From 81581f9719bc56f01d5aa08952671d65fda9867a Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Mon, 8 May 2023 18:27:08 +0200 Subject: Merging upstream version 1.39.0. Signed-off-by: Daniel Baumann --- packaging/PLATFORM_SUPPORT.md | 34 +- packaging/building-native-packages-locally.md | 8 +- packaging/check-kernel-config.sh | 7 +- packaging/docker/Dockerfile | 9 +- packaging/docker/README.md | 209 +++--- packaging/docker/run.sh | 15 + packaging/ebpf-co-re.checksums | 2 +- packaging/ebpf-co-re.version | 2 +- packaging/ebpf.checksums | 6 +- packaging/ebpf.version | 2 +- packaging/go.d.checksums | 34 +- packaging/go.d.version | 2 +- packaging/installer/README.md | 212 +++--- packaging/installer/REINSTALL.md | 12 +- packaging/installer/UNINSTALL.md | 21 +- packaging/installer/UPDATE.md | 12 +- packaging/installer/dependencies/alpine.sh | 1 + packaging/installer/dependencies/arch.sh | 1 + packaging/installer/dependencies/centos.sh | 3 +- packaging/installer/dependencies/clearlinux.sh | 1 + packaging/installer/dependencies/debian.sh | 1 + packaging/installer/dependencies/fedora.sh | 1 + packaging/installer/dependencies/freebsd.sh | 1 + packaging/installer/dependencies/gentoo.sh | 1 + packaging/installer/dependencies/ol.sh | 1 + packaging/installer/dependencies/opensuse.sh | 1 + packaging/installer/dependencies/rockylinux.sh | 1 + packaging/installer/dependencies/ubuntu.sh | 1 + packaging/installer/functions.sh | 108 ++- packaging/installer/install-required-packages.sh | 27 +- packaging/installer/kickstart.sh | 730 ++++++++++----------- packaging/installer/methods/ansible.md | 156 +++++ packaging/installer/methods/aws.md | 67 ++ packaging/installer/methods/azure.md | 68 ++ packaging/installer/methods/cloud-providers.md | 126 ---- packaging/installer/methods/freebsd.md | 113 +++- packaging/installer/methods/freenas.md | 24 - packaging/installer/methods/gcp.md | 70 ++ packaging/installer/methods/kickstart.md | 101 ++- packaging/installer/methods/kubernetes.md | 193 +++--- packaging/installer/methods/macos.md | 21 +- packaging/installer/methods/manual.md | 19 +- packaging/installer/methods/methods.md | 26 + packaging/installer/methods/offline.md | 19 +- packaging/installer/methods/packages.md | 10 +- packaging/installer/methods/pfsense.md | 3 + packaging/installer/methods/source.md | 6 +- packaging/installer/methods/synology.md | 11 +- packaging/installer/methods/systems.md | 18 + packaging/installer/netdata-uninstaller.sh | 12 + packaging/installer/netdata-updater.sh | 84 +-- packaging/maintainers/README.md | 8 +- packaging/makeself/README.md | 24 +- packaging/makeself/functions.sh | 7 +- packaging/makeself/install-or-update.sh | 29 +- .../jobs/50-libnetfilter_acct-1.0.3.install.sh | 39 ++ packaging/makeself/jobs/70-netdata-git.install.sh | 9 +- packaging/makeself/jobs/99-makeself.install.sh | 13 +- packaging/makeself/makeself-header.sh | 269 ++++++-- packaging/makeself/makeself-license.txt | 13 +- packaging/makeself/makeself.lsm | 2 +- packaging/makeself/makeself.sh | 489 +++++++++----- packaging/repoconfig/netdata-edge.repo.al | 21 + packaging/repoconfig/netdata-repo.spec | 8 + packaging/repoconfig/netdata.repo.al | 21 + packaging/version | 2 +- packaging/yaml.checksums | 1 + packaging/yaml.version | 1 + 68 files changed, 2143 insertions(+), 1426 deletions(-) create mode 100644 packaging/installer/methods/ansible.md create mode 100644 packaging/installer/methods/aws.md create mode 100644 packaging/installer/methods/azure.md delete mode 100644 packaging/installer/methods/cloud-providers.md delete mode 100644 packaging/installer/methods/freenas.md create mode 100644 packaging/installer/methods/gcp.md create mode 100644 packaging/installer/methods/methods.md create mode 100644 packaging/installer/methods/systems.md create mode 100755 packaging/makeself/jobs/50-libnetfilter_acct-1.0.3.install.sh create mode 100644 packaging/repoconfig/netdata-edge.repo.al create mode 100644 packaging/repoconfig/netdata.repo.al create mode 100644 packaging/yaml.checksums create mode 100644 packaging/yaml.version (limited to 'packaging') diff --git a/packaging/PLATFORM_SUPPORT.md b/packaging/PLATFORM_SUPPORT.md index 62e208c73..0de0c3b16 100644 --- a/packaging/PLATFORM_SUPPORT.md +++ b/packaging/PLATFORM_SUPPORT.md @@ -1,15 +1,15 @@ -# Netdata platform support policy +# Platform support policy Netdata defines three tiers of official support: @@ -63,8 +63,10 @@ to work on these platforms with minimal user effort. | Alma Linux | 8.x | x86\_64, AArch64 | Also includes support for Rocky Linux and other ABI compatible RHEL derivatives | | CentOS | 7.x | x86\_64 | | | Docker | 19.03 or newer | x86\_64, i386, ARMv7, AArch64, POWER8+ | See our [Docker documentation](https://github.com/netdata/netdata/blob/master/packaging/docker/README.md) for more info on using Netdata on Docker | +| Debian | 12.x | x86\_64, i386, ARMv7, AArch64 | | | Debian | 11.x | x86\_64, i386, ARMv7, AArch64 | | | Debian | 10.x | x86\_64, i386, ARMv7, AArch64 | | +| Fedora | 38 | x86\_64, AArch64 | | | Fedora | 37 | x86\_64, AArch64 | | | Fedora | 36 | x86\_64, AArch64 | | | openSUSE | Leap 15.4 | x86\_64, AArch64 | | @@ -73,10 +75,11 @@ to work on these platforms with minimal user effort. | Red Hat Enterprise Linux | 9.x | x86\_64, AArch64 | | | Red Hat Enterprise Linux | 8.x | x86\_64, AArch64 | | | Red Hat Enterprise Linux | 7.x | x86\_64 | | +| Ubuntu | 23.04 | x86\_64, AArch64, ARMv7 | | | Ubuntu | 22.10 | x86\_64, ARMv7, AArch64 | | | Ubuntu | 22.04 | x86\_64, ARMv7, AArch64 | | | Ubuntu | 20.04 | x86\_64, ARMv7, AArch64 | | -| Ubuntu | 18.04 | x86\_64, i386, ARMv7, AArch64 | | + ### Intermediate @@ -87,13 +90,14 @@ platforms that we officially support ourselves to the intermediate tier. Our [st expected to work on these platforms if available. Source-based installs are expected to work on these platforms with minimal user effort. -| Platform | Version | Official Native Packages | Notes | -|---------------|---------|--------------------------|-------------------------------------------------------------------------| -| Alpine Linux | 3.16 | No | | -| Alpine Linux | 3.15 | No | | -| Alpine Linux | 3.14 | No | | -| Arch Linux | Latest | No | We officially recommend the community packages available for Arch Linux | -| Manjaro Linux | Latest | No | We officially recommend the community packages available for Arch Linux | +| Platform | Version | Official Native Packages | Notes | +|---------------|---------|--------------------------|------------------------------------------------------------------------------------------------------| +| Alpine Linux | 3.16 | No | | +| Alpine Linux | 3.15 | No | | +| Amazon Linux | 2023 | x86\_64, AArch64 | Scheduled for promotion to Core tier at some point after the release of v1.39.0 of the Netdata Agent | +| Amazon Linux | 2 | x86\_64, AArch64 | Scheduled for promotion to Core tier at some point after the release of v1.39.0 of the Netdata Agent | +| Arch Linux | Latest | No | We officially recommend the community packages available for Arch Linux | +| Manjaro Linux | Latest | No | We officially recommend the community packages available for Arch Linux | ### Community @@ -152,6 +156,7 @@ This is a list of platforms that we have supported in the recent past but no lon | Platform | Version | Notes | |--------------|-----------|----------------------| +| Alpine Linux | 3.14 | EOL as of 2023-05-01 | | Alpine Linux | 3.13 | EOL as of 2022-11-01 | | Alpine Linux | 3.12 | EOL as of 2022-05-01 | | Debian | 9.x | EOL as of 2022-06-30 | @@ -160,6 +165,7 @@ This is a list of platforms that we have supported in the recent past but no lon | openSUSE | Leap 15.3 | EOL as of 2022-12-01 | | Ubuntu | 21.10 | EOL as of 2022-07-31 | | Ubuntu | 21.04 | EOL as of 2022-01-01 | +| Ubuntu | 18.04 | EOL as of 2023-04-02 | ## Static builds diff --git a/packaging/building-native-packages-locally.md b/packaging/building-native-packages-locally.md index 84a0fb4db..d3b473774 100644 --- a/packaging/building-native-packages-locally.md +++ b/packaging/building-native-packages-locally.md @@ -1,10 +1,6 @@ - +# Build native (DEB/RPM) packages for testing -# How to build native (DEB/RPM) packages locally for testing +This document provides instructions for developers who need to build native packages locally for testing. ## Requirements diff --git a/packaging/check-kernel-config.sh b/packaging/check-kernel-config.sh index ded322577..515259c13 100755 --- a/packaging/check-kernel-config.sh +++ b/packaging/check-kernel-config.sh @@ -51,15 +51,18 @@ fi if [ -n "${CONFIG_PATH}" ]; then GREP='grep' + CAT='cat' if echo "${CONFIG_PATH}" | grep -q '.gz'; then - GREP='zgrep' + CAT='zcat' fi REQUIRED_CONFIG="KPROBES KPROBES_ON_FTRACE HAVE_KPROBES BPF BPF_SYSCALL BPF_JIT" for required_config in ${REQUIRED_CONFIG}; do - if ! "${GREP}" -q "CONFIG_${required_config}=y" "${CONFIG_PATH}"; then + # Fix issue https://github.com/netdata/netdata/issues/14668 + # if ! "${GREP}" -q "CONFIG_${required_config}=y" "${CONFIG_PATH}"; then + if ! { "${CAT}" "${CONFIG_PATH}" | "${GREP}" -q "CONFIG_${required_config}=y" >&2 >/dev/null; } ;then echo >&2 " Missing Kernel Config: ${required_config}" exit 1 fi diff --git a/packaging/docker/Dockerfile b/packaging/docker/Dockerfile index ce5a0b932..fcd9432b5 100644 --- a/packaging/docker/Dockerfile +++ b/packaging/docker/Dockerfile @@ -51,7 +51,9 @@ RUN mkdir -p /app/usr/sbin/ \ mv /usr/sbin/netdatacli /app/usr/sbin/ && \ mv packaging/docker/run.sh /app/usr/sbin/ && \ mv packaging/docker/health.sh /app/usr/sbin/ && \ - cp -rp /deps/* /app/usr/local/ && \ + mkdir -p /deps/etc && \ + cp -rp /deps/etc /app/usr/local/etc && \ + chmod -R o+rX /app && \ chmod +x /app/usr/sbin/run.sh ##################################################################### @@ -106,6 +108,9 @@ RUN chown -R root:root \ if [ -f /usr/libexec/netdata/plugins.d/freeipmi.plugin ]; then \ chmod 4755 /usr/libexec/netdata/plugins.d/freeipmi.plugin; \ fi && \ + if [ -f /usr/libexec/netdata/plugins.d/go.d.plugin ] && command -v setcap 1>/dev/null 2>&1; then \ + setcap "cap_net_raw=eip" /usr/libexec/netdata/plugins.d/go.d.plugin 2>/dev/null; \ + fi && \ # Group write permissions due to: https://github.com/netdata/netdata/pull/6543 find /var/lib/netdata /var/cache/netdata -type d -exec chmod 0770 {} \; && \ find /var/lib/netdata /var/cache/netdata -type f -exec chmod 0660 {} \; && \ @@ -114,6 +119,8 @@ RUN chown -R root:root \ ENV NETDATA_LISTENER_PORT 19999 EXPOSE $NETDATA_LISTENER_PORT +ENV NETDATA_EXTRA_APK_PACKAGES="" + ENTRYPOINT ["/usr/sbin/run.sh"] HEALTHCHECK --interval=60s --timeout=10s --retries=3 CMD /usr/sbin/health.sh diff --git a/packaging/docker/README.md b/packaging/docker/README.md index aec5723e3..ef7dd6de7 100644 --- a/packaging/docker/README.md +++ b/packaging/docker/README.md @@ -1,26 +1,16 @@ -# Install the Netdata Agent with Docker +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; -Running the Netdata Agent in a container works best for an internal network or to quickly analyze a host. Docker helps -you get set up quickly, and doesn't install anything permanent on the system, which makes uninstalling the Agent easy. - -See our full list of Docker images at [Docker Hub](https://hub.docker.com/r/netdata/netdata). - -Starting with v1.30, Netdata collects anonymous usage information by default and sends it to a self-hosted PostHog instance within the Netdata infrastructure. Read -about the information collected, and learn how to-opt, on our [anonymous statistics](https://github.com/netdata/netdata/blob/master/docs/anonymous-statistics.md) -page. - -The usage statistics are _vital_ for us, as we use them to discover bugs and prioritize new features. We thank you for -_actively_ contributing to Netdata's future. +# Install Netdata with Docker ## Limitations running the Agent in Docker @@ -41,22 +31,7 @@ and unfortunately not something we can realistically work around. ## Create a new Netdata Agent container -> **Notice**: all `docker run` commands and `docker-compose` configurations explicitly set the `nofile` limit. This is -> required on some distros until [14177](https://github.com/netdata/netdata/issues/14177) is resolved. Failure to do so -> may cause a task running in a container to hang and consume 100% of the CPU core. - -
-What are these "some distros"? - -If `LimitNOFILE=infinity` results in an open file limit of 1073741816: - -```bash -[fedora37 ~]$ docker run --rm busybox grep open /proc/self/limits -Max open files 1073741816 1073741816 files -``` -
- -You can create a new Agent container using either `docker run` or Docker Compose. After using either method, you can +You can create a new Agent container using either `docker run` or `docker-compose`. After using either method, you can visit the Agent dashboard `http://NODE:19999`. Both methods create a [bind mount](https://docs.docker.com/storage/bind-mounts/) for Netdata's configuration files @@ -64,7 +39,12 @@ _within the container_ at `/etc/netdata`. See the [configuration section](#confi you want to access the configuration files from your _host_ machine, see [host-editable configuration](#host-editable-configuration). -**`docker run`**: Use the `docker run` command, along with the following options, to start a new container. + + + +

Using the docker run command

+ +Run the following command along with the following options on your terminal, to start a new container. ```bash docker run -d --name=netdata \ @@ -80,48 +60,65 @@ docker run -d --name=netdata \ --restart unless-stopped \ --cap-add SYS_PTRACE \ --security-opt apparmor=unconfined \ - --ulimit nofile=4096 \ netdata/netdata ``` -**Docker Compose**: Copy the following code and paste into a new file called `docker-compose.yml`, then run -`docker-compose up -d` in the same directory as the `docker-compose.yml` file to start the container. - -```yaml -version: '3' -services: - netdata: - image: netdata/netdata - container_name: netdata - hostname: example.com # set to fqdn of host - ports: - - 19999:19999 - restart: unless-stopped - cap_add: - - SYS_PTRACE - security_opt: - - apparmor:unconfined - ulimits: - nofile: - soft: 4096 - volumes: - - netdataconfig:/etc/netdata - - netdatalib:/var/lib/netdata - - netdatacache:/var/cache/netdata - - /etc/passwd:/host/etc/passwd:ro - - /etc/group:/host/etc/group:ro - - /proc:/host/proc:ro - - /sys:/host/sys:ro - - /etc/os-release:/host/etc/os-release:ro - -volumes: - netdataconfig: - netdatalib: - netdatacache: -``` +> ### Note +> +> If you plan to Claim the node to Netdata Cloud, you can find the command with the right parameters by clicking the "Add Nodes" button in your Space's Nodes tab. + + + + +

Using the docker-compose command

+ +#### Steps + +1. Copy the following code and paste into a new file called `docker-compose.yml` + + ```yaml + version: '3' + services: + netdata: + image: netdata/netdata + container_name: netdata + hostname: example.com # set to fqdn of host + ports: + - 19999:19999 + restart: unless-stopped + cap_add: + - SYS_PTRACE + security_opt: + - apparmor:unconfined + volumes: + - netdataconfig:/etc/netdata + - netdatalib:/var/lib/netdata + - netdatacache:/var/cache/netdata + - /etc/passwd:/host/etc/passwd:ro + - /etc/group:/host/etc/group:ro + - /proc:/host/proc:ro + - /sys:/host/sys:ro + - /etc/os-release:/host/etc/os-release:ro + + volumes: + netdataconfig: + netdatalib: + netdatacache: + ``` + +2. Run `docker-compose up -d` in the same directory as the `docker-compose.yml` file to start the container. + +> :bookmark_tabs: Note +> +> If you plan to Claim the node to Netdata Cloud, you can find the command with the right parameters by clicking the "Add Nodes" button in your Space's "Nodes" view. + + + ## Docker tags +See our full list of Docker images at [Docker Hub](https://hub.docker.com/r/netdata/netdata). + The official `netdata/netdata` Docker image provides the following named tags: * `stable`: The `stable` tag will always point to the most recently published stable build. @@ -136,6 +133,20 @@ Additionally, for each stable release, three tags are pushed, one with the full that would match that tag (for example, if `v1.30.1` were to be published, the `v1.30` tag would be updated to point to that instead of `v1.30.0`). +## Adding extra packages at runtime + +By default, the official Netdata container images do not include a number of optional runtime dependencies. You +can add these dependencies, or any other APK packages, at runtime by listing them in the environment variable +`NETDATA_EXTRA_APK_PACKAGES`. + +Commonly useful packages include: + +- `apcupsd`: For monitoring APC UPS devices. +- `libvirt-daemon`: For resolving cgroup names for libvirt domains. +- `lm-sensors`: For monitoring hardware sensors. +- `msmtp`: For email alert support. +- `netcat-openbsd`: For IRC alert support. + ## Health Checks Our Docker image provides integrated support for health checks through the standard Docker interfaces. @@ -176,7 +187,9 @@ to restart the container: `docker restart netdata`. ### Host-editable configuration -> **Warning**: [edit-config](https://github.com/netdata/netdata/blob/master/docs/configure/nodes.md#the-netdata-config-directory) script doesn't work when executed on +> :warning: Warning +> +> The [edit-config](https://github.com/netdata/netdata/blob/master/docs/configure/nodes.md#the-netdata-config-directory) script doesn't work when executed on > the host system. If you want to make your container's configuration directory accessible from the host system, you need to use a @@ -208,7 +221,6 @@ docker run -d --name=netdata \ --restart unless-stopped \ --cap-add SYS_PTRACE \ --security-opt apparmor=unconfined \ - --ulimit nofile=4096 \ netdata/netdata ``` @@ -230,9 +242,6 @@ services: - SYS_PTRACE security_opt: - apparmor:unconfined - ulimits: - nofile: - soft: 4096 volumes: - ./netdataconfig/netdata:/etc/netdata:ro - netdatalib:/var/lib/netdata @@ -322,17 +331,17 @@ your machine from within the container. Please read the following carefully. #### Docker socket proxy (safest option) Deploy a Docker socket proxy that accepts and filters out requests using something like -[HAProxy](https://github.com/netdata/netdata/blob/master/docs/Running-behind-haproxy.md) so that it restricts connections to read-only access to the CONTAINERS +[HAProxy](https://github.com/netdata/netdata/blob/master/docs/Running-behind-haproxy.md) or +[CetusGuard](https://github.com/hectorm/cetusguard) so that it restricts connections to read-only access to the `/containers` endpoint. The reason it's safer to expose the socket to the proxy is because Netdata has a TCP port exposed outside the Docker network. Access to the proxy container is limited to only within the network. -Below is [an example repository (and image)](https://github.com/Tecnativa/docker-socket-proxy) that provides a proxy to -the socket. +Here are two examples, the first using [a Docker image based on HAProxy](https://github.com/Tecnativa/docker-socket-proxy) +and the second using [CetusGuard](https://github.com/hectorm/cetusguard). -You run the Docker Socket Proxy in its own Docker Compose file and leave it on a private network that you can add to -other services that require access. +##### Docker Socket Proxy (HAProxy) ```yaml version: '3' @@ -347,17 +356,46 @@ services: proxy: image: tecnativa/docker-socket-proxy volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro + - /var/run/docker.sock:/var/run/docker.sock:ro environment: - CONTAINERS=1 - ``` **Note:** Replace `2375` with the port of your proxy. +##### CetusGuard + +```yaml +version: '3' +services: + netdata: + image: netdata/netdata + # ... rest of your config ... + ports: + - 19999:19999 + environment: + - DOCKER_HOST=cetusguard:2375 + cetusguard: + image: hectorm/cetusguard:v1 + read_only: true + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + environment: + CETUSGUARD_BACKEND_ADDR: unix:///var/run/docker.sock + CETUSGUARD_FRONTEND_ADDR: tcp://:2375 + CETUSGUARD_RULES: | + ! Inspect a container + GET %API_PREFIX_CONTAINERS%/%CONTAINER_ID_OR_NAME%/json +``` + +You can run the socket proxy in its own Docker Compose file and leave it on a private network that you can add to +other services that require access. + #### Giving group access to the Docker socket (less safe) +> :warning: Caution +> > You should seriously consider the necessity of activating this option, as it grants to the `netdata` -user access to the privileged socket connection of docker service and therefore your whole machine. +> user access to the privileged socket connection of docker service and therefore your whole machine. If you want to have your container names resolved by Netdata, make the `netdata` user be part of the group that owns the socket. @@ -386,6 +424,8 @@ grep docker /etc/group | cut -d ':' -f 3 #### Running as root (unsafe) +> :warning: Caution +> > You should seriously consider the necessity of activating this option, as it grants to the `netdata` user access to > the privileged socket connection of docker service, and therefore your whole machine. @@ -495,9 +535,6 @@ services: - SYS_PTRACE security_opt: - apparmor:unconfined - ulimits: - nofile: - soft: 4096 volumes: - netdatalib:/var/lib/netdata - netdatacache:/var/cache/netdata @@ -520,4 +557,4 @@ Caddyfile. ## Publish a test image to your own repository At Netdata, we provide multiple ways of testing your Docker images using your own repositories. -You may either use the command line tools available or take advantage of our GitHub Acions infrastructure. +You may either use the command line tools available or take advantage of our GitHub Actions infrastructure. diff --git a/packaging/docker/run.sh b/packaging/docker/run.sh index 9029e22b6..ed77c394a 100755 --- a/packaging/docker/run.sh +++ b/packaging/docker/run.sh @@ -21,6 +21,8 @@ if [ ! "${DISABLE_TELEMETRY:-0}" -eq 0 ] || touch /etc/netdata/.opt-out-from-anonymous-statistics fi +chmod o+rX / # Needed to fix permissions issues in some cases. + BALENA_PGID=$(stat -c %g /var/run/balena.sock 2>/dev/null || true) DOCKER_PGID=$(stat -c %g /var/run/docker.sock 2>/dev/null || true) @@ -67,4 +69,17 @@ if [ -n "${NETDATA_CLAIM_URL}" ] && [ -n "${NETDATA_CLAIM_TOKEN}" ] && [ ! -f /v -daemon-not-running fi +if [ -n "${NETDATA_EXTRA_APK_PACKAGES}" ]; then + echo "Fetching APK repository metadata." + if ! apk update; then + echo "Failed to fetch APK repository metadata." + else + echo "Installing supplementary packages." + # shellcheck disable=SC2086 + if ! apk add --no-cache ${NETDATA_EXTRA_APK_PACKAGES}; then + echo "Failed to install supplementary packages." + fi + fi +fi + exec /usr/sbin/netdata -u "${DOCKER_USR}" -D -s /host -p "${NETDATA_LISTENER_PORT}" "$@" diff --git a/packaging/ebpf-co-re.checksums b/packaging/ebpf-co-re.checksums index 7f08d7327..813e421cc 100644 --- a/packaging/ebpf-co-re.checksums +++ b/packaging/ebpf-co-re.checksums @@ -1 +1 @@ -d1864cd736d236aa3738152d86096529830822a26405a62fe164779949bb3658 netdata-ebpf-co-re-glibc-v1.1.0.tar.xz +a50e649635cc2fe86c21a08334ee73451f08591ebbda8b5d0012c3b8fad2cc1e netdata-ebpf-co-re-glibc-v1.1.2.tar.xz diff --git a/packaging/ebpf-co-re.version b/packaging/ebpf-co-re.version index 795460fce..0f1acbd56 100644 --- a/packaging/ebpf-co-re.version +++ b/packaging/ebpf-co-re.version @@ -1 +1 @@ -v1.1.0 +v1.1.2 diff --git a/packaging/ebpf.checksums b/packaging/ebpf.checksums index e74349115..0d0be4eab 100644 --- a/packaging/ebpf.checksums +++ b/packaging/ebpf.checksums @@ -1,3 +1,3 @@ -7f28bb61b1e9fdac59e5f8f041502c54f319048c1cf4adaa96ace3360f55a80e ./netdata-kernel-collector-glibc-v1.1.0.tar.xz -5d927deadac9a4a5bc8a5be386aec2ea4f9b8335e60eadf375b11e7656404270 ./netdata-kernel-collector-musl-v1.1.0.tar.xz -0d8825b77b8ba20e10b6e24f15c1d65a43f1c47dced93798839adc789f1427d3 ./netdata-kernel-collector-static-v1.1.0.tar.xz +597a20895bbedcf87528b08fa9057426bd3c7638aa1ffac94f8987a90634513d ./netdata-kernel-collector-glibc-v1.1.2.tar.xz +25db2232b75bdb7fc6e10db870c3a3290f52ecfcdcf546d0e51947f2a4c17ccf ./netdata-kernel-collector-musl-v1.1.2.tar.xz +1d60425f5e8c6e30b3be86028dfc62c16022d8fe561e4c21c84cf6e8b998cd7d ./netdata-kernel-collector-static-v1.1.2.tar.xz diff --git a/packaging/ebpf.version b/packaging/ebpf.version index 795460fce..0f1acbd56 100644 --- a/packaging/ebpf.version +++ b/packaging/ebpf.version @@ -1 +1 @@ -v1.1.0 +v1.1.2 diff --git a/packaging/go.d.checksums b/packaging/go.d.checksums index 3e70b04f1..6f338464c 100644 --- a/packaging/go.d.checksums +++ b/packaging/go.d.checksums @@ -1,17 +1,17 @@ -dee3c1e54cad22796489abd1924462cfcbd2cf8ff7329f9a595966291e18714d *config.tar.gz -4188350b0c7f0f3dcfabf01e0281b41baa085327655a32215a0863ec651c0186 *go.d.plugin-v0.50.0.darwin-amd64.tar.gz -6068657f08c21eeb57508c47dab544f7493ac14f63261c8bdfeb2b326f5e980c *go.d.plugin-v0.50.0.darwin-arm64.tar.gz -cdee540016daa37b84ac8c66feb141f83d328371e7bd464e99de99584d0813ca *go.d.plugin-v0.50.0.freebsd-386.tar.gz -4196b233aff75747749df9894d15f078a40945709b0b2d6d9c6387d992cf4933 *go.d.plugin-v0.50.0.freebsd-amd64.tar.gz -188c29003f1394a7136b1f69a659fff46b3ea9cbfd994fd9e315834745eac63a *go.d.plugin-v0.50.0.freebsd-arm.tar.gz -80ce0196693d735d578c19a3561ea5bda0b54101c22d129c999807942d076f2a *go.d.plugin-v0.50.0.freebsd-arm64.tar.gz -a75ba3cdebd1b428dacd4a14759c7e22d50432b49a9c8d5c846f8aa4e23aa9e2 *go.d.plugin-v0.50.0.linux-386.tar.gz -7eb762de4103a8930a7962b6b1202ce188340ae1cd6ea04757e40e7482bfaed0 *go.d.plugin-v0.50.0.linux-amd64.tar.gz -cfa3b1a28664fbd76a338f574c2e37d41b58552ace98f86cbe4dc3ac48785371 *go.d.plugin-v0.50.0.linux-arm.tar.gz -2b77f8a3d33290a7cb9fa95f8635cb1cd3ce4331a7543312cfdac3902a2489e0 *go.d.plugin-v0.50.0.linux-arm64.tar.gz -56205b61eb4c1a6798a0d6852b3c734e7c764861ae6baa490e2db55ba593c52a *go.d.plugin-v0.50.0.linux-mips.tar.gz -384af1658f02f9b295a2c2aa021dd64c46c03c52b9a573dbbd7f9fe0ffd841e0 *go.d.plugin-v0.50.0.linux-mips64.tar.gz -d93711f93e9da7f2b8f9162c0af80b3443687b1e01494c42b9ccd099534f2fae *go.d.plugin-v0.50.0.linux-mips64le.tar.gz -9462186774633294b46f04fbd78dc930bdff54bb1e8d5fa634f1d9b99d8d4e4b *go.d.plugin-v0.50.0.linux-mipsle.tar.gz -bdcfdc75dc5073556fdece5865cd9b19fc5306d68fe653afc3e97594f185386e *go.d.plugin-v0.50.0.linux-ppc64.tar.gz -e13c9c1ad13e664b477762b7be9b17877945e1337ee1832b11dd7be2c6cfb1c9 *go.d.plugin-v0.50.0.linux-ppc64le.tar.gz +dc6cf312bf8211236c141a67aa8571ac58e98f9705dfcb5dc1a3103732a053a0 *config.tar.gz +2c6d0cee9207d00fe3f7e0845193cd511d40239ce94edcbaeb7319674ec86245 *go.d.plugin-v0.52.2.darwin-amd64.tar.gz +75bf5ac062bec27856890b12e6d5e5be0ecb931d25e2d0cba8f0e3c72f1255fd *go.d.plugin-v0.52.2.darwin-arm64.tar.gz +4a8a55c2bed0674019acd280aebc9f02ba958fa4e6f78ac3e88ffddd68254a36 *go.d.plugin-v0.52.2.freebsd-386.tar.gz +117316e1f9d945cfb6c9a8b7ee4576cf5dd27b9237fd21bae9fbbddc80aa0dc5 *go.d.plugin-v0.52.2.freebsd-amd64.tar.gz +ecb4ee060f153fb711a112e61eb126f893adb64badbb2dbc8e19c72230fa24b4 *go.d.plugin-v0.52.2.freebsd-arm.tar.gz +ae3057d396ab133ff19880644897ff9e4a1b34b85262422df3e9e079b72507f8 *go.d.plugin-v0.52.2.freebsd-arm64.tar.gz +446bbb62858db60b15e50710091186ba00de728b3e349d9f7db77f1475a8891f *go.d.plugin-v0.52.2.linux-386.tar.gz +fff928e244f87dd0b07734aaad87240957f5ee571e4f4196f4d50300d67ff8ec *go.d.plugin-v0.52.2.linux-amd64.tar.gz +2beb004ecc2820c76d8eb82a5da5251e21cc93675b0dd6575e393f4762f60d28 *go.d.plugin-v0.52.2.linux-arm.tar.gz +234cc81cbb7e104a8882aeff03ecd56214cb0aeb923db60c42aa0b6131f34bab *go.d.plugin-v0.52.2.linux-arm64.tar.gz +1a4c1106c82439a3e488d7a3b42432cefa27577e2425daf73871af7431d14ae8 *go.d.plugin-v0.52.2.linux-mips.tar.gz +29ebc77c995d4428018cf6f014023639e123f88dcebd026a3e476413261a4981 *go.d.plugin-v0.52.2.linux-mips64.tar.gz +9e6262de77b2e5f0ba2d0882097eaf68f727a0af0fd9d31bd547a8fa55bdeb04 *go.d.plugin-v0.52.2.linux-mips64le.tar.gz +05b7bbad67a36aa42f7a2933f0f429689ae7f5d23c9ce54bc26b9b386ddfca4b *go.d.plugin-v0.52.2.linux-mipsle.tar.gz +9b18de7731d02fd2fc48fe250ea071f4d797b9af26b51d562a4bc39cf5d7f34c *go.d.plugin-v0.52.2.linux-ppc64.tar.gz +357350165a42aa2c7fc03694a9176608943f6c3e4ce0e40ebad5bd5304b024e6 *go.d.plugin-v0.52.2.linux-ppc64le.tar.gz diff --git a/packaging/go.d.version b/packaging/go.d.version index f6460f6bb..e831eb735 100644 --- a/packaging/go.d.version +++ b/packaging/go.d.version @@ -1 +1 @@ -v0.50.0 +v0.52.2 diff --git a/packaging/installer/README.md b/packaging/installer/README.md index 90d3b8de2..869684da3 100644 --- a/packaging/installer/README.md +++ b/packaging/installer/README.md @@ -1,116 +1,147 @@ - +import { OneLineInstallWget, OneLineInstallCurl } from '@site/src/components/OneLineInstall/' +import { InstallRegexLink, InstallBoxRegexLink } from '@site/src/components/InstallRegexLink/' +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; -import { Install, InstallBox } from '@site/src/components/Install/' +# Install Netdata -import { OneLineInstallWget, OneLineInstallCurl } from '@site/src/components/OneLineInstall/' +This document will guide you through installing the open-source Netdata monitoring Agent on Linux, Docker, Kubernetes, and many others, often with one command. -# Installation guide +## Get started -Netdata is a monitoring agent designed to run on all your systems: physical and virtual servers, containers, even -IoT/edge devices. Netdata runs on Linux, FreeBSD, macOS, Kubernetes, Docker, and all their derivatives. +Netdata is a free and open-source (FOSS) monitoring agent that collects thousands of hardware and software metrics from +any physical or virtual system (we call them _nodes_). These metrics are organized in an easy-to-use and -navigate interface. -The best way to install Netdata is with our [**automatic one-line installation -script**](#automatic-one-line-installation-script), which works with all Linux distributions and most macOS environments. +Together with [Netdata Cloud](https://github.com/netdata/netdata/blob/master/docs/quickstart/infrastructure.md), you can monitor your entire infrastructure in +real time and troubleshoot problems that threaten the health of your nodes. -If you want to install Netdata with Docker, on a Kubernetes cluster, or a different operating system, see [Have a -different operating system, or want to try another -method?](#have-a-different-operating-system-or-want-to-try-another-method) +Netdata runs permanently on all your physical/virtual servers, containers, cloud deployments, and edge/IoT devices. It +runs on Linux distributions (Ubuntu, Debian, CentOS, and more), container/microservice platforms (Kubernetes clusters, +Docker), and many other operating systems (FreeBSD, macOS), with no `sudo` required. -Some third parties, such as the packaging teams at various Linux distributions, distribute old, broken, or altered -packages. We recommend you install Netdata using one of the methods listed below to guarantee you get the latest -checksum-verified packages. +To install Netdata in minutes on your platform: -Netdata collects anonymous usage information by default and sends it to our self hosted [PostHog](https://github.com/PostHog/posthog) installation. PostHog is an open source product analytics platform, you can read -about the information collected, and learn how to-opt, on our [anonymous statistics](https://github.com/netdata/netdata/blob/master/docs/anonymous-statistics.md) -page. +1. Sign up to +2. You will be presented with an empty space, and a prompt to "Connect Nodes" with the install command for each platform +3. Select the platform you want to install Netdata to, copy and paste the script into your node's terminal, and run it -The usage statistics are _vital_ for us, as we use them to discover bugs and prioritize new features. We thank you for -_actively_ contributing to Netdata's future. +Upon installation completing successfully, you should be able to see the node live in your Netdata Space and live charts +in the Overview tab. [Read more