extern/zabbix-docker
1
0
Fork 0
mirror of https://github.com/zabbix/zabbix-docker.git synced 2025-04-11 12:58:53 +02:00
Code Issues Packages Projects Releases Wiki Activity

Resolved conflicts with 6.4 branch

Browse Source
This commit is contained in:
Alexey Pustovalov 2024-02-21 16:25:50 +09:00
commit 1b0819ab77
162 changed files with 3636 additions and 1216 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/ISSUE_TEMPLATE vendored
View File

@ -34,4 +34,4 @@
<!--- Paste verbatim command output between quotes -->
```paste below
```
```

48
.github/scripts/rhel_description.py vendored Normal file
View File

@ -0,0 +1,48 @@
import sys
import requests
import json
import markdown
import os
repository_description = None
if ("DESCRIPTION_FILE" not in os.environ or len(os.environ["DESCRIPTION_FILE"]) == 0):
print("::error::Description file environment variable is not specified")
sys.exit(1)
if ("PYXIS_API_TOKEN" not in os.environ or len(os.environ["PYXIS_API_TOKEN"]) == 0):
print("::error::API token environment variable is not specified")
sys.exit(1)
if ("API_URL" not in os.environ or len(os.environ["API_URL"]) == 0):
print("::error::API URL environment variable is not specified")
sys.exit(1)
if ("PROJECT_ID" not in os.environ or len(os.environ["PROJECT_ID"]) == 0):
print("RedHat project ID environment variable is not specified")
sys.exit(1)
if (os.path.isfile(os.environ["DESCRIPTION_FILE"] + '.html')):
file = open(os.environ["DESCRIPTION_FILE"] + '.html', mode='r')
repository_description = file.read()
file.close()
elif (os.path.isfile(os.environ["DESCRIPTION_FILE"] + '.md')):
file = open(os.environ["DESCRIPTION_FILE"] + '.md', mode='r')
markdown_data = file.read()
file.close()
repository_description=markdown.markdown(markdown_data)
if (repository_description is None or len(repository_description) == 0):
print("::error::No description file found")
sys.exit(1)
data = dict()
data['container'] = dict()
data['container']['repository_description'] = repository_description[:32768]
headers = {'accept' : 'application/json', 'X-API-KEY' : os.environ["PYXIS_API_TOKEN"], 'Content-Type' : 'application/json'}
result = requests.patch(os.environ["API_URL"] + os.environ["PROJECT_ID"],
headers = headers,
data = json.dumps(data))
print("::group::Result")
print("Response code: " + str(result.status_code))
print("Last update date: " + json.loads(result.content)['last_update_date'])
print("::endgroup::")

3
.github/workflows/dependency-review.yml vendored
View File

@ -11,6 +11,7 @@ on: [pull_request]
permissions:
contents: read
pull-requests: write
jobs:
dependency-review:
@ -28,4 +29,4 @@ jobs:
- name: 'Checkout Repository'
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: 'Dependency Review'
uses: actions/dependency-review-action@4901385134134e04cec5fbe5ddfe3b2c5bd5d976 # v4.0.0
uses: actions/dependency-review-action@be8bc500ee15e96754d2a6f2d34be14e945a46f3 # v4.1.2

355
.github/workflows/images_build.yml vendored
View File

@ -28,7 +28,7 @@ permissions:
env:
TRUNK_ONLY_EVENT: ${{ contains(fromJSON('["schedule"]'), github.event_name) }}
AUTO_PUSH_IMAGES: ${{ vars.AUTO_PUSH_IMAGES }}
AUTO_PUSH_IMAGES: ${{ ! contains(fromJSON('["workflow_dispatch"]'), github.event_name) && vars.AUTO_PUSH_IMAGES }}
DOCKER_REPOSITORY: ${{ vars.DOCKER_REPOSITORY }}
LATEST_BRANCH: ${{ github.event.repository.default_branch }}
@ -36,12 +36,17 @@ env:
IMAGES_PREFIX: "zabbix-"
BASE_BUILD_NAME: "build-base"
BASE_CACHE_FILE_NAME: "base_image_metadata.json"
BUILD_CACHE_FILE_NAME: "base_build_image_metadata.json"
MATRIX_FILE: "build.json"
DOCKERFILES_DIRECTORY: "./Dockerfiles"
OIDC_ISSUER: "https://token.actions.githubusercontent.com"
IDENITY_REGEX: "https://github.com/zabbix/zabbix-docker/.github/"
IDENTITY_REGEX: "https://github.com/zabbix/zabbix-docker/.github/"
DOCKER_REGISTRY_TEST: "ghcr.io"
DOCKER_REPOSITORY_TEST: "zabbix"
jobs:
init_build:
@ -63,7 +68,9 @@ jobs:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
objects.githubusercontent.com:443
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
@ -163,6 +170,7 @@ jobs:
permissions:
contents: read
id-token: write
packages: write
steps:
- name: Block egress traffic
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
@ -193,6 +201,7 @@ jobs:
ftpmirror.your.org:80
