Bug 1397538

Summary: [RFE] [Supportability] pod to pod diagnostics infrastructure
Product: Red Hat Enterprise Linux 7 Reporter: Eric Rich <erich>
Component: rhel-tools-containerAssignee: Jindrich Novy <jnovy>
Status: CLOSED WONTFIX QA Contact: atomic-bugs <atomic-bugs>
Severity: high Docs Contact: Vikram Goyal <vigoyal>
Priority: unspecified    
Version: 7.3CC: dornelas, dwalsh, jeder
Target Milestone: rcKeywords: Extras, FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-01-15 07:28:46 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 1397539, 1420851    

Description Eric Rich 2016-11-22 18:27:45 UTC 
The rhel/tools container (https://access.redhat.com/containers/#/repo/57ea8cf09c624c035f96f3bb) needs a "pod to pod diagnostics infrastructure" (shipped with the rhel/tools container), and a set of defined "plugins" (enabled either based on options for the diagnostics infrastructure, or through auto discovery, based on the pod[s] being diagnosed). 

Execution of this diagnostics infrastructure should takes a given container, or set of containers (on the same host), and validate that the diagnostics infrastructure can reach all of the containers independently. 

The primary reason for using the "rhel/tools" container (as the entry point) for this, is that it provides a mechanism for Red Hat to address shipping and providing a single solution ("pod to pod diagnostics infrastructure") for diagnosing common issues with pods.

Making the pod to pod diagnostics infrastructure "plug-able" keeps every pod[s] diagnostics steps from being a cookie cutter shell when information is collected. In short, Python container issues are likely to be very different from JBoss container issues, and as such what diagnostics are done (or get enabled) need to be treated differently.
Comment 3 Daniel Walsh 2016-11-22 22:40:33 UTC 
You should strace the pid from the outside.  not necessary to enter the container.  But this is generally a problem of debugging across mnt namespaces.
Comment 7 Eric Rich 2016-11-23 16:48:58 UTC 
Connected to https://trello.com/c/XVqGqK1T/37-epic-next-generation-diagnostics-tool
Comment 9 Eric Rich 2016-11-30 21:15:29 UTC 
Could this RFE ue the same mechanism as atomic scan? http://developers.redhat.com/blog/2016/05/02/introducing-atomic-scan-container-vulnerability-detection/

This might remove the need for a tools container?
Comment 13 RHEL Program Management 2021-01-15 07:28:46 UTC 
After evaluating this issue, there are no plans to address it further or fix it in an upcoming release.  Therefore, it is being closed.  If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened.