This document describes the monitoring implementation that addresses the "Docker monitoring problem" as referenced in the DataDog blog post.
The monitoring system implements multi-level monitoring across three isolation levels:
- Process Level - Individual process monitoring within containers
- Container Level - Container-specific metrics and isolation monitoring
- Host Level - System-wide host metrics and resource monitoring
The monitoring addresses the gap between different isolation levels as described in the monitoring problem:
| Aspect | Process | Container | Host |
|---|---|---|---|
| Spec | Source | Dockerfile | Kickstart |
| On disk | .TEXT | /var/lib/docker | / |
| In memory | PID | Container ID | Hostname |
| In network | Socket | veth* | eth* |
| Runtime context | server core | host | data center |
| Isolation | moderate: memory space, etc. | private OS view: own PID space, file system, network interfaces | full: including own page caches and kernel |
./basic-docker monitor hostShows system-wide metrics including:
- Hostname and uptime
- Memory usage and availability
- CPU count and load average
- Disk usage
- Network interfaces (eth*)
- All containers on the host
./basic-docker monitor process <PID>Shows process-specific metrics including:
- Process ID, name, and status
- Memory usage (RSS and virtual)
- CPU time and percentage
- Thread count
- Open file descriptors
- Socket information
./basic-docker monitor container <container-id>Shows container-specific metrics including:
- Container ID, name, and status
- Memory usage and limits
- Network statistics (veth interfaces)
- Process list within container
- Namespace information
- Docker storage path
./basic-docker monitor allAggregates metrics from all monitoring levels in a single JSON output.
./basic-docker monitor gapAnalyzes monitoring gaps between isolation levels:
- Process to container correlation gaps
- Container to host visibility gaps
- Cross-level monitoring challenges
./basic-docker monitor correlation <container-id>Shows correlation between monitoring levels for a specific container, displaying the mapping table and detailed metrics.
ProcessMonitor- Reads from/proc/[pid]/files to gather process metricsContainerMonitor- Combines process monitoring with container metadataHostMonitor- Aggregates system-wide statistics from/proc/and/sys/
- Process metrics: Read from
/proc/[pid]/stat,/proc/[pid]/status, and/proc/[pid]/fd/ - Container metrics: Combine process metrics with container directory information
- Host metrics: Read from
/proc/meminfo,/proc/loadavg,/proc/uptime, and filesystem stats
The monitoring system identifies three categories of gaps:
- Process to Container: PID mapping, namespace isolation visibility, resource limit enforcement
- Container to Host: Network isolation vs visibility, filesystem overlay access, resource allocation
- Cross-Level: Transaction tracing, performance correlation, security event correlation
Run monitoring tests:
go test -v -run ".*Monitor.*"Run benchmarks:
go test -bench=BenchmarkMonitoring- The Docker Monitoring Problem
- Process isolation and namespace documentation
- Container runtime specifications