From 98143120ddf05fbcbb46b253f4771ba40675e0b4 Mon Sep 17 00:00:00 2001 From: Gardar Thorsteinsson Date: Thu, 26 Sep 2019 10:59:00 +0000 Subject: [PATCH 1/3] Switched to systemd --- Dockerfile | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/Dockerfile b/Dockerfile index a6225fe..0e478fb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ # Based on appcontainers/nagios ############################################################ -FROM centos:latest +FROM centos/systemd MAINTAINER "Gardar Thorsteinsson" ENV ADAGIOS_HOST adagios.local @@ -112,34 +112,36 @@ RUN mv /etc/httpd/conf.d/thruk_cookie_auth_vhost.conf /etc/httpd/conf.d/thruk_co # Redirect root URL to /adagios RUN echo "RedirectMatch ^/$ /adagios" > /etc/httpd/conf.d/redirect.conf +RUN systemctl enable httpd +RUN systemctl enable naemon # Install supervisor and supervisor-quick. Service restarts are painfully slow # otherwise -RUN pip install supervisor -RUN pip install supervisor-quick +#RUN pip install supervisor +#RUN pip install supervisor-quick # Remove cache and default passwd files RUN rm -rf /var/cache/yum /etc/nagios/passwd /etc/thruk/htpasswd # Copy supervisor config over to the container -COPY supervisord.conf /etc/supervisord.conf +#COPY supervisord.conf /etc/supervisord.conf # Copy custom supervisor init.d script (for nagios start|stop) -COPY naemon-supervisor-wrapper.sh /usr/bin/naemon-supervisor-wrapper.sh -RUN sed -i 's|^\(nagios_init_script\)=\(.*\)$|\1="sudo /usr/bin/naemon-supervisor-wrapper.sh"|g' /etc/adagios/adagios.conf -RUN echo "naemon ALL=NOPASSWD: /usr/bin/naemon-supervisor-wrapper.sh" >> /etc/sudoers +#COPY naemon-supervisor-wrapper.sh /usr/bin/naemon-supervisor-wrapper.sh +#RUN sed -i 's|^\(nagios_init_script\)=\(.*\)$|\1="sudo /usr/bin/naemon-supervisor-wrapper.sh"|g' /etc/adagios/adagios.conf +#RUN echo "naemon ALL=NOPASSWD: /usr/bin/naemon-supervisor-wrapper.sh" >> /etc/sudoers # Create childlogdir -RUN mkdir /var/log/supervisor +#RUN mkdir /var/log/supervisor # Copy over our custom init script -COPY run.sh /usr/bin/run.sh +#COPY run.sh /usr/bin/run.sh # Make run.sh and supervisor wrapper script executable -RUN chmod 755 /usr/bin/run.sh /usr/bin/naemon-supervisor-wrapper.sh +#RUN chmod 755 /usr/bin/run.sh /usr/bin/naemon-supervisor-wrapper.sh -WORKDIR /etc/naemon +#WORKDIR /etc/naemon -ENTRYPOINT ["/bin/bash", "/usr/bin/run.sh"] +#ENTRYPOINT ["/bin/bash", "/usr/bin/run.sh"] EXPOSE 80 From 0430a304f15192fa7cb957c8ca6eeed8bbb1c4b0 Mon Sep 17 00:00:00 2001 From: Gardar Thorsteinsson Date: Thu, 26 Sep 2019 11:51:36 +0000 Subject: [PATCH 2/3] Readme updated --- Dockerfile | 19 ++++--------------- README.md | 12 ++++++++++++ naemon-supervisor-wrapper.sh | 11 ----------- run.sh | 3 ++- supervisord.conf | 34 ---------------------------------- 5 files changed, 18 insertions(+), 61 deletions(-) delete mode 100644 naemon-supervisor-wrapper.sh delete mode 100644 supervisord.conf diff --git a/Dockerfile b/Dockerfile index 0e478fb..7ba5633 100644 --- a/Dockerfile +++ b/Dockerfile @@ -120,26 +120,15 @@ RUN systemctl enable naemon #RUN pip install supervisor-quick # Remove cache and default passwd files -RUN rm -rf /var/cache/yum /etc/nagios/passwd /etc/thruk/htpasswd - -# Copy supervisor config over to the container -#COPY supervisord.conf /etc/supervisord.conf - -# Copy custom supervisor init.d script (for nagios start|stop) -#COPY naemon-supervisor-wrapper.sh /usr/bin/naemon-supervisor-wrapper.sh -#RUN sed -i 's|^\(nagios_init_script\)=\(.