fulcio.sigstore.dev:443
github.com:443
ghcr.io:443
iad.mirror.rackspace.com:443
iad.mirror.rackspace.com:80
index.docker.io:443
@ -251,6 +260,7 @@ jobs:
uvermont.mm.fcix.net:443
yum.oracle.com:443
ziply.mm.fcix.net:443
pkg-containers.githubusercontent.com:443
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
@ -259,11 +269,13 @@ jobs:
fetch-depth: 1
- name: Install cosign
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4
with:
cosign-release: 'v2.2.3'
- name: Check cosign version
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
run: cosign version
- name: Set up QEMU
@ -277,12 +289,6 @@ jobs:
with:
driver-opts: image=moby/buildkit:master
- name: Login to DockerHub
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Prepare Platform list
id: platform
env:
@ -302,37 +308,85 @@ jobs:
id: meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
images: ${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGES_PREFIX }}${{ env.BASE_BUILD_NAME }}
images: |
${{ format('{0}/{1}/{2}{3}', env.DOCKER_REGISTRY_TEST, env.DOCKER_REPOSITORY_TEST, env.IMAGES_PREFIX, env.BASE_BUILD_NAME ) }},enable=${{ env.AUTO_PUSH_IMAGES != 'true' }}
${{ format('{0}/{1}{2}', env.DOCKER_REPOSITORY, env.IMAGES_PREFIX, env.BASE_BUILD_NAME ) }},enable=${{ env.AUTO_PUSH_IMAGES == 'true' }}
context: ${{ env.TRUNK_ONLY_EVENT == 'true' && 'git' || '' }}
tags: |
type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},prefix=${{ matrix.os }}-
type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},suffix=-${{ matrix.os }}
type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,prefix=${{ matrix.os }}-,suffix=-latest
type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,suffix=-${{ matrix.os }}-latest
type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' && !contains(fromJSON('["workflow_dispatch"]'), github.event_name) }},event=branch,prefix=${{ matrix.os }}-,suffix=-latest
type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' && !contains(fromJSON('["workflow_dispatch"]'), github.event_name) }},event=branch,suffix=-${{ matrix.os }}-latest
type=raw,enable=${{ (needs.init_build.outputs.current_branch != 'trunk') && (needs.init_build.outputs.is_default_branch == 'true') }},value=${{matrix.os}}-latest
type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,prefix=${{ matrix.os }}-
type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,suffix=-${{ matrix.os }}
type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' || contains(fromJSON('["workflow_dispatch"]'), github.event_name) }},event=branch,suffix=-${{ matrix.os }}
flavor: |
latest=${{ (needs.init_build.outputs.current_branch != 'trunk') && (matrix.os == 'alpine') && ( needs.init_build.outputs.is_default_branch == 'true' ) }}
latest=${{ (matrix.os == 'alpine') && (!contains(fromJSON('["workflow_dispatch"]'), github.event_name)) && ( needs.init_build.outputs.is_default_branch == 'true' ) }}
- name: Prepare cache data
id: cache_data
env:
IMAGE_TAG: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
PUBLISH_IMAGES: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
run: |
cache_from=()
cache_to=()
cache_from+=("type=gha,scope=${IMAGE_TAG}")
#cache_from+=("type=registry,ref=${IMAGE_TAG}")
cache_to+=("type=gha,mode=max,scope=${IMAGE_TAG}")
echo "::group::Cache from data"
echo "${cache_from[*]}"
echo "::endgroup::"
echo "::group::Cache to data"
echo "${cache_to[*]}"
echo "::endgroup::"
cache_from=$(printf '%s\n' "${cache_from[@]}")
cache_to=$(printf '%s\n' "${cache_to[@]}")
echo 'cache_from<<EOF' >> "$GITHUB_OUTPUT"
echo "$cache_from" >> "$GITHUB_OUTPUT"
echo 'EOF' >> "$GITHUB_OUTPUT"
echo 'cache_to<<EOF' >> "$GITHUB_OUTPUT"
echo "$cache_to" >> "$GITHUB_OUTPUT"
echo 'EOF' >> "$GITHUB_OUTPUT"
- name: Login to DockerHub
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to ${{ env.DOCKER_REGISTRY_TEST }}
if: ${{ env.AUTO_PUSH_IMAGES != 'true' }}
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
registry: ${{ env.DOCKER_REGISTRY_TEST }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and publish image
id: docker_build
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: ${{ env.DOCKERFILES_DIRECTORY }}/${{ env.BASE_BUILD_NAME }}/${{ matrix.os }}
file: ${{ env.DOCKERFILES_DIRECTORY }}/${{ env.BASE_BUILD_NAME }}/${{ matrix.os }}/Dockerfile
