straceの使い方と/procディレクトリに関するメモ。
straceはプロセスが読ぶシステムコールをトレースするユーティリティ。内部的にはptraceというシステムコールを使っている。
コマンドを引数で渡す。
root@cks-master:~# strace ls execve("/bin/ls", ["ls"], 0x7ffe73f3b4d0 /* 22 vars */) = 0 brk(NULL) = 0x563d29d00000 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=24038, ...}) = 0 mmap(NULL, 24038, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fabe934d000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20b\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0644, st_size=154832, ...}) = 0 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fabe934b000 mmap(NULL, 2259152, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fabe8f04000 mprotect(0x7fabe8f29000, 2093056, PROT_NONE) = 0 mmap(0x7fabe9128000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x24000) = 0x7fabe9128000 mmap(0x7fabe912a000, 6352, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fabe912a000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\34\2\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=2030544, ...}) = 0 mmap(NULL, 4131552, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fabe8b13000 mprotect(0x7fabe8cfa000, 2097152, PROT_NONE) = 0 mmap(0x7fabe8efa000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1e7000) = 0x7fabe8efa000 mmap(0x7fabe8f00000, 15072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fabe8f00000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpcre.so.3", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \25\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0644, st_size=464824, ...}) = 0 mmap(NULL, 2560264, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fabe88a1000 mprotect(0x7fabe8911000, 2097152, PROT_NONE) = 0 mmap(0x7fabe8b11000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x70000) = 0x7fabe8b11000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\16\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0644, st_size=14560, ...}) = 0 mmap(NULL, 2109712, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fabe869d000 mprotect(0x7fabe86a0000, 2093056, PROT_NONE) = 0 mmap(0x7fabe889f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7fabe889f000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000b\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=144976, ...}) = 0 mmap(NULL, 2221184, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fabe847e000 mprotect(0x7fabe8498000, 2093056, PROT_NONE) = 0 mmap(0x7fabe8697000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19000) = 0x7fabe8697000 mmap(0x7fabe8699000, 13440, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fabe8699000 close(3) = 0 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fabe9349000 arch_prctl(ARCH_SET_FS, 0x7fabe934a040) = 0 mprotect(0x7fabe8efa000, 16384, PROT_READ) = 0 mprotect(0x7fabe8697000, 4096, PROT_READ) = 0 mprotect(0x7fabe889f000, 4096, PROT_READ) = 0 mprotect(0x7fabe8b11000, 4096, PROT_READ) = 0 mprotect(0x7fabe9128000, 4096, PROT_READ) = 0 mprotect(0x563d28b69000, 8192, PROT_READ) = 0 mprotect(0x7fabe9353000, 4096, PROT_READ) = 0 munmap(0x7fabe934d000, 24038) = 0 set_tid_address(0x7fabe934a310) = 12213 set_robust_list(0x7fabe934a320, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7fabe8483cb0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7fabe84908a0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7fabe8483d50, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fabe84908a0}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 statfs("/sys/fs/selinux", 0x7ffc153da790) = -1 ENOENT (No such file or directory) statfs("/selinux", 0x7ffc153da790) = -1 ENOENT (No such file or directory) brk(NULL) = 0x563d29d00000 brk(0x563d29d21000) = 0x563d29d21000 openat(AT_FDCWD, "/proc/filesystems", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 read(3, "nodev\tsysfs\nnodev\ttmpfs\nnodev\tbd"..., 1024) = 407 read(3, "", 1024) = 0 close(3) = 0 access("/etc/selinux/config", F_OK) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=1683056, ...