Skip to content
/ ksight Public

A tool for Linux kernel observability, using eBPF technology, covering CPU, fs, memory and network subsystems 一款用于Linux内核可观测性的工具,采用eBPF技术,涉及CPU、文件、内存以及网络子系统

License

Apache-2.0 license
7 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ziyangfu/ksight

BranchesTags

Repository files navigation

ksight

1. 简介

一款用于Linux内核的可观测性定制命令行工具,覆盖CPU、内存、网络、IPC、文件、虚拟化等子系统。ksight寓意着洞见内核。

ksight family:

  • ksight:Linux内核可观测性定制工具。命令行,后端,可单独使用,正在开发中
  • ksight-lite:针对RTOS(AUTOSAR OS?)的可观测性定制工具。命令行,后端,可单独使用,计划开发中
  • ksight-ui: 跨平台应用软件(可能支持Windows),时间序列图表可视化,可交互。前端,与后端配套,计划开发中。

母项目直达:lmp

2. 架构

basic_arch

3. 安装

3.1 一键编译安装

sh ./run.sh

3.1 单独安装ksight

git clone --recurse-submodules <ksight_github_address>
# eg:git clone --recurse-submodules https://github.com/ziyangfu/ksight.git
mkdir build && cd build
# -------------------------------------------------------
# 若想要编译所有工具
cmake ..
# or
cmake -DBUILD_ALL=ON -DCMAKE_INSTALL_PREFIX=<install_dir> ..
# or
# 若想要编译单独某个工具,如 fs_watcher
cmake -DBUILD_FS_WATCHER=ON ..
# or
# 若想在x64平台交叉编译出arm64平台的程序(TARCH 即 target arch)
cmake -DBUILD_ALL=ON -DTARCH=arm64 ..
# -------------------------------------------------------
make
make install

3.2 安装ksight family

mkdir ksights
cd ksights
rm -rf ./.repo/  # 如此前有同步失败,需要先删除原有.repo目录;如果没有.repo目录,可以忽略此步骤
repo init -u git@github.com:ziyangfu/ksight-repo.git -b master -m default.xml
repo sync -d --fetch-submodules

4. 使用

ksight编译安装后,会存在多个可执行文件,用户如果想单独使用某个工具,也可以直接使用。 最推荐的方式是使用ksightCli,这是一个聚合所有工具的命令行前端,具有Tab自动补全的功能。更方便使用。 例如:

ksightCli netwatcher -h

Usage: net_watcher [--help] [--version] [--all] [--err] [--extra] [--retrans] [--time] [--http] [--sport VAR] [--dport VAR] [--udp] [--net_filter] [--drop_reason] [--addr_to_func] [--icmptime] [--tcpstate] [--timeload] [--dns] [--stack] [--count VAR] [--rtt] [--rst_counters]

Watch tcp/ip in network subsystem

Optional arguments:
  -h, --help          shows help message and exits 
  -v, --version       prints version information and exits 
  -a, --all           set to trace CLOSED connection 
  -e, --err           set to trace TCP error packets 
  -x, --extra         set to trace extra conn info 
  -r, --retrans       set to trace extra retrans info 
  -t, --time          set to trace layer time of each packet 
  -i, --http          set to trace http info 
  -s, --sport         trace this source port only [nargs=0..1] [default: 0]
  -d, --dport         trace this destination port only [nargs=0..1] [default: 0]
  -u, --udp           trace the udp message 
  -n, --net_filter    trace ipv4 packget filter 
  -k, --drop_reason   trace kfree 
  -F, --addr_to_func  translation addr to func and offset 
  -I, --icmptime      set to trace layer time of icmp 
  -S, --tcpstate      set to trace tcpstate 
  -L, --timeload      analysis time load 
  -D, --dns           set to trace dns information 
  -A, --stack         set to trace of stack 
  -C, --count         specify the time to count the number of requests [nargs=0..1] [default: 0]
  -T, --rtt           set to trace rtt 
  -U, --rst_counters  set to trace rst

About

A tool for Linux kernel observability, using eBPF technology, covering CPU, fs, memory and network subsystems 一款用于Linux内核可观测性的工具,采用eBPF技术,涉及CPU、文件、内存以及网络子系统

Topics

middleware linux-kernel embedded-systems vehicle ebpf autonomous-driving

Resources

Readme

License

Apache-2.0 license
Activity

Stars

7 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages