alpine-netdata

Deprecation Warning

This image has been deprecated and no updates (or support) may be available in future. Even though it is a container, it may or may not keep working as expected, use at your own risk.

Container for Alpine Linux + S6 + GNU LibC + Netdata

This image serves as a host or container monitor using Netdata. Usually coupled with my alpine-influxdb image which has the OpenTSDB listener enabled to collect the metrics, and alpine-grafana to visualize the metrics.

Based on Alpine Linux from the s6 image with netdata installed in it. Versioned accordingly with releases from /netdata/netdata.

Get the Image¶

Docker Hub

Pull the image from Docker Hub.

docker pull woahbase/alpine-netdata

Image Tags

The image is tagged respectively for the following architectures,

latest tag is retagged from x86_64, so pulling without any tag fetches you that image. For any other architectures specify the tag for that architecture. e.g. for armv8 or aarch64 host it is alpine-netdata:aarch64.

non-x86_64 images used to contain the embedded qemu-user-static binary which has been redundant for a while, and is being deprecated starting with our Alpine Linux v3.22 base-image release, see qemu-user-static or the more recent binfmt instead for running multi-arch containers.

Run¶

Running the container starts the host monitor service.

docker run --rm -it \
  --cap-add SYS_PTRACE \
  --name docker_netdata \
  -p 19999:19999 \
  -v /etc/hosts:/etc/hosts:ro \
  -v /etc/localtime:/etc/localtime:ro \
  -v /proc:/host/proc:ro \
  -v /sys:/host/sys:ro \
  -v $PWD/netdata:/etc/netdata \
woahbase/alpine-netdata:x86_64

Multi-Arch Support

If you want to run images built for other architectures on the same host (e.g. a x86_64 machine), you will need to have the specific binary format support configured on your host machine before running the image (otherwise you get an exec format error). Here's how,

binfmtqemu-user-static

For recent images, we can use tonistiigi's binfmt image to register binary execution support for the target architecture, like the following,

docker run --rm --privileged tonistiigi/binfmt --install <architecture>

Architecture is that of the image we're trying to run, can be arm64 for aarch64, arm for both armv7l and armhf, or amd64 for x86_64. See binfmt.

Previously, multiarch, had made it easy for us by packing qemu into an image, so we could just run

docker run --rm --privileged multiarch/qemu-user-static --reset -p yes

However, that image (see qemu-user-static) seems to have fallen behind in updates, and with newer images the binfmt method is preferable.

Now images built for other architectures will also be executable. This is optional though, without the above, you can still run the image that is specifically made to support your host architecture.

Configuration¶

Configs are read from /etc/netdata/netdata.conf. Use the sample or mount your own here. The example above has the /proc and /sys mounted, and privilege to monitor the host.

Stop the container with a timeout, (defaults to 2 seconds)

docker stop -t 2 docker_netdata

Restart the container with

docker restart docker_netdata

Removes the container, (always better to stop it first and -f only when needed most)

docker rm -f docker_netdata

Shell access¶

Get a shell inside a already running container,

docker exec -it docker_netdata /bin/bash

Optionally, login as a non-root user, (default is alpine)

docker exec -u alpine -it docker_netdata /bin/bash

Or set user/group id e.g 1000/1000,

docker exec -u 1000:1000 -it docker_netdata /bin/bash

Logs¶

To check logs of a running container in real time

docker logs -f docker_netdata

As-A-Service¶

Run the container as a service with the following as reference (and modify it as needed).

compose

With docker-compose (alpine-netdata.yml)

---
services:
  netdata:
    cap_add:
      - SYS_PTRACE
    container_name: netdata
    # depends_on:
    #   - rsyslog
    deploy:
      mode: global
      restart_policy:
        condition: on-failure
        delay: 10s
        max_attempts: 5
        window: 120s
    # environment:
    #   TZ: ${TZ}
    # healthcheck:
    #   interval: 2m
    #   retries: 5
    #   start_period: 5m
    #   test:
    #   - CMD
    #   - curl
    #   - -f
    #   - http://localhost:19999/
    #   timeout: 10s
    hostname: netdata
    image: woahbase/alpine-netdata:${NETDATA_TAG:-latest}
    network_mode: bridge
    ports:
      - protocol: tcp
        host_ip: 0.0.0.0
        published: 19999
        target: 19999
    volumes:
      # - type: bind
      #   source: ${NETDATA_DIR:?err}/config/${HOSTNAME}.conf
      #   target: /etc/netdata/netdata.conf
      #   bind:
      #     create_host_path: false
      - type: bind
        source: /proc
        target: /host/proc
        read_only: true
        bind:
          create_host_path: false
      - type: bind
        source: /sys
        target: /host/sys
        read_only: true
        bind:
          create_host_path: false
      - type: bind
        source: /etc/localtime
        target: /etc/localtime
        read_only: true
        bind:
          create_host_path: false

Build Your Own¶

Feel free to clone (or fork) the repository and customize it for your own usage, build the image for yourself on your own systems, and optionally, push it to your own public (or private) repository.

Here's how...

Setting up¶

Before we clone the /repository, we must have Git, GNU make, and Docker (optionally, with buildx plugin for multi-platform images) setup on the machine. Also, for multi-platform annotations, we might require enabling experimental features of Docker.

Now, to get the code,

Github

Clone the repository with,

git clone https://github.com/woahbase/alpine-netdata
cd alpine-netdata

Always Check Before You Make!

Did you know, we could check what any make target is going to execute before we actually run them, with

make -n <targetname> <optional args>

Build and Test¶

To create the image for your architecture, run the build and test target with

make build test

For building an image that targets another architecture, it is required to specify the ARCH parameter when building. e.g.

aarch64armhfarmv7lx86_64

make build test ARCH=aarch64

make build test ARCH=armhf

make build test ARCH=armv7l

make build test ARCH=x86_64

Make to Run¶

Running the image creates a container and either starts a service (for service images) or provides a shell (can be either a root-shell or usershell) to execute commands in, depending on the image. We can run the image with

make run

But if we just need a root-shell in the container without any fance pre-tasks (e.g. for debug or to test something bespoke), we can run bash in the container with --entrypoint /bin/bash. This is wrapped in the makefile as

make shell

Nothing vs All vs Run vs Shell

By default, if make is run without any arguments, it calls the target all. In our case this is usually mapped to the target run (which in turn may be mapped to shell).

There may be more such targets defined as per the usage of the image. Check the makefile for more information.

Push the Image¶

If the build and test steps finish without any error, and we want to use the image on other machines, it is the next step push the image we built to a container image repository (like /hub), for that, run the push target with

make push

If the built image targets another architecture then it is required to specify the ARCH parameter when pushing. e.g.

aarch64armhfarmv7lx86_64

make push ARCH=aarch64

make push ARCH=armhf

make push ARCH=armv7l

make push ARCH=x86_64

That's all folks! Happy containerizing!

Maintenance¶

Sources at Github. Images at Docker Hub.

Maintained (or sometimes a lack thereof?) by WOAHBase.