}) = 0 mmap(NULL, 1683056, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fabe91ae000 close(3) = 0 openat(AT_FDCWD, "/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=2995, ...}) = 0 read(3, "# Locale name alias data base.\n#"..., 4096) = 2995 read(3, "", 4096) = 0 close(3) = 0 openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_IDENTIFICATION", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=252, ...}) = 0 mmap(NULL, 252, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fabe9352000 close(3) = 0 openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=26376, ...}) = 0 mmap(NULL, 26376, PROT_READ, MAP_SHARED, 3, 0) = 0x7fabe91a7000 close(3) = 0 futex(0x7fabe8effa08, FUTEX_WAKE_PRIVATE, 2147483647) = 0 openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_MEASUREMENT", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=23, ...}) = 0 mmap(NULL, 23, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fabe9351000 close(3) = 0 openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_TELEPHONE", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=47, ...}) = 0 mmap(NULL, 47, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fabe9350000 close(3) = 0 openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_ADDRESS", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=131, ...}) = 0 mmap(NULL, 131, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fabe934f000 close(3) = 0 openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_NAME", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=62, ...}) = 0 mmap(NULL, 62, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fabe934e000 close(3) = 0 openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_PAPER", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=34, ...}) = 0 mmap(NULL, 34, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fabe934d000 close(3) = 0 openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_MESSAGES", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 close(3) = 0 openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_MESSAGES/SYS_LC_MESSAGES", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=48, ...}) = 0 mmap(NULL, 48, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fabe91a6000 close(3) = 0 openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_MONETARY", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=270, ...}) = 0 mmap(NULL, 270, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fabe91a5000 close(3) = 0 openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_COLLATE", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=1516558, ...}) = 0 mmap(NULL, 1516558, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fabe830b000 close(3) = 0 openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_TIME", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=3360, ...}) = 0 mmap(NULL, 3360, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fabe91a4000 close(3) = 0 openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_NUMERIC", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=50, ...}) = 0 mmap(NULL, 50, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fabe91a3000 close(3) = 0 openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_CTYPE", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=199772, ...}) = 0 mmap(NULL, 199772, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fabe9172000 close(3) = 0 ioctl(1, TCGETS, {B38400 opost isig icanon echo ...