Use explicit Docker API version for container metadata

As of this writing, Docker recommends at least v1.24, so we use that. However, for e.g. RHEL 6/CentOS 6, which are stuck on Docker 1.7 with API version 1.19, we do a fallback request without the version number. This way, we use v1.24 if possible, and the newest supported version if not. Closes: #900
draios · Dec 6, 2017 · 6a73dba · 6a73dba
1 parent 0870afb
commit 6a73dba
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 10 deletions.
diff --git a/userspace/libsinsp/container.cpp b/userspace/libsinsp/container.cpp
@@ -624,15 +624,15 @@ bool sinsp_container_manager::container_to_sinsp_event(const string& json, sinsp
 }
 
 #ifndef _WIN32
-bool sinsp_container_manager::parse_docker(sinsp_container_info* container)
+sinsp_docker_response sinsp_container_manager::get_docker(const string& api_version, const string& container_id, string& json)
 {
 	string file = string(scap_get_host_root()) + "/var/run/docker.sock";
 
 	int sock = socket(PF_UNIX, SOCK_STREAM, 0);
 	if(sock < 0)
 	{
 		ASSERT(false);
-		return false;
+		return sinsp_docker_response::RESP_ERROR;
 	}
 
 	struct sockaddr_un address;
@@ -644,34 +644,59 @@ bool sinsp_container_manager::parse_docker(sinsp_container_info* container)
 
 	if(connect(sock, (struct sockaddr *) &address, sizeof(struct sockaddr_un)) != 0)
 	{
-		return false;
+		return sinsp_docker_response::RESP_ERROR;
 	}
 
-	string message = "GET /containers/" + container->m_id + "/json HTTP/1.0\r\n\n";
+	string message = "GET " + api_version + "/containers/" + container_id + "/json HTTP/1.0\r\n\n";
 	if(write(sock, message.c_str(), message.length()) != (ssize_t) message.length())
 	{
-		ASSERT(false);
-		close(sock);
-		return false;
+		return sinsp_docker_response::RESP_ERROR;
 	}
 
 	char buf[256];
-	string json;
 	ssize_t res;
+	json.clear();
 	while((res = read(sock, buf, sizeof(buf) - 1)) != 0)
 	{
 		if(res == -1 || json.size() > MAX_JSON_SIZE_B)
 		{
-			ASSERT(false);
 			close(sock);
-			return false;
+			return sinsp_docker_response::RESP_ERROR;
 		}
 
 		buf[res] = 0;
 		json += buf;
 	}
 
 	close(sock);
+	if(strncmp(json.c_str(), "HTTP/1.0 200 OK", sizeof("HTTP/1.0 200 OK") -1))
+	{
+		return sinsp_docker_response::RESP_BAD_REQUEST;
+	}
+
+	return sinsp_docker_response::RESP_OK;
+}
+
+bool sinsp_container_manager::parse_docker(sinsp_container_info* container)
+{
+	string json;
+        sinsp_docker_response resp = get_docker("/v1.24", container->m_id, json);
+	switch(resp) {
+		case sinsp_docker_response::RESP_BAD_REQUEST:
+			resp = get_docker("", container->m_id, json);
+			if (resp == sinsp_docker_response::RESP_OK)
+			{
+				break;
+			}
+			/* FALLTHRU */
+
+		case sinsp_docker_response::RESP_ERROR:
+			ASSERT(false);
+			return false;
+
+		case sinsp_docker_response::RESP_OK:
+			break;
+	}
 
 	size_t pos = json.find("{");
 	if(pos == string::npos)

diff --git a/userspace/libsinsp/container.h b/userspace/libsinsp/container.h
@@ -27,6 +27,13 @@ enum sinsp_container_type
 	CT_RKT = 4
 };
 
+enum sinsp_docker_response
+{
+	RESP_OK = 0,
+	RESP_BAD_REQUEST = 1,
+	RESP_ERROR = 2
+};
+
 class sinsp_container_info
 {
 public:
@@ -153,6 +160,7 @@ class sinsp_container_manager
 private:
 	string container_to_json(const sinsp_container_info& container_info);
 	bool container_to_sinsp_event(const string& json, sinsp_evt* evt);
+        sinsp_docker_response get_docker(const string& api_version, const string& container_id, string& json);
 	bool parse_docker(sinsp_container_info* container);
 	string get_docker_env(const Json::Value &env_vars, const string &mti);
 	bool parse_rkt(sinsp_container_info* container, const string& podid, const string& appname);