From: Josef Bacik <josef@toxicpanda.com>
To: Chuck Lever <chuck.lever@oracle.com>
Cc: linux-nfs@vger.kernel.org, kernel-team@fb.com
Subject: Re: [PATCH 2/2] nfsd: expose /proc/net/sunrpc/nfsd in net namespaces
Date: Wed, 24 Jan 2024 16:05:56 -0500 [thread overview]
Message-ID: <20240124210556.GA1237643@perftesting> (raw)
In-Reply-To: <ZbFzxmV6zgi/TACb@tissot.1015granger.net>
On Wed, Jan 24, 2024 at 03:32:06PM -0500, Chuck Lever wrote:
> On Wed, Jan 24, 2024 at 02:37:00PM -0500, Josef Bacik wrote:
> > We are running nfsd servers inside of containers with their own network
> > namespace, and we want to monitor these services using the stats found
> > in /proc. However these are not exposed in the proc inside of the
> > container, so we have to bind mount the host /proc into our containers
> > to get at this information.
> >
> > Separate out the stat counters init and the proc registration, and move
> > the proc registration into the pernet operations entry and exit points
> > so that these stats can be exposed inside of network namespaces.
>
> Maybe I missed something, but this looks like it exposes the global
> stat counters to all net namespaces...? Is that an information leak?
> As an administrator I might be surprised by that behavior.
>
> Seems like this patch needs to make nfsdstats and nfsd_svcstats into
> per-namespace objects as well.
>
Yeah I was worried you might say that. I misread the sunrpc code and thought it
was handling the magic for me, but it's literally just making the proc entry
under its own thing. I'll brb with proper patches. Thanks,
Josef
next prev parent reply other threads:[~2024-01-24 21:05 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-24 19:36 [PATCH 0/2] Make nfs and nfsd stats visible in network ns Josef Bacik
2024-01-24 19:36 ` [PATCH 1/2] nfs: expose /proc/net/sunrpc/nfs in net namespaces Josef Bacik
2024-01-24 19:37 ` [PATCH 2/2] nfsd: expose /proc/net/sunrpc/nfsd " Josef Bacik
2024-01-24 20:32 ` Chuck Lever
2024-01-24 21:05 ` Josef Bacik [this message]
2024-01-24 22:12 ` Josef Bacik
2024-01-24 22:57 ` Jeff Layton
2024-01-24 23:18 ` Josef Bacik
2024-01-24 23:41 ` Jeff Layton
2024-01-24 23:47 ` Chuck Lever
2024-01-25 0:06 ` Jeff Layton
2024-01-25 1:54 ` Chuck Lever III
2024-01-25 10:25 ` Jeff Layton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240124210556.GA1237643@perftesting \
--to=josef@toxicpanda.com \
--cc=chuck.lever@oracle.com \
--cc=kernel-team@fb.com \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox