Difference between revisions of "Processes scope and visibility"
m (→Hide container processes from host completely) |
m (vzprocps-perl) |
||
Line 80: | Line 80: | ||
Take <code>vzprocps</code> tools from http://download.openvz.org/contrib/utils/. | Take <code>vzprocps</code> tools from http://download.openvz.org/contrib/utils/. | ||
These are usual <code>ps</code> and <code>top</code> utilities (named <code>vztop</code> and <code>vzps</code> to not conflict with the standard ones) with an <code>-E</code> option added. You can use <code>-E <i>CTID</i></code> option to limit the output to the selected CTID (use 0 for the host system), or just <code>-E</code> without an argument to just add CTID column to output. | These are usual <code>ps</code> and <code>top</code> utilities (named <code>vztop</code> and <code>vzps</code> to not conflict with the standard ones) with an <code>-E</code> option added. You can use <code>-E <i>CTID</i></code> option to limit the output to the selected CTID (use 0 for the host system), or just <code>-E</code> without an argument to just add CTID column to output. | ||
+ | |||
+ | === Use vzprocps-perl tools === | ||
+ | Take <code>vzprocps-perl</code> tools from http://sourceforge.net/p/vzprocpsperl/wiki/vzprocps-perl/. | ||
+ | Write in Perl with basics functions. | ||
+ | Can be used in x86_64 architecture. | ||
== See also == | == See also == |
Revision as of 15:50, 22 February 2013
This HOWTO shows how OpenVZ hardware node administrator can see a processes belonging to the host system only, or to a particular container.
Contents
Problem
From CT0 one can see all the processes running on the system; that includes all the processes of all containers and the processes of the host system itself. Sometimes you just want to see the processes from the host system only. Sometimes you just want to see the processes from a particular container.
There are many ways to achieve it.
Solutions
Hide container processes from host completely
It is possible to hide other CT's processes from CT0. For this just enable kernel.pid_ns_hide_child sysctl parameter:
sysctl -w 'kernel.pid_ns_hide_child=1'
and restart all containers. To make setting permanent put into /etc/sysctl.conf following line:
kernel.pid_ns_hide_child=1
After this ps or htop or top do not show anymore other container processes.
"Poor man's vzps in bash"
Use the following script by aistis, broken by Kir, fixed by Hvdkamer.
First argument is CT ID (0 for the host system), all the remaining arguments are passed to ps(1)
utility.
#!/bin/bash # Usage: ./ovzps CTID [ps flags ...] function find_container_pids(){ local pid local myctid=$1 local ctpids= for pid in $ALLPIDS; do [ -f /proc/$pid/status ] || continue ctid=`grep envID /proc/$pid/status | awk -F: '{print $2}'` if [ ${ctid} = ${myctid} ]; then ctpids="$ctpids $pid" fi done echo "$ctpids" } ALLPIDS=`ps -A -o pid --no-headers` CTPIDS=`find_container_pids $1` shift if [ -n "${CTPIDS}" ]; then ps $* -p $CTPIDS else exit 0 fi
A faster version:
#! /bin/bash # Usage: ovzps <CTID> [ps flags ...] ctid=${1:-0} shift ps $* -p $(grep -l "^envID:[[:space:]]*$ctid\$" /proc/[0-9]*/status | sed -e 's=/proc/\([0-9]*\)/.*=\1=')
Use vzprocps tools
Take vzprocps
tools from http://download.openvz.org/contrib/utils/.
These are usual ps
and top
utilities (named vztop
and vzps
to not conflict with the standard ones) with an -E
option added. You can use -E CTID
option to limit the output to the selected CTID (use 0 for the host system), or just -E
without an argument to just add CTID column to output.
Use vzprocps-perl tools
Take vzprocps-perl
tools from http://sourceforge.net/p/vzprocpsperl/wiki/vzprocps-perl/.
Write in Perl with basics functions.
Can be used in x86_64 architecture.