-
Notifications
You must be signed in to change notification settings - Fork 1
/
crio.go
61 lines (58 loc) · 2.01 KB
/
crio.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
package main
import (
"io/ioutil"
"os"
"os/user"
"path/filepath"
"strings"
"github.com/tidwall/gjson"
)
// *findCrioContainers* will check to see if any of our matches are CRI-O containers and
// will append image-related metadata. If an image is not found, it will add the pod name
// instead
// the default client does not support extracting metadata as mentioned here:
// https://github.com/cri-o/cri-o/issues/3567 so I resorted to parsing the on-disk files
func findCrioContainers() {
var containerImage string
currUser, _ := user.Current()
path := "/var/lib/containers/storage/overlay-containers/"
filepath.Walk(path, func(path string, info os.FileInfo, err error) error {
// suppress errors / ignore files we can't read
if err == nil {
if !info.IsDir() && (filepath.Base(path) == "config.json") {
jsonFile, err := os.Open(path)
if err == nil {
byteValue, _ := ioutil.ReadAll(jsonFile)
rootPath := gjson.GetBytes(byteValue, "root.path")
imageName := gjson.GetBytes(byteValue, `annotations.io\.kubernetes\.cri-o\.ImageName`)
podName := gjson.GetBytes(byteValue, `annotations.io\.kubernetes\.pod\.name`)
// NOTE containers run directly from kubelet do not have a corresponding ImageName. As backup,
// I'll use the pod name if there is no ImageName
if imageName.String() == "" {
containerImage = podName.String()
} else {
containerImage = imageName.String()
}
for i := range matches {
match := &matches[i]
if strings.Contains(match.fullPath, rootPath.String()) {
match.containerImage = containerImage
match.isContainer = true
// check if it is running or not. Requires root + crictl
// we ignore any containers that are not running
if err == nil {
if checkBinary("crictl") && currUser.Username == "root" {
if crictlCheckContainer(match.containerImage) == false {
match.ignore = true
}
}
}
}
}
}
defer jsonFile.Close()
}
}
return nil
})
}