summaryrefslogtreecommitdiffstats
path: root/docs/configure
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2023-02-06 16:11:34 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2023-02-06 16:11:34 +0000
commitd079b656b4719739b2247dcd9d46e9bec793095a (patch)
treed2c950c70a776bcf697c963151c5bd959f8a9f03 /docs/configure
parentReleasing debian version 1.37.1-2. (diff)
downloadnetdata-d079b656b4719739b2247dcd9d46e9bec793095a.tar.xz
netdata-d079b656b4719739b2247dcd9d46e9bec793095a.zip
Merging upstream version 1.38.0.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'docs/configure')
-rw-r--r--docs/configure/common-changes.md132
-rw-r--r--docs/configure/nodes.md54
-rw-r--r--docs/configure/secure-nodes.md36
-rw-r--r--docs/configure/start-stop-restart.md24
4 files changed, 148 insertions, 98 deletions
diff --git a/docs/configure/common-changes.md b/docs/configure/common-changes.md
index 93b12d226..e1dccfceb 100644
--- a/docs/configure/common-changes.md
+++ b/docs/configure/common-changes.md
@@ -1,7 +1,11 @@
<!--
title: "Common configuration changes"
description: "See the most popular configuration changes to make to the Netdata Agent, including longer metrics retention, reduce sampling, and more."
-custom_edit_url: https://github.com/netdata/netdata/edit/master/docs/configure/common-changes.md
+custom_edit_url: "https://github.com/netdata/netdata/edit/master/docs/configure/common-changes.md"
+sidebar_label: "Common configuration changes"
+learn_status: "Published"
+learn_topic_type: "Tasks"
+learn_rel_path: "Setup"
-->
# Common configuration changes
@@ -10,19 +14,24 @@ The Netdata Agent requires no configuration upon installation to collect thousan
systems, containers, and applications, but there are hundreds of settings to tweak if you want to exercise more control
over your monitoring platform.
-This document assumes familiarity with using [`edit-config`](/docs/configure/nodes.md) from the Netdata config
+This document assumes familiarity with
+using [`edit-config`](https://github.com/netdata/netdata/blob/master/docs/configure/nodes.md) from the Netdata config
directory.
## Change dashboards and visualizations
-The Netdata Agent's [local dashboard](/web/gui/README.md), accessible at `http://NODE:19999` is highly configurable. If
-you use Netdata Cloud for [infrastructure monitoring](/docs/quickstart/infrastructure.md), you will see many of these
+The Netdata Agent's [local dashboard](https://github.com/netdata/netdata/blob/master/web/gui/README.md), accessible
+at `http://NODE:19999` is highly configurable. If
+you use Netdata Cloud
+for [infrastructure monitoring](https://github.com/netdata/netdata/blob/master/docs/quickstart/infrastructure.md), you
+will see many of these
changes reflected in those visualizations due to the way Netdata Cloud proxies metric data and metadata to your browser.
### Increase the long-term metrics retention period
-Increase the values for the `page cache size` and `dbengine multihost disk space` settings in the [`[global]`
-section](/daemon/config/README.md#global-section-options) of `netdata.conf`.
+Increase the values for the `page cache size` and `dbengine multihost disk space` settings in
+the [`[global]`section](https://github.com/netdata/netdata/blob/master/daemon/config/README.md#global-section-options)
+of `netdata.conf`.
```conf
[global]
@@ -30,13 +39,17 @@ section](/daemon/config/README.md#global-section-options) of `netdata.conf`.
dbengine multihost disk space = 4096 # 4GiB of disk space for metrics storage
```
-Read our doc on [increasing long-term metrics storage](/docs/store/change-metrics-storage.md) for details, including a
-[calculator](/docs/store/change-metrics-storage.md#calculate-the-system-resources-ram-disk-space-needed-to-store-metrics)
+Read our doc
+on [increasing long-term metrics storage](https://github.com/netdata/netdata/blob/master/docs/store/change-metrics-storage.md)
+for details, including a
+[calculator](https://github.com/netdata/netdata/blob/master/docs/store/change-metrics-storage.md#calculate-the-system-resources-ram-disk-space-needed-to-store-metrics)
to help you determine the exact settings for your desired retention period.
### Reduce the data collection frequency
-Change `update every` in the [`[global]` section](/daemon/config/README.md#global-section-options) of `netdata.conf` so
+Change `update every` in
+the [`[global]` section](https://github.com/netdata/netdata/blob/master/daemon/config/README.md#global-section-options)
+of `netdata.conf` so
that it is greater than `1`. An `update every` of `5` means the Netdata Agent enforces a _minimum_ collection frequency
of 5 seconds.
