The approaches described in this section are approaches that could be pursued, but not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated, it should not be assumed that any of the approaches described in this section qualify as prior art merely by virtue of their inclusion in this section.
Programmatic containers (“containers”) encapsulate computer program applications within individual, relatively isolated runtime environments. For example, a container may bundle into a single package an application program with its dependencies, libraries, and configuration files. Thus, containers enable portability across different operating systems and different hardware environments. In other words, containers provide many of the benefits of virtual machine instances. At the same time, containers use significantly fewer resources than virtual machine instances. For example, a container may be several megabytes in size, whereas a virtual machine instance may be several gigabytes in size.
One reason for this difference is that a container uses the operating system kernel of its host computer, whereas a virtual machine instance includes an entire operating system that runs on top of the operating system kernel of its host computer. This lightweight aspect of containers makes them popular alternatives to virtual machine instances for developing computer program applications. For example, a computer program application may be deployed at one or more times as a set of containers. Furthermore, each container may include a set of code that exhibits simplified dependencies and/or is otherwise streamlined for performance efficiency.
However, the isolated nature of a container renders current approaches to visibility of software applications inefficient. As a monitored application runs inside a container while a monitoring component typically lives outside that container, gathering information regarding execution of the monitored application may not be straightforward. Even when such information is available to the monitoring component, correctly associating such information with a container to which such information pertains can be challenging.
The use of the operating system kernel by a container also requires more system security protection than offered by current approaches to visibility of software applications. A monitoring component is typically implemented as a kernel module, which can easily cause a complete system failure.
Therefore, it would be helpful to find an alternative instrumentation method that provides high-quality process execution data that allows full introspection of the monitored application without sacrificing the security of the host system.