Open csweichel opened 3 years ago
To create the connection -> PID mapping, maybe https://github.com/raboof/nethogs can be of inspiration. It solves the problem to show traffic per process.
Should we close https://github.com/gitpod-io/gitpod/issues/3059 as a duplicate? Besides the process, it would be useful to see the currently running foreground command.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
At the moment we scan
/proc/net/tcp{6}
to detect which ports are being used/served in a workspace. While this works reliably, it has the major downside that we cannot tell wich process serves this port - information that would be handy to display. Also, because of the polling delay, there's a delay in port detection.Possible solutions
seccomp-notify
User-namespaced workspaces make use of seccomp-notify. We could get notifications on
accept
, and use thesockfd
to get more information about the socket (which port, which address). workspacekit would then provide a Unix socket on which we serve port status information (either re-using supervisor's StatusService or coming up with our own).Alternatively, workspacekit could provide a file in a well-known location that offers port -> PID mappings, which we'd use to enhance the port information.
scanning
/proc
To identify the process that's serving a port, we could also scan
/proc
and match the sockets inode with the process FD. With proper caching it's conceivable that this solution could come in at an acceptable CPU/performance cost.