Merge 4fc86317c8 into c95e0d57b6

Dockerfile

@@ -60,6 +60,7 @@ RUN apk --update --no-cache add \
     python3 \
     py3-pip \
     rrdtool \
+    rrdtool-cached \
     runit \
     shadow \
     syslog-ng=3.30.1-r4 \
@@ -109,7 +110,7 @@ RUN apk --update --no-cache add -t build-dependencies \
     linux-headers \
     musl-dev \
     python3-dev \
-  && git clone --branch ${LIBRENMS_VERSION} https://github.com/librenms/librenms.git . \
+  && git clone --depth 1 --branch ${LIBRENMS_VERSION} https://github.com/librenms/librenms.git . \
   && pip3 install --ignore-installed -r requirements.txt --upgrade \
   && COMPOSER_CACHE_DIR="/tmp" composer install --no-dev --no-interaction --no-ansi \
   && mkdir config.d \
@@ -131,7 +132,7 @@ RUN apk --update --no-cache add -t build-dependencies \
 
 COPY rootfs /
 
-EXPOSE 8000 514 514/udp 162 162/udp
+EXPOSE 8000 42217 514 514/udp 162 162/udp
 VOLUME [ "/data" ]
 
 ENTRYPOINT [ "/init" ]

README.md

@@ -27,6 +27,7 @@ If you are interested, [check out](https://hub.docker.com/r/crazymax/) my other
 * [Dispatcher service](doc/docker/environment-variables.md#dispatcher-service) as "sidecar" container
 * Syslog-ng support through a ["sidecar" container](doc/docker/environment-variables.md#syslog-ng)
 * Snmp-trap support through a ["sidecar" container](doc/docker/environment-variables.md#snmptrapd)
+* Sidecar modular service mode or stand-alone mode
 * Built-in LibreNMS [Weathermap plugin](https://docs.librenms.org/Extensions/Weathermap/)
 * Ability to add custom Monitoring plugins
 * Ability to add custom alert templates
@@ -38,6 +39,10 @@ If you are interested, [check out](https://hub.docker.com/r/crazymax/) my other
 * [msmtpd SMTP relay](https://github.com/crazy-max/docker-msmtpd) image to send emails
 * [MariaDB](https://github.com/docker-library/mariadb) image as database instance
 
+## Quick Start
+
+Visit the [usage documentation](doc/usage.md) and run the stand-alone docker compose.
+
 ## Build locally
 
 ```shell

doc/usage.md

@@ -1,15 +1,46 @@
-## Use this image
+# Use this image
 
-### Docker Compose
+## Docker Compose
 
-Docker compose is the recommended way to run this image. Copy the content of folder [examples/compose](../examples/compose) in `/var/librenms/` on your host for example. Edit the compose and env files with your preferences and run the following commands:
+Docker compose is the recommended way to run this image.
 
-```bash
+### Modular sidecar layout
+
+Copy the contents of the examples folder [examples/compose](../examples/compose) to your host.
+Edit the compose and env files with your preferences and run the following commands:
+You should carefully review the Docker compose file and edit it to suit your needs.
+
+```shell
 docker-compose up -d
 docker-compose logs -f
 ```
 
-### Command line
+### Stand-alone layout
+
+Install mariadb and librenms as two containers listening on port 8000.
+This uses pwgen to generate a random mysql password, alternatively, you may just enter a password.
+
+```shell
+wget https://raw.githubusercontent.com/librenms/docker/master/examples/compose/docker-compose-standalone.yml
+MYSQL_PASSWORD="`pwgen -Bs1 12`" docker-compose -f docker-compose-standalone.yml up -d
+docker-compose logs -f
+```
+
+### Stand-alone layout with HTTPS
+
+Use Traefik to generate a letsencrypt ssl certificate and redirect to https.  Uses pwgen.
+
+```shell
+wget https://raw.githubusercontent.com/librenms/docker/master/examples/compose/docker-compose-standalone-https.yml
+MYSQL_PASSWORD="`pwgen -Bs1 12`" \
+LETSENCRYPT_EMAIL="email@example.com" \
+LIBRENMS_BASE_URL="public-dns.example.com" \
+docker-compose -f docker-compose-standalone-https.yml up -d
+
+docker-compose logs -f
+```
+
+## Command line
 
