containerInfo Plugin: list the Docker and Kubernetes containers in a …

…guest VM. Added code for a new open-vm-tools plugin, containerInfo. - Added a new configure option --disable-containerinfo to disable building the containerinfo plugin. --disable-containerinfo : Will not check for any dependent packages and will not build the containerinfo plugin. --enable-containerinfo=no : Same as --disable-containerinfo --enable-containerinfo=auto : Checks for the dependent packages. If they are available, then the containerinfo plugin will be built. Otherwise, a warning is printeds and the containerinfo plugin will be skipped. --enable-containerinfo --enable-containerinfo=yes : Checks for the dependent packages. If they are available, then the containerinfo plugin will be built. Otherwise, the configure will terminate with an error. - Updated the sample tools.conf file with various settings related to the containerinfo plugin. - Due to an issue reported in protocolbuffers/protobuf#9184, implemented a workaround by changing 'import weak ' to 'import ' in the .proto files while generating the header files. Build dependencies: (packages names may vary with Linux release). - or - - libcurl4-openssl-dev libcurl-devel - protobuf-compiler protobuf-compiler - libprotobuf-dev protobuf-devel - protobuf-compiler-grpc grpc-plugins - libgrpc++-dev grpc-devel - golang-github-containerd-containerd-dev containerd-devel - golang-github-gogo-protobuf-dev Runtime requirements: - curl, protobug and grpc-cpp
vmware · Dec 21, 2021 · ed84c0a · ed84c0a
1 parent b36b275
commit ed84c0a
Show file tree

Hide file tree

Showing 11 changed files with 2,553 additions and 0 deletions.
diff --git a/open-vm-tools/configure.ac b/open-vm-tools/configure.ac
@@ -573,6 +573,119 @@ if test "$with_pam" = "yes"; then
                     [AC_VMW_LIB_ERROR([PAM], [pam])])
 fi
 