context: ${{ format('{0}/{1}/{2}', env.DOCKERFILES_DIRECTORY, env.BASE_BUILD_NAME, matrix.os) }}
file: ${{ format('{0}/{1}/{2}/Dockerfile', env.DOCKERFILES_DIRECTORY, env.BASE_BUILD_NAME, matrix.os) }}
platforms: ${{ steps.platform.outputs.list }}
push: ${{ env.AUTO_PUSH_IMAGES }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: |
org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
cache-from: |
type=gha,scope=${{ fromJSON(steps.meta.outputs.json).tags[0] }}
type=registry,ref=docker.io/${{ fromJSON(steps.meta.outputs.json).tags[0] }}
cache-to: type=gha,mode=max,scope=${{ fromJSON(steps.meta.outputs.json).tags[0] }}
cache-from: ${{ steps.cache_data.outputs.cache_from }}
cache-to: ${{ steps.cache_data.outputs.cache_to }}
- name: Sign the images with GitHub OIDC Token
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
env:
DIGEST: ${{ steps.docker_build.outputs.digest }}
TAGS: ${{ steps.meta.outputs.tags }}
@ -351,24 +405,24 @@ jobs:
cosign sign --yes ${images}
echo "::endgroup::"
- name: Image digest
- name: Image metadata
env:
DIGEST: ${{ steps.docker_build.outputs.digest }}
CACHE_FILE_NAME: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}
CACHE_FILE_NAME: ${{ env.BASE_CACHE_FILE_NAME }}
METADATA: ${{ steps.docker_build.outputs.metadata }}
run: |
echo "::group::Image digest"
echo "$DIGEST"
echo "::group::Image metadata"
echo "${METADATA}"
echo "::endgroup::"
echo "::group::Cache file name"
echo "$CACHE_FILE_NAME"
echo "${CACHE_FILE_NAME}"
echo "::endgroup::"
echo "$DIGEST" > "$CACHE_FILE_NAME"
echo "${METADATA}" > "$CACHE_FILE_NAME"
- name: Cache image digest
- name: Cache image metadata
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}
path: ${{ env.BASE_CACHE_FILE_NAME }}
key: ${{ env.BASE_BUILD_NAME }}-${{ matrix.os }}-${{ github.run_id }}
build_base_database:
@ -380,11 +434,11 @@ jobs:
matrix:
build: ${{ fromJson(needs.init_build.outputs.database) }}
os: ${{ fromJson(needs.init_build.outputs.os) }}
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
packages: write
steps:
- name: Block egress traffic
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
@ -401,6 +455,7 @@ jobs:
golang.org:443
google.golang.org:443
gopkg.in:443
ghcr.io:443
index.docker.io:443
noto-website.storage.googleapis.com:443
production.cloudflare.docker.com:443
@ -412,6 +467,7 @@ jobs:
objects.githubusercontent.com:443
tuf-repo-cdn.sigstore.dev:443
rekor.sigstore.dev:443
pkg-containers.githubusercontent.com:443
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
@ -420,11 +476,13 @@ jobs:
fetch-depth: 1
- name: Install cosign
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4
with:
cosign-release: 'v2.2.3'
- name: Check cosign version
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
run: cosign version
- name: Set up QEMU
@ -438,12 +496,6 @@ jobs:
with:
driver-opts: image=moby/buildkit:master
- name: Login to DockerHub
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Prepare Platform list
id: platform
env:
@ -463,82 +515,127 @@ jobs:
id: meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
images: ${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGES_PREFIX }}${{ matrix.build }}
images: |
${{ format('{0}/{1}/{2}{3}', env.DOCKER_REGISTRY_TEST, env.DOCKER_REPOSITORY_TEST, env.IMAGES_PREFIX, matrix.build ) }},enable=${{ env.AUTO_PUSH_IMAGES != 'true' }}
${{ format('{0}/{1}{2}', env.DOCKER_REPOSITORY, env.IMAGES_PREFIX, matrix.build ) }},enable=${{ env.AUTO_PUSH_IMAGES == 'true' }}
context: ${{ env.TRUNK_ONLY_EVENT == 'true' && 'git' || '' }}
tags: |
type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},prefix=${{ matrix.os }}-
type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},suffix=-${{ matrix.os }}
type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,prefix=${{ matrix.os }}-,suffix=-latest
type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,suffix=-${{ matrix.os }}-latest
type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' && (!contains(fromJSON('["workflow_dispatch"]'), github.event_name)) }},event=branch,prefix=${{ matrix.os }}-,suffix=-latest
type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' && (!contains(fromJSON('["workflow_dispatch"]'), github.event_name)) }},event=branch,suffix=-${{ matrix.os }}-latest