about the cloud features](https://github.com/netdata/netdata/blob/master/docs/quickstart/infrastructure.md). -## Automatic one-line installation script +Where you go from here is based on your use case, immediate needs, and experience with monitoring and troubleshooting, +but we have some hints on what you might want to do next. -![](https://registry.my-netdata.io/api/v1/badge.svg?chart=web_log_nginx.requests_by_url_pattern&options=unaligned&dimensions=kickstart&group=sum&after=-3600&label=last+hour&units=installations&value_color=orange&precision=0) ![](https://registry.my-netdata.io/api/v1/badge.svg?chart=web_log_nginx.requests_by_url_pattern&options=unaligned&dimensions=kickstart&group=sum&after=-86400&label=today&units=installations&precision=0) +### What's next? -This method is fully automatic on all Linux distributions, including Ubuntu, Debian, Fedora, CentOS, and others, as well as on mac OS environments. +Explore our [general advanced installation options and troubleshooting](#advanced-installation-options-and-troubleshooting), specific options +for the [single line installer](#install-on-linux-with-one-line-installer), or [other installation methods](#other-installation-methods). -To install Netdata, including all dependencies required to connect to Netdata Cloud, and get _automatic nightly -updates_, run the following as your normal user: +#### Agent user interface - +To access the UI provided by the locally installed agent, open a browser and navigate to `http://NODE:19999`, replacing `NODE` with either `localhost` or +the hostname/IP address of the remote node. You can also read more about +[the agent dashboard](https://github.com/netdata/netdata/blob/master/web/gui/README.md). -Or, if you have cURL but not wget (such as on macOS): +#### Configuration - +Discover the recommended way to [configure Netdata's settings or behavior](https://github.com/netdata/netdata/blob/master/docs/configure/nodes.md) using our built-in +`edit-config` script, then apply that knowledge to mission-critical tweaks, such as [changing how long Netdata stores +metrics](https://github.com/netdata/netdata/blob/master/docs/store/change-metrics-storage.md). -This script will preferentially use native DEB/RPM packages if we provide them for your platform. +#### Data collection -To see more information about this installation script, including how to disable automatic updates, get nightly vs. -stable releases, or disable anonymous statistics, see the [`kickstart.sh` method -page](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/kickstart.md). +If Netdata didn't autodetect all the hardware, containers, services, or applications running on your node, you should +learn more about [how data collectors work](https://github.com/netdata/netdata/blob/master/collectors/README.md). If there's a [supported +collector](https://github.com/netdata/netdata/blob/master/collectors/COLLECTORS.md) for metrics you need, [configure the collector](https://github.com/netdata/netdata/blob/master/collectors/REFERENCE.md) +or read about its requirements to configure your endpoint to publish metrics in the correct format and endpoint. -Scroll down for details about [automatic updates](#automatic-updates) or [nightly vs. stable -releases](#nightly-vs-stable-releases). +#### Alarms & notifications -### Post-installation +Netdata comes with hundreds of preconfigured alarms, designed by our monitoring gurus in parallel with our open-source +community, but you may want to [edit alarms](https://github.com/netdata/netdata/blob/master/health/REFERENCE.md) or +[enable notifications](https://github.com/netdata/netdata/blob/master/docs/monitor/enable-notifications.md) to customize your Netdata experience. -When you're finished with installation, check out our [single-node](https://github.com/netdata/netdata/blob/master/docs/quickstart/single-node.md) or -[infrastructure](https://github.com/netdata/netdata/blob/master/docs/quickstart/infrastructure.md) monitoring quickstart guides based on your use case. +#### Make your deployment production ready -Or, skip straight to [configuring the Netdata Agent](https://github.com/netdata/netdata/blob/master/docs/configure/nodes.md). +Go through our [deployment strategies](https://github.com/netdata/netdata/edit/master/docs/category-overview-pages/deployment-strategies.md), +for suggested configuration changes for production deployments. -Read through Netdata's [documentation](https://learn.netdata.cloud/docs), which is structured based on actions and -solutions, to enable features like health monitoring, alarm notifications, long-term metrics storage, exporting to -external databases, and more. +## Install on Linux with one-line installer -## Have a different operating system, or want to try another method? +The **recommended** way to install Netdata on a Linux node (physical, virtual, container, IoT) is our one-line +[kickstart script](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/kickstart.md). +This script automatically installs dependencies and builds Netdata from its source code. -Netdata works on many different platforms. To see all supported platforms, check out our [platform support -policy](https://github.com/netdata/netdata/blob/master/packaging/PLATFORM_SUPPORT.md). +To install, copy the script, paste it into your node's terminal, and hit `Enter` to begin the installation process. -Below, you can find a few additional installation methods, followed by separate instructions for a variety of unique -operating systems. + + wget> -### Alternative methods + - - - - + curl> + + + + + + +> ### Note +> +> If you plan to also claim the node to Netdata Cloud, make sure to replace `YOUR_CLAIM_TOKEN` with the claim token of your space, and `YOUR_ROOM_ID` with the ID of the room you are claiming to. +> You can leave the room id blank to have your node claimed to the default "All nodes" room. + +Jump down to [what's next](#whats-next) to learn how to view your new dashboard and take your next steps monitoring and +troubleshooting with Netdata. + +## Other installation methods + + + - - - + - - - + + +- [Native DEB/RPM packages](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/packages.md) +- [Run with Docker](https://github.com/netdata/netdata/blob/master/packaging/docker/README.md) +- [Deploy on Kubernetes](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/kubernetes.md) +- [Install on macOS](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/macos.md) +- [Linux from Git](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/manual.md) +- [Linux from source](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/source.md) +- [Linux for offline nodes](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/offline.md) + +The full list of all installation methods for various systems is available in [Netdata Learn](https://learn.netdata.cloud), +under [Installation](https://github.com/netdata/netdata/blob/master/docs/category-overview-pages/installation-overview.md). -## Automatic updates +## Advanced installation options and troubleshooting + +### Automatic updates By default, Netdata's installation scripts enable automatic updates for both nightly and stable release channels. @@ -125,7 +156,7 @@ wget -O /tmp/netdata-kickstart.sh https://my-netdata.io/kickstart.sh && sh /tmp/ With automatic updates disabled, you can choose exactly when and how you [update Netdata](https://github.com/netdata/netdata/blob/master/packaging/installer/UPDATE.md). -### Network usage of Netdata’s automatic updater +#### Network usage of Netdata’s automatic updater The auto-update functionality set up by the installation scripts requires working internet access to function correctly. In particular, it currently requires access to GitHub (to check if a newer version of the updater script @@ -136,7 +167,7 @@ Note that the auto-update functionality will check for updates to itself indepen and will try to use the latest version of the updater script whenever possible. This is intended to reduce the amount of effort required by users to get updates working again in the event of a bug in the updater code. -## Nightly vs. stable releases +### Nightly vs. stable releases The Netdata team maintains two releases of the Netdata agent: **nightly** and **stable**. By default, Netdata's installation scripts will give you **automatic, nightly** updates, as that is our recommended configuration. @@ -153,22 +184,29 @@ the community helps fix any bugs that might have been introduced in previous rel **Pros of using nightly releases:** -- Get the latest features and bug fixes as soon as they're available -- Receive security-related fixes immediately -- Use stable, fully-tested code that's always improving -- Leverage the same Netdata experience our community is using +- Get the latest features and bug fixes as soon as they're available +- Receive security-related fixes immediately +- Use stable, fully-tested code that's always improving +- Leverage the same Netdata experience our community is using **Pros of using stable releases:** -- Protect yourself from the rare instance when major bugs slip through our testing and negatively affect a Netdata +- Protect yourself from the rare instance when major bugs slip through our testing and negatively affect a Netdata installation -- Retain more control over the Netdata version you use +- Retain more control over the Netdata version you use + +### Anonymous statistics -## Troubleshooting and known issues +Starting with v1.30, Netdata collects anonymous usage information by default and sends it to a self-hosted PostHog instance within the Netdata infrastructure. Read about the information collected, and learn how to-opt, on our [anonymous statistics](https://github.com/netdata/netdata/blob/master/docs/anonymous-statistics.md) page. + +The usage statistics are _vital_ for us, as we use them to discover bugs and prioritize new features. We thank you for +_actively_ contributing to Netdata's future. + +### Troubleshooting and known issues We are tracking a few issues related to installation and packaging. -### Older distributions (Ubuntu 14.04, Debian 8, CentOS 6) and OpenSSL +#### Older distributions (Ubuntu 14.04, Debian 8, CentOS 6) and OpenSSL If you're running an older Linux distribution or one that has reached EOL, such as Ubuntu 14.04 LTS, Debian 8, or CentOS 6, your Agent may not be able to securely connect to Netdata Cloud due to an outdated version of OpenSSL. These old @@ -179,13 +217,13 @@ If you choose to continue using the outdated version of OpenSSL, your node will with hostname verification disabled. Without verification, your Netdata Cloud connection could be vulnerable to man-in-the-middle attacks. -### CentOS 6 and CentOS 8 +#### CentOS 6 and CentOS 8 To install the Agent on certain CentOS and RHEL systems, you must enable non-default repositories, such as EPEL or PowerTools, to gather hard dependencies. See the [CentOS 6](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/manual.md#centos--rhel-6x) and [CentOS 8](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/manual.md#centos--rhel-8x) sections for more information. -### Access to file is not permitted +#### Access to file is not permitted If you see an error similar to `Access to file is not permitted: /usr/share/netdata/web//index.html` when you try to visit the Agent dashboard at `http://NODE:19999`, you need to update Netdata's permissions to match those of your @@ -207,16 +245,14 @@ These files need to have the same user and group used to install your netdata. S # chown -R netdata.netdata /usr/share/netdata/web ``` -### Multiple versions of OpenSSL +#### Multiple versions of OpenSSL We've received reports from the community about issues with running the `kickstart.sh` script on systems that have both a distribution-installed version of OpenSSL and a manually-installed local version. The Agent's installer cannot handle both. -### Clang compiler on Linux +#### Clang compiler on Linux Our current build process has some issues when using certain configurations of the `clang` C compiler on Linux. See [the section on `nonrepresentable section on output` errors](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/manual.md#nonrepresentable-section-on-output-errors) for a workaround. - - diff --git a/packaging/installer/REINSTALL.md b/packaging/installer/REINSTALL.md index c24fdee8c..82cea498a 100644 --- a/packaging/installer/REINSTALL.md +++ b/packaging/installer/REINSTALL.md @@ -1,14 +1,4 @@ - - -# Reinstall the Netdata Agent +# Reinstall Netdata In certain situations, such as needing to enable a feature or troubleshoot an issue, you may need to reinstall the Netdata Agent on your node. diff --git a/packaging/installer/UNINSTALL.md b/packaging/installer/UNINSTALL.md index 2ff22f5c6..a66bd7a28 100644 --- a/packaging/installer/UNINSTALL.md +++ b/packaging/installer/UNINSTALL.md @@ -1,18 +1,9 @@ - - # Uninstall Netdata -> ⚠️ If you're having trouble updating Netdata, moving from one installation method to another, or generally having -> issues with your Netdata Agent installation, consider our [**reinstall Netdata** -> doc](https://github.com/netdata/netdata/blob/master/packaging/installer/REINSTALL.md) instead of removing the Netdata Agent entirely. +> ### Note +> +> If you're having trouble updating Netdata, moving from one installation method to another, or generally having +> issues with your Netdata Agent installation, consider our [reinstalling Netdata](https://github.com/netdata/netdata/blob/master/packaging/installer/REINSTALL.md) instead of removing the Netdata Agent entirely. The recommended method to uninstall Netdata on a system is to use our kickstart installer script with the `--uninstall` option like so: @@ -27,9 +18,7 @@ curl https://my-netdata.io/kickstart.sh > /tmp/netdata-kickstart.sh && sh /tmp/n ``` This will work in most cases without you needing to do anything more other than accepting removal of configuration -and data files. You can confirm whether this approach will work for you by adding `--dry-run` to the list of -options. If that produces a line with a message like `Would attempt to uninstall existing install`, then this -method will work on your system. +and data files. If you used a non-standard installation prefix, you may need to specify that prefix using the `--old-install-prefix` option when uninstalling this way. diff --git a/packaging/installer/UPDATE.md b/packaging/installer/UPDATE.md index 9d4289f85..3df84023b 100644 --- a/packaging/installer/UPDATE.md +++ b/packaging/installer/UPDATE.md @@ -1,14 +1,4 @@ - - -# Update the Netdata Agent +# Update Netdata By default, the Netdata Agent automatically updates with the latest nightly or stable version depending on which you installed. If you opted out of automatic updates, you need to update your Netdata Agent to the latest nightly diff --git a/packaging/installer/dependencies/alpine.sh b/packaging/installer/dependencies/alpine.sh index 65999dc3b..321d57707 100755 --- a/packaging/installer/dependencies/alpine.sh +++ b/packaging/installer/dependencies/alpine.sh @@ -31,6 +31,7 @@ package_tree=" util-linux-dev libmnl-dev json-c-dev + yaml-dev " usage() { diff --git a/packaging/installer/dependencies/arch.sh b/packaging/installer/dependencies/arch.sh index cdda52733..c0890d925 100755 --- a/packaging/installer/dependencies/arch.sh +++ b/packaging/installer/dependencies/arch.sh @@ -20,6 +20,7 @@ declare -a package_tree=( util-linux libmnl json-c + libyaml libuv lz4 openssl diff --git a/packaging/installer/dependencies/centos.sh b/packaging/installer/dependencies/centos.sh index a05bce8f0..845f1113a 100755 --- a/packaging/installer/dependencies/centos.sh +++ b/packaging/installer/dependencies/centos.sh @@ -19,6 +19,7 @@ declare -a package_tree=( libuuid-devel libmnl-devel json-c-devel + libyaml-devel libuv-devel lz4-devel openssl-devel @@ -96,7 +97,7 @@ check_flags() { validate_tree_centos() { local opts= - export local package_manager= + package_manager= if [[ "${NON_INTERACTIVE}" == "1" ]]; then echo >&2 "Running in non-interactive mode" opts="-y" diff --git a/packaging/installer/dependencies/clearlinux.sh b/packaging/installer/dependencies/clearlinux.sh index 832dac55a..f6f616d66 100755 --- a/packaging/installer/dependencies/clearlinux.sh +++ b/packaging/installer/dependencies/clearlinux.sh @@ -15,6 +15,7 @@ declare -a package_tree=( devpkg-util-linux devpkg-libmnl devpkg-json-c + yaml-dev devpkg-libuv devpkg-lz4 devpkg-openssl diff --git a/packaging/installer/dependencies/debian.sh b/packaging/installer/dependencies/debian.sh index a2c421a92..8186940e5 100755 --- a/packaging/installer/dependencies/debian.sh +++ b/packaging/installer/dependencies/debian.sh @@ -31,6 +31,7 @@ package_tree=" liblz4-dev libssl-dev libelf-dev + libyaml-dev python python3 " diff --git a/packaging/installer/dependencies/fedora.sh b/packaging/installer/dependencies/fedora.sh index a1c3a1df6..589122882 100755 --- a/packaging/installer/dependencies/fedora.sh +++ b/packaging/installer/dependencies/fedora.sh @@ -39,6 +39,7 @@ declare -a package_tree=( libuuid-devel libmnl-devel json-c-devel + libyaml-devel libuv-devel lz4-devel openssl-devel diff --git a/packaging/installer/dependencies/freebsd.sh b/packaging/installer/dependencies/freebsd.sh index 914513563..69a650a6e 100755 --- a/packaging/installer/dependencies/freebsd.sh +++ b/packaging/installer/dependencies/freebsd.sh @@ -21,6 +21,7 @@ package_tree=" lzlib e2fsprogs-libuuid json-c + libyaml libuv liblz4 openssl diff --git a/packaging/installer/dependencies/gentoo.sh b/packaging/installer/dependencies/gentoo.sh index e7ed64455..cbe8c8e51 100755 --- a/packaging/installer/dependencies/gentoo.sh +++ b/packaging/installer/dependencies/gentoo.sh @@ -24,6 +24,7 @@ package_tree=" sys-apps/util-linux net-libs/libmnl dev-libs/json-c + dev-libs/libyaml dev-libs/libuv app-arch/lz4 dev-libs/openssl diff --git a/packaging/installer/dependencies/ol.sh b/packaging/installer/dependencies/ol.sh index 0f1f90e67..2166bcc50 100755 --- a/packaging/installer/dependencies/ol.sh +++ b/packaging/installer/dependencies/ol.sh @@ -24,6 +24,7 @@ declare -a package_tree=( libuuid-devel libmnl-devel json-c-devel + libyaml-devel libuv-devel lz4-devel openssl-devel diff --git a/packaging/installer/dependencies/opensuse.sh b/packaging/installer/dependencies/opensuse.sh index b1f0c2182..81291ef72 100755 --- a/packaging/installer/dependencies/opensuse.sh +++ b/packaging/installer/dependencies/opensuse.sh @@ -25,6 +25,7 @@ declare -a package_tree=( libuuid-devel libmnl-devel libjson-c-devel + libyaml-devel libuv-devel liblz4-devel libopenssl-devel diff --git a/packaging/installer/dependencies/rockylinux.sh b/packaging/installer/dependencies/rockylinux.sh index 63981df4b..7ac98f5e2 100755 --- a/packaging/installer/dependencies/rockylinux.sh +++ b/packaging/installer/dependencies/rockylinux.sh @@ -23,6 +23,7 @@ declare -a package_tree=( libuuid-devel libmnl-devel json-c-devel + libyaml-devel libuv-devel lz4-devel openssl-devel diff --git a/packaging/installer/dependencies/ubuntu.sh b/packaging/installer/dependencies/ubuntu.sh index 295dbf013..e3d734c68 100755 --- a/packaging/installer/dependencies/ubuntu.sh +++ b/packaging/installer/dependencies/ubuntu.sh @@ -27,6 +27,7 @@ package_tree=" uuid-dev libmnl-dev libjson-c-dev + libyaml-dev libuv1-dev liblz4-dev libssl-dev diff --git a/packaging/installer/functions.sh b/packaging/installer/functions.sh index ebb4aab75..b12a9a585 100644 --- a/packaging/installer/functions.sh +++ b/packaging/installer/functions.sh @@ -95,10 +95,19 @@ progress() { echo >&2 " --- ${TPUT_DIM}${TPUT_BOLD}${*}${TPUT_RESET} --- " } +check_for_curl() { + if [ -z "${curl}" ]; then + curl="$(PATH="${PATH}:/opt/netdata/bin" command -v curl 2>/dev/null && true)" + fi +} + get() { url="${1}" - if command -v curl > /dev/null 2>&1; then - curl -q -o - -sSL --connect-timeout 10 --retry 3 "${url}" + + check_for_curl + + if [ -n "${curl}" ]; then + "${curl}" -q -o - -sSL --connect-timeout 10 --retry 3 "${url}" elif command -v wget > /dev/null 2>&1; then wget -T 15 -O - "${url}" else @@ -112,8 +121,10 @@ download_file() { name="${3}" opt="${4}" - if command -v curl > /dev/null 2>&1; then - run curl -q -sSL --connect-timeout 10 --retry 3 --output "${dest}" "${url}" + check_for_curl + + if [ -n "${curl}" ]; then + run "${curl}" -q -sSL --connect-timeout 10 --retry 3 --output "${dest}" "${url}" elif command -v wget > /dev/null 2>&1; then run wget -T 15 -O "${dest}" "${url}" else @@ -400,7 +411,7 @@ get_group(){ if command -v getent > /dev/null 2>&1; then getent group "${1:-""}" else - cat /etc/group | grep "^${1}:" + grep "^${1}:" /etc/group fi } @@ -459,21 +470,21 @@ install_non_systemd_init() { if [ -d /etc/init.d ] && [ ! -f /etc/init.d/netdata ]; then if expr "${key}" : "^(gentoo|alpine).*"; then echo >&2 "Installing OpenRC init file..." - run cp system/netdata-openrc /etc/init.d/netdata && + run cp system/openrc/init.d/netdata /etc/init.d/netdata && run chmod 755 /etc/init.d/netdata && run rc-update add netdata default && return 0 elif expr "${key}" : "^devuan*" || [ "${key}" = "debian-7" ] || [ "${key}" = "ubuntu-12.04" ] || [ "${key}" = "ubuntu-14.04" ]; then echo >&2 "Installing LSB init file..." - run cp system/netdata-lsb /etc/init.d/netdata && + run cp system/lsb/init.d/netdata /etc/init.d/netdata && run chmod 755 /etc/init.d/netdata && run update-rc.d netdata defaults && run update-rc.d netdata enable && return 0 elif expr "${key}" : "^(amzn-201[5678]|ol|CentOS release 6|Red Hat Enterprise Linux Server release 6|Scientific Linux CERN SLC release 6|CloudLinux Server release 6).*"; then echo >&2 "Installing init.d file..." - run cp system/netdata-init-d /etc/init.d/netdata && + run cp system/initd/init.d/netdata /etc/init.d/netdata && run chmod 755 /etc/init.d/netdata && run chkconfig netdata on && return 0 @@ -571,7 +582,7 @@ install_netdata_service() { echo >&2 "Installing MacOS X plist file..." # This is used by netdata-installer.sh # shellcheck disable=SC2034 - run cp system/netdata.plist /Library/LaunchDaemons/com.github.netdata.plist && + run cp system/launchd/netdata.plist /Library/LaunchDaemons/com.github.netdata.plist && run launchctl load /Library/LaunchDaemons/com.github.netdata.plist && NETDATA_START_CMD="launchctl start com.github.netdata" && NETDATA_STOP_CMD="launchctl stop com.github.netdata" @@ -581,7 +592,7 @@ install_netdata_service() { elif [ "${uname}" = "FreeBSD" ]; then # This is used by netdata-installer.sh # shellcheck disable=SC2034 - run cp system/netdata-freebsd /etc/rc.d/netdata && NETDATA_START_CMD="service netdata start" && + run cp system/freebsd/rc.d/netdata /etc/rc.d/netdata && NETDATA_START_CMD="service netdata start" && NETDATA_STOP_CMD="service netdata stop" && NETDATA_INSTALLER_START_CMD="service netdata onestart" && myret=$? @@ -589,7 +600,7 @@ install_netdata_service() { echo >&2 "Note: To explicitly enable netdata automatic start, set 'netdata_enable' to 'YES' in /etc/rc.conf" echo >&2 "" - return ${myret} + return "${myret}" elif issystemd; then # systemd is running on this system @@ -610,7 +621,7 @@ install_netdata_service() { fi echo >&2 "Installing systemd service..." - run cp system/netdata.service "${SYSTEMD_DIRECTORY}/netdata.service" && + run cp system/systemd/netdata.service "${SYSTEMD_DIRECTORY}/netdata.service" && run systemctl daemon-reload && ${ENABLE_NETDATA_IF_PREVIOUSLY_ENABLED} && return 0 @@ -834,10 +845,12 @@ restart_netdata() { # install netdata logrotate install_netdata_logrotate() { + src="${NETDATA_PREFIX}/usr/lib/netdata/system/logrotate/netdata" + if [ "${UID}" -eq 0 ]; then if [ -d /etc/logrotate.d ]; then if [ ! -f /etc/logrotate.d/netdata ]; then - run cp system/netdata.logrotate /etc/logrotate.d/netdata + run cp "${src}" /etc/logrotate.d/netdata fi if [ -f /etc/logrotate.d/netdata ]; then @@ -873,8 +886,10 @@ create_netdata_conf() { export http_proxy= export https_proxy= - if command -v curl 1> /dev/null 2>&1; then - run curl -sSL --connect-timeout 10 --retry 3 "${url}" > "${path}.new" + check_for_curl + + if [ -n "${curl}" ]; then + run "${curl}" -sSL --connect-timeout 10 --retry 3 "${url}" > "${path}.new" elif command -v wget 1> /dev/null 2>&1; then run wget -T 15 -O - "${url}" > "${path}.new" fi @@ -903,32 +918,29 @@ portable_add_user() { [ -z "${homedir}" ] && homedir="/tmp" # Check if user exists - if cut -d ':' -f 1 < /etc/passwd | grep "^${username}$" 1> /dev/null 2>&1; then - echo >&2 "User '${username}' already exists." - return 0 + if command -v getent > /dev/null 2>&1; then + if getent passwd "${username}" > /dev/null 2>&1; then + echo >&2 "User '${username}' already exists." + return 0 + fi + else + if cut -d ':' -f 1 < /etc/passwd | grep "^${username}$" 1> /dev/null 2>&1; then + echo >&2 "User '${username}' already exists." + return 0 + fi fi echo >&2 "Adding ${username} user account with home ${homedir} ..." nologin="$(command -v nologin || echo '/bin/false')" - # Linux if command -v useradd 1> /dev/null 2>&1; then run useradd -r -g "${username}" -c "${username}" -s "${nologin}" --no-create-home -d "${homedir}" "${username}" && return 0 - fi - - # FreeBSD - if command -v pw 1> /dev/null 2>&1; then + elif command -v pw 1> /dev/null 2>&1; then run pw useradd "${username}" -d "${homedir}" -g "${username}" -s "${nologin}" && return 0 - fi - - # BusyBox - if command -v adduser 1> /dev/null 2>&1; then + elif command -v adduser 1> /dev/null 2>&1; then run adduser -h "${homedir}" -s "${nologin}" -D -G "${username}" "${username}" && return 0 - fi - - # mac OS - if command -v sysadminctl 1> /dev/null 2>&1; then + elif command -v sysadminctl 1> /dev/null 2>&1; then run sysadminctl -addUser "${username}" && return 0 fi @@ -951,20 +963,11 @@ portable_add_group() { # Linux if command -v groupadd 1> /dev/null 2>&1; then run groupadd -r "${groupname}" && return 0 - fi - - # FreeBSD - if command -v pw 1> /dev/null 2>&1; then + elif command -v pw 1> /dev/null 2>&1; then run pw groupadd "${groupname}" && return 0 - fi - - # BusyBox - if command -v addgroup 1> /dev/null 2>&1; then + elif command -v addgroup 1> /dev/null 2>&1; then run addgroup "${groupname}" && return 0 - fi - - # mac OS - if command -v dseditgroup 1> /dev/null 2>&1; then + elif command -v dseditgroup 1> /dev/null 2>&1; then dseditgroup -o create "${groupname}" && return 0 fi @@ -995,20 +998,11 @@ portable_add_user_to_group() { # Linux if command -v usermod 1> /dev/null 2>&1; then run usermod -a -G "${groupname}" "${username}" && return 0 - fi - - # FreeBSD - if command -v pw 1> /dev/null 2>&1; then + elif command -v pw 1> /dev/null 2>&1; then run pw groupmod "${groupname}" -m "${username}" && return 0 - fi - - # BusyBox - if command -v addgroup 1> /dev/null 2>&1; then + elif command -v addgroup 1> /dev/null 2>&1; then run addgroup "${username}" "${groupname}" && return 0 - fi - - # mac OS - if command -v dseditgroup 1> /dev/null 2>&1; then + elif command -v dseditgroup 1> /dev/null 2>&1; then dseditgroup -u "${username}" "${groupname}" && return 0 fi @@ -1063,8 +1057,8 @@ install_netdata_updater() { fi if issystemd && [ -n "$(get_systemd_service_dir)" ]; then - cat "${NETDATA_SOURCE_DIR}/system/netdata-updater.timer" > "$(get_systemd_service_dir)/netdata-updater.timer" - cat "${NETDATA_SOURCE_DIR}/system/netdata-updater.service" > "$(get_systemd_service_dir)/netdata-updater.service" + cat "${NETDATA_SOURCE_DIR}/system/systemd/netdata-updater.timer" > "$(get_systemd_service_dir)/netdata-updater.timer" + cat "${NETDATA_SOURCE_DIR}/system/systemd/netdata-updater.service" > "$(get_systemd_service_dir)/netdata-updater.service" fi sed -i -e "s|THIS_SHOULD_BE_REPLACED_BY_INSTALLER_SCRIPT|${NETDATA_USER_CONFIG_DIR}/.environment|" "${NETDATA_PREFIX}/usr/libexec/netdata/netdata-updater.sh" || return 1 diff --git a/packaging/installer/install-required-packages.sh b/packaging/installer/install-required-packages.sh index c906cce34..9b1f6518a 100755 --- a/packaging/installer/install-required-packages.sh +++ b/packaging/installer/install-required-packages.sh @@ -676,6 +676,20 @@ declare -A pkg_json_c_dev=( ['default']="json-c-devel" ) +#TODO:: clearlinux ? +declare -A pkg_libyaml_dev=( + ['alpine']="yaml-dev" + ['arch']="libyaml" + ['clearlinux']="yaml-dev" + ['debian']="libyaml-dev" + ['gentoo']="dev-libs/libyaml" + ['sabayon']="dev-libs/libyaml" + ['suse']="libyaml-devel" + ['freebsd']="libyaml" + ['macos']="libyaml" + ['default']="libyaml-devel" +) + declare -A pkg_libatomic=( ['arch']="NOTREQUIRED" ['clearlinux']="NOTREQUIRED" @@ -1227,6 +1241,7 @@ packages() { suitable_package libuuid-dev suitable_package libmnl-dev suitable_package json-c-dev + suitable_package libyaml-dev fi # ------------------------------------------------------------------------- @@ -1376,6 +1391,7 @@ validate_tree_freebsd() { echo >&2 " > Checking for gmake ..." if ! pkg query %n-%v | grep -q gmake; then if prompt "gmake is required to build on FreeBSD and is not installed. Shall I install it?"; then + # shellcheck disable=2086 run ${sudo} pkg install ${opts} gmake fi fi @@ -1425,13 +1441,16 @@ validate_tree_centos() { echo >&2 " > Checking for config-manager ..." if ! run ${sudo} dnf config-manager --help; then if prompt "config-manager not found, shall I install it?"; then + # shellcheck disable=2086 run ${sudo} dnf ${opts} install 'dnf-command(config-manager)' fi fi echo >&2 " > Checking for CRB ..." + # shellcheck disable=2086 if ! run dnf ${sudo} repolist | grep CRB; then if prompt "CRB not found, shall I install it?"; then + # shellcheck disable=2086 run ${sudo} dnf ${opts} config-manager --set-enabled crb fi fi @@ -1439,24 +1458,29 @@ validate_tree_centos() { echo >&2 " > Checking for config-manager ..." if ! run ${sudo} yum config-manager --help; then if prompt "config-manager not found, shall I install it?"; then + # shellcheck disable=2086 run ${sudo} yum ${opts} install 'dnf-command(config-manager)' fi fi echo >&2 " > Checking for PowerTools ..." + # shellcheck disable=2086 if ! run yum ${sudo} repolist | grep PowerTools; then if prompt "PowerTools not found, shall I install it?"; then + # shellcheck disable=2086 run ${sudo} yum ${opts} config-manager --set-enabled powertools fi fi echo >&2 " > Updating libarchive ..." + # shellcheck disable=2086 run ${sudo} yum ${opts} install libarchive elif [[ "${version}" =~ ^7(\..*)?