-
Enhancement
-
Resolution: Unresolved
-
P4
-
None
Our current container detection on linux is too narrow. We only identify as running in a container when either:
1. the cgroup filesystem is read only
2. a hard memory/cpu cgroup limit is set.
This misses deployments that rely on soft limits for burstable workloads (for example, multiple containers sharing a host with memory/cpu prioritization but without hard caps). Today, we incorrectly classify these environments as non-containerized.
We should broaden detection to also treat these environments with soft cgroup limits as containerized, even if hard caps are absent.
1. the cgroup filesystem is read only
2. a hard memory/cpu cgroup limit is set.
This misses deployments that rely on soft limits for burstable workloads (for example, multiple containers sharing a host with memory/cpu prioritization but without hard caps). Today, we incorrectly classify these environments as non-containerized.
We should broaden detection to also treat these environments with soft cgroup limits as containerized, even if hard caps are absent.