Browse Prior Art Database

Method and system for run-time discovering software deployed on Linux containers with no monitoring inside containers

IP.com Disclosure Number: IPCOM000244259D
Publication Date: 2015-Nov-26
Document File: 2 page(s) / 38K

Publishing Venue

The IP.com Prior Art Database

Abstract

Method and system for run-time discovering software deployed on Linux containers with no monitoring inside containers

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 53% of the total text.

Page 01 of 2

Method and system for run -

-time discovering software deployed on Linux containers

                  time discovering software deployed on Linux containers with no monitoring inside containers

Typical Software Asset Management tool requires some component for running the software discovery on the managed endpoints (targets). There are known two ways of running such discovery:

agent-based - which requires some monitoring agent deployed on the target and such agent to run discovery (scan) operations
agent-less - which requires remote access to the monitored target to run some discovery (scan) operations

Both approaches requires some level of access to the scanned endpoint /target/device which means they are providing some impact to the way how the targets are operating / running their regular business workflow. Such impact is especially visible and significant on the Linux Containers (e.g. managed by Docker, http://docker.org) where containers are very light-weight, single-process-only type of sealed virtualized runtime context .

The idea described in this disclosure is to provide a method and system to run the software discovery of the software running within containers , yet without requiring any access to the scanner container (but rather to the hosting system where those containers are running).

It's an object of the current disclosure to provide a method and an implementing system, for a compute optimized and TCO-optimized solution of discovering software inventory in the virtualized environments running Linux Containers , especially on the dynamic Cloud environments.

The invention described here follows few basic assumptions :

1


Page 02 of 2


1.

A SAM discovery agent is deployed on the system where all the containers are spawned (aka Docker Engine host)

The Linux Container's virtualized filesystem content is visible from the host level

Both assumptions are met in both default & customized deployments of t...