Shulou(Shulou.com)06/03 Report--

This article mainly explains "how to judge whether a virtual environment is a physical machine, a virtual machine or a container". The explanation in this article is simple, clear and easy to learn and understand. let's study and learn how to judge whether a virtual environment is a physical machine, a virtual machine or a container.

1. Judge the container

At present, there is no way to 100% accurately determine whether the virtual environment is a container, at least I have not found the relevant literature.

If the environment has a systemd-detect-virt command, it can be determined directly through the systemd-detect-virt-c command. If the output is none, it is not a container, otherwise the container type, such as lxc, will be output. At present, there are very few containers with systemd, and all I have seen is the ubuntu image of LXD, so this method is not widely applicable.

In addition, by other tricks judgment, the easiest way to judge a process with PID 1 is that it is a container if it is an application process, but if it is an init process or a systemd process, it is not necessarily a container. Of course, you cannot rule out the case that it is a container. For example, the process of a LXD/lXC instance is / sbin/init.

The container is different from the virtual machine in that the container and the host share the kernel, so theoretically there is no kernel file inside the container, unless the / boot directory of the host is mounted:

In addition, we know that containers implement resource restrictions through cgroup, and each container is put into a cgroup group. If it is Docker, the name of cgroup is docker-xxxx, where xxxx is the UUID of the Docker container.

The essence of controlling the resources of the container is to control the process resources running inside the container, so we can get clues by looking at the cgroup name of the process 1 inside the container.

The following is the cgroup information of me running busybox through Docker:

We can not only know that this is a Docker container, but also get that the UUID of the Docker container is 9ba. eleven.

Based on the above conclusion, the script to determine whether a virtual environment is Docker is:

Of course, if you only judge whether it is a Docker container, you can also distinguish whether it is a Docker container by determining whether a .dockerenv file exists:

Similar to the rkt container, the output is as follows:

The above\ x2d is the-sign:

So the script to determine whether a virtual environment is rkt is:

Curious about the operating environment of AWS lambda, I wrote a function output / proc/1/cgroup, which turned out to be:

Guessing is a running environment called sandbox, and it is probably also a container.

It is relatively complicated to determine whether the virtual environment is a container environment. Currently, there is no perfect solution. The summary process is as follows:

Determine whether the systemd-detect-virt-c command can be run, and if the output is none, it is not a container, otherwise the container type can be determined.

If PID 1 is the application itself, then the virtual environment is a container, otherwise it cannot be determined whether it is a container or not.

Determine whether there is a loaded kernel file, if not, it can be judged as a container, otherwise it cannot be determined whether it is a container.

Determine whether the / .dockerenv file exists, and if so, it is a Docker container, otherwise you cannot determine whether it is a container. Read the / proc/1/cgroup file to determine whether it contains keywords such as docker, rkt, and so on. If so, it is a container, otherwise you cannot determine whether it is a container.

In addition, it is important to note that the container must be the first to judge, because the container itself does not have any hardware virtualization, and the hardware feature information seen by the container is exactly the same as that seen by the host. Therefore, judging whether it is a virtual machine or physical machine through lscpu and DMI information described below is not applicable to the container. In other words, just because the Hypervisor vendore value of lscpu is KVM does not mean that it must be a KVM virtual machine, because it may also be a container. It is assumed below that it has been excluded as a container.

2. Judge the physical machine

If systemd is used, you can determine whether it is a physical machine directly through the systemd-detect-virt command:

If the output is none, it is a physical machine.

Of course, you can also output according to the lscpu command to see if there is a Hypervisor vendor attribute. If it does not have this attribute, it is generally a physical machine, and if it exists, it must be a virtual machine:

The most direct way to get the information of the physical machine is to view the DMI information / sys/firmware/dmi/tables/DMI and use the dmidecode command to decode it:

As you can see above, this is a physical machine, the manufacturer is HP, the model is ProLiant DL380 Gen9, and the serial number is 6CU6468KKD.

You can view the out-of-band IP of the physical server through the ipmitool command:

Of course, if it is a virtual machine, the above command will fail. You can also view physical information through other commands, such as the lshw command.

3. Judge the virtual machine

In fact, as mentioned earlier, if you use systemd, you can directly determine whether it is a virtual machine by using the systemd-detect-virt command:

If it is a virtual machine, the virtual machine type is output, such as kvm, oracle (virtualbox), xen, and so on.

Of course, you can also view the value of the Hypervisor vendor attribute according to the output of the lscpu command:

With the above command, one of my AWS virtual machines is output to Xen, and the Aliyun virtual machine is output to KVM,VirtualBox virtual machines as well as KVM, because I used KVM hardware to accelerate virtualization.

The output of my bricklayer virtual machine is also KVM, so it can be seen that the host machine of the bricklayer is also a KVM virtual machine.

Through the above method, you can get the virtualization type of the virtual machine. Can you get more information? Referring to the acquisition method of the physical machine, we can obtain more virtual machine information through the dmidecode command. For example, I run the following command on an OpenStack virtual machine:

If Manufacturer is OpenStack Foundation, it means that it runs on OpenStack platform, and Version is the Nova version. According to the releases of OpenStack, 15.0.1 corresponds to OpenStack Ocata version, and UUID is the UUID of the virtual machine.

The output of a virtual machine on AWS is:

The word amazon is marked in Version.

The Aliyun virtual machine is as follows (thanks to L for the output):

It can be seen that although we can get the clues of the cloud vendor from the system information, in fact, there is no unified standard for the system information of the virtual machine, some are reflected in version, some are shown in Product Name, and it all depends on the cloud vendor's own configuration.

As above, integrate the following script to make a preliminary judgment:

As mentioned above, we can also determine whether the public cloud is based on OpenStack. For example, Huawei's virtual machine output is OpenStack, but we can roughly guess that Huawei's public cloud is based on OpenStack.

AWS and OpenStack virtual machines can also get more information through metadata or ConfigDrive. Take metadata as an example:

Get the ID of the virtual machine:

Get instance type (specification):

Get the public IP (elastic IP) of the virtual machine, which is useful because the virtual machine cannot view the elastic IP through ifconfig, and often forgets its own public IP after logging in to the virtual machine:

Others, such as vpc-id, ami id (Mirror id), security group, public key name, etc., can be obtained in this way.

If it is OpenStack, you can also use OpenStack's metadata to get more information:

As above, you can get the tenant ID, volume type and other information of the virtual machine. Of course, evil points can get the initialization root password of the virtual machine by looking at userdata. AWS can even view AccessKeyId and SecretAccessKey.

4. Summary

Several methods to determine the type of virtualized environment are summarized above, which are not necessarily accurate and are for reference only. Of course, there may be other better methods.

The following is a script to detect the type of virtualization written according to the previous conclusion, which is not necessarily robust and complete, and is for reference only:

Thank you for your reading. the above is the content of "how to judge whether a virtual environment is a physical machine, a virtual machine or a container". After the study of this article, I believe you have a deeper understanding of how to judge whether a virtual environment is a physical machine, a virtual machine or a container. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.