From a889f0158ed578e1658abd9adca088d8c8fe370d Mon Sep 17 00:00:00 2001 From: Tony Murray Date: Sat, 9 Jul 2022 04:08:05 -0500 Subject: [PATCH 1/4] Stand-alone mode for the docker image Simply set STANDALONE=1 This will include all sidecars in one container. - dispatcher - syslong-ng - snmptrapd While the sidecars are great for highly orchestrated setups, the standalone mode is more ideal for simple single node setups (such as home networks). Additional docker-compose examples. Remove obsolete memcached references. --- README.md | 41 +++++++++ .../docker-compose-standalone-https.yml | 88 +++++++++++++++++++ .../compose/docker-compose-standalone.yml | 60 +++++++++++++ examples/compose/docker-compose.yml | 8 -- examples/compose/librenms.env | 4 +- rootfs/etc/cont-init.d/05-svc-dispatcher.sh | 32 ++++--- rootfs/etc/cont-init.d/06-svc-syslogng.sh | 13 ++- rootfs/etc/cont-init.d/08-svc-snmptrapd.sh | 14 +-- 8 files changed, 230 insertions(+), 30 deletions(-) create mode 100644 examples/compose/docker-compose-standalone-https.yml create mode 100644 examples/compose/docker-compose-standalone.yml diff --git a/README.md b/README.md index fcd2d9d..e107f66 100644 --- a/README.md +++ b/README.md @@ -27,6 +27,7 @@ If you are interested, [check out](https://hub.docker.com/r/crazymax/) my other * [Dispatcher service](doc/docker/environment-variables.md#dispatcher-service) as "sidecar" container * Syslog-ng support through a ["sidecar" container](doc/docker/environment-variables.md#syslog-ng) * Snmp-trap support through a ["sidecar" container](doc/docker/environment-variables.md#snmptrapd) +* Sidecar modular service mode or stand-alone mode * Built-in LibreNMS [Weathermap plugin](https://docs.librenms.org/Extensions/Weathermap/) * Ability to add custom Monitoring plugins * Ability to add custom alert templates @@ -38,6 +39,46 @@ If you are interested, [check out](https://hub.docker.com/r/crazymax/) my other * [msmtpd SMTP relay](https://github.com/crazy-max/docker-msmtpd) image to send emails * [MariaDB](https://github.com/docker-library/mariadb) image as database instance +## Quick Start + +### Modular sidecar layout + +You should carefully review the Docker compose file and edit it to suit your needs. + +```shell +wget https://raw.githubusercontent.com/librenms/docker/master/examples/compose/docker-compose.yml + +editor docker-compose.yml + +MYSQL_DATABASE=librenms \ +MYSQL_USER=librenms \ +MYSQL_PASSWORD="super_secure_password123" \ +docker-compose -f docker-compose.yml up -d +``` + +### Stand-alone layout + +Install mariadb and librenms as two containers listening on port 8000. +This uses pwgen to generate a random mysql password, alternatively, you may just enter a password. + +```shell +wget https://raw.githubusercontent.com/librenms/docker/master/examples/compose/docker-compose-standalone.yml +MYSQL_PASSWORD="`pwgen -Bs1 12`" docker-compose -f docker-compose-standalone.yml up -d +``` + +### Stand-alone with HTTPS + +Use Traefik to generate a letsencrypt ssl certificate and redirect to https. Uses pwgen. + +```shell +wget https://raw.githubusercontent.com/librenms/docker/master/examples/compose/docker-compose-standalone-https.yml +MYSQL_PASSWORD="`pwgen -Bs1 12`" \ +LETSENCRYPT_EMAIL="email@example.com" \ +LIBRENMS_BASE_URL="public-dns.example.com" \ +docker-compose -f docker-compose-standalone-https.yml up -d +``` + + ## Build locally ```shell diff --git a/examples/compose/docker-compose-standalone-https.yml b/examples/compose/docker-compose-standalone-https.yml new file mode 100644 index 0000000..d72f487 --- /dev/null +++ b/examples/compose/docker-compose-standalone-https.yml @@ -0,0 +1,88 @@ +version: "3.5" + +services: + db: + image: mariadb:10.7 + container_name: librenms_db + restart: always + command: + - "mysqld" + - "--innodb-file-per-table=1" + - "--lower-case-table-names=0" + - "--character-set-server=utf8mb4" + - "--collation-server=utf8mb4_unicode_ci" + volumes: + - "./db:/var/lib/mysql" + environment: + - "TZ=${TZ}" + - "MYSQL_ALLOW_EMPTY_PASSWORD=yes" + - "MYSQL_DATABASE=librenms" + - "MYSQL_USER=librenms" + - "MYSQL_PASSWORD=${MYSQL_PASSWORD}" + + # simple static Traefik config, you may want to use the docker provider and labels instead + traefik: + image: traefik:2.7 # please check version tag to use the most current version + restart: unless-stopped + volumes: + - ./letsencrypt/:/letsencrypt/ # TLS certificate storage + ports: + - "80:80" + - "443:443" + command: + - "--entryPoints.web.address=:80" + - "--entryPoints.websecure.address=:443" + - "--certificatesresolvers.letsencryptresolver.acme.tlschallenge=true" + - "--certificatesresolvers.letsencryptresolver.acme.tlschallenge.entrypoint=websecure" + - "--certificatesresolvers.letsencryptresolver.acme.email=$LETSENCRYPT_EMAIL" + - "--certificatesresolvers.letsencryptresolver.acme.storage=/letsencrypt/acme.json" + - "--certificatesresolvers.letsencryptresolver.acme.caserver: https://acme-staging-v02.api.letsencrypt.org/directory" # Use staging server first + - "--http.routers.http-catchall.entrypoints=web" + - "--http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)" + - "--http.routers.http-catchall.middlewares=redirect-to-https" + - "--http.middlewares.redirect-to-https.redirectscheme.scheme=https" + - "--http.routers.librenms.entrypoints=websecure" + - "--http.routers.librenms.tls.certresolver=letsencryptresolver" + - "--http.routers.librenms.rule=Host(`$LIBRENMS_BASE_URL`)" + - "--http.routers.librenms.service=librenms" + + librenms: + image: librenms/librenms:latest + container_name: librenms + hostname: librenms + restart: always + cap_add: + - NET_ADMIN + - NET_RAW + ports: + - target: 8000 + published: 8000 + protocol: tcp + - target: 162 + published: 162 + protocol: tcp + - target: 162 + published: 162 + protocol: udp + - target: 514 + published: 514 + protocol: tcp + - target: 514 + published: 514 + protocol: udp + depends_on: + - db + volumes: + - "./librenms:/data" + environment: + - "STANDALONE=1" + - "TZ=${TZ}" + - "PUID=${PUID}" + - "PGID=${PGID}" + - "DB_HOST=db" + - "DB_NAME=librenms" + - "DB_USER=librenms" + - "DB_PASSWORD=${MYSQL_PASSWORD}" + - "DB_TIMEOUT=60" + + diff --git a/examples/compose/docker-compose-standalone.yml b/examples/compose/docker-compose-standalone.yml new file mode 100644 index 0000000..920b02a --- /dev/null +++ b/examples/compose/docker-compose-standalone.yml @@ -0,0 +1,60 @@ +version: "3.5" + +services: + db: + image: mariadb:10.7 + container_name: librenms_db + command: + - "mysqld" + - "--innodb-file-per-table=1" + - "--lower-case-table-names=0" + - "--character-set-server=utf8mb4" + - "--collation-server=utf8mb4_unicode_ci" + volumes: + - "./db:/var/lib/mysql" + environment: + - "TZ=${TZ}" + - "MYSQL_ALLOW_EMPTY_PASSWORD=yes" + - "MYSQL_DATABASE=librenms" + - "MYSQL_USER=librenms" + - "MYSQL_PASSWORD=${MYSQL_PASSWORD}" + restart: always + + librenms: + image: librenms/librenms:latest + container_name: librenms + hostname: librenms + cap_add: + - NET_ADMIN + - NET_RAW + ports: + - target: 8000 + published: 8000 + protocol: tcp + - target: 162 + published: 162 + protocol: tcp + - target: 162 + published: 162 + protocol: udp + - target: 514 + published: 514 + protocol: tcp + - target: 514 + published: 514 + protocol: udp + depends_on: + - db + volumes: + - "./librenms:/data" + environment: + - "STANDALONE=1" + - "TZ=${TZ}" + - "PUID=${PUID}" + - "PGID=${PGID}" + - "DB_HOST=db" + - "DB_NAME=librenms" + - "DB_USER=librenms" + - "DB_PASSWORD=${MYSQL_PASSWORD}" + - "DB_TIMEOUT=60" + restart: always diff --git a/examples/compose/docker-compose.yml b/examples/compose/docker-compose.yml index b6b6e0b..6ae9b2d 100644 --- a/examples/compose/docker-compose.yml +++ b/examples/compose/docker-compose.yml @@ -20,13 +20,6 @@ services: - "MYSQL_PASSWORD=${MYSQL_PASSWORD}" restart: always - memcached: - image: memcached:alpine - container_name: librenms_memcached - environment: - - "TZ=${TZ}" - restart: always - redis: image: redis:5.0-alpine container_name: librenms_redis @@ -54,7 +47,6 @@ services: protocol: tcp depends_on: - db - - memcached - msmtpd volumes: - "./librenms:/data" diff --git a/examples/compose/librenms.env b/examples/compose/librenms.env index a1af74f..cc600d1 100644 --- a/examples/compose/librenms.env +++ b/examples/compose/librenms.env @@ -6,8 +6,6 @@ REAL_IP_HEADER=X-Forwarded-For LOG_IP_VAR=remote_addr LIBRENMS_SNMP_COMMUNITY=librenmsdocker -MEMCACHED_HOST=memcached -MEMCACHED_PORT=11211 LIBRENMS_WEATHERMAP=false -LIBRENMS_WEATHERMAP_SCHEDULE=*/5 * * * * +LIBRENMS_WEATHERMAP_SCHEDULE="*/5 * * * *" diff --git a/rootfs/etc/cont-init.d/05-svc-dispatcher.sh b/rootfs/etc/cont-init.d/05-svc-dispatcher.sh index d775ca5..16d2703 100644 --- a/rootfs/etc/cont-init.d/05-svc-dispatcher.sh +++ b/rootfs/etc/cont-init.d/05-svc-dispatcher.sh @@ -28,6 +28,7 @@ DB_NAME=${DB_NAME:-librenms} DB_USER=${DB_USER:-librenms} DB_TIMEOUT=${DB_TIMEOUT:-60} +STANDALONE=${STANDALONE:-0} SIDECAR_DISPATCHER=${SIDECAR_DISPATCHER:-0} #DISPATCHER_NODE_ID=${DISPATCHER_NODE_ID:-dispatcher1} @@ -39,6 +40,27 @@ REDIS_SENTINEL_SERVICE=${REDIS_SENTINEL_SERVICE:-librenms} file_env 'REDIS_PASSWORD' REDIS_DB=${REDIS_DB:-0} +# If stand-alone or dispatcher sidecar, install the service +if [ "$STANDALONE" == "1" ]; then + echo "Configuring dispatcher in stand-alone mode" +elif [ "$SIDECAR_DISPATCHER" != "1" ]; then + exit 0 +else + echo ">>" + echo ">> Sidecar dispatcher container detected" + echo ">>" +fi + +# Create service +mkdir -p /etc/services.d/dispatcher +cat > /etc/services.d/dispatcher/run < /etc/services.d/dispatcher/run <>" + echo ">> Sidecar syslog-ng container detected" + echo ">>" fi -echo ">>" -echo ">> Sidecar syslog-ng container detected" -echo ">>" + mkdir -p /data/syslog-ng /run/syslog-ng chown librenms. /data/syslog-ng diff --git a/rootfs/etc/cont-init.d/08-svc-snmptrapd.sh b/rootfs/etc/cont-init.d/08-svc-snmptrapd.sh index 5ea6fee..d2f8f2b 100644 --- a/rootfs/etc/cont-init.d/08-svc-snmptrapd.sh +++ b/rootfs/etc/cont-init.d/08-svc-snmptrapd.sh @@ -1,5 +1,6 @@ #!