@@ -47,12 +60,15 @@ of 5 seconds.
Every collector and plugin has its own `update every` setting, which you can also change in the `go.d.conf`,
`python.d.conf` or `charts.d.conf` files, or in individual collector configuration files. If the `update
-every` for an individual collector is less than the global, the Netdata Agent uses the global setting. See the [enable
-or configure a collector](/docs/collect/enable-configure.md) doc for details.
+every` for an individual collector is less than the global, the Netdata Agent uses the global setting. See
+the [enable or configure a collector](https://github.com/netdata/netdata/blob/master/docs/collect/enable-configure.md)
+doc for details.
### Disable a collector or plugin
-Turn off entire plugins in the [`[plugins]` section](/daemon/config/README.md#plugins-section-options) of
+Turn off entire plugins in
+the [`[plugins]` section](https://github.com/netdata/netdata/blob/master/daemon/config/README.md#plugins-section-options)
+of
`netdata.conf`.
To disable specific collectors, open `go.d.conf`, `python.d.conf` or `charts.d.conf` and find the line
@@ -77,17 +93,20 @@ sudo ./edit-config health.d/example-alarm.conf
Or, append your new alarm to an existing file by editing a relevant existing file in the `health.d/` directory.
-Read more about [configuring alarms](/docs/monitor/configure-alarms.md) to get started, and see the [health monitoring
-reference](/health/REFERENCE.md) for a full listing of options available in health entities.
+Read more about [configuring alarms](https://github.com/netdata/netdata/blob/master/docs/monitor/configure-alarms.md) to
+get started, and see
+the [health monitoring reference](https://github.com/netdata/netdata/blob/master/health/REFERENCE.md) for a full listing
+of options available in health entities.
### Configure a specific alarm
Tweak existing alarms by editing files in the `health.d/` directory. For example, edit `health.d/cpu.conf` to change how
the Agent responds to anomalies related to CPU utilization.
-To see which configuration file you need to edit to configure a specific alarm, [view your active
-alarms](/docs/monitor/view-active-alarms.md) in Netdata Cloud or the local Agent dashboard and look for the **source**
-line. For example, it might read `source 4@/usr/lib/netdata/conf.d/health.d/cpu.conf`.
+To see which configuration file you need to edit to configure a specific
+alarm, [view your active alarms](https://github.com/netdata/netdata/blob/master/docs/monitor/view-active-alarms.md) in
+Netdata Cloud or the local Agent dashboard and look for the **source** line. For example, it might
+read `source 4@/usr/lib/netdata/conf.d/health.d/cpu.conf`.
Because the source path contains `health.d/cpu.conf`, run `sudo edit-config health.d/cpu.conf` to configure that alarm.
@@ -106,13 +125,16 @@ template: disk_fill_rate
### Turn of all alarms and notifications
-Set `enabled` to `no` in the [`[health]` section](/daemon/config/README.md#health-section-options) section of
+Set `enabled` to `no` in
+the [`[health]` section](https://github.com/netdata/netdata/blob/master/daemon/config/README.md#health-section-options)
+section of
`netdata.conf`.
### Enable alarm notifications
Open `health_alarm_notify.conf` for editing. First, read the [enabling
-notifications](/docs/monitor/enable-notifications.md#netdata-agent) doc for an example of the process using Slack, then
+notifications](https://github.com/netdata/netdata/blob/master/docs/monitor/enable-notifications.md#netdata-agent) doc
+for an example of the process using Slack, then
click on the link to your preferred notification method to find documentation for that specific endpoint.
## Improve node security
@@ -120,14 +142,17 @@ click on the link to your preferred notification method to find documentation fo
While the Netdata Agent is both [open and secure by design](https://www.netdata.cloud/blog/netdata-agent-dashboard/), we
recommend every user take some action to administer and secure their nodes.
-Learn more about a few of the following changes in the [node security doc](/docs/configure/secure-nodes.md).
+Learn more about a few of the following changes in
+the [node security doc](https://github.com/netdata/netdata/blob/master/docs/configure/secure-nodes.md).
### Disable the local Agent dashboard (`http://NODE:19999`)
If you use Netdata Cloud to visualize metrics, stream metrics to a parent node, or otherwise don't need the local Agent
dashboard, disabling it reduces the Agent's resource utilization and improves security.
-Change the `mode` setting to `none` in the [`[web]` section](/web/server/README.md#configuration) of `netdata.conf`.
+Change the `mode` setting to `none` in
+the [`[web]` section](https://github.com/netdata/netdata/blob/master/web/server/README.md#configuration)
+of `netdata.conf`.
