Docker is missing the security_path_truncate function for some reason.
Could you try running it in a "proper" distro VM, like Ubuntu using lima? If Docker Desktop kernel was the problem, we can reach out to the Docker devs to tune the config, we already did in the past and that can be useful for them.
@mtardy Thanks for pointing out. It could be the Docker Desktop kernel. I will try to test on an actual Linux machine.
But, for now, I have just quickly tested with lima Ubuntu and got the following details:
~/D/t/test-tetragon ❯❯❯ lima nerdctl run --name tetragon-container --rm --pull always \
--pid=host --cgroupns=host --privileged \
-v ${PWD}/file_monitoring.yaml:/etc/tetragon/tetragon.tp.d/file_monitoring.yaml \
-v /sys/kernel/btf/vmlinux:/var/lib/tetragon/btf \
quay.io/cilium/tetragon-ci:latest
quay.io/cilium/tetragon-ci:latest: resolved |++++++++++++++++++++++++++++++++++++++|
index-sha256:fbe23d3fb0aec315a0c1e5bff55adb0bf19fdc99b9b7341d1c15b84567d2e23a: done |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:f0c6b66e38674a5067397d6550607128d59edd7cca67d1ac588e7165ab382d0c: done |++++++++++++++++++++++++++++++++++++++|
config-sha256:6dec64b4fe0ac92e8e81b604bd11bcafc23dc9394b761536b26b1e6b1d619fb9: done |++++++++++++++++++++++++++++++++++++++|
elapsed: 2.3 s total: 0.0 B (0.0 B/s)
time="2024-07-02T15:21:59Z" level=info msg="Starting tetragon" version=v1.2.0-pre.0-241-ge44f7dfc0
time="2024-07-02T15:21:59Z" level=info msg="config settings" config="map[bpf-lib:/var/lib/tetragon/ btf: cgroup-rate: config-dir: cpuprofile: data-cache-size:1024 debug:false disable-kprobe-multi:false enable-export-aggregation:false enable-k8s-api:false enable-msg-handling-latency:false enable-pid-set-filter:false enable-pod-info:false enable-policy-filter:false enable-policy-filter-debug:false enable-process-ancestors:true enable-process-cred:false enable-process-ns:false enable-tracing-policy-crd:true event-queue-size:10000 export-aggregation-buffer-size:10000 export-aggregation-window-size:15s export-allowlist: export-denylist: export-file-compress:false export-file-max-backups:5 export-file-max-size-mb:10 export-file-perm:600 export-file-rotation-interval:0s export-filename: export-rate-limit:-1 expose-kernel-addresses:false expose-stack-addresses:false field-filters: force-large-progs:false force-small-progs:false generate-docs:false gops-address: health-server-address::6789 health-server-interval:10 k8s-kubeconfig-path: kernel: kmods:[] log-format:text log-level:info memprofile: metrics-label-filter:namespace,workload,pod,binary metrics-server: netns-dir:/var/run/docker/netns/ pprof-addr: process-cache-size:65536 procfs:/proc/ rb-queue-size:65535 rb-size:0 rb-size-total:0 redaction-filters: release-pinned-bpf:true server-address:localhost:54321 tracing-policy: tracing-policy-dir:/etc/tetragon/tetragon.tp.d username-metadata:disabled verbose:0]"
time="2024-07-02T15:21:59Z" level=info msg="Tetragon current security context" AppArmor=unconfined Lockdown= SELinux=unconfined Smack=
time="2024-07-02T15:21:59Z" level=info msg="Tetragon pid file creation succeeded" pid=6856 pidfile=/var/run/tetragon/tetragon.pid
time="2024-07-02T15:21:59Z" level=error msg="detect modify return syscall" error="failed to load: load program: operation not permitted (MEMLOCK may be too low, consider rlimit.RemoveMemlock)"
time="2024-07-02T15:21:59Z" level=info msg="BPF detected features: override_return: false, buildid: false, kprobe_multi: false, uprobe_multi false, fmodret: false, fmodret_syscall: false, signal: false, large: false"
time="2024-07-02T15:21:59Z" level=info msg="Kernel does not support time namespaces" error="stat /proc/1/ns/time: permission denied"
time="2024-07-02T15:21:59Z" level=fatal msg="Failed to initialize host namespaces" error="namespace '/proc/1/ns/uts' readlink /proc/1/ns/uts: permission denied" procfs=/proc/
~/D/t/test-tetragon ❯❯❯ limactl shell default ✘ 1
zdk@lima-default:/Users/zdk/Developer/tmp/test-tetragon$ sudo bpftrace --info
System
OS: Linux 5.15.0-113-generic #123-Ubuntu SMP Mon Jun 10 08:16:46 UTC 2024
Arch: aarch64
Build
version: v0.14.0
LLVM: 11.1.0
ORC: v2
foreach_sym: yes
unsafe uprobe: no
bfd: no
bpf_attach_kfunc: yes
bcc_usdt_addsem: yes
bcc bpf_attach_uprobe refcount: yes
bcc library path resolution: yes
libbpf: yes
libbpf btf dump: yes
libbpf btf dump type decl: yes
libdw (DWARF support): no
Kernel helpers
probe_read: yes
probe_read_str: yes
probe_read_user: yes
probe_read_user_str: yes
probe_read_kernel: yes
probe_read_kernel_str: yes
get_current_cgroup_id: yes
send_signal: yes
override_return: yes
get_boot_ns: yes
dpath: yes
Kernel features
Instruction limit: 1000000
Loop support: yes
btf (depends on Build:libbpf): yes
map batch (depends on Build:libbpf): yes
uprobe refcount (depends on Build:bcc bpf_attach_uprobe refcount): yes
Map types
hash: yes
percpu hash: yes
array: yes
percpu array: yes
stack_trace: yes
perf_event_array: yes
Probe types
kprobe: yes
tracepoint: yes
perf_event: yes
kfunc: yes
iter:task: yes
iter:task_file: yes
Notes:
The lima Ubuntu vm is configured to start with the following config:
~/D/t/test-lima-ebpf ❯❯❯ cat ubuntu-vm.yml
images:
# Try to use release-yyyyMMdd image if available. Note that release-yyyyMMdd will be removed after several months.
- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-amd64.img"
arch: "x86_64"
- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-arm64.img"
arch: "aarch64"
mounts:
- location: "~"
writable: true
- location: "/tmp/lima"
writable: true
provision:
- mode: system
script: |
apt-get update
apt-get install -y apt-transport-https ca-certificates curl clang llvm jq
apt-get install -y libelf-dev libpcap-dev libbfd-dev binutils-dev build-essential make
apt-get install -y linux-tools-common linux-tools-5.15.0-41-generic bpfcc-tools
apt-get install -y python3-pip
apt-get install --yes bsdutils
apt-get install --yes build-essential
apt-get install --yes pkgconf
apt-get install --yes llvm-12 clang-12
apt-get install --yes clang-format-12
apt-get install --yes zlib1g-dev libelf-dev
apt-get install --yes protobuf-compiler
sudo apt-get install bpfcc-tools linux-headers-$(uname -r)
sudo snap install --devmode bpftrace
# it downloads binaries with version appended
# like llvm-strip-12, clang-12 etc
# bpf stuff uses plain names like llvm-strip, clang and fails
# to make them use this creating soft links with plain names
for tool in "clang" "llc" "llvm-strip"
do
path=$(which $tool-12)
sudo ln -s $path ${path%-*}
done
# uname -r returns kernel version
# need linux-tools for kernel specific
apt-get install --yes linux-tools-$(uname -r)
# keep gp off, self signed cert issue else it'll fail to download
# or add --no-check-certificate
wget --quiet https://golang.org/dl/go1.20.1.linux-arm64.tar.gz
tar -C /usr/local -xzf go1.20.1.linux-arm64.tar.gz
echo 'export PATH=$PATH:/usr/local/go/bin' >> ~/.profile
which works ok with this hello-world program:
zdk@lima-default:/Users/zdk/Developer/tmp/test-lima-ebpf$ cat hello-world.py
#!/usr/bin/python3
from bcc import BPF
program = """
int hello(void *ctx) {
bpf_trace_printk("Hello World!\\n");
return 0; }
"""
b = BPF(text=program)
syscall = b.get_syscall_fnname("execve")
b.attach_kprobe(event=syscall, fn_name="hello")
b.trace_print()
Output:
zdk@lima-default:/Users/zdk/Developer/tmp/test-lima-ebpf$ sudo python3 hello-world.py
b' <...>-7291 [000] d...1 963.817171: bpf_trace_printk: Hello World!'