/usr/bin/with-contenv sh +STANDALONE=${STANDALONE:-0} SIDECAR_SNMPTRAPD=${SIDECAR_SNMPTRAPD:-0} LIBRENMS_SNMP_COMMUNITY=${LIBRENMS_SNMP_COMMUNITY:-librenmsdocker} SNMP_PROCESSING_TYPE=${SNMP_PROCESSING_TYPE:-log,execute,net} @@ -12,14 +13,17 @@ SNMP_SECURITY_LEVEL=${SNMP_SECURITY_LEVEL:-priv} SNMP_ENGINEID=${SNMP_ENGINEID:-1234567890} SNMP_DISABLE_AUTHORIZATION=${SNMP_DISABLE_AUTHORIZATION:-yes} -# Continue only if sidecar snmptrapd container -if [ "$SIDECAR_SNMPTRAPD" != "1" ]; then +# Continue only if sidecar snmptrapd container or stand-alone +if [ "$STANDALONE" == "1" ]; then + echo "Configuring snmptrapd in stand-alone mode" +elif [ "$SIDECAR_SNMPTRAPD" != "1" ]; then exit 0 +else + echo ">>" + echo ">> Sidecar snmptrapd container detected" + echo ">>" fi -echo ">>" -echo ">> Sidecar snmptrapd container detected" -echo ">>" mkdir -p /run/snmptrapd chown -R librenms. /run/snmptrapd From 272c350462c7467c23b54d2f3ebfce55b6219459 Mon Sep 17 00:00:00 2001 From: Tony Murray Date: Sat, 9 Jul 2022 04:44:46 -0500 Subject: [PATCH 2/4] Reorganize docs --- README.md | 38 +------------------------------------- doc/usage.md | 43 +++++++++++++++++++++++++++++++++++++------ 2 files changed, 38 insertions(+), 43 deletions(-) diff --git a/README.md b/README.md index e107f66..8bd8ea1 100644 --- a/README.md +++ b/README.md @@ -41,43 +41,7 @@ If you are interested, [check out](https://hub.docker.com/r/crazymax/) my other ## Quick Start -### Modular sidecar layout - -You should carefully review the Docker compose file and edit it to suit your needs. - -```shell -wget https://raw.githubusercontent.com/librenms/docker/master/examples/compose/docker-compose.yml - -editor docker-compose.yml - -MYSQL_DATABASE=librenms \ -MYSQL_USER=librenms \ -MYSQL_PASSWORD="super_secure_password123" \ -docker-compose -f docker-compose.yml up -d -``` - -### Stand-alone layout - -Install mariadb and librenms as two containers listening on port 8000. -This uses pwgen to generate a random mysql password, alternatively, you may just enter a password. - -```shell -wget https://raw.githubusercontent.com/librenms/docker/master/examples/compose/docker-compose-standalone.yml -MYSQL_PASSWORD="`pwgen -Bs1 12`" docker-compose -f docker-compose-standalone.yml up -d -``` - -### Stand-alone with HTTPS - -Use Traefik to generate a letsencrypt ssl certificate and redirect to https. Uses pwgen. - -```shell -wget https://raw.githubusercontent.com/librenms/docker/master/examples/compose/docker-compose-standalone-https.yml -MYSQL_PASSWORD="`pwgen -Bs1 12`" \ -LETSENCRYPT_EMAIL="email@example.com" \ -LIBRENMS_BASE_URL="public-dns.example.com" \ -docker-compose -f docker-compose-standalone-https.yml up -d -``` - +Visit the [usage documentation](doc/usage.md) and run the stand-alone docker compose. ## Build locally diff --git a/doc/usage.md b/doc/usage.md index fb397db..24c2568 100644 --- a/doc/usage.md +++ b/doc/usage.md @@ -1,15 +1,45 @@ -## Use this image +# Use this image -### Docker Compose +## Docker Compose -Docker compose is the recommended way to run this image. Copy the content of folder [examples/compose](../examples/compose) in `/var/librenms/` on your host for example. Edit the compose and env files with your preferences and run the following commands: +Docker compose is the recommended way to run this image. -```bash +### Modular sidecar layout + +Copy the content of folder [examples/compose](../examples/compose) to your host. Edit the compose and env files with your preferences and run the following commands: +You should carefully review the Docker compose file and edit it to suit your needs. + +```shell docker-compose up -d docker-compose logs -f ``` -### Command line +### Stand-alone layout + +Install mariadb and librenms as two containers listening on port 8000. +This uses pwgen to generate a random mysql password, alternatively, you may just enter a password. + +```shell +wget https://raw.githubusercontent.com/librenms/docker/master/examples/compose/docker-compose-standalone.yml +MYSQL_PASSWORD="`pwgen -Bs1 12`" docker-compose -f docker-compose-standalone.yml up -d +docker-compose logs -f +``` + +### Stand-alone layout with HTTPS + +Use Traefik to generate a letsencrypt ssl certificate and redirect to https. Uses pwgen. + +```shell +wget https://raw.githubusercontent.com/librenms/docker/master/examples/compose/docker-compose-standalone-https.yml +MYSQL_PASSWORD="`pwgen -Bs1 12`" \ +LETSENCRYPT_EMAIL="email@example.com" \ +LIBRENMS_BASE_URL="public-dns.example.com" \ +docker-compose -f docker-compose-standalone-https.yml up -d + +docker-compose logs -f +``` + +## Command line You can also use the following minimal command : @@ -17,13 +47,14 @@ You can also use the following minimal command : docker run -d -p 8000:8000 --name librenms \ -v $(pwd)/data:/data \ -e "DB_HOST=db" \ + -e "STANDALONE=1" \ librenms/librenms:latest ``` > `-e "DB_HOST=db"`
> :warning: `db` must be a running MySQL instance -### First launch +## First launch On first launch, an initial administrator user will be created: From fcbfee1b584abc96fa599e85dca87f2d6e8b95d2 Mon Sep 17 00:00:00 2001 From: Tony Murray Date: Sat, 9 Jul 2022 04:46:07 -0500 Subject: [PATCH 3/4] grammar --- doc/usage.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/doc/usage.md b/doc/usage.md index 24c2568..5865fa5 100644 --- a/doc/usage.md +++ b/doc/usage.md @@ -6,7 +6,8 @@ Docker compose is the recommended way to run this image. ### Modular sidecar layout -Copy the content of folder [examples/compose](../examples/compose) to your host. Edit the compose and env files with your preferences and run the following commands: +Copy the contents of the examples folder [examples/compose](../examples/compose) to your host. +Edit the compose and env files with your preferences and run the following commands: You should carefully review the Docker compose file and edit it to suit your needs. ```shell From 4fc86317c8a6000ca8fb4bf36b1b02c3dab71c4b Mon Sep 17 00:00:00 2001 From: Tony Murray Date: Mon, 11 Jul 2022 23:59:28 -0500 Subject: [PATCH 4/4] rrdcached sidecar/included. --- Dockerfile | 5 ++- examples/compose/docker-compose.yml | 27 +++++++++++++ rootfs/etc/cont-init.d/03-config.sh | 5 +++ rootfs/etc/cont-init.d/09-svc-rrdcached.sh | 44 ++++++++++++++++++++++ 4 files changed, 79 insertions(+), 2 deletions(-) create mode 100644 rootfs/etc/cont-init.d/09-svc-rrdcached.sh