```conf
[web]
@@ -136,11 +161,12 @@ Change the `mode` setting to `none` in the [`[web]` section](/web/server/README.
### Use access lists to restrict access to specific assets
-Allow access from only specific IP addresses, ranges of IP addresses, or hostnames using [access
-lists](/web/server/README.md#access-lists) and [simple patterns](/libnetdata/simple_pattern/README.md).
+Allow access from only specific IP addresses, ranges of IP addresses, or hostnames
+using [access lists](https://github.com/netdata/netdata/blob/master/web/server/README.md#access-lists)
+and [simple patterns](https://github.com/netdata/netdata/blob/master/libnetdata/simple_pattern/README.md).
See a quickstart to access lists in the [node security
-doc](/docs/configure/secure-nodes.md#restrict-access-to-the-local-dashboard).
+doc](https://github.com/netdata/netdata/blob/master/docs/configure/secure-nodes.md#restrict-access-to-the-local-dashboard).
### Stop sending anonymous statistics to Google Analytics
@@ -151,7 +177,8 @@ the statistics script.
sudo touch .opt-out-from-anonymous-statistics
```
-Learn more about [why we collect anonymous statistics](/docs/anonymous-statistics.md).
+Learn more
+about [why we collect anonymous statistics](https://github.com/netdata/netdata/blob/master/docs/anonymous-statistics.md).
### Change the IP address/port Netdata listens to
@@ -162,26 +189,30 @@ Change the `default port` setting in the `[web]` section to a port other than `1
default port = 39999
```
-Use the `bind to` setting to the ports other assets, such as the [running `netdata.conf`
-configuration](/docs/configure/nodes.md#see-an-agents-running-configuration), API, or streaming requests listen to.
+Use the `bind to` setting to the ports other assets, such as
+the [running `netdata.conf` configuration](https://github.com/netdata/netdata/blob/master/docs/configure/nodes.md#see-an-agents-running-configuration),
+API, or streaming requests listen to.
## Reduce resource usage
-Read our [performance optimization guide](/docs/guides/configure/performance.md) for a long list of specific changes
+Read
+our [performance optimization guide](https://github.com/netdata/netdata/blob/master/docs/guides/configure/performance.md)
+for a long list of specific changes
that can reduce the Netdata Agent's CPU/memory footprint and IO requirements.
## Organize nodes with host labels
Beginning with v1.20, Netdata accepts user-defined **host labels**. These labels are sent during streaming, exporting,
and as metadata to Netdata Cloud, and help you organize the metrics coming from complex infrastructure. Host labels are
-defined in the section `[host labels]`.
+defined in the section `[host labels]`.
-For a quick introduction, read the [host label guide](/docs/guides/using-host-labels.md).
+For a quick introduction, read
+the [host label guide](https://github.com/netdata/netdata/blob/master/docs/guides/using-host-labels.md).
-The following restrictions apply to host label names:
-
-- Names cannot start with `_`, but it can be present in other parts of the name.
-- Names only accept alphabet letters, numbers, dots, and dashes.
+The following restrictions apply to host label names:
+
+- Names cannot start with `_`, but it can be present in other parts of the name.
+- Names only accept alphabet letters, numbers, dots, and dashes.
The policy for values is more flexible, but you can not use exclamation marks (`!`), whitespaces (` `), single quotes
(`'`), double quotes (`"`), or asterisks (`*`), because they are used to compare label values in health alarms and
@@ -189,26 +220,33 @@ templates.
## What's next?
-If you haven't already, learn how to [secure your nodes](/docs/configure/secure-nodes.md).
+If you haven't already, learn how
+to [secure your nodes](https://github.com/netdata/netdata/blob/master/docs/configure/secure-nodes.md).
-As mentioned at the top, there are plenty of other
+As mentioned at the top, there are plenty of other
You can also take what you've learned about node configuration to tweak the Agent's behavior or enable new features:
-- [Enable new collectors](/docs/collect/enable-configure.md) or tweak their behavior.
-- [Configure existing health alarms](/docs/monitor/configure-alarms.md) or create new ones.
-- [Enable notifications](/docs/monitor/enable-notifications.md) to receive updates about the health of your
+- [Enable new collectors](https://github.com/netdata/netdata/blob/master/docs/collect/enable-configure.md) or tweak
+ their behavior.
+- [Configure existing health alarms](https://github.com/netdata/netdata/blob/master/docs/monitor/configure-alarms.md) or
+ create new ones.
+- [Enable notifications](https://github.com/netdata/netdata/blob/master/docs/monitor/enable-notifications.md) to receive
+ updates about the health of your
infrastructure.