$ ]]; then echo >&2 " > Checking for EPEL ..." if ! rpm -qa | grep epel-release > /dev/null; then if prompt "EPEL not found, shall I install it?"; then + # shellcheck disable=2086 run ${sudo} yum ${opts} install epel-release fi fi @@ -1465,6 +1489,7 @@ validate_tree_centos() { echo >&2 " > Checking for Okay ..." if ! rpm -qa | grep okay > /dev/null; then if prompt "okay not found, shall I install it?"; then + # shellcheck disable=2086 run ${sudo} yum ${opts} install http://repo.okay.com.mx/centos/6/x86_64/release/okay-release-1-3.el6.noarch.rpm fi fi @@ -1627,7 +1652,7 @@ install_equo() { PACMAN_DB_SYNCED=0 validate_install_pacman() { - if [ ${PACMAN_DB_SYNCED} -eq 0 ]; then + if [ "${PACMAN_DB_SYNCED}" -eq 0 ]; then echo >&2 " > Running pacman -Sy to sync the database" local x x=$(pacman -Sy) diff --git a/packaging/installer/kickstart.sh b/packaging/installer/kickstart.sh index 30c7b4cab..284911194 100755 --- a/packaging/installer/kickstart.sh +++ b/packaging/installer/kickstart.sh @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: GPL-3.0-or-later # -# Next unused error code: F050F +# Next unused error code: F0515 # ====================================================================== # Constants @@ -34,7 +34,7 @@ REPOCONFIG_RPM_URL_PREFIX="https://repo.netdata.cloud/repos/repoconfig" REPOCONFIG_RPM_VERSION="2-1" START_TIME="$(date +%s)" STATIC_INSTALL_ARCHES="x86_64 armv7l aarch64 ppc64le" -TELEMETRY_URL="https://posthog.netdata.cloud/capture/" +TELEMETRY_URL="https://app.posthog.com/capture/" # ====================================================================== # Defaults for environment variables @@ -44,14 +44,11 @@ SELECTED_INSTALL_METHOD="none" INSTALL_TYPE="unknown" INSTALL_PREFIX="" NETDATA_AUTO_UPDATES="default" -NETDATA_CLAIM_ONLY=0 NETDATA_CLAIM_URL="https://api.netdata.cloud" NETDATA_COMMAND="default" NETDATA_DISABLE_CLOUD=0 NETDATA_INSTALLER_OPTIONS="" -NETDATA_ONLY_BUILD=0 -NETDATA_ONLY_NATIVE=0 -NETDATA_ONLY_STATIC=0 +NETDATA_FORCE_METHOD="" NETDATA_OFFLINE_INSTALL_SOURCE="" NETDATA_REQUIRE_CLOUD=1 NETDATA_WARNINGS="" @@ -69,7 +66,7 @@ NETDATA_TARBALL_BASEURL="${NETDATA_TARBALL_BASEURL:-https://github.com/netdata/n TELEMETRY_API_KEY="${NETDATA_POSTHOG_API_KEY:-mqkwGT0JNFqO-zX2t0mW6Tec9yooaVu7xCBlXtHnt5Y}" if echo "${0}" | grep -q 'kickstart-static64'; then - NETDATA_ONLY_STATIC=1 + NETDATA_FORCE_METHOD='static' fi if [ ! -t 1 ]; then @@ -78,6 +75,8 @@ else INTERACTIVE=1 fi +CURL="$(PATH="${PATH}:/opt/netdata/bin" command -v curl 2>/dev/null && true)" + # ====================================================================== # Shared messages used in multiple places throughout the script. @@ -103,7 +102,7 @@ main() { uninstall cleanup - ACTION= + ACTION='' INSTALL_PREFIX="${NEW_INSTALL_PREFIX}" # shellcheck disable=SC2086 main @@ -175,12 +174,9 @@ USAGE: kickstart.sh [options] --auto-update Enable automatic updates. --auto-update-type Specify a particular scheduling type for auto-updates (valid types: systemd, interval, crontab) --disable-telemetry Opt-out of anonymous statistics. - --repositories-only Only install appropriate repository configuration packages (only for native install). --native-only Only install if native binary packages are available. --static-only Only install if a static build is available. --build-only Only install using a local build. - --reinstall Explicitly reinstall instead of updating any existing install. - --reinstall-even-if-unsafe Even try to reinstall if we don't think we can do so safely (implies --reinstall). --disable-cloud Disable support for Netdata Cloud (default: detect) --require-cloud Only install if Netdata Cloud can be enabled. Overrides --disable-cloud. --install-prefix Specify an installation prefix for local builds (default: autodetect based on system type). @@ -188,13 +184,19 @@ USAGE: kickstart.sh [options] --install-version Specify the version of Netdata to install. --claim-token Use a specified token for claiming to Netdata Cloud. --claim-rooms When claiming, add the node to the specified rooms. - --claim-only If there is an existing install, only try to claim it, not update it. --claim-* Specify other options for the claiming script. --no-cleanup Don't do any cleanup steps. This is intended to help with debugging the installer. - --uninstall Uninstall an existing installation of Netdata. - --reinstall-clean Clean reinstall Netdata. --local-build-options Specify additional options to pass to the installer code when building locally. Only valid if --build-only is also specified. --static-install-options Specify additional options to pass to the static installer code. Only valid if --static-only is also specified. + +The following options are mutually exclusive and specifiy special operations other than trying to install Netdata normally or update an existing install: + + --reinstall If there is an existing install, reinstall it instead of trying to update it. If there is no existing install, install netdata normally. + --reinstall-even-if-unsafe If there is an existing install, reinstall it instead of trying to update it, even if doing so is known to potentially break things. If there is no existing install, install Netdata normally. + --reinstall-clean If there is an existing install, uninstall it before trying to install Netdata. Fails if there is no existing install. + --uninstall Uninstall an existing installation of Netdata. Fails if there is no existing install. + --claim-only If there is an existing install, only try to claim it without attempting to update it. If there is no existing install, install and claim Netdata normally. + --repositories-only Only install repository configuration packages instead of doing a full install of Netdata. Automatically sets --native-only. --prepare-offline-install-source Instead of installing the agent, prepare a directory that can be used to install on another system without needing to download anything. Additionally, this script may use the following environment variables: @@ -299,8 +301,8 @@ telemetry_event() { EOF )" - if command -v curl > /dev/null 2>&1; then - curl --silent -o /dev/null -X POST --max-time 2 --header "Content-Type: application/json" -d "${REQ_BODY}" "${TELEMETRY_URL}" > /dev/null + if [ -n "${CURL}" ]; then + "${CURL}" --silent -o /dev/null -X POST --max-time 2 --header "Content-Type: application/json" -d "${REQ_BODY}" "${TELEMETRY_URL}" > /dev/null elif command -v wget > /dev/null 2>&1; then if wget --help 2>&1 | grep BusyBox > /dev/null 2>&1; then # BusyBox-compatible version of wget, there is no --no-check-certificate option @@ -329,9 +331,7 @@ trap_handler() { printf >&2 "%s\n\n" "${TPUT_BGRED}${TPUT_WHITE}${TPUT_BOLD} ERROR ${TPUT_RESET} Installer exited unexpectedly (${code}-${lineno})" case "${code}" in - 0) - printf >&2 "%s\n" "This is almost certainly the result of a bug. If you have time, please report it at ${AGENT_BUG_REPORT_URL}." - ;; + 0) printf >&2 "%s\n" "This is almost certainly the result of a bug. If you have time, please report it at ${AGENT_BUG_REPORT_URL}." ;; *) printf >&2 "%s\n" "This is probably a result of a transient issue on your system. Things should work correctly if you try again." printf >&2 "%s\n" "If you continue to experience this issue, you can reacn out to us for support on:" @@ -406,7 +406,7 @@ success_banner() { cleanup() { if [ -z "${NO_CLEANUP}" ] && [ -n "${tmpdir}" ]; then cd || true - ${ROOTCMD} rm -rf "${tmpdir}" + run_as_root rm -rf "${tmpdir}" fi } @@ -497,6 +497,16 @@ run() { return ${ret} } +run_as_root() { + confirm_root_support + + if [ "$(id -u)" -ne "0" ]; then + printf >&2 "Root privileges required to run %s\n" "${*}" + fi + + run ${ROOTCMD} "${@}" +} + run_script() { set_tmpdir @@ -571,8 +581,8 @@ check_for_remote_file() { if echo "${url}" | grep -Eq "^file:///"; then [ -e "${url#file://}" ] || return 1 - elif command -v curl > /dev/null 2>&1; then - curl --output /dev/null --silent --head --fail "${url}" || return 1 + elif [ -n "${CURL}" ]; then + "${CURL}" --output /dev/null --silent --head --fail "${url}" || return 1 elif command -v wget > /dev/null 2>&1; then wget -S --spider "${url}" 2>&1 | grep -q 'HTTP/1.1 200 OK' || return 1 else @@ -586,8 +596,8 @@ download() { if echo "${url}" | grep -Eq "^file:///"; then run cp "${url#file://}" "${dest}" || return 1 - elif command -v curl > /dev/null 2>&1; then - run curl --fail -q -sSL --connect-timeout 10 --retry 3 --output "${dest}" "${url}" || return 1 + elif [ -n "${CURL}" ]; then + run "${CURL}" --fail -q -sSL --connect-timeout 10 --retry 3 --output "${dest}" "${url}" || return 1 elif command -v wget > /dev/null 2>&1; then run wget -T 15 -O "${dest}" "${url}" || return 1 else @@ -598,8 +608,8 @@ download() { get_redirect() { url="${1}" - if command -v curl > /dev/null 2>&1; then - run sh -c "curl ${url} -s -L -I -o /dev/null -w '%{url_effective}' | grep -o '[^/]*$'" || return 1 + if [ -n "${CURL}" ]; then + run sh -c "${CURL} ${url} -s -L -I -o /dev/null -w '%{url_effective}' | grep -o '[^/]*$'" || return 1 elif command -v wget > /dev/null 2>&1; then run sh -c "wget -S -O /dev/null ${url} 2>&1 | grep -m 1 Location | grep -o '[^/]*$'" || return 1 else @@ -620,75 +630,65 @@ safe_sha256sum() { } get_system_info() { + SYSARCH="$(uname -m)" + case "$(uname -s)" in Linux) SYSTYPE="Linux" - os_release_file= - if [ -s "/etc/os-release" ] && [ -r "/etc/os-release" ]; then - os_release_file="/etc/os-release" - elif [ -s "/usr/lib/os-release" ] && [ -r "/usr/lib/os-release" ]; then - os_release_file="/usr/lib/os-release" - else - warning "Cannot find usable OS release information. Native packages will not be available for this install." - fi - - if [ -n "${os_release_file}" ]; then - # shellcheck disable=SC1090 - . "${os_release_file}" - - DISTRO="${ID}" - SYSVERSION="${VERSION_ID}" - SYSCODENAME="${VERSION_CODENAME}" - SYSARCH="$(uname -m)" + if [ -z "${SKIP_DISTRO_DETECTION}" ]; then + os_release_file= + if [ -s "/etc/os-release" ] && [ -r "/etc/os-release" ]; then + os_release_file="/etc/os-release" + elif [ -s "/usr/lib/os-release" ] && [ -r "/usr/lib/os-release" ]; then + os_release_file="/usr/lib/os-release" + else + warning "Cannot find usable OS release information. Native packages will not be available for this install." + fi - supported_compat_names="debian ubuntu centos fedora opensuse ol arch" + if [ -n "${os_release_file}" ]; then + # shellcheck disable=SC1090 + . "${os_release_file}" - if str_in_list "${DISTRO}" "${supported_compat_names}"; then - DISTRO_COMPAT_NAME="${DISTRO}" + DISTRO="${ID}" + SYSVERSION="${VERSION_ID}" + SYSCODENAME="${VERSION_CODENAME}" else - case "${DISTRO}" in - opensuse-leap) - DISTRO_COMPAT_NAME="opensuse" - ;; - cloudlinux|almalinux|rocky|rhel) - DISTRO_COMPAT_NAME="centos" - ;; - artix|manjaro|obarun) - DISTRO_COMPAT_NAME="arch" - ;; - *) - DISTRO_COMPAT_NAME="unknown" - ;; - esac + DISTRO="unknown" + DISTRO_COMPAT_NAME="unknown" + SYSVERSION="unknown" + SYSCODENAME="unknown" fi + else + warning "Distribution auto-detection overridden by user. This is not guaranteed to work, and is not officially supported." + fi - case "${DISTRO_COMPAT_NAME}" in - centos|ol) - SYSVERSION=$(echo "$SYSVERSION" | cut -d'.' -f1) - ;; - esac + supported_compat_names="debian ubuntu centos fedora opensuse ol amzn arch" + + if str_in_list "${DISTRO}" "${supported_compat_names}"; then + DISTRO_COMPAT_NAME="${DISTRO}" else - DISTRO="unknown" - DISTRO_COMPAT_NAME="unknown" - SYSVERSION="unknown" - SYSCODENAME="unknown" - SYSARCH="$(uname -m)" + case "${DISTRO}" in + opensuse-leap) DISTRO_COMPAT_NAME="opensuse" ;; + cloudlinux|almalinux|rocky|rhel) DISTRO_COMPAT_NAME="centos" ;; + artix|manjaro|obarun) DISTRO_COMPAT_NAME="arch" ;; + *) DISTRO_COMPAT_NAME="unknown" ;; + esac fi + + case "${DISTRO_COMPAT_NAME}" in + centos|ol) SYSVERSION=$(echo "$SYSVERSION" | cut -d'.' -f1) ;; + esac ;; Darwin) SYSTYPE="Darwin" SYSVERSION="$(sw_vers -buildVersion)" - SYSARCH="$(uname -m)" ;; FreeBSD) SYSTYPE="FreeBSD" SYSVERSION="$(uname -K)" - SYSARCH="$(uname -m)" - ;; - *) - fatal "Unsupported system type detected. Netdata cannot be installed on this system using this script." F0200 ;; + *) fatal "Unsupported system type detected. Netdata cannot be installed on this system using this script." F0200 ;; esac } @@ -800,6 +800,7 @@ uninstall() { return 0 else progress "Found existing netdata-uninstaller. Running it.." + # shellcheck disable=SC2086 if ! run_script "${uninstaller}" ${FLAGS}; then warning "Uninstaller failed. Some parts of Netdata may still be present on the system." fi @@ -813,6 +814,7 @@ uninstall() { progress "Downloading netdata-uninstaller ..." download "${uninstaller_url}" "${tmpdir}/netdata-uninstaller.sh" chmod +x "${tmpdir}/netdata-uninstaller.sh" + # shellcheck disable=SC2086 if ! run_script "${tmpdir}/netdata-uninstaller.sh" ${FLAGS}; then warning "Uninstaller failed. Some parts of Netdata may still be present on the system." fi @@ -858,7 +860,7 @@ detect_existing_install() { if [ -n "${ndprefix}" ]; then typefile="${ndprefix}/etc/netdata/.install-type" if [ -r "${typefile}" ]; then - ${ROOTCMD} sh -c "cat \"${typefile}\" > \"${tmpdir}/install-type\"" + run_as_root sh -c "cat \"${typefile}\" > \"${tmpdir}/install-type\"" # shellcheck disable=SC1090,SC1091 . "${tmpdir}/install-type" else @@ -868,7 +870,7 @@ detect_existing_install() { envfile="${ndprefix}/etc/netdata/.environment" if [ "${INSTALL_TYPE}" = "unknown" ] || [ "${INSTALL_TYPE}" = "custom" ]; then if [ -r "${envfile}" ]; then - ${ROOTCMD} sh -c "cat \"${envfile}\" > \"${tmpdir}/environment\"" + run_as_root sh -c "cat \"${envfile}\" > \"${tmpdir}/environment\"" # shellcheck disable=SC1091 . "${tmpdir}/environment" if [ -n "${NETDATA_IS_STATIC_INSTALL}" ]; then @@ -903,15 +905,15 @@ handle_existing_install() { progress "Found an existing netdata install at ${ndprefix}, with installation type '${INSTALL_TYPE}'." fi - if [ -n "${NETDATA_REINSTALL}" ] || [ -n "${NETDATA_UNSAFE_REINSTALL}" ]; then + if [ "${ACTION}" = "reinstall" ] || [ "${ACTION}" = "unsafe-reinstall" ]; then progress "Found an existing netdata install at ${ndprefix}, but user requested reinstall, continuing." case "${INSTALL_TYPE}" in - binpkg-*) NETDATA_ONLY_NATIVE=1 ;; - *-build) NETDATA_ONLY_BUILD=1 ;; - *-static) NETDATA_ONLY_STATIC=1 ;; + binpkg-*) NETDATA_FORCE_METHOD='native' ;; + *-build) NETDATA_FORCE_METHOD='build' ;; + *-static) NETDATA_FORCE_METHOD='static' ;; *) - if [ -n "${NETDATA_UNSAFE_REINSTALL}" ]; then + if [ "${ACTION}" = "unsafe-reinstall" ]; then warning "Reinstalling over top of a ${INSTALL_TYPE} installation may be unsafe, but the user has requested we proceed." elif [ "${INTERACTIVE}" -eq 0 ]; then fatal "User requested reinstall, but we cannot safely reinstall over top of a ${INSTALL_TYPE} installation, exiting." F0104 @@ -941,9 +943,9 @@ handle_existing_install() { failmsg="We do not support trying to update or claim installations when we cannot determine the install type. You will need to uninstall the existing install using the same method you used to install it to proceed. ${claimonly_notice}" promptmsg="Attempting to update an existing install is not officially supported. It may work, but it also might break your system. ${claimonly_notice} Are you sure you want to continue?" fi - if [ "${INTERACTIVE}" -eq 0 ] && [ "${NETDATA_CLAIM_ONLY}" -eq 0 ]; then + if [ "${INTERACTIVE}" -eq 0 ] && [ "${ACTION}" != "claim" ]; then fatal "${failmsg}" F0106 - elif [ "${INTERACTIVE}" -eq 1 ] && [ "${NETDATA_CLAIM_ONLY}" -eq 0 ]; then + elif [ "${INTERACTIVE}" -eq 1 ] && [ "${ACTION}" != "claim" ]; then if confirm "${promptmsg}"; then progress "OK, continuing" else @@ -954,7 +956,7 @@ handle_existing_install() { ret=0 - if [ "${NETDATA_CLAIM_ONLY}" -eq 0 ]; then + if [ "${ACTION}" != "claim" ]; then if ! update; then warning "Failed to update existing Netdata install at ${ndprefix}." else @@ -969,7 +971,7 @@ handle_existing_install() { INSTALL_PREFIX="${ndprefix}" claim ret=$? - elif [ "${NETDATA_CLAIM_ONLY}" -eq 1 ]; then + elif [ "${ACTION}" = "claim" ]; then fatal "User asked to claim, but did not proide a claiming token." F0202 else progress "Not attempting to claim existing install at ${ndprefix} (no claiming token provided)." @@ -985,8 +987,8 @@ handle_existing_install() { fatal "This is an OCI container, use the regular container lifecycle management commands for your container tools instead of this script for managing it." F0203 ;; *) - if [ -n "${NETDATA_REINSTALL}" ] || [ -n "${NETDATA_UNSAFE_REINSTALL}" ]; then - if [ -n "${NETDATA_UNSAFE_REINSTALL}" ]; then + if [ "${ACTION}" = "reinstall" ] || [ "${ACTION}" = "unsafe-reinstall" ]; then + if [ "${ACTION}" = "unsafe-reinstall" ]; then warning "Reinstalling over top of a ${INSTALL_TYPE} installation may be unsafe, but the user has requested we proceed." elif [ "${INTERACTIVE}" -eq 0 ]; then fatal "User requested reinstall, but we cannot safely reinstall over top of a ${INSTALL_TYPE} installation, exiting." F0104 @@ -1007,7 +1009,7 @@ handle_existing_install() { cleanup trap - EXIT exit $ret - elif [ "${NETDATA_CLAIM_ONLY}" -eq 1 ]; then + elif [ "${ACTION}" = "claim" ]; then fatal "User asked to claim, but did not proide a claiming token." F0202 else fatal "Found an existing netdata install at ${ndprefix}, but the install type is '${INSTALL_TYPE}', which is not supported by this script, refusing to proceed." F0103 @@ -1022,30 +1024,30 @@ soft_disable_cloud() { cloud_prefix="${INSTALL_PREFIX}/var/lib/netdata/cloud.d" - run ${ROOTCMD} mkdir -p "${cloud_prefix}" + run_as_root mkdir -p "${cloud_prefix}" cat > "${tmpdir}/cloud.conf" << EOF [global] enabled = no EOF - run ${ROOTCMD} cp "${tmpdir}/cloud.conf" "${cloud_prefix}/cloud.conf" + run_as_root cp "${tmpdir}/cloud.conf" "${cloud_prefix}/cloud.conf" if [ -z "${NETDATA_NO_START}" ]; then case "${SYSTYPE}" in - Darwin) run ${ROOTCMD} launchctl kickstart -k com.github.netdata ;; - FreeBSD) run ${ROOTCMD} service netdata restart ;; + Darwin) run_as_root launchctl kickstart -k com.github.netdata ;; + FreeBSD) run_as_root service netdata restart ;; Linux) - initpath="$(${ROOTCMD} readlink /proc/1/exe)" + initpath="$(run_as_root readlink /proc/1/exe)" if command -v service > /dev/null 2>&1; then - run ${ROOTCMD} service netdata restart + run_as_root service netdata restart elif command -v rc-service > /dev/null 2>&1; then - run ${ROOTCMD} rc-service netdata restart + run_as_root rc-service netdata restart elif [ "$(basename "${initpath}" 2> /dev/null)" = "systemd" ]; then - run ${ROOTCMD} systemctl restart netdata + run_as_root systemctl restart netdata elif [ -f /etc/init.d/netdata ]; then - run ${ROOTCMD} /etc/init.d/netdata restart + run_as_root /etc/init.d/netdata restart fi ;; esac @@ -1053,7 +1055,7 @@ EOF } confirm_install_prefix() { - if [ -n "${INSTALL_PREFIX}" ] && [ "${NETDATA_ONLY_BUILD}" -ne 1 ]; then + if [ -n "${INSTALL_PREFIX}" ] && [ "${NETDATA_FORCE_METHOD}" != 'build' ]; then fatal "The --install-prefix option is only supported together with the --build-only option." F0204 fi @@ -1135,8 +1137,14 @@ claim() { NETDATA_CLAIM_PATH="${INSTALL_PREFIX}/netdata/usr/sbin/netdata-claim.sh" fi - if [ ! -x "${NETDATA_CLAIM_PATH}" ]; then + if [ -z "${NETDATA_CLAIM_PATH}" ]; then fatal "Unable to find usable claiming script. Reinstalling Netdata may resolve this." F050B + elif [ ! -e "${NETDATA_CLAIM_PATH}" ]; then + fatal "${NETDATA_CLAIM_PATH} does not exist." F0512 + elif [ ! -f "${NETDATA_CLAIM_PATH}" ]; then + fatal "${NETDATA_CLAIM_PATH} is not a file." F0513 + elif [ ! -x "${NETDATA_CLAIM_PATH}" ]; then + fatal "Claiming script at ${NETDATA_CLAIM_PATH} is not executable. Reinstalling Netdata may resolve this." F0514 fi if ! is_netdata_running; then @@ -1144,58 +1152,30 @@ claim() { fi # shellcheck disable=SC2086 - run ${ROOTCMD} "${NETDATA_CLAIM_PATH}" -token="${NETDATA_CLAIM_TOKEN}" -rooms="${NETDATA_CLAIM_ROOMS}" -url="${NETDATA_CLAIM_URL}" ${NETDATA_CLAIM_EXTRA} + run_as_root "${NETDATA_CLAIM_PATH}" -token="${NETDATA_CLAIM_TOKEN}" -rooms="${NETDATA_CLAIM_ROOMS}" -url="${NETDATA_CLAIM_URL}" ${NETDATA_CLAIM_EXTRA} case $? in 0) progress "Successfully claimed node" return 0 ;; - 1) - warning "Unable to claim node due to invalid claiming options. If you are seeing this message, you’ve probably found a bug and should open a bug report at ${AGENT_BUG_REPORT_URL}" - ;; - 2) - warning "Unable to claim node due to issues creating the claiming directory or preparing the local claiming key. Make sure you have a working openssl command and that ${INSTALL_PREFIX}/var/lib/netdata/cloud.d exists, then try again." - ;; - 3) - warning "Unable to claim node due to missing dependencies. Usually this means that the Netdata Agent was built without support for Netdata Cloud. If you built the agent from source, please install all needed dependencies for Cloud support. If you used the regular installation script and see this error, please file a bug report at ${AGENT_BUG_REPORT_URL}." - ;; - 4) - warning "Failed to claim node due to inability to connect to ${NETDATA_CLAIM_URL}. Usually this either means that the specified claiming URL is wrong, or that you are having networking problems." - ;; + 1) warning "Unable to claim node due to invalid claiming options. If you are seeing this message, you’ve probably found a bug and should open a bug report at ${AGENT_BUG_REPORT_URL}" ;; + 2) warning "Unable to claim node due to issues creating the claiming directory or preparing the local claiming key. Make sure you have a working openssl command and that ${INSTALL_PREFIX}/var/lib/netdata/cloud.d exists, then try again." ;; + 3) warning "Unable to claim node due to missing dependencies. Usually this means that the Netdata Agent was built without support for Netdata Cloud. If you built the agent from source, please install all needed dependencies for Cloud support. If you used the regular installation script and see this error, please file a bug report at ${AGENT_BUG_REPORT_URL}." ;; + 4) warning "Failed to claim node due to inability to connect to ${NETDATA_CLAIM_URL}. Usually this either means that the specified claiming URL is wrong, or that you are having networking problems." ;; 5) progress "Successfully claimed node, but was not able to notify the Netdata Agent. You will need to restart the Netdata service on this node before it will show up in the Cloud." return 0 ;; - 8) - warning "Failed to claim node due to an invalid agent ID. You can usually resolve this by removing ${INSTALL_PREFIX}/var/lib/netdata/registry/netdata.public.unique.id and restarting the agent. Then try to claim it again using the same options." - ;; - 9) - warning "Failed to claim node due to an invalid node name. This probably means you tried to specify a custom name for this node (for example, using the --claim-hostname option), but the hostname itself was either empty or consisted solely of whitespace. You can resolve this by specifying a valid host name and trying again." - ;; - 10) - warning "Failed to claim node due to an invalid room ID. This issue is most likely caused by a typo. Please check if the room(s) you are trying to add appear on the list of rooms provided to the --claim-rooms option ('${NETDATA_CLAIM_ROOMS}'). Then verify if the rooms are visible in Netdata Cloud and try again." - ;; - 11) - warning "Failed to claim node due to an issue with the generated RSA key pair. You can usually resolve this by removing all files in ${INSTALL_PREFIX}/var/lib/netdata/cloud.d and then trying again." - ;; - 12) - warning "Failed to claim node due to an invalid or expired claiming token. Please check that the token specified with the --claim-token option ('${NETDATA_CLAIM_TOKEN}') matches what you see in the Cloud and try again." - ;; - 13) - warning "Failed to claim node because the Cloud thinks it is already claimed. If this node was created by cloning a VM or as a container from a template, please remove the file ${INSTALL_PREFIX}/var/lib/netdata/registry/netdata.public.unique.id and restart the agent. Then try to claim it again with the same options. Otherwise, if you are certain this node has never been claimed before, you can use the --claim-id option to specify a new node ID to use for claiming, for example by using the uuidgen command like so: --claim-id \"\$(uuidgen)\"" - ;; - 14) - warning "Failed to claim node because the node is already in the process of being claimed. You should not need to do anything to resolve this, the node should show up properly in the Cloud soon. If it does not, please report a bug at ${AGENT_BUG_REPORT_URL}." - ;; - 15|16|17) - warning "Failed to claim node due to an internal server error in the Cloud. Please retry claiming this node later, and if you still see this message file a bug report at ${CLOUD_BUG_REPORT_URL}." - ;; - 18) - warning "Unable to claim node because this Netdata installation does not have a unique ID yet. Make sure the agent is running and started up correctly, and then try again." - ;; - *) - warning "Failed to claim node for an unknown reason. This usually means either networking problems or a bug. Please retry claiming later, and if you still see this message file a bug report at ${AGENT_BUG_REPORT_URL}" - ;; + 8) warning "Failed to claim node due to an invalid agent ID. You can usually resolve this by removing ${INSTALL_PREFIX}/var/lib/netdata/registry/netdata.public.unique.id and restarting the agent. Then try to claim it again using the same options." ;; + 9) warning "Failed to claim node due to an invalid node name. This probably means you tried to specify a custom name for this node (for example, using the --claim-hostname option), but the hostname itself was either empty or consisted solely of whitespace. You can resolve this by specifying a valid host name and trying again." ;; + 10) warning "Failed to claim node due to an invalid room ID. This issue is most likely caused by a typo. Please check if the room(s) you are trying to add appear on the list of rooms provided to the --claim-rooms option ('${NETDATA_CLAIM_ROOMS}'). Then verify if the rooms are visible in Netdata Cloud and try again." ;; + 11) warning "Failed to claim node due to an issue with the generated RSA key pair. You can usually resolve this by removing all files in ${INSTALL_PREFIX}/var/lib/netdata/cloud.d and then trying again." ;; + 12) warning "Failed to claim node due to an invalid or expired claiming token. Please check that the token specified with the --claim-token option ('${NETDATA_CLAIM_TOKEN}') matches what you see in the Cloud and try again." ;; + 13) warning "Failed to claim node because the Cloud thinks it is already claimed. If this node was created by cloning a VM or as a container from a template, please remove the file ${INSTALL_PREFIX}/var/lib/netdata/registry/netdata.public.unique.id and restart the agent. Then try to claim it again with the same options. Otherwise, if you are certain this node has never been claimed before, you can use the --claim-id option to specify a new node ID to use for claiming, for example by using the uuidgen command like so: --claim-id \"\$(uuidgen)\"" ;; + 14) warning "Failed to claim node because the node is already in the process of being claimed. You should not need to do anything to resolve this, the node should show up properly in the Cloud soon. If it does not, please report a bug at ${AGENT_BUG_REPORT_URL}." ;; + 15|16|17) warning "Failed to claim node due to an internal server error in the Cloud. Please retry claiming this node later, and if you still see this message file a bug report at ${CLOUD_BUG_REPORT_URL}." ;; + 18) warning "Unable to claim node because this Netdata installation does not have a unique ID yet. Make sure the agent is running and started up correctly, and then try again." ;; + *) warning "Failed to claim node for an unknown reason. This usually means either networking problems or a bug. Please retry claiming later, and if you still see this message file a bug report at ${AGENT_BUG_REPORT_URL}" ;; esac if [ -z "${NETDATA_NEW_INSTALL}" ]; then @@ -1224,16 +1204,16 @@ set_auto_updates() { if [ "${DRY_RUN}" -eq 1 ]; then progress "Would have attempted to enable automatic updates." # This first case is for catching using a new kickstart script with an old build. It can be safely removed after v1.34.0 is released. - elif ! grep -q '\-\-enable-auto-updates' ${updater}; then + elif ! grep -q '\-\-enable-auto-updates' "${updater}"; then echo - elif ! ${ROOTCMD} ${updater} --enable-auto-updates "${NETDATA_AUTO_UPDATE_TYPE}"; then + elif ! run_as_root "${updater}" --enable-auto-updates "${NETDATA_AUTO_UPDATE_TYPE}"; then warning "Failed to enable auto updates. Netdata will still work, but you will need to update manually." fi else if [ "${DRY_RUN}" -eq 1 ]; then progress "Would have attempted to disable automatic updates." else - ${ROOTCMD} ${updater} --disable-auto-updates + run_as_root "${updater}" --disable-auto-updates fi fi } @@ -1251,7 +1231,7 @@ pkg_installed() { dpkg-query --show --showformat '${Status}' "${1}" 2>&1 | cut -f 1 -d ' ' | grep -q '^install$' return $? ;; - centos|fedora|opensuse|ol) + centos|fedora|opensuse|ol|amzn) rpm -q "${1}" > /dev/null 2>&1 return $? ;; @@ -1263,9 +1243,7 @@ pkg_installed() { pacman -Qi "${1}" > /dev/null 2>&1 return $? ;; - *) - return 1 - ;; + *) return 1 ;; esac ;; Darwin) @@ -1295,7 +1273,7 @@ netdata_avail_check() { env DEBIAN_FRONTEND=noninteractive apt-cache policy netdata | grep -q repo.netdata.cloud/repos/; return $? ;; - centos|fedora|ol) + centos|fedora|ol|amzn) # shellcheck disable=SC2086 ${pm_cmd} search --nogpgcheck -v netdata | grep -qE 'Repo *: netdata(-edge)?$' return $? @@ -1304,9 +1282,7 @@ netdata_avail_check() { zypper packages -r "$(zypper repos | grep -E 'netdata |netdata-edge ' | cut -f 1 -d '|' | tr -d ' ')" | grep -E 'netdata ' return $? ;; - *) - return 1 - ;; + *) return 1 ;; esac } @@ -1323,7 +1299,7 @@ check_special_native_deps() { progress "EPEL is available, attempting to install so that required dependencies are available." # shellcheck disable=SC2086 - if ! run ${ROOTCMD} env ${env} ${pm_cmd} install ${pkg_install_opts} epel-release; then + if ! run_as_root env ${env} ${pm_cmd} install ${pkg_install_opts} epel-release; then warning "Failed to install EPEL, even though it is required to install native packages on this system." return 1 fi @@ -1334,12 +1310,39 @@ check_special_native_deps() { fi } +common_rpm_opts() { + pkg_type="rpm" + pkg_suffix=".noarch" + pkg_vsep="-" + INSTALL_TYPE="binpkg-rpm" + NATIVE_VERSION="${INSTALL_VERSION:+"-${INSTALL_VERSION}.${SYSARCH}"}" +} + +common_dnf_opts() { + if command -v dnf > /dev/null; then + pm_cmd="dnf" + repo_subcmd="makecache" + else + pm_cmd="yum" + fi + pkg_install_opts="${interactive_opts}" + repo_update_opts="${interactive_opts}" + uninstall_subcmd="remove" +} + try_package_install() { failed_refresh_msg="Failed to refresh repository metadata. ${BADNET_MSG} or by misconfiguration of one or more rpackage repositories in the system package manager configuration." - if [ -z "${DISTRO}" ] || [ "${DISTRO}" = "unknown" ]; then + if [ -z "${DISTRO_COMPAT_NAME}" ] || [ "${DISTRO_COMPAT_NAME}" = "unknown" ]; then warning "Unable to determine Linux distribution for native packages." return 2 + elif [ -z "${SYSCODENAME}" ]; then + case "${DISTRO_COMPAT_NAME}" in + debian|ubuntu) + warning "Release codename not set. Unable to check availability of native packages for this system." + return 2 + ;; + esac fi set_tmpdir @@ -1365,97 +1368,43 @@ try_package_install() { fi case "${DISTRO_COMPAT_NAME}" in - debian) - needs_early_refresh=1 - pm_cmd="apt-get" - repo_subcmd="update" - repo_prefix="debian/${SYSCODENAME}" - pkg_type="deb" - pkg_suffix="+debian${SYSVERSION}_all" - pkg_vsep="_" - pkg_install_opts="${interactive_opts}" - repo_update_opts="${interactive_opts}" - uninstall_subcmd="purge" - INSTALL_TYPE="binpkg-deb" - NATIVE_VERSION="${INSTALL_VERSION:+"=${INSTALL_VERSION}"}" - ;; - ubuntu) + debian|ubuntu) needs_early_refresh=1 pm_cmd="apt-get" repo_subcmd="update" - repo_prefix="ubuntu/${SYSCODENAME}" pkg_type="deb" - pkg_suffix="+ubuntu${SYSVERSION}_all" pkg_vsep="_" pkg_install_opts="${interactive_opts}" repo_update_opts="${interactive_opts}" uninstall_subcmd="purge" + repo_prefix="${DISTRO_COMPAT_NAME}/${SYSCODENAME}" + pkg_suffix="+${DISTRO_COMPAT_NAME}${SYSVERSION}_all" INSTALL_TYPE="binpkg-deb" NATIVE_VERSION="${INSTALL_VERSION:+"=${INSTALL_VERSION}"}" ;; centos) - if command -v dnf > /dev/null; then - pm_cmd="dnf" - repo_subcmd="makecache" - else - pm_cmd="yum" - fi + common_rpm_opts + common_dnf_opts repo_prefix="el/${SYSVERSION}" - pkg_type="rpm" - pkg_suffix=".noarch" - pkg_vsep="-" - pkg_install_opts="${interactive_opts}" - repo_update_opts="${interactive_opts}" - uninstall_subcmd="remove" - INSTALL_TYPE="binpkg-rpm" - NATIVE_VERSION="${INSTALL_VERSION:+"-${INSTALL_VERSION}.${SYSARCH}"}" ;; - fedora) - if command -v dnf > /dev/null; then - pm_cmd="dnf" - repo_subcmd="makecache" - else - pm_cmd="yum" - fi - repo_prefix="fedora/${SYSVERSION}" - pkg_type="rpm" - pkg_suffix=".noarch" - pkg_vsep="-" - pkg_install_opts="${interactive_opts}" - repo_update_opts="${interactive_opts}" - uninstall_subcmd="remove" - INSTALL_TYPE="binpkg-rpm" - NATIVE_VERSION="${INSTALL_VERSION:+"-${INSTALL_VERSION}.