Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-5830

The instructions of “Enable CPU and memory profiling” is not accurate

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • 4.13.0
    • Security Profiles Operator
    • None
    • Moderate
    • False
    • Hide

      None

      Show
      None 

      Per the instructions, every container is using a different port, while actually only the log-enricher will show the port in logs. Besides, the heap profiles could not be curled and users could not use the pprof tool to look at the heap profile:
$ oc logs --selector name=spod -c security-profiles-operator | grep "Starting profiling"
$ oc logs --selector name=spod -c log-enricher -n security-profiles-operator | grep "Starting profiling"
I0113 13:33:36.056347 1890182 logr.go:261]  "msg"="Starting profiling server" "endpoint"=":6062"
I0113 13:33:16.670072 1366343 logr.go:261]  "msg"="Starting profiling server" "endpoint"=":6062"
I0113 13:33:17.290901 1174769 logr.go:261]  "msg"="Starting profiling server" "endpoint"=":6062"
I0113 13:33:44.871974 1021640 logr.go:261]  "msg"="Starting profiling server" "endpoint"=":6062"
$ oc logs --selector name=spod -c bpf-recorder | grep "Starting profiling"
error: container bpf-recorder is not valid for pod spod-b8k4r
$ oc get pod -l name=spod -o wide 
NAME         READY   STATUS    RESTARTS   AGE   IP            NODE                             NOMINATED NODE   READINESS GATES
spod-b8k4r   4/4     Running   0          33m   10.128.1.54   xiyuan-412a-sf5xx-master-0       <none>           <none>
spod-l7s92   4/4     Running   0          33m   10.128.2.94   xiyuan-412a-sf5xx-worker-shnp4   <none>           <none>
spod-smgzc   4/4     Running   0          33m   10.131.0.97   xiyuan-412a-sf5xx-worker-h5b7p   <none>           <none>
spod-tjqs2   4/4     Running   0          33m   10.130.0.72   xiyuan-412a-sf5xx-master-1       <none>           <none>
spod-xfzxf   4/4     Running   0          33m   10.129.0.83   xiyuan-412a-sf5xx-master-2       <none>           <none>
 
$ go tool pprof http://10.128.2.94:6062/debug/pprof/heap
Fetching profile over HTTP from http://10.128.2.94:6062/debug/pprof/heap
http://10.128.2.94:6062/debug/pprof/heap: server response: 503 Service Unavailable
$ go tool pprof http://10.128.1.54:6062/debug/pprof/profile?seconds=30
Fetching profile over HTTP from http://10.128.1.54:6062/debug/pprof/profile?seconds=30
http://10.128.1.54:6062/debug/pprof/profile?seconds=30: Get "http://10.128.1.54:6062/debug/pprof/profile?seconds=30": net/http: timeout awaiting response headers
failed to fetch any source profiles

      Expected results:

      Follow the instructions, every container is using a different port. And users could use the pprof tool to look at the heap profile.

      Additional info:

            wenshen@redhat.com Vincent Shen
            xiyuan@redhat.com Xiaojie Yuan
            Xiaojie Yuan Xiaojie Yuan
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: