Linux: Outils de monitoring/performances : Différence entre versions
m (Toine a déplacé la page Outils de monitoring/preformances vers Linux: Outils de monitoring/preformances) |
m (→Réseau) |
||
| Ligne 13 : | Ligne 13 : | ||
Usage: nstat [ -h?vVzrnasd:t: ] [ PATTERN [ PATTERN ] ] | Usage: nstat [ -h?vVzrnasd:t: ] [ PATTERN [ PATTERN ] ] | ||
Usage: rtacct [ -h?vVzrnasd:t: ] [ ListOfRealms ] | Usage: rtacct [ -h?vVzrnasd:t: ] [ ListOfRealms ] | ||
| + | == tracer les messages reseau sur un PID avec strace== | ||
| + | Par exemple, avec l'option -f pour suivre la trace sur les process fils du process en trace: | ||
| + | $ strace -v -f -e trace=network -p 4300 | ||
| + | strace: Process 4300 attached | ||
| + | socket(AF_NETLINK, SOCK_RAW, NETLINK_AUDIT) = 3 | ||
| + | sendmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(2)=[{"\35\0\0\0d\4\1\0\0\0\0\0\0\0\0\0", 16}, {"ping 8.8.8.8\0", 13}], msg_controllen=0, msg_flags=0}, 0) = 29 | ||
| + | strace: Process 23396 attached | ||
| + | [pid 23396] socket(AF_INET, SOCK_DGRAM, IPPROTO_ICMP) = -1 EACCES (Permission denied) | ||
| + | [pid 23396] socket(AF_INET, SOCK_RAW, IPPROTO_ICMP) = 3 | ||
| + | [pid 23396] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4 | ||
| + | [pid 23396] connect(4, {sa_family=AF_INET, sin_port=htons(1025), sin_addr=inet_addr("8.8.8.8")}, 16) = 0 | ||
| + | [pid 23396] getsockname(4, {sa_family=AF_INET, sin_port=htons(58430), sin_addr=inet_addr("192.168.1.16")}, [16]) = 0 | ||
| + | [pid 23396] setsockopt(3, SOL_RAW, ICMP_FILTER, ~(1<<ICMP_ECHOREPLY|1<<ICMP_DEST_UNREACH|1<<ICMP_SOURCE_QUENCH|1<<ICMP_REDIRECT|1<<ICMP_TIME_EXCEEDED|1<<ICMP_PARAMETERPROB), 4) = 0 | ||
| + | [pid 23396] setsockopt(3, SOL_IP, IP_RECVERR, [1], 4) = 0 | ||
| + | [pid 23396] setsockopt(3, SOL_SOCKET, SO_SNDBUF, [324], 4) = 0 | ||
| + | [pid 23396] setsockopt(3, SOL_SOCKET, SO_RCVBUF, [65536], 4) = 0 | ||
| + | [pid 23396] getsockopt(3, SOL_SOCKET, SO_RCVBUF, [131072], [4]) = 0 | ||
| + | [pid 23396] setsockopt(3, SOL_SOCKET, SO_TIMESTAMP, [1], 4) = 0 | ||
| + | [pid 23396] setsockopt(3, SOL_SOCKET, SO_SNDTIMEO, "\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 16) = 0 | ||
| + | [pid 23396] setsockopt(3, SOL_SOCKET, SO_RCVTIMEO, "\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 16) = 0 | ||
| + | [pid 23396] sendto(3, "\10\0\33\21[d\0\1\237\10wZ\0\0\0\0\242S\n\0\0\0\0\0\20\21\22\23\24\25\26\27"..., 64, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("8.8.8.8")}, 16) = 64 | ||
| + | [pid 23396] recvmsg(3, {msg_name(16)={sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("8.8.8.8")}, msg_iov(1)=[{"E\0\0T\321\360\0\0;\1\333\360\10\10\10\10\300\250\1\20\0\0#\21[d\0\1\237\10wZ"..., 192}], msg_controllen=32, [{cmsg_len=32, cmsg_level=SOL_SOCKET, cmsg_type=0x1d /* SCM_??? */}], msg_flags=0}, 0) = 84 | ||
| + | [pid 23396] --- SIGINT {si_signo=SIGINT, si_code=SI_KERNEL} --- | ||
| + | [pid 23396] +++ exited with 0 +++ | ||
| + | --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=23396, si_uid=1000, si_status=0, si_utime=0, si_stime=0} --- | ||
| + | |||
= outils eBPF (kernel > 4.2) = | = outils eBPF (kernel > 4.2) = | ||
Voir ces mécanismes : https://opensource.com/article/17/11/bccbpf-performance | Voir ces mécanismes : https://opensource.com/article/17/11/bccbpf-performance | ||
Version du 4 février 2018 à 13:37
Sommaire
Processeur
Top
Outil de base, top donne les performances globales, ou par coeur. Commandes intéressantes:
- 1 : bascule stats globales / par coeur.
Options intéressantes:
- -b -n 1 : cliché one-shot de tous les process.
Réseau
Ifop
iftop donne des stats sur une ou toutes les interfaces:
- sudo iftop -i ens0
nstat / rtacct
Usage: nstat [ -h?vVzrnasd:t: ] [ PATTERN [ PATTERN ] ]
Usage: rtacct [ -h?vVzrnasd:t: ] [ ListOfRealms ]
tracer les messages reseau sur un PID avec strace
Par exemple, avec l'option -f pour suivre la trace sur les process fils du process en trace:
$ strace -v -f -e trace=network -p 4300
strace: Process 4300 attached
socket(AF_NETLINK, SOCK_RAW, NETLINK_AUDIT) = 3
sendmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(2)=[{"\35\0\0\0d\4\1\0\0\0\0\0\0\0\0\0", 16}, {"ping 8.8.8.8\0", 13}], msg_controllen=0, msg_flags=0}, 0) = 29
strace: Process 23396 attached
[pid 23396] socket(AF_INET, SOCK_DGRAM, IPPROTO_ICMP) = -1 EACCES (Permission denied)
[pid 23396] socket(AF_INET, SOCK_RAW, IPPROTO_ICMP) = 3
[pid 23396] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid 23396] connect(4, {sa_family=AF_INET, sin_port=htons(1025), sin_addr=inet_addr("8.8.8.8")}, 16) = 0
[pid 23396] getsockname(4, {sa_family=AF_INET, sin_port=htons(58430), sin_addr=inet_addr("192.168.1.16")}, [16]) = 0
[pid 23396] setsockopt(3, SOL_RAW, ICMP_FILTER, ~(1<<ICMP_ECHOREPLY|1<<ICMP_DEST_UNREACH|1<<ICMP_SOURCE_QUENCH|1<<ICMP_REDIRECT|1<<ICMP_TIME_EXCEEDED|1<<ICMP_PARAMETERPROB), 4) = 0
[pid 23396] setsockopt(3, SOL_IP, IP_RECVERR, [1], 4) = 0
[pid 23396] setsockopt(3, SOL_SOCKET, SO_SNDBUF, [324], 4) = 0
[pid 23396] setsockopt(3, SOL_SOCKET, SO_RCVBUF, [65536], 4) = 0
[pid 23396] getsockopt(3, SOL_SOCKET, SO_RCVBUF, [131072], [4]) = 0
[pid 23396] setsockopt(3, SOL_SOCKET, SO_TIMESTAMP, [1], 4) = 0
[pid 23396] setsockopt(3, SOL_SOCKET, SO_SNDTIMEO, "\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 16) = 0
[pid 23396] setsockopt(3, SOL_SOCKET, SO_RCVTIMEO, "\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 16) = 0
[pid 23396] sendto(3, "\10\0\33\21[d\0\1\237\10wZ\0\0\0\0\242S\n\0\0\0\0\0\20\21\22\23\24\25\26\27"..., 64, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("8.8.8.8")}, 16) = 64
[pid 23396] recvmsg(3, {msg_name(16)={sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("8.8.8.8")}, msg_iov(1)=[{"E\0\0T\321\360\0\0;\1\333\360\10\10\10\10\300\250\1\20\0\0#\21[d\0\1\237\10wZ"..., 192}], msg_controllen=32, [{cmsg_len=32, cmsg_level=SOL_SOCKET, cmsg_type=0x1d /* SCM_??? */}], msg_flags=0}, 0) = 84
[pid 23396] --- SIGINT {si_signo=SIGINT, si_code=SI_KERNEL} ---
[pid 23396] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=23396, si_uid=1000, si_status=0, si_utime=0, si_stime=0} ---
outils eBPF (kernel > 4.2)
Voir ces mécanismes : https://opensource.com/article/17/11/bccbpf-performance