${SYSARCH}"}" + fedora|ol) + common_rpm_opts + common_dnf_opts + repo_prefix="${DISTRO_COMPAT_NAME}/${SYSVERSION}" ;; opensuse) + common_rpm_opts pm_cmd="zypper" repo_subcmd="--gpg-auto-import-keys refresh" repo_prefix="opensuse/${SYSVERSION}" - pkg_type="rpm" - pkg_suffix=".noarch" - pkg_vsep="-" pkg_install_opts="${interactive_opts} --allow-unsigned-rpm" repo_update_opts="" uninstall_subcmd="remove" - INSTALL_TYPE="binpkg-rpm" - NATIVE_VERSION="${INSTALL_VERSION:+"-${INSTALL_VERSION}.${SYSARCH}"}" ;; - ol) - if command -v dnf > /dev/null; then - pm_cmd="dnf" - repo_subcmd="makecache" - else - pm_cmd="yum" - fi - repo_prefix="ol/${SYSVERSION}" - pkg_type="rpm" - pkg_suffix=".noarch" - pkg_vsep="-" - pkg_install_opts="${interactive_opts}" - repo_update_opts="${interactive_opts}" - uninstall_subcmd="remove" - INSTALL_TYPE="binpkg-rpm" - NATIVE_VERSION="${INSTALL_VERSION:+"-${INSTALL_VERSION}.${SYSARCH}"}" + amzn) + common_rpm_opts + common_dnf_opts + repo_prefix="amazonlinux/${SYSVERSION}" ;; *) warning "We do not provide native packages for ${DISTRO}." @@ -1463,6 +1412,10 @@ try_package_install() { ;; esac + if [ -n "${SKIP_DISTRO_DETECTION}" ]; then + warning "Attempting to use native packages with a distro override. This is not officially supported, but may work in some cases. If your system requires a distro override to use native packages, please open an feature request at ${AGENT_BUG_REPORT_URL} about it so that we can update the installer to auto-detect this." + fi + if [ -n "${INSTALL_VERSION}" ]; then if echo "${INSTALL_VERSION}" | grep -q "nightly"; then new_release="-edge" @@ -1503,21 +1456,21 @@ try_package_install() { if [ -n "${needs_early_refresh}" ]; then # shellcheck disable=SC2086 - if ! run ${ROOTCMD} env ${env} ${pm_cmd} ${repo_subcmd} ${repo_update_opts}; then + if ! run_as_root env ${env} ${pm_cmd} ${repo_subcmd} ${repo_update_opts}; then warning "${failed_refresh_msg}" return 2 fi fi # shellcheck disable=SC2086 - if ! run ${ROOTCMD} env ${env} ${pm_cmd} install ${pkg_install_opts} "${tmpdir}/${repoconfig_file}"; then + if ! run_as_root env ${env} ${pm_cmd} install ${pkg_install_opts} "${tmpdir}/${repoconfig_file}"; then warning "Failed to install repository configuration package." return 2 fi if [ -n "${repo_subcmd}" ]; then # shellcheck disable=SC2086 - if ! run ${ROOTCMD} env ${env} ${pm_cmd} ${repo_subcmd} ${repo_update_opts}; then + if ! run_as_root env ${env} ${pm_cmd} ${repo_subcmd} ${repo_update_opts}; then fatal "${failed_refresh_msg}" F0205 fi fi @@ -1525,8 +1478,8 @@ try_package_install() { progress "Repository configuration is already present, attempting to install netdata." fi - if [ "${REPO_ACTION}" = "repositories-only" ]; then - progress "Successfully installed repository configuration package." + if [ "${ACTION}" = "repositories-only" ]; then + progress "Successfully installed repository configuraion package." deferred_warnings cleanup trap - EXIT @@ -1538,7 +1491,7 @@ try_package_install() { if [ -z "${NO_CLEANUP}" ]; then progress "Attempting to uninstall repository configuration package." # shellcheck disable=SC2086 - run ${ROOTCMD} env ${env} ${pm_cmd} ${uninstall_subcmd} ${pkg_install_opts} "${repoconfig_name}" + run_as_root env ${env} ${pm_cmd} ${uninstall_subcmd} ${pkg_install_opts} "${repoconfig_name}" fi return 2 fi @@ -1548,23 +1501,23 @@ try_package_install() { if [ -z "${NO_CLEANUP}" ]; then progress "Attempting to uninstall repository configuration package." # shellcheck disable=SC2086 - run ${ROOTCMD} env ${env} ${pm_cmd} ${uninstall_subcmd} ${pkg_install_opts} "${repoconfig_name}" + run_as_root env ${env} ${pm_cmd} ${uninstall_subcmd} ${pkg_install_opts} "${repoconfig_name}" fi return 2 fi if [ "${NETDATA_DISABLE_TELEMETRY}" -eq 1 ]; then - run ${ROOTCMD} mkdir -p "/etc/netdata" - run ${ROOTCMD} touch "/etc/netdata/.opt-out-from-anonymous-statistics" + run_as_root mkdir -p "/etc/netdata" + run_as_root touch "/etc/netdata/.opt-out-from-anonymous-statistics" fi # shellcheck disable=SC2086 - if ! run ${ROOTCMD} env ${env} ${pm_cmd} install ${pkg_install_opts} "netdata${NATIVE_VERSION}"; then + if ! run_as_root env ${env} ${pm_cmd} install ${pkg_install_opts} "netdata${NATIVE_VERSION}"; then warning "Failed to install Netdata package." if [ -z "${NO_CLEANUP}" ]; then progress "Attempting to uninstall repository configuration package." # shellcheck disable=SC2086 - run ${ROOTCMD} env ${env} ${pm_cmd} ${uninstall_subcmd} ${pkg_install_opts} "${repoconfig_name}" + run_as_root env ${env} ${pm_cmd} ${uninstall_subcmd} ${pkg_install_opts} "${repoconfig_name}" fi return 2 fi @@ -1657,7 +1610,7 @@ try_static_install() { progress "Installing netdata" # shellcheck disable=SC2086 - if ! run ${ROOTCMD} sh "${tmpdir}/${netdata_agent}" ${opts} -- ${NETDATA_INSTALLER_OPTIONS}; then + if ! run_as_root sh "${tmpdir}/${netdata_agent}" ${opts} -- ${NETDATA_INSTALLER_OPTIONS}; then warning "Failed to install static build of Netdata on ${SYSARCH}." run rm -rf /opt/netdata return 2 @@ -1666,16 +1619,16 @@ try_static_install() { if [ "${DRY_RUN}" -ne 1 ]; then install_type_file="/opt/netdata/etc/netdata/.install-type" if [ -f "${install_type_file}" ]; then - ${ROOTCMD} sh -c "cat \"${install_type_file}\" > \"${tmpdir}/install-type\"" - ${ROOTCMD} chown "$(id -u)":"$(id -g)" "${tmpdir}/install-type" + run_as_root sh -c "cat \"${install_type_file}\" > \"${tmpdir}/install-type\"" + run_as_root chown "$(id -u)":"$(id -g)" "${tmpdir}/install-type" # shellcheck disable=SC1090,SC1091 . "${tmpdir}/install-type" cat > "${tmpdir}/install-type" <<- EOF INSTALL_TYPE='kickstart-static' PREBUILT_ARCH='${PREBUILT_ARCH}' EOF - ${ROOTCMD} chown netdata:netdata "${tmpdir}/install-type" - ${ROOTCMD} cp "${tmpdir}/install-type" "${install_type_file}" + run_as_root chown netdata:netdata "${tmpdir}/install-type" + run_as_root cp "${tmpdir}/install-type" "${install_type_file}" fi fi } @@ -1728,14 +1681,8 @@ install_local_build_dependencies() { opts="--dont-wait --non-interactive" fi - if [ "${SYSTYPE}" = "Darwin" ]; then - sudo="" - else - sudo="${ROOTCMD}" - fi - # shellcheck disable=SC2086 - if ! run ${sudo} "${bash}" "${tmpdir}/install-required-packages.sh" ${opts} netdata; then + if ! run_as_root "${bash}" "${tmpdir}/install-required-packages.sh" ${opts} netdata; then warning "Failed to install all required packages, but installation might still be possible." fi } @@ -1776,9 +1723,7 @@ build_and_install() { fatal "netdata-installer.sh failed to run: Encountered an unhandled error in the installer code." I0000 fi ;; - 2) - fatal "Insufficient RAM to install netdata." F0008 - ;; + 2) fatal "Insufficient RAM to install netdata." F0008 ;; esac } @@ -1858,34 +1803,36 @@ prepare_offline_install_source() { run cd "${1}" || fatal "Failed to switch to target directory for offline install preparation." F0505 - if [ "${NETDATA_ONLY_NATIVE}" -ne 1 ] && [ "${NETDATA_ONLY_BUILD}" -ne 1 ]; then - set_static_archive_urls "${SELECTED_RELEASE_CHANNEL}" "x86_64" + case "${NETDATA_FORCE_METHOD}" in + static|'') + set_static_archive_urls "${SELECTED_RELEASE_CHANNEL}" "x86_64" - if check_for_remote_file "${NETDATA_STATIC_ARCHIVE_URL}"; then - for arch in ${STATIC_INSTALL_ARCHES}; do - set_static_archive_urls "${SELECTED_RELEASE_CHANNEL}" "${arch}" + if check_for_remote_file "${NETDATA_STATIC_ARCHIVE_URL}"; then + for arch in ${STATIC_INSTALL_ARCHES}; do + set_static_archive_urls "${SELECTED_RELEASE_CHANNEL}" "${arch}" - progress "Fetching ${NETDATA_STATIC_ARCHIVE_URL}" - if ! download "${NETDATA_STATIC_ARCHIVE_URL}" "netdata-${arch}-latest.gz.run"; then - warning "Failed to download static installer archive for ${arch}. ${BADNET_MSG}." - fi - done - legacy=0 - else - warning "Selected version of Netdata only provides static builds for x86_64. You will only be able to install on x86_64 systems with this offline install source." - progress "Fetching ${NETDATA_STATIC_ARCHIVE_OLD_URL}" - legacy=1 + progress "Fetching ${NETDATA_STATIC_ARCHIVE_URL}" + if ! download "${NETDATA_STATIC_ARCHIVE_URL}" "netdata-${arch}-latest.gz.run"; then + warning "Failed to download static installer archive for ${arch}. ${BADNET_MSG}." + fi + done + legacy=0 + else + warning "Selected version of Netdata only provides static builds for x86_64. You will only be able to install on x86_64 systems with this offline install source." + progress "Fetching ${NETDATA_STATIC_ARCHIVE_OLD_URL}" + legacy=1 - if ! download "${NETDATA_STATIC_ARCHIVE_OLD_URL}" "netdata-x86_64-latest.gz.run"; then - warning "Failed to download static installer archive for x86_64. ${BADNET_MSG}." + if ! download "${NETDATA_STATIC_ARCHIVE_OLD_URL}" "netdata-x86_64-latest.gz.run"; then + warning "Failed to download static installer archive for x86_64. ${BADNET_MSG}." + fi fi - fi - progress "Fetching ${NETDATA_STATIC_ARCHIVE_CHECKSUM_URL}" - if ! download "${NETDATA_STATIC_ARCHIVE_CHECKSUM_URL}" "sha256sums.txt"; then - fatal "Failed to download checksum file. ${BADNET_MSG}." F0506 - fi - fi + progress "Fetching ${NETDATA_STATIC_ARCHIVE_CHECKSUM_URL}" + if ! download "${NETDATA_STATIC_ARCHIVE_CHECKSUM_URL}" "sha256sums.txt"; then + fatal "Failed to download checksum file. ${BADNET_MSG}." F0506 + fi + ;; + esac if [ "${legacy:-0}" -eq 1 ]; then sed -e 's/netdata-latest.gz.run/netdata-x86_64-latest.gz.run' sha256sums.txt > sha256sums.tmp @@ -1935,7 +1882,7 @@ prepare_offline_install_source() { # Per system-type install logic install_on_linux() { - if [ "${NETDATA_ONLY_STATIC}" -ne 1 ] && [ "${NETDATA_ONLY_BUILD}" -ne 1 ] && [ -z "${NETDATA_OFFLINE_INSTALL_SOURCE}" ]; then + if [ "${NETDATA_FORCE_METHOD}" != 'static' ] && [ "${NETDATA_FORCE_METHOD}" != 'build' ] && [ -z "${NETDATA_OFFLINE_INSTALL_SOURCE}" ]; then SELECTED_INSTALL_METHOD="native" try_package_install @@ -1944,20 +1891,17 @@ install_on_linux() { NETDATA_INSTALL_SUCCESSFUL=1 INSTALL_PREFIX="/" ;; - 1) - fatal "Unable to install on this system." F0300 - ;; + 1) fatal "Unable to install on this system." F0300 ;; 2) - if [ "${NETDATA_ONLY_NATIVE}" -eq 1 ]; then - fatal "Could not install native binary packages." F0301 - else - warning "Could not install native binary packages, falling back to alternative installation method." - fi + case "${NETDATA_FORCE_METHOD}" in + native) fatal "Could not install native binary packages." F0301 ;; + *) warning "Could not install native binary packages, falling back to alternative installation method." ;; + esac ;; esac fi - if [ "${NETDATA_ONLY_NATIVE}" -ne 1 ] && [ "${NETDATA_ONLY_BUILD}" -ne 1 ] && [ -z "${NETDATA_INSTALL_SUCCESSFUL}" ]; then + if [ "${NETDATA_FORCE_METHOD}" != 'native' ] && [ "${NETDATA_FORCE_METHOD}" != 'build' ] && [ -z "${NETDATA_INSTALL_SUCCESSFUL}" ]; then SELECTED_INSTALL_METHOD="static" INSTALL_TYPE="kickstart-static" try_static_install @@ -1967,75 +1911,60 @@ install_on_linux() { NETDATA_INSTALL_SUCCESSFUL=1 INSTALL_PREFIX="/opt/netdata" ;; - 1) - fatal "Unable to install on this system." F0302 - ;; + 1) fatal "Unable to install on this system." F0302 ;; 2) - if [ "${NETDATA_ONLY_STATIC}" -eq 1 ]; then - fatal "Could not install static build." F0303 - else - warning "Could not install static build, falling back to alternative installation method." - fi + case "${NETDATA_FORCE_METHOD}" in + static) fatal "Could not install static build." F0303 ;; + *) warning "Could not install static build, falling back to alternative installation method." ;; + esac ;; esac fi - if [ "${NETDATA_ONLY_NATIVE}" -ne 1 ] && [ "${NETDATA_ONLY_STATIC}" -ne 1 ] && [ -z "${NETDATA_INSTALL_SUCCESSFUL}" ]; then + if [ "${NETDATA_FORCE_METHOD}" != 'native' ] && [ "${NETDATA_FORCE_METHOD}" != 'static' ] && [ -z "${NETDATA_INSTALL_SUCCESSFUL}" ]; then SELECTED_INSTALL_METHOD="build" INSTALL_TYPE="kickstart-build" try_build_install case "$?" in - 0) - NETDATA_INSTALL_SUCCESSFUL=1 - ;; - *) - fatal "Unable to install on this system." F0304 - ;; + 0) NETDATA_INSTALL_SUCCESSFUL=1 ;; + *) fatal "Unable to install on this system." F0304 ;; esac fi } install_on_macos() { - if [ "${NETDATA_ONLY_NATIVE}" -eq 1 ]; then - fatal "User requested native package, but native packages are not available for macOS. Try installing without \`--only-native\` option." F0305 - elif [ "${NETDATA_ONLY_STATIC}" -eq 1 ]; then - fatal "User requested static build, but static builds are not available for macOS. Try installing without \`--only-static\` option." F0306 - else - SELECTED_INSTALL_METHOD="build" - INSTALL_TYPE="kickstart-build" - try_build_install + case "${NETDATA_FORCE_METHOD}" in + native) fatal "User requested native package, but native packages are not available for macOS. Try installing without \`--only-native\` option." F0305 ;; + static) fatal "User requested static build, but static builds are not available for macOS. Try installing without \`--only-static\` option." F0306 ;; + *) + SELECTED_INSTALL_METHOD="build" + INSTALL_TYPE="kickstart-build" + try_build_install - case "$?" in - 0) - NETDATA_INSTALL_SUCCESSFUL=1 - ;; - *) - fatal "Unable to install on this system." F0307 - ;; - esac - fi + case "$?" in + 0) NETDATA_INSTALL_SUCCESSFUL=1 ;; + *) fatal "Unable to install on this system." F0307 ;; + esac + ;; + esac } install_on_freebsd() { - if [ "${NETDATA_ONLY_NATIVE}" -eq 1 ]; then - fatal "User requested native package, but native packages are not available for FreeBSD. Try installing without \`--only-native\` option." F0308 - elif [ "${NETDATA_ONLY_STATIC}" -eq 1 ]; then - fatal "User requested static build, but static builds are not available for FreeBSD. Try installing without \`--only-static\` option." F0309 - else - SELECTED_INSTALL_METHOD="build" - INSTALL_TYPE="kickstart-build" - try_build_install + case "${NETDATA_FORCE_METHOD}" in + native) fatal "User requested native package, but native packages are not available for FreeBSD. Try installing without \`--only-native\` option." F0308 ;; + static) fatal "User requested static build, but static builds are not available for FreeBSD. Try installing without \`--only-static\` option." F0309 ;; + *) + SELECTED_INSTALL_METHOD="build" + INSTALL_TYPE="kickstart-build" + try_build_install - case "$?" in - 0) - NETDATA_INSTALL_SUCCESSFUL=1 - ;; - *) - fatal "Unable to install on this system." F030A - ;; - esac - fi + case "$?" in + 0) NETDATA_INSTALL_SUCCESSFUL=1 ;; + *) fatal "Unable to install on this system." F030A ;; + esac + ;; + esac } # ====================================================================== @@ -2044,26 +1973,32 @@ install_on_freebsd() { validate_args() { check_claim_opts + if [ -n "${NETDATA_FORCE_METHOD}" ]; then + SELECTED_INSTALL_METHOD="${NETDATA_FORCE_METHOD}" + fi + + if [ "${ACTION}" = "repositories-only" ] && [ "${NETDATA_FORCE_METHOD}" != "native" ]; then + fatal "Repositories can only be installed for native installs." F050D + fi + if [ -n "${NETDATA_OFFLINE_INSTALL_SOURCE}" ]; then - if [ "${NETDATA_ONLY_NATIVE}" -eq 1 ] || [ "${NETDATA_ONLY_BUILD}" -eq 1 ]; then - fatal "Offline installs are only supported for static builds currently." F0502 - fi + case "${NETDATA_FORCE_METHOD}" in + native|build) fatal "Offline installs are only supported for static builds currently." F0502 ;; + esac fi if [ -n "${LOCAL_BUILD_OPTIONS}" ]; then - if [ "${NETDATA_ONLY_BUILD}" -eq 1 ]; then - NETDATA_INSTALLER_OPTIONS="${NETDATA_INSTALLER_OPTIONS} ${LOCAL_BUILD_OPTIONS}" - else - fatal "Specifying local build options is only supported when the --build-only option is also specified." F0401 - fi + case "${NETDATA_FORCE_METHOD}" in + build) NETDATA_INSTALLER_OPTIONS="${NETDATA_INSTALLER_OPTIONS} ${LOCAL_BUILD_OPTIONS}" ;; + *) fatal "Specifying local build options is only supported when the --build-only option is also specified." F0401 ;; + esac fi if [ -n "${STATIC_INSTALL_OPTIONS}" ]; then - if [ "${NETDATA_ONLY_STATIC}" -eq 1 ]; then - NETDATA_INSTALLER_OPTIONS="${NETDATA_INSTALLER_OPTIONS} ${STATIC_INSTALL_OPTIONS}" - else - fatal "Specifying installer options options is only supported when the --static-only option is also specified." F0402 - fi + case "${NETDATA_FORCE_METHOD}" in + static) NETDATA_INSTALLER_OPTIONS="${NETDATA_INSTALLER_OPTIONS} ${STATIC_INSTALL_OPTIONS}" ;; + *) fatal "Specifying installer options options is only supported when the --static-only option is also specified." F0402 ;; + esac fi if [ -n "${NETDATA_OFFLINE_INSTALL_SOURCE}" ] && [ -n "${INSTALL_VERSION}" ]; then @@ -2101,6 +2036,17 @@ validate_args() { fi } +set_action() { + new_action="${1}" + + if [ -n "${ACTION}" ]; then + warning "Ignoring previously specified '${ACTION}' operation in favor of '${new_action}' specified later on the command line." + fi + + ACTION="${new_action}" + NETDATA_COMMAND="${new_action}" +} + parse_args() { while [ -n "${1}" ]; do case "${1}" in @@ -2114,33 +2060,35 @@ parse_args() { "--dont-wait"|"--non-interactive") INTERACTIVE=0 ;; "--interactive") INTERACTIVE=1 ;; "--dry-run") DRY_RUN=1 ;; + "--release-channel") + RELEASE_CHANNEL="$(echo "${2}" | tr '[:upper:]' '[:lower:]')" + case "${RELEASE_CHANNEL}" in + nightly|stable|default) shift 1 ;; + *) + echo "Unrecognized value for --release-channel. Valid release channels are: stable, nightly, default" + exit 1 + ;; + esac + ;; "--stable-channel") RELEASE_CHANNEL="stable" ;; + "--nightly-channel") RELEASE_CHANNEL="nightly" ;; + "--reinstall") set_action 'reinstall' ;; + "--reinstall-even-if-unsafe") set_action 'unsafe-reinstall' ;; + "--reinstall-clean") set_action 'reinstall-clean' ;; + "--uninstall") set_action 'uninstall' ;; + "--claim-only") set_action 'claim' ;; "--no-updates") NETDATA_AUTO_UPDATES=0 ;; "--auto-update") NETDATA_AUTO_UPDATES="1" ;; "--auto-update-method") NETDATA_AUTO_UPDATE_TYPE="$(echo "${2}" | tr '[:upper:]' '[:lower:]')" case "${NETDATA_AUTO_UPDATE_TYPE}" in - systemd|interval|crontab) - shift 1 - ;; + systemd|interval|crontab) shift 1 ;; *) echo "Unrecognized value for --auto-update-type. Valid values are: systemd, interval, crontab" exit 1 ;; esac ;; - "--reinstall") - NETDATA_REINSTALL=1 - NETDATA_COMMAND="reinstall" - ;; - "--reinstall-even-if-unsafe") - NETDATA_UNSAFE_REINSTALL=1 - NETDATA_COMMAND="unsafe-reinstall" - ;; - "--claim-only") - NETDATA_CLAIM_ONLY=1 - NETDATA_COMMAND="claim-only" - ;; "--disable-cloud") NETDATA_DISABLE_CLOUD=1 NETDATA_REQUIRE_CLOUD=0 @@ -2170,36 +2118,29 @@ parse_args() { AUTO_UPDATE=0 shift 1 ;; - "--uninstall") - ACTION="uninstall" - NETDATA_COMMAND="uninstall" - ;; - "--reinstall-clean") - ACTION="reinstall-clean" - NETDATA_COMMAND="reinstall-clean" + "--distro-override") + if [ -n "${2}" ]; then + SKIP_DISTRO_DETECTION=1 + DISTRO="$(echo "${2}" | cut -f 1 -d ':' | tr '[:upper:]' '[:lower:]')" + SYSVERSION="$(echo "${2}" | cut -f 2 -d ':')" + SYSCODENAME="$(echo "${2}" | cut -f 3 -d ':' | tr '[:upper:]' '[:lower:]')" + + if [ -z "${SYSVERSION}" ]; then + fatal "You must specify a release as well as a distribution name." F0510 + fi + + shift 1 + else + fatal "A distribution name and release must be specified for the --distro-override option." F050F + fi ;; "--repositories-only") - REPO_ACTION="repositories-only" - NETDATA_COMMAND="repositories" - ;; - "--native-only") - NETDATA_ONLY_NATIVE=1 - NETDATA_ONLY_STATIC=0 - NETDATA_ONLY_BUILD=0 - SELECTED_INSTALL_METHOD="native" - ;; - "--static-only") - NETDATA_ONLY_STATIC=1 - NETDATA_ONLY_NATIVE=0 - NETDATA_ONLY_BUILD=0 - SELECTED_INSTALL_METHOD="static" - ;; - "--build-only") - NETDATA_ONLY_BUILD=1 - NETDATA_ONLY_NATIVE=0 - NETDATA_ONLY_STATIC=0 - SELECTED_INSTALL_METHOD="build" + set_action 'repositories-only' + NETDATA_FORCE_METHOD="native" ;; + "--native-only") NETDATA_FORCE_METHOD="native" ;; + "--static-only") NETDATA_FORCE_METHOD="static" ;; + "--build-only") NETDATA_FORCE_METHOD="build" ;; "--claim-token") NETDATA_CLAIM_TOKEN="${2}" shift 1 @@ -2219,12 +2160,8 @@ parse_args() { NETDATA_CLAIM_EXTRA="${NETDATA_CLAIM_EXTRA} -${optname}=${2}" shift 1 ;; - verbose|insecure|noproxy|noreload|daemon-not-running) - NETDATA_CLAIM_EXTRA="${NETDATA_CLAIM_EXTRA} -${optname}" - ;; - *) - warning "Ignoring unrecognized claiming option ${optname}" - ;; + verbose|insecure|noproxy|noreload|daemon-not-running) NETDATA_CLAIM_EXTRA="${NETDATA_CLAIM_EXTRA} -${optname}" ;; + *) warning "Ignoring unrecognized claiming option ${optname}" ;; esac ;; "--local-build-options") @@ -2237,8 +2174,7 @@ parse_args() { ;; "--prepare-offline-install-source") if [ -n "${2}" ]; then - ACTION="prepare-offline" - NETDATA_COMMAND="prepare-offline" + set_action 'prepare-offline' OFFLINE_TARGET="${2}" shift 1 else @@ -2253,9 +2189,7 @@ parse_args() { fatal "A source directory must be specified with the --offline-install-source option." F0501 fi ;; - *) - fatal "Unrecognized option '${1}'. If you intended to pass this option to the installer code, please use either --local-build-options or --static-install-options to specify it instead." F050E - ;; + *) fatal "Unrecognized option '${1}'. If you intended to pass this option to the installer code, please use either --local-build-options or --static-install-options to specify it instead." F050E ;; esac shift 1 done diff --git a/packaging/installer/methods/ansible.md b/packaging/installer/methods/ansible.md new file mode 100644 index 000000000..6b4c69f09 --- /dev/null +++ b/packaging/installer/methods/ansible.md @@ -0,0 +1,156 @@ + + +# Deploy Netdata with Ansible + +Netdata's [one-line kickstart](https://github.com/netdata/netdata/blob/master/packaging/installer/README.md#install-on-linux-with-one-line-installer) is zero-configuration, highly adaptable, and compatible with tons +of different operating systems and Linux distributions. You can use it on bare metal, VMs, containers, and everything +in-between. + +But what if you're trying to bootstrap an infrastructure monitoring solution as quickly as possible? What if you need to +deploy Netdata across an entire infrastructure with many nodes? What if you want to make this deployment reliable, +repeatable, and idempotent? What if you want to write and deploy your infrastructure or cloud monitoring system like +code? + +Enter [Ansible](https://ansible.com), a popular system provisioning, configuration management, and infrastructure as +code (IaC) tool. Ansible uses **playbooks** to glue many standardized operations together with a simple syntax, then run +those operations over standard and secure SSH connections. There's no agent to install on the remote system, so all you +have to worry about is your application and your monitoring software. + +Ansible has some competition from the likes of [Puppet](https://puppet.com/) or [Chef](https://www.chef.io/), but the +most valuable feature about Ansible is **idempotent**. From the [Ansible +glossary](https://docs.ansible.com/ansible/latest/reference_appendices/glossary.html) + +> An operation is idempotent if the result of performing it once is exactly the same as the result of performing it +> repeatedly without any intervening actions. + +Idempotency means you can run an Ansible playbook against your nodes any number of times without affecting how they +operate. When you deploy Netdata with Ansible, you're also deploying _monitoring as code_. + +In this guide, we'll walk through the process of using an [Ansible +playbook](https://github.com/netdata/community/tree/main/configuration-management/ansible-quickstart/) to automatically +deploy the Netdata Agent to any number of distributed nodes, manage the configuration of each node, and connect them to +your Netdata Cloud account. You'll go from some unmonitored nodes to a infrastructure monitoring solution in a matter of +minutes. + +## Prerequisites + +- A Netdata Cloud account. [Sign in and create one](https://app.netdata.cloud) if you don't have one already. +- An administration system with [Ansible](https://www.ansible.com/) installed. +- One or more nodes that your administration system can access via [SSH public + keys](https://git-scm.com/book/en/v2/Git-on-the-Server-Generating-Your-SSH-Public-Key) (preferably password-less). + +## Download and configure the playbook + +First, download the +[playbook](https://github.com/netdata/community/tree/main/configuration-management/ansible-quickstart/), move it to the +current directory, and remove the rest of the cloned repository, as it's not required for using the Ansible playbook. + +```bash +git clone https://github.com/netdata/community.git +mv community/netdata-agent-deployment/ansible-quickstart . +rm -rf community +``` + +Or if you don't want to clone the entire repository, use the [gitzip browser extension](https://gitzip.org/) to get the netdata-agent-deployment directory as a zip file. + +Next, `cd` into the Ansible directory. + +```bash +cd ansible-quickstart +``` + +### Edit the `hosts` file + +The `hosts` file contains a list of IP addresses or hostnames that Ansible will try to run the playbook against. The +`hosts` file that comes with the repository contains two example IP addresses, which you should replace according to the +IP address/hostname of your nodes. + +```conf +203.0.113.0 hostname=node-01 +203.0.113.1 hostname=node-02 +``` + +You can also set the `hostname` variable, which appears both on the local Agent dashboard and Netdata Cloud, or you can +omit the `hostname=` string entirely to use the system's default hostname. + +#### Set the login user (optional) + +If you SSH into your nodes as a user other than `root`, you need to configure `hosts` according to those user names. Use +the `ansible_user` variable to set the login user. For example: + +```conf +203.0.113.0 hostname=ansible-01 ansible_user=example +``` + +#### Set your SSH key (optional) + +If you use an SSH key other than `~/.ssh/id_rsa` for logging into your nodes, you can set that on a per-node basis in +the `hosts` file with the `ansible_ssh_private_key_file` variable. For example, to log into a Lightsail instance using +two different SSH keys supplied by AWS. + +```conf +203.0.113.0 hostname=ansible-01 ansible_ssh_private_key_file=~/.ssh/LightsailDefaultKey-us-west-2.pem +203.0.113.1 hostname=ansible-02 ansible_ssh_private_key_file=~/.ssh/LightsailDefaultKey-us-east-1.pem +``` + +### Edit the `vars/main.yml` file + +In order to connect your node(s) to your Space in Netdata Cloud, and see all their metrics in real-time in [composite +charts](https://github.com/netdata/netdata/blob/master/docs/visualize/overview-infrastructure.md) or perform [Metric +Correlations](https://github.com/netdata/netdata/blob/master/docs/cloud/insights/metric-correlations.md), you need to set the `claim_token` +and `claim_room` variables. + +To find your `claim_token` and `claim_room`, go to Netdata Cloud, then click on your Space's name in the top navigation, +then click on **Manage your Space**. Click on the **Nodes** tab in the panel that appears, which displays a script with +`token` and `room` strings. + +![Animated GIF of finding the claiming script and the token and room +strings](https://user-images.githubusercontent.com/1153921/98740235-f4c3ac00-2367-11eb-8ffd-e9ab0f04c463.gif) + +Copy those strings into the `claim_token` and `claim_rooms` variables. + +```yml +claim_token: XXXXX +claim_rooms: XXXXX +``` + +Change the `dbengine_multihost_disk_space` if you want to change the metrics retention policy by allocating more or less +disk space for storing metrics. The default is 2048 Mib, or 2 GiB. + +Because we're connecting this node to Netdata Cloud, and will view its dashboards there instead of via the IP address or +hostname of the node, the playbook disables that local dashboard by setting `web_mode` to `none`. This gives a small +security boost by not allowing any unwanted access to the local dashboard. + +You can read more about this decision, or other ways you might lock down the local dashboard, in our [node security +doc](https://github.com/netdata/netdata/blob/master/docs/netdata-security.md). + +> Curious about why Netdata's dashboard is open by default? Read our [blog +> post](https://www.netdata.cloud/blog/netdata-agent-dashboard/) on that zero-configuration design decision. + +## Run the playbook + +Time to run the playbook from your administration system: + +```bash +ansible-playbook -i hosts tasks/main.yml +``` + +Ansible first connects to your node(s) via SSH, then [collects +facts](https://docs.ansible.com/ansible/latest/user_guide/playbooks_vars_facts.html#ansible-facts) about the system. +This playbook doesn't use these facts, but you could expand it to provision specific types of systems based on the +makeup of your infrastructure. + +Next, Ansible makes changes to each node according to the `tasks` defined in the playbook, and +[returns](https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#changed) whether each +task results in a changed, failure, or was skipped entirely. + +The task to install Netdata will take a few minutes per node, so be patient! Once the playbook reaches the connect to Cloud +task, your nodes start populating your Space in Netdata Cloud. diff --git a/packaging/installer/methods/aws.md b/packaging/installer/methods/aws.md new file mode 100644 index 000000000..c0b92a036 --- /dev/null +++ b/packaging/installer/methods/aws.md @@ -0,0 +1,67 @@ + + +# Install Netdata on AWS + +Netdata is fully compatible with Amazon Web Services (AWS). +You can install Netdata on cloud instances to monitor the apps/services running there, or use +multiple instances in a [parent-child streaming](https://github.com/netdata/netdata/blob/master/streaming/README.md) configuration. + +## Recommended installation method + +The best installation method depends on the instance's operating system, distribution, and version. For Linux instances, +we recommend the [`kickstart.sh` automatic installation script](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/kickstart.md). + +If you have issues with Netdata after installation, look to the sections below to find the issue you're experiencing, +followed by the solution for your provider. + +## Post-installation configuration + +### Add a firewall rule to access Netdata's dashboard + +If you cannot access Netdata's dashboard on your cloud instance via `http://HOST:19999`, and instead get an error page +from your browser that says, "This site can't be reached" (Chrome) or "Unable to connect" (Firefox), you may need to +configure your cloud provider's firewall. + +Cloud providers often create network-level firewalls that run separately from the instance itself. Both AWS and Google +Cloud Platform calls them Virtual Private Cloud (VPC) networks. These firewalls can apply even if you've disabled +firewalls on the instance itself. Because you can modify these firewalls only via the cloud provider's web interface, +it's easy to overlook them when trying to configure and access Netdata's dashboard. + +You can often confirm a firewall issue by querying the dashboard while connected to the instance via SSH: `curl +http://localhost:19999/api/v1/info`. If you see JSON output, Netdata is running properly. If you try the same `curl` +command from a remote system, and it fails, it's likely that a firewall is blocking your requests. + +Another option is to put Netdata behind web server, which will proxy requests through standard HTTP/HTTPS ports +(80/443), which are likely already open on your instance. We have a number of guides available: + +- [Apache](https://github.com/netdata/netdata/blob/master/docs/Running-behind-apache.md) +- [Nginx](https://github.com/netdata/netdata/blob/master/docs/Running-behind-nginx.md) +- [Caddy](https://github.com/netdata/netdata/blob/master/docs/Running-behind-caddy.md) +- [HAProxy](https://github.com/netdata/netdata/blob/master/docs/Running-behind-haproxy.md) +- [lighttpd](https://github.com/netdata/netdata/blob/master/docs/Running-behind-lighttpd.md) + +Sign in to the [AWS console](https://console.aws.amazon.com/) and navigate to the EC2 dashboard. Click on the **Security +Groups** link in the navigation, beneath the **Network & Security** heading. Find