b''
b' bash-7291 [000] d...1 963.819399: bpf_trace_printk: Hello World!'
b''
b' <...>-7292 [001] d...1 963.820278: bpf_trace_printk: Hello World!'
b''
b' <...>-7293 [002] d...1 963.821031: bpf_trace_printk: Hello World!'
b''
b' <...>-7294 [003] d...1 963.821753: bpf_trace_printk: Hello World!'
b''
b' <...>-7297 [003] d...1 963.827897: bpf_trace_printk: Hello World!'
b''
b' <...>-7298 [002] d...1 963.828236: bpf_trace_printk: Hello World!'
b''
b' <...>-7300 [002] d...1 963.828866: bpf_trace_printk: Hello World!'
b''
b' <...>-7301 [002] d...1 963.829558: bpf_trace_printk: Hello World!'
b''
b' <...>-7303 [002] d...1 968.753268: bpf_trace_printk: Hello World!'
b''
^CTraceback (most recent call last):
File "/Users/zdk/Developer/tmp/test-lima-ebpf/hello-world.py", line 11, in <module>
b.trace_print()
File "/usr/lib/python3/dist-packages/bcc/__init__.py", line 1332, in trace_print
line = self.trace_readline(nonblocking=False)
File "/usr/lib/python3/dist-packages/bcc/__init__.py", line 1312, in trace_readline
line = trace.readline(1024).rstrip()
KeyboardInterrupt
zdk@lima-default:/Users/zdk/Developer/tmp/test-lima-ebpf$ uname -r
5.15.0-113-generic
zdk@lima-default:/Users/zdk/Developer/tmp/test-lima-ebpf$ cat /etc/os-release
PRETTY_NAME="Ubuntu 22.04.4 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.4 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy
zdk@lima-default:/Users/zdk/Developer/tmp/test-lima-ebpf$ cat /proc/meminfo
MemTotal: 4004432 kB
MemFree: 226380 kB
MemAvailable: 3548912 kB
Buffers: 69692 kB
Cached: 3275476 kB
SwapCached: 0 kB
Active: 861368 kB
Inactive: 2585592 kB
Active(anon): 1300 kB
Inactive(anon): 113192 kB
Active(file): 860068 kB
Inactive(file): 2472400 kB
Unevictable: 30188 kB
Mlocked: 26188 kB
SwapTotal: 0 kB
SwapFree: 0 kB
Dirty: 0 kB
Writeback: 0 kB
AnonPages: 132004 kB
Mapped: 171648 kB
Shmem: 5316 kB
KReclaimable: 173896 kB
Slab: 234624 kB
SReclaimable: 173896 kB
SUnreclaim: 60728 kB
KernelStack: 3360 kB
PageTables: 3248 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
WritebackTmp: 0 kB
CommitLimit: 2002216 kB
Committed_AS: 736204 kB
VmallocTotal: 133143592960 kB
VmallocUsed: 17956 kB
VmallocChunk: 0 kB
Percpu: 2032 kB
HardwareCorrupted: 0 kB
AnonHugePages: 0 kB
ShmemHugePages: 0 kB
ShmemPmdMapped: 0 kB
FileHugePages: 0 kB
FilePmdMapped: 0 kB
CmaTotal: 32768 kB
CmaFree: 13740 kB
HugePages_Total: 0
HugePages_Free: 0
HugePages_Rsvd: 0
HugePages_Surp: 0
Hugepagesize: 2048 kB
Hugetlb: 0 kB
@mtardy
Just did the test on Ubuntu 22.04.4 LTS in AWS.
It seems working fine.
I'm closing the issue due to it's something more on container challenges on MacOS.