-- Change [the long-term metrics retention period](/docs/store/change-metrics-storage.md) using the database engine.
+-
+
+Change [the long-term metrics retention period](https://github.com/netdata/netdata/blob/master/docs/store/change-metrics-storage.md)
+using the database engine.
### Related reference documentation
-- [Netdata Agent · Daemon](/health/README.md)
-- [Netdata Agent · Daemon configuration](/daemon/config/README.md)
-- [Netdata Agent · Web server](/web/server/README.md)
-- [Netdata Agent · Local Agent dashboard](/web/gui/README.md)
-- [Netdata Agent · Health monitoring](/health/REFERENCE.md)
-- [Netdata Agent · Notifications](/health/notifications/README.md)
-- [Netdata Agent · Simple patterns](/libnetdata/simple_pattern/README.md)
+- [Netdata Agent · Daemon](https://github.com/netdata/netdata/blob/master/health/README.md)
+- [Netdata Agent · Daemon configuration](https://github.com/netdata/netdata/blob/master/daemon/config/README.md)
+- [Netdata Agent · Web server](https://github.com/netdata/netdata/blob/master/web/server/README.md)
+- [Netdata Agent · Local Agent dashboard](https://github.com/netdata/netdata/blob/master/web/gui/README.md)
+- [Netdata Agent · Health monitoring](https://github.com/netdata/netdata/blob/master/health/REFERENCE.md)
+- [Netdata Agent · Notifications](https://github.com/netdata/netdata/blob/master/health/notifications/README.md)
+- [Netdata Agent · Simple patterns](https://github.com/netdata/netdata/blob/master/libnetdata/simple_pattern/README.md)
[![analytics](https://www.google-analytics.com/collect?v=1&aip=1&t=pageview&_s=1&ds=github&dr=https%3A%2F%2Fgithub.com%2Fnetdata%2Fnetdata&dl=https%3A%2F%2Fmy-netdata.io%2Fgithub%2Fdocs%2Fconfigure%2Fcommon-changes&_u=MAC~&cid=5792dfd7-8dc4-476b-af31-da2fdb9f93d2&tid=UA-64295674-3)](<>)
diff --git a/docs/configure/nodes.md b/docs/configure/nodes.md
index 841419a72..8f54b1bfb 100644
--- a/docs/configure/nodes.md
+++ b/docs/configure/nodes.md
@@ -1,7 +1,11 @@
<!--
title: "Configure the Netdata Agent"
description: "Netdata is zero-configuration for most users, but complex infrastructures may require you to tweak some of the Agent's granular settings."
-custom_edit_url: https://github.com/netdata/netdata/edit/master/docs/configure/nodes.md
+custom_edit_url: "https://github.com/netdata/netdata/edit/master/docs/configure/nodes.md"
+sidebar_label: "Configure the Netdata Agent"
+learn_status: "Published"
+learn_topic_type: "Concepts"
+learn_rel_path: "Concepts"
-->
# Configure the Netdata Agent
@@ -19,7 +23,7 @@ anomaly, or change in infrastructure affects how their Agents should perform.
## The Netdata config directory
On most Linux systems, using our [recommended one-line
-installation](/docs/get-started.mdx#install-on-linux-with-one-line-installer), the **Netdata config
+installation](https://github.com/netdata/netdata/blob/master/docs/get-started.mdx#install-on-linux-with-one-line-installer), the **Netdata config
directory** is `/etc/netdata/`. The config directory contains several configuration files with the `.conf` extension, a
few directories, and a shell script named `edit-config`.
@@ -37,23 +41,23 @@ these files in your own Netdata config directory, as the next section describes
exist.
- `netdata.conf` is the main configuration file. This is where you'll find most configuration options. Read descriptions
- for each in the [daemon config](/daemon/config/README.md) doc.
+ for each in the [daemon config](https://github.com/netdata/netdata/blob/master/daemon/config/README.md) doc.
- `edit-config` is a shell script used for [editing configuration files](#use-edit-config-to-edit-configuration-files).
- Various configuration files ending in `.conf` for [configuring plugins or
- collectors](/docs/collect/enable-configure.md#enable-a-collector-or-its-orchestrator) behave. Examples: `go.d.conf`,
+ collectors](https://github.com/netdata/netdata/blob/master/docs/collect/enable-configure.md#enable-a-collector-or-its-orchestrator) behave. Examples: `go.d.conf`,
`python.d.conf`, and `ebpf.d.conf`.
