Open pikeas opened 1 week ago
Can you show the output of mount
on the container? It seems like /run/docker/netns/ingress_sbox
is a mount point, in which case I'd expect statvfs to be called on it π€
You can see a similar warning for container filesystems, including a workaround, mentioned here: https://vector.dev/docs/reference/configuration/sources/host_metrics/#warnings . I think you could also use exclude
to exclude generating filesystem statistics for that mountpoint.
Can you show the output of
mount
on the container?
Vector is running directly on the host, not in a container.
Can you show the output of
mount
on the container?Vector is running directly on the host, not in a container.
Ah, gotcha. Could you provide the output of mount
from the host then?
$ mount | grep netns
nsfs on /run/docker/netns/ingress_sbox type nsfs (rw)
nsfs on /run/docker/netns/[random id] type nsfs (rw) (a dozen of these)
This is a standard Docker Swarm cluster, so these were presumably created by Docker generally or by the Swarm agent specifically.
The files are owned by root but chmodded 444
, so they are world-readable. Is Vector either trying to write to them or trying to cd into them as if they were directories?
Thanks! Vector, via https://github.com/heim-rs/heim, is attempting to run statvfs on those mount points to generate filesystem statistics, and failing with the permissions error you saw above. I'd suggest using the excludes
rules to configure Vector not to try to generate filesystem statistics for those mountpoints. Something like:
filesystem:
mountpoints:
excludes:
- /run/docker/*
A note for the community
Problem
Vector is running on the host and is in the Docker group:
Files in
/run/docker/netns
are owned by root:IIUC, Vector shouldn't be trying to read these files. They are also size 0, so there's nothing inside of them to read.
Version
0.41.1