Building sysdig

Building Sysdig

Below versions of Sysdig are available in respective distributions at the time of creation of these build instructions:

• Ubuntu 16.04 has 0.8.0
• Ubuntu 18.04 has 0.24.1
• SLES 12 SP5 has 0.15.1

The instructions provided below specify the steps to build Sysdig version 0.26.7 on Linux on IBM Z for following distributions:

• RHEL (7.6, 7.7, 7.8, 8.1)
• SLES (12 SP4, 12 SP5, 15 SP1)
• Ubuntu (16.04, 18.04)

General Notes:

• When following the steps below please use a standard permission user unless otherwise specified.
• A directory /<source_root>/ will be referred to in these instructions, this is a temporary writable directory anywhere you'd like to place it.

Step 1: Build using script

If you want to build Sysdig using manual steps, go to step 2.

Use the following commands to build Sysdig using the build script. Please make sure you have wget installed.

wget https://raw.githubusercontent.com/linux-on-ibm-z/scripts/master/Sysdig/0.26.7/build_sysdig.sh

# Run bash build_sysdig.sh 
bash build_sysdig.sh  [Provide -t option for executing build with tests] 

In case of error, check logs for more details or go to Step 2 to follow manual build steps.

Step 2: Install dependencies

• RHEL (7.6, 7.7, 7.8, 8.1)

  sudo yum install -y wget tar git gcc cmake gcc-c++ make lua-devel.s390x kernel-devel-$(uname -r) hostname patch elfutils-libelf-devel.s390x elfutils-libelf-devel-static.s390x glibc-static libstdc++-static automake

• SLES (12 SP4, 12 SP5, 15 SP1)

  sudo zypper install -y which gawk wget tar git gcc cmake make gcc-c++ lua51 lua51-devel kernel-default-devel patch libelf-devel glibc-devel-static automake

  Note:

  • You may have to install a different (older) version of kernel-default-devel depending on what kernel is running.
    • First figure out which kernel version is running.

      uname -r

    • Then find the equivalent package version in the listing generated by:

      sudo zypper se -s kernel-default-devel

    • If the correct version is not installed, it can be installed with the following command.

      sudo zypper install -y --oldpackage kernel-default-devel=/<version>/

    • Replace /<version>/ with the full version number from the listing generated above e.g.

      kernel-default-devel=4.12.14-150.22.1

• Ubuntu (16.04, 18.04)

  sudo apt-get update
  sudo apt-get install -y wget tar gcc git cmake g++ lua5.1 lua5.1-dev linux-headers-$(uname -r) patch libelf-dev automake

2) Download source code

    mkdir /<source_root>
    export SOURCE_ROOT=/<source_root>/
    cd $SOURCE_ROOT
    git clone https://github.com/draios/sysdig.git
    cd sysdig
    git checkout 0.26.7
    mkdir build

3) Configure Sysdig

cd $SOURCE_ROOT/sysdig/build
cmake .. -DSYSDIG_VERSION=0.26.7

Note:

• kernel_directory is the one available in /lib/modules/. In case no kernel_directory is present in /lib/modules then create directory in /lib/modules/ using mkdir <dirname>, dirname name should match with one which is present in /usr/src (SLES/Ubuntu) or /usr/src/kernels (RHEL). Once kernel directory is created in /lib/modules/ perform the below softlink:

  • RHEL (7.6, 7.7, 7.8, 8.1)

    sudo ln -s /usr/src/kernels/<kernel_directory> /lib/modules/<kernel_directory>/build

  • SLES (12 SP4, 12SP5, 15 SP1) and Ubuntu (16.04, 18.04)

    sudo ln -s /usr/src/<kernel_directory> /lib/modules/<kernel_directory>/build

4) Build, run Tests (optional), and Install Sysdig

    cd $SOURCE_ROOT/sysdig/build/
    make
    make run-unit-tests
    sudo make install

5) Insert Sysdig driver module

    cd $SOURCE_ROOT/sysdig/build/driver/
    sudo insmod sysdig-probe.ko

Note: if sudo insmod sysdig-probe.ko says command not found, though insmod is installed, then have this command modified as sudo env PATH=/sbin:$PATH sysdig-probe.ko

Note:

• Refer to this for more information on running Sysdig as a non-root user.

Reference:

http://www.sysdig.com/

https://github.com/draios/sysdig