 You can also use the following minimal command :
 
@@ -17,13 +48,14 @@ You can also use the following minimal command :
 docker run -d -p 8000:8000 --name librenms \
   -v $(pwd)/data:/data \
   -e "DB_HOST=db" \
+  -e "STANDALONE=1" \
   librenms/librenms:latest
 ```
 
 > `-e "DB_HOST=db"`<br />
 > :warning: `db` must be a running MySQL instance
 
-### First launch
+## First launch
 
 On first launch, an initial administrator user will be created:
 

examples/compose/docker-compose-standalone-https.yml

@@ -0,0 +1,88 @@
+version: "3.5"
+
+services:
+  db:
+    image: mariadb:10.7
+    container_name: librenms_db
+    restart: always
+    command:
+      - "mysqld"
+      - "--innodb-file-per-table=1"
+      - "--lower-case-table-names=0"
+      - "--character-set-server=utf8mb4"
+      - "--collation-server=utf8mb4_unicode_ci"
+    volumes:
+      - "./db:/var/lib/mysql"
+    environment:
+      - "TZ=${TZ}"
+      - "MYSQL_ALLOW_EMPTY_PASSWORD=yes"
+      - "MYSQL_DATABASE=librenms"
+      - "MYSQL_USER=librenms"
+      - "MYSQL_PASSWORD=${MYSQL_PASSWORD}"
+
+  # simple static Traefik config, you may want to use the docker provider and labels instead
+  traefik:
+    image: traefik:2.7 # please check version tag to use the most current version
+    restart: unless-stopped
+    volumes:
+      - ./letsencrypt/:/letsencrypt/       # TLS certificate storage
+    ports:
+      - "80:80"
+      - "443:443"
+    command:
+      - "--entryPoints.web.address=:80"
+      - "--entryPoints.websecure.address=:443"
+      - "--certificatesresolvers.letsencryptresolver.acme.tlschallenge=true"
+      - "--certificatesresolvers.letsencryptresolver.acme.tlschallenge.entrypoint=websecure"
+      - "--certificatesresolvers.letsencryptresolver.acme.email=$LETSENCRYPT_EMAIL"
+      - "--certificatesresolvers.letsencryptresolver.acme.storage=/letsencrypt/acme.json"
+      - "--certificatesresolvers.letsencryptresolver.acme.caserver: https://acme-staging-v02.api.letsencrypt.org/directory" # Use staging server first
+      - "--http.routers.http-catchall.entrypoints=web"
+      - "--http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
+      - "--http.routers.http-catchall.middlewares=redirect-to-https"
+      - "--http.middlewares.redirect-to-https.redirectscheme.scheme=https"
+      - "--http.routers.librenms.entrypoints=websecure"
+      - "--http.routers.librenms.tls.certresolver=letsencryptresolver"
+      - "--http.routers.librenms.rule=Host(`$LIBRENMS_BASE_URL`)"
+      - "--http.routers.librenms.service=librenms"
+
+  librenms:
+    image: librenms/librenms:latest
+    container_name: librenms
+    hostname: librenms
+    restart: always
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    ports:
+      - target: 8000
+        published: 8000
+        protocol: tcp
+      - target: 162
+        published: 162
+        protocol: tcp
+      - target: 162
+        published: 162
+        protocol: udp
