diff --git a/sos-plugin/spyre-external.py b/sos-plugin/spyre-external.py index 2c8632c..3f2d493 100644 --- a/sos-plugin/spyre-external.py +++ b/sos-plugin/spyre-external.py @@ -64,6 +64,9 @@ def setup(self): "/etc/security/limits.d/memlock.conf", ]) + # collect podman data for non root spyre users + self.get_podman_data() + def get_spyre_cards(self): context = pyudev.Context() spyre_cards_bus_ids = [] @@ -81,4 +84,86 @@ def get_spyre_cards(self): return spyre_cards_bus_ids + def get_podman_data(self): + + # All spyre users must be part of sentient group + groupname = "sentient" + non_root_users = self.exec_cmd("getent group "+ groupname) + if non_root_users['status'] == 0: + users = [u.strip() for u in non_root_users['output'].split(':')[3].split(',') if u.strip()] + for user in users: + # since root user outputs are collected in podman plugin + # skipping here + if not user or user == 'root': + continue + command = "sudo -u "+ user + validate_cmd = self.exec_cmd(f"{command} podman system df") + if validate_cmd['status'] != 0: + continue + + self.add_cmd_tags({ + f'{command} podman images': 'podman_list_images', + f'{command} podman ps': 'podman_list_containers' + }) + + subcmds = [ + 'info', + 'images', + 'image trust show', + 'images --digests', + 'pod ps', + 'port --all', + 'ps', + 'stats --no-stream --all', + 'version', + 'volume ls', + 'system df -v', + ] + + self.add_cmd_output([f"{command} podman {s}" for s in subcmds], + subdir=f'podman/{user}', tags='podman_commands') + + # separately grab ps -s as this can take a *very* long time + self.add_cmd_output(f'{command} podman ps -as', subdir=f'podman/{user}', priority=100) + + pnets = self.collect_cmd_output(f'{command} podman network ls', + subdir=f'podman/{user}', tags='podman_list_networks') + if pnets['status'] == 0: + nets = [pn.split()[0] for pn in pnets['output'].splitlines()[1:] if pn.strip()] + self.add_cmd_output([ + f"{command} podman network inspect {net}" for net in nets + ], subdir=f'podman/{user}/networks', tags='podman_network_inspect') + + containers = self.collect_cmd_output(f'{command} podman ps -a', subdir=f'podman/{user}') + if containers['status'] == 0: + cids = [container.split()[0] for container in containers['output'].splitlines()[1:] if container.strip()] + self.add_cmd_output([ + f"{command} podman inspect {cid}" for cid in cids + ], subdir=f'podman/{user}/containers', tags='podman_container_inspect') + self.add_cmd_output([f"{command} podman logs -t {cid}" for cid in cids], + subdir=f'podman/{user}/containers', priority=50) + + images = self.collect_cmd_output(f'{command} podman images --no-trunc', subdir=f'podman/{user}') + if images['status'] == 0: + imageids = [ + image.split()[2] if image.split()[0].lower() == 'none' else f"{image.split()[0]}:{image.split()[1]}" + for image in images['output'].splitlines()[1:] if image.strip() + ] + self.add_cmd_output([ + f"{command} podman inspect {imageid}" for imageid in imageids + ], subdir=f'podman/{user}/images', tags='podman_image_inspect') + self.add_cmd_output( + [f"{command} podman image tree {imageid}" for imageid in imageids], + subdir=f'podman/{user}/images/tree', + tags='podman_image_tree' + ) + + volumes = self.collect_cmd_output(f'{command} podman volume ls --format "{{{{.Name}}}}"', subdir=f'podman/{user}') + if volumes['status'] == 0: + vols = [v for v in volumes['output'].splitlines() if v.strip()] + self.add_cmd_output([ + f"{command} podman volume inspect {vol}" for vol in vols + ], subdir=f'podman/{user}/volumes', tags='podman_volume_inspect') + + # vim: set et ts=4 sw=4 :