On Wed, Jan 24, 2024 at 03:32:06PM -0500, Chuck Lever wrote: > On Wed, Jan 24, 2024 at 02:37:00PM -0500, Josef Bacik wrote: > > We are running nfsd servers inside of containers with their own network > > namespace, and we want to monitor these services using the stats found > > in /proc. However these are not exposed in the proc inside of the > > container, so we have to bind mount the host /proc into our containers > > to get at this information. > > > > Separate out the stat counters init and the proc registration, and move > > the proc registration into the pernet operations entry and exit points > > so that these stats can be exposed inside of network namespaces. > > Maybe I missed something, but this looks like it exposes the global > stat counters to all net namespaces...? Is that an information leak? > As an administrator I might be surprised by that behavior. > > Seems like this patch needs to make nfsdstats and nfsd_svcstats into > per-namespace objects as well. > > I've got the patches written for this, but I've got a question. There's a svc_seq_show(seq, &nfsd_svcstats); in nfsd/stats.c. This appears to be an empty struct, there's nothing that utilizes it, so this is always going to print 0 right? There's a svc_info in the nfsd_net, and that stats block appears to get updated properly. Should I print this out here? I don't see anywhere we get the rpc stats out of nfsd, am I missing something? I don't want to rip out stuff that I don't quite understand. Thanks, Josef
