kvm_watcher:添加对容器的系统调用相关信息采集 #213

Workflow file for this run

.github/workflows/old_project.yml at e088d46

	name: LSM

	on:
	push:
	branches:
	- "*"
	paths:
	- 'eBPF_Supermarket/old_project/LSM_BPF/lsm_bpf_monitoring/**'
	- '.github/workflows/ebpf_lsm.yml'
	pull_request:
	branches:
	- "*"
	paths:
	- 'eBPF_Supermarket/old_project/LSM_BPF/lsm_bpf_monitoring/**'
	- '.github/workflows/ebpf_lsm.yml'


	jobs:
	LSM_BPF_build-and-test:
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@v3

	- name: Set up Python 3.10
	uses: actions/setup-python@v3
	with:
	python-version: "3.10"

	- name: make
	run: make

	- name: run
	run: \|
	sudo ./deny_unshare

	sidecar_build-and-test:
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@v3

	- name: Set up Go
	uses: actions/setup-go@v3
	with:
	go-version: 1.18

	- name: Build BCC
	run: \|
	sudo apt update
	sudo apt remove libllvm12 libllvm13
	sudo apt install -y bison build-essential cmake flex git libedit-dev \
	libllvm14 llvm-14-dev libclang-14-dev python3 zlib1g-dev libelf-dev libfl-dev python3-distutils
	git clone --depth 1 --branch v0.24.0 https://github.com/iovisor/bcc.git
	mkdir bcc/build; cd bcc/build
	cmake ..
	make
	sudo make install
	cmake -DPYTHON_CMD=python3 .. # build python3 binding
	pushd src/python/
	make
	sudo make install
	popd

	# - name: Build Bpftrace
	# run: \|
	# sudo apt-get update && sudo apt-get upgrade
	# sudo apt remove libllvm12 libllvm13
	# sudo apt-get install -y libbpfcc-dev
	# sudo apt-get install -y \
	# bison \
	# cmake \
	# flex \
	# g++ \
	# git \
	# libelf-dev \
	# zlib1g-dev \
	# libfl-dev \
	# systemtap-sdt-dev \
	# binutils-dev \
	# libcereal-dev \
	# llvm-14-dev \
	# llvm-14-runtime \
	# libclang-14-dev \
	# clang-14 \
	# libpcap-dev \
	# libgtest-dev \
	# libgmock-dev \
	# asciidoctor
	# git clone https://github.com/iovisor/bpftrace
	# cd bpftrace
	# git checkout v0.16.0
	# mkdir build; cd build;
	# git clone http://github.com/libbpf/libbpf
	# cd libbpf
	# git checkout v1.0.0
	# cd src
	# make
	# sudo make install
	# cd ../..
	# cmake -DCMAKE_BUILD_TYPE=Release ..
	# # cmake -DKERNEL_INCLUDE_DIRS=libbpf/include/uapi/ -DLIBCEREAL_INCLUDE_DIRS:PATH=/usr/include ..
	# make -j8
	# sudo make install
	# bpftrace --version
	# sudo bpftrace -l "tracepoint:net*"

	- name: Build
	run: \|
	cd eBPF_Supermarket/old_project/kernel_and_user_pod_observation/
	go build -o kupod .
	go build -v ./...

	- name: Test
	run: \|
	cd eBPF_Supermarket/old_project/kernel_and_user_pod_observation/
	sudo go test ./...

Check failure on line 116 in .github/workflows/old_project.yml View workflow run for this annotation GitHub Actions / .github/workflows/old_project.yml Invalid workflow file `You have an error in your yaml syntax on line 116`
	integration-test-with-minikube-and-istio:
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@v3

	- name: Set up Go
	uses: actions/setup-go@v3
	with:
	go-version: 1.18

	- name: Start minikube
	id: minikube
	uses: medyagh/setup-minikube@master

	- name: Set Up istio
	run : \|
	# https://istio.io/latest/docs/setup/getting-started/
	curl -L https://istio.io/downloadIstio \| sh -
	cd istio-*
	export PATH=$PWD/bin:$PATH
	istioctl install --set profile=demo -y
	kubectl label namespace default istio-injection=enabled
	kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml

	- name: Build BCC
	run: \|
	sudo apt update
	sudo apt remove libllvm12 libllvm13
	sudo apt install -y bison build-essential cmake flex git libedit-dev \
	libllvm14 llvm-14-dev libclang-14-dev python3 zlib1g-dev libelf-dev libfl-dev python3-distutils
	git clone --depth 1 --branch v0.24.0 https://github.com/iovisor/bcc.git
	mkdir bcc/build; cd bcc/build
	cmake ..
	make
	sudo make install
	cmake -DPYTHON_CMD=python3 .. # build python3 binding
	pushd src/python/
	make
	sudo make install
	popd

