Abstract: A computer-implemented method of monitoring programmatic containers (containers) through executing a computer program in a kernel space is disclosed. The method comprises storing trace data in a memory buffer that is shared by the kernel space and a user space, the trace data being related to execution of a process associated with a container at an execution point of the process. The method also comprises retrieving container data related to the container through raw access of one or more kernel data structures when execution of the process is stopped. In addition, the method comprises storing the container data in association with the trace data in the memory buffer.

Abstract: Techniques for dynamically instrumenting code to capture cleartext from transformed communications are provided. In one technique, an operating system (OS) mechanism receives an OS call. The OS mechanism determines whether the OS call is of a particular type. In response to determining that the OS call is of the particular type, a certain location within executable code of a unction is identified. A user-level collection mechanism is inserted at the certain location. After inserting the user-level collection mechanism, code at the certain location is executed that causes the user-level collection mechanism to be executed.

Abstract: Techniques related to communication between independent containers are provided. In an embodiment, a first programmatic container includes one or more first namespaces in which an application program is executing. A second programmatic container includes one or more second namespaces in which a monitoring agent is executing. The one or more first namespaces are independent of the one or more second namespaces. A monitoring agent process hosts the monitoring agent. The monitoring agent is programmed to receive an identifier of the application program. The monitoring agent is further programmed to switch the monitoring agent process from the one or more second namespaces to the one or more first namespaces. After the switch, the monitoring agent process continues to execute in the second programmatic container, but communication is enabled between the application program and the monitoring agent via the monitoring agent process.

Abstract: A computer-implemented method of monitoring programmatic containers (containers) through executing a computer program in a kernel space is disclosed. The method comprises storing trace data in a memory buffer that is shared by the kernel space and a user space, the trace data being related to execution of a process associated with a container at an execution point of the process. The method also comprises retrieving container data related to the container through raw access of one or more kernel data structures when execution of the process is stopped. In addition, the method comprises storing the container data in association with the trace data in the memory buffer.

Abstract: A computer-implemented method of monitoring programmatic containers (containers) through executing a computer program in a kernel space is disclosed. The method comprises storing trace data in a memory buffer that is shared by the kernel space and a user space, the trace data being related to execution of a process associated with a container at an execution point of the process. The method also comprises retrieving container data related to the container through raw access of one or more kernel data structures when execution of the process is stopped. In addition, the method comprises storing the container data in association with the trace data in the memory buffer.

Abstract: Techniques related to communication between independent containers are provided. In an embodiment, a first programmatic container includes one or more first namespaces in which an application program is executing. A second programmatic container includes one or more second namespaces in which a monitoring agent is executing. The one or more first namespaces are independent of the one or more second namespaces. A monitoring agent process hosts the monitoring agent. The monitoring agent is programmed to receive an identifier of the application program. The monitoring agent is further programmed to switch the monitoring agent process from the one or more second namespaces to the one or more first namespaces. After the switch, the monitoring agent process continues to execute in the second programmatic container, but communication is enabled between the application program and the monitoring agent via the monitoring agent process.

Abstract: Techniques related to communication between independent containers are provided. In an embodiment, a first programmatic container includes one or more first namespaces in which an application program is executing. A second programmatic container includes one or more second namespaces in which a monitoring agent is executing. The one or more first namespaces are independent of the one or more second namespaces. A monitoring agent process hosts the monitoring agent. The monitoring agent is programmed to receive an identifier of the application program. The monitoring agent is further programmed to switch the monitoring agent process from the one or more second namespaces to the one or more first namespaces. After the switch, the monitoring agent process continues to execute in the second programmatic container, but communication is enabled between the application program and the monitoring agent via the monitoring agent process.

Abstract: A computer-implemented method comprises intercepting, by a first programmatic container of a first computing device, a system call made by a second programmatic container to an operating system of the first computing device. This example method also includes, in response to intercepting the system call, generating, by the first programmatic container, an enriched message based at least in part on the intercepted system call and a metrics message sent from the second programmatic container to an interface of the first computer. Further, this example method includes sending the enriched message to a monitoring application hosted on a second computer.

