Notes on Linux namespaces and related things

Some notes about Linux namespaces and cgroups, based on the resources linked in the end of the page.

ip netns show and proc/

A quick search on ‘Linux namespaces’ usually turns up examples using ip netns, which might be confusing if it wasn’t used to create network namespaces, e.g. in the case of Docker (or Mininet). Namely, ip netns show will give you nothing, even when you clearly have things running in namespaces.

Referring to proc(5), information about a process’s namespaces and cgroups can be found under /proc/[pid]/ns and /proc/[pid]/cgroup, respectively. ip netns bind-mounts its ns directory (/proc/self/ns/net) to /run/netns, from where it gets the information that it would list. Hence, if netns wasn’t used, no bind mounted directory, and no listing.

ps(1)

In a related vein, given a process, it’s also possible to see some information about the namespaces and cgroups that it is associated with. Certain dialects of ps will let you display this information:

$ ps -eo pid,cgroup,netns,pidns
 6017 2:name=systemd:/user/1000.u 4026531956 4026531836
 6018 2:name=systemd:/user/1000.u 4026531956 4026531836
22772 11:hugetlb:/docker/505f3032          -          -
22843 11:hugetlb:/docker/a3685093          -          -

The options here would be:

  • cgroup – display control groups to which the process belongs.
  • ipcns – inode number describing the (IPC) namespace the process belongs to.
  • mntns – inode number describing the (mount) namespace the process belongs to.
  • netns – inode number describing the (network) namespace the process belongs to.
  • pidns – inode number describing the (PID) namespace the process belongs to.
  • userns – inode number describing the (User) namespace the process belongs to.
  • utsns – inode number describing the (UTS) namespace the process belongs to.

More information about each namespace type can be found in namespaces(7), although the particular man page isn’t guaranteed to be shipped. The particular ps and man page are shipped with 14.04, but Ubuntu’s online man pages seem to mysteriously omit it. Links to both provided below.

Looking through proc/

Even without ps, the same information can be gleaned from /proc/[pid]/. The inode numbers of a process’s namespace can be read from /proc/[pid]/task/[pid]/ns/:

$ readlink /proc/25414/task/25414/ns/*                  
ipc:[4026531839]
mnt:[4026531840]
net:[4026531956]
pid:[4026531836]
user:[4026531837]
uts:[4026531838]

And the cgroup(s), from /proc/[pid]/task/[pid]/cgroup:

$ cat /proc/25414/task/25414/cgroup
11:hugetlb:/
10:perf_event:/
9:blkio:/
8:freezer:/
7:devices:/
6:memory:/
5:cpuacct:/
4:cpu:/
3:cpuset:/
2:name=systemd:/user/1000.user/17.session

References:

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s