From 5bf2c4af419de65b1d83c0a32b34c5f7bfd01c24 Mon Sep 17 00:00:00 2001 From: xcad2k <28359525+xcad2k@users.noreply.github.com> Date: Sun, 2 Jan 2022 12:37:45 +0100 Subject: [PATCH] documentation updates --- docker-compose/influxdb/README.md | 24 +++++++++++++++++++ docker-compose/influxdb/docker-compose.yml | 24 +++++++++++++++++++ docker-compose/portainer/README.md | 6 +++++ .../exporters/cadvisor/docker-compose.yml | 17 +++++++++++++ .../node_exporter/docker-compose.yml | 13 ++++++++++ 5 files changed, 84 insertions(+) create mode 100755 docker-compose/prometheus/exporters/cadvisor/docker-compose.yml create mode 100755 docker-compose/prometheus/exporters/node_exporter/docker-compose.yml diff --git a/docker-compose/influxdb/README.md b/docker-compose/influxdb/README.md index e69de29..a0f922d 100644 --- a/docker-compose/influxdb/README.md +++ b/docker-compose/influxdb/README.md @@ -0,0 +1,24 @@ +# Installation + +TODO: ... + +# Best-Practices & Post-Installation + +## Disable HTTP + +It's not secure to expose InfluxDB via the HTTP protocol. Follow these steps to enable HTTPS only. + +### (Option 1): Upload custom certificates + +TODO: Not tested in Docker-Compose... + +- [ ] Run the container with tls parameters +`influxd --tls-cert=/etc/ssl/cert.pem --tls-key=/etc/ssl/cert-key.pem` + +### (Option 2): Use a Reverse Proxy + +- [] Use a Reverse Proxy to securely expose administrative services. + +# Additional Referfences + +[Official InfluxDB Documentation](https://docs.influxdata.com/influxdb/v2.1/) \ No newline at end of file diff --git a/docker-compose/influxdb/docker-compose.yml b/docker-compose/influxdb/docker-compose.yml index e69de29..5c8602b 100644 --- a/docker-compose/influxdb/docker-compose.yml +++ b/docker-compose/influxdb/docker-compose.yml @@ -0,0 +1,24 @@ +version: '3' + +services: + influxdb: + container_name: influxdb + image: influxdb:2.1-alpine + ports: + - '8086:8086' + volumes: + - influxdb-data:/var/lib/influxdb2 + # # Automatically setup influxdb + # environment: + # - DOCKER_INFLUXDB_INIT_MODE=setup + # - DOCKER_INFLUXDB_INIT_USERNAME=my-user + # - DOCKER_INFLUXDB_INIT_PASSWORD=my-password + # - DOCKER_INFLUXDB_INIT_ORG=my-org + # - DOCKER_INFLUXDB_INIT_BUCKET=my-bucket + # # (optional) Configure Data Retention + # - DOCKER_INFLUXDB_INIT_RETENTION=1w + # # (optional) Admin Token + # - DOCKER_INFLUXDB_INIT_ADMIN_TOKEN=my-super-secret-auth-token + # # (optional) Configure TLS + # TODO: no tested + # command: influxd --tls-cert=/etc/ssl/cert.pem --tls-key=/etc/ssl/cert-key.pem \ No newline at end of file diff --git a/docker-compose/portainer/README.md b/docker-compose/portainer/README.md index 696e478..a9af322 100644 --- a/docker-compose/portainer/README.md +++ b/docker-compose/portainer/README.md @@ -1,5 +1,7 @@ # Installation +TODO: ... + ## Manage local environment Allows Portainer to manage the local Docker Environment @@ -17,6 +19,10 @@ Storing Data in a `portainer-data` volume on docker ``` # Best-Practices & Post-Installation +## Disable HTTP + +It's not secure to expose Portainer via the HTTP protocol. Follow these steps to enable HTTPS only. + ### (Option 1): Upload custom certificates - [ ] Upload your custom certificates diff --git a/docker-compose/prometheus/exporters/cadvisor/docker-compose.yml b/docker-compose/prometheus/exporters/cadvisor/docker-compose.yml new file mode 100755 index 0000000..6f015e2 --- /dev/null +++ b/docker-compose/prometheus/exporters/cadvisor/docker-compose.yml @@ -0,0 +1,17 @@ +--- +version: '3' + +services: + cadvisor: + image: google/cadvisor:latest + container_name: cadvisor + # ports: + # - "8080:8080" + volumes: + - /:/rootfs:ro + - /var/run:/var/run:ro + - /sys:/sys:ro + - /var/lib/docker/:/var/lib/docker:ro + - /dev/disk/:/dev/disk:ro + devices: + - /dev/kmsg \ No newline at end of file diff --git a/docker-compose/prometheus/exporters/node_exporter/docker-compose.yml b/docker-compose/prometheus/exporters/node_exporter/docker-compose.yml new file mode 100755 index 0000000..07ff1ef --- /dev/null +++ b/docker-compose/prometheus/exporters/node_exporter/docker-compose.yml @@ -0,0 +1,13 @@ +--- +version: '3.8' + +services: + node_exporter: + image: quay.io/prometheus/node-exporter:latest + container_name: node_exporter + command: + - '--path.rootfs=/host' + pid: host + restart: unless-stopped + volumes: + - '/:/host:ro,rslave' \ No newline at end of file