+      - target: 514
+        published: 514
+        protocol: tcp
+      - target: 514
+        published: 514
+        protocol: udp
+    depends_on:
+      - db
+    volumes:
+      - "./librenms:/data"
+    environment:
+      - "STANDALONE=1"
+      - "TZ=${TZ}"
+      - "PUID=${PUID}"
+      - "PGID=${PGID}"
+      - "DB_HOST=db"
+      - "DB_NAME=librenms"
+      - "DB_USER=librenms"
+      - "DB_PASSWORD=${MYSQL_PASSWORD}"
+      - "DB_TIMEOUT=60"
+
+

examples/compose/docker-compose-standalone.yml

@@ -0,0 +1,60 @@
+version: "3.5"
+
+services:
+  db:
+    image: mariadb:10.7
+    container_name: librenms_db
+    command:
+      - "mysqld"
+      - "--innodb-file-per-table=1"
+      - "--lower-case-table-names=0"
+      - "--character-set-server=utf8mb4"
+      - "--collation-server=utf8mb4_unicode_ci"
+    volumes:
+      - "./db:/var/lib/mysql"
+    environment:
+      - "TZ=${TZ}"
+      - "MYSQL_ALLOW_EMPTY_PASSWORD=yes"
+      - "MYSQL_DATABASE=librenms"
+      - "MYSQL_USER=librenms"
+      - "MYSQL_PASSWORD=${MYSQL_PASSWORD}"
+    restart: always
+
+  librenms:
+    image: librenms/librenms:latest
+    container_name: librenms
+    hostname: librenms
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    ports:
+      - target: 8000
+        published: 8000
+        protocol: tcp
+      - target: 162
+        published: 162
+        protocol: tcp
+      - target: 162
+        published: 162
+        protocol: udp
+      - target: 514
+        published: 514
+        protocol: tcp
+      - target: 514
+        published: 514
+        protocol: udp
+    depends_on:
+      - db
+    volumes:
+      - "./librenms:/data"
+    environment:
+      - "STANDALONE=1"
+      - "TZ=${TZ}"
+      - "PUID=${PUID}"
+      - "PGID=${PGID}"
+      - "DB_HOST=db"
+      - "DB_NAME=librenms"
+      - "DB_USER=librenms"
+      - "DB_PASSWORD=${MYSQL_PASSWORD}"
+      - "DB_TIMEOUT=60"
+    restart: always

examples/compose/docker-compose.yml

@@ -20,13 +20,6 @@ services:
       - "MYSQL_PASSWORD=${MYSQL_PASSWORD}"
     restart: always
 
-  memcached:
-    image: memcached:alpine
-    container_name: librenms_memcached
-    environment:
-      - "TZ=${TZ}"
-    restart: always
-
   redis:
     image: redis:5.0-alpine
     container_name: librenms_redis
@@ -54,7 +47,6 @@ services:
         protocol: tcp
     depends_on:
       - db
-      - memcached
       - msmtpd
     volumes:
       - "./librenms:/data"
@@ -69,6 +61,7 @@ services:
       - "DB_USER=${MYSQL_USER}"
       - "DB_PASSWORD=${MYSQL_PASSWORD}"
       - "DB_TIMEOUT=60"
+      - "RRDCACHED_SERVER=rrdcached:42217"
       - "REDIS_HOST=redis"
       - "REDIS_PORT=6379"
       - "REDIS_DB=0"
@@ -97,6 +90,7 @@ services:
       - "DB_USER=${MYSQL_USER}"
       - "DB_PASSWORD=${MYSQL_PASSWORD}"
       - "DB_TIMEOUT=60"
+      - "RRDCACHED_SERVER=rrdcached:42217"
       - "DISPATCHER_NODE_ID=dispatcher1"
       - "REDIS_HOST=redis"
