summaryrefslogtreecommitdiffstats
path: root/packaging/docker
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--packaging/docker/Dockerfile8
-rw-r--r--packaging/docker/README.md57
-rwxr-xr-xpackaging/docker/gen-cflags.sh9
3 files changed, 62 insertions, 12 deletions
diff --git a/packaging/docker/Dockerfile b/packaging/docker/Dockerfile
index 194fa536b..287c592bb 100644
--- a/packaging/docker/Dockerfile
+++ b/packaging/docker/Dockerfile
@@ -8,8 +8,6 @@ FROM netdata/builder:latest as builder
# One of 'nightly' or 'stable'
ARG RELEASE_CHANNEL=nightly
-ENV JUDY_VER 1.0.5
-
ARG CFLAGS
ENV CFLAGS=$CFLAGS
@@ -18,6 +16,10 @@ ARG EXTRA_INSTALL_OPTS
ENV EXTRA_INSTALL_OPTS=$EXTRA_INSTALL_OPTS
+ARG DEBUG_BUILD
+
+ENV DEBUG_BUILD=$DEBUG_BUILD
+
# Copy source
COPY . /opt/netdata.git
WORKDIR /opt/netdata.git
@@ -26,7 +28,7 @@ WORKDIR /opt/netdata.git
RUN chmod +x netdata-installer.sh && \
cp -rp /deps/* /usr/local/ && \
/bin/echo -e "INSTALL_TYPE='oci'\nPREBUILT_ARCH='$(uname -m)'" > ./system/.install-type && \
- CFLAGS="-O2 -pipe" ./netdata-installer.sh --dont-wait --dont-start-it --use-system-protobuf \
+ CFLAGS="$(packaging/docker/gen-cflags.sh)" ./netdata-installer.sh --dont-wait --dont-start-it --use-system-protobuf \
${EXTRA_INSTALL_OPTS} --one-time-build "$([ "$RELEASE_CHANNEL" = stable ] && echo --stable-channel)"
# files to one directory
diff --git a/packaging/docker/README.md b/packaging/docker/README.md
index dcce9a4a1..e3697fdaa 100644
--- a/packaging/docker/README.md
+++ b/packaging/docker/README.md
@@ -11,7 +11,7 @@ you get set up quickly, and doesn't install anything permanent on the system, wh
See our full list of Docker images at [Docker Hub](https://hub.docker.com/r/netdata/netdata).
-Starting with v1.30, Netdata collects anonymous usage information by default and sends it to a self hosted PostHog instance within the Netdata infrastructure. Read
+Starting with v1.30, Netdata collects anonymous usage information by default and sends it to a self-hosted PostHog instance within the Netdata infrastructure. Read
about the information collected, and learn how to-opt, on our [anonymous statistics](/docs/anonymous-statistics.md)
page.
@@ -133,12 +133,12 @@ You can control how the health checks run by using the environment variable `NET
In most cases, the default behavior of checking the `/api/v1/info`
endpoint will be sufficient. If you are using a configuration which
-disables the web server or restricts access to certain API's, you will
+disables the web server or restricts access to certain APIs, you will
need to use a non-default configuration for health checks to work.
## Configure Agent containers
-If you started an Agent container using one of the [recommended methods](#create-a-new-netdata-agent-container) and you
+If you started an Agent container using one of the [recommended methods](#create-a-new-netdata-agent-container), and you
want to edit Netdata's configuration, you must first use `docker exec` to attach to the container. Replace `netdata`
with the name of your container.
@@ -153,6 +153,9 @@ to restart the container: `docker restart netdata`.
### Host-editable configuration
+> **Warning**: [edit-config](/docs/configure/nodes.md#the-netdata-config-directory) script doesn't work when executed on
+> the host system.
+
If you want to make your container's configuration directory accessible from the host system, you need to use a
[volume](https://docs.docker.com/storage/bind-mounts/) rather than a bind mount. The following commands create a
temporary `netdata_tmp` container, which is used to populate a `netdataconfig` directory, which is then mounted inside
@@ -222,7 +225,7 @@ volumes:
You can change the hostname of a Docker container, and thus the name that appears in the local dashboard and in Netdata
Cloud, when creating a new container. If you want to change the hostname of a Netdata container _after_ you started it,
-you can safely stop and remove it. You configuration and metrics data reside in persistent volumes and are reattached to
+you can safely stop and remove it. Your configuration and metrics data reside in persistent volumes and are reattached to
the recreated container.
