search

hiveco / conntrack_exporter

Prometheus exporter for tracking network connections
Apache License 2.0
136 stars 15 forks source link

docker-compose example #19

Closed brandonros closed 9 months ago

brandonros commented 9 months ago

I'm doing a weird example:

version: '3.8'

x-logging: &loki-logging
  driver: json-file
  options:
    tag: "{{.ImageName}}|{{.Name}}|{{.ImageFullID}}|{{.FullID}}"

services:
  postgres:
    container_name: postgres
    image: postgres:16.1
    restart: always
    environment:
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: redacted
      POSTGRES_DB: db
      PGDATA: /var/lib/postgresql/data/pgdata
    ports:
      - 5432:5432
    volumes:
      - ./pgdata:/var/lib/postgresql/data/pgdata
    logging: *loki-logging

  postgres_exporter:
    container_name: postgres_exporter
    image: prometheuscommunity/postgres-exporter:v0.15.0
    restart: always
    environment:
      DATA_SOURCE_NAME: postgresql://postgres:redacted@postgres:5432/db?sslmode=disable
    ports:
      - 9187:9187
    depends_on:
      - postgres

  prometheus:
    container_name: prometheus
    image: prom/prometheus:v2.49.1
    restart: always
    ports:
      - 9090:9090
    volumes:
      - ./prometheus.yml:/etc/prometheus/prometheus.yml
      - ./rules.yml:/etc/prometheus/rules.yml
      - ./prometheus:/prometheus
    command:
      - '--config.file=/etc/prometheus/prometheus.yml'
      - '--storage.tsdb.path=/prometheus'
      - '--web.console.libraries=/etc/prometheus/console_libraries'
      - '--web.console.templates=/etc/prometheus/consoles'
      - '--web.enable-lifecycle'
    logging: *loki-logging  

  node_exporter:
    container_name: node_exporter
    image: prom/node-exporter:v1.7.0
    restart: always
    volumes:
      - /proc:/host/proc:ro
      - /sys:/host/sys:ro
      - /:/rootfs:ro
    command:
      - '--path.procfs=/host/proc'
      - '--path.rootfs=/rootfs'
      - '--path.sysfs=/host/sys'
      - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)'
    ports:
      - 9100:9100
    depends_on:
      - prometheus
    logging: *loki-logging

  loki:
    container_name: loki
    image: grafana/loki:2.9.4
    restart: always
    ports:
      - 3100:3100
    volumes:
      - ./loki.yml:/etc/loki/loki.yml
    command: -config.file=/etc/loki/loki.yml
    logging: *loki-logging

  promtail:
    container_name: promtail
    image: grafana/promtail:2.9.4
    restart: always
    ports:
      - 9080:9080
    volumes:
      - ./promtail.yml:/etc/promtail/promtail.yml
      - /var/lib/docker/containers:/host/containers
    command: -config.file=/etc/promtail/promtail.yml
    logging: *loki-logging
    depends_on:
      - loki

  cadvisor:
    image: gcr.io/cadvisor/cadvisor:v0.47.2
    container_name: cadvisor
    restart: always
    volumes:
      - /:/rootfs:ro
      - /var/run:/var/run:rw
      - /sys:/sys:ro
      - /var/lib/docker/:/var/lib/docker:ro
    ports:
      - 8080:8080

  alertmanager:
    container_name: alertmanager
    image: prom/alertmanager:v0.26.0
    restart: always
    ports:
      - 9093:9093
    volumes:
      - ./alertmanager.yml:/etc/alertmanager/config.yml
      - ./alertmanager:/alertmanager
    command: --config.file=/etc/alertmanager/config.yml --storage.path=/alertmanager
    logging: *loki-logging

  grafana:
    container_name: grafana
    image: grafana/grafana:10.3.1
    restart: always
    ports:
      - 3000:3000
    environment:
      GF_PATHS_CONFIG: /etc/grafana/grafana.ini
      GF_PATHS_DATA: /var/lib/grafana
      GF_PATHS_HOME: /usr/share/grafana
      GF_PATHS_LOGS: /var/log/grafana
      GF_PATHS_PLUGINS: /var/lib/grafana/plugins
      GF_PATHS_PROVISIONING: /provisioning
    volumes:
      - ./grafana:/var/lib/grafana
      - ./provisioning:/provisioning
    depends_on:
      - prometheus
      - node_exporter
      - loki
      - cadvisor
    logging: *loki-logging

  conntrack_exporter:
    container_name: conntrack_exporter
    image: hiveco/conntrack_exporter:0.3.1
    restart: always
    ports:
      - 9318:9318
    cap_add:
      - NET_ADMIN
    logging: *loki-logging

  thinkorswim_scraper:
    container_name: thinkorswim_scraper
    build:
      context: ../
      dockerfile: Dockerfile
    restart: always
    volumes:
      - ../.env:/home/runner/.env
    depends_on:
      - postgres
    logging: *loki-logging