the Security Group your instance +belongs to, and either right-click on it or click the **Actions** button above to see a dropdown menu with **Edit +inbound rules**. + +Add a new rule with the following options: + +```conf +Type: Custom TCP +Protocol: TCP +Port Range: 19999 +Source: Anywhere +Description: Netdata +``` + +You can also choose **My IP** as the source if you prefer. + +Click **Save** to apply your new inbound firewall rule. diff --git a/packaging/installer/methods/azure.md b/packaging/installer/methods/azure.md new file mode 100644 index 000000000..4c39a00ad --- /dev/null +++ b/packaging/installer/methods/azure.md @@ -0,0 +1,68 @@ + + +# Install Netdata on Azure + +Netdata is fully compatible with Azure. +You can install Netdata on cloud instances to monitor the apps/services running there, or use +multiple instances in a [parent-child streaming](https://github.com/netdata/netdata/blob/master/streaming/README.md) configuration. + +## Recommended installation method + +The best installation method depends on the instance's operating system, distribution, and version. For Linux instances, +we recommend the [`kickstart.sh` automatic installation script](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/kickstart.md). + +If you have issues with Netdata after installation, look to the sections below to find the issue you're experiencing, +followed by the solution for your provider. + +## Post-installation configuration + +### Add a firewall rule to access Netdata's dashboard + +If you cannot access Netdata's dashboard on your cloud instance via `http://HOST:19999`, and instead get an error page +from your browser that says, "This site can't be reached" (Chrome) or "Unable to connect" (Firefox), you may need to +configure your cloud provider's firewall. + +Cloud providers often create network-level firewalls that run separately from the instance itself. Both AWS and Google +Cloud Platform calls them Virtual Private Cloud (VPC) networks. These firewalls can apply even if you've disabled +firewalls on the instance itself. Because you can modify these firewalls only via the cloud provider's web interface, +it's easy to overlook them when trying to configure and access Netdata's dashboard. + +You can often confirm a firewall issue by querying the dashboard while connected to the instance via SSH: `curl +http://localhost:19999/api/v1/info`. If you see JSON output, Netdata is running properly. If you try the same `curl` +command from a remote system, and it fails, it's likely that a firewall is blocking your requests. + +Another option is to put Netdata behind web server, which will proxy requests through standard HTTP/HTTPS ports +(80/443), which are likely already open on your instance. We have a number of guides available: + +- [Apache](https://github.com/netdata/netdata/blob/master/docs/Running-behind-apache.md) +- [Nginx](https://github.com/netdata/netdata/blob/master/docs/Running-behind-nginx.md) +- [Caddy](https://github.com/netdata/netdata/blob/master/docs/Running-behind-caddy.md) +- [HAProxy](https://github.com/netdata/netdata/blob/master/docs/Running-behind-haproxy.md) +- [lighttpd](https://github.com/netdata/netdata/blob/master/docs/Running-behind-lighttpd.md) + +Sign in to the [Azure portal](https://portal.azure.com) and open the virtual machine running Netdata. Click on the +**Networking** link beneath the **Settings** header, then click on the **Add inbound security rule** button. + +Add a new rule with the following options: + +```conf +Source: Any +Source port ranges: 19999 +Destination: Any +Destination port ranges: 19999 +Protocol: TCP +Action: Allow +Priority: 310 +Name: Netdata +``` + +Click **Add** to apply your new inbound security rule. + + diff --git a/packaging/installer/methods/cloud-providers.md b/packaging/installer/methods/cloud-providers.md deleted file mode 100644 index 6b8fa6de1..000000000 --- a/packaging/installer/methods/cloud-providers.md +++ /dev/null @@ -1,126 +0,0 @@ - - -# Install Netdata on cloud providers - -Netdata is fully compatible with popular cloud providers like Google Cloud Platform (GCP), Amazon Web Services (AWS), -Azure, and others. You can install Netdata on cloud instances to monitor the apps/services running there, or use -multiple instances in a [parent-child streaming](https://github.com/netdata/netdata/blob/master/streaming/README.md) configuration. - -In some cases, using Netdata on these cloud providers requires unique installation or configuration steps. This page -aims to document some of those steps for popular cloud providers. - -> This document is a work-in-progress! If you find new issues specific to a cloud provider, or would like to help -> clarify the correct workaround, please [create an -> issue](https://github.com/netdata/netdata/issues/new?labels=feature+request,+needs+triage&template=feature_request.md) -> with your process and instructions on using the provider's interface to complete the workaround. - -- [Recommended installation methods for cloud providers](#recommended-installation-methods-for-cloud-providers) -- [Post-installation configuration](#post-installation-configuration) - - [Add a firewall rule to access Netdata's dashboard](#add-a-firewall-rule-to-access-netdatas-dashboard) - -## Recommended installation methods for cloud providers - -The best installation method depends on the instance's operating system, distribution, and version. For Linux instances, -we recommend the [`kickstart.sh` automatic installation script](kickstart.md). - -If you have issues with Netdata after installation, look to the sections below to find the issue you're experiencing, -followed by the solution for your provider. - -## Post-installation configuration - -Some cloud providers require you take additional steps to properly configure your instance or its networking to access -all of Netdata's features. - -### Add a firewall rule to access Netdata's dashboard - -If you cannot access Netdata's dashboard on your cloud instance via `http://HOST:19999`, and instead get an error page -from your browser that says, "This site can't be reached" (Chrome) or "Unable to connect" (Firefox), you may need to -configure your cloud provider's firewall. - -Cloud providers often create network-level firewalls that run separately from the instance itself. Both AWS and Google -Cloud Platform calls them Virtual Private Cloud (VPC) networks. These firewalls can apply even if you've disabled -firewalls on the instance itself. Because you can modify these firewalls only via the cloud provider's web interface, -it's easy to overlook them when trying to configure and access Netdata's dashboard. - -You can often confirm a firewall issue by querying the dashboard while connected to the instance via SSH: `curl -http://localhost:19999/api/v1/info`. If you see JSON output, Netdata is running properly. If you try the same `curl` -command from a remote system, and it fails, it's likely that a firewall is blocking your requests. - -Another option is to put Netdata behind web server, which will proxy requests through standard HTTP/HTTPS ports -(80/443), which are likely already open on your instance. We have a number of guides available: - -- [Apache](https://github.com/netdata/netdata/blob/master/docs/Running-behind-apache.md) -- [Nginx](https://github.com/netdata/netdata/blob/master/docs/Running-behind-nginx.md) -- [Caddy](https://github.com/netdata/netdata/blob/master/docs/Running-behind-caddy.md) -- [HAProxy](https://github.com/netdata/netdata/blob/master/docs/Running-behind-haproxy.md) -- [lighttpd](https://github.com/netdata/netdata/blob/master/docs/Running-behind-lighttpd.md) - -The next few sections outline how to add firewall rules to GCP, AWS, and Azure instances. - -#### Google Cloud Platform (GCP) - -To add a firewall rule, go to the [Firewall rules page](https://console.cloud.google.com/networking/firewalls/list) and -click **Create firewall rule**. - -The following configuration has previously worked for Netdata running on GCP instances -([see #7786](https://github.com/netdata/netdata/issues/7786)): - -```conf -Name: -Type: Ingress -Targets: -Filters: 0.0.0.0/0 -Protocols/ports: 19999 -Action: allow -Priority: 1000 -``` - -Read GCP's [firewall documentation](https://cloud.google.com/vpc/docs/using-firewalls) for specific instructions on how -to create a new firewall rule. - -#### Amazon Web Services (AWS) / EC2 - -Sign in to the [AWS console](https://console.aws.amazon.com/) and navigate to the EC2 dashboard. Click on the **Security -Groups** link in the navigation, beneath the **Network & Security** heading. Find the Security Group your instance -belongs to, and either right-click on it or click the **Actions** button above to see a dropdown menu with **Edit -inbound rules**. - -Add a new rule with the following options: - -```conf -Type: Custom TCP -Protocol: TCP -Port Range: 19999 -Source: Anywhere -Description: Netdata -``` - -You can also choose **My IP** as the source if you prefer. - -Click **Save** to apply your new inbound firewall rule. - -#### Azure - -Sign in to the [Azure portal](https://portal.azure.com) and open the virtual machine running Netdata. Click on the -**Networking** link beneath the **Settings** header, then click on the **Add inbound security rule** button. - -Add a new rule with the following options: - -```conf -Source: Any -Source port ranges: 19999 -Destination: Any -Destination port ranges: 19999 -Protocol: TCP -Action: Allow -Priority: 310 -Name: Netdata -``` - -Click **Add** to apply your new inbound security rule. - - diff --git a/packaging/installer/methods/freebsd.md b/packaging/installer/methods/freebsd.md index ea7099b36..21670cdc9 100644 --- a/packaging/installer/methods/freebsd.md +++ b/packaging/installer/methods/freebsd.md @@ -2,6 +2,9 @@ title: "Install Netdata on FreeBSD" description: "Install Netdata on FreeBSD to monitor the health and performance of bare metal or VMs with thousands of real-time, per-second metrics." custom_edit_url: https://github.com/netdata/netdata/edit/master/packaging/installer/methods/freebsd.md +sidebar_label: "FreeBSD" +learn_status: "Published" +learn_rel_path: "Installation/Install on specific environments" --> # Install Netdata on FreeBSD @@ -13,20 +16,41 @@ custom_edit_url: https://github.com/netdata/netdata/edit/master/packaging/instal > PR](https://github.com/netdata/netdata/edit/master/packaging/installer/methods/freebsd.md) with your recommended > improvements or changes. Thank you! -## Install latest version +## Install dependencies -This is how to install the latest Netdata version on FreeBSD: - -Install required packages (**need root permission**): +This step needs root privileges. ```sh pkg install bash e2fsprogs-libuuid git curl autoconf automake pkgconf pidof liblz4 libuv json-c cmake gmake ``` +Please respond in the affirmative for any relevant prompts during the installation process. + +## Install Netdata + +The simplest method is to use the single line [kickstart script](https://learn.netdata.cloud/docs/agent/packaging/installer/methods/kickstart) + +If you have a Netdata cloud account then clicking on the **Connect Nodes** button will generate the kickstart command you should use. Use the command from the "Linux" tab, it should look something like this: + +```sh +wget -O /tmp/netdata-kickstart.sh https://my-netdata.io/kickstart.sh && sh /tmp/netdata-kickstart.sh --claim-token --claim-url https://app.netdata.cloud +``` +Please respond in the affirmative for any relevant prompts during the installation process. + +Once the installation is completed, you should be able to start monitoring the FreeBSD server using Netdata. + +![image](https://user-images.githubusercontent.com/24860547/202489210-3c5a3346-8f53-4b7b-9832-f9383b34d864.png) + +Netdata can also be installed via [FreeBSD ports](https://www.freshports.org/net-mgmt/netdata). + +## Manual installation + +If you would prefer to manually install Netdata, the following steps can help you do this. + Download Netdata: ```sh -fetch https://github.com/netdata/netdata/releases/download/v1.26.0/netdata-v1.26.0.tar.gz +fetch https://github.com/netdata/netdata/releases/download/v1.36.1/netdata-v1.36.1.tar.gz ``` > ⚠️ Verify the latest version by either navigating to [Netdata's latest @@ -73,35 +97,52 @@ If you have not passed the `--auto-update` or `-u` parameter for the installer t The `netdata-updater.sh` script will update your Agent. ## Optional parameters to alter your installation -| parameters | Description | -|:-----:|-----------| -|`--install-prefix `| Install netdata in `.` Ex: `--install-prefix /opt` will put netdata in `/opt/netdata`| -| `--dont-start-it` | Do not (re)start netdata after installation| -| `--dont-wait` | Run installation in non-interactive mode| -| `--auto-update` or `-u` | Install netdata-updater in cron to update netdata automatically once per day| -| `--stable-channel` | Use packages from GitHub release pages instead of GCS (nightly updates). This results in less frequent updates| -| `--nightly-channel` | Use most recent nightly updates instead of GitHub releases. This results in more frequent updates| -| `--disable-go` | Disable installation of go.d.plugin| -| `--disable-ebpf` | Disable eBPF Kernel plugin (Default: enabled)| -| `--disable-cloud` | Disable all Netdata Cloud functionality| -| `--require-cloud` | Fail the install if it can't build Netdata Cloud support| -| `--enable-plugin-freeipmi` | Enable the FreeIPMI plugin. Default: enable it when libipmimonitoring is available| -| `--disable-plugin-freeipmi` | Enable the FreeIPMI plugin| -| `--disable-https` | Explicitly disable TLS support| -| `--disable-dbengine` | Explicitly disable DB engine support| -| `--enable-plugin-nfacct` | Enable nfacct plugin. Default: enable it when libmnl and libnetfilter_acct are available| -| `--disable-plugin-nfacct` | Disable nfacct plugin. Default: enable it when libmnl and libnetfilter_acct are available| -| `--enable-plugin-xenstat` | Enable the xenstat plugin. Default: enable it when libxenstat and libyajl are available| -| `--disable-plugin-xenstat` | Disable the xenstat plugin| -| `--disable-exporting-kinesis` | Disable AWS Kinesis exporting connector. Default: enable it when libaws_cpp_sdk_kinesis and libraries (it depends on are available)| -| `--enable-exporting-prometheus-remote-write` | Enable Prometheus remote write exporting connector. Default: enable it when libprotobuf and libsnappy are available| -| `--disable-exporting-prometheus-remote-write` | Disable Prometheus remote write exporting connector. Default: enable it when libprotobuf and libsnappy are available| -| `--enable-exporting-mongodb` | Enable MongoDB exporting connector. Default: enable it when libmongoc is available| -| `--disable-exporting-mongodb` | Disable MongoDB exporting connector| -| `--enable-lto` | Enable Link-Time-Optimization. Default: enabled| -| `--disable-lto` | Disable Link-Time-Optimization. Default: enabled| -| `--disable-x86-sse` | Disable SSE instructions. By default SSE optimizations are enabled| -| `--zlib-is-really-here` or `--libs-are-really-here` | If you get errors about missing zlib or libuuid but you know it is available, you might have a broken pkg-config. Use this option to proceed without checking pkg-config| -|`--disable-telemetry` | Use this flag to opt-out from our anonymous telemetry program. (DISABLE_TELEMETRY=1)| - +The `kickstart.sh` script accepts a number of optional parameters to control how the installation process works: + +- `--non-interactive`: Don’t prompt for anything and assume yes whenever possible, overriding any automatic detection of an interactive run. +- `--interactive`: Act as if running interactively, even if automatic detection indicates a run is non-interactive. +- `--dont-wait`: Synonym for `--non-interactive` +- `--dry-run`: Show what the installer would do, but don’t actually do any of it. +- `--dont-start-it`: Don’t auto-start the daemon after installing. This parameter is not guaranteed to work. +- `--release-channel`: Specify a particular release channel to install from. Currently supported release channels are: + - `nightly`: Installs a nightly build (this is currently the default). + - `stable`: Installs a stable release. + - `default`: Explicitly request whatever the current default is. +- `--nightly-channel`: Synonym for `--release-channel nightly`. +- `--stable-channel`: Synonym for `--release-channel stable`. +- `--auto-update`: Enable automatic updates (this is the default). +- `--no-updates`: Disable automatic updates. +- `--disable-telemetry`: Disable anonymous statistics. +- `--native-only`: Only install if native binary packages are available. +- `--static-only`: Only install if a static build is available. +- `--build-only`: Only install using a local build. +- `--disable-cloud`: For local builds, don’t build any of the cloud code at all. For native packages and static builds, + use runtime configuration to disable cloud support. +- `--require-cloud`: Only install if Netdata Cloud can be enabled. Overrides `--disable-cloud`. +- `--install-prefix`: Specify an installation prefix for local builds (by default, we use a sane prefix based on the type of system). +- `--install-version`: Specify the version of Netdata to install. +- `--old-install-prefix`: Specify the custom local build's installation prefix that should be removed. +- `--local-build-options`: Specify additional options to pass to the installer code when building locally. Only valid if `--build-only` is also specified. +- `--static-install-options`: Specify additional options to pass to the static installer code. Only valid if --static-only is also specified. + +The following options are mutually exclusive and specifiy special operations other than trying to install Netdata normally or update an existing install: + +- `--reinstall`: If there is an existing install, reinstall it instead of trying to update it. If there is not an existing install, install netdata normally. +- `--reinstall-even-if-unsafe`: If there is an existing install, reinstall it instead of trying to update it, even if doing so is known to potentially break things (for example, if we cannot detect what tyep of installation it is). If there is not an existing install, install Netdata normally. +- `--reinstall-clean`: If there is an existing install, uninstall it before trying to install Netdata. Fails if there is no existing install. +- `--uninstall`: Uninstall an existing installation of Netdata. Fails if there is no existing install. +- `--claim-only`: If there is an existing install, only try to claim it without attempting to update it. If there is no existing install, install and claim Netdata normally. +- `--repositories-only`: Only install repository configuration packages instead of doing a full install of Netdata. Automatically sets --native-only. +- `--prepare-offline-install-source`: Instead of insallling the agent, prepare a directory that can be used to install on another system without needing to download anything. See our [offline installation documentation](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/offline.md) for more info. + +Additionally, the following environment variables may be used to further customize how the script runs (most users +should not need to use special values for any of these): + +- `TMPDIR`: Used to specify where to put temporary files. On most systems, the default we select automatically + should be fine. The user running the script needs to both be able to write files to the temporary directory, + and run files from that location. +- `ROOTCMD`: Used to specify a command to use to run another command with root privileges if needed. By default + we try to use sudo, doas, or pkexec (in that order of preference), but if you need special options for one of + those to work, or have a different tool to do the same thing on your system, you can specify it here. +- `DISABLE_TELEMETRY`: If set to a value other than 0, behave as if `--disable-telemetry` was specified. diff --git a/packaging/installer/methods/freenas.md b/packaging/installer/methods/freenas.md deleted file mode 100644 index a69f1e3fb..000000000 --- a/packaging/installer/methods/freenas.md +++ /dev/null @@ -1,24 +0,0 @@ - - -# Install Netdata on FreeNAS - -On FreeNAS-Corral-RELEASE (>=10.0.3 and <11.3), Netdata is pre-installed. - -To use Netdata, the service will need to be enabled and started from the FreeNAS [CLI](https://github.com/freenas/cli). - -To enable the Netdata service: - -```sh -service netdata config set enable=true -``` - -To start the Netdata service: - -```sh -service netdata start -``` - - diff --git a/packaging/installer/methods/gcp.md b/packaging/installer/methods/gcp.md new file mode 100644 index 000000000..0b16b1096 --- /dev/null +++ b/packaging/installer/methods/gcp.md @@ -0,0 +1,70 @@ + + +# Install Netdata on GCP + +Netdata is fully compatible with the Google Cloud Platform (GCP). +You can install Netdata on cloud instances to monitor the apps/services running there, or use +multiple instances in a [parent-child streaming](https://github.com/netdata/netdata/blob/master/streaming/README.md) configuration. + +## Recommended installation method + +The best installation method depends on the instance's operating system, distribution, and version. For Linux instances, +we recommend the [`kickstart.sh` automatic installation script](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/kickstart.md). + +If you have issues with Netdata after installation, look to the sections below to find the issue you're experiencing, +followed by the solution for your provider. + +## Post-installation configuration + +### Add a firewall rule to access Netdata's dashboard + +If you cannot access Netdata's dashboard on your cloud instance via `http://HOST:19999`, and instead get an error page +from your browser that says, "This site can't be reached" (Chrome) or "Unable to connect" (Firefox), you may need to +configure your cloud provider's firewall. + +Cloud providers often create network-level firewalls that run separately from the instance itself. Both AWS and Google +Cloud Platform calls them Virtual Private Cloud (VPC) networks. These firewalls can apply even if you've disabled +firewalls on the instance itself. Because you can modify these firewalls only via the cloud provider's web interface, +it's easy to overlook them when trying to configure and access Netdata's dashboard. + +You can often confirm a firewall issue by querying the dashboard while connected to the instance via SSH: `curl +http://localhost:19999/api/v1/info`. If you see JSON output, Netdata is running properly. If you try the same `curl` +command from a remote system, and it fails, it's likely that a firewall is blocking your requests. + +Another option is to put Netdata behind web server, which will proxy requests through standard HTTP/HTTPS ports +(80/443), which are likely already open on your instance. We have a number of guides available: + +- [Apache](https://github.com/netdata/netdata/blob/master/docs/Running-behind-apache.md) +- [Nginx](https://github.com/netdata/netdata/blob/master/docs/Running-behind-nginx.md) +- [Caddy](https://github.com/netdata/netdata/blob/master/docs/Running-behind-caddy.md) +- [HAProxy](https://github.com/netdata/netdata/blob/master/docs/Running-behind-haproxy.md) +- [lighttpd](https://github.com/netdata/netdata/blob/master/docs/Running-behind-lighttpd.md) + + +To add a firewall rule, go to the [Firewall rules page](https://console.cloud.google.com/networking/firewalls/list) and +click **Create firewall rule**. + +The following configuration has previously worked for Netdata running on GCP instances +([see #7786](https://github.com/netdata/netdata/issues/7786)): + +```conf +Name: +Type: Ingress +Targets: +Filters: 0.0.0.0/0 +Protocols/ports: 19999 +Action: allow +Priority: 1000 +``` + +Read GCP's [firewall documentation](https://cloud.google.com/vpc/docs/using-firewalls) for specific instructions on how +to create a new firewall rule. + diff --git a/packaging/installer/methods/kickstart.md b/packaging/installer/methods/kickstart.md index 7c1f60d19..374ac594a 100644 --- a/packaging/installer/methods/kickstart.md +++ b/packaging/installer/methods/kickstart.md @@ -2,12 +2,16 @@ title: "Install Netdata with kickstart.sh" description: "The kickstart.sh script installs Netdata from source, including all dependencies required to connect to Netdata Cloud, with a single command." custom_edit_url: "https://github.com/netdata/netdata/edit/master/packaging/installer/methods/kickstart.md" -sidebar_label: "Install Netdata with kickstart.sh" +sidebar_label: "One line installer (kickstart.sh)" learn_status: "Published" -learn_topic_type: "Tasks" -learn_rel_path: "Installation" +learn_rel_path: "Installation/Installation methods" +sidebar_position: 10 --> + import { OneLineInstallWget, OneLineInstallCurl } from '@site/src/components/OneLineInstall/' +import { Install, InstallBox } from '@site/src/components/Install/' +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; # Install Netdata with kickstart.sh @@ -18,17 +22,32 @@ This page covers detailed instructions on using and configuring the automatic on The kickstart script works on all Linux distributions and macOS environments. By default, automatic nightly updates are enabled. If you are installing on macOS, make sure to check the [install documentation for macOS](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/macos.md) before continuing. -> If you are unsure whether you want nightly or stable releases, read the [installation guide](https://github.com/netdata/netdata/blob/master/packaging/installer/README.md#nightly-vs-stable-releases). + +> :bulb: Tip +> +> If you are unsure whether you want nightly or stable releases, read the [installation guide](https://github.com/netdata/netdata/blob/master/packaging/installer/README.md#nightly-vs-stable-releases). + > If you want to turn off [automatic updates](https://github.com/netdata/netdata/blob/master/packaging/installer/README.md#automatic-updates), use the `--no-updates` option. You can find more installation options below. To install Netdata, run the following as your normal user: - + + + + + + + -Or, if you have cURL but not wget (such as on macOS): + - + + +> :bookmark_tabs: Note +> +> If you plan to also connect the node to Netdata Cloud, make sure to replace `YOUR_CLAIM_TOKEN` with the claim token of your space, +> and `YOUR_ROOM_ID` with the ID of the room you are willing to connect the node to. ## What does `kickstart.sh` do? @@ -39,7 +58,7 @@ The `kickstart.sh` script does the following after being downloaded and run usin - Attempts to install Netdata using our [official native binary packages](#native-packages). - If there are no official native binary packages for your system (or installing that way failed), tries to install using a [static build of Netdata](#static-builds) if one is available. -- If no static build is available, installs required dependencies and then attempts to install by +- If no static build is available, installs required dependencies and then attempts to install by [building Netdata locally](#local-builds) (by downloading the sources and building them directly). - Installs `netdata-updater.sh` to `cron.daily`, so your Netdata installation will be updated with new nightly versions, unless you override that with an [optional parameter](#optional-parameters-to-alter-your-installation). @@ -55,30 +74,41 @@ The `kickstart.sh` script accepts a number of optional parameters to control how - `--dry-run`: Show what the installer would do, but don’t actually do any of it. - `--dont-start-it`: Don’t auto-start the daemon after installing. This parameter is not guaranteed to work. - `--release-channel`: Specify a particular release channel to install from. Currently supported release channels are: - - `nightly`: Installs a nightly build (this is currently the default). - - `stable`: Installs a stable release. - - `default`: Explicitly request whatever the current default is. + - `nightly`: Installs a nightly build (this is currently the default). + - `stable`: Installs a stable release. + - `default`: Explicitly request whatever the current default is. - `--nightly-channel`: Synonym for `--release-channel nightly`. - `--stable-channel`: Synonym for `--release-channel stable`. - `--auto-update`: Enable automatic updates (this is the default). - `--no-updates`: Disable automatic updates. - `--disable-telemetry`: Disable anonymous statistics. -- `--repositories-only`: Only install appropriate repository configuration packages (only for native install). - `--native-only`: Only install if native binary packages are available. - `--static-only`: Only install if a static build is available. - `--build-only`: Only install using a local build. -- `--reinstall`: If an existing install is found, reinstall instead of trying to update it in place. -- `--reinstall-even-if-unsafe`: Even try to reinstall if we don't think we can do so safely (implies `--reinstall`). - `--disable-cloud`: For local builds, don’t build any of the cloud code at all. For native packages and static builds, use runtime configuration to disable cloud support. - `--require-cloud`: Only install if Netdata Cloud can be enabled. Overrides `--disable-cloud`. - `--install-prefix`: Specify an installation prefix for local builds (by default, we use a sane prefix based on the type of system). - `--install-version`: Specify the version of Netdata to install. - `--old-install-prefix`: Specify the custom local build's installation prefix that should be removed. -- `--uninstall`: Uninstall an existing installation of Netdata. -- `--reinstall-clean`: Performs an uninstall of Netdata and clean installation. - `--local-build-options`: Specify additional options to pass to the installer code when building locally. Only valid if `--build-only` is also specified. - `--static-install-options`: Specify additional options to pass to the static installer code. Only valid if --static-only is also specified. +- `--claim-token`: Specify a unique claiming token associated with your Space in Netdata Cloud to be used to connect to the node + after the install. +- `--claim-rooms`: Specify a comma-separated list of tokens for each War Room this node should appear in. +- `--claim-proxy`: Specify a proxy to use when connecting to the cloud in the form of `http://[user:pass@]host:ip` for an HTTP(S) proxy. + See [connecting through a proxy](https://github.com/netdata/netdata/blob/master/claim/README.md#connect-through-a-proxy) for details. +- `--claim-url`: Specify a URL to use when connecting to the cloud. Defaults to `https://api.netdata.cloud`. +- `--override-distro`: Override the distro detection logic and assume the system is using a specific Linux distribution and release. Takes a single argument consisting of the values of the `ID`, `VERSION_ID`, and `VERSION_CODENAME` fields from `/etc/os-release` for the desired distribution. + +The following options are mutually exclusive and specifiy special operations other than trying to install Netdata normally or update an existing install: + +- `--reinstall`: If there is an existing install, reinstall it instead of trying to update it. If there is not an existing install, install netdata normally. +- `--reinstall-even-if-unsafe`: If there is an existing install, reinstall it instead of trying to update it, even if doing so is known to potentially break things (for example, if we cannot detect what tyep of installation it is). If there is not an existing install, install Netdata normally. +- `--reinstall-clean`: If there is an existing install, uninstall it before trying to install Netdata. Fails if there is no existing install. +- `--uninstall`: Uninstall an existing installation