I have a script I am running to monitor memory across docker containers and report it back to statsd.
It all boils down to being able to run:
docker ps and
docker exec container ps aux and parsing results.
The parsing logic is involved so I coded it in Ruby.
If I am to go with the “traditional” approach here I would just deploy the script and Ruby on all the machines and ensure an appropriate upstart job is about.
However, I would prefer to use docker for the packaging which would make updating stuff easier.
If I start up Docker in privileged mode will I be able to run nsenter on other running containers on the box?
If that is too tricky, how do I set up a container to perform this via the API without punching open gaping security holes?
Any other ideas on how to achieve this?