Eunomia  0.1.0
A lightweight eBPF-based CloudNative Monitor tool for Container Security and Observability
container_manager.h
Go to the documentation of this file.
1 #ifndef CONTAINER_MANAGER_EUNOMIA_H
2 #define CONTAINER_MANAGER_EUNOMIA_H
3 
4 #include <httplib.h>
5 #include <optional>
6 #include <mutex>
7 #include <shared_mutex>
8 #include <unordered_map>
9 
10 #include "model/tracker.h"
11 
12 extern "C"
13 {
14 #include <process/process.h>
15 }
16 
18 
21 class container_manager
22 {
23  public:
25  class container_tracking_handler : public event_handler<process_event>
26  {
27  container_manager &manager;
28 
29  public:
30  void handle(tracker_event<process_event> &e);
31  container_tracking_handler(container_manager &m) : manager(m)
32  {
33  }
34  };
35 
36  template<typename EVENT>
37  // use process tracker to track the processes created in the container
38  class container_info_handler : public event_handler<EVENT>
39  {
40  container_manager &manager;
41 
42  public:
43  void handle(tracker_event<EVENT> &e)
44  {
45  if (e.data.pid == 0) {
46  return;
47  }
48  // no container info; get it
49  e.ct_info = manager.get_container_info_for_pid(e.data.pid);
50  }
51  container_info_handler(container_manager &m) : manager(m){};
52  };
53 
54  container_manager();
55  // init the container info table
56  void init();
57  // get container info using the pid in root namespace
58  container_info get_container_info_for_pid(int pid) const;
59 
60  private:
61  // container client for getting container info
62  class container_client
63  {
64  private:
65  // for dockerd http api
66  httplib::Client dockerd_client;
67 
68  public:
69  // get all container info json string
70  std::string list_all_containers(void);
71  // get container process by id
72  std::string list_all_process_running_in_container(const std::string &container_id);
73  // get container info by id
74  std::string inspect_container(const std::string &container_id);
75  container_info get_os_container_info(void);
76  container_client();
77  };
78 
79  // for datas store in the container_info_map
80  struct process_container_info_data
81  {
82  common_event common;
83  container_info info;
84  };
85 
86  // used to store container info
87  // thread safe
88  class container_info_map
89  {
90  private:
91  // use rw lock to protect the map
92  mutable std::shared_mutex mutex_;
93  // pid -> container info
94  std::unordered_map<int, process_container_info_data> container_info_map__;
95 
96  public:
97  container_info_map() = default;
98  // insert a container info into the map
99  void insert(int pid, process_container_info_data info)
100  {
101  std::unique_lock<std::shared_mutex> lock(mutex_);
102  container_info_map__[pid] = info;
103  }
104  // get a container info from the map
105  std::optional<process_container_info_data> get(int pid) const
106  {
107  std::shared_lock<std::shared_mutex> lock(mutex_);
108  auto ct_info_p = container_info_map__.find(pid);
109  if (ct_info_p != container_info_map__.end())
110  {
111  return ct_info_p->second;
112  }
113  return std::nullopt;
114  }
115  // remove a pid related container info from the map
116  void remove(int pid)
117  {
118  std::unique_lock<std::shared_mutex> lock(mutex_);
119  container_info_map__.erase(pid);
120  }
121  };
122 
123  container_info_map info_map;
124  container_client client;
125 
126  // This is the default info for process not in the container
127  container_info os_info;
128 
129  void get_all_process_info(void);
130  // init the container info map for all running processes
131  void update_container_map_data(void);
132 };
133 
134 // helper functions
135 std::int64_t get_process_namespace(const char *type, int pid);
136 void fill_process_common_event(common_event &info, int pid);
137 
138 #endif
container_manager::container_info_handler::container_info_handler
container_info_handler(container_manager &m)
Definition: container_manager.h:51
tracker.h
os_info
Definition: btf_helpers.c:21
event_handler
the event handler for single type
Definition: event_handler.h:52
container_manager::get_container_info_for_pid
container_info get_container_info_for_pid(int pid) const
Definition: container.cpp:80
container_info
container info
Definition: container_info.h:32
tracker_event::ct_info
container_info ct_info
Definition: event_handler.h:34
container_manager
manager all container or k8s info
Definition: container_manager.h:21
container_manager::container_tracking_handler
use process tracker to track the processes created in the container
Definition: container_manager.h:25
fill_process_common_event
void fill_process_common_event(common_event &info, int pid)
get_process_namespace
std::int64_t get_process_namespace(const char *type, int pid)
Definition: container.cpp:105
container_manager::container_manager
container_manager()
Definition: container.cpp:101
container_manager::container_tracking_handler::container_tracking_handler
container_tracking_handler(container_manager &m)
Definition: container_manager.h:31
container_manager::container_info_handler
Definition: container_manager.h:38
tracker_event
the basic event type
Definition: event_handler.h:31
container_manager::container_info_handler::handle
void handle(tracker_event< EVENT > &e)
implement this function to handle the event
Definition: container_manager.h:43
tracker_event::data
T data
Definition: event_handler.h:33
container_manager::init
void init()
Definition: container.cpp:90
container_manager::container_tracking_handler::handle
void handle(tracker_event< process_event > &e)
implement this function to handle the event
Definition: container.cpp:218