}) = 0 ioctl(1, TIOCGWINSZ, {ws_row=32, ws_col=162, ws_xpixel=2268, ws_ypixel=1088}) = 0 openat(AT_FDCWD, ".", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 getdents(3, /* 16 entries */, 32768) = 536 getdents(3, /* 0 entries */, 32768) = 0 close(3) = 0 fstat(1, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 0), ...}) = 0 write(1, "Dockerfile app.go cks-course-e"..., 103Dockerfile app.go cks-course-environment constraint.yaml flask-sample.yaml pod.yaml template.yaml ) = 103 close(1) = 0 close(2) = 0 exit_group(0) = ? +++ exited with 0 +++
結果をサマライズする。
root@cks-master:~# strace -cw ls Dockerfile app.go cks-course-environment constraint.yaml flask-sample.yaml pod.yaml template.yaml % time seconds usecs/call calls errors syscall ------ ----------- ----------- --------- --------- ---------------- 20.27 0.001346 45 30 mmap 15.78 0.001048 44 24 openat 14.55 0.000966 39 25 fstat 14.16 0.000940 36 26 close 8.84 0.000587 49 12 mprotect 5.99 0.000398 44 9 read 5.29 0.000351 44 8 8 access 3.58 0.000238 238 1 execve 1.78 0.000118 39 3 brk 1.39 0.000092 46 2 2 statfs 1.28 0.000085 43 2 getdents 1.08 0.000072 36 2 rt_sigaction 1.04 0.000069 35 2 ioctl 0.87 0.000058 58 1 munmap 0.80 0.000053 53 1 arch_prctl 0.63 0.000042 42 1 write 0.56 0.000037 37 1 rt_sigprocmask 0.54 0.000036 36 1 futex 0.53 0.000035 35 1 set_tid_address 0.53 0.000035 35 1 prlimit64 0.51 0.000034 34 1 set_robust_list ------ ----------- ----------- --------- --------- ---------------- 100.00 0.006640 154 10 total
動いているプロセスのpidを指定する。
root@cks-master:~# strace -p 3283 strace: Process 3283 attached restart_syscall(<... resuming interrupted futex ...>) = -1 ETIMEDOUT (Connection timed out) futex(0x1ac6130, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0x1ac6030, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0xc00005e848, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0xc00005e4c8, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0x1aca080, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=34889902}) = -1 ETIMEDOUT (Connection timed out) futex(0x1ac6130, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0xc00005e4c8, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0xc00005e848, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0x1aca080, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=39489331}) = -1 ETIMEDOUT (Connection timed out) futex(0x1ac6130, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0xc00005e848, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0xc00005e4c8, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0x1aca080, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=28338345}) = -1 ETIMEDOUT (Connection timed out) futex(0x1ac6130, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0x1ac6030, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0xc00005e848, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0xc00005e4c8, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0x1aca080, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=30285857}) = -1 ETIMEDOUT (Connection timed out) futex(0x1ac6130, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0x1ac6030, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0xc00005e4c8, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0xc00005e848, FUTEX_WAKE_PRIVATE, 1) = 1 futex(0x1aca080, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=12162656}) = -1 ETIMEDOUT (Connection timed out) (tail状態になる)
動いているプロセスのpidを指定し、そのサブプロレス(フォーク)もトレースする。
root@cks-master:~# strace -p 3283 -f strace: Process 3283 attached with 13 threads [pid 3952] futex(0x1ae3038, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...> [pid 3907] futex(0xc00005ebc8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...> [pid 3692] futex(0xc0001d92c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...> [pid 3661] futex(0x1ae3120, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...> [pid 3283] restart_syscall(<... resuming interrupted futex ...> <unfinished ...> [pid 4453] futex(0xc0012d7648, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...> [pid 3660] futex(0xc00017b2c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...> [pid 3667] restart_syscall(<... resuming interrupted futex ...> <unfinished ...> [pid 3954] epoll_pwait(4, <unfinished ...> [pid 3546] restart_syscall(<... resuming interrupted futex ...> <unfinished ...> [pid 3953] futex(0xc0000f7648, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...> [pid 3547] futex(0xc00005e4c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...> [pid 3548] futex(0xc00005e848, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...> [pid 3283] <... restart_syscall resumed> ) = -1 ETIMEDOUT (Connection timed out) [pid 3283] futex(0x1ac6130, FUTEX_WAKE_PRIVATE, 1) = 1 [pid 3283] futex(0xc00005e848, FUTEX_WAKE_PRIVATE, 1 <unfinished ...> [pid 3546] <... restart_syscall resumed> ) = 0 [pid 3283] <... futex resumed> ) = 1 [pid 3546] nanosleep({tv_sec=0, tv_nsec=20000}, <unfinished ...> [pid 3283] futex(0x1aca080, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=27616109} <unfinished ...> [pid 3548] <... futex resumed> ) = 0 [pid 3548] futex(0xc00005e848, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...> [pid 3546] <... nanosleep resumed> NULL) = 0 [pid 3546] futex(0x1ac6130, FUTEX_WAIT_PRIVATE, 0, {tv_sec=60, tv_nsec=0} <unfinished ...> [pid 3667] <... restart_syscall resumed> ) = -1 ETIMEDOUT (Connection timed out) [pid 3667] futex(0x1ac6130, FUTEX_WAKE_PRIVATE, 1) = 1 (tail状態になる)
動いているプロセスのpidを指定し、そのサブプロレス(フォーク)もトレースし、サマライズする。動かしている間のシステムコールをトレースできる。
root@cks-master:~# strace -p 3283 -f -cw strace: Process 3283 attached with 13 threads ←しばらく待ってからCtrl+C ^Cstrace: Process 3283 detached strace: Process 3546 detached strace: Process 3547 detached strace: Process 3548 detached strace: Process 3660 detached strace: Process 3661 detached strace: Process 3667 detached strace: Process 3692 detached strace: Process 3907 detached strace: Process 3952 detached strace: Process 3953 detached strace: Process 3954 detached strace: Process 4453 detached % time seconds usecs/call calls errors syscall ------ ----------- ----------- --------- --------- ---------------- 84.96 33.724390 15848 2128 309 futex 13.96 5.542960 19313 287 epoll_pwait 0.50 0.196554 198 994 nanosleep 0.34 0.135043 45014 3 2 restart_syscall 0.11 0.043238 1441 30 fdatasync 0.09 0.034558 142 244 write 0.03 0.011823 56 212 101 read 0.01 0.002064 53 39 pwrite64 0.00 0.000889 34 26 sched_yield 0.00 0.000453 32 14 lseek 0.00 0.000356 45 8 4 epoll_ctl 0.00 0.000323 81 4 2 accept4 0.00 0.000265 53 5 setsockopt 0.00 0.000217 54 4 close 0.00 0.000180 45 4 getrandom 0.00 0.000121 61 2 fstat 0.00 0.000103 52 2 openat 0.00 0.000047 24 2 getsockname ------ ----------- ----------- --------- --------- ---------------- 100.00 39.693584 4008 418 total
/proc/<pid>
ディレクトリを見てみる。exe
が実際に実行されているバイナリ。
root@cks-master:~# cd /proc/3283 root@cks-master:/proc/3283# ls arch_status cgroup coredump_filter exe io maps mountstats oom_adj patch_state sched smaps statm timers attr clear_refs cpuset fd limits mem net oom_score personality schedstat smaps_rollup status timerslack_ns autogroup cmdline cwd fdinfo loginuid mountinfo ns oom_score_adj projid_map sessionid stack syscall uid_map auxv comm environ gid_map map_files mounts numa_maps pagemap root setgroups stat task wchan root@cks-master:/proc/3283# ls -lh exe lrwxrwxrwx 1 root root 0 Jan 2 21:27 exe -> /usr/local/bin/etcd