of Netdata. Fails if there is no existing install. +- `--claim-only`: If there is an existing install, only try to claim it without attempting to update it. If there is no existing install, install and claim Netdata normally. +- `--repositories-only`: Only install repository configuration packages instead of doing a full install of Netdata. Automatically sets --native-only. - `--prepare-offline-install-source`: Instead of insallling the agent, prepare a directory that can be used to install on another system without needing to download anything. See our [offline installation documentation](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/offline.md) for more info. Additionally, the following environment variables may be used to further customize how the script runs (most users @@ -92,31 +122,6 @@ should not need to use special values for any of these): those to work, or have a different tool to do the same thing on your system, you can specify it here. - `DISABLE_TELEMETRY`: If set to a value other than 0, behave as if `--disable-telemetry` was specified. -### Connect node to Netdata Cloud during installation - -The `kickstart.sh` script accepts additional parameters to automatically [connect](https://github.com/netdata/netdata/blob/master/claim/README.md) your node to Netdata Cloud immediately after installation. - -> Note: You either need to run the command with root privileges or run it with the user that is running the agent. More details: [Connect an agent without root privileges](https://github.com/netdata/netdata/blob/master/claim/README.md#connect-an-agent-without-root-privileges) section. - -To automatically claim nodes after installation: - -1. Sign in to [Netdata Cloud](https://app.netdata.cloud/sign-in?cloudRoute=/spaces) -2. Go to the [Spaces management area](https://learn.netdata.cloud/docs/cloud/spaces#manage-spaces) -3. Click on **Connect Nodes** -4. Find the `token` and `rooms` strings and specify your nodes: - -- `--claim-token`: Specify a unique claiming token associated with your Space in Netdata Cloud to be used to connect to the node - after the install. -- `--claim-rooms`: Specify a comma-separated list of tokens for each War Room this node should appear in. -- `--claim-proxy`: Specify a proxy to use when connecting to the cloud in the form of `http://[user:pass@]host:ip` for an HTTP(S) proxy. - See [connecting through a proxy](https://github.com/netdata/netdata/blob/master/claim/README.md#connect-through-a-proxy) for details. -- `--claim-url`: Specify a URL to use when connecting to the cloud. Defaults to `https://api.netdata.cloud`. - -For example: - -```bash -wget -O /tmp/netdata-kickstart.sh https://my-netdata.io/kickstart.sh && sh /tmp/netdata-kickstart.sh --claim-token TOKEN --claim-rooms ROOM1,ROOM2 -``` ### Native packages @@ -149,7 +154,6 @@ If you want to enforce the usage of a local build (perhaps because you require a which is not supported with native packages or static builds), you can do so by adding `--build-only` to the options you pass to the installer. - ## Verify script integrity To use `md5sum` to verify the integrity of the `kickstart.sh` script you will download using the one-line command above, @@ -160,16 +164,3 @@ run the following: ``` If the script is valid, this command will return `OK, VALID`. - -## What's next? - -When you're finished with installation, check out our [single-node](https://github.com/netdata/netdata/blob/master/docs/quickstart/single-node.md) or -[infrastructure](https://github.com/netdata/netdata/blob/master/docs/quickstart/infrastructure.md) monitoring quickstart guides based on your use case. - -Or, skip straight to [configuring the Netdata Agent](https://github.com/netdata/netdata/blob/master/docs/configure/nodes.md). - -Read through Netdata's [documentation](https://learn.netdata.cloud/docs), which is structured based on actions and -solutions, to enable features like health monitoring, alarm notifications, long-term metrics storage, exporting to -external databases, and more. - - diff --git a/packaging/installer/methods/kubernetes.md b/packaging/installer/methods/kubernetes.md index 142c098b4..4dde3f407 100644 --- a/packaging/installer/methods/kubernetes.md +++ b/packaging/installer/methods/kubernetes.md @@ -1,112 +1,122 @@ - - -# Deploy Kubernetes monitoring with Netdata - -This document details how to install Netdata on an existing Kubernetes (k8s) cluster. By following these directions, you -will use Netdata's [Helm chart](https://github.com/netdata/helmchart) to create a Kubernetes monitoring deployment on -your cluster. - -The Helm chart installs one `parent` pod for storing metrics and managing alarm notifications, plus an additional +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +# Install Netdata on Kubernetes + +This document details how to install Netdata on an existing Kubernetes (k8s) cluster, and connect it to Netdata Cloud. Read our [Kubernetes visualizations](https://github.com/netdata/netdata/blob/master/docs/cloud/visualize/kubernetes.md) documentation, to see what you will get. + +The [Netdata Helm chart](https://github.com/netdata/helmchart/blob/master/charts/netdata/README.md) installs one `parent` pod for storing metrics and managing alarm notifications, plus an additional `child` pod for every node in the cluster, responsible for collecting metrics from the node, Kubernetes control planes, pods/containers, and [supported application-specific metrics](https://github.com/netdata/helmchart#service-discovery-and-supported-services). +### Prerequisites + To deploy Kubernetes monitoring with Netdata, you need: -- A working cluster running Kubernetes v1.9 or newer. -- The [kubectl](https://kubernetes.io/docs/reference/kubectl/overview/) command line tool, within [one minor version +- A working cluster running Kubernetes v1.9 or newer. +- The [kubectl](https://kubernetes.io/docs/reference/kubectl/overview/) command line tool, within [one minor version difference](https://kubernetes.io/docs/tasks/tools/install-kubectl/#before-you-begin) of your cluster, on an administrative system. -- The [Helm package manager](https://helm.sh/) v3.0.0 or newer on the same administrative system. +- The [Helm package manager](https://helm.sh/) v3.0.0 or newer on the same administrative system. +- A Netdata Cloud account with a Space to connect the cluster to. -## Install the Netdata Helm chart +## Deploy Netdata on your Kubernetes Cluster -We recommend you install the Helm chart using our Helm repository. In the `helm install` command, replace `netdata` with -the release name of your choice. +First, you need to add the Netdata helm repository, and then install Netdata. +The installation process securely connects your Kubernetes cluster to stream metrics data to Netdata Cloud, enabling Kubernetes-specific visualizations like the health map and time-series composite charts. -```bash -helm repo add netdata https://netdata.github.io/helmchart/ -helm install netdata netdata/netdata -``` + + -Run `kubectl get services` and `kubectl get pods` to confirm that your cluster now runs a `netdata` service, one -parent pod, and multiple child pods. +

Install Netdata via the helm install command

-You've now installed Netdata on your Kubernetes cluster. Next, it's time to opt-in and enable the powerful Kubernetes -dashboards available in Netdata Cloud. +#### Steps -## Connect your Kubernetes cluster to Netdata Cloud +1. Add the Netdata Helm chart repository by running: -To start [Kubernetes monitoring](https://github.com/netdata/netdata/blob/master/docs/cloud/visualize/kubernetes.md), you must first -[connect](https://github.com/netdata/netdata/blob/master/claim/README.md) your Kubernetes cluster to [Netdata Cloud](https://app.netdata.cloud). The connection process securely -connects your Kubernetes cluster to stream metrics data to Netdata Cloud, enabling Kubernetes-specific visualizations -like the health map and time-series composite charts. + ```bash + helm repo add netdata https://netdata.github.io/helmchart/ + ``` -### New installations +2. To install Netdata using the `helm install` command, run: -First, find the script to run an `helm install` command. You can get it by clicking on your Space's dropdown, then **Manage your Space**. -Click the **Nodes** tab and select the environment your node is running, in this case **kubernetes**, to reveal the script for your Space in Netdata Cloud. You need the `TOKEN` -and `ROOM` values. + ```bash + helm install netdata netdata/netdata + ``` -The script should be similar to: + > ### Note + > + > If you plan to connect the node to Netdata Cloud, you can find the command with the right parameters by clicking the "Add Nodes" button in your Space's Nodes tab. -```bash -helm install netdata netdata/netdata --set parent.claiming.enabled="true" --set parent.claiming.token="TOKEN" --set parent.claiming.rooms="ROOM" --set child.claiming.enabled=true --set child.claiming.token="TOKEN" --set child.claiming.rooms="ROOM" -``` + For more installation options, please read our [Netdata Helm chart for Kubernetes](https://github.com/netdata/helmchart/blob/master/charts/netdata/README.md) reference. -### Existing installations +#### Expected Result -On an existing installation, you will need to override the configuration values by running the `helm upgrade` command and provide a file with the values to override. You can start with creating a file called `override.yml`. +Run `kubectl get services` and `kubectl get pods` to confirm that your cluster now runs a `netdata` service, one parent pod, and multiple child pods. -```bash -touch override.yml -``` + + -Paste the following into your `override.yml` file, replacing instances of `ROOM` and `TOKEN` with those from the script from Netdata Cloud. These settings connect your `parent`/`child` nodes to Netdata Cloud and store more -metrics in the nodes' time-series databases. - -```yaml -parent: - claiming: - enabled: true - token: "TOKEN" - rooms: "ROOM" - -child: - claiming: - enabled: true - token: "TOKEN" - rooms: "ROOM" - configs: - netdata: - data: | - [global] - memory mode = ram - history = 3600 - [health] - enabled = no -``` +

Connect an existing Netdata installation to Netdata Cloud

-> ❗ These override settings, along with the Helm chart's defaults, will retain an hour's worth of metrics (`history = -> 3600`, or `3600 seconds`) on each child node. Based on your metrics retention needs, and the resources available on -> your cluster, you may want to increase the `history` setting. +On an existing installation, in order to connect it to Netdata Cloud you will need to override the configuration values by running the `helm upgrade` command and provide a file with the values to override. -Apply these new settings: +#### Steps -```bash -helm upgrade -f override.yml netdata netdata/netdata -``` +1. You can start with creating a file called `override.yml` -The cluster terminates the old pods and creates new ones with the proper persistence and connection configuration. You'll -see your nodes, containers, and pods appear in Netdata Cloud in a few seconds. + ```bash + touch override.yml + ``` + +2. Paste the following into your `override.yml` file. + + ```yaml + parent: + claiming: + enabled: true + token: YOUR_CLAIM_TOKEN + rooms: YOUR_ROOM_ID_A,YOUR_ROOM_ID_B + + child: + claiming: + enabled: true + token: YOUR_CLAIM_TOKEN + rooms: YOUR_ROOM_ID_A,YOUR_ROOM_ID_B + configs: + netdata: + data: | + [global] + memory mode = ram + history = 3600 + [health] + enabled = no + ``` + + > :bookmark_tabs: Note + > + > Make sure to replace `YOUR_CLAIM_TOKEN` with the claim token of your space, + > and `YOUR_ROOM_ID` with the ID of the room you are willing to connect to. + + These settings connect your `parent`/`child` nodes to Netdata Cloud and store more metrics in the nodes' time-series databases. + + > :bookmark_tabs: Info + > + > These override settings, along with the Helm chart's defaults, will retain an hour's worth of metrics (`history = 3600`, or `3600 seconds`) on each child node. Based on your metrics retention needs, and the resources available on your cluster, you may want to increase the `history` setting. + +3. To apply these new settings, run: + + ```bash + helm upgrade -f override.yml netdata netdata/netdata + ``` + +#### Expected Result + +The cluster terminates the old pods and creates new ones with the proper persistence and connection configuration. You'll see your nodes, containers, and pods appear in Netdata Cloud in a few seconds. + + + ![Netdata's Kubernetes monitoring visualizations](https://user-images.githubusercontent.com/1153921/107801491-5dcb0f00-6d1d-11eb-9ab1-876c39f556e2.png) @@ -119,8 +129,7 @@ in Netdata, in addition to more guides and resources. Read up on the various configuration options in the [Helm chart documentation](https://github.com/netdata/helmchart#configuration) if you need to tweak your Kubernetes monitoring. -Your first option is to create an `override.yml` file, if you haven't created one already for -[connect](#connect-your-kubernetes-cluster-to-netdata-cloud), then apply the new configuration to your cluster with `helm +Your first option is to create an `override.yml` file, if you haven't created one already upon [deploying](#deploy-netdata-on-your-kubernetes-cluster), then apply the new configuration to your cluster with `helm upgrade`. ```bash @@ -140,8 +149,7 @@ Netdata's [service discovery](https://github.com/netdata/agent-service-discovery of the Helm chart installation, finds what services are running in a cluster's containers and automatically collects service-level metrics from them. -Service discovery supports [popular applications](https://github.com/netdata/helmchart#applications) and [Prometheus -endpoints](https://github.com/netdata/helmchart#prometheus-endpoints). +Service discovery supports [popular applications](https://github.com/netdata/helmchart#applications) and [Prometheus endpoints](https://github.com/netdata/helmchart#prometheus-endpoints). If your cluster runs services on non-default ports or uses non-default names, you may need to configure service discovery to start collecting metrics from your services. You have to edit the default ConfigMap that is shipped with @@ -153,8 +161,7 @@ First, copy the default file to your administrative system. curl https://raw.githubusercontent.com/netdata/helmchart/master/charts/netdata/sdconfig/child.yml -o child.yml ``` -Edit the new `child.yml` file according to your needs. See the [Helm chart -configuration](https://github.com/netdata/helmchart#configuration) and the file itself for details. +Edit the new `child.yml` file according to your needs. See the [Helm chart configuration](https://github.com/netdata/helmchart#configuration) and the file itself for details. You can then run `helm upgrade` with the `--set-file` argument to use your configured `child.yml` file instead of the default, changing the path if you copied it elsewhere. @@ -184,18 +191,10 @@ helm upgrade netdata netdata/netdata ## What's next? -[Start Kubernetes monitoring](https://github.com/netdata/netdata/blob/master/docs/cloud/visualize/kubernetes.md) in Netdata Cloud, which -comes with meaningful visualizations out of the box. - -Read our guide, [_Kubernetes monitoring with Netdata: Overview and -visualizations_](https://github.com/netdata/netdata/blob/master/docs/guides/monitor/kubernetes-k8s-netdata.md), for a complete walkthrough of Netdata's Kubernetes -monitoring capabilities, including a health map of every container in your infrastructure, aggregated resource -utilization metrics, and application metrics. +[Start Kubernetes monitoring](https://github.com/netdata/netdata/blob/master/docs/cloud/visualize/kubernetes.md) in Netdata Cloud, which comes with meaningful visualizations out of the box. ### Related reference documentation - [Netdata Cloud · Kubernetes monitoring](https://github.com/netdata/netdata/blob/master/docs/cloud/visualize/kubernetes.md) - [Netdata Helm chart](https://github.com/netdata/helmchart) - [Netdata service discovery](https://github.com/netdata/agent-service-discovery/) - - diff --git a/packaging/installer/methods/macos.md b/packaging/installer/methods/macos.md index f80f4c137..11884f7d7 100644 --- a/packaging/installer/methods/macos.md +++ b/packaging/installer/methods/macos.md @@ -1,10 +1,9 @@ # Install Netdata on macOS @@ -35,13 +34,11 @@ curl https://my-netdata.io/kickstart.sh > /tmp/netdata-kickstart.sh && sh /tmp/n The Netdata Agent is installed under `/usr/local/netdata`. Dependencies are handled via Homebrew. **Automatically connect to Netdata Cloud during installation** - - The `kickstart.sh` script accepts additional parameters to automatically [connect](https://github.com/netdata/netdata/blob/master/claim/README.md) your node to Netdata Cloud immediately after installation. Find the `token` and `rooms` strings by [signing in to Netdata Cloud](https://app.netdata.cloud/sign-in?cloudRoute=/spaces), then clicking on **Connect Nodes** in the [Spaces management -area](https://github.com/netdata/netdata/blob/master/docs/cloud/cloud.mdx#manage-spaces). +area](https://github.com/netdata/netdata/blob/master/docs/cloud/spaces.md). - `--claim-token`: Specify a unique claiming token associated with your Space in Netdata Cloud to be used to connect to the node after the install. @@ -81,7 +78,7 @@ We don't recommend installing Netdata from source on macOS, as it can be difficu ``` 2. Click **Install** on the Software Update popup window that appears. -3. Use the same terminal session to install some of Netdata's prerequisites using Homebrew. If you don't want to use [Netdata Cloud](https://github.com/netdata/netdata/blob/master/docs/cloud/cloud.mdx), you can omit `cmake`. +3. Use the same terminal session to install some of Netdata's prerequisites using Homebrew. If you don't want to use [Netdata Cloud](https://github.com/netdata/netdata/blob/master/docs/quickstart/infrastructure.md), you can omit `cmake`. ```bash brew install ossp-uuid autoconf automake pkg-config libuv lz4 json-c openssl libtool cmake @@ -103,13 +100,3 @@ We don't recommend installing Netdata from source on macOS, as it can be difficu > Your Netdata configuration directory will be at `/usr/local/netdata/`. > Your stock configuration directory will be at `/usr/local/lib/netdata/conf.d/`. > The installer will also install a startup plist to start Netdata when your macOS system boots. - -## What's next? - -When you're finished with installation, check out our [single-node](https://github.com/netdata/netdata/blob/master/docs/quickstart/single-node.md) or -[infrastructure](https://github.com/netdata/netdata/blob/master/docs/quickstart/infrastructure.md) monitoring quickstart guides based on your use case. - -Or, skip straight to [configuring the Netdata Agent](https://github.com/netdata/netdata/blob/master/docs/configure/nodes.md). - - - diff --git a/packaging/installer/methods/manual.md b/packaging/installer/methods/manual.md index 46bc9a33f..9910f7f9a 100644 --- a/packaging/installer/methods/manual.md +++ b/packaging/installer/methods/manual.md @@ -2,10 +2,10 @@ title: "Install Netdata on Linux from a Git checkout" description: "Use the Netdata Agent source code from GitHub, plus helper scripts to set up your system, to install Netdata without packages or binaries." custom_edit_url: "https://github.com/netdata/netdata/edit/master/packaging/installer/methods/manual.md" -sidebar_label: "Install Netdata on Linux from a Git checkout" +sidebar_label: "From a Git checkout" learn_status: "Published" -learn_topic_type: "Tasks" -learn_rel_path: "Installation" +learn_rel_path: "Installation/Installation methods" +sidebar_position: 30 --> # Install Netdata on Linux from a Git checkout @@ -226,16 +226,3 @@ Our current build process unfortunately has some issues when using certain confi If the installation fails with errors like `/bin/ld: externaldeps/libwebsockets/libwebsockets.a(context.c.o): relocation R_X86_64_32 against '.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIC`, and you are trying to build with `clang` on Linux, you will need to build Netdata using GCC to get a fully functional install. In most cases, you can do this by running `CC=gcc ./netdata-installer.sh`. - -## What's next? - -When you're finished with installation, check out our [single-node](https://github.com/netdata/netdata/blob/master/docs/quickstart/single-node.md) or -[infrastructure](https://github.com/netdata/netdata/blob/master/docs/quickstart/infrastructure.md) monitoring quickstart guides based on your use case. - -Or, skip straight to [configuring the Netdata Agent](https://github.com/netdata/netdata/blob/master/docs/configure/nodes.md). - -Read through Netdata's [documentation](https://learn.netdata.cloud/docs), which is structured based on actions and -solutions, to enable features like health monitoring, alarm notifications, long-term metrics storage, exporting to -external databases, and more. - - diff --git a/packaging/installer/methods/methods.md b/packaging/installer/methods/methods.md new file mode 100644 index 000000000..f9ca2253e --- /dev/null +++ b/packaging/installer/methods/methods.md @@ -0,0 +1,26 @@ + + +# Installation methods + +Netdata can be installed: + +- [As a DEB/RPM package](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/packages.md) +- [As a static binary](https://github.com/netdata/netdata/blob/master/packaging/makeself/README.md) +- [From a git checkout](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/manual.md) +- [As a docker container](https://github.com/netdata/netdata/blob/master/packaging/docker/README.md) + +The [one line installer kickstart.sh](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/kickstart.md) +picks the most appropriate method out of the first three for any system +and is the recommended installation method, if you don't use containers. + +`kickstart.sh` can also be used for +[offline installation](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/offline.md), +suitable for air-gapped systems. diff --git a/packaging/installer/methods/offline.md b/packaging/installer/methods/offline.md index e49f1d2e5..f2b6cc415 100644 --- a/packaging/installer/methods/offline.md +++ b/packaging/installer/methods/offline.md @@ -2,15 +2,15 @@ title: "Install Netdata on offline systems" description: "Install the Netdata Agent on offline/air gapped systems to benefit from real-time, per-second monitoring without connecting to the internet." custom_edit_url: "https://github.com/netdata/netdata/edit/master/packaging/installer/methods/offline.md" -sidebar_label: "Install Netdata on offline systems" +sidebar_label: "Offline systems" learn_status: "Published" -learn_topic_type: "Tasks" -learn_rel_path: "Installation" +learn_rel_path: "Installation/Installation methods" +sidebar_position: 50 --> # Install Netdata on offline systems -Our kickstart install script provides support for installing the Netdata Agent on systems which do not have a +Our kickstart install script provides support for installing the Netdata Agent on air-gapped systems which do not have a usable internet connection by prefetching all of the required files so that they can be copied to the target system. Currently, we only support using static installs with this method. There are tentative plans to support building locally on offline systems as well, but there is currently no estimate of when this functionality may be implemented. @@ -57,14 +57,3 @@ offline install source directory. It accepts all the [same options as the kickst script](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/kickstart.md#optional-parameters-to-alter-your-installation) for further customization of the installation, though it will default to not enabling automatic updates (as they are not supported on offline installs). - -## What's next? - -When you're finished with installation, check out our [single-node](https://github.com/netdata/netdata/blob/master/docs/quickstart/single-node.md) or -[infrastructure](https://github.com/netdata/netdata/blob/master/docs/quickstart/infrastructure.md) monitoring quickstart guides based on your use case. - -Or, skip straight to [configuring the Netdata Agent](https://github.com/netdata/netdata/blob/master/docs/configure/nodes.md). - -Read through Netdata's [documentation](https://learn.netdata.cloud/docs), which is structured based on actions and -solutions, to enable features like health monitoring, alarm notifications, long-term metrics storage, exporting to -external databases, and more. diff --git a/packaging/installer/methods/packages.md b/packaging/installer/methods/packages.md index 135512808..1b6870467 100644 --- a/packaging/installer/methods/packages.md +++ b/packaging/installer/methods/packages.md @@ -2,13 +2,13 @@ title: "Install Netdata using native DEB/RPM packages." description: "Instructions for how to install Netdata using native DEB or RPM packages." custom_edit_url: "https://github.com/netdata/netdata/edit/master/packaging/installer/methods/packages.md" -sidebar_label: "Install Netdata using native DEB/RPM packages." +sidebar_label: "Native DEB/RPM packages" learn_status: "Published" -learn_topic_type: "Tasks" -learn_rel_path: "Installation" +learn_rel_path: "Installation/Installation methods" +sidebar_position: 20 --> -# Installing Netdata using native DEB or RPM packages. +# Install Netdata using native DEB/RPM packages. For most common Linux distributions that use either DEB or RPM packages, Netdata provides pre-built native packages for current releases in-line with @@ -41,7 +41,7 @@ Under each of those directories is a directory for each supported release of tha directory for each supported CPU architecture which contains the actual repository. For example, for stable release packages for RHEL 9 on 64-bit x86, the full URL for the repository would be -https://repo.netdata.cloud/repos/stable/el/9/x86\_64/ +https://repo.netdata.cloud/repos/stable/el/9/x86_64/ Our RPM packages and repository metadata are signed using a GPG key with a user name of ‘Netdatabot’. The current key fingerprint is `6588FDD7B14721FE7C3115E6F9177B5265F56346`. The associated public key can be fetched from diff --git a/packaging/installer/methods/pfsense.md b/packaging/installer/methods/pfsense.md index e0556629c..1a03afb57 100644 --- a/packaging/installer/methods/pfsense.md +++ b/packaging/installer/methods/pfsense.md @@ -2,6 +2,9 @@ title: "Install Netdata on pfSense" description: "Install Netdata on pfSense to monitor the health and performance of firewalls with thousands of real-time, per-second metrics." custom_edit_url: https://github.com/netdata/netdata/edit/master/packaging/installer/methods/pfsense.md +sidebar_label: "pfSense" +learn_status: "Published" +learn_rel_path: "Installation/Install on specific environments" --> # Install Netdata on pfSense diff --git a/packaging/installer/methods/source.md b/packaging/installer/methods/source.md index ecf35382a..7b6b88d4b 100644 --- a/packaging/installer/methods/source.md +++ b/packaging/installer/methods/source.md @@ -4,8 +4,8 @@ description: "Package maintainers and power users may be interested in manually custom_edit_url: "https://github.com/netdata/netdata/edit/master/packaging/installer/methods/source.md" sidebar_label: "Manually build Netdata from source" learn_status: "Published" -learn_topic_type: "Tasks" -learn_rel_path: "Installation" +learn_rel_path: "Installation/Package maintainers" +sidebar_position: 100 --> # Manually build Netdata from source @@ -233,7 +233,7 @@ using glibc or musl. To use one of these: Alternatively, you may wish to build the eBPF code locally yourself. For instructions, please consult [the README file for our kernel-collector -repository](https://github.com/netdata/kernel-collector/blob/master/README.md), +repository](https://github.com/netdata/kernel-collector/#readme), which outlines both the required dependencies, as well as multiple options for building the code. diff --git a/packaging/installer/methods/synology.md b/packaging/installer/methods/synology.md index e3602df5e..3910859b4 100644 --- a/packaging/installer/methods/synology.md +++ b/packaging/installer/methods/synology.md @@ -2,6 +2,9 @@ title: "Install Netdata on Synology" description: "The Netdata Agent can be installed on AMD64-compatible NAS systems using the 64-bit pre-compiled static binary." custom_edit_url: https://github.com/netdata/netdata/edit/master/packaging/installer/methods/synology.md +sidebar_label: "Synology" +learn_status: "Published" +learn_rel_path: "Installation/Install on specific environments" --> # Install Netdata on Synology @@ -14,7 +17,9 @@ custom_edit_url: https://github.com/netdata/netdata/edit/master/packaging/instal > with your recommended improvements or changes. Thank you! -The good news is that our [one-line installation script](kickstart.md) works fine if your NAS is one that uses the amd64 architecture. It +The good news is that our +[one-line installation script](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/kickstart.md) +works fine if your NAS is one that uses the amd64 architecture. It will install the content into `/opt/netdata`, making future removal safe and simple. ## Run as netdata user @@ -25,8 +30,8 @@ installations run it as the `netdata` user, you might wish to do the same. This 1. Create a group `netdata` via the Synology group interface. Give it no access to anything. 