*\)$|\1="sudo /usr/bin/naemon-supervisor-wrapper.sh"|g' /etc/adagios/adagios.conf -#RUN echo "naemon ALL=NOPASSWD: /usr/bin/naemon-supervisor-wrapper.sh" >> /etc/sudoers - -# Create childlogdir -#RUN mkdir /var/log/supervisor +RUN rm -rf /var/cache/yum /etc/nagios/passwd # Copy over our custom init script #COPY run.sh /usr/bin/run.sh -# Make run.sh and supervisor wrapper script executable -#RUN chmod 755 /usr/bin/run.sh /usr/bin/naemon-supervisor-wrapper.sh +# Make run.sh script executable +#RUN chmod 755 /usr/bin/run.sh -#WORKDIR /etc/naemon +WORKDIR /etc/naemon #ENTRYPOINT ["/bin/bash", "/usr/bin/run.sh"] diff --git a/README.md b/README.md index fcdd3b0..2d17a71 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,18 @@ docker create \ Log in with user `thrukadmin` and password `thrukadmin` +## Building + +``` +git clone https://github.com/opinkerfi/docker-adagios-rpm.git +cd docker-adagios-rpm +docker build -t adagios_systemd_image . +docker run --cap-add=SYS_ADMIN --name adagios -v /sys/fs/cgroup:/sys/fs/cgroup -p 8080:80 -d adagios_systemd_image +``` + +Then you should be able to access http://localhost:8080 +Log in with user `thrukadmin` and password `thrukadmin` + ## Parameters The parameters are split into two halves, separated by a colon, the left hand side representing the host and the right the container side. diff --git a/naemon-supervisor-wrapper.sh b/naemon-supervisor-wrapper.sh deleted file mode 100644 index ac0162b..0000000 --- a/naemon-supervisor-wrapper.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/env bash - -if [[ "$1" = "status" ]] -then - # We need to return 1 if naemon is not running - status=$(supervisorctl status naemon) - echo $status - grep RUNNING > /dev/null <<< "$status" -else - supervisorctl "$1" naemon -fi diff --git a/run.sh b/run.sh index 0937cdf..ac1fa18 100644 --- a/run.sh +++ b/run.sh @@ -47,4 +47,5 @@ do [[ -x "$script" ]] && "$script" done -exec /usr/bin/supervisord -n -c /etc/supervisord.conf \ No newline at end of file +#systemctl restart httpd +#systemctl restart naemon diff --git a/supervisord.conf b/supervisord.conf deleted file mode 100644 index 3cf34c1..0000000 --- a/supervisord.conf +++ /dev/null @@ -1,34 +0,0 @@ -[unix_http_server] -file=/var/run/supervisor.sock - -[inet_http_server] -port=127.0.0.1:9001 - -[supervisord] -logfile=/var/log/supervisord.log -loglevel=info -pidfile=/var/run/supervisord.pid -nodaemon=false -childlogdir=/var/log/supervisor - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl=unix:///var/run/supervisor.sock - -[ctlplugin:quick] -supervisor.ctl_factory = supervisor_quick:make_quick_controllerplugin - -[program:httpd] -command=/usr/sbin/httpd -c "ErrorLog /dev/stdout" -DFOREGROUND -redirect_stderr=true - -[program:naemon] -command=/usr/bin/naemon /etc/naemon/naemon.cfg - -[program:npcd] -command=/usr/sbin/npcd -f /etc/pnp4nagios/npcd.cfg - -[group:naemon] -programs=httpd,naemon,npcd \ No newline at end of file From 5d16be5659b85287074568ac4f0531612f378f94 Mon Sep 17 00:00:00 2001 From: Gardar Thorsteinsson Date: Fri, 27 Sep 2019 12:00:21 +0000 Subject: [PATCH 3/3] Removed init script --- Dockerfile | 38 +++++++++++++++++++------------------- run.sh | 51 --------------------------------------------------- 2 files changed, 19 insertions(+), 70 deletions(-) delete mode 100644 run.sh diff --git a/Dockerfile b/Dockerfile index 7ba5633..f836b03 100644 --- a/Dockerfile +++ b/Dockerfile @@ -29,11 +29,11 @@ RUN yum --enablerepo=ok-testing install -y naemon naemon-livestatus git adagios # Lets make sure adagios can write to naemon configuration files, and that # it is a valid git repo so we have audit trail WORKDIR /etc/naemon -#RUN git config user.name "admin" -#RUN git config user.email "admin@adagios.local" -#RUN git init /etc/naemon -#UN git add . -#RUN git commit -a -m "Initial commit" +RUN git init /etc/naemon +RUN git config user.name "admin" +RUN git config user.email "admin@adagios.local" +RUN git add . +RUN git commit -a -m "Initial commit" # Fix permissions for naemon and