Unified the env metadata whitelist flag for containerd and docker.

Signed-off-by: colstuwjx <[email protected]>

Author: Colstuwjx

cmd/cadvisor.go

@@ -65,6 +65,8 @@ var collectorKey = flag.String("collector_key", "", "Key for the collector's cer
 var storeContainerLabels = flag.Bool("store_container_labels", true, "convert container labels and environment variables into labels on prometheus metrics for each container. If flag set to false, then only metrics exported are container name, first alias, and image name")
 var whitelistedContainerLabels = flag.String("whitelisted_container_labels", "", "comma separated list of container labels to be converted to labels on prometheus metrics for each container. store_container_labels must be set to false for this to take effect.")
 
+var envMetadataWhiteList = flag.String("env_metadata_whitelist", "", "a comma-separated list of environment variable keys matched with specified prefix that needs to be collected for containers, only support containerd and docker runtime for now")
+
 var urlBasePrefix = flag.String("url_base_prefix", "", "prefix path that will be prepended to all paths to support some reverse proxies")
 
 var rawCgroupPrefixWhiteList = flag.String("raw_cgroup_prefix_whitelist", "", "A comma-separated list of cgroup path prefix that needs to be collected even when -docker_only is specified")
@@ -129,7 +131,7 @@ func main() {
 
 	collectorHttpClient := createCollectorHttpClient(*collectorCert, *collectorKey)
 
-	resourceManager, err := manager.New(memoryStorage, sysFs, manager.HousekeepingConfigFlags, includedMetrics, &collectorHttpClient, strings.Split(*rawCgroupPrefixWhiteList, ","), *perfEvents)
+	resourceManager, err := manager.New(memoryStorage, sysFs, manager.HousekeepingConfigFlags, includedMetrics, &collectorHttpClient, strings.Split(*rawCgroupPrefixWhiteList, ","), strings.Split(*envMetadataWhiteList, ","), *perfEvents)
 	if err != nil {
 		klog.Fatalf("Failed to create a manager: %s", err)
 	}

cmd/internal/container/mesos/factory.go

@@ -59,7 +59,7 @@ func (f *mesosFactory) String() string {
 	return MesosNamespace
 }
 
-func (f *mesosFactory) NewContainerHandler(name string, inHostNamespace bool) (container.ContainerHandler, error) {
+func (f *mesosFactory) NewContainerHandler(name string, metadataEnvs []string, inHostNamespace bool) (container.ContainerHandler, error) {
 	client, err := Client()
 	if err != nil {
 		return nil, err
@@ -72,6 +72,7 @@ func (f *mesosFactory) NewContainerHandler(name string, inHostNamespace bool) (c
 		f.fsInfo,
 		f.includedMetrics,
 		inHostNamespace,
+		metadataEnvs,
 		client,
 	)
 }

cmd/internal/container/mesos/handler.go

@@ -57,6 +57,7 @@ func newMesosContainerHandler(
 	fsInfo fs.FsInfo,
 	includedMetrics container.MetricSet,
 	inHostNamespace bool,
+	metadataEnvs []string,
 	client mesosAgentClient,
 ) (container.ContainerHandler, error) {
 	cgroupPaths := common.MakeCgroupPaths(cgroupSubsystems.MountPoints, name)

cmd/internal/container/mesos/handler_test.go

@@ -22,7 +22,6 @@ import (
 	containerlibcontainer "github.com/google/cadvisor/container/libcontainer"
 	"github.com/google/cadvisor/fs"
 	info "github.com/google/cadvisor/info/v1"
-	"github.com/mesos/mesos-go/api/v1/lib"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -43,6 +42,7 @@ func TestContainerReference(t *testing.T) {
 		fsInfo             fs.FsInfo
 		cgroupSubsystems   *containerlibcontainer.CgroupSubsystems
 		inHostNamespace    bool
+		metadataEnvs       []string
 		includedMetrics    container.MetricSet
 
 		hasErr         bool
@@ -57,6 +57,7 @@ func TestContainerReference(t *testing.T) {
 			nil,
 			&containerlibcontainer.CgroupSubsystems{},
 			false,
+			[]string{},
 			nil,
 
 			true,
@@ -70,6 +71,7 @@ func TestContainerReference(t *testing.T) {
 			nil,
 			&containerlibcontainer.CgroupSubsystems{},
 			false,
+			[]string{},
 			nil,
 
 			true,
@@ -83,6 +85,7 @@ func TestContainerReference(t *testing.T) {
 			nil,
 			&containerlibcontainer.CgroupSubsystems{},
 			false,
+			[]string{},
 			nil,
 
 			false,
@@ -95,7 +98,7 @@ func TestContainerReference(t *testing.T) {
 			},
 		},
 	} {
-		handler, err := newMesosContainerHandler(ts.name, ts.cgroupSubsystems, ts.machineInfoFactory, ts.fsInfo, ts.includedMetrics, ts.inHostNamespace, ts.client)
+		handler, err := newMesosContainerHandler(ts.name, ts.cgroupSubsystems, ts.machineInfoFactory, ts.fsInfo, ts.includedMetrics, ts.inHostNamespace, ts.metadataEnvs, ts.client)
 		if ts.hasErr {
 			as.NotNil(err)
 			if ts.errContains != "" {

container/containerd/factory.go

@@ -41,8 +41,6 @@ const k8sContainerdNamespace = "containerd"
 // --cgroup-parent have another prefix than 'containerd'
 var containerdCgroupRegexp = regexp.MustCompile(`([a-z0-9]{64})`)
 