	- name: Build KUPOD
	run: \|
	cd eBPF_Supermarket/old_project/kernel_and_user_pod_observation/
	go build -o kupod .
	./kupod version
	./kupod monitor
	./kupod monitor --help

	- name: Wait for istio
	run: \|
	kubectl get nodes
	kubectl get pods -owide -A
	kubectl get services
	test_pod() {
	while [[ $(kubectl get pods -l $1 -o 'jsonpath={..status.conditions[?(@.type=="Ready")].status}') != "True" ]]
	do
	echo "waiting for pod"
	sleep 5
	kubectl get pods -owide -A;
	done
	return 0
	}
	test_pod app=ratings
	echo "ratings is done"
	test_pod app=productpage
	echo "productpage is done"
	kubectl exec "$(kubectl get pod -l app=ratings -o jsonpath='{.items[0].metadata.name}')" -c ratings -- curl -sS productpage:9080/productpage \| grep -o "<title>.*</title>"

	- name: Run
	run: \|
	cd eBPF_Supermarket/old_project/kernel_and_user_pod_observation
	docker ps -a
	export MINIKUBE_ROOT_PID=$(docker inspect $(docker ps \| grep minikube \| awk -F ' ' '{print $1}') -f '{{.State.Pid}}')
	export MINIKUBE_STARTED=TRUE
	eval $(minikube -p minikube docker-env)
	env
	docker ps -a
	ps axjf
	sudo -E timeout 300 ./kupod monitor kernel all --pod-label 'app=productpage,version=v1' --namespace default \|\| if [[ $? != 124 && $? != 0 ]]; then exit $?; fi

	integration-test-with-sidecar-demo:
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@v3

	- name: Set up Go
	uses: actions/setup-go@v3
	with:
	go-version: 1.18

	- name: Start minikube
	id: minikube
	uses: medyagh/setup-minikube@master

	- name: Build BCC
	run: \|
	sudo apt update
	sudo apt remove libllvm12 libllvm13
	sudo apt install -y bison build-essential cmake flex git libedit-dev \
	libllvm14 llvm-14-dev libclang-14-dev python3 zlib1g-dev libelf-dev libfl-dev python3-distutils
	git clone --depth 1 --branch v0.24.0 https://github.com/iovisor/bcc.git
	mkdir bcc/build; cd bcc/build
	cmake ..
	make
	sudo make install
	cmake -DPYTHON_CMD=python3 .. # build python3 binding
	pushd src/python/
	make
	sudo make install
	popd

	- name: Build kernel_and_user_pod_observation
	run: \|
	cd eBPF_Supermarket/old_project/sidecar/dev
	eval $(minikube -p minikube docker-env)
	make
	kubectl label nodes minikube sidecar-demo-node=dev
	kubectl apply -f sidecar-demo.yaml
	cd ..
	unset DOCKER_TLS_VERIFY
	unset DOCKER_HOST
	unset DOCKER_CERT_PATH
	unset MINIKUBE_ACTIVE_DOCKERD

	- name: Build kupod
	run: \|
	cd eBPF_Supermarket/old_project/kernel_and_user_pod_observation
	go build -o kupod .
	./kupod version
	./kupod monitor
	./kupod monitor --help

	- name: Run
	run: \|
	cd eBPF_Supermarket/old_project/kernel_and_user_pod_observation
	kubectl get pods -A
	docker ps -a
	export MINIKUBE_ROOT_PID=$(docker inspect $(docker ps \| grep minikube \| awk -F ' ' '{print $1}') -f '{{.State.Pid}}')
	export MINIKUBE_STARTED=TRUE
	eval $(minikube -p minikube docker-env)
	env
	docker ps -a
	ps axjf
	sudo -E timeout 300 ./kupod monitor kernel all --pod 'sidecar-demo' --namespace default \|\| if [[ $? != 124 && $? != 0 ]]; then exit $?; fi

	cilium_ebpf_probe_build:
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@v3
	- name: Set up Go
	uses: actions/setup-go@v3
	with:
	go-version: 1.18

	- name: Start minikube
	id: minikube
	uses: medyagh/setup-minikube@master

	- name: pod start
	run: \|
	kubectl create namespace wyw
	kubectl create -f eBPF_Supermarket/old_project/cilium_ebpf_probe/k8s_yaml/http_server_pod.yaml
	kubectl create -f eBPF_Supermarket/old_project/cilium_ebpf_probe/k8s_yaml/g_server_pod.yaml
	test_pod() {
	while [[ $(kubectl get pods -n $1 -o 'jsonpath={..status.conditions[?(@.type=="Ready")].status}') != "True True" ]]
	do
	echo "waiting for pod"
	sleep 5
	kubectl get pods -n $1;
	done
	return 0
	}
	test_pod wyw
	echo "server pods is done"