type=raw,enable=${{ (needs.init_build.outputs.current_branch != 'trunk') && (needs.init_build.outputs.is_default_branch == 'true') }},value=${{matrix.os}}-latest
type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,prefix=${{ matrix.os }}-
type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,suffix=-${{ matrix.os }}
type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' || contains(fromJSON('["workflow_dispatch"]'), github.event_name) }},event=branch,suffix=-${{ matrix.os }}
flavor: |
latest=${{ (needs.init_build.outputs.current_branch != 'trunk') && (matrix.os == 'alpine') && ( needs.init_build.outputs.is_default_branch == 'true' ) }}
latest=${{ (matrix.os == 'alpine') && (!contains(fromJSON('["workflow_dispatch"]'), github.event_name)) && ( needs.init_build.outputs.is_default_branch == 'true' ) }}
- name: Download SHA256 tag of ${{ env.BASE_BUILD_NAME }}:${{ matrix.os }}
- name: Download metadata of ${{ env.BASE_BUILD_NAME }}:${{ matrix.os }}
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}
path: ${{ env.BASE_CACHE_FILE_NAME }}
key: ${{ env.BASE_BUILD_NAME }}-${{ matrix.os }}-${{ github.run_id }}
- name: Retrieve ${{ env.BASE_BUILD_NAME }}:${{ matrix.os }} SHA256 tag
- name: Process ${{ env.BASE_BUILD_NAME }}:${{ matrix.os }} image metadata
id: base_build
env:
MATRIX_OS: ${{ matrix.os }}
DOCKER_REPOSITORY: ${{ env.DOCKER_REPOSITORY }}
BASE_IMAGE: ${{ env.BASE_BUILD_NAME }}
IMAGES_PREFIX: ${{ env.IMAGES_PREFIX }}
CACHE_FILE_NAME: ${{ env.BASE_CACHE_FILE_NAME }}
run: |
BASE_TAG=$(cat "${BASE_IMAGE}_${MATRIX_OS}")
BUILD_BASE_IMAGE="${DOCKER_REPOSITORY}/${IMAGES_PREFIX}${BASE_IMAGE}@${BASE_TAG}"
echo "::group::Base build image information"
echo "base_tag=${BASE_TAG}"
echo "base_build_image=${BUILD_BASE_IMAGE}"
echo "::group::Base image metadata"
cat "${CACHE_FILE_NAME}"
echo "::endgroup::"
echo "base_tag=${BASE_TAG}" >> $GITHUB_OUTPUT
echo "base_build_image=${BUILD_BASE_IMAGE}" >> $GITHUB_OUTPUT
IMAGE_DIGEST=$(jq -r '."containerimage.digest"' "${CACHE_FILE_NAME}")
IMAGE_NAME=$(jq -r '."image.name"' "${CACHE_FILE_NAME}" | cut -d: -f1)
echo "base_build_image=${IMAGE_NAME}@${IMAGE_DIGEST}" >> $GITHUB_OUTPUT
- name: Verify ${{ env.BASE_BUILD_NAME }}:${{ matrix.os }} cosign
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
env:
BASE_IMAGE: ${{ steps.base_build.outputs.base_build_image }}
OIDC_ISSUER: ${{ env.OIDC_ISSUER }}
IDENITY_REGEX: ${{ env.IDENITY_REGEX }}
IDENTITY_REGEX: ${{ env.IDENTITY_REGEX }}
run: |
echo "::group::Image sign data"
echo "OIDC issuer=$OIDC_ISSUER"
echo "Identity=$IDENITY_REGEX"
echo "Identity=$IDENTITY_REGEX"
echo "Image to verify=$BASE_IMAGE"
echo "::endgroup::"
echo "::group::Verify signature"
cosign verify \
--certificate-oidc-issuer-regexp "$OIDC_ISSUER" \
--certificate-identity-regexp "$IDENITY_REGEX" \
--certificate-identity-regexp "$IDENTITY_REGEX" \
"$BASE_IMAGE"
echo "::endgroup::"
- name: Prepare cache data
id: cache_data
env:
BASE_IMAGE_TAG: ${{ steps.base_build.outputs.base_build_image }}
IMAGE_TAG: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
PUBLISH_IMAGES: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
run: |
cache_from=()
cache_to=()
cache_from+=("type=gha,scope=${BASE_IMAGE_TAG}")
cache_from+=("type=registry,ref=${BASE_IMAGE_TAG}")
cache_from+=("type=gha,scope=${IMAGE_TAG}")
cache_from+=("type=registry,ref=${IMAGE_TAG}")
cache_to+=("type=gha,mode=max,scope=${IMAGE_TAG}")
echo "::group::Cache from data"
echo "${cache_from[*]}"
echo "::endgroup::"
echo "::group::Cache to data"
echo "${cache_to[*]}"
echo "::endgroup::"
cache_from=$(printf '%s\n' "${cache_from[@]}")
cache_to=$(printf '%s\n' "${cache_to[@]}")
echo 'cache_from<<EOF' >> "$GITHUB_OUTPUT"
echo "$cache_from" >> "$GITHUB_OUTPUT"
echo 'EOF' >> "$GITHUB_OUTPUT"
echo 'cache_to<<EOF' >> "$GITHUB_OUTPUT"
echo "$cache_to" >> "$GITHUB_OUTPUT"
echo 'EOF' >> "$GITHUB_OUTPUT"
- name: Login to DockerHub
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to ${{ env.DOCKER_REGISTRY_TEST }}
if: ${{ env.AUTO_PUSH_IMAGES != 'true' }}
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
registry: ${{ env.DOCKER_REGISTRY_TEST }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build ${{ matrix.build }}/${{ matrix.os }} and push
id: docker_build