       - "REDIS_PORT=6379"
@@ -170,3 +164,28 @@ services:
       - "DB_TIMEOUT=60"
       - "SIDECAR_SNMPTRAPD=1"
     restart: always
+
+  rrdcached:
+    image: librenms/librenms:latest
+    container_name: librenms_rrdcached
+    hostname: librenms-rrdcached
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    depends_on:
+      - librenms
+    ports:
+      - target: 42217
+        published: 42217
+        protocol: tcp
+    volumes:
+      - "./librenms:/data"
+    env_file:
+      - "./librenms.env"
+    environment:
+      - "TZ=${TZ}"
+      - "PUID=${PUID}"
+      - "PGID=${PGID}"
+      - "SIDECAR_RRDCACHED=1"
+      - "RRDCACHED_SERVER=rrdcached:42217"
+    restart: always

examples/compose/librenms.env

@@ -6,8 +6,6 @@ REAL_IP_HEADER=X-Forwarded-For
 LOG_IP_VAR=remote_addr
 
 LIBRENMS_SNMP_COMMUNITY=librenmsdocker
-MEMCACHED_HOST=memcached
-MEMCACHED_PORT=11211
 
 LIBRENMS_WEATHERMAP=false
-LIBRENMS_WEATHERMAP_SCHEDULE=*/5 * * * *
+LIBRENMS_WEATHERMAP_SCHEDULE="*/5 * * * *"

rootfs/etc/cont-init.d/03-config.sh

@@ -33,6 +33,7 @@ LISTEN_IPV6=${LISTEN_IPV6:-true}
 REAL_IP_FROM=${REAL_IP_FROM:-"0.0.0.0/32"}
 REAL_IP_HEADER=${REAL_IP_HEADER:-"X-Forwarded-For"}
 LOG_IP_VAR=${LOG_IP_VAR:-remote_addr}
+STANDALONE=${STANDALONE:-0}
 
 MEMCACHED_PORT=${MEMCACHED_PORT:-11211}
 
@@ -172,6 +173,10 @@ EOL
 fi
 
 # Config : RRDcached
+if [ -n "${STANDALONE}" ]; then
+RRDCACHED_SERVER="127.0.0.1:42217"
+fi
+
 if [ -n "${RRDCACHED_SERVER}" ]; then
     cat > ${LIBRENMS_PATH}/config.d/rrdcached.php <<EOL
 <?php

rootfs/etc/cont-init.d/05-svc-dispatcher.sh

@@ -28,6 +28,7 @@ DB_NAME=${DB_NAME:-librenms}
 DB_USER=${DB_USER:-librenms}
 DB_TIMEOUT=${DB_TIMEOUT:-60}
 
+STANDALONE=${STANDALONE:-0}
 SIDECAR_DISPATCHER=${SIDECAR_DISPATCHER:-0}
 #DISPATCHER_NODE_ID=${DISPATCHER_NODE_ID:-dispatcher1}
 
@@ -39,6 +40,27 @@ REDIS_SENTINEL_SERVICE=${REDIS_SENTINEL_SERVICE:-librenms}
 file_env 'REDIS_PASSWORD'
 REDIS_DB=${REDIS_DB:-0}
 
+# If stand-alone or dispatcher sidecar, install the service
+if [ "$STANDALONE" == "1" ]; then
+  echo "Configuring dispatcher in stand-alone mode"
+elif [ "$SIDECAR_DISPATCHER" != "1" ]; then
+  exit 0
+else
+  echo ">>"
+  echo ">> Sidecar dispatcher container detected"
+  echo ">>"
+fi
+
+# Create service
+mkdir -p /etc/services.d/dispatcher
+cat > /etc/services.d/dispatcher/run <<EOL
+#!/usr/bin/execlineb -P
+with-contenv
+s6-setuidgid ${PUID}:${PGID}
+/opt/librenms/librenms-service.py ${DISPATCHER_ARGS}
+EOL
+chmod +x /etc/services.d/dispatcher/run
+
 # Continue only if sidecar dispatcher container
 if [ "$SIDECAR_DISPATCHER" != "1" ]; then
   exit 0
@@ -111,13 +133,3 @@ REDIS_PASSWORD=${REDIS_PASSWORD}
 REDIS_DB=${REDIS_DB}
 EOL
 fi
-
-# Create service
-mkdir -p /etc/services.d/dispatcher
-cat > /etc/services.d/dispatcher/run <<EOL
-#!/usr/bin/execlineb -P
-with-contenv
-s6-setuidgid ${PUID}:${PGID}
-/opt/librenms/librenms-service.py ${DISPATCHER_ARGS}
-EOL