- Various directories ending in `.d`, which contain other configuration files, each ending in `.conf`, for [configuring
- specific collectors](/docs/collect/enable-configure.md#configure-a-collector).
+ specific collectors](https://github.com/netdata/netdata/blob/master/docs/collect/enable-configure.md#configure-a-collector).
- `apps_groups.conf` is a configuration file for changing how applications/processes are grouped when viewing the
- **Application** charts from [`apps.plugin`](/collectors/apps.plugin/README.md) or
- [`ebpf.plugin`](/collectors/ebpf.plugin/README.md).
-- `health.d/` is a directory that contains [health configuration files](/docs/monitor/configure-alarms.md).
-- `health_alarm_notify.conf` enables and configures [alarm notifications](/docs/monitor/enable-notifications.md).
-- `statsd.d/` is a directory for configuring Netdata's [statsd collector](/collectors/statsd.plugin/README.md).
-- `stream.conf` configures [parent-child streaming](/streaming/README.md) between separate nodes running the Agent.
+ **Application** charts from [`apps.plugin`](https://github.com/netdata/netdata/blob/master/collectors/apps.plugin/README.md) or
+ [`ebpf.plugin`](https://github.com/netdata/netdata/blob/master/collectors/ebpf.plugin/README.md).
+- `health.d/` is a directory that contains [health configuration files](https://github.com/netdata/netdata/blob/master/docs/monitor/configure-alarms.md).
+- `health_alarm_notify.conf` enables and configures [alarm notifications](https://github.com/netdata/netdata/blob/master/docs/monitor/enable-notifications.md).
+- `statsd.d/` is a directory for configuring Netdata's [statsd collector](https://github.com/netdata/netdata/blob/master/collectors/statsd.plugin/README.md).
+- `stream.conf` configures [parent-child streaming](https://github.com/netdata/netdata/blob/master/streaming/README.md) between separate nodes running the Agent.
- `.environment` is a hidden file that describes the environment in which the Netdata Agent is installed, including the
- `PATH` and any installation options. Useful for [reinstalling](/packaging/installer/REINSTALL.md) or
- [uninstalling](/packaging/installer/UNINSTALL.md) the Agent.
+ `PATH` and any installation options. Useful for [reinstalling](https://github.com/netdata/netdata/blob/master/packaging/installer/REINSTALL.md) or
+ [uninstalling](https://github.com/netdata/netdata/blob/master/packaging/installer/UNINSTALL.md) the Agent.
The Netdata config directory also contains one symlink:
@@ -63,7 +67,7 @@ The Netdata config directory also contains one symlink:
## Configure a Netdata docker container
-See [configure agent containers](/packaging/docker/README.md#configure-agent-containers).
+See [configure agent containers](https://github.com/netdata/netdata/blob/master/packaging/docker/README.md#configure-agent-containers).
## Use `edit-config` to edit configuration files
@@ -103,7 +107,7 @@ method for `edit-config` to write into the config directory. Use your `$EDITOR`,
> defaulted to `vim` or `nano`. Use `export EDITOR=` to change this temporarily, or edit your shell configuration file
> to change to permanently.
-After you make your changes, you need to [restart the Agent](/docs/configure/start-stop-restart.md) with `sudo systemctl
+After you make your changes, you need to [restart the Agent](https://github.com/netdata/netdata/blob/master/docs/configure/start-stop-restart.md) with `sudo systemctl
restart netdata` or the appropriate method for your system.
Here's an example of editing the node's hostname, which appears in both the local dashboard and in Netdata Cloud.
@@ -145,26 +149,26 @@ curl -o /etc/netdata/netdata.conf http://NODE:19999/netdata.conf
## What's next?
-Learn more about [starting, stopping, or restarting](/docs/configure/start-stop-restart.md) the Netdata daemon to apply
+Learn more about [starting, stopping, or restarting](https://github.com/netdata/netdata/blob/master/docs/configure/start-stop-restart.md) the Netdata daemon to apply
configuration changes.
-Apply some [common configuration changes](/docs/configure/common-changes.md) to quickly tweak the Agent's behavior.
+Apply some [common configuration changes](https://github.com/netdata/netdata/blob/master/docs/configure/common-changes.md) to quickly tweak the Agent's behavior.
-[Add security to your node](/docs/configure/secure-nodes.md) with what you've learned about the Netdata config directory
+[Add security to your node](https://github.com/netdata/netdata/blob/master/docs/configure/secure-nodes.md) with what you've learned about the Netdata config directory
and `edit-config`. We put together a few security best practices based on how you use the Netdata.
You can also take what you've learned about node configuration to enable or enhance features:
-- [Enable new collectors](/docs/collect/enable-configure.md) or tweak their behavior.