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: ${{ env.DOCKERFILES_DIRECTORY }}/${{ matrix.build }}/${{ matrix.os }}
file: ${{ env.DOCKERFILES_DIRECTORY }}/${{ matrix.build }}/${{ matrix.os }}/Dockerfile
context: ${{ format('{0}/{1}/{2}/', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
file: ${{ format('{0}/{1}/{2}/Dockerfile', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
platforms: ${{ steps.platform.outputs.list }}
push: ${{ env.AUTO_PUSH_IMAGES }}
push: true
tags: ${{ steps.meta.outputs.tags }}
build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }}
labels: |
org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
cache-from: |
type=gha,scope=${{ steps.base_build.outputs.base_build_image }}
type=registry,ref=${{ steps.base_build.outputs.base_build_image }}
cache-to: type=gha,mode=max,scope=${{ fromJSON(steps.meta.outputs.json).tags[0] }}
- name: Sign the images with GitHub OIDC Token
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
env:
DIGEST: ${{ steps.docker_build.outputs.digest }}
TAGS: ${{ steps.meta.outputs.tags }}
@ -557,23 +654,24 @@ jobs:
cosign sign --yes ${images}
echo "::endgroup::"
- name: Image digest
- name: Image metadata
env:
DIGEST: ${{ steps.docker_build.outputs.digest }}
CACHE_FILE_NAME: ${{ matrix.build }}_${{ matrix.os }}
CACHE_FILE_NAME: ${{ env.BUILD_CACHE_FILE_NAME }}
METADATA: ${{ steps.docker_build.outputs.metadata }}
run: |
echo "::group::Image digest"
echo "$DIGEST"
echo "::group::Image metadata"
echo "${METADATA}"
echo "::endgroup::"
echo "::group::Cache file name"
echo "$CACHE_FILE_NAME"
echo "${CACHE_FILE_NAME}"
echo "::endgroup::"
echo "$DIGEST" > $CACHE_FILE_NAME
- name: Caching SHA256 tag of the image
echo "${METADATA}" > "$CACHE_FILE_NAME"
- name: Cache image metadata
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: ${{ matrix.build }}_${{ matrix.os }}
path: ${{ env.BUILD_CACHE_FILE_NAME }}
key: ${{ matrix.build }}-${{ matrix.os }}-${{ github.run_id }}
build_images:
@ -590,6 +688,7 @@ jobs:
permissions:
contents: read
id-token: write
packages: write
steps:
- name: Block egress traffic
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
@ -670,6 +769,7 @@ jobs:
pubmirror1.math.uh.edu:443
pubmirror3.math.uh.edu:80
quay.io:443
ghcr.io:443
registry-1.docker.io:443
repo.ialab.dsu.edu:80
repos.eggycrew.com:80
@ -708,6 +808,7 @@ jobs:
objects.githubusercontent.com:443
tuf-repo-cdn.sigstore.dev:443
rekor.sigstore.dev:443
pkg-containers.githubusercontent.com:443
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
@ -716,11 +817,13 @@ jobs:
fetch-depth: 1
- name: Install cosign
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4
with:
cosign-release: 'v2.2.3'
- name: Check cosign version
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
run: cosign version
- name: Set up QEMU
@ -734,12 +837,6 @@ jobs:
with:
driver-opts: image=moby/buildkit:master
- name: Login to DockerHub
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Prepare Platform list
id: platform
env:
@ -788,98 +885,107 @@ jobs:
id: meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
images: ${{ env.DOCKER_REPOSITORY }}/${{ env.IMAGES_PREFIX}}${{ matrix.build }}
images: |
${{ format('{0}/{1}/{2}{3}', env.DOCKER_REGISTRY_TEST, env.DOCKER_REPOSITORY_TEST, env.IMAGES_PREFIX, matrix.build ) }},enable=${{ env.AUTO_PUSH_IMAGES != 'true' }}
${{ format('{0}/{1}{2}', env.DOCKER_REPOSITORY, env.IMAGES_PREFIX, matrix.build ) }},enable=${{ env.AUTO_PUSH_IMAGES == 'true' }}
context: ${{ env.TRUNK_ONLY_EVENT == 'true' && 'git' || '' }}
tags: |
type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},prefix=${{ matrix.os }}-
type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},suffix=-${{ matrix.os }}
type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,prefix=${{ matrix.os }}-,suffix=-latest
type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,suffix=-${{ matrix.os }}-latest
type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' && !contains(fromJSON('["workflow_dispatch"]'), github.event_name) }},event=branch,prefix=${{ matrix.os }}-,suffix=-latest
type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' && !contains(fromJSON('["workflow_dispatch"]'), github.event_name) }},event=branch,suffix=-${{ matrix.os }}-latest
