1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
|
<?xml version='1.0'?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
<chapter id="introduction">
<title>Introduction</title>
<indexterm>
<primary>Introduction</primary>
<secondary>performance monitoring</secondary>
</indexterm>
<indexterm>
<primary>performance monitoring</primary>
<secondary>Introduction</secondary>
</indexterm>
<!-- next 2 indexterms for documentation goals -->
<para>
SystemTap is a tracing and probing tool that allows users to study and monitor the activities of the operating system (particularly, the kernel) in fine detail. It provides information similar to the output of tools like <command>netstat</command>, <command>ps</command>, <command>top</command>, and <command>iostat</command>; however, SystemTap is designed to provide more filtering and analysis options for collected information.
</para>
<para condition="RedHat">
For system administrators, SystemTap can be used as a performance monitoring tool for &PROD;. It is most useful when other similar tools cannot precisely pinpoint a bottleneck in the system, requiring a deep analysis of kernel activity. In the same manner, application developers can also use SystemTap to monitor, in finer detail, how their application behaves within the Linux system.
</para>
<para condition="fedora">
For system administrators, SystemTap can be used as a performance monitoring tool for &PROD2;. It is most useful when other similar tools cannot precisely pinpoint a bottleneck in the system, requiring a deep analysis of kernel activity. In the same manner, application developers can also use SystemTap to monitor, in finer detail, how their application behaves within the Linux system.
</para>
<!--
<para>
SystemTap was developed as a Linux version of the DTrace tool (for <trademark>Sun Solaris</trademark>).
</para>
-->
<section id="goals">
<title>Documentation Goals</title>
<indexterm>
<primary>Introduction</primary>
<secondary>documentation goals</secondary>
</indexterm>
<indexterm>
<primary>documentation goals</primary>
<secondary>Introduction</secondary>
</indexterm>
<indexterm>
<primary>Introduction</primary>
<secondary>goals, documentation</secondary>
</indexterm>
<indexterm>
<primary>goals, documentation</primary>
<secondary>Introduction</secondary>
</indexterm>
<para>SystemTap provides the infrastructure to monitor the running Linux kernel for detailed analysis. This can assist administrators and developers in identifying the underlying cause of a bug or performance problem.</para>
<para>Without SystemTap, monitoring the activity of a running kernel would require a tedious instrument, recompile, install, and reboot sequence. SystemTap is designed to eliminate this, allowing users to gather the same information by simply running user-written SystemTap scripts.</para>
<para>However, SystemTap was initially designed for users with intermediate to advanced knowledge of the kernel. This makes SystemTap less useful to administrators or developers with limited knowledge of and experience with the Linux kernel. Moreover, much of the existing SystemTap documentation is similarly aimed at knowledgeable and experienced users. This makes learning the tool similarly difficult.</para>
<para>To lower these barriers the SystemTap Beginners Guide was written with the following goals:</para>
<!--
<para>However, SystemTap was initially designed for users with intermediate to advanced knowledge of the kernel. As such, much of the existing documentation for SystemTap is primarily for advanced users. This could present a steep learning curve for administrators or developers with limited knowledge of and experience with the Linux kernel.</para>
<para>In line with that, the main goals of the <citetitle>SystemTap Beginner's Guide</citetitle> are as follows:</para>
-->
<itemizedlist>
<listitem><para>To introduce users to SystemTap, familiarize them with its architecture, and provide setup instructions for all kernel types.</para></listitem>
<listitem><para>To provide pre-written SystemTap scripts for monitoring detailed activity in different components of the system, along with instructions on how to run them and analyze their output.</para></listitem>
</itemizedlist>
<!-- </formalpara> -->
<remark>above, Short description on the underlying goals of SystemTap_Beginners_Guide, what we want to teach users.</remark>
</section>
<!--
<section id="intro-usage">
<title>Usage</title>
<remark>
This section describes the practical uses of SystemTap, at a conceptual level. What a beginner can use SystemTap for, and what an advanced user can use SystemTap for.
</remark>
</section>
-->
<section id="intro-systemtap-vs-others">
<!-- <title>SystemTap Versus Other Monitoring Tools</title> -->
<title>SystemTap Capabilities</title>
<remark>
** Short summary; when is SystemTap suitable vs other popular monitoring tools (e.g. top, Oprofile, /proc)
</remark>
<indexterm>
<primary>Introduction</primary>
<secondary>capabilities of SystemTap</secondary>
</indexterm>
<indexterm>
<primary>capabilities of SystemTap</primary>
<secondary>Introduction</secondary>
</indexterm>
<para>SystemTap was originally developed as a working &PROD; version of old Linux probing tools such as <application>dprobes</application> and the Linux Trace Toolkit. SystemTap aims to supplement the existing suite of Linux monitoring tools by providing users with the infrastructure to track kernel activity. In addition, SystemTap combines this capability with two things:</para>
<!--
<para>SystemTap was originally developed as a working &PROD; version of old Linux probing tools such as <application>dprobes</application> and the Linux Trace Toolkit. Further, SystemTap can also be considered the Linux answer to <firstterm>Dtrace</firstterm>. Dtrace is a Sun Microsystems "dynamic tracing" framework that assists administrators in monitoring and troubleshooting kernel and user-space applications in real time.</para>
<para>SystemTap aims to supplement the existing suite of Linux monitoring tools by providing users with the infrastructure to track kernel activity. In addition, SystemTap combines this capability with two things:</para>-->
<itemizedlist>
<listitem><para>Flexibility: SystemTap's framework allows users to develop simple scripts for investigating and monitoring a wide variety of kernel functions, system calls, and other events that occur in kernel-space. With this, SystemTap is not soo much a <emphasis>tool</emphasis> as it is a system that allows you to develop your own kernel-specific forensic and monitoring tools.</para></listitem>
<listitem><para>Ease-Of-Use: as mentioned earlier, SystemTap allows users to probe kernel-space events without having to resort to instrument, recompile, install, and reboot the kernel.</para></listitem>
</itemizedlist>
<para>Most of the SystemTap scripts enumerated in <xref linkend="useful-systemtap-scripts"/> demonstrate system forensics and monitoring capabilities not natively available with other similar tools (such as <command>top</command>, <command>oprofile</command>, or <command>ps</command>). These scripts are provided to give readers extensive examples of the application of SystemTap, which in turn will educate them further on the capabilities they can employ when writing their own SystemTap scripts.</para>
<!--
<example id="introstory">
<title>A Simple SystemTap Case Study</title>
<para>The entire system is running slow. You suspect that this could be caused by a process (or multiple processes) performing an excessive amount of reads or writes to disk.</para>
<para>To test your theory, you write a simple SystemTap script that tracks how many reads and writes the system did in a 5-second time period. Once you prove your theory right, you then write another SystemTap script that tracks which processes are performing excessive reads/writes.</para>
<para>With a list of processes performing excessive reads/writes, you can then examine which ones are generating more I/O activity than expected.</para>
-->
<!--
<formalpara>
<title>Advantages</title>
<para>TBD</para>
</formalpara>
-->
<indexterm>
<primary>Introduction</primary>
<secondary>limitations of SystemTap</secondary>
</indexterm>
<indexterm>
<primary>limitations of SystemTap</primary>
<secondary>Introduction</secondary>
</indexterm>
<formalpara>
<title>Limitations</title>
<para>The current iteration of SystemTap allows for a multitude of options when probing kernel-space events. However, SystemTap's ability to probe user-space events is quite limited. At present, the developmental efforts of the SystemTap community are geared towards improving SystemTap's user-space probing capabilities.</para>
</formalpara>
</section>
</chapter>
|
