Server IP : 192.64.112.168 / Your IP : 3.17.165.235 Web Server : Apache System : Linux nc-ph-2300-85.bluforrest.com 4.18.0-513.9.1.el8_9.x86_64 #1 SMP Sat Dec 2 05:23:44 EST 2023 x86_64 User : expressoneac ( 1128) PHP Version : 8.0.30 Disable Function : exec,passthru,shell_exec,system MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /lib/python3.6/site-packages/sos/report/plugins/ |
Upload File : |
# Copyright (C) 2014 Red Hat, Inc. Bryn M. Reeves <bmr@redhat.com> # This file is part of the sos project: https://github.com/sosreport/sos # # This copyrighted material is made available to anyone wishing to use, # modify, copy, or redistribute it subject to the terms and conditions of # version 2 of the GNU General Public License. # # See the LICENSE file in the source distribution for further information. from sos.report.plugins import (Plugin, RedHatPlugin, UbuntuPlugin, SoSPredicate, CosPlugin, PluginOpt, DebianPlugin) class Docker(Plugin, CosPlugin): short_desc = 'Docker containers' plugin_name = 'docker' profiles = ('container',) option_list = [ PluginOpt('all', default=False, desc='collect for all containers, even terminated ones'), PluginOpt('logs', default=False, desc='collect stdout/stderr logs for containers'), PluginOpt('size', default=False, desc='collect image sizes for docker ps') ] def setup(self): self.add_copy_spec([ "/etc/docker/daemon.json", "/var/lib/docker/repositories-*" ]) self.add_env_var([ 'HTTP_PROXY', 'HTTPS_PROXY', 'NO_PROXY', 'ALL_PROXY', 'DOCKER_BUILD_PROXY', 'DOCKER_RUN_PROXY' ]) self.add_journal(units="docker") self.add_dir_listing('/etc/docker', recursive=True) self.set_cmd_predicate(SoSPredicate(self, services=["docker"])) subcmds = [ 'events --since 24h --until 1s', 'ps', 'stats --no-stream', 'version', 'volume ls' ] for subcmd in subcmds: self.add_cmd_output(f"docker {subcmd}") self.add_cmd_output("docker info", tags="docker_info") self.add_cmd_output("docker images", tags="docker_images") self.add_cmd_output("docker ps -a", tags="docker_list_containers") # separately grab these separately as they can take a *very* long time if self.get_option('size'): self.add_cmd_output('docker ps -as', priority=100) self.add_cmd_output('docker system df', priority=100) nets = self.collect_cmd_output('docker network ls') if nets['status'] == 0: networks = [n.split()[1] for n in nets['output'].splitlines()[1:]] for net in networks: self.add_cmd_output(f"docker network inspect {net}") containers = [ c[0] for c in self.get_containers(runtime='docker', get_all=self.get_option('all')) ] images = self.get_container_images(runtime='docker') volumes = self.get_container_volumes(runtime='docker') for container in containers: self.add_cmd_output(f"docker inspect {container}", subdir='containers') if self.get_option('logs'): self.add_cmd_output(f"docker logs -t {container}", subdir='containers') for img in images: name, img_id = img insp = name if 'none' not in name else img_id self.add_cmd_output(f"docker inspect {insp}", subdir='images', tags="docker_image_inspect") for vol in volumes: self.add_cmd_output(f"docker volume inspect {vol}", subdir='volumes') def postproc(self): # Attempts to match key=value pairs inside container inspect output # for potentially sensitive items like env vars that contain passwords. # Typically, these will be seen in env elements or similar, and look # like this: # "Env": [ # "mypassword=supersecret", # "container=oci" # ], # This will mask values when the variable name looks like it may be # something worth obfuscating. env_regexp = r'(?P<var>(pass|key|secret|PASS|KEY|SECRET).*?)=' \ '(?P<value>.*?)"' self.do_cmd_output_sub('*inspect*', env_regexp, r'\g<var>=********"') class RedHatDocker(Docker, RedHatPlugin): packages = ('docker', 'docker-latest', 'docker-io', 'docker-engine', 'docker-ce', 'docker-ee') def setup(self): super().setup() self.add_copy_spec([ "/etc/udev/rules.d/80-docker.rules", "/etc/containers/" ]) class UbuntuDocker(Docker, UbuntuPlugin, DebianPlugin): packages = ('docker.io', 'docker-engine', 'docker-ce', 'docker-ee') def setup(self): super().setup() self.add_copy_spec([ "/etc/default/docker", "/run/docker/libcontainerd/containerd/events.log" ]) # vim: set et ts=4 sw=4 :