	- name: build BCC
	run: \|
	sudo apt remove libllvm12 libllvm13
	sudo apt install -y bison build-essential cmake flex git libclang-12-dev libedit-dev \
	libllvm14 llvm-14-dev libclang-14-dev python3 zlib1g-dev libelf-dev libfl-dev python3-distutils
	git clone --depth 1 --branch v0.24.0 https://github.com/iovisor/bcc.git
	mkdir bcc/build; cd bcc/build
	cmake ..
	make
	sudo make install
	cmake -DPYTHON_CMD=python3 .. # build python3 binding
	pushd src/python/
	make
	sudo make install
	popd

	- name: build main
	run: \|
	cd eBPF_Supermarket/old_project/cilium_ebpf_probe
	go build main.go


	sidecar_build-and-test:
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@v3

	- name: Set up Go
	uses: actions/setup-go@v3
	with:
	go-version: 1.18

	- name: Build BCC
	run: \|
	sudo apt update
	sudo apt remove libllvm12 libllvm13
	sudo apt install -y bison build-essential cmake flex git libedit-dev \
	libllvm14 llvm-14-dev libclang-14-dev python3 zlib1g-dev libelf-dev libfl-dev python3-distutils
	git clone --depth 1 --branch v0.24.0 https://github.com/iovisor/bcc.git
	mkdir bcc/build; cd bcc/build
	cmake ..
	make
	sudo make install
	cmake -DPYTHON_CMD=python3 .. # build python3 binding
	pushd src/python/
	make
	sudo make install
	popd

	# - name: Build Bpftrace
	# run: \|
	# sudo apt-get update && sudo apt-get upgrade
	# sudo apt remove libllvm12 libllvm13
	# sudo apt-get install -y libbpfcc-dev
	# sudo apt-get install -y \
	# bison \
	# cmake \
	# flex \
	# g++ \
	# git \
	# libelf-dev \
	# zlib1g-dev \
	# libfl-dev \
	# systemtap-sdt-dev \
	# binutils-dev \
	# libcereal-dev \
	# llvm-14-dev \
	# llvm-14-runtime \
	# libclang-14-dev \
	# clang-14 \
	# libpcap-dev \
	# libgtest-dev \
	# libgmock-dev \
	# asciidoctor
	# git clone https://github.com/iovisor/bpftrace
	# cd bpftrace
	# git checkout v0.16.0
	# mkdir build; cd build;
	# git clone http://github.com/libbpf/libbpf
	# cd libbpf
	# git checkout v1.0.0
	# cd src
	# make
	# sudo make install
	# cd ../..
	# cmake -DCMAKE_BUILD_TYPE=Release ..
	# # cmake -DKERNEL_INCLUDE_DIRS=libbpf/include/uapi/ -DLIBCEREAL_INCLUDE_DIRS:PATH=/usr/include ..
	# make -j8
	# sudo make install
	# bpftrace --version
	# sudo bpftrace -l "tracepoint:net*"

	- name: Build
	run: \|
	cd eBPF_Supermarket/old_project/sidecar/
	go build -o pmoas .
	go build -v ./...

	- name: Test
	run: \|
	cd eBPF_Supermarket/old_project/sidecar/
	sudo go test ./...

	integration-test-with-minikube-and-istio:
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@v3

	- name: Set up Go
	uses: actions/setup-go@v3
	with:
	go-version: 1.18

	- name: Start minikube
	id: minikube
	uses: medyagh/setup-minikube@master

	- name: Set Up istio
	run : \|
	# https://istio.io/latest/docs/setup/getting-started/
	curl -L https://istio.io/downloadIstio \| sh -
	cd istio-*
	export PATH=$PWD/bin:$PATH
	istioctl install --set profile=demo -y
	kubectl label namespace default istio-injection=enabled
	kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml

	- name: Build BCC
	run: \|
	sudo apt update
	sudo apt remove libllvm12 libllvm13
	sudo apt install -y bison build-essential cmake flex git libedit-dev \
	libllvm14 llvm-14-dev libclang-14-dev python3 zlib1g-dev libelf-dev libfl-dev python3-distutils
	git clone --depth 1 --branch v0.24.0 https://github.com/iovisor/bcc.git
	mkdir bcc/build; cd bcc/build
	cmake ..
	make
	sudo make install
	cmake -DPYTHON_CMD=python3 .. # build python3 binding
	pushd src/python/
	make
	sudo make install
	popd