-- [Configure existing health alarms](/docs/monitor/configure-alarms.md) or create new ones.
-- [Enable notifications](/docs/monitor/enable-notifications.md) to receive updates about the health of your
+- [Enable new collectors](https://github.com/netdata/netdata/blob/master/docs/collect/enable-configure.md) or tweak their behavior.
+- [Configure existing health alarms](https://github.com/netdata/netdata/blob/master/docs/monitor/configure-alarms.md) or create new ones.
+- [Enable notifications](https://github.com/netdata/netdata/blob/master/docs/monitor/enable-notifications.md) to receive updates about the health of your
infrastructure.
-- Change [the long-term metrics retention period](/docs/store/change-metrics-storage.md) using the database engine.
+- Change [the long-term metrics retention period](https://github.com/netdata/netdata/blob/master/docs/store/change-metrics-storage.md) using the database engine.
### Related reference documentation
-- [Netdata Agent · Daemon](/daemon/README.md)
-- [Netdata Agent · Health monitoring](/health/README.md)
-- [Netdata Agent · Notifications](/health/notifications/README.md)
+- [Netdata Agent · Daemon](https://github.com/netdata/netdata/blob/master/daemon/README.md)
+- [Netdata Agent · Health monitoring](https://github.com/netdata/netdata/blob/master/health/README.md)
+- [Netdata Agent · Notifications](https://github.com/netdata/netdata/blob/master/health/notifications/README.md)
[![analytics](https://www.google-analytics.com/collect?v=1&aip=1&t=pageview&_s=1&ds=github&dr=https%3A%2F%2Fgithub.com%2Fnetdata%2Fnetdata&dl=https%3A%2F%2Fmy-netdata.io%2Fgithub%2Fdocs%2Fconfigure%2Fnodes&_u=MAC~&cid=5792dfd7-8dc4-476b-af31-da2fdb9f93d2&tid=UA-64295674-3)](<>)
diff --git a/docs/configure/secure-nodes.md b/docs/configure/secure-nodes.md
index 02057ab9e..75bf6fd36 100644
--- a/docs/configure/secure-nodes.md
+++ b/docs/configure/secure-nodes.md
@@ -1,7 +1,11 @@
<!--
title: "Secure your nodes"
description: "Your data and systems are safe with Netdata, but we recommend a few easy ways to improve the security of your infrastructure."
-custom_edit_url: https://github.com/netdata/netdata/edit/master/docs/configure/secure-nodes.md
+custom_edit_url: "https://github.com/netdata/netdata/edit/master/docs/configure/secure-nodes.md"
+sidebar_label: "Secure your nodes"
+learn_status: "Published"
+learn_topic_type: "Tasks"
+learn_rel_path: "Setup"
-->
# Secure your nodes
@@ -11,13 +15,13 @@ internet at large, anyone can access the dashboard and your node's metrics at `h
so that the local dashboard was immediately accessible to users, and so that we don't dictate how professionals set up
and secure their infrastructures.
-Despite this design decision, your [data](/docs/netdata-security.md#your-data-is-safe-with-netdata) and your
-[systems](/docs/netdata-security.md#your-systems-are-safe-with-netdata) are safe with Netdata. Netdata is read-only,
+Despite this design decision, your [data](https://github.com/netdata/netdata/blob/master/docs/netdata-security.md#your-data-is-safe-with-netdata) and your
+[systems](https://github.com/netdata/netdata/blob/master/docs/netdata-security.md#your-systems-are-safe-with-netdata) are safe with Netdata. Netdata is read-only,
cannot do anything other than present metrics, and runs without special/`sudo` privileges. Also, the local dashboard
only exposes chart metadata and metric values, not raw data.
While Netdata is secure by design, we believe you should [protect your
-nodes](/docs/netdata-security.md#why-netdata-should-be-protected). If left accessible to the internet at large, the
+nodes](https://github.com/netdata/netdata/blob/master/docs/netdata-security.md#why-netdata-should-be-protected). If left accessible to the internet at large, the
local dashboard could reveal sensitive information about your infrastructure. For example, an attacker can view which
applications you run (databases, webservers, and so on), or see every user account on a node.
@@ -37,7 +41,7 @@ that align with your goals and your organization's standards.
This is the _recommended method for those who have connected their nodes to Netdata Cloud_ and prefer viewing real-time
metrics using the War Room Overview, Nodes view, and Cloud dashboards.
