Building Sysdig

Below versions of Sysdig are available in respective distributions at the time of creation of these build instructions:

• Ubuntu 20.04 has 0.26.4
• Ubuntu 22.04 has 0.27.1

The instructions provided below specify the steps to build Sysdig version 0.34.1 on Linux on IBM Z for following distributions:

• RHEL (7.8, 7.9, 8.6, 8.8, 8.9, 9.0, 9.2, 9.3)
• Ubuntu (20.04, 22.04)

General Notes:

• When following the steps below please use a standard permission user unless otherwise specified.
• A directory /<source_root>/ will be referred to in these instructions, this is a temporary writable directory anywhere you'd like to place it.

Step 1: Build using script

If you want to build Sysdig using manual steps, go to step 2.

Use the following commands to build Sysdig using the build script. Please make sure you have wget installed.

wget https://raw.githubusercontent.com/linux-on-ibm-z/scripts/master/Sysdig/0.34.1/build_sysdig.sh

# Run bash build_sysdig.sh 
bash build_sysdig.sh  [Provide -t option for executing build with tests] 

In case of error, check logs for more details or go to Step 2 to follow manual build steps.

Step 2: Install dependencies

export SOURCE_ROOT=/<source_root>/

• RHEL (7.8, 7.9)

  sudo yum install -y perl-IPC-Cmd devtoolset-11-gcc devtoolset-11-gcc-c++ devtoolset-11-binutils rh-git227-git.s390x pkgconfig kernel-devel kmod perl
  
  #switch to GCC 11   
  export PATH=/opt/rh/devtoolset-11/root/usr/bin:/usr/local/bin:$PATH
  #Enable git 2.27
  source /opt/rh/rh-git227/enable
  

• RHEL (8.6, 8.8, 8.9, 9.0, 9.2, 9.3)

  sudo yum install -y gcc gcc-c++ git cmake pkg-config elfutils-libelf-devel kernel-devel-$(uname -r) kmod perl
  

• Ubuntu (20.04, 22.04)

  sudo apt-get update
  sudo apt-get install -y git g++ linux-headers-generic cmake libelf-dev pkg-config kmod
  

• Install OpenSSL (Only on RHEL 7.x)

  cd $SOURCE_ROOT
  wget https://www.openssl.org/source/openssl-1.1.1l.tar.gz --no-check-certificate
  tar -xzf openssl-1.1.1l.tar.gz
  cd openssl-1.1.1l
  ./config --prefix=/usr/local --openssldir=/usr/local
  make
  sudo make install
  
  sudo mkdir -p /usr/local/etc/openssl
  sudo wget https://curl.se/ca/cacert.pem --no-check-certificate -P /usr/local/etc/openssl
  
  LD_LIBRARY_PATH=/usr/local/lib/:/usr/local/lib64/${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}
  export LD_LIBRARY_PATH
  export SSL_CERT_FILE=/usr/local/etc/openssl/cacert.pem
  

• Install CMake v3.20.3 (Only on RHEL 7.x)

  cd $SOURCE_ROOT
  wget https://github.com/Kitware/CMake/releases/download/v3.20.3/cmake-3.20.3.tar.gz --no-check-certificate
  tar -xvzf cmake-3.20.3.tar.gz
  cd cmake-3.20.3
  ./bootstrap
  make
  sudo make install
  cmake --version
  

Step 3: Download source code

cd $SOURCE_ROOT
git clone https://github.com/draios/sysdig.git
cd sysdig
git checkout 0.34.1
mkdir build

Step 4: Configure, build and install Sysdig

Step 4.1: Configure

cd $SOURCE_ROOT/sysdig/build
cmake -DCREATE_TEST_TARGETS=ON -DUSE_BUNDLED_DEPS=ON -DSYSDIG_VERSION=0.34.1 ..

Step 4.2: Build Sysdig

cd $SOURCE_ROOT/sysdig/build
make
sudo make install

Step 5: Insert Sysdig driver module

#Unload any existing module
sudo rmmod scap || true

#Insert Sysdig kernel module
cd $SOURCE_ROOT/sysdig/build/driver/
sudo insmod scap.ko

Step 6: Testing (Optional)

• To run the whole unit test suite

cd $SOURCE_ROOT/sysdig/build/
make run-unit-test-libsinsp

All the test cases should pass.

Step 7: Validate installation (optional)

• Validate Sysdig's version

  sysdig --version
  

  The output should be:

  sysdig version 0.34.1
  

• Validate sysdig and csysdig binaries

  sudo /usr/local/bin/sysdig
  sudo /usr/local/bin/csysdig
  

Note:

• Refer to this for more information on running Sysdig as a non-root user.

Reference:

• http://www.sysdig.com/
• https://github.com/draios/sysdig
• https://github.com/draios/sysdig/wiki/How-to-Install-Sysdig-from-the-Source-Code