I don't think I can do network: host here... do I need to? I feel like that will conflict with my prometheus scraper config:

global:
  scrape_interval: 15s
  external_labels:
    monitor: 'my-project'

rule_files:
  - rules.yml

alerting:
  alertmanagers:
    - scheme: http
      static_configs:
      - targets:
        - alertmanager:9093

scrape_configs:
  - job_name: 'prometheus'
    static_configs:
      - targets: ['prometheus:9090']

  - job_name: 'postgres_exporter'
    static_configs:
      - targets: ['postgres_exporter:9187']

  - job_name: 'node_exporter'
    static_configs:
      - targets: ['node_exporter:9100']

  - job_name: 'cadvisor'
    static_configs:
      - targets: ['cadvisor:8080']

  - job_name: 'alertmanager'
    static_configs:
      - targets: ['alertmanager:9093']

  - job_name: 'loki'
    static_configs:
      - targets: ['loki:3100']

  - job_name: 'promtail'
    static_configs:
      - targets: ['promtail:9080']

  - job_name: 'grafana'
    static_configs:
      - targets: ['grafana:3000']

  - job_name: 'conntrack_exporter'
    static_configs:
      - targets: ['conntrack_exporter:9318']
brandonros commented 9 months ago

I tried a few different things:

In Prometheus container error:

image

Out of the container confirmation "it works":

image 
prometheus:
    container_name: prometheus
    image: prom/prometheus:v2.49.1
    restart: always
    ports:
      - 9090:9090
    volumes:
      - ./prometheus.yml:/etc/prometheus/prometheus.yml
      - ./rules.yml:/etc/prometheus/rules.yml
      - ./prometheus:/prometheus
    command:
      - '--config.file=/etc/prometheus/prometheus.yml'
      - '--storage.tsdb.path=/prometheus'
      - '--web.console.libraries=/etc/prometheus/console_libraries'
      - '--web.console.templates=/etc/prometheus/consoles'
      - '--web.enable-lifecycle'
    extra_hosts:
      - 'host.docker.internal:host-gateway'
    logging: *loki-logging 
conntrack_exporter:
    container_name: conntrack_exporter
    image: hiveco/conntrack_exporter:0.3.1
    restart: always
    ports:
      - 9318:9318
    cap_add:
      - NET_ADMIN
    network_mode: host
    logging: *loki-logging

Not quite sure what else to try

brandonros commented 9 months ago

I tried https://github.com/qoomon/docker-host

I tried

    extra_hosts:
      - 'host.docker.internal:host-gateway'
osboxes@osboxes:~$ docker exec -it prometheus sh
/prometheus $ cat /etc/hosts
127.0.0.1   localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.1  host.docker.internal
172.21.0.2  05a18583dfab
/prometheus $ wget
BusyBox v1.36.1 (2023-12-04 22:44:12 UTC) multi-call binary.

Usage: wget [-cqS] [--spider] [-O FILE] [-o LOGFILE] [--header STR]
    [--post-data STR | --post-file FILE] [-Y on/off]
    [--no-check-certificate] [-P DIR] [-U AGENT] [-T SEC] URL...

Retrieve files via HTTP or FTP

    --spider    Only check URL existence: $? is 0 if exists
    --header STR    Add STR (of form 'header: value') to headers
    --post-data STR Send STR using POST method
    --post-file FILE    Send FILE using POST method
    --no-check-certificate  Don't validate the server's certificate
    -c      Continue retrieval of aborted transfer
    -q      Quiet
    -P DIR      Save to DIR (default .)
    -S          Show server response
    -T SEC      Network read timeout is SEC seconds
    -O FILE     Save to FILE ('-' for stdout)
    -o LOGFILE  Log messages to FILE
    -U STR      Use STR for User-Agent header
    -Y on/off   Use proxy
/prometheus $ wget http://host.docker.internal:9318
Connecting to host.docker.internal:9318 (172.17.0.1:9318)

times out... weird

brandonros commented 9 months ago

I had ufw issues.