pnp4nagios RUN chown -R naemon:naemon /etc/naemon /etc/adagios /var/lib/adagios /var/lib/pnp4nagios /var/log/pnp4nagios /var/spool/pnp4nagios /etc/pnp4nagios/process_perfdata.cfg /var/log/okconfig @@ -109,29 +109,29 @@ RUN pynag config --append cfg_dir=/etc/naemon/commands/ RUN mv /etc/httpd/conf.d/thruk_cookie_auth_vhost.conf /etc/httpd/conf.d/thruk_cookie_auth_vhost.conf.disabled +RUN htpasswd -b /etc/thruk/htpasswd "$ADAGIOS_USER" "$ADAGIOS_PASS" +RUN rm -f /etc/nagios/passwd +RUN ln -s /etc/thruk/htpasswd /etc/nagios/passwd + # Redirect root URL to /adagios RUN echo "RedirectMatch ^/$ /adagios" > /etc/httpd/conf.d/redirect.conf +# Fix permissions for naemon and pnp4nagios +RUN chown -R naemon:naemon /etc/naemon /etc/adagios /var/lib/adagios /var/lib/pnp4nagios /var/log/pnp4nagios /var/spool/pnp4nagios /etc/pnp4nagios/process_perfdata.cfg /var/log/okconfig +# ACL group permissions need g+rwx +RUN chmod g+rwx -R /etc/naemon /etc/adagios /var/lib/adagios /var/lib/pnp4nagios /var/log/pnp4nagios /var/spool/pnp4nagios /etc/pnp4nagios/process_perfdata.cfg /var/log/okconfig +RUN setfacl -R -m group:naemon:rwx -m d:group:naemon:rwx /etc/naemon/ /etc/adagios /var/lib/adagios /var/lib/pnp4nagios /var/log/pnp4nagios /var/spool/pnp4nagios /etc/pnp4nagios/process_perfdata.cfg /var/log/okconfig + +# Enable services RUN systemctl enable httpd RUN systemctl enable naemon -# Install supervisor and supervisor-quick. Service restarts are painfully slow -# otherwise -#RUN pip install supervisor -#RUN pip install supervisor-quick - -# Remove cache and default passwd files -RUN rm -rf /var/cache/yum /etc/nagios/passwd +RUN systemctl enable npcd -# Copy over our custom init script -#COPY run.sh /usr/bin/run.sh - -# Make run.sh script executable -#RUN chmod 755 /usr/bin/run.sh +# Remove yum cache +RUN rm -rf /var/cache/yum WORKDIR /etc/naemon -#ENTRYPOINT ["/bin/bash", "/usr/bin/run.sh"] - EXPOSE 80 VOLUME ["/etc/naemon", "/var/log/naemon"] diff --git a/run.sh b/run.sh deleted file mode 100644 index ac1fa18..0000000 --- a/run.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/usr/bin/env bash - -set -e - -ADAGIOS_HOST=${ADAGIOS_HOST:-localhost} -ADAGIOS_USER=${ADAGIOS_USER:-thrukadmin} -ADAGIOS_PASS=${ADAGIOS_PASS:-P@ssw0rd} -GIT_REPO=${GIT_REPO:-True} - -# Set password if htpasswd file does not exist yet -if [[ ! -f /etc/thruk/htpasswd ]] -then - htpasswd -c -b /etc/thruk/htpasswd "$ADAGIOS_USER" "$ADAGIOS_PASS" - ln -s /etc/thruk/htpasswd /etc/nagios/passwd -fi - -# Init git repo at /etc/naemon/ -if [[ "$GIT_REPO" = "true" && ! -d /etc/naemon/.git ]] -then - cd /etc/naemon - echo "passwd" > .gitignore - git init - git add . - git commit -m "Initial commit" - chown -R naemon /etc/naemon/.git -fi - -# Create necessary logfile structure -#touch /var/log/nagios/nagios.log -#for dir in /var/log/nagios/{archives,spool/checkresults} -#do -# if [[ ! -d "$dir" ]] -# then -# mkdir -p "$dir" -# fi -#done - -# Fix permissions for naemon and pnp4nagios -chown -R naemon:naemon /etc/naemon /etc/adagios /var/lib/adagios /var/lib/pnp4nagios /var/log/pnp4nagios /var/spool/pnp4nagios /etc/pnp4nagios/process_perfdata.cfg /var/log/okconfig -# ACL group permissions need g+rwx -chmod g+rwx -R /etc/naemon /etc/adagios /var/lib/adagios /var/lib/pnp4nagios /var/log/pnp4nagios /var/spool/pnp4nagios /etc/pnp4nagios/process_perfdata.cfg /var/log/okconfig -setfacl -R -m group:naemon:rwx -m d:group:naemon:rwx /etc/naemon/ /etc/adagios /var/lib/adagios /var/lib/pnp4nagios /var/log/pnp4nagios /var/spool/pnp4nagios /etc/pnp4nagios/process_perfdata.cfg /var/log/okconfig - -# Execute custom init scripts -for script in $(ls -1 /opt/*.sh 2> /dev/null) -do - [[ -x "$script" ]] && "$script" -done - -#systemctl restart httpd -#systemctl restart naemon