Laying the Groundwork to Monitor Docker Containers

Using Docker containers to deploy virtual applications might be a good idea, but how can an enterprise actually monitor what's going on? GroundWork believes its BoxSpy project is up to the task.


GroundWork today announced the open-source BoxSpy project as a technology that enables users to monitor Docker containers. Docker containers have become an increasingly popular form of application virtualization over the course of the past year, enabling greater density and efficiency than a traditional virtual machine hypervisor.

The BoxSpy project is based on the Google cAdvisor effort that enables the analysis of container performance and resource utilization.

However, GroundWork made a number of improvements to cAdvisor, David Dennis, the company's vice president of marketing and products, told eWEEK. Those improvements transform the cAdvisor application from a technology that is intended to be used as a small-environment, developer-centric monitoring tool to one that can work in large-scale production environments.

In addition, the work done in BoxSpy enables the technology to now interface with an external enterprise monitoring system such as GroundWork Monitor. Dennis noted that BoxSpy potentially can also connect with any other monitoring system that can read BoxSpy’s REST output.

"BoxSpy consumes much less system resources, provides cleaner data, and adds additional threshold and process monitoring compared to cAdvisor," Dennis said. "To do all this, BoxSpy uses techniques and concepts originally pioneered with the GroundWork Cloud Hub, with which it interfaces."

The GroundWork Cloud Hub is a monitoring system that can monitor multiple heterogeneous virtual server and cloud environments. BoxSpy is designed to work with GroundWork Monitor 7.02 or later, including the free GroundWork Monitor Core, and GroundWork Cloud Hub, according to Dennis.

One of the things that BoxSpy can help an organization with is an evaluation of the relative performance benefits of using a container versus the use of a traditional virtual machine. Dennis explained that because BoxSpy sends data to the GroundWork Cloud Hub, which can also monitor traditional virtual machines, an administrator can monitor both environments simultaneously with the same tool, for direct side-by-side comparisons.

Monitoring of a container environment is important, but so too is the orchestration of container application deployments, which is where tools like Google Kubernetes, Ansible and Red Hat Cloud Forms are useful. BoxSpy can be integrated with orchestration systems, with the GroundWork Cloud Hub acting as the unifying piece, talking to BoxSpy on one side and the orchestration system on the other side, Dennis said.

While there is no shortage of virtualization monitoring technologies in the marketplace, with containers there are a number of particular challenges. With a container, a virtual application is run on top of a host Linux operating system that typically enforces strict security controls. Dennis noted that conventional mechanisms for monitoring don't work well in container environments, primarily due to security, naming and networking reasons. BoxSpy itself is run as a container to enable monitoring of other containers.

When BoxSpy is started as a container, the Linux host system (/sys) directory is mapped as read-only into the container, according to Dennis.

"This mount allows BoxSpy to read CPU and memory metrics by container ID, which is obtained through the Docker API," he said. "Isolation and separation are guaranteed, since the virtual metric files are accessed read-only and are managed by the host system."

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.