I'm running two "services" that are served in linux kernel-space:
- Linux Netfilter Firewall ("iptables")
- Linux Virtual Server Loadbalancer ("IPVS", "LVS")
Now I want to (performance-)monitor my "application" like any other software I am running. What would that basically be? CPU-Time and Memory.
How do I get these out of the kernel? Memory consumption of iptables might be estimated by the size of the connection tracking table, same for ipvs. It's okay for me, but any hints are welcome.
But - what about the CPU time spent for processing Routing, Firewalling and Loadbalancing?
Does "system" time include processing of packet-forwarding and -filtering? What about ipvs-handling?
Any CPU time spent in the kernel gets accounted against "system". This includes all netfilter and IPVS processing, because that's all kernel space code.
As far as memory goes, again, all the data is kernel data structures, so it doesn't show up as a separate accountable group anywhere. As you suggest, the only way to get any idea of how much memory is in use is by examining the size of the conntrack and IPVS state tables.