+AC_ARG_ENABLE([containerinfo],
+   [AS_HELP_STRING([--disable-containerinfo],
+     [do not build containerinfo plugin.])],
+   [
+     enable_containerinfo=$enableval
+   ],
+   [
+       if test "$os" = "linux"; then
+          enable_containerinfo=auto
+       else
+          enable_containerinfo=no
+       fi
+   ])
+
+#
+# Check that containerinfo plugin is enabled only on linux systems.
+#
+if test "$os" != "linux"; then
+   if test "$enable_containerinfo" = "yes"; then
+      AC_MSG_ERROR([The containerinfo plugin is only supported for Linux
+      platforms. Try configure with --disable-containerinfo option.])
+   fi
+fi
+
+if test "$enable_containerinfo" = "yes" ||
+   test "$enable_containerinfo" = "auto"; then
+
+can_build_containerinfo=yes
+
+#
+# AC_VMW_CONTAINERINFO_MSG(library)
+#
+# Wrapper around AC_MSG_WARN to print a standard message about missing libraries.
+#
+#     library ($1): name of missing library / package.
+#
+AC_DEFUN([AC_VMW_CONTAINERINFO_MSG],[
+   can_build_containerinfo=no
+   AC_MSG_WARN(["$1 is missing which is required for building containerinfo plugin."])
+])
+
+   AC_VMW_DEFAULT_FLAGS([CURL])
+   AC_VMW_CHECK_LIB([curl],
+                    [CURL],
+                    [],
+                    [],
+                    [],
+                    [curl/curl.h],
+                    [curl_easy_init],
+                    [CURL_CPPFLAGS="$CURL_CPPFLAGS"],
+                    [AC_VMW_CONTAINERINFO_MSG([CURL])])
+
+   AC_VMW_CHECK_LIB([protobuf],
+                    [PROTOBUF],
+                    [protobuf],
+                    [],
+                    [3.0.0],
+                    [],
+                    [],
+                    [],
+                    [AC_VMW_CONTAINERINFO_MSG(["protobuf >= 3.0.0"])])
+
+   AC_VMW_DEFAULT_FLAGS([GRPC])
+   AC_VMW_CHECK_LIBXX([grpc++],
+                      [GRPC],
+                      [grpc++],
+                      [],
+                      [1.3.2],
+                      [grpc++/grpc++.h],
+                      [],
+                      [],
+                      [AC_VMW_CONTAINERINFO_MSG(["grpc++ >= 1.3.2"])])
+
+#
+# proto files needed by containerd grpc client.
+#
+   shared_prefix=/usr/share/gocode/src/github.com
+   AC_SUBST(CONTAINERD_PROTOPATH, $shared_prefix/containerd/containerd/api/services/containers/v1)
+   AC_SUBST(GOGO_PROTOPATH, $shared_prefix/gogo/protobuf)
+   AC_CHECK_FILE([${CONTAINERD_PROTOPATH}/containers.proto],
+                 [],
+                 [AC_VMW_CONTAINERINFO_MSG(["containerd package"])])
+   AC_CHECK_FILE([${GOGO_PROTOPATH}/gogoproto/gogo.proto],
+                 [],
+                 [AC_VMW_CONTAINERINFO_MSG(["gogoproto package"])])
+
+#
+# Binaries needed to build for containerd grpc client.
+#
+   AC_CHECK_PROG([GRPC_CPP], [grpc_cpp_plugin], [grpc_cpp_plugin], [not found])
+
+   if test "$GRPC_CPP" != "grpc_cpp_plugin"  ; then
+      AC_VMW_CONTAINERINFO_MSG(["grpc_cpp_plugin binary"])
+   fi
+
+   AC_CHECK_PROG([PROTOC], [protoc], [protoc], [not found])
+
+   if test "$PROTOC" != "protoc"  ; then
+      AC_VMW_CONTAINERINFO_MSG(["protoc binary"])
+   fi
+
+   if test "$can_build_containerinfo" = "no" ; then
+      if test "$enable_containerinfo" = "auto" ; then
+         enable_containerinfo=no
+         AC_MSG_WARN(["Cannot enable containerinfo plugin since one ore more required packages are missing."])
+      else
+         AC_MSG_ERROR(["Cannot enable containerinfo plugin since one or more required packages are missing. Please configure without containerinfo (using --disable-containerinfo), or install the necessary libraries and devel package(s)."])
+      fi
+   else
+      enable_containerinfo=yes
+   fi
+fi
+
 AC_ARG_ENABLE([vgauth],
    [AS_HELP_STRING([--disable-vgauth],
      [do not build vgauth.])],
@@ -1499,6 +1612,7 @@ AM_CONDITIONAL(HAVE_GNU_LD, test "$with_gnu_ld" = "yes")
 AM_CONDITIONAL(HAVE_GTKMM, test "$have_x" = "yes" -a \( "$with_gtkmm" = "yes" -o "$with_gtkmm3" = "yes" \) )
 AM_CONDITIONAL(HAVE_PAM, test "$with_pam" = "yes")
 AM_CONDITIONAL(USE_SLASH_PROC, test "$os" = "linux")
+AM_CONDITIONAL(ENABLE_CONTAINERINFO, test "$enable_containerinfo" = "yes")
 AM_CONDITIONAL(ENABLE_DEPLOYPKG, test "$enable_deploypkg" = "yes")
 AM_CONDITIONAL(ENABLE_VGAUTH, test "$enable_vgauth" = "yes")
 AM_CONDITIONAL(USE_XMLSEC1, test "$use_xmlsec1" = "yes")
@@ -1676,6 +1790,7 @@ AC_CONFIG_FILES([                      \
    services/plugins/gdp/Makefile       \
    services/plugins/appInfo/Makefile   \
    services/plugins/componentMgr/Makefile  \
+   services/plugins/containerInfo/Makefile   \
    services/plugins/serviceDiscovery/Makefile   \
    services/plugins/desktopEvents/Makefile \
    services/plugins/dndcp/Makefile     \

diff --git a/open-vm-tools/lib/include/conf.h b/open-vm-tools/lib/include/conf.h
@@ -109,6 +109,82 @@
  ******************************************************************************
  */
 