If you use `docker-run`, use the `--hostname` option with `docker run`.
@@ -251,7 +254,7 @@ how you created the container.
### Add or remove other volumes
-Some of the volumes are optional depending on how you use Netdata:
+Some volumes are optional depending on how you use Netdata:
- If you don't want to use the apps.plugin functionality, you can remove the mounts of `/etc/passwd` and `/etc/group`
(they are used to get proper user and group names for the monitored host) to get slightly better security.
@@ -367,6 +370,42 @@ services:
- DOCKER_USR=root
```
+### Docker container network interfaces monitoring
+
+Netdata can map a virtual interface in the system namespace to an interface inside a Docker container
+when using network [bridge](https://docs.docker.com/network/bridge/) driver. To do this, the Netdata container needs
+additional privileges:
+
+- the host PID mode. This turns on sharing between container and the host operating system the PID
+ address space (needed to get list of PIDs from `cgroup.procs` file).
+
+- `SYS_ADMIN` capability (needed to execute `setns()`).
+
+**docker run**:
+
+```bash
+docker run -d --name=netdata \
+ ...
+ --pid=host \
+ --cap-add SYS_ADMIN \
+ ...
+ netdata/netdata
+```
+
+**docker compose**:
+
+```yaml
+version: '3'
+services:
+ netdata:
+ image: netdata/netdata
+ container_name: netdata
+ pid: host
+ cap_add:
+ - SYS_ADMIN
+ ...
+```
+
### Pass command line options to Netdata
Since we use an [ENTRYPOINT](https://docs.docker.com/engine/reference/builder/#entrypoint) directive, you can provide
@@ -384,7 +423,7 @@ email address for [Let's Encrypt](https://letsencrypt.org/) before starting.
### Caddyfile
-This file needs to be placed in `/opt` with name `Caddyfile`. Here you customize your domain and you need to provide
+This file needs to be placed in `/opt` with name `Caddyfile`. Here you customize your domain, and you need to provide
your email address to obtain a Let's Encrypt certificate. Certificate renewal will happen automatically and will be
executed internally by the caddy server.
@@ -450,10 +489,10 @@ You may either use the command line tools available or take advantage of our Tra
### Inside Netdata organization, using Travis CI
-To enable Travis CI integration on your own repositories (Docker and Github), you need to be part of the Netdata
+To enable Travis CI integration on your own repositories (Docker and GitHub), you need to be part of the Netdata
organization.
-Once you have contacted the Netdata owners to setup you up on Github and Travis, execute the following steps
+Once you have contacted the Netdata owners to setup you up on GitHub and Travis, execute the following steps
- Preparation
- Have Netdata forked on your personal GitHub account
@@ -478,7 +517,7 @@ Once you have contacted the Netdata owners to setup you up on Github and Travis,
- While in Travis settings, under Netdata repository settings in the Environment Variables section, you need to add
the following:
- - `DOCKER_USERNAME` and `DOCKER_PWD` variables so that Travis can login to your Docker Hub account and publish
+ - `DOCKER_USERNAME` and `DOCKER_PWD` variables so that Travis can log in to your Docker Hub account and publish
Docker images there.
- `REPOSITORY` variable to `NETDATA_DEVELOPER/netdata`, where `NETDATA_DEVELOPER` is your GitHub handle again.
- `GITHUB_TOKEN` variable with the token generated on the preparation step, for Travis workflows to function
diff --git a/packaging/docker/gen-cflags.sh b/packaging/docker/gen-cflags.sh
new file mode 100755
index 000000000..3a80b7358
--- /dev/null
+++ b/packaging/docker/gen-cflags.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+if [ -n "${CFLAGS}" ]; then
+ echo "${CFLAGS}"
+elif [ -n "${DEBUG_BUILD}" ]; then
+ echo "-Og -ggdb -pipe"
+else
+ echo "-O2 -pipe"
+fi