type=raw,enable=${{ (needs.init_build.outputs.current_branch != 'trunk') && (needs.init_build.outputs.is_default_branch == 'true') }},value=${{matrix.os}}-latest
type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,prefix=${{ matrix.os }}-
type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,suffix=-${{ matrix.os }}
type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' || contains(fromJSON('["workflow_dispatch"]'), github.event_name) }},event=branch,suffix=-${{ matrix.os }}
flavor: |
latest=${{ (needs.init_build.outputs.current_branch != 'trunk') && (matrix.os == 'alpine') && ( needs.init_build.outputs.is_default_branch == 'true' ) }}
latest=${{ (matrix.os == 'alpine') && (!contains(fromJSON('["workflow_dispatch"]'), github.event_name)) && ( needs.init_build.outputs.is_default_branch == 'true' ) }}
- name: Download SHA256 tag of ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }}
- name: Download metadata of ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }}
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
if: ${{ matrix.build != 'snmptraps' }}
with:
path: ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.os }}
path: ${{ env.BUILD_CACHE_FILE_NAME }}
key: ${{ steps.build_base_image.outputs.build_base }}-${{ matrix.os }}-${{ github.run_id }}
- name: Retrieve ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }} SHA256 tag
- name: Process ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }} image metadata
id: base_build
if: ${{ matrix.build != 'snmptraps' }}
env:
BUILD_BASE: ${{ steps.build_base_image.outputs.build_base }}
MATRIX_OS: ${{ matrix.os }}
DOCKER_REPOSITORY: ${{ env.DOCKER_REPOSITORY }}
IMAGES_PREFIX: ${{ env.IMAGES_PREFIX }}
CACHE_FILE_NAME: ${{ env.BUILD_CACHE_FILE_NAME }}
run: |
BASE_TAG=$(cat "${BUILD_BASE}_${MATRIX_OS}")
BUILD_BASE_IMAGE=${DOCKER_REPOSITORY}/${IMAGES_PREFIX}${BUILD_BASE}@${BASE_TAG}
echo "::group::Base build image information"
echo "base_tag=${BASE_TAG}"
echo "base_build_image=${BUILD_BASE_IMAGE}"
echo "::group::Base build image metadata"
cat "${CACHE_FILE_NAME}"
echo "::endgroup::"
echo "base_tag=${BASE_TAG}" >> $GITHUB_OUTPUT
echo "base_build_image=${BUILD_BASE_IMAGE}" >> $GITHUB_OUTPUT
IMAGE_DIGEST=$(jq -r '."containerimage.digest"' "${CACHE_FILE_NAME}")
IMAGE_NAME=$(jq -r '."image.name"' "${CACHE_FILE_NAME}" | cut -d: -f1)
echo "base_build_image=${IMAGE_NAME}@${IMAGE_DIGEST}" >> $GITHUB_OUTPUT
- name: Verify ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.os }} cosign
if: ${{ matrix.build != 'snmptraps' }}
if: ${{ matrix.build != 'snmptraps' && env.AUTO_PUSH_IMAGES == 'true' }}
env:
BASE_IMAGE: ${{ steps.base_build.outputs.base_build_image }}
OIDC_ISSUER: ${{ env.OIDC_ISSUER }}
IDENITY_REGEX: ${{ env.IDENITY_REGEX }}
IDENTITY_REGEX: ${{ env.IDENTITY_REGEX }}
run: |
echo "::group::Image sign data"
echo "OIDC issuer=$OIDC_ISSUER"
echo "Identity=$IDENITY_REGEX"
echo "Image to verify=$BASE_IMAGE"
echo "OIDC issuer=${OIDC_ISSUER}"
echo "Identity=${IDENTITY_REGEX}"
echo "Image to verify=${BASE_IMAGE}"
echo "::endgroup::"
echo "::group::Verify signature"
cosign verify \
--certificate-oidc-issuer-regexp "$OIDC_ISSUER" \
--certificate-identity-regexp "$IDENITY_REGEX" \
"$BASE_IMAGE"
--certificate-oidc-issuer-regexp "${OIDC_ISSUER}" \
--certificate-identity-regexp "${IDENTITY_REGEX}" \
"${BASE_IMAGE}"
echo "::endgroup::"
- name: Prepare cache data
if: ${{ matrix.build != 'snmptraps' }}
id: cache_data
env:
BASE_IMAGE_TAG: ${{ steps.base_build.outputs.base_build_image }}
run: |
cache_images=""
if [[ ! -z "$BASE_IMAGE_TAG" ]]; then
cache_images="type=gha,scope=$BASE_IMAGE_TAG"$'\n'"type=registry,ref=$BASE_IMAGE_TAG"
fi
cache_from=()
cache_to=()
echo "::group::Base images cache"
echo "$cache_images"
cache_from+=("type=registry,ref=${BASE_IMAGE_TAG}")
echo "::group::Cache from data"
echo "${cache_from[*]}"
echo "::endgroup::"
echo "cache_from=$cache_images" >> $GITHUB_OUTPUT
cache_from=$(printf '%s\n' "${cache_from[@]}")
echo 'cache_from<<EOF' >> "$GITHUB_OUTPUT"
echo "$cache_from" >> "$GITHUB_OUTPUT"
echo 'EOF' >> "$GITHUB_OUTPUT"
- name: Login to DockerHub
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push image
id: docker_build
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: ${{ env.DOCKERFILES_DIRECTORY }}/${{ matrix.build }}/${{ matrix.os }}