diff --git a/Dockerfile b/Dockerfile index cc7c510..e55fbd9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -60,6 +60,7 @@ RUN apk --update --no-cache add \ python3 \ py3-pip \ rrdtool \ + rrdtool-cached \ runit \ shadow \ syslog-ng=3.30.1-r4 \ @@ -109,7 +110,7 @@ RUN apk --update --no-cache add -t build-dependencies \ linux-headers \ musl-dev \ python3-dev \ - && git clone --branch ${LIBRENMS_VERSION} https://github.com/librenms/librenms.git . \ + && git clone --depth 1 --branch ${LIBRENMS_VERSION} https://github.com/librenms/librenms.git . \ && pip3 install --ignore-installed -r requirements.txt --upgrade \ && COMPOSER_CACHE_DIR="/tmp" composer install --no-dev --no-interaction --no-ansi \ && mkdir config.d \ @@ -129,7 +130,7 @@ RUN apk --update --no-cache add -t build-dependencies \ COPY rootfs / -EXPOSE 8000 514 514/udp 162 162/udp +EXPOSE 8000 42217 514 514/udp 162 162/udp VOLUME [ "/data" ] ENTRYPOINT [ "/init" ] diff --git a/examples/compose/docker-compose.yml b/examples/compose/docker-compose.yml index 6ae9b2d..d95abdf 100644 --- a/examples/compose/docker-compose.yml +++ b/examples/compose/docker-compose.yml @@ -61,6 +61,7 @@ services: - "DB_USER=${MYSQL_USER}" - "DB_PASSWORD=${MYSQL_PASSWORD}" - "DB_TIMEOUT=60" + - "RRDCACHED_SERVER=rrdcached:42217" - "REDIS_HOST=redis" - "REDIS_PORT=6379" - "REDIS_DB=0" @@ -89,6 +90,7 @@ services: - "DB_USER=${MYSQL_USER}" - "DB_PASSWORD=${MYSQL_PASSWORD}" - "DB_TIMEOUT=60" + - "RRDCACHED_SERVER=rrdcached:42217" - "DISPATCHER_NODE_ID=dispatcher1" - "REDIS_HOST=redis" - "REDIS_PORT=6379" @@ -162,3 +164,28 @@ services: - "DB_TIMEOUT=60" - "SIDECAR_SNMPTRAPD=1" restart: always + + rrdcached: + image: librenms/librenms:latest + container_name: librenms_rrdcached + hostname: librenms-rrdcached + cap_add: + - NET_ADMIN + - NET_RAW + depends_on: + - librenms + ports: + - target: 42217 + published: 42217 + protocol: tcp + volumes: + - "./librenms:/data" + env_file: + - "./librenms.env" + environment: + - "TZ=${TZ}" + - "PUID=${PUID}" + - "PGID=${PGID}" + - "SIDECAR_RRDCACHED=1" + - "RRDCACHED_SERVER=rrdcached:42217" + restart: always diff --git a/rootfs/etc/cont-init.d/03-config.sh b/rootfs/etc/cont-init.d/03-config.sh index 6c732f1..249e9b0 100644 --- a/rootfs/etc/cont-init.d/03-config.sh +++ b/rootfs/etc/cont-init.d/03-config.sh @@ -33,6 +33,7 @@ LISTEN_IPV6=${LISTEN_IPV6:-true} REAL_IP_FROM=${REAL_IP_FROM:-"0.0.0.0/32"} REAL_IP_HEADER=${REAL_IP_HEADER:-"X-Forwarded-For"} LOG_IP_VAR=${LOG_IP_VAR:-remote_addr} +STANDALONE=${STANDALONE:-0} MEMCACHED_PORT=${MEMCACHED_PORT:-11211} @@ -172,6 +173,10 @@ EOL fi # Config : RRDcached +if [ -n "${STANDALONE}" ]; then +RRDCACHED_SERVER="127.0.0.1:42217" +fi + if [ -n "${RRDCACHED_SERVER}" ]; then cat > ${LIBRENMS_PATH}/config.d/rrdcached.php <>" + echo ">> Sidecar rrdcached container detected" + echo ">>" +fi + +RRDCACHED_WRITE_TIMEOUT=${RRDCACHED_WRITE_TIMEOUT:-1800} +RRDCACHED_WRITE_JITTER=${RRDCACHED_WRITE_JITTER:-1800} +RRDCACHED_WRITE_THREADS=${RRDCACHED_WRITE_THREADS:-4} +RRDCACHED_FLUSH_INTERVAL=${RRDCACHED_FLUSH_INTERVAL:-3600} + +mkdir -p /data/rrdcached /var/lib/rrdcached /run/rrdcached +chown -R librenms. /data/rrdcached /run/rrdcached + +# Create service +mkdir -p /etc/services.d/rrdcached +cat > /etc/services.d/rrdcached/run <