jackbenny/icinga-satellite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: jackbenny:0.1
Branches Tags
jackbenny:master
jackbenny:0.6.1 jackbenny:0.6 jackbenny:0.5 jackbenny:0.4 jackbenny:0.3 jackbenny:0.2 jackbenny:0.1.1-alpine jackbenny:0.1-alpine jackbenny:0.1
...
compare: jackbenny:0.6
Branches Tags
jackbenny:master
jackbenny:0.6.1 jackbenny:0.6 jackbenny:0.5 jackbenny:0.4 jackbenny:0.3 jackbenny:0.2 jackbenny:0.1.1-alpine jackbenny:0.1-alpine jackbenny:0.1

7 Commits
0.1 ... 0.6

Author SHA1 Message Date
Jack-Benny Persson
a9787275c0 Added support for ticket via secrets for Docker Swarm 2020-05-18 19:26:46 +02:00
Jack-Benny Persson
a4e073b3ae Switched to using Debian 10-slim 2020-05-01 21:53:28 +02:00
Jack-Benny Persson
1f7c040e57 Optimized Dockerfile to reduce layers and size 2020-05-01 01:26:47 +02:00
Jack-Benny Persson
9d8443680f Refactoring to follow some best practices 2020-05-01 00:15:39 +02:00
Jack-Benny Persson
6a64f09ea5 Added support for setting local timezone, and updated README 2020-04-29 20:12:16 +02:00
Jack-Benny Persson
6a4fc4dea7 Updated README with port-mapping and problems with Alpine 2020-04-29 17:16:16 +02:00
Jack-Benny Persson
ed61e2563c Merged updated README from alpine-branch 2020-04-28 21:26:36 +02:00
3 changed files with 89 additions and 11 deletions
Expand all files Collapse all files

18
Dockerfile
View File

@@ -1,14 +1,18 @@
FROM ubuntu:18.04
RUN apt-get update && apt-get upgrade -y && apt-get install wget gnupg expect -y && \
wget -O - https://packages.icinga.com/icinga.key | apt-key add -
RUN printf "deb http://packages.icinga.com/ubuntu icinga-bionic main\ndeb-src http://packages.icinga.com/ubuntu icinga-bionic main" > /etc/apt/sources.list.d/icinga2.list && \
apt-get update && apt-get install icinga2 -y && \
FROM debian:10-slim
LABEL maintainer="Jack-Benny Persson <jack-benny@cyberinfo.se>"
RUN apt-get update && apt-get install wget gnupg -y && \
printf "deb http://packages.icinga.com/debian icinga-buster main\ndeb-src http://packages.icinga.com/debian icinga-buster main" > /etc/apt/sources.list.d/icinga2.list && \
wget -O - https://packages.icinga.com/icinga.key | apt-key add - && \
apt-get update && apt-get --no-install-recommends install icinga2 monitoring-plugins tzdata -y && \
mkdir /run/icinga2 && chown nagios:nagios /run/icinga2 && \
mkdir -p /var/lib/icinga2/certs && \
chown -R nagios:nagios /var/lib/icinga2/certs
chown -R nagios:nagios /var/lib/icinga2/certs && \
apt-get remove -y wget gnupg && \
apt-get autoremove -y && \
apt-get clean
COPY create-satellite.sh /create-satellite.sh
COPY run-icinga.sh /run-icinga.sh
RUN chmod +x /create-satellite.sh ; chmod +x /run-icinga.sh
EXPOSE 5665
ENTRYPOINT ["/run-icinga.sh"]