-You can disable the local dashboard (and API) but retain the encrypted Agent-Cloud link ([ACLK](/aclk/README.md)) that
+You can disable the local dashboard (and API) but retain the encrypted Agent-Cloud link ([ACLK](https://github.com/netdata/netdata/blob/master/aclk/README.md)) that
allows you to stream metrics on demand from your nodes via the Netdata Cloud interface. This change mitigates all
concerns about revealing metrics and system design to the internet at large, while keeping all the functionality you
need to view metrics and troubleshoot issues with Netdata Cloud.
@@ -50,17 +54,17 @@ static-threaded` setting, and change it to `none`.
mode = none
```
-Save and close the editor, then [restart your Agent](/docs/configure/start-stop-restart.md) using `sudo systemctl
+Save and close the editor, then [restart your Agent](https://github.com/netdata/netdata/blob/master/docs/configure/start-stop-restart.md) using `sudo systemctl
restart netdata`. If you try to visit the local dashboard to `http://NODE:19999` again, the connection will fail because
that node no longer serves its local dashboard.
-> See the [configuration basics doc](/docs/configure/nodes.md) for details on how to find `netdata.conf` and use
+> See the [configuration basics doc](https://github.com/netdata/netdata/blob/master/docs/configure/nodes.md) for details on how to find `netdata.conf` and use
> `edit-config`.
## Restrict access to the local dashboard
If you want to keep using the local dashboard, but don't want it exposed to the internet, you can restrict access with
-[access lists](/web/server/README.md#access-lists). This method also fully retains the ability to stream metrics
+[access lists](https://github.com/netdata/netdata/blob/master/web/server/README.md#access-lists). This method also fully retains the ability to stream metrics
on-demand through Netdata Cloud.
The `allow connections from` setting helps you allow only certain IP addresses or FQDN/hostnames, such as a trusted
@@ -68,7 +72,7 @@ static IP, only `localhost`, or connections from behind a management LAN.
By default, this setting is `localhost *`. This setting allows connections from `localhost` in addition to _all_
connections, using the `*` wildcard. You can change this setting using Netdata's [simple
-patterns](/libnetdata/simple_pattern/README.md).
+patterns](https://github.com/netdata/netdata/blob/master/libnetdata/simple_pattern/README.md).
```conf
[web]
@@ -95,8 +99,8 @@ The `allow connections from` setting is global and restricts access to the dashb
allow management from = localhost
```
-See the [web server](/web/server/README.md#access-lists) docs for additional details about access lists. You can take
-access lists one step further by [enabling SSL](/web/server/README.md#enabling-tls-support) to encrypt data from local
+See the [web server](https://github.com/netdata/netdata/blob/master/web/server/README.md#access-lists) docs for additional details about access lists. You can take
+access lists one step further by [enabling SSL](https://github.com/netdata/netdata/blob/master/web/server/README.md#enabling-tls-support) to encrypt data from local
dashboard in transit. The connection to Netdata Cloud is always secured with TLS.
## Use a reverse proxy
@@ -106,18 +110,18 @@ local dashboard and Netdata Cloud dashboards. You can use a reverse proxy to pas
enable HTTPS to encrypt metadata and metric values in transit.
We recommend Nginx, as it's what we use for our [demo server](https://london.my-netdata.io/), and we have a guide
-dedicated to [running Netdata behind Nginx](/docs/Running-behind-nginx.md).
+dedicated to [running Netdata behind Nginx](https://github.com/netdata/netdata/blob/master/docs/Running-behind-nginx.md).
-We also have guides for [Apache](/docs/Running-behind-apache.md), [Lighttpd](/docs/Running-behind-lighttpd.md),
-[HAProxy](/docs/Running-behind-haproxy.md), and [Caddy](/docs/Running-behind-caddy.md).
+We also have guides for [Apache](https://github.com/netdata/netdata/blob/master/docs/Running-behind-apache.md), [Lighttpd](https://github.com/netdata/netdata/blob/master/docs/Running-behind-lighttpd.md),
+[HAProxy](https://github.com/netdata/netdata/blob/master/docs/Running-behind-haproxy.md), and [Caddy](https://github.com/netdata/netdata/blob/master/docs/Running-behind-caddy.md).
## What's next?
-Read about [Netdata's security design](/docs/netdata-security.md) and our [blog
+Read about [Netdata's security design](https://github.com/netdata/netdata/blob/master/docs/netdata-security.md) and our [blog
post](https://www.netdata.cloud/blog/netdata-agent-dashboard/) about why the local Agent dashboard is both open and
secure by design.
-Next up, learn about [collectors](/docs/collect/how-collectors-work.md) to ensure you're gathering every essential
+Next up, learn about [collectors](https://github.com/netdata/netdata/blob/master/docs/collect/how-collectors-work.md) to ensure you're gathering every essential
metric about your node, its applications, and your infrastructure at large.
