dennisstritzke
commented
5 years ago Looks intriguing with some changes. How would you plan to deploy the container? I am curious as the exporter has to execute the ipsec statusall command.
Closed chuyeow closed 3 years ago
dennisstritzke
commented
5 years ago Looks intriguing with some changes. How would you plan to deploy the container? I am curious as the exporter has to execute the ipsec statusall command.
chuyeow
commented
5 years ago Ah 🤦🏻♂️ I should have checked first how the exporter gets the statuses of the connections. I assumed it worked after noticing some metrics but those were probably just zero values.
Hmm one way is to install ipsec (i.e. strongSwan) into this container as well - do you think that will work?
dennisstritzke
commented
5 years ago I don't know how the ipsec command collects the data. To determine different collection approaches one could dig into the strongswan code. Want to dig?
Generally, I would prefer a different collection method than the ipsec command call, but would also be willing to merge some ipsec command installation workaround. Any suggestions?
dennisstritzke
commented
3 years ago I will close this PR as the project is not using Glide anymore, which alters the Dockerfile significantly.
Build a Docker image containing just a binary and an
/etc/passwdfile (so that we can drop the running user to a non-privileged user).With a Dockerfile in place, we can now setup an Automated Build on Dockerhub to produce a Docker image (that I can conveniently pull and use in my Kubernetes cluster, for example).
This change is