Abstract: A computer-implemented method comprises executing, in a first container of a first computer system, input source instructions; executing, using the same first computer system, a plurality of containerized application programs in different corresponding containers; monitoring, by the input source instructions, the one or more different containerized application programs by identifying one or more system calls that resulted from the different container applications generating statistical messages relating to operation of the containerized application programs; generating, by the input source instructions, one or more enriched messages based on the system calls that were identified and based on the statistical messages; transmitting the one or more enriched messages to a first metric collector, and aggregating a plurality of the enriched messages into a set of aggregated metrics values; sending, from the first metric collector to a monitoring application that is hosted on a second computer system, the aggregated

Abstract: A computer-implemented method of monitoring programmatic containers (containers) through executing a computer program in a kernel space is disclosed. The method comprises storing trace data in a memory buffer that is shared by the kernel space and a user space, the trace data being related to execution of a process associated with a container at an execution point of the process. The method also comprises retrieving container data related to the container through raw access of one or more kernel data structures when execution of the process is stopped. In addition, the method comprises storing the container data in association with the trace data in the memory buffer.

Abstract: A computer-implemented method of monitoring programmatic containers (containers) performed through executing a monitoring component in a user space is disclosed.

Abstract: Techniques related to communication between independent containers are provided. In an embodiment, a first programmatic container includes one or more first namespaces in which an application program is executing. A second programmatic container includes one or more second namespaces in which a monitoring agent is executing. The one or more first namespaces are independent of the one or more second namespaces. A monitoring agent process hosts the monitoring agent. The monitoring agent is programmed to receive an identifier of the application program. The monitoring agent is further programmed to switch the monitoring agent process from the one or more second namespaces to the one or more first namespaces. After the switch, the monitoring agent process continues to execute in the second programmatic container, but communication is enabled between the application program and the monitoring agent via the monitoring agent process.

Abstract: Techniques related to communication between independent containers are provided. In an embodiment, a first programmatic container includes one or more first namespaces in which an application program is executing. A second programmatic container includes one or more second namespaces in which a monitoring agent is executing. The one or more first namespaces are independent of the one or more second namespaces. A monitoring agent process hosts the monitoring agent. The monitoring agent is programmed to receive an identifier of the application program. The monitoring agent is further programmed to switch the monitoring agent process from the one or more second namespaces to the one or more first namespaces. After the switch, the monitoring agent process continues to execute in the second programmatic container, but communication is enabled between the application program and the monitoring agent via the monitoring agent process.

Abstract: A computer-implemented method of monitoring programmatic containers (containers) performed through executing a monitoring component in a user space is disclosed.

Abstract: Techniques related to communication between independent containers are provided. In an embodiment, a first programmatic container includes one or more first namespaces in which an application program is executing. A second programmatic container includes one or more second namespaces in which a monitoring agent is executing. The one or more first namespaces are independent of the one or more second namespaces. A monitoring agent process hosts the monitoring agent. The monitoring agent is programmed to receive an identifier of the application program. The monitoring agent is further programmed to switch the monitoring agent process from the one or more second namespaces to the one or more first namespaces. After the switch, the monitoring agent process continues to execute in the second programmatic container, but communication is enabled between the application program and the monitoring agent via the monitoring agent process.

Abstract: A computer-implemented method comprises executing, in a first container of a first computer system, input source instructions; executing, using the same first computer system, a plurality of containerized application programs in different corresponding containers; monitoring, by the input source instructions, the one or more different containerized application programs by identifying one or more system calls that resulted from the different container applications generating statistical messages relating to operation of the containerized application programs; generating, by the input source instructions, one or more enriched messages based on the system calls that were identified and based on the statistical messages; transmitting the one or more enriched messages to a first metric collector, and aggregating a plurality of the enriched messages into a set of aggregated metrics values; sending, from the first metric collector to a monitoring application that is hosted on a second computer system, the aggregated