file: ${{ env.DOCKERFILES_DIRECTORY }}/${{ matrix.build }}/${{ matrix.os }}/Dockerfile
context: ${{ format('{0}/{1}/{2}', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
file: ${{ format('{0}/{1}/{2}/Dockerfile', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
platforms: ${{ steps.platform.outputs.list }}
push: ${{ env.AUTO_PUSH_IMAGES }}
push: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
tags: ${{ steps.meta.outputs.tags }}
build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }}
labels: |
org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
cache-from: ${{ steps.cache_data.outputs.cache_from }}
- name: Sign the images with GitHub OIDC Token
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
env:
DIGEST: ${{ steps.docker_build.outputs.digest }}
TAGS: ${{ steps.meta.outputs.tags }}
@ -898,10 +1004,11 @@ jobs:
cosign sign --yes ${images}
echo "::endgroup::"
- name: Image digest
- name: Image metadata
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
env:
DIGEST: ${{ steps.docker_build.outputs.digest }}
METADATA: ${{ steps.docker_build.outputs.metadata }}
run: |
echo "::group::Image digest"
echo "$DIGEST"
echo "::group::Image metadata"
echo "${METADATA}"
echo "::endgroup::"

453
.github/workflows/images_build_rhel.yml vendored
View File

@ -29,7 +29,8 @@ permissions:
contents: read
env:
AUTO_PUSH_IMAGES: ${{ contains(fromJSON('["workflow_dispatch", "push"]'), github.event_name) && 'false' || vars.AUTO_PUSH_IMAGES }}
TRUNK_ONLY_EVENT: ${{ contains(fromJSON('["schedule"]'), github.event_name) }}
AUTO_PUSH_IMAGES: ${{ ! contains(fromJSON('["workflow_dispatch", "push"]'), github.event_name) && vars.AUTO_PUSH_IMAGES }}
LATEST_BRANCH: ${{ github.event.repository.default_branch }}
TRUNK_GIT_BRANCH: "refs/heads/trunk"
@ -47,6 +48,9 @@ env:
PREFLIGHT_IMAGE: "quay.io/opdev/preflight:stable"
PFLT_LOGLEVEL: "warn"
PFLT_ARTIFACTS: "/tmp/artifacts"
IMAGE_DIR: "/tmp/images"
RHEL_BUILD: "true"
jobs:
init_build:
@ -54,8 +58,10 @@ jobs:
runs-on: ubuntu-latest
permissions:
contents: read
actions: write
outputs:
platforms: ${{ steps.platform_list.outputs.list }}
database: ${{ steps.database.outputs.list }}
components: ${{ steps.components.outputs.list }}
is_default_branch: ${{ steps.branch_info.outputs.is_default_branch }}
current_branch: ${{ steps.branch_info.outputs.current_branch }}
@ -68,12 +74,15 @@ jobs:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
objects.githubusercontent.com:443
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 1
sparse-checkout: ${{ env.MATRIX_FILE }}
- name: Check ${{ env.MATRIX_FILE }} file
id: build_exists
@ -98,12 +107,25 @@ jobs:
echo "list=$platform_list" >> $GITHUB_OUTPUT
- name: Prepare Database engine list
id: database
env:
MATRIX_FILE: ${{ env.MATRIX_FILE }}
run: |
database_list=$(jq -r '[.components | map_values(select(.rhel == true)) | values[].base ] | sort | unique | del(.. | select ( . == "" ) ) | @json' "$MATRIX_FILE")
echo "::group::Database List"
echo "$database_list"
echo "::endgroup::"
echo "list=$database_list" >> $GITHUB_OUTPUT
- name: Prepare Zabbix component list
id: components
env:
MATRIX_FILE: ${{ env.MATRIX_FILE }}
run: |
component_list=$(jq -r '.components |map_values(select(.rhel == true)) | keys | @json' "$MATRIX_FILE")
component_list=$(jq -r '.components | map_values(select(.rhel == true)) | keys | @json' "$MATRIX_FILE")
echo "::group::Zabbix Component List"
echo "$component_list"
@ -131,7 +153,7 @@ jobs:
result=true
fi
echo "::group::Branch data"
echo "::group::Branch metadata"
echo "is_default_branch - $result"
echo "current_branch - $github_ref"
echo "secret_prefix=RHEL_${github_ref//.}"
@ -143,7 +165,27 @@ jobs:
echo "secret_prefix=RHEL_${github_ref//.}" >> $GITHUB_OUTPUT
echo "sha_short=$sha_short" >> $GITHUB_OUTPUT
- name: Cleanup existing cache
shell: bash
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPO: ${{ github.repository }}
BRANCH: ${{ steps.branch_info.outputs.current_branch }}
GH_RUN_ID: ${{ github.run_id }}
run: |
gh extension install actions/gh-actions-cache
cache_keys=$(gh actions-cache list -R "${REPO}" -B "${BRANCH}" -L 100 --sort created-at --order desc | cut -f 1)
## Setting this to not fail the workflow while deleting cache keys
set +e
echo "Deleting caches..."