72
README.md
View File

@@ -1,10 +1,41 @@
# icinga-satellite
An easy-to-use Dockerized Icinga2 satellite setup. It could be used as an
Icinga2 agent aswell, but I don't think that would make much sense. The goal
is instead to create an easy-to-deploy satellite Docker.
is instead to create an easy-to-deploy satellite image.
![Docker Image Size (latest by date)](https://img.shields.io/docker/image-size/jackbenny/icinga-satellite?sort=date)
![Docker Pulls](https://img.shields.io/docker/pulls/jackbenny/icinga-satellite)
![Docker Stars](https://img.shields.io/docker/stars/jackbenny/icinga-satellite)
![Docker Cloud Automated build](https://img.shields.io/docker/cloud/automated/jackbenny/icinga-satellite)
![Docker Cloud Build Status](https://img.shields.io/docker/cloud/build/jackbenny/icinga-satellite)
## Tags and their respective Dockerfile
### Main tags
* [0.6, latest](https://github.com/jackbenny/icinga-satellite/blob/master/Dockerfile)
* [0.5](https://github.com/jackbenny/icinga-satellite/blob/0.5/Dockerfile)
* [0.4](https://github.com/jackbenny/icinga-satellite/blob/0.4/Dockerfile)
* [0.3](https://github.com/jackbenny/icinga-satellite/blob/0.3/Dockerfile)
* [0.2](https://github.com/jackbenny/icinga-satellite/blob/0.2/Dockerfile)
* [0.1](https://github.com/jackbenny/icinga-satellite/blob/0.1/Dockerfile)
### Alpine tags (currently has some problems)
* [0.1.1-alpine](https://github.com/jackbenny/icinga-satellite/blob/0.1.1-alpine/Dockerfile)
* [0.1-alpine](https://github.com/jackbenny/icinga-satellite/blob/0.1-alpine/Dockerfile)
> **NOTE:** Currently there are some problems with the Alpine image.
> Use the *main images* instead, tagged *0.n*.
There are two available images for you to choose from. The main images (0.*n*) are based on
Debian 10-slim from tag 0.5 and up. Previous to 0.5 they were based on Ubuntu 18.04.
The main images uses Icinga2 from Icingas official repository.
The other images (0.*n*-alpine) are based on Alpine with Icinga2 from Alpines repository.
From 0.1.1-alpine and up, the Alpine images are built on the latest Alpine image. Previous to
0.1.1 they were based on Alpine 3.11.
## Environment variables
Everything is controlled using the follwing environment variables.
Everything is controlled using the following environment variables.
* **CN** is the Common Name of the satellite
* **ZONE** is the zone in which this satellite should be in. If no zone is specified
@@ -16,16 +47,23 @@ Everything is controlled using the follwing environment variables.
* **PARENTPORT** is the Icinga2 port on the parent host. Defaults to 5665.
* **TICKET** is the ticket you get from the master (if you are using Director
you find it under the Agent tab of the host).
* **TICKET_PATH** is the path to the ticket secrets file if you use Swarm and wants to use
secrets instead (to keep your ticket secure). The ticket should be on ONE line only
and be created as an external secret. This variable is optional and only apply for
Docker Swarm.
* **ACCEPT_CONFIG** takes a ***y*** or ***n*** value for yes or no. The default is
***n***.
***n***
* **ACCEPT_COMMANDS** takes a ***y*** or ***n*** value for yes or no. The default is
***n***.
***n***
* **DISABLE_CONFD** takes a ***y*** or ***n*** value for yes or no. The default is
***y***. This should be a sane default for most people.
* **LOCAL_TIMEZONE** sets the local timezone of the satellite. For example
*Europe/Stockholm* or *America/New_York*
## Example usage
```
#> docker run -d --name my-icinga-sat \
-p 5665:5665 \
-e CN=icinga-sat02.local \
-e PARENTHOST=icinga-master.local \
-e PARENTCN=icinga-master.local \
@@ -41,6 +79,9 @@ version: "3.8"
services:
my-icinga-sat:
image: jackbenny/icinga-satellite
ports:
- 5665:5665
restart:always
environment:
- CN=icinga-sat02.local
- ZONE=icinga-sat02.local
@@ -51,5 +92,28 @@ services:
- ACCEPT_CONFIG=y
- ACCEPT_COMMANDS=y
- DISABLE_CONFD=y
- LOCAL_TIMEZONE=Europe/Stockholm
```
## docker-compose.yml example with Docker secrets
```
version: "3.8"
services:
my-icinga-sat:
image: jackbenny/icinga-satellite
environment:
- CN=icinga-sat02.local
- PARENTHOST=icinga-master.local
- PARENTZONE=master
- TICKET_PATH=/var/run/secrets/ticket
- ACCEPT_CONFIG=y
- ACCEPT_COMMANDS=y
- DISABLE_CONFD=y
- LOCAL_TIMEZONE=Europe/Stockholm
secrets:
- ticket
secrets:
ticket:
external: true
```

10
create-satellite.sh
View File

@@ -29,6 +29,11 @@ else
ACCEPT_COMM=" "
fi
# Support for ticket via secrets for Docker Swarm
if [ ! -z "$TICKET_PATH" ]; then
TICKET=$(cat $TICKET_PATH)
fi
# Defaults to disable conf.d (so use "n" or anything else other than "y"
# to enable inclusion of conf.d directory)
if [ -z "$DISABLE_CONFD" ] || [ "$DISABLE_CONFD" == "y" ]; then
@@ -37,6 +42,11 @@ else
DISABLE_CONF=" "
fi
# Set the local timezone
if [ ! -z "$LOCAL_TIMEZONE" ]; then
ln -sf /usr/share/zoneinfo/"$LOCAL_TIMEZONE" /etc/localtime
fi
icinga2 pki new-cert --cn "$CN" \
--key /var/lib/icinga2/certs/"${CN}".key \
--cert /var/lib/icinga2/certs/"${CN}".crt