	- name: Build PMOAS
	run: \|
	cd eBPF_Supermarket/old_project/sidecar/
	go build -o pmoas .
	./pmoas version
	./pmoas monitor
	./pmoas monitor --help

	- name: Wait for istio
	run: \|
	kubectl get nodes
	kubectl get pods -owide -A
	kubectl get services
	test_pod() {
	while [[ $(kubectl get pods -l $1 -o 'jsonpath={..status.conditions[?(@.type=="Ready")].status}') != "True" ]]
	do
	echo "waiting for pod"
	sleep 5
	kubectl get pods -owide -A;
	done
	return 0
	}
	test_pod app=ratings
	echo "ratings is done"
	test_pod app=productpage
	echo "productpage is done"
	kubectl exec "$(kubectl get pod -l app=ratings -o jsonpath='{.items[0].metadata.name}')" -c ratings -- curl -sS productpage:9080/productpage \| grep -o "<title>.*</title>"

	- name: Run
	run: \|
	cd eBPF_Supermarket/old_project/sidecar
	docker ps -a
	export MINIKUBE_ROOT_PID=$(docker inspect $(docker ps \| grep minikube \| awk -F ' ' '{print $1}') -f '{{.State.Pid}}')
	export MINIKUBE_STARTED=TRUE
	eval $(minikube -p minikube docker-env)
	env
	docker ps -a
	ps axjf
	sudo -E timeout 300 ./pmoas monitor all --pod-label 'app=productpage,version=v1' --namespace default \|\| if [[ $? != 124 && $? != 0 ]]; then exit $?; fi

	integration-test-with-sidecar-demo:
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@v3

	- name: Set up Go
	uses: actions/setup-go@v3
	with:
	go-version: 1.18

	- name: Start minikube
	id: minikube
	uses: medyagh/setup-minikube@master

	- name: Build BCC
	run: \|
	sudo apt update
	sudo apt remove libllvm12 libllvm13
	sudo apt install -y bison build-essential cmake flex git libedit-dev \
	libllvm14 llvm-14-dev libclang-14-dev python3 zlib1g-dev libelf-dev libfl-dev python3-distutils
	git clone --depth 1 --branch v0.24.0 https://github.com/iovisor/bcc.git
	mkdir bcc/build; cd bcc/build
	cmake ..
	make
	sudo make install
	cmake -DPYTHON_CMD=python3 .. # build python3 binding
	pushd src/python/
	make
	sudo make install
	popd

	- name: Build Sidecar
	run: \|
	cd eBPF_Supermarket/old_project/sidecar/dev
	eval $(minikube -p minikube docker-env)
	make
	kubectl label nodes minikube sidecar-demo-node=dev
	kubectl apply -f sidecar-demo.yaml
	cd ..
	unset DOCKER_TLS_VERIFY
	unset DOCKER_HOST
	unset DOCKER_CERT_PATH
	unset MINIKUBE_ACTIVE_DOCKERD

	- name: Build PMOAS
	run: \|
	cd eBPF_Supermarket/old_project/sidecar
	go build -o pmoas .
	./pmoas version
	./pmoas monitor
	./pmoas monitor --help

	- name: Run
	run: \|
	cd eBPF_Supermarket/old_project/sidecar
	kubectl get pods -A
	docker ps -a
	export MINIKUBE_ROOT_PID=$(docker inspect $(docker ps \| grep minikube \| awk -F ' ' '{print $1}') -f '{{.State.Pid}}')
	export MINIKUBE_STARTED=TRUE
	eval $(minikube -p minikube docker-env)
	env
	docker ps -a
	ps axjf
	sudo -E timeout 300 ./pmoas monitor all --pod 'sidecar-demo' --namespace default \|\| if [[ $? != 124 && $? != 0 ]]; then exit $?; fi

	User_Function_Tracer_build-and-run-tracer:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3

	- name: Install dependencies
	run: \|
	sudo apt update
	sudo apt install -y clang cmake ninja-build libelf-dev libbpf-dev linux-tools-$(uname -r)

	- name: Build and run
	run: \|
	cd eBPF_Supermarket/old_project/User_Function_Tracer
	mkdir -p vmlinux
	bash tools/gen_vmlinux_h.sh > vmlinux/vmlinux.h
	cmake -B build -S . -G Ninja
	cmake --build build
	bash test/run_test.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

kvm_watcher:添加对容器的系统调用相关信息采集 #213

Workflow file

kvm_watcher:添加对容器的系统调用相关信息采集 #213

Jobs

Run details

Workflow file for this run

GitHub Actions / .github/workflows/old_project.yml