-chmod +x /etc/services.d/dispatcher/run

rootfs/etc/cont-init.d/06-svc-syslogng.sh

@@ -1,15 +1,20 @@
 #!/usr/bin/with-contenv sh
 
+STANDALONE=${STANDALONE:-0}
 SIDECAR_SYSLOGNG=${SIDECAR_SYSLOGNG:-0}
 
 # Continue only if sidecar syslogng container
-if [ "$SIDECAR_SYSLOGNG" != "1" ]; then
+if [ "$STANDALONE" == "1" ]; then
+  echo "Configuring syslog-ng in stand-alone mode"
+elif [ "$SIDECAR_SYSLOGNG" != "1" ]; then
   exit 0
+else
+  echo ">>"
+  echo ">> Sidecar syslog-ng container detected"
+  echo ">>"
 fi
 
-echo ">>"
-echo ">> Sidecar syslog-ng container detected"
-echo ">>"
+
 
 mkdir -p /data/syslog-ng /run/syslog-ng
 chown librenms. /data/syslog-ng

rootfs/etc/cont-init.d/08-svc-snmptrapd.sh

@@ -1,5 +1,6 @@
 #!/usr/bin/with-contenv sh
 
+STANDALONE=${STANDALONE:-0}
 SIDECAR_SNMPTRAPD=${SIDECAR_SNMPTRAPD:-0}
 LIBRENMS_SNMP_COMMUNITY=${LIBRENMS_SNMP_COMMUNITY:-librenmsdocker}
 SNMP_PROCESSING_TYPE=${SNMP_PROCESSING_TYPE:-log,execute,net}
@@ -12,14 +13,17 @@ SNMP_SECURITY_LEVEL=${SNMP_SECURITY_LEVEL:-priv}
 SNMP_ENGINEID=${SNMP_ENGINEID:-1234567890}
 SNMP_DISABLE_AUTHORIZATION=${SNMP_DISABLE_AUTHORIZATION:-yes}
 
-# Continue only if sidecar snmptrapd container
-if [ "$SIDECAR_SNMPTRAPD" != "1" ]; then
+# Continue only if sidecar snmptrapd container or stand-alone
+if [ "$STANDALONE" == "1" ]; then
+  echo "Configuring snmptrapd in stand-alone mode"
+elif [ "$SIDECAR_SNMPTRAPD" != "1" ]; then
   exit 0
+else
+  echo ">>"
+  echo ">> Sidecar snmptrapd container detected"
+  echo ">>"
 fi
 
-echo ">>"
-echo ">> Sidecar snmptrapd container detected"
-echo ">>"
 
 mkdir -p /run/snmptrapd
 chown -R librenms. /run/snmptrapd

rootfs/etc/cont-init.d/09-svc-rrdcached.sh

@@ -0,0 +1,44 @@
+#!/usr/bin/with-contenv sh
+
+STANDALONE=${STANDALONE:-0}
+SIDECAR_RRDCACHED=${SIDECAR_RRDCACHED:-0}
+
+# Continue only if sidecar rrdcached container
+if [ "$STANDALONE" == "1" ]; then
+  echo "Configuring rrdcached in stand-alone mode"
+elif [ "$SIDECAR_RRDCACHED" != "1" ]; then
+  exit 0
+else
+  echo ">>"
+  echo ">> Sidecar rrdcached container detected"
+  echo ">>"
+fi
+
+RRDCACHED_WRITE_TIMEOUT=${RRDCACHED_WRITE_TIMEOUT:-1800}
+RRDCACHED_WRITE_JITTER=${RRDCACHED_WRITE_JITTER:-1800}
+RRDCACHED_WRITE_THREADS=${RRDCACHED_WRITE_THREADS:-4}
+RRDCACHED_FLUSH_INTERVAL=${RRDCACHED_FLUSH_INTERVAL:-3600}
+
+mkdir -p /data/rrdcached /var/lib/rrdcached /run/rrdcached
+chown -R librenms. /data/rrdcached /run/rrdcached
+
+# Create service
+mkdir -p /etc/services.d/rrdcached
+cat > /etc/services.d/rrdcached/run <<EOL
+#!/usr/bin/execlineb -P
+with-contenv
+/usr/sbin/rrdcached \
+ -g -B -R -F \
+ -w ${RRDCACHED_WRITE_TIMEOUT} \
+ -z ${RRDCACHED_WRITE_JITTER} \
+ -f ${RRDCACHED_FLUSH_INTERVAL} \
+ -t ${RRDCACHED_WRITE_THREADS} \
+ -U librenms -G librenms \
+ -p /run/rrdcached/rrdcached.pid \
+ -j /var/lib/rrdcached/journal/ \
+ -V LOG_DEBUG \
+ -l 0:42217 \
+ -b /data/rrd/
+EOL
+chmod +x /etc/services.d/rrdcached/run
+