Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
refactor(cri): fast-track add containers to cache (synchronous lookup…
Browse files Browse the repository at this point in the history
… case)

Signed-off-by: Melissa Kilby <[email protected]>
incertum committed Dec 21, 2023
1 parent 0d65836 commit f685d0e
Showing 1 changed file with 21 additions and 0 deletions.
21 changes: 21 additions & 0 deletions userspace/libsinsp/container_engine/cri.cpp
Original file line number Diff line number Diff line change
@@ -185,6 +185,7 @@ bool cri::resolve(sinsp_threadinfo *tinfo, bool query_os_for_missing_info)
container_id.c_str(), container.m_mesos_task_id.c_str());
}

// note: query_os_for_missing_info is set to 'true' by default
if (query_os_for_missing_info)
{
g_logger.format(sinsp_logger::SEV_DEBUG,
@@ -242,7 +243,27 @@ bool cri::resolve(sinsp_threadinfo *tinfo, bool query_os_for_missing_info)
g_logger.format(sinsp_logger::SEV_DEBUG,
"cri_async (%s): Starting synchronous lookup",
container_id.c_str());
// lookup_sync function directly invokes the container engine specific parser `parse`
done = m_async_source->lookup_sync(key, result);
// explicitly check for the most crucial retrieved value to be present
if(!result.m_image.empty())
{
/*
* Only for synchronous lookup option (e.g. Falco's default is async not sync)
*
* Fast-track addition of enriched containers (fields successfully retrieved from the container runtime socket)
* to the container cache, bypassing the round-trip process:
* `source_callback` -> `notify_new_container` ->
* `container_to_sinsp_event(container_to_json(container_info), ...)` ->
* `parse_container_json_evt` -> `m_inspector->m_container_manager.add_container()`
*
* Although we still re-add the container in `parse_container_json_evt` to also support native 'container' events, it
* introduces an avoidable delay in the incoming syscall event stream. Syscall events do not explicitly require container
* events and instead directly retrieve container details from the container cache. This behavior could potentially
* contribute to the issues noted by adopters, such as the absence of container images in syscall events.
*/
cache->replace_container(std::make_shared<sinsp_container_info>(result));
}
}

if (done)

0 comments on commit f685d0e

Please sign in to comment.