[![analytics](https://www.google-analytics.com/collect?v=1&aip=1&t=pageview&_s=1&ds=github&dr=https%3A%2F%2Fgithub.com%2Fnetdata%2Fnetdata&dl=https%3A%2F%2Fmy-netdata.io%2Fgithub%2Fdocs%2Fconfigure%2Fsecure-nodesa&_u=MAC~&cid=5792dfd7-8dc4-476b-af31-da2fdb9f93d2&tid=UA-64295674-3)](<>)
diff --git a/docs/configure/start-stop-restart.md b/docs/configure/start-stop-restart.md
index 4967fff08..3c04777da 100644
--- a/docs/configure/start-stop-restart.md
+++ b/docs/configure/start-stop-restart.md
@@ -1,12 +1,16 @@
<!--
title: "Start, stop, or restart the Netdata Agent"
description: "Manage the Netdata Agent daemon, load configuration changes, and troubleshoot stuck processes on systemd and non-systemd nodes."
-custom_edit_url: https://github.com/netdata/netdata/edit/master/docs/configure/start-stop-restart.md
+custom_edit_url: "https://github.com/netdata/netdata/edit/master/docs/configure/start-stop-restart.md"
+sidebar_label: "Start, stop, or restart the Netdata Agent"
+learn_status: "Published"
+learn_topic_type: "Tasks"
+learn_rel_path: "Operations"
-->
# Start, stop, or restart the Netdata Agent
-When you install the Netdata Agent, the [daemon](/daemon/README.md) is configured to start at boot and stop and
+When you install the Netdata Agent, the [daemon](https://github.com/netdata/netdata/blob/master/daemon/README.md) is configured to start at boot and stop and
restart/shutdown.
You will most often need to _restart_ the Agent to load new or editing configuration files. [Health
@@ -40,7 +44,7 @@ If you start the daemon this way, close it with `sudo killall netdata`.
## Using `netdatacli`
-The Netdata Agent also comes with a [CLI tool](/cli/README.md) capable of performing shutdowns. Start the Agent back up
+The Netdata Agent also comes with a [CLI tool](https://github.com/netdata/netdata/blob/master/cli/README.md) capable of performing shutdowns. Start the Agent back up
using your preferred method listed above.
```bash
@@ -80,19 +84,19 @@ again with `service netdata start`, or the appropriate method for your system.
## What's next?
-Learn more about [securing the Netdata Agent](/docs/configure/secure-nodes.md).
+Learn more about [securing the Netdata Agent](https://github.com/netdata/netdata/blob/master/docs/configure/secure-nodes.md).
You can also use the restart/reload methods described above to enable new features:
-- [Enable new collectors](/docs/collect/enable-configure.md) or tweak their behavior.
-- [Configure existing health alarms](/docs/monitor/configure-alarms.md) or create new ones.
-- [Enable notifications](/docs/monitor/enable-notifications.md) to receive updates about the health of your
+- [Enable new collectors](https://github.com/netdata/netdata/blob/master/docs/collect/enable-configure.md) or tweak their behavior.
+- [Configure existing health alarms](https://github.com/netdata/netdata/blob/master/docs/monitor/configure-alarms.md) or create new ones.
+- [Enable notifications](https://github.com/netdata/netdata/blob/master/docs/monitor/enable-notifications.md) to receive updates about the health of your
infrastructure.
-- Change [the long-term metrics retention period](/docs/store/change-metrics-storage.md) using the database engine.
+- Change [the long-term metrics retention period](https://github.com/netdata/netdata/blob/master/docs/store/change-metrics-storage.md) using the database engine.
### Related reference documentation
-- [Netdata Agent · Daemon](/daemon/README.md)
-- [Netdata Agent · Netdata CLI](/cli/README.md)
+- [Netdata Agent · Daemon](https://github.com/netdata/netdata/blob/master/daemon/README.md)
+- [Netdata Agent · Netdata CLI](https://github.com/netdata/netdata/blob/master/cli/README.md)
[![analytics](https://www.google-analytics.com/collect?v=1&aip=1&t=pageview&_s=1&ds=github&dr=https%3A%2F%2Fgithub.com%2Fnetdata%2Fnetdata&dl=https%3A%2F%2Fmy-netdata.io%2Fgithub%2Fdocs%2Fconfigure%2Fstart-stop-restart&_u=MAC~&cid=5792dfd7-8dc4-476b-af31-da2fdb9f93d2&tid=UA-64295674-3)](<>)