2. Create a user `netdata` via the Synology user interface. Give it no access to anything and a random password. Assign the user to the `netdata` group. Netdata will chuid to this user when running. -3. Change ownership of the following directories, as defined in [Netdata - Security](https://github.com/netdata/netdata/blob/master/docs/netdata-security.md#security-design): +3. Change ownership of the following directories, as defined in + [Netdata Security](https://github.com/netdata/netdata/blob/master/docs/netdata-security.md#security-design): ```sh chown -R root:netdata /opt/netdata/usr/share/netdata diff --git a/packaging/installer/methods/systems.md b/packaging/installer/methods/systems.md new file mode 100644 index 000000000..e53c4f4a0 --- /dev/null +++ b/packaging/installer/methods/systems.md @@ -0,0 +1,18 @@ + + +# Install on specific environments + +This category contains specific instructions for some popular environments. +If you have a standard environment that is not yet listed here, just use the +[one line installer kickstart.sh](https://github.com/netdata/netdata/blob/master/packaging/installer/methods/kickstart.md) + +If your environment is somewhat old or unusual, check our +[platform support policy](https://github.com/netdata/netdata/blob/master/packaging/PLATFORM_SUPPORT.md). + diff --git a/packaging/installer/netdata-uninstaller.sh b/packaging/installer/netdata-uninstaller.sh index 2f2e89ffd..419002e6a 100755 --- a/packaging/installer/netdata-uninstaller.sh +++ b/packaging/installer/netdata-uninstaller.sh @@ -239,15 +239,18 @@ if [ -x "$(command -v apt-get)" ] && [ "${INSTALL_TYPE}" = "binpkg-deb" ]; then if dpkg -s netdata > /dev/null; then echo "Found netdata native installation" if user_input "Do you want to remove netdata? "; then + # shellcheck disable=SC2086 apt-get remove netdata ${FLAG} fi if dpkg -s netdata-repo-edge > /dev/null; then if user_input "Do you want to remove netdata-repo-edge? "; then + # shellcheck disable=SC2086 apt-get remove netdata-repo-edge ${FLAG} fi fi if dpkg -s netdata-repo > /dev/null; then if user_input "Do you want to remove netdata-repo? "; then + # shellcheck disable=SC2086 apt-get remove netdata-repo ${FLAG} fi fi @@ -257,15 +260,18 @@ elif [ -x "$(command -v dnf)" ] && [ "${INSTALL_TYPE}" = "binpkg-rpm" ]; then if rpm -q netdata > /dev/null; then echo "Found netdata native installation." if user_input "Do you want to remove netdata? "; then + # shellcheck disable=SC2086 dnf remove netdata ${FLAG} fi if rpm -q netdata-repo-edge > /dev/null; then if user_input "Do you want to remove netdata-repo-edge? "; then + # shellcheck disable=SC2086 dnf remove netdata-repo-edge ${FLAG} fi fi if rpm -q netdata-repo > /dev/null; then if user_input "Do you want to remove netdata-repo? "; then + # shellcheck disable=SC2086 dnf remove netdata-repo ${FLAG} fi fi @@ -275,15 +281,18 @@ elif [ -x "$(command -v yum)" ] && [ "${INSTALL_TYPE}" = "binpkg-rpm" ]; then if rpm -q netdata > /dev/null; then echo "Found netdata native installation." if user_input "Do you want to remove netdata? "; then + # shellcheck disable=SC2086 yum remove netdata ${FLAG} fi if rpm -q netdata-repo-edge > /dev/null; then if user_input "Do you want to remove netdata-repo-edge? "; then + # shellcheck disable=SC2086 yum remove netdata-repo-edge ${FLAG} fi fi if rpm -q netdata-repo > /dev/null; then if user_input "Do you want to remove netdata-repo? "; then + # shellcheck disable=SC2086 yum remove netdata-repo ${FLAG} fi fi @@ -296,15 +305,18 @@ elif [ -x "$(command -v zypper)" ] && [ "${INSTALL_TYPE}" = "binpkg-rpm" ]; then if zypper search -i netdata > /dev/null; then echo "Found netdata native installation." if user_input "Do you want to remove netdata? "; then + # shellcheck disable=SC2086 zypper ${FLAG} remove netdata fi if zypper search -i netdata-repo-edge > /dev/null; then if user_input "Do you want to remove netdata-repo-edge? "; then + # shellcheck disable=SC2086 zypper ${FLAG} remove netdata-repo-edge fi fi if zypper search -i netdata-repo > /dev/null; then if user_input "Do you want to remove netdata-repo? "; then + # shellcheck disable=SC2086 zypper ${FLAG} remove netdata-repo fi fi diff --git a/packaging/installer/netdata-updater.sh b/packaging/installer/netdata-updater.sh index 130507c17..f8edb6d71 100755 --- a/packaging/installer/netdata-updater.sh +++ b/packaging/installer/netdata-updater.sh @@ -21,7 +21,7 @@ # - TMPDIR (set to a usable temporary directory) # - NETDATA_NIGHTLIES_BASEURL (set the base url for downloading the dist tarball) # -# Copyright: 2018-2020 Netdata Inc. +# Copyright: 2018-2023 Netdata Inc. # SPDX-License-Identifier: GPL-3.0-or-later # # Author: Paweł Krupa @@ -225,9 +225,8 @@ enable_netdata_updater() { ;; "crontab") if [ -d "/etc/cron.d" ]; then - cat > "/etc/cron.d/netdata-updater" <<-EOF - 2 57 * * * root ${NETDATA_PREFIX}/netdata-updater.sh - EOF + [ -f "/etc/cron.d/netdata-updater" ] && rm -f "/etc/cron.d/netdata-updater" + install -p -m 0644 -o 0 -g 0 "${NETDATA_PREFIX}/usr/lib/system/cron/netdata-updater-daily" "/etc/cron.d/netdata-updater-daily" info "Auto-updating has been ENABLED through cron, using a crontab at /etc/cron.d/netdata-updater\n" info "If the update process fails and you have email notifications set up correctly for cron on this system, you should receive an email notification of the failure." @@ -262,6 +261,7 @@ disable_netdata_updater() { if [ -d /etc/cron.d ]; then rm -f /etc/cron.d/netdata-updater + rm -f /etc/cron.d/netdata-updater-daily fi info "Auto-updates have been DISABLED." @@ -341,11 +341,20 @@ create_tmp_directory() { fi } +check_for_curl() { + if [ -z "${curl}" ]; then + curl="$(PATH="${PATH}:/opt/netdata/bin" command -v curl 2>/dev/null && true)" + fi +} + _safe_download() { url="${1}" dest="${2}" - if command -v curl > /dev/null 2>&1; then - curl -sSL --connect-timeout 10 --retry 3 "${url}" > "${dest}" + + check_for_curl + + if [ -n "${curl}" ]; then + "${curl}" -sSL --connect-timeout 10 --retry 3 "${url}" > "${dest}" return $? elif command -v wget > /dev/null 2>&1; then wget -T 15 -O - "${url}" > "${dest}" @@ -375,8 +384,10 @@ get_netdata_latest_tag() { url="${1}/latest" dest="${2}" - if command -v curl >/dev/null 2>&1; then - tag=$(curl "${url}" -s -L -I -o /dev/null -w '%{url_effective}' | grep -m 1 -o '[^/]*$') + check_for_curl + + if [ -n "${curl}" ]; then + tag=$("${curl}" "${url}" -s -L -I -o /dev/null -w '%{url_effective}' | grep -m 1 -o '[^/]*$') elif command -v wget >/dev/null 2>&1; then tag=$(wget -S -O /dev/null "${url}" 2>&1 | grep -m 1 Location | grep -o '[^/]*$') else @@ -704,7 +715,7 @@ update_binpkg() { DISTRO="${ID}" - supported_compat_names="debian ubuntu centos fedora opensuse" + supported_compat_names="debian ubuntu centos fedora opensuse ol amzn" if str_in_list "${DISTRO}" "${supported_compat_names}"; then DISTRO_COMPAT_NAME="${DISTRO}" @@ -731,16 +742,7 @@ update_binpkg() { fi case "${DISTRO_COMPAT_NAME}" in - debian) - pm_cmd="apt-get" - repo_subcmd="update" - upgrade_cmd="--only-upgrade install" - pkg_install_opts="${interactive_opts}" - repo_update_opts="${interactive_opts}" - pkg_installed_check="dpkg -s" - INSTALL_TYPE="binpkg-deb" - ;; - ubuntu) + debian|ubuntu) pm_cmd="apt-get" repo_subcmd="update" upgrade_cmd="--only-upgrade install" @@ -749,20 +751,7 @@ update_binpkg() { pkg_installed_check="dpkg -s" INSTALL_TYPE="binpkg-deb" ;; - centos) - if command -v dnf > /dev/null; then - pm_cmd="dnf" - repo_subcmd="makecache" - else - pm_cmd="yum" - fi - upgrade_cmd="upgrade" - pkg_install_opts="${interactive_opts}" - repo_update_opts="${interactive_opts}" - pkg_installed_check="rpm -q" - INSTALL_TYPE="binpkg-rpm" - ;; - fedora) + centos|fedora|ol|amzn) if command -v dnf > /dev/null; then pm_cmd="dnf" repo_subcmd="makecache" @@ -815,11 +804,10 @@ update_binpkg() { # Simple function to encapsulate original updater behavior. update_legacy() { set_tarball_urls "${RELEASE_CHANNEL}" "${IS_NETDATA_STATIC_BINARY}" - if [ "${IS_NETDATA_STATIC_BINARY}" = "yes" ]; then - update_static && exit 0 - else - update_build && exit 0 - fi + case "${IS_NETDATA_STATIC_BINARY}" in + yes) update_static && exit 0 ;; + *) update_build && exit 0 ;; + esac } logfile= @@ -827,8 +815,8 @@ ndtmpdir= trap cleanup EXIT -if [ -t 2 ]; then - # we are running on a terminal +if [ -t 2 ] || [ "${GITHUB_ACTIONS}" ]; then + # we are running on a terminal or under CI # open fd 3 and send it to stderr exec 3>&2 else @@ -890,9 +878,7 @@ while [ -n "${1}" ]; do disable_netdata_updater exit $? ;; - *) - fatal "Unrecognized option ${1}" U001A - ;; + *) fatal "Unrecognized option ${1}" U001A ;; esac shift 1 @@ -934,9 +920,7 @@ case "${INSTALL_TYPE}" in set_tarball_urls "${RELEASE_CHANNEL}" "${IS_NETDATA_STATIC_BINARY}" update_static && exit 0 ;; - *binpkg*) - update_binpkg && exit 0 - ;; + *binpkg*) update_binpkg && exit 0 ;; "") # Fallback case for no `.install-type` file. This just works like the old install type detection. validate_environment_file update_legacy @@ -950,10 +934,6 @@ case "${INSTALL_TYPE}" in fatal "This script does not support updating custom installations without valid environment files." U0012 fi ;; - oci) - fatal "This script does not support updating Netdata inside our official Docker containers, please instead update the container itself." U0013 - ;; - *) - fatal "Unrecognized installation type (${INSTALL_TYPE}), unable to update." U0014 - ;; + oci) fatal "This script does not support updating Netdata inside our official Docker containers, please instead update the container itself." U0013 ;; + *) fatal "Unrecognized installation type (${INSTALL_TYPE}), unable to update." U0014 ;; esac diff --git a/packaging/maintainers/README.md b/packaging/maintainers/README.md index 249436d6b..3d759ecf0 100644 --- a/packaging/maintainers/README.md +++ b/packaging/maintainers/README.md @@ -1,10 +1,4 @@ - - -# Package Maintainers +# Package maintainers This page tracks the package maintainers for Netdata, for various operating systems and versions. diff --git a/packaging/makeself/README.md b/packaging/makeself/README.md index 055b6c18b..9219aefc5 100644 --- a/packaging/makeself/README.md +++ b/packaging/makeself/README.md @@ -2,10 +2,25 @@ title: "Netdata static binary build" description: "Users can build the static 64-bit binary package that we ship with every release of the open-source Netdata Agent for debugging or specialize purposes." custom_edit_url: https://github.com/netdata/netdata/edit/master/packaging/makeself/README.md +sidebar_label: "Static binary packages" +learn_status: "Published" +learn_rel_path: "Installation/Installation methods" +sidebar_position: 30 --> # Netdata static binary build +We publish pre-built static builds of Netdata for Linux systems. Currently, these are published for 64-bit x86, ARMv7, +AArch64, and POWER8+ hardware. These static builds are able to operate in a mostly self-contained manner and only +require a POSIX compliant shell and a supported init system. These static builds install under `/opt/netdata`. If +you are on a platform which we provide static builds for but do not provide native packages for, a static build +will be used by default for installation. + +If you want to enforce the usage of a static build and have the installer return a failure if one is not available, +you can do so by adding `--static-only` to the options you pass to the installer. + +## Building a static binary package + To build the static binary 64-bit distribution package, run: ```bash @@ -22,9 +37,7 @@ The program will: Once finished, a file named `netdata-vX.X.X-gGITHASH-x86_64-DATE-TIME.run` will be created in the current directory. This is the Netdata binary package that can be run to install Netdata on any other computer. ---- - -## building binaries with debug info +## Building binaries with debug info To build Netdata binaries with debugging / tracing information in them, use: @@ -35,7 +48,7 @@ cd /path/to/netdata.git These binaries are not optimized (they are a bit slower), they have certain features disables (like log flood protection), other features enables (like `debug flags`) and are not stripped (the binary files are bigger, since they now include source code tracing information). -### debugging Netdata binaries +## Debugging Netdata binaries Once you have installed a binary package with debugging info, you will need to install `valgrind` and run this command to start Netdata: @@ -50,5 +63,4 @@ If Netdata crashes, `valgrind` will print a stack trace of the issue. Open a git To stop Netdata while it runs under `valgrind`, press Control-C on the console. > If you omit the parameter `--undef-value-errors=no` to valgrind, you will get hundreds of errors about conditional jumps that depend on uninitialized values. This is normal. Valgrind has heuristics to prevent it from printing such errors for system libraries, but for the static Netdata binary, all the required libraries are built into Netdata. So, valgrind cannot apply its heuristics and prints them. - - +> diff --git a/packaging/makeself/functions.sh b/packaging/makeself/functions.sh index 31c28d85c..c3289c7cd 100755 --- a/packaging/makeself/functions.sh +++ b/packaging/makeself/functions.sh @@ -30,7 +30,8 @@ set -euo pipefail fetch() { local dir="${1}" url="${2}" sha256="${3}" key="${4}" - local tar="${dir}.tar.gz" + local tar + tar="$(basename "${2}")" local cache="${NETDATA_SOURCE_PATH}/artifacts/cache/${BUILDARCH}/${key}" if [ -d "${NETDATA_MAKESELF_PATH}/tmp/${dir}" ]; then @@ -58,10 +59,10 @@ fetch() { echo >&2 "expected: ${sha256}, got $(sha256sum "${NETDATA_MAKESELF_PATH}/tmp/${tar}")" exit 1 fi - set -e + set -e cd "${NETDATA_MAKESELF_PATH}/tmp" - run tar -zxpf "${tar}" + run tar -axpf "${tar}" cd - CACHE_HIT=0 diff --git a/packaging/makeself/install-or-update.sh b/packaging/makeself/install-or-update.sh index 52a23fc70..03f7c2c7c 100755 --- a/packaging/makeself/install-or-update.sh +++ b/packaging/makeself/install-or-update.sh @@ -179,7 +179,7 @@ dir_should_be_link() { fi run ln -s "${t}" "${d}" - cd "${old}" + cd "${old}" || true } dir_should_be_link . bin sbin @@ -208,9 +208,28 @@ run chown -R ${NETDATA_USER}:${NETDATA_GROUP} /opt/netdata # ----------------------------------------------------------------------------- -progress "changing plugins ownership and setting setuid" +progress "changing plugins ownership and permissions" -for x in apps.plugin freeipmi.plugin ioping cgroup-network ebpf.plugin perf.plugin slabinfo.plugin nfacct.plugin xenstat.plugin; do +if command -v setcap >/dev/null 2>&1; then + run setcap "cap_dac_read_search,cap_sys_ptrace=ep" "usr/libexec/netdata/plugins.d/apps.plugin" + run setcap "cap_dac_read_search=ep" "usr/libexec/netdata/plugins.d/slabinfo.plugin" + + if command -v capsh >/dev/null 2>&1 && capsh --supports=cap_perfmon 2>/dev/null ; then + run setcap "cap_perfmon=ep" "usr/libexec/netdata/plugins.d/perf.plugin" + else + run setcap "cap_sys_admin=ep" "usr/libexec/netdata/plugins.d/perf.plugin" + fi + + run setcap "cap_net_admin,cap_net_raw=eip" "usr/libexec/netdata/plugins.d/go.d.plugin" +else + for x in apps.plugin perf.plugin slabinfo.plugin; do + f="usr/libexec/netdata/plugins.d/${x}" + run chown root:${NETDATA_GROUP} "${f}" + run chmod 4750 "${f}" + done +fi + +for x in freeipmi.plugin ioping cgroup-network ebpf.plugin nfacct.plugin xenstat.plugin; do f="usr/libexec/netdata/plugins.d/${x}" if [ -f "${f}" ]; then @@ -219,10 +238,6 @@ for x in apps.plugin freeipmi.plugin ioping cgroup-network ebpf.plugin perf.plug fi done -if [ -f "usr/libexec/netdata/plugins.d/go.d.plugin" ] && command -v setcap 1>/dev/null 2>&1; then - run setcap "cap_net_admin+epi cap_net_raw=eip" "usr/libexec/netdata/plugins.d/go.d.plugin" -fi - # ----------------------------------------------------------------------------- echo "Configure TLS certificate paths" diff --git a/packaging/makeself/jobs/50-libnetfilter_acct-1.0.3.install.sh b/packaging/makeself/jobs/50-libnetfilter_acct-1.0.3.install.sh new file mode 100755 index 000000000..2b7a761c5 --- /dev/null +++ b/packaging/makeself/jobs/50-libnetfilter_acct-1.0.3.install.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# SPDX-License-Identifier: GPL-3.0-or-later +# +# Install the libnetfilter_acct and it's dependency libmnl +# + +# shellcheck source=packaging/makeself/functions.sh +. "$(dirname "${0}")/../functions.sh" "${@}" || exit 1 + +version="1.0.3" + +# shellcheck disable=SC2015 +[ "${GITHUB_ACTIONS}" = "true" ] && echo "::group::building libnetfilter_acct" || true + +export CFLAGS="-static -I/usr/include/libmnl -pipe" +export LDFLAGS="-static -L/usr/lib -lmnl" +export PKG_CONFIG="pkg-config --static" +export PKG_CONFIG_PATH="/usr/lib/pkgconfig" + +fetch "libnetfilter_acct-${version}" "https://www.netfilter.org/projects/libnetfilter_acct/files/libnetfilter_acct-${version}.tar.bz2" \ + 4250ceef3efe2034f4ac05906c3ee427db31b9b0a2df41b2744f4bf79a959a1a libnetfilter_acct + + +if [ "${CACHE_HIT:-0}" -eq 0 ]; then + run ./configure \ + --prefix="/libnetfilter-acct-static" \ + --exec-prefix="/libnetfilter-acct-static" + + run make clean + run make -j "$(nproc)" +fi + +run make install + +store_cache libnetfilter_acct "${NETDATA_MAKESELF_PATH}/tmp/libnetfilter_acct-${version}" + + +# shellcheck disable=SC2015 +[ "${GITHUB_ACTIONS}" = "true" ] && echo "::endgroup::" || true diff --git a/packaging/makeself/jobs/70-netdata-git.install.sh b/packaging/makeself/jobs/70-netdata-git.install.sh index 2c4fb3007..2448a0c2b 100755 --- a/packaging/makeself/jobs/70-netdata-git.install.sh +++ b/packaging/makeself/jobs/70-netdata-git.install.sh @@ -7,12 +7,12 @@ cd "${NETDATA_SOURCE_PATH}" || exit 1 if [ "${NETDATA_BUILD_WITH_DEBUG}" -eq 0 ]; then - export CFLAGS="-static -O2 -I/openssl-static/include -pipe" + export CFLAGS="-static -O2 -I/openssl-static/include -I/libnetfilter-acct-static/include/libnetfilter_acct -I/usr/include/libmnl -pipe" else - export CFLAGS="-static -O1 -pipe -ggdb -Wall -Wextra -Wformat-signedness -fstack-protector-all -D_FORTIFY_SOURCE=2 -DNETDATA_INTERNAL_CHECKS=1 -I/openssl-static/include" + export CFLAGS="-static -O1 -pipe -ggdb -Wall -Wextra -Wformat-signedness -fstack-protector-all -D_FORTIFY_SOURCE=2 -DNETDATA_INTERNAL_CHECKS=1 -I/openssl-static/include -I/libnetfilter-acct-static/include/libnetfilter_acct -I/usr/include/libmnl" fi -export LDFLAGS="-static -L/openssl-static/lib" +export LDFLAGS="-static -L/openssl-static/lib -L/libnetfilter-acct-static/lib -lnetfilter_acct -L/usr/lib -lmnl" # We export this to 'yes', installer sets this to .environment. # The updater consumes this one, so that it can tell whether it should update a static install or a non-static one @@ -20,7 +20,8 @@ export IS_NETDATA_STATIC_BINARY="yes" # Set eBPF LIBC to "static" to bundle the `-static` variant of the kernel-collector export EBPF_LIBC="static" -export PKG_CONFIG_PATH="/openssl-static/lib/pkgconfig" +export PKG_CONFIG="pkg-config --static" +export PKG_CONFIG_PATH="/openssl-static/lib/pkgconfig:/libnetfilter-acct-static/lib/pkgconfig:/usr/lib/pkgconfig" # Set correct CMake flags for building against non-System OpenSSL # See: https://github.com/warmcat/libwebsockets/blob/master/READMEs/README.build.md diff --git a/packaging/makeself/jobs/99-makeself.install.sh b/packaging/makeself/jobs/99-makeself.install.sh index d29d0580a..12bd59b66 100755 --- a/packaging/makeself/jobs/99-makeself.install.sh +++ b/packaging/makeself/jobs/99-makeself.install.sh @@ -29,11 +29,6 @@ run cp \ packaging/makeself/install-or-update.sh \ packaging/installer/functions.sh \ configs.signatures \ - system/netdata-init-d \ - system/netdata-lsb \ - system/netdata-openrc \ - system/netdata.logrotate \ - system/netdata.service \ "${NETDATA_INSTALL_PATH}/system/" # ----------------------------------------------------------------------------- @@ -65,6 +60,14 @@ run rm "${NETDATA_INSTALL_PATH}/sbin" \ "${NETDATA_INSTALL_PATH}/usr/sbin" \ "${NETDATA_INSTALL_PATH}/usr/local" +# ----------------------------------------------------------------------------- +# ensure required directories actually exist + +for dir in var/lib/netdata var/cache/netdata var/log/netdata ; do + run mkdir -p "${NETDATA_INSTALL_PATH}/${dir}" + run touch "${NETDATA_INSTALL_PATH}/${dir}/.keep" +done + # ----------------------------------------------------------------------------- # create the makeself archive diff --git a/packaging/makeself/makeself-header.sh b/packaging/makeself/makeself-header.sh index 0af3219c4..47992b2ca 100755 --- a/packaging/makeself/makeself-header.sh +++ b/packaging/makeself/makeself-header.sh @@ -1,9 +1,10 @@ -# SPDX-License-Identifier: GPL-3.0-or-later +# SPDX-License-Identifier: GPL-2.0-or-later # shellcheck shell=sh # shellcheck disable=SC2154,SC2039 cat << EOF > "$archname" #!/bin/sh # This script was generated using Makeself $MS_VERSION +# The license covering this archive and its contents, if any, is wholly independent of the Makeself license (GPL) ORIG_UMASK=\`umask\` if test "$KEEP_UMASK" = n; then @@ -12,22 +13,31 @@ fi CRCsum="$CRCsum" MD5="$MD5sum" +SHA="$SHAsum" +SIGNATURE="$Signature" TMPROOT=\${TMPDIR:=/tmp} -USER_PWD="\$PWD"; export USER_PWD +USER_PWD="\$PWD" +export USER_PWD +ARCHIVE_DIR=\`dirname "\$0"\` +export ARCHIVE_DIR label="$LABEL" script="$SCRIPT" scriptargs="$SCRIPTARGS" +cleanup_script="${CLEANUP_SCRIPT}" licensetxt="$LICENSE" -helpheader='$HELPHEADER' +helpheader="${HELPHEADER}" targetdir="$archdirname" filesizes="$filesizes" +totalsize="$totalsize" keep="$KEEP" nooverwrite="$NOOVERWRITE" quiet="n" accept="n" nodiskspace="n" export_conf="$EXPORT_CONF" +decrypt_cmd="$DECRYPT_CMD" +skip="$SKIP" print_cmd_arg="" if type printf > /dev/null; then @@ -43,6 +53,11 @@ if test -d /usr/xpg4/bin; then export PATH fi +if test -d /usr/sfw/bin; then + PATH=\$PATH:/usr/sfw/bin + export PATH +fi + unset CDPATH MS_Printf() @@ -52,8 +67,14 @@ MS_Printf() MS_PrintLicense() { + PAGER=\${PAGER:=more} if test x"\$licensetxt" != x; then - echo "\$licensetxt" + PAGER_PATH=\`exec <&- 2>&-; which \$PAGER || command -v \$PAGER || type \$PAGER\` + if test -x "\$PAGER_PATH" && test x"\$accept" != xy; then + echo "\$licensetxt" | \$PAGER + else + echo "\$licensetxt" + fi if test x"\$accept" != xy; then while true do @@ -74,7 +95,7 @@ MS_PrintLicense() MS_diskspace() { ( - df -kP "\$1" | tail -1 | awk '{ if (\$4 ~ /%/) {print \$3} else {print \$4} }' + df -k "\$1" | tail -1 | awk '{ if (\$4 ~ /%/) {print \$3} else {print \$4} }' ) } @@ -82,15 +103,20 @@ MS_dd() { blocks=\`expr \$3 / 1024\` bytes=\`expr \$3 % 1024\` - dd if="\$1" ibs=\$2 skip=1 obs=1024 conv=sync 2> /dev/null | \\ - { test \$blocks -gt 0 && dd ibs=1024 obs=1024 count=\$blocks ; \\ - test \$bytes -gt 0 && dd ibs=1 obs=1024 count=\$bytes ; } 2> /dev/null + # Test for ibs, obs and conv feature + if dd if=/dev/zero of=/dev/null count=1 ibs=512 obs=512 conv=sync 2> /dev/null; then + dd if="\$1" ibs=\$2 skip=1 obs=1024 conv=sync 2> /dev/null | \\ + { test \$blocks -gt 0 && dd ibs=1024 obs=1024 count=\$blocks ; \\ + test \$bytes -gt 0 && dd ibs=1 obs=1024 count=\$bytes ; } 2> /dev/null + else + dd if="\$1" bs=\$2 skip=1 2> /dev/null + fi } MS_dd_Progress() { if test x"\$noprogress" = xy; then - MS_dd \$@ + MS_dd "\$@" return \$? fi file="\$1" @@ -104,7 +130,7 @@ MS_dd_Progress() blocks=\`expr \$length / \$bsize\` bytes=\`expr \$length % \$bsize\` ( - dd ibs=\$offset skip=1 2>/dev/null + dd ibs=\$offset skip=1 count=1 2>/dev/null pos=\`expr \$pos \+ \$bsize\` MS_Printf " 0%% " 1>&2 if test \$blocks -gt 0; then @@ -134,34 +160,68 @@ MS_dd_Progress() MS_Help() { cat << EOH >&2 -\${helpheader}Makeself version $MS_VERSION +Makeself version $MS_VERSION 1) Getting help or info about \$0 : \$0 --help Print this message \$0 --info Print embedded info : title, default target directory, embedded script ... \$0 --lsm Print embedded lsm entry (or no LSM) \$0 --list Print the list of files in the archive \$0 --check Checks integrity of the archive + \$0 --verify-sig key Verify signature agains a provided key id 2) Running \$0 : \$0 [options] [--] [additional arguments to embedded script] with following options (in that order) --confirm Ask before running embedded script - --quiet Do not print anything except error messages + --quiet Do not print anything except error messages --accept Accept the license - --noexec Do not run embedded script + --noexec Do not run embedded script (implies --noexec-cleanup) + --noexec-cleanup Do not run embedded cleanup script --keep Do not erase target directory after running - the embedded script + the embedded script --noprogress Do not show the progress during the decompression --nox11 Do not spawn an xterm - --nochown Do not give the extracted files to the current user + --nochown Do not give the target folder to the current user + --chown Give the target folder to the current user recursively --nodiskspace Do not check for available disk space - --target dir Extract directly to a target directory - directory path can be either absolute or relative + --target dir Extract directly to a target directory (absolute or relative) + This directory may undergo recursive chown (see --nochown). --tar arg1 [arg2 ...] Access the contents of the archive through the tar command - -- Following arguments will be passed to the embedded script + --ssl-pass-src src Use the given src as the source of password to decrypt the data + using OpenSSL. See "PASS PHRASE ARGUMENTS" in man openssl. + Default is to prompt the user to enter decryption password + on the current terminal. + --cleanup-args args Arguments to the cleanup script. Wrap in quotes to provide + multiple arguments. + -- Following arguments will be passed to the embedded script\${helpheader} EOH } +MS_Verify_Sig() +{ + GPG_PATH=\`exec <&- 2>&-; which gpg || command -v gpg || type gpg\` + MKTEMP_PATH=\`exec <&- 2>&-; which mktemp || command -v mktemp || type mktemp\` + test -x "\$GPG_PATH" || GPG_PATH=\`exec <&- 2>&-; which gpg || command -v gpg || type gpg\` + test -x "\$MKTEMP_PATH" || MKTEMP_PATH=\`exec <&- 2>&-; which mktemp || command -v mktemp || type mktemp\` + offset=\`head -n "\$skip" "\$1" | wc -c | sed "s/ //g"\` + temp_sig=\`mktemp -t XXXXX\` + echo \$SIGNATURE | base64 --decode > "\$temp_sig" + gpg_output=\`MS_dd "\$1" \$offset \$totalsize | LC_ALL=C "\$GPG_PATH" --verify "\$temp_sig" - 2>&1\` + gpg_res=\$? + rm -f "\$temp_sig" + if test \$gpg_res -eq 0 && test \`echo \$gpg_output | grep -c Good\` -eq 1; then + if test \`echo \$gpg_output | grep -c \$sig_key\` -eq 1; then + test x"\$quiet" = xn && echo "GPG signature is good" >&2 + else + echo "GPG Signature key does not match" >&2 + exit 2 + fi + else + test x"\$quiet" = xn && echo "GPG signature failed to verify" >&2 + exit 2 + fi +} + MS_Check() { OLD_PATH="\$PATH" @@ -169,18 +229,44 @@ MS_Check() MD5_ARG="" MD5_PATH=\`exec <&- 2>&-; which md5sum || command -v md5sum || type md5sum\` test -x "\$MD5_PATH" || MD5_PATH=\`exec <&- 2>&-; which md5 || command -v md5 || type md5\` - test -x "\$MD5_PATH" || MD5_PATH=\`exec <&- 2>&-; which digest || command -v digest || type digest\` + test -x "\$MD5_PATH" || MD5_PATH=\`exec <&- 2>&-; which digest || command -v digest || type digest\` PATH="\$OLD_PATH" + SHA_PATH=\`exec <&- 2>&-; which shasum || command -v shasum || type shasum\` + test -x "\$SHA_PATH" || SHA_PATH=\`exec <&- 2>&-; which sha256sum || command -v sha256sum || type sha256sum\` + if test x"\$quiet" = xn; then MS_Printf "Verifying archive integrity..." fi - offset=\`head -n $SKIP "\$1" | wc -c | tr -d " "\` + offset=\`head -n "\$skip" "\$1" | wc -c | sed "s/ //g"\` + fsize=\`cat "\$1" | wc -c | sed "s/ //g"\` + if test \$totalsize -ne \`expr \$fsize - \$offset\`; then + echo " Unexpected archive size." >&2 + exit 2 + fi verb=\$2 i=1 for s in \$filesizes do crc=\`echo \$CRCsum | cut -d" " -f\$i\` + if test -x "\$SHA_PATH"; then + if test x"\`basename \$SHA_PATH\`" = xshasum; then + SHA_ARG="-a 256" + fi + sha=\`echo \$SHA | cut -d" " -f\$i\` + if test x"\$sha" = x0000000000000000000000000000000000000000000000000000000000000000; then + test x"\$verb" = xy && echo " \$1 does not contain an embedded SHA256 checksum." >&2 + else + shasum=\`MS_dd_Progress "\$1" \$offset \$s | eval "\$SHA_PATH \$SHA_ARG" | cut -b-64\`; + if test x"\$shasum" != x"\$sha"; then + echo "Error in SHA256 checksums: \$shasum is different from \$sha" >&2 + exit 2 + elif test x"\$quiet" = xn; then + MS_Printf " SHA256 checksums are OK." >&2 + fi + crc="0000000000"; + fi + fi if test -x "\$MD5_PATH"; then if test x"\`basename \$MD5_PATH\`" = xdigest; then MD5_ARG="-a md5" @@ -193,8 +279,8 @@ MS_Check() if test x"\$md5sum" != x"\$md5"; then echo "Error in MD5 checksums: \$md5sum is different from \$md5" >&2 exit 2 - else - test x"\$verb" = xy && MS_Printf " MD5 checksums are OK." >&2 + elif test x"\$quiet" = xn; then + MS_Printf " MD5 checksums are OK." >&2 fi crc="0000000000"; verb=n fi @@ -203,11 +289,11 @@ MS_Check() test x"\$verb" = xy && echo " \$1 does not contain a CRC checksum." >&2 else sum1=\`MS_dd_Progress "\$1" \$offset \$s | CMD_ENV=xpg4 cksum | awk '{print \$1}'\` - if test x"\$sum1" = x"\$crc"; then - test x"\$verb" = xy && MS_Printf " CRC checksums are OK." >&2 - else + if test x"\$sum1" != x"\$crc"; then echo "Error in checksums: \$sum1 is different from \$crc" >&2 - exit 2; + exit 2 + elif test x"\$quiet" = xn; then + MS_Printf " CRC checksums are OK." >&2 fi fi i=\`expr \$i + 1\` @@ -218,22 +304,55 @@ MS_Check() fi } +MS_Decompress() +{ + if test x"\$decrypt_cmd" != x""; then + { eval "\$decrypt_cmd" || echo " ... Decryption failed." >&2; } | eval "$GUNZIP_CMD" + else + eval "$GUNZIP_CMD" + fi + + if test \$? -ne 0; then + echo " ... Decompression failed." >&2 + fi +} + UnTAR() { if test x"\$quiet" = xn; then - tar \$1vf - $UNTAR_EXTRA 2>&1 || { echo " ... Extraction failed." > /dev/tty; kill -15 \$$; } + tar \$1vf - $UNTAR_EXTRA 2>&1 || { echo " ... Extraction failed." >&2; kill -15 \$$; } else - tar \$1f - $UNTAR_EXTRA 2>&1 || { echo Extraction failed. > /dev/tty; kill -15 \$$; } + tar \$1f - $UNTAR_EXTRA 2>&1 || { echo Extraction failed. >&2; kill -15 \$$; } + fi +} + +MS_exec_cleanup() { + if test x"\$cleanup" = xy && test x"\$cleanup_script" != x""; then + cleanup=n + cd "\$tmpdir" + eval "\"\$cleanup_script\" \$scriptargs \$cleanupargs" fi } +MS_cleanup() +{ + echo 'Signal caught, cleaning up' >&2 + MS_exec_cleanup + cd "\$TMPROOT" + rm -rf "\$tmpdir" + eval \$finish; exit 15 +} + finish=true xterm_loop= noprogress=$NOPROGRESS nox11=$NOX11 copy=$COPY -ownership=y +ownership=$OWNERSHIP verbose=n +cleanup=y +cleanupargs= +sig_key= initargs="\$@" @@ -258,8 +377,11 @@ do echo Target directory: "\$targetdir" echo Uncompressed size: $USIZE KB echo Compression: $COMPRESS + if test x"$ENCRYPT" != x""; then + echo Encryption: $ENCRYPT + fi echo Date of packaging: $DATE - echo Built with Makeself version $MS_VERSION on $OSTYPE + echo Built with Makeself version $MS_VERSION echo Build command was: "$MS_COMMAND" if test x"\$script" != x; then echo Script run after extraction: @@ -282,15 +404,17 @@ do echo LABEL=\"\$label\" echo SCRIPT=\"\$script\" echo SCRIPTARGS=\"\$scriptargs\" + echo CLEANUPSCRIPT=\"\$cleanup_script\" echo archdirname=\"$archdirname\" echo KEEP=$KEEP echo NOOVERWRITE=$NOOVERWRITE echo COMPRESS=$COMPRESS echo filesizes=\"\$filesizes\" + echo totalsize=\"\$totalsize\" echo CRCsum=\"\$CRCsum\" - echo MD5sum=\"\$MD5\" - echo OLDUSIZE=$USIZE - echo OLDSKIP=$((SKIP + 1)) + echo MD5sum=\"\$MD5sum\" + echo SHAsum=\"\$SHAsum\" + echo SKIP=\"\$skip\" exit 0 ;; --lsm) @@ -303,21 +427,21 @@ EOLSM ;; --list) echo Target directory: \$targetdir - offset=\`head -n $SKIP "\$0" | wc -c | tr -d " "\` + offset=\`head -n "\$skip" "\$0" | wc -c | sed "s/ //g"\` for s in \$filesizes do - MS_dd "\$0" \$offset \$s | eval "$GUNZIP_CMD" | UnTAR t + MS_dd "\$0" \$offset \$s | MS_Decompress | UnTAR t offset=\`expr \$offset + \$s\` done exit 0 ;; --tar) - offset=\`head -n $SKIP "\$0" | wc -c | tr -d " "\` + offset=\`head -n "\$skip" "\$0" | wc -c | sed "s/ //g"\` arg1="\$2" - if ! shift 2; then MS_Help; exit 1; fi + shift 2 || { MS_Help; exit 1; } for s in \$filesizes do - MS_dd "\$0" \$offset \$s | eval "$GUNZIP_CMD" | tar "\$arg1" - "\$@" + MS_dd "\$0" \$offset \$s | MS_Decompress | tar "\$arg1" - "\$@" offset=\`expr \$offset + \$s\` done exit 0 @@ -326,22 +450,32 @@ EOLSM MS_Check "\$0" y exit 0 ;; + --verify-sig) + sig_key="\$2" + shift 2 || { MS_Help; exit 1; } + MS_Verify_Sig "\$0" + ;; --confirm) verbose=y shift ;; --noexec) script="" + cleanup_script="" shift ;; + --noexec-cleanup) + cleanup_script="" + shift + ;; --keep) keep=y shift ;; --target) keep=y - targetdir=\${2:-.} - if ! shift 2; then MS_Help; exit 1; fi + targetdir="\${2:-.}" + shift 2 || { MS_Help; exit 1; } ;; --noprogress) noprogress=y @@ -355,6 +489,10 @@ EOLSM ownership=n shift ;; + --chown) + ownership=y + shift + ;; --nodiskspace) nodiskspace=y shift @@ -370,6 +508,18 @@ EOLSM copy=phase2 shift ;; + --ssl-pass-src) + if test x"$ENCRYPT" != x"openssl"; then + echo "Invalid option --ssl-pass-src: \$0 was not encrypted with OpenSSL!" >&2 + exit 1 + fi + decrypt_cmd="\$decrypt_cmd -pass \$2" + shift 2 || { MS_Help; exit 1; } + ;; + --cleanup-args) + cleanupargs="\$2" + shift 2 || { MS_Help; exit 1; } + ;; --) shift break ;; @@ -390,7 +540,7 @@ fi if test x"$NEED_ROOT" = xy -a \`id -u\` -ne 0; then echo "Administrative privileges required for this archive (use su or sudo)" >&2 - exit 1 + exit 1 fi if test x"\$copy" \!= xphase2; then @@ -399,7 +549,7 @@ fi case "\$copy" in copy) - tmpdir=\$TMPROOT/makeself.\$RANDOM.\`date +"%y%m%d%H%M%S"\`.\$\$ + tmpdir="\$TMPROOT"/makeself.\$RANDOM.\`date +"%y%m%d%H%M%S"\`.