ps_mem icon indicating copy to clipboard operation
ps_mem copied to clipboard

Published 20 hours ago verified publisher icon pixelb

Accurate reporting for host machine - when inside a docker container

Open gotjoshua opened this issue 6 years ago • 5 comments

I was trying to use ps_mem inside a glances container to write logs in response to alerts. The glances docker container that I ran ps_mem inside of has full access to the host and shows processes correctly. Unfortunately, ps_mem did not list the actual processes from the host.

Is there a trick to make this work as is? or would it be a feature request?

gotjoshua avatar Feb 03 '19 16:02 gotjoshua

If there was a way to get the pids associated with the container, one could pass them to ps_mem -p pid1,pid2. If glances operates in a separate pid namespace, one might be able to remount /proc within that container to get the PID subset?

pixelb avatar Feb 04 '19 01:02 pixelb

Hi, thanks for the reply!

I did try that strategy (getting the pids from ps and then passing them to ps_mem via ps_mem -p pid1,pid2 but the output was empty... most likely, due the missing /proc

is that safe to just mount the host's proc folder into a container?

You can't mount to /proc.

Or can you suggest precisely where to mount it to?

gotjoshua avatar Feb 06 '19 10:02 gotjoshua

You should be able to mount /proc and need it available

pixelb avatar Feb 06 '19 21:02 pixelb

i tried

volumes:
 - /proc/:/proc/

and got an error

do you have another suggestion where to mount it and how to tell ps_mem where to look for it?

gotjoshua avatar Feb 07 '19 07:02 gotjoshua

You'll need to run the glances container with --pid host for it to not have a separate PID namespace (as mentioned in their docs).

NHellFire avatar Sep 11 '20 22:09 NHellFire