開いているファイルを確認する。
root@cks-master:/proc/3283# cd fd root@cks-master:/proc/3283/fd# ls 0 11 14 17 2 22 25 28 30 33 36 39 41 44 47 5 52 55 58 60 63 66 69 71 74 77 8 82 85 9 1 12 15 18 20 23 26 29 31 34 37 4 42 45 48 50 53 56 59 61 64 67 7 72 75 78 80 83 86 10 13 16 19 21 24 27 3 32 35 38 40 43 46 49 51 54 57 6 62 65 68 70 73 76 79 81 84 87 root@cks-master:/proc/3283/fd# ls -lh total 0 lrwx------ 1 root root 64 Jan 2 21:27 0 -> /dev/null l-wx------ 1 root root 64 Jan 2 21:27 1 -> 'pipe:[28631]' l-wx------ 1 root root 64 Jan 2 21:27 10 -> /var/lib/etcd/member/wal/0.tmp lrwx------ 1 root root 64 Jan 2 21:28 11 -> 'socket:[30456]' lrwx------ 1 root root 64 Jan 2 21:28 12 -> 'socket:[31390]' lrwx------ 1 root root 64 Jan 2 21:28 13 -> 'socket:[30459]' lrwx------ 1 root root 64 Jan 2 21:28 14 -> 'socket:[31391]' lrwx------ 1 root root 64 Jan 2 21:28 15 -> 'socket:[31393]' lrwx------ 1 root root 64 Jan 2 21:28 16 -> 'socket:[30460]' lrwx------ 1 root root 64 Jan 2 21:28 17 -> 'socket:[31396]' lrwx------ 1 root root 64 Jan 2 21:28 18 -> 'socket:[30461]' lrwx------ 1 root root 64 Jan 2 21:28 19 -> 'socket:[30470]' l-wx------ 1 root root 64 Jan 2 21:27 2 -> 'pipe:[28632]' lrwx------ 1 root root 64 Jan 2 21:28 20 -> 'socket:[30464]' lrwx------ 1 root root 64 Jan 2 21:28 21 -> 'socket:[30473]' lrwx------ 1 root root 64 Jan 2 21:28 22 -> 'socket:[30476]' lrwx------ 1 root root 64 Jan 2 21:28 23 -> 'socket:[30479]' lrwx------ 1 root root 64 Jan 2 21:28 24 -> 'socket:[30482]' lrwx------ 1 root root 64 Jan 2 21:28 25 -> 'socket:[30485]' lrwx------ 1 root root 64 Jan 2 21:28 26 -> 'socket:[30488]' lrwx------ 1 root root 64 Jan 2 21:28 27 -> 'socket:[30491]' lrwx------ 1 root root 64 Jan 2 21:28 28 -> 'socket:[30494]' lrwx------ 1 root root 64 Jan 2 21:28 29 -> 'socket:[30497]' lrwx------ 1 root root 64 Jan 2 21:27 3 -> 'socket:[30977]' lrwx------ 1 root root 64 Jan 2 21:28 30 -> 'socket:[30500]' lrwx------ 1 root root 64 Jan 2 21:28 31 -> 'socket:[30503]' lrwx------ 1 root root 64 Jan 2 21:28 32 -> 'socket:[30506]' lrwx------ 1 root root 64 Jan 2 21:28 33 -> 'socket:[30509]' lrwx------ 1 root root 64 Jan 2 21:28 34 -> 'socket:[30512]' lrwx------ 1 root root 64 Jan 2 21:28 35 -> 'socket:[30515]' lrwx------ 1 root root 64 Jan 2 21:28 36 -> 'socket:[30518]' lrwx------ 1 root root 64 Jan 2 21:28 37 -> 'socket:[30521]' lrwx------ 1 root root 64 Jan 2 21:28 38 -> 'socket:[30524]' lrwx------ 1 root root 64 Jan 2 21:28 39 -> 'socket:[30527]' lrwx------ 1 root root 64 Jan 2 21:27 4 -> 'anon_inode:[eventpoll]' lrwx------ 1 root root 64 Jan 2 21:28 40 -> 'socket:[30530]' lrwx------ 1 root root 64 Jan 2 21:28 41 -> 'socket:[30533]' lrwx------ 1 root root 64 Jan 2 21:28 42 -> 'socket:[30536]' lrwx------ 1 root root 64 Jan 2 21:28 43 -> 'socket:[30539]' lrwx------ 1 root root 64 Jan 2 21:28 44 -> 'socket:[30542]' lrwx------ 1 root root 64 Jan 2 21:28 45 -> 'socket:[30545]' lrwx------ 1 root root 64 Jan 2 21:28 46 -> 'socket:[30548]' lrwx------ 1 root root 64 Jan 2 21:28 47 -> 'socket:[30551]' lrwx------ 1 root root 64 Jan 2 21:28 48 -> 'socket:[30554]' lrwx------ 1 root root 64 Jan 2 21:28 49 -> 'socket:[30557]' lrwx------ 1 root root 64 Jan 2 21:27 5 -> 'socket:[30176]' lrwx------ 1 root root 64 Jan 2 21:28 50 -> 'socket:[30560]' lrwx------ 1 root root 64 Jan 2 21:28 51 -> 'socket:[30563]' lrwx------ 1 root root 64 Jan 2 21:28 52 -> 'socket:[30566]' lrwx------ 1 root root 64 Jan 2 21:28 53 -> 'socket:[30569]' lrwx------ 1 root root 64 Jan 2 21:28 54 -> 'socket:[30572]' lrwx------ 1 root root 64 Jan 2 21:28 55 -> 'socket:[30575]' lrwx------ 1 root root 64 Jan 2 21:28 56 -> 'socket:[30578]' lrwx------ 