Skip to content

Building sysdig

Jump to bottom
linuxonz edited this page Nov 21, 2024 · 51 revisions

Building Sysdig

Below versions of Sysdig are available in respective distributions at the time of creation of these build instructions:

  • Ubuntu 20.04 has 0.26.4
  • Ubuntu 22.04 has 0.27.1
  • Ubuntu (24.04, 24.10) have 0.36.0

The instructions provided below specify the steps to build Sysdig version 0.39.0 on Linux on IBM Z for following distributions:

  • RHEL (8.8, 8.10, 9.2, 9.4)
  • Ubuntu (20.04, 22.04, 24.04, 24.10)

General Notes:

  • When following the steps below please use a standard permission user unless otherwise specified.
  • A directory /<source_root>/ will be referred to in these instructions, this is a temporary writable directory anywhere you'd like to place it.

1. Build using script

If you want to build Sysdig using manual steps, go to step 2.

Use the following commands to build Sysdig using the build script. Please make sure you have wget installed.

wget https://raw.githubusercontent.com/linux-on-ibm-z/scripts/master/Sysdig/0.39.0/build_sysdig.sh

# Run bash build_sysdig.sh 
bash build_sysdig.sh  [Provide -t option for executing build with tests]

In case of error, check logs for more details or go to Step 2 to follow manual build steps.

2. Install dependencies

export SOURCE_ROOT=/<source_root>/

  • RHEL (8.8, 8.10, 9.2, 9.4)

    sudo yum install -y wget tar patch gcc gcc-c++ git bpftool clang cmake pkg-config elfutils-libelf-devel kernel-devel-$(uname -r) kmod llvm perl

  • Ubuntu (20.04)

    sudo apt-get update
sudo apt-get install -y git g++ linux-headers-generic cmake libelf-dev pkg-config kmod patch wget

  • Ubuntu (22.04, 24.04, 24.10)

    sudo apt-get update
sudo apt-get install -y git g++ linux-headers-generic cmake libelf-dev pkg-config kmod g++-11 clang llvm wget zlib1g patch wget
sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-11 11
sudo update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-11 11

  • Install clang-14 and llvm-14 (For Ubuntu-20.04 only)

    cd $SOURCE_ROOT
sudo apt-get update 
sudo apt install -y lsb-release wget software-properties-common gnupg
wget https://apt.llvm.org/llvm.sh
sed -i 's,add-apt-repository "${REPO_NAME}",add-apt-repository "${REPO_NAME}" -y,g' llvm.sh
chmod +x llvm.sh
sudo ./llvm.sh 14
rm ./llvm.sh

export CC=clang-14
export CXX=clang++-14
sudo ln -sf /usr/bin/clang-14 /usr/bin/clang
sudo ln -sf /usr/bin/clang++-14 /usr/bin/clang++
sudo update-alternatives --install /usr/bin/llvm-config llvm-config /usr/bin/llvm-config-14 200
sudo update-alternatives --install /usr/bin/llvm-strip  llvm-strip  /usr/bin/llvm-strip-14 200

  • Create link for kernel build if does not exist:

    For Rhel
    sudo mkdir -p /lib/modules/$(uname -r)
version=$(sudo yum info kernel-devel | grep Version | awk 'NR==1{print $3}')
release=$(sudo yum info kernel-devel | grep Release | awk 'NR==1{print $3}')
echo $version-$release.s390x
if [ ! -e "/lib/modules/$(uname -r)/build" ]; then
    sudo ln -s "/usr/src/kernels/$version-$release.s390x" "/lib/modules/$(uname -r)/build"
fi
    For Ubuntu
    sudo mkdir -p /lib/modules/$(uname -r)
version=$(ls /usr/src/ | grep generic | tail -1)
if [ ! -e "/lib/modules/$(uname -r)/build" ]; then
    sudo ln -s /usr/src/$version /lib/modules/$(uname -r)/build
fi

  • Install bpftool (For Ubuntu only)

    cd $SOURCE_ROOT
git clone --recurse-submodules https://github.com/libbpf/bpftool.git
cd bpftool && cd src
CLANG=Nope make   #For Ubuntu 20.04
make              #For Ubuntu 22.04, 24.04
sudo make install

Some features uses "skeletons" (feature-clang-bpf-co-re compilation option) which require kernel 5.15 or more recent, to compile bpftool, hence CLANG-flag is set to CLANG=Nope while compiling for Kernel versions < 5.15. Refer to this.

3. Download source code

cd $SOURCE_ROOT
git clone -b 0.39.0 https://github.com/draios/sysdig.git
cd sysdig
mkdir build

4. Configure, build and install Sysdig

4.1. Configure

cd $SOURCE_ROOT/sysdig/build
cmake -DCREATE_TEST_TARGETS=ON -DUSE_BUNDLED_DEPS=ON -DSYSDIG_VERSION=0.39.0 ..

4.2. Build Sysdig

cd $SOURCE_ROOT/sysdig/build
make
sudo make install

5. Testing (Optional)

  • To run the whole unit test suite
cd $SOURCE_ROOT/sysdig/build/
make run-unit-test-libsinsp

All the test cases should pass.

6. Insert Sysdig driver module

#Unload any existing module
sudo rmmod scap || true

#Insert Sysdig kernel module
cd $SOURCE_ROOT/sysdig/build/driver/
sudo insmod scap.ko

7. Validate installation (optional)

  • Validate Sysdig's version

    sysdig --version

    The output should be:

    sysdig version 0.39.0

  • Validate sysdig and csysdig binaries

    sudo /usr/local/bin/sysdig
sudo /usr/local/bin/csysdig

Note:

  • Refer to this for more information on running Sysdig as a non-root user.

References:

The information provided in this article is accurate at the time of writing, but on-going development in the open-source projects involved may make the information incorrect or obsolete. Please open issue or contact us on IBM Z Community if you have any questions or feedback.

Clone this wiki locally