-var containerdEnvWhitelist = flag.String("containerd_env_metadata_whitelist", "", "a comma-separated list of environment variable keys matched with specified prefix that needs to be collected for containerd containers")
-
 type containerdFactory struct {
 	machineInfoFactory info.MachineInfoFactory
 	client             ContainerdClient
@@ -58,14 +56,12 @@ func (f *containerdFactory) String() string {
 	return k8sContainerdNamespace
 }
 
-func (f *containerdFactory) NewContainerHandler(name string, inHostNamespace bool) (handler container.ContainerHandler, err error) {
+func (f *containerdFactory) NewContainerHandler(name string, metadataEnvs []string, inHostNamespace bool) (handler container.ContainerHandler, err error) {
 	client, err := Client(*ArgContainerdEndpoint, *ArgContainerdNamespace)
 	if err != nil {
 		return
 	}
 
-	metadataEnvs := strings.Split(*containerdEnvWhitelist, ",")
-
 	return newContainerdContainerHandler(
 		client,
 		name,

container/crio/factory.go

@@ -64,13 +64,11 @@ func (f *crioFactory) String() string {
 	return CrioNamespace
 }
 
-func (f *crioFactory) NewContainerHandler(name string, inHostNamespace bool) (handler container.ContainerHandler, err error) {
+func (f *crioFactory) NewContainerHandler(name string, metadataEnvs []string, inHostNamespace bool) (handler container.ContainerHandler, err error) {
 	client, err := Client()
 	if err != nil {
 		return
 	}
-	// TODO are there any env vars we need to white list, if so, do it here...
-	metadataEnvs := []string{}
 	handler, err = newCrioContainerHandler(
 		client,
 		name,

container/docker/factory.go

@@ -53,15 +53,13 @@ const DockerNamespace = "docker"
 // The retry times for getting docker root dir
 const rootDirRetries = 5
 
-//The retry period for getting docker root dir, Millisecond
+// The retry period for getting docker root dir, Millisecond
 const rootDirRetryPeriod time.Duration = 1000 * time.Millisecond
 
 // Regexp that identifies docker cgroups, containers started with
 // --cgroup-parent have another prefix than 'docker'
 var dockerCgroupRegexp = regexp.MustCompile(`([a-z0-9]{64})`)
 
-var dockerEnvWhitelist = flag.String("docker_env_metadata_whitelist", "", "a comma-separated list of environment variable keys matched with specified prefix that needs to be collected for docker containers")
-
 var (
 	// Basepath to all container specific information that libcontainer stores.
 	dockerRootDir string
@@ -136,14 +134,12 @@ func (f *dockerFactory) String() string {
 	return DockerNamespace
 }
 
-func (f *dockerFactory) NewContainerHandler(name string, inHostNamespace bool) (handler container.ContainerHandler, err error) {
+func (f *dockerFactory) NewContainerHandler(name string, metadataEnvs []string, inHostNamespace bool) (handler container.ContainerHandler, err error) {
 	client, err := Client()
 	if err != nil {
 		return
 	}
 
-	metadataEnvs := strings.Split(*dockerEnvWhitelist, ",")
-
 	handler, err = newDockerContainerHandler(
 		client,
 		name,

container/factory.go

@@ -29,7 +29,7 @@ import (
 
 type ContainerHandlerFactory interface {
 	// Create a new ContainerHandler using this factory. CanHandleAndAccept() must have returned true.
-	NewContainerHandler(name string, inHostNamespace bool) (c ContainerHandler, err error)
+	NewContainerHandler(name string, metadataEnvs []string, inHostNamespace bool) (c ContainerHandler, err error)
 
 	// Returns whether this factory can handle and accept the specified container.
 	CanHandleAndAccept(name string) (handle bool, accept bool, err error)
@@ -227,7 +227,7 @@ func HasFactories() bool {
 }
 
 // Create a new ContainerHandler for the specified container.
-func NewContainerHandler(name string, watchType watcher.ContainerWatchSource, inHostNamespace bool) (ContainerHandler, bool, error) {
+func NewContainerHandler(name string, watchType watcher.ContainerWatchSource, metadataEnvs []string, inHostNamespace bool) (ContainerHandler, bool, error) {
 	factoriesLock.RLock()
 	defer factoriesLock.RUnlock()
 