1 root root 64 Jan 2 21:28 57 -> 'socket:[30581]' lrwx------ 1 root root 64 Jan 2 21:28 58 -> 'socket:[30584]' lrwx------ 1 root root 64 Jan 2 21:28 59 -> 'socket:[30587]' lrwx------ 1 root root 64 Jan 2 21:27 6 -> 'socket:[30177]' lrwx------ 1 root root 64 Jan 2 21:28 60 -> 'socket:[30590]' lrwx------ 1 root root 64 Jan 2 21:28 61 -> 'socket:[30593]' lrwx------ 1 root root 64 Jan 2 21:28 62 -> 'socket:[30596]' lrwx------ 1 root root 64 Jan 2 21:28 63 -> 'socket:[30599]' lrwx------ 1 root root 64 Jan 2 21:28 64 -> 'socket:[30602]' lrwx------ 1 root root 64 Jan 2 21:28 65 -> 'socket:[30605]' lrwx------ 1 root root 64 Jan 2 21:28 66 -> 'socket:[30608]' lrwx------ 1 root root 64 Jan 2 21:28 67 -> 'socket:[30611]' lrwx------ 1 root root 64 Jan 2 21:28 68 -> 'socket:[30614]' lrwx------ 1 root root 64 Jan 2 21:28 69 -> 'socket:[31421]' lrwx------ 1 root root 64 Jan 2 21:27 7 -> /var/lib/etcd/member/snap/db lrwx------ 1 root root 64 Jan 2 21:28 70 -> 'socket:[30618]' lrwx------ 1 root root 64 Jan 2 21:28 71 -> 'socket:[30621]' lrwx------ 1 root root 64 Jan 2 21:28 72 -> 'socket:[30624]' lrwx------ 1 root root 64 Jan 2 21:28 73 -> 'socket:[30627]' lrwx------ 1 root root 64 Jan 2 21:28 74 -> 'socket:[31423]' lrwx------ 1 root root 64 Jan 2 21:28 75 -> 'socket:[31426]' lrwx------ 1 root root 64 Jan 2 21:28 76 -> 'socket:[31429]' lrwx------ 1 root root 64 Jan 2 21:28 77 -> 'socket:[30630]' lrwx------ 1 root root 64 Jan 2 21:28 78 -> 'socket:[30632]' lrwx------ 1 root root 64 Jan 2 21:28 79 -> 'socket:[30634]' lrwx------ 1 root root 64 Jan 2 21:27 8 -> /var/lib/etcd/member/wal/0000000000000002-000000000002cae7.wal lrwx------ 1 root root 64 Jan 2 21:28 80 -> 'socket:[30646]' lrwx------ 1 root root 64 Jan 2 21:28 81 -> 'socket:[31436]' lrwx------ 1 root root 64 Jan 2 21:28 82 -> 'socket:[31439]' lrwx------ 1 root root 64 Jan 2 21:28 83 -> 'socket:[31442]' lrwx------ 1 root root 64 Jan 2 21:28 84 -> 'socket:[31445]' lrwx------ 1 root root 64 Jan 2 21:28 85 -> 'socket:[31448]' lrwx------ 1 root root 64 Jan 2 21:28 86 -> 'socket:[31451]' lrwx------ 1 root root 64 Jan 2 21:28 87 -> 'socket:[31454]' lr-x------ 1 root root 64 Jan 2 21:27 9 -> /var/lib/etcd/member/wal
etcdのdbはエンコードされていないファイルなので、読み取りができる。
root@cks-master:/proc/3283/fd# k create secret generic credit-card --from-literal=cc=1111222233334444 secret/credit-card created root@cks-master:/proc/3283/fd# cat 7 | strings | grep credit-card -A10 -B10 Lease kube-scheduler kube-system" *$a6985437-4bd3-4951-ab54-d08159cde7e12 kube-scheduler Update coordination.k8s.io/v1" FieldsV1:| z{"f:spec":{"f:acquireTime":{},"f:holderIdentity":{},"f:leaseDurationSeconds":{},"f:leaseTransitions":{},"f:renewTime":{}}} /cks-master_74372466-fda1-4b64-a1e9-33677d3e2cc6 %/registry/secrets/default/credit-card Secret credit-card default" *$6fb06dd0-8137-42b0-8154-a5e73a584db62 kubectl-create Update FieldsV1:+ ){"f:data":{".":{},"f:cc":{}},"f:type":{}} 1111222233334444 Opaque @/registry/services/endpoints/kube-system/kube-controller-manager Endpoints
apiVersion: v1 kind: Pod metadata: creationTimestamp: null labels: run: apache name: apache spec: containers: - image: httpd name: apache resources: {} env: - name: SECRET value: "5555666677778888" dnsPolicy: ClusterFirst restartPolicy: Always status: {}
root@cks-master:~# k apply -f pod.yaml pod/apathe created
環境変数をコンテナの中から確認する。
root@cks-master:~# k exec -it apache -- env PATH=/usr/local/apache2/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin HOSTNAME=apache TERM=xterm SECRET=5555666677778888 KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443 KUBERNETES_PORT_443_TCP_PROTO=tcp KUBERNETES_PORT_443_TCP_PORT=443 KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1 KUBERNETES_SERVICE_HOST=10.96.0.1 KUBERNETES_SERVICE_PORT=443 KUBERNETES_SERVICE_PORT_HTTPS=443 KUBERNETES_PORT=tcp://10.96.0.1:443 HTTPD_PREFIX=/usr/local/apache2 HTTPD_VERSION=2.4.46 HTTPD_SHA256=740eddf6e1c641992b22359cabc66e6325868c3c5e2e3f98faf349b61ecf41ea HTTPD_PATCHES= HOME=/root
Workerノードでプロセスを確認する。
root@cks-worker:~# docker ps | grep apache 0f8159e4e139 httpd "httpd-foreground" 3 minutes ago Up 3 minutes k8s_apache_apache_default_1242dd92-096b-48e7-a1e5-d22fd4f9825f_0 3a778b3a661d k8s.gcr.io/pause:3.2 "/pause" 3 minutes ago Up 3 minutes k8s_POD_apache_default_1242dd92-096b-48e7-a1e5-d22fd4f9825f_0 root@cks-worker:~# ps aux | grep httpd root 18613 0.0 0.1 5936 4496 ? Ss 22:11 0:00 httpd -DFOREGROUND daemon 18652 0.0 0.0 1210604 3456 ? Sl 22:11 0:00 httpd -DFOREGROUND daemon 18653 0.0 0.0 1210604 3456 ? Sl 22:11 0:00 httpd -DFOREGROUND daemon 18654 0.0 0.0 1210604 3456 ? Sl 22:11 0:00 httpd -DFOREGROUND root 19983 0.0 0.0 14852 1028 pts/0 S+ 22:14 0:00 grep --color=auto httpd
pstree
という便利なコマンドもある。
root@cks-worker:~# pstree -p 18613 httpd(18613)─┬─httpd(18652)─┬─{httpd}(18656) │ ├─{httpd}(18657) │ ├─{httpd}(18658) │ ├─{httpd}(18659) │ ├─{httpd}(18660) │ ├─{httpd}(18661) │ ├─{httpd}(18662) │ ├─{httpd}(18663) │ ├─{httpd}(18664) │ ├─{httpd}(18665) │ ├─{httpd}(18666) │ ├─{httpd}(18667) │ ├─{httpd}(18668) │ ├─{httpd}(18669) │ ├─{httpd}(18672) │ ├─{httpd}(18673) │ ├─{httpd}(18674) │ ├─{httpd}(18675) │ ├─{httpd}(18676) │ ├─{httpd}(18677) │ ├─{httpd}(18678) │ ├─{httpd}(18679) │ ├─{httpd}(18680) │ ├─{httpd}(18681) │ ├─{httpd}(18682) │ └─{httpd}(18683) ├─httpd(18653)─┬─{httpd}(18711) │ ├─{httpd}(18712) │ ├─{httpd}(18713) │ ├─{httpd}(18714) │ ├─{httpd}(18715) │ ├─{httpd}(18716) │ ├─{httpd}(18717) │ ├─{httpd}(18718) │ ├─{httpd}(18719) │ ├─{httpd}(18720) │ ├─{httpd}(18721) │ ├─{httpd}(18722) │ ├─{httpd}(18723) │ ├─{httpd}(18724) │ ├─{httpd}(18725) │ ├─{httpd}(18726) │ ├─{httpd}(18727) │ ├─{httpd}(18728) │ ├─{httpd}(18729) │ ├─{httpd}(18730) │ ├─{httpd}(18731) │ ├─{httpd}(18732) │ ├─{httpd}(18733) │ ├─{httpd}(18734) │ ├─{httpd}(18735) │ └─{httpd}(18736) └─httpd(18654)─┬─{httpd}(18684) ├─{httpd}(18685) ├─{httpd}(18686) ├─{httpd}(18687) ├─{httpd}(18688) ├─{httpd}(18689) ├─{httpd}(18690) ├─{httpd}(18691) ├─{httpd}(18692) ├─{httpd}(18693) ├─{httpd}(18694) ├─{httpd}(18695) ├─{httpd}(18696) ├─{httpd}(18697) ├─{httpd}(18698) ├─{httpd}(18699) ├─{httpd}(18700) ├─{httpd}(18701) ├─{httpd}(18702) ├─{httpd}(18703) ├─{httpd}(18704) ├─{httpd}(18705) ├─{httpd}(18706) ├─{httpd}(18707) ├─{httpd}(18708) └─{httpd}(18709)
root@cks-worker:~# cd /proc/18613 root@cks-worker:/proc/18613# ls arch_status cgroup coredump_filter exe io maps mountstats oom_adj patch_state sched smaps statm timers attr clear_refs cpuset fd limits mem net oom_score personality schedstat smaps_rollup status timerslack_ns autogroup cmdline cwd fdinfo loginuid mountinfo ns oom_score_adj projid_map sessionid stack syscall uid_map auxv comm environ gid_map map_files mounts numa_maps pagemap root setgroups stat task wchan root@cks-worker:/proc/18613# cat environ KUBERNETES_SERVICE_PORT=443KUBERNETES_PORT=tcp://10.96.0.1:443HTTPD_VERSION=2.4.46HOSTNAME=apacheHOME=/rootHTTPD_PATCHES=KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1PATH=/usr/local/apache2/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/binKUBERNETES_PORT_443_TCP_PORT=443KUBERNETES_PORT_443_TCP_PROTO=tcpHTTPD_SHA256=740eddf6e1c641992b22359cabc66e6325868c3c5e2e3f98faf349b61ecf41eaSECRET=5555666677778888HTTPD_PREFIX=/usr/local/apache2KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443KUBERNETES_SERVICE_PORT_HTTPS=443KUBERNETES_SERVICE_HOST=10.96.0.1PWD=/usr/local/apache2root@cks-worker:/proc/18613#