+/*
+ ******************************************************************************
+ * BEGIN containerInfo goodies.
+ */
+
+/**
+ * Defines the string used for the ContainerInfo config file group.
+ */
+#define CONFGROUPNAME_CONTAINERINFO "containerinfo"
+
+/**
+ * Define a custom ContainerInfo poll interval (in seconds).
+ *
+ * @note Illegal values result in a @c g_warning and fallback to the default
+ * poll interval.
+ *
+ * @param int   User-defined poll interval.  Set to 0 to disable polling.
+ */
+#define CONFNAME_CONTAINERINFO_POLLINTERVAL "poll-interval"
+
+/**
+ * Define the limit on the maximum number of containers to collect info from.
+ * If the number of running containers exceeds the limit, only the most recently
+ * created containers will be published.
+ *
+ * @note Illegal values result in a @c g_warning and fallback to the default
+ * max container limit.
+ *
+ * @param int   User-defined max limit for # of containers queried.
+ */
+#define CONFNAME_CONTAINERINFO_LIMIT "max-containers"
+
+/**
+ * Defines the configuration to remove duplicate containers.
+ *
+ * @param boolean Set to TRUE to remove duplicate containers.
+ *                Set to FALSE to keep duplicate containers.
+ */
+#define CONFNAME_CONTAINERINFO_REMOVE_DUPLICATES "remove-duplicates"
+
+/**
+ * Define the docker unix socket to use to communicate with the docker daemon.
+ *
+ * @note Illegal values result in a @c g_warning and fallback to docker's
+ * default unix socket.
+ *
+ * @param string  absolute file path of the docker unix socket in use.
+ */
+#define CONFNAME_CONTAINERINFO_DOCKERSOCKET "docker-unix-socket"
+
+/**
+ * Define the containerd unix socket to connect with containerd gRPC server.
+ * This should be used to get containers.
+ *
+ * @note Illegal values result in a @c g_warning and fallback to the containerd
+ * default unix socket.
+ *
+ * @param string  absolute file path of the containerd unix socket in use.
+ */
+#define CONFNAME_CONTAINERINFO_CONTAINERDSOCKET "containerd-unix-socket"
+
+/**
+ * Define the list of namespaces to be queried for the running containers.
+ *
+ * @note Illegal values result in a @c g_warning and fallback to the default
+ * list of namespaces.
+ *
+ * @param string  Comma separated list of namespaces to be queried.
+ */
+#define CONFNAME_CONTAINERINFO_ALLOWED_NAMESPACES "allowed-namespaces"
+
+/*
+ * END containerInfo goodies.
+ ******************************************************************************
+ */
+
 /*
  ******************************************************************************
  * BEGIN ServiceDiscovery goodies.

diff --git a/open-vm-tools/lib/include/vmware/guestrpc/containerInfo.h b/open-vm-tools/lib/include/vmware/guestrpc/containerInfo.h
@@ -0,0 +1,58 @@
+/*********************************************************
+ * Copyright (C) 2021 VMware, Inc. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published
+ * by the Free Software Foundation version 2.1 and no later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the Lesser GNU General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA.
+ *
+ *********************************************************/
+
+#ifndef _CONTAINERINFO_H_
+#define _CONTAINERINFO_H_
+
+/**
+ * @file containerInfo.h
+ *
+ * Common declarations that aid in sending container information
+ * from 'containerInfo' plugin in 'VMware Tools' to the host.
+ */
+
+/*
+ Sample JSON published to the guestinfo variable.
+ $ vmtoolsd --cmd "info-get guestinfo.vmtools.containerInfo" | jq
+ {
+  "version": "1",
+  "updateCounter": "11",
+  "publishTime": "2021-10-27T18:18:00.855Z",
+  "containerinfo": {
+    "k8s.io": [
+      {
+        "i": "k8s.gcr.io/pause"
+      }
+    ]
+  }
+}
+*/
+
+/* clang-format off */
+
+#define CONTAINERINFO_KEY                  "containerinfo"
+#define CONTAINERINFO_GUESTVAR_KEY         "vmtools." CONTAINERINFO_KEY
+#define CONTAINERINFO_VERSION_1            1
+#define CONTAINERINFO_KEY_VERSION          "version"
+#define CONTAINERINFO_KEY_UPDATE_COUNTER   "updateCounter"
+#define CONTAINERINFO_KEY_PUBLISHTIME      "publishTime"
+#define CONTAINERINFO_KEY_IMAGE            "i"
+
+/* clang-format on */
+
+#endif
diff --git a/open-vm-tools/services/plugins/Makefile.am b/open-vm-tools/services/plugins/Makefile.am
@@ -22,6 +22,9 @@ if LINUX
    SUBDIRS += guestStore
    SUBDIRS += componentMgr
 endif
+if ENABLE_CONTAINERINFO
+   SUBDIRS += containerInfo
+endif
 if ENABLE_SDMP
    SUBDIRS += serviceDiscovery
 endif