@@ -243,7 +243,7 @@ func NewContainerHandler(name string, watchType watcher.ContainerWatchSource, in
 				return nil, false, nil
 			}
 			klog.V(3).Infof("Using factory %q for container %q", factory, name)
-			handle, err := factory.NewContainerHandler(name, inHostNamespace)
+			handle, err := factory.NewContainerHandler(name, metadataEnvs, inHostNamespace)
 			return handle, canAccept, err
 		}
 		klog.V(4).Infof("Factory %q was unable to handle container %q", factory, name)

container/factory_test.go

@@ -43,13 +43,15 @@ func (f *mockContainerHandlerFactory) CanHandleAndAccept(name string) (bool, boo
 	return f.CanHandleValue, f.CanAcceptValue, nil
 }
 
-func (f *mockContainerHandlerFactory) NewContainerHandler(name string, isHostNamespace bool) (container.ContainerHandler, error) {
+func (f *mockContainerHandlerFactory) NewContainerHandler(name string, metadataEnvs []string, isHostNamespace bool) (container.ContainerHandler, error) {
 	args := f.Called(name)
 	return args.Get(0).(container.ContainerHandler), args.Error(1)
 }
 
 const testContainerName = "/test"
 
+var testMetadataEnvs = []string{}
+
 var mockFactory containertest.FactoryForMockContainerHandler
 
 func TestNewContainerHandler_FirstMatches(t *testing.T) {
@@ -64,13 +66,13 @@ func TestNewContainerHandler_FirstMatches(t *testing.T) {
 	container.RegisterContainerHandlerFactory(allwaysYes, []watcher.ContainerWatchSource{watcher.Raw})
 
 	// The yes factory should be asked to create the ContainerHandler.
-	mockContainer, err := mockFactory.NewContainerHandler(testContainerName, true)
+	mockContainer, err := mockFactory.NewContainerHandler(testContainerName, testMetadataEnvs, true)
 	if err != nil {
 		t.Error(err)
 	}
 	allwaysYes.On("NewContainerHandler", testContainerName).Return(mockContainer, nil)
 
-	cont, _, err := container.NewContainerHandler(testContainerName, watcher.Raw, true)
+	cont, _, err := container.NewContainerHandler(testContainerName, watcher.Raw, testMetadataEnvs, true)
 	if err != nil {
 		t.Error(err)
 	}
@@ -97,13 +99,13 @@ func TestNewContainerHandler_SecondMatches(t *testing.T) {
 	container.RegisterContainerHandlerFactory(allwaysYes, []watcher.ContainerWatchSource{watcher.Raw})
 
 	// The yes factory should be asked to create the ContainerHandler.
-	mockContainer, err := mockFactory.NewContainerHandler(testContainerName, true)
+	mockContainer, err := mockFactory.NewContainerHandler(testContainerName, testMetadataEnvs, true)
 	if err != nil {
 		t.Error(err)
 	}
 	allwaysYes.On("NewContainerHandler", testContainerName).Return(mockContainer, nil)
 
-	cont, _, err := container.NewContainerHandler(testContainerName, watcher.Raw, true)
+	cont, _, err := container.NewContainerHandler(testContainerName, watcher.Raw, testMetadataEnvs, true)
 	if err != nil {
 		t.Error(err)
 	}
@@ -129,7 +131,7 @@ func TestNewContainerHandler_NoneMatch(t *testing.T) {
 	}
 	container.RegisterContainerHandlerFactory(allwaysNo2, []watcher.ContainerWatchSource{watcher.Raw})
 
-	_, _, err := container.NewContainerHandler(testContainerName, watcher.Raw, true)
+	_, _, err := container.NewContainerHandler(testContainerName, watcher.Raw, testMetadataEnvs, true)
 	if err == nil {
 		t.Error("Expected NewContainerHandler to fail")
 	}
@@ -152,7 +154,7 @@ func TestNewContainerHandler_Accept(t *testing.T) {
 	}
 	container.RegisterContainerHandlerFactory(cannotAccept, []watcher.ContainerWatchSource{watcher.Raw})
 
-	_, accept, err := container.NewContainerHandler(testContainerName, watcher.Raw, true)
+	_, accept, err := container.NewContainerHandler(testContainerName, watcher.Raw, testMetadataEnvs, true)
 	if err != nil {
 		t.Error("Expected NewContainerHandler to succeed")
 	}

container/raw/factory.go

@@ -56,7 +56,7 @@ func (f *rawFactory) String() string {
 	return "raw"
 }
 
-func (f *rawFactory) NewContainerHandler(name string, inHostNamespace bool) (container.ContainerHandler, error) {
+func (f *rawFactory) NewContainerHandler(name string, metadataEnvs []string, inHostNamespace bool) (container.ContainerHandler, error) {
 	rootFs := "/"
 	if !inHostNamespace {
 		rootFs = "/rootfs"