\$\$ mkdir "\$tmpdir" || { echo "Could not create temporary directory \$tmpdir" >&2 exit 1 @@ -409,6 +559,7 @@ copy) cp "\$0" "\$SCRIPT_COPY" chmod +x "\$SCRIPT_COPY" cd "\$TMPROOT" + export USER_PWD="\$tmpdir" exec "\$SCRIPT_COPY" --phase2 -- \$initargs ;; phase2) @@ -417,7 +568,7 @@ phase2) esac if test x"\$nox11" = xn; then - if tty -s; then # Do we have a terminal? + if test -t 1; then # Do we have a terminal on stdout? : else if test x"\$DISPLAY" != x -a x"\$xterm_loop" = x; then # No, but do we have X? @@ -429,11 +580,11 @@ if test x"\$nox11" = xn; then break fi done - chmod a+x \$0 || echo Please add execution rights on \$0 + chmod a+x \$0 || echo Please add execution rights on \$0 >&2 if test \`echo "\$0" | cut -c1\` = "/"; then # Spawn a terminal! - exec \$XTERM -title "\$label" -e "\$0" --xwin "\$initargs" + exec \$XTERM -e "\$0 --xwin \$initargs" else - exec \$XTERM -title "\$label" -e "./\$0" --xwin "\$initargs" + exec \$XTERM -e "./\$0 --xwin \$initargs" fi fi fi @@ -457,7 +608,7 @@ else tmpdir="\$TMPROOT/selfgz\$\$\$RANDOM" dashp="" fi - mkdir \$dashp \$tmpdir || { + mkdir \$dashp "\$tmpdir" || { echo 'Cannot create target directory' \$tmpdir >&2 echo 'You should try option --target dir' >&2 eval \$finish @@ -469,7 +620,7 @@ location="\`pwd\`" if test x"\$SETUP_NOCHECK" != x1; then MS_Check "\$0" fi -offset=\`head -n $SKIP "\$0" | wc -c | tr -d " "\` +offset=\`head -n "\$skip" "\$0" | wc -c | sed "s/ //g"\` if test x"\$verbose" = xy; then MS_Printf "About to extract $USIZE KB in \$tmpdir ... Proceed ? [Y/n] " @@ -480,15 +631,21 @@ if test x"\$verbose" = xy; then fi if test x"\$quiet" = xn; then - MS_Printf "Uncompressing \$label" + # Decrypting with openssl will ask for password, + # the prompt needs to start on new line + if test x"$ENCRYPT" = x"openssl"; then + echo "Decrypting and uncompressing \$label..." + else + MS_Printf "Uncompressing \$label" + fi fi res=3 if test x"\$keep" = xn; then - trap 'echo Signal caught, cleaning up >&2; cd \$TMPROOT; /bin/rm -rf \$tmpdir; eval \$finish; exit 15' 1 2 3 15 + trap MS_cleanup 1 2 3 15 fi if test x"\$nodiskspace" = xn; then - leftspace=\`MS_diskspace \$tmpdir\` + leftspace=\`MS_diskspace "\$tmpdir"\` if test -n "\$leftspace"; then if test "\$leftspace" -lt $USIZE; then echo @@ -504,7 +661,7 @@ fi for s in \$filesizes do - if MS_dd_Progress "\$0" \$offset \$s | eval "$GUNZIP_CMD" | ( cd "\$tmpdir"; umask \$ORIG_UMASK ; UnTAR xp ) 1>/dev/null; then + if MS_dd_Progress "\$0" \$offset \$s | MS_Decompress | ( cd "\$tmpdir"; umask \$ORIG_UMASK ; UnTAR xp ) 1>/dev/null; then if test x"\$ownership" = xy; then (cd "\$tmpdir"; chown -R \`id -u\` .; chgrp -R \`id -g\` .) fi @@ -531,6 +688,7 @@ if test x"\$script" != x; then MS_KEEP="\$KEEP" MS_NOOVERWRITE="\$NOOVERWRITE" MS_COMPRESS="\$COMPRESS" + MS_CLEANUP="\$cleanup" export MS_BUNDLE MS_LABEL MS_SCRIPT MS_SCRIPTARGS export MS_ARCHDIRNAME MS_KEEP MS_NOOVERWRITE MS_COMPRESS fi @@ -548,9 +706,12 @@ if test x"\$script" != x; then test x"\$verbose" = xy && echo "The program '\$script' returned an error code (\$res)" >&2 fi fi + +MS_exec_cleanup + if test x"\$keep" = xn; then - cd \$TMPROOT - /bin/rm -rf \$tmpdir + cd "\$TMPROOT" + rm -rf "\$tmpdir" fi eval \$finish; exit \$res EOF diff --git a/packaging/makeself/makeself-license.txt b/packaging/makeself/makeself-license.txt index b844e9a9a..684f16ae7 100644 --- a/packaging/makeself/makeself-license.txt +++ b/packaging/makeself/makeself-license.txt @@ -4,7 +4,7 @@ | '-' '-' '-' '-' real-time performance monitoring, done right! +----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+---> - (C) Copyright 2017, Costa Tsaousis + (C) Copyright 2017-2023, Costa Tsaousis All rights reserved Released under GPL v3+ @@ -24,13 +24,10 @@ - /etc/logrotate.d/netdata # SYSTEM INIT - This file will be installed if this system runs with systemd: - - - /lib/systemd/system/netdata.service - - or, for older CentOS, Debian/Ubuntu or OpenRC Gentoo: - - - /etc/init.d/netdata will be created + If a supported init system is detected, appropriate configuration will be + installed to allow Netdata to run as a system service. We currently support + systemd, OpenRC, LSB init scripts, and traditional init.d setups, as well as + having experimental support for runit. This package can also update a netdata installation that has been diff --git a/packaging/makeself/makeself.lsm b/packaging/makeself/makeself.lsm index 6bd4703db..7d6356468 100644 --- a/packaging/makeself/makeself.lsm +++ b/packaging/makeself/makeself.lsm @@ -10,7 +10,7 @@ Description: netdata is a system for distributed real-time performance and he Keywords: real-time performance and health monitoring Author: Costa Tsaousis (costa@tsaousis.gr) Maintained-by: Costa Tsaousis (costa@tsaousis.gr) -Original-site: https://my-netdata.io/ +Original-site: https://netdata.cloud/ Platform: Unix Copying-policy: GPL End diff --git a/packaging/makeself/makeself.sh b/packaging/makeself/makeself.sh index 1581f499e..3a9750689 100755 --- a/packaging/makeself/makeself.sh +++ b/packaging/makeself/makeself.sh @@ -1,85 +1,31 @@ #!/bin/sh -# SPDX-License-Identifier: GPL-3.0-or-later # -# Makeself version 2.3.x +# SPDX-License-Identifier: GPL-2.0-or-later +# +# shellcheck disable=SC2209,SC2006,SC2016,SC2034,SC2086,SC2003,SC2268,SC1090,SC2002,SC2046 +# +# Makeself version 2.5.x # by Stephane Peter # # Utility to create self-extracting tar.gz archives. # The resulting archive is a file holding the tar.gz archive with # a small Shell script stub that uncompresses the archive to a temporary -# directory and then executes a given script from within that directory. -# -# Makeself home page: http://makeself.io/ +# directory and then executes a given script from withing that directory. # -# Version 2.0 is a rewrite of version 1.0 to make the code easier to read and maintain. +# Makeself home page: https://makeself.io/ - Version history available on GitHub # -# Version history : -# - 1.0 : Initial public release -# - 1.1 : The archive can be passed parameters that will be passed on to -# the embedded script, thanks to John C. Quillan -# - 1.2 : Package distribution, bzip2 compression, more command line options, -# support for non-temporary archives. Ideas thanks to Francois Petitjean -# - 1.3 : More patches from Bjarni R. Einarsson and Francois Petitjean: -# Support for no compression (--nocomp), script is no longer mandatory, -# automatic launch in an xterm, optional verbose output, and -target -# archive option to indicate where to extract the files. -# - 1.4 : Improved UNIX compatibility (Francois Petitjean) -# Automatic integrity checking, support of LSM files (Francois Petitjean) -# - 1.5 : Many bugfixes. Optionally disable xterm spawning. -# - 1.5.1 : More bugfixes, added archive options -list and -check. -# - 1.5.2 : Cosmetic changes to inform the user of what's going on with big -# archives (Quake III demo) -# - 1.5.3 : Check for validity of the DISPLAY variable before launching an xterm. -# More verbosity in xterms and check for embedded command's return value. -# Bugfix for Debian 2.0 systems that have a different "print" command. -# - 1.5.4 : Many bugfixes. Print out a message if the extraction failed. -# - 1.5.5 : More bugfixes. Added support for SETUP_NOCHECK environment variable to -# bypass checksum verification of archives. -# - 1.6.0 : Compute MD5 checksums with the md5sum command (patch from Ryan Gordon) -# - 2.0 : Brand new rewrite, cleaner architecture, separated header and UNIX ports. -# - 2.0.1 : Added --copy -# - 2.1.0 : Allow multiple tarballs to be stored in one archive, and incremental updates. -# Added --nochown for archives -# Stopped doing redundant checksums when not necessary -# - 2.1.1 : Work around insane behavior from certain Linux distros with no 'uncompress' command -# Cleaned up the code to handle error codes from compress. Simplified the extraction code. -# - 2.1.2 : Some bug fixes. Use head -n to avoid problems. -# - 2.1.3 : Bug fixes with command line when spawning terminals. -# Added --tar for archives, allowing to give arbitrary arguments to tar on the contents of the archive. -# Added --noexec to prevent execution of embedded scripts. -# Added --nomd5 and --nocrc to avoid creating checksums in archives. -# Added command used to create the archive in --info output. -# Run the embedded script through eval. -# - 2.1.4 : Fixed --info output. -# Generate random directory name when extracting files to . to avoid problems. (Jason Trent) -# Better handling of errors with wrong permissions for the directory containing the files. (Jason Trent) -# Avoid some race conditions (Ludwig Nussel) -# Unset the $CDPATH variable to avoid problems if it is set. (Debian) -# Better handling of dot files in the archive directory. -# - 2.1.5 : Made the md5sum detection consistent with the header code. -# Check for the presence of the archive directory -# Added --encrypt for symmetric encryption through gpg (Eric Windisch) -# Added support for the digest command on Solaris 10 for MD5 checksums -# Check for available disk space before extracting to the target directory (Andreas Schweitzer) -# Allow extraction to run asynchronously (patch by Peter Hatch) -# Use file descriptors internally to avoid error messages (patch by Kay Tiong Khoo) -# - 2.1.6 : Replaced one dot per file progress with a realtime progress percentage and a spinning cursor (Guy Baconniere) -# Added --noprogress to prevent showing the progress during the decompression (Guy Baconniere) -# Added --target dir to allow extracting directly to a target directory (Guy Baconniere) -# - 2.2.0 : Many bugfixes, updates and contributions from users. Check out the project page on Github for the details. -# - 2.3.0 : Option to specify packaging date to enable byte-for-byte reproducibility. (Marc Pawlowsky) -# -# (C) 1998-2017 by Stephane Peter +# (C) 1998-2023 by Stephane Peter # # This software is released under the terms of the GNU GPL version 2 and above # Please read the license at http://www.gnu.org/copyleft/gpl.html +# Self-extracting archives created with this script are explictly NOT released under the term of the GPL # -MS_VERSION=2.3.1 +MS_VERSION=2.5.0 MS_COMMAND="$0" unset CDPATH -for f in "${1+"$@"}"; do +for f in ${1+"$@"}; do MS_COMMAND="$MS_COMMAND \\\\ \\\"$f\\\"" done @@ -94,30 +40,46 @@ fi MS_Usage() { - echo "Usage: $0 [params] archive_dir file_name label startup_script [args]" - echo "params can be one or more of the following :" + echo "Usage: $0 [args] archive_dir file_name label startup_script [script_args]" + echo "args can be one or more of the following :" echo " --version | -v : Print out Makeself version number and exit" echo " --help | -h : Print out this help message" echo " --tar-quietly : Suppress verbose output from the tar command" echo " --quiet | -q : Do not print any messages other than errors." echo " --gzip : Compress using gzip (default if detected)" echo " --pigz : Compress with pigz" + echo " --zstd : Compress with zstd" echo " --bzip2 : Compress using bzip2 instead of gzip" echo " --pbzip2 : Compress using pbzip2 instead of gzip" + echo " --bzip3 : Compress using bzip3 instead of gzip" echo " --xz : Compress using xz instead of gzip" echo " --lzo : Compress using lzop instead of gzip" echo " --lz4 : Compress using lz4 instead of gzip" echo " --compress : Compress using the UNIX 'compress' command" - echo " --complevel lvl : Compression level for gzip pigz xz lzo lz4 bzip2 and pbzip2 (default 9)" + echo " --complevel lvl : Compression level for gzip pigz zstd xz lzo lz4 bzip2 pbzip2 and bzip3 (default 9)" + echo " --threads thds : Number of threads to be used by compressors that support parallelization." + echo " Omit to use compressor's default. Most useful (and required) for opting" + echo " into xz's threading, usually with '--threads=0' for all available cores." + echo " pbzip2 and pigz are parallel by default, and setting this value allows" + echo " limiting the number of threads they use." echo " --base64 : Instead of compressing, encode the data using base64" echo " --gpg-encrypt : Instead of compressing, encrypt the data using GPG" echo " --gpg-asymmetric-encrypt-sign" echo " : Instead of compressing, asymmetrically encrypt and sign the data using GPG" echo " --gpg-extra opt : Append more options to the gpg command line" echo " --ssl-encrypt : Instead of compressing, encrypt the data using OpenSSL" + echo " --ssl-passwd pass : Use the given password to encrypt the data using OpenSSL" + echo " --ssl-pass-src src : Use the given src as the source of password to encrypt the data" + echo " using OpenSSL. See \"PASS PHRASE ARGUMENTS\" in man openssl." + echo " If this option is not supplied, the user will be asked to enter" + echo " encryption password on the current terminal." + echo " --ssl-no-md : Do not use \"-md\" option not supported by older OpenSSL." + echo " --nochown : Do not give the target folder to the current user (default)" + echo " --chown : Give the target folder to the current user recursively" echo " --nocomp : Do not compress the data" - echo " --notemp : The archive will create archive_dir in the" - echo " current directory and uncompress in ./archive_dir" + echo " --notemp : The archive will create archive_dir in the current directory" + echo " and uncompress in ./archive_dir" + echo " Note: persistent archives do not strictly require a startup_script" echo " --needroot : Check that the root user is extracting the archive before proceeding" echo " --copy : Upon extraction, the archive will first copy itself to" echo " a temporary directory" @@ -125,19 +87,23 @@ MS_Usage() echo " The label and startup scripts will then be ignored" echo " --target dir : Extract directly to a target directory" echo " directory path can be either absolute or relative" - echo " --nooverwrite : Do not extract the archive if the specified target directory exists" echo " --current : Files will be extracted to the current directory" - echo " Both --current and --target imply --notemp" + echo " Both --current and --target imply --notemp, and do not require a startup_script" + echo " --nooverwrite : Do not extract the archive if the specified target directory exists" + echo " --tar-format opt : Specify a tar archive format (default is ustar)" echo " --tar-extra opt : Append more options to the tar command line" echo " --untar-extra opt : Append more options to the during the extraction of the tar archive" echo " --nomd5 : Don't calculate an MD5 for archive" echo " --nocrc : Don't calculate a CRC for archive" + echo " --sha256 : Compute a SHA256 checksum for the archive" echo " --header file : Specify location of the header script" + echo " --cleanup file : Specify a cleanup script that executes on interrupt and when finished successfully." echo " --follow : Follow the symlinks in the archive" echo " --noprogress : Do not show the progress during the decompression" echo " --nox11 : Disable automatic spawn of a xterm" echo " --nowait : Do not wait for user input after executing embedded" echo " program from an xterm" + echo " --sign passphrase : Signature private key to sign the package with" echo " --lsm file : LSM file describing the package" echo " --license file : Append a license file" echo " --help-header file : Add a header to the archive's --help output" @@ -154,12 +120,21 @@ MS_Usage() } # Default settings -if type gzip 2>&1 > /dev/null; then +if type gzip >/dev/null 2>&1; then COMPRESS=gzip +elif type compress >/dev/null 2>&1; then + COMPRESS=compress else - COMPRESS=Unix + echo "ERROR: missing commands: gzip, compress" >&2 + MS_Usage fi +ENCRYPT=n +PASSWD="" +PASSWD_SRC="" +OPENSSL_NO_MD=n COMPRESS_LEVEL=9 +DEFAULT_THREADS=123456 # Sentinel value +THREADS=$DEFAULT_THREADS KEEP=n CURRENT=n NOX11=n @@ -171,15 +146,21 @@ QUIET=n NOPROGRESS=n COPY=none NEED_ROOT=n -TAR_ARGS=cvf +TAR_ARGS=rvf +TAR_FORMAT=ustar TAR_EXTRA="" GPG_EXTRA="" DU_ARGS=-ks HEADER=`dirname "$0"`/makeself-header.sh +SIGNATURE="" TARGETDIR="" NOOVERWRITE=n DATE=`LC_ALL=C date` EXPORT_CONF=n +SHA256=n +OWNERSHIP=n +SIGN=n +GPG_PASSPHRASE="" # LSM file stuff LSM_CMD="echo No LSM. >> \"\$archname\"" @@ -195,6 +176,10 @@ do COMPRESS=pbzip2 shift ;; + --bzip3) + COMPRESS=bzip3 + shift + ;; --bzip2) COMPRESS=bzip2 shift @@ -204,9 +189,13 @@ do shift ;; --pigz) - COMPRESS=pigz - shift - ;; + COMPRESS=pigz + shift + ;; + --zstd) + COMPRESS=zstd + shift + ;; --xz) COMPRESS=xz shift @@ -220,7 +209,7 @@ do shift ;; --compress) - COMPRESS=Unix + COMPRESS=compress shift ;; --base64) @@ -232,24 +221,48 @@ do shift ;; --gpg-asymmetric-encrypt-sign) - COMPRESS=gpg-asymmetric - shift - ;; + COMPRESS=gpg-asymmetric + shift + ;; --gpg-extra) - GPG_EXTRA="$2" - if ! shift 2; then MS_Help; exit 1; fi - ;; + GPG_EXTRA="$2" + shift 2 || { MS_Usage; exit 1; } + ;; --ssl-encrypt) - COMPRESS=openssl - shift - ;; + ENCRYPT=openssl + shift + ;; + --ssl-passwd) + PASSWD=$2 + shift 2 || { MS_Usage; exit 1; } + ;; + --ssl-pass-src) + PASSWD_SRC=$2 + shift 2 || { MS_Usage; exit 1; } + ;; + --ssl-no-md) + OPENSSL_NO_MD=y + shift + ;; --nocomp) COMPRESS=none shift ;; --complevel) COMPRESS_LEVEL="$2" - if ! shift 2; then MS_Help; exit 1; fi + shift 2 || { MS_Usage; exit 1; } + ;; + --threads) + THREADS="$2" + shift 2 || { MS_Usage; exit 1; } + ;; + --nochown) + OWNERSHIP=n + shift + ;; + --chown) + OWNERSHIP=y + shift ;; --notemp) KEEP=y @@ -264,19 +277,28 @@ do KEEP=y shift ;; + --tar-format) + TAR_FORMAT="$2" + shift 2 || { MS_Usage; exit 1; } + ;; --tar-extra) - TAR_EXTRA="$2" - if ! shift 2; then MS_Help; exit 1; fi - ;; + TAR_EXTRA="$2" + shift 2 || { MS_Usage; exit 1; } + ;; --untar-extra) UNTAR_EXTRA="$2" - if ! shift 2; then MS_Help; exit 1; fi + shift 2 || { MS_Usage; exit 1; } ;; --target) - TARGETDIR="$2" - KEEP=y - if ! shift 2; then MS_Help; exit 1; fi - ;; + TARGETDIR="$2" + KEEP=y + shift 2 || { MS_Usage; exit 1; } + ;; + --sign) + SIGN=y + GPG_PASSPHRASE="$2" + shift 2 || { MS_Usage; exit 1; } + ;; --nooverwrite) NOOVERWRITE=y shift @@ -287,14 +309,19 @@ do ;; --header) HEADER="$2" - if ! shift 2; then MS_Help; exit 1; fi + shift 2 || { MS_Usage; exit 1; } ;; + --cleanup) + CLEANUP_SCRIPT="$2" + shift 2 || { MS_Usage; exit 1; } + ;; --license) - LICENSE=`cat $2` - if ! shift 2; then MS_Help; exit 1; fi + # We need to escape all characters having a special meaning in double quotes + LICENSE=$(sed 's/\\/\\\\/g; s/"/\\\"/g; s/`/\\\`/g; s/\$/\\\$/g' "$2") + shift 2 || { MS_Usage; exit 1; } ;; --follow) - TAR_ARGS=cvhf + TAR_ARGS=rvhf DU_ARGS=-ksL shift ;; @@ -314,6 +341,10 @@ do NOMD5=y shift ;; + --sha256) + SHA256=y + shift + ;; --nocrc) NOCRC=y shift @@ -323,16 +354,16 @@ do shift ;; --lsm) - LSM_CMD="cat \"$2\" >> \"\$archname\"" - if ! shift 2; then MS_Help; exit 1; fi + LSM_CMD="awk 1 \"$2\" >> \"\$archname\"" + shift 2 || { MS_Usage; exit 1; } ;; --packaging-date) DATE="$2" - if ! shift 2; then MS_Help; exit 1; fi + shift 2 || { MS_Usage; exit 1; } ;; --help-header) HELPHEADER=`sed -e "s/'/'\\\\\''/g" $2` - if ! shift 2; then MS_Help; exit 1; fi + shift 2 || { MS_Usage; exit 1; } [ -n "$HELPHEADER" ] && HELPHEADER="$HELPHEADER " ;; @@ -378,43 +409,44 @@ fi archname="$2" if test "$QUIET" = "y" || test "$TAR_QUIETLY" = "y"; then - if test "$TAR_ARGS" = "cvf"; then - TAR_ARGS="cf" - elif test "$TAR_ARGS" = "cvhf";then - TAR_ARGS="chf" + if test "$TAR_ARGS" = "rvf"; then + TAR_ARGS="rf" + elif test "$TAR_ARGS" = "rvhf"; then + TAR_ARGS="rhf" fi fi if test "$APPEND" = y; then if test $# -lt 2; then - MS_Usage + MS_Usage fi # Gather the info from the original archive OLDENV=`sh "$archname" --dumpconf` if test $? -ne 0; then - echo "Unable to update archive: $archname" >&2 - exit 1 + echo "Unable to update archive: $archname" >&2 + exit 1 else - eval "$OLDENV" + eval "$OLDENV" + OLDSKIP=`expr $SKIP + 1` fi else if test "$KEEP" = n -a $# = 3; then - echo "ERROR: Making a temporary archive with no embedded command does not make sense!" >&2 - echo >&2 - MS_Usage + echo "ERROR: Making a temporary archive with no embedded command does not make sense!" >&2 + echo >&2 + MS_Usage fi # We don't want to create an absolute directory unless a target directory is defined if test "$CURRENT" = y; then - archdirname="." - elif test x$TARGETDIR != x; then - archdirname="$TARGETDIR" + archdirname="." + elif test x"$TARGETDIR" != x; then + archdirname="$TARGETDIR" else - archdirname=`basename "$1"` + archdirname=`basename "$1"` fi if test $# -lt 3; then - MS_Usage + MS_Usage fi LABEL="$3" @@ -434,20 +466,47 @@ gzip) GZIP_CMD="gzip -c$COMPRESS_LEVEL" GUNZIP_CMD="gzip -cd" ;; -pigz) +pigz) GZIP_CMD="pigz -$COMPRESS_LEVEL" + if test $THREADS -ne $DEFAULT_THREADS; then # Leave as the default if threads not indicated + GZIP_CMD="$GZIP_CMD --processes $THREADS" + fi GUNZIP_CMD="gzip -cd" ;; +zstd) + GZIP_CMD="zstd -$COMPRESS_LEVEL" + if test $THREADS -ne $DEFAULT_THREADS; then # Leave as the default if threads not indicated + GZIP_CMD="$GZIP_CMD --threads=$THREADS" + fi + GUNZIP_CMD="zstd -cd" + ;; pbzip2) GZIP_CMD="pbzip2 -c$COMPRESS_LEVEL" + if test $THREADS -ne $DEFAULT_THREADS; then # Leave as the default if threads not indicated + GZIP_CMD="$GZIP_CMD -p$THREADS" + fi GUNZIP_CMD="bzip2 -d" ;; +bzip3) + # Map the compression level to a block size in MiB as 2^(level-1). + BZ3_COMPRESS_LEVEL=`echo "2^($COMPRESS_LEVEL-1)" | bc` + GZIP_CMD="bzip3 -b$BZ3_COMPRESS_LEVEL" + if test $THREADS -ne $DEFAULT_THREADS; then # Leave as the default if threads not indicated + GZIP_CMD="$GZIP_CMD -j$THREADS" + fi + JOBS=`echo "10-$COMPRESS_LEVEL" | bc` + GUNZIP_CMD="bzip3 -dj$JOBS" + ;; bzip2) GZIP_CMD="bzip2 -$COMPRESS_LEVEL" GUNZIP_CMD="bzip2 -d" ;; xz) GZIP_CMD="xz -c$COMPRESS_LEVEL" + # Must opt-in by specifying a value since not all versions of xz support threads + if test $THREADS -ne $DEFAULT_THREADS; then + GZIP_CMD="$GZIP_CMD --threads=$THREADS" + fi GUNZIP_CMD="xz -d" ;; lzo) @@ -460,23 +519,21 @@ lz4) ;; base64) GZIP_CMD="base64" - GUNZIP_CMD="base64 -d -i" + GUNZIP_CMD="base64 --decode -i -" ;; gpg) GZIP_CMD="gpg $GPG_EXTRA -ac -z$COMPRESS_LEVEL" GUNZIP_CMD="gpg -d" + ENCRYPT="gpg" ;; gpg-asymmetric) GZIP_CMD="gpg $GPG_EXTRA -z$COMPRESS_LEVEL -es" GUNZIP_CMD="gpg --yes -d" + ENCRYPT="gpg" ;; -openssl) - GZIP_CMD="openssl aes-256-cbc -a -salt -md sha256" - GUNZIP_CMD="openssl aes-256-cbc -d -a -md sha256" - ;; -Unix) - GZIP_CMD="compress -cf" - GUNZIP_CMD="exec 2>&-; uncompress -c || test \\\$? -eq 2 || gzip -cd" +compress) + GZIP_CMD="compress -fc" + GUNZIP_CMD="(type compress >/dev/null 2>&1 && compress -fcd || gzip -cd)" ;; none) GZIP_CMD="cat" @@ -484,29 +541,48 @@ none) ;; esac -tmpfile="${TMPDIR:=/tmp}/mkself$$" +if test x"$ENCRYPT" = x"openssl"; then + if test x"$APPEND" = x"y"; then + echo "Appending to existing archive is not compatible with OpenSSL encryption." >&2 + fi + + ENCRYPT_CMD="openssl enc -aes-256-cbc -salt" + DECRYPT_CMD="openssl enc -aes-256-cbc -d" + + if test x"$OPENSSL_NO_MD" != x"y"; then + ENCRYPT_CMD="$ENCRYPT_CMD -md sha256" + DECRYPT_CMD="$DECRYPT_CMD -md sha256" + fi + + if test -n "$PASSWD_SRC"; then + ENCRYPT_CMD="$ENCRYPT_CMD -pass $PASSWD_SRC" + elif test -n "$PASSWD"; then + ENCRYPT_CMD="$ENCRYPT_CMD -pass pass:$PASSWD" + fi +fi + +tmpfile="${TMPDIR:-/tmp}/mkself$$" if test -f "$HEADER"; then oldarchname="$archname" archname="$tmpfile" # Generate a fake header to count its lines SKIP=0 - . "$HEADER" - SKIP=`cat "$tmpfile" |wc -l` + . "$HEADER" + SKIP=`cat "$tmpfile" |wc -l` # Get rid of any spaces SKIP=`expr $SKIP` rm -f "$tmpfile" - if test "$QUIET" = "n";then - echo Header is $SKIP lines long >&2 - fi - + if test "$QUIET" = "n"; then + echo "Header is $SKIP lines long" >&2 + fi archname="$oldarchname" else echo "Unable to open header file: $HEADER" >&2 exit 1 fi -if test "$QUIET" = "n";then +if test "$QUIET" = "n"; then echo fi @@ -525,36 +601,101 @@ if test "." = "$archdirname"; then fi test -d "$archdir" || { echo "Error: $archdir does not exist."; rm -f "$tmpfile"; exit 1; } -if test "$QUIET" = "n";then - echo About to compress $USIZE KB of data... - echo Adding files to archive named \"$archname\"... +if test "$QUIET" = "n"; then + echo "About to compress $USIZE KB of data..." + echo "Adding files to archive named \"$archname\"..." +fi + +# See if we have GNU tar +TAR=`exec <&- 2>&-; which gtar || command -v gtar || type gtar` +test -x "$TAR" || TAR=`exec <&- 2>&-; which bsdtar || command -v bsdtar || type bsdtar` +test -x "$TAR" || TAR=tar + +tmparch="${TMPDIR:-/tmp}/mkself$$.tar" +( + if test "$APPEND" = "y"; then + tail -n "+$OLDSKIP" "$archname" | eval "$GUNZIP_CMD" > "$tmparch" + fi + cd "$archdir" + # "Determining if a directory is empty" + # https://www.etalabs.net/sh_tricks.html + find . \ + \( \ + ! -type d \ + -o \ + \( -links 2 -exec sh -c ' + is_empty () ( + cd "$1" + set -- .[!.]* ; test -f "$1" && return 1 + set -- ..?* ; test -f "$1" && return 1 + set -- * ; test -f "$1" && return 1 + return 0 + ) + is_empty "$0"' {} \; \ + \) \ + \) -print \ + | LC_ALL=C sort \ + | sed 's/./\\&/g' \ + | xargs $TAR $TAR_EXTRA --format $TAR_FORMAT -$TAR_ARGS "$tmparch" +) || { + echo "ERROR: failed to create temporary archive: $tmparch" + rm -f "$tmparch" "$tmpfile" + exit 1 +} + +USIZE=`du $DU_ARGS "$tmparch" | awk '{print $1}'` + +eval "$GZIP_CMD" <"$tmparch" >"$tmpfile" || { + echo "ERROR: failed to create temporary file: $tmpfile" + rm -f "$tmparch" "$tmpfile" + exit 1 +} +rm -f "$tmparch" + +if test x"$ENCRYPT" = x"openssl"; then + echo "About to encrypt archive \"$archname\"..." + { eval "$ENCRYPT_CMD -in $tmpfile -out ${tmpfile}.enc" && mv -f ${tmpfile}.enc $tmpfile; } || \ + { echo Aborting: could not encrypt temporary file: "$tmpfile".; rm -f "$tmpfile"; exit 1; } fi -exec 3<> "$tmpfile" -( cd "$archdir" && ( tar $TAR_EXTRA -$TAR_ARGS - . | eval "$GZIP_CMD" >&3 ) ) || \ - { echo Aborting: archive directory not found or temporary file: "$tmpfile" could not be created.; exec 3>&-; rm -f "$tmpfile"; exit 1; } -exec 3>&- # try to close the archive fsize=`cat "$tmpfile" | wc -c | tr -d " "` # Compute the checksums +shasum=0000000000000000000000000000000000000000000000000000000000000000 md5sum=00000000000000000000000000000000 crcsum=0000000000 if test "$NOCRC" = y; then - if test "$QUIET" = "n";then + if test "$QUIET" = "n"; then echo "skipping crc at user request" fi else - crcsum=`cat "$tmpfile" | CMD_ENV=xpg4 cksum | sed -e 's/ /Z/' -e 's/ /Z/' | cut -dZ -f1` - if test "$QUIET" = "n";then + crcsum=`CMD_ENV=xpg4 cksum < "$tmpfile" | sed -e 's/ /Z/' -e 's/ /Z/' | cut -dZ -f1` + if test "$QUIET" = "n"; then echo "CRC: $crcsum" fi fi +if test "$SHA256" = y; then + SHA_PATH=`exec <&- 2>&-; which shasum || command -v shasum || type shasum` + if test -x "$SHA_PATH"; then + shasum=`eval "$SHA_PATH -a 256" < "$tmpfile" | cut -b-64` + else + SHA_PATH=`exec <&- 2>&-; which sha256sum || command -v sha256sum || type sha256sum` + shasum=`eval "$SHA_PATH" < "$tmpfile" | cut -b-64` + fi + if test "$QUIET" = "n"; then + if test -x "$SHA_PATH"; then + echo "SHA256: $shasum" + else + echo "SHA256: none, SHA command not found" + fi + fi +fi if test "$NOMD5" = y; then - if test "$QUIET" = "n";then - echo "skipping md5sum at user request" + if test "$QUIET" = "n"; then + echo "Skipping md5sum at user request" fi else # Try to locate a MD5 binary @@ -569,53 +710,71 @@ else if test `basename ${MD5_PATH}`x = digestx; then MD5_ARG="-a md5" fi - md5sum=`cat "$tmpfile" | eval "$MD5_PATH $MD5_ARG" | cut -b-32`; - if test "$QUIET" = "n";then + md5sum=`eval "$MD5_PATH $MD5_ARG" < "$tmpfile" | cut -b-32` + if test "$QUIET" = "n"; then echo "MD5: $md5sum" fi else - if test "$QUIET" = "n";then + if test "$QUIET" = "n"; then echo "MD5: none, MD5 command not found" fi fi fi +if test "$SIGN" = y; then + GPG_PATH=`exec <&- 2>&-; which gpg || command -v gpg || type gpg` + if test -x "$GPG_PATH"; then + SIGNATURE=`$GPG_PATH --pinentry-mode=loopback --batch --yes $GPG_EXTRA --passphrase "$GPG_PASSPHRASE" --output - --detach-sig $tmpfile | base64 | tr -d \\\\n` + if test "$QUIET" = "n"; then + echo "Signature: $SIGNATURE" + fi + else + echo "Missing gpg command" >&2 + fi +fi + +totalsize=0 +for size in $fsize; +do + totalsize=`expr $totalsize + $size` +done if test "$APPEND" = y; then mv "$archname" "$archname".bak || exit # Prepare entry for new archive - filesizes="$filesizes $fsize" - CRCsum="$CRCsum $crcsum" - MD5sum="$MD5sum $md5sum" - USIZE=`expr $USIZE + $OLDUSIZE` + filesizes="$fsize" + CRCsum="$crcsum" + MD5sum="$md5sum" + SHAsum="$shasum" + Signature="$SIGNATURE" # Generate the header . "$HEADER" - # Append the original data - tail -n +$OLDSKIP "$archname".bak >> "$archname" # Append the new data cat "$tmpfile" >> "$archname" chmod +x "$archname" rm -f "$archname".bak - if test "$QUIET" = "n";then - echo Self-extractable archive \"$archname\" successfully updated. + if test "$QUIET" = "n"; then + echo "Self-extractable archive \"$archname\" successfully updated." fi else filesizes="$fsize" CRCsum="$crcsum" MD5sum="$md5sum" + SHAsum="$shasum" + Signature="$SIGNATURE" # Generate the header . "$HEADER" # Append the compressed tar data after the stub - if test "$QUIET" = "n";then - echo + if test "$QUIET" = "n"; then + echo fi cat "$tmpfile" >> "$archname" chmod +x "$archname" - if test "$QUIET" = "n";then - echo Self-extractable archive \"$archname\" successfully created. + if test "$QUIET" = "n"; then + echo Self-extractable archive \"$archname\" successfully created. fi fi rm -f "$tmpfile" diff --git a/packaging/repoconfig/netdata-edge.repo.al b/packaging/repoconfig/netdata-edge.repo.al new file mode 100644 index 000000000..4a300a26e --- /dev/null +++ b/packaging/repoconfig/netdata-edge.repo.al @@ -0,0 +1,21 @@ +[netdata-edge] +name=Netdata Edge +baseurl=https://repo.netdata.cloud/repos/edge/amazonlinux/$releasever/$basearch +repo_gpgcheck=1 +gpgcheck=1 +gpgkey=https://repo.netdata.cloud/netdatabot.gpg.key +enabled=1 +sslverify=1 +sslcacert=/etc/pki/tls/certs/ca-bundle.crt +priority=50 + +[netdata-repoconfig] +name=Netdata Repository Config +baseurl=https://repo.netdata.cloud/repos/repoconfig/amazonlinux/$releasever/$basearch +repo_gpgcheck=1 +gpgcheck=1 +gpgkey=https://repo.netdata.cloud/netdatabot.gpg.key +enabled=1 +sslverify=1 +sslcacert=/etc/pki/tls/certs/ca-bundle.crt +priority=50 diff --git a/packaging/repoconfig/netdata-repo.spec b/packaging/repoconfig/netdata-repo.spec index cc53fd8cb..6139e52bb 100644 --- a/packaging/repoconfig/netdata-repo.spec +++ b/packaging/repoconfig/netdata-repo.spec @@ -16,6 +16,8 @@ Source4: netdata.repo.centos Source5: netdata-edge.repo.centos Source6: netdata.repo.ol Source7: netdata-edge.repo.ol +Source8: netdata.repo.al +Source9: netdata-edge.repo.al BuildArch: noarch @@ -43,9 +45,15 @@ install -pm 644 %{SOURCE3} ./netdata-edge.repo %endif %if 0%{?centos_ver} +# Amazon Linux 2 looks like CentOS, but with extra macros. +%if 0%{?amzn2} +install -pm 644 %{SOURCE8} ./netdata.repo +install -pm 644 %{SOURCE9} ./netdata-edge.repo +%else install -pm 644 %{SOURCE4} ./netdata.repo install -pm 644 %{SOURCE5} ./netdata-edge.repo %endif +%endif %if 0%{?oraclelinux} install -pm 644 %{SOURCE6} ./netdata.repo diff --git a/packaging/repoconfig/netdata.repo.al b/packaging/repoconfig/netdata.repo.al new file mode 100644 index 000000000..0bacb3a10 --- /dev/null +++ b/packaging/repoconfig/netdata.repo.al @@ -0,0 +1,21 @@ +[netdata] +name=Netdata +baseurl=https://repo.netdata.cloud/repos/stable/amazonlinux/$releasever/$basearch +repo_gpgcheck=1 +gpgcheck=1 +gpgkey=https://repo.netdata.cloud/netdatabot.gpg.key +enabled=1 +sslverify=1 +sslcacert=/etc/pki/tls/certs/ca-bundle.crt +priority=50 + +[netdata-repoconfig] +name=Netdata Repository Config +baseurl=https://repo.netdata.cloud/repos/repoconfig/amazonlinux/$releasever/$basearch +repo_gpgcheck=1 +gpgcheck=1 +gpgkey=https://repo.netdata.cloud/netdatabot.gpg.key +enabled=1 +sslverify=1 +sslcacert=/etc/pki/tls/certs/ca-bundle.crt +priority=50 diff --git a/packaging/version b/packaging/version index cbec0de06..5b813750d 100644 --- a/packaging/version +++ b/packaging/version @@ -1 +1 @@ -v1.38.1 +v1.39.0 diff --git a/packaging/yaml.checksums b/packaging/yaml.checksums new file mode 100644 index 000000000..563c273d4 --- /dev/null +++ b/packaging/yaml.checksums @@ -0,0 +1 @@ +c642ae9b75fee120b2d96c712538bd2cf283228d2337df2cf2988e3c02678ef4 yaml-0.2.5.tar.gz diff --git a/packaging/yaml.version b/packaging/yaml.version new file mode 100644 index 000000000..3a4036fb4 --- /dev/null +++ b/packaging/yaml.version @@ -0,0 +1 @@ +0.2.5 -- cgit v1.2.3