for cache_key in $cache_keys
do
if [[ "$cache_key" == *"${GH_RUN_ID}" ]]; then
gh actions-cache delete $cache_key -R "${REPO}" -B "${BRANCH}" --confirm
fi
done
build_base:
timeout-minutes: 30
@ -164,11 +206,13 @@ jobs:
fetch-depth: 1
- name: Install cosign
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4
with:
cosign-release: 'v2.2.3'
- name: Check cosign version
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
run: cosign version
- name: Fix string case
@ -186,52 +230,106 @@ jobs:
tags: |
type=sha,suffix=-${{ steps.lc.outputs.arch }}
- name: Build Zabbix Build Base
- name: Build image
id: build_image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2.12
with:
context: ${{ env.DOCKERFILES_DIRECTORY }}/${{ matrix.build }}/rhel
context: ${{ format('{0}/{1}/rhel', env.DOCKERFILES_DIRECTORY, matrix.build) }}
layers: false
tags: ${{ steps.meta.outputs.tags }}
containerfiles: |
${{ env.DOCKERFILES_DIRECTORY }}/${{ matrix.build }}/rhel/Dockerfile
extra-args: |
--pull
--iidfile=${{ github.workspace }}/iidfile
- name: Image digest
- name: Image metadata
id: image_metadata
env:
IMAGE_TAG: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
IMAGE_TAG: ${{ steps.build_image.outputs.image-with-tag }}
CACHE_FILE_NAME: ${{ env.BASE_BUILD_NAME }}_${{ matrix.arch }}
GITHUB_WORKSPACE: ${{ github.workspace }}
run: |
DIGEST=$(podman inspect ${IMAGE_TAG} --format "{{ index .RepoDigests 0}}" | cut -d '@' -f2)
echo "::group::Image digest"
echo "$DIGEST"
TAG_ID=$(cat $GITHUB_WORKSPACE/iidfile)
echo "::group::Image tag"
echo "image_tag=$IMAGE_TAG"
echo "::endgroup::"
echo "::group::Image Tag ID"
echo "tag_id=$TAG_ID"
echo "::endgroup::"
echo "::group::Cache file name"
echo "$CACHE_FILE_NAME"
echo "::endgroup::"
echo "$DIGEST" > "$CACHE_FILE_NAME"
echo "$TAG_ID" > "${CACHE_FILE_NAME}_tag_id"
echo "$IMAGE_TAG" > "${CACHE_FILE_NAME}_tag"
- name: Cache image digest
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
echo "image_tag_id=${TAG_ID}" >> $GITHUB_OUTPUT
echo "image_tag=${IMAGE_TAG}" >> $GITHUB_OUTPUT
- name: Cache image metadata
uses: actions/cache/save@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.arch }}
path: |
${{ env.BASE_BUILD_NAME }}_${{ matrix.arch }}_tag_id
${{ env.BASE_BUILD_NAME }}_${{ matrix.arch }}_tag
key: ${{ env.BASE_BUILD_NAME }}-${{ matrix.arch }}-${{ github.run_id }}
- name: Push image to local storage
id: push_image
env:
IMAGE_TAG: ${{ steps.image_metadata.outputs.image_tag }}
IMAGE_TAG_ID: ${{ steps.image_metadata.outputs.image_tag_id }}
IMAGE_DIR: ${{ env.IMAGE_DIR }}
run: |
echo "::group::Result"
echo "Image ${IMAGE_TAG} location: \"${IMAGE_DIR}/${IMAGE_TAG_ID}\""
podman push "${IMAGE_TAG}" dir:"${IMAGE_DIR}/${IMAGE_TAG_ID}"
echo "::endgroup::"
- name: Post build image
if: ${{ success() || failure() }}
env:
GITHUB_WORKSPACE: ${{ github.workspace }}
run: |
echo "::group::Result"
rm -rf "$GITHUB_WORKSPACE/iidfile"
echo "Removing working containers"
buildah rm -a 2>/dev/null || true
echo "Removing container data in storage not controlled by podman"
podman system prune --external 2>/dev/null
echo "Removing all unused container data with volumes"
podman system prune -a --volumes -f 2>/dev/null
echo "Reseting podman storage to default state"
podman system reset -f 2>/dev/null || true
echo "::endgroup::"
- name: Check on failures
if: ${{ (cancelled() || failure()) && ( steps.push_image.outcome == 'failure' || steps.push_image.outcome == 'cancelled') }}
env:
IMAGE_TAG_ID: ${{ steps.image_metadata.outputs.image_tag_id }}
IMAGE_DIR: ${{ env.IMAGE_DIR }}
run: |
echo "::group::Removing orphaned image"
rm -rf "${IMAGE_DIR}/${IMAGE_TAG_ID}"
echo "::endgroup::"
build_base_database:
timeout-minutes: 180
timeout-minutes: 90
needs: [ "build_base", "init_build"]
name: Build ${{ matrix.build }} base (${{ matrix.arch }})
strategy:
fail-fast: false
matrix:
build: [build-mysql, build-sqlite3]
build: ${{ fromJson(needs.init_build.outputs.database) }}
arch: ${{ fromJson(needs.init_build.outputs.platforms) }}
runs-on: [self-hosted, linux, "${{ matrix.arch }}"]
permissions:
contents: read
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
@ -245,6 +343,43 @@ jobs:
run: |
echo "arch=${ARCH,,}" >> $GITHUB_OUTPUT
- name: Download metadata of ${{ env.BASE_BUILD_NAME }}:${{ matrix.arch }}
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: |
${{ env.BASE_BUILD_NAME }}_${{ matrix.arch }}_tag_id
${{ env.BASE_BUILD_NAME }}_${{ matrix.arch }}_tag
key: ${{ env.BASE_BUILD_NAME }}-${{ matrix.arch }}-${{ github.run_id }}
- name: Pull ${{ env.BASE_BUILD_NAME }}:${{ matrix.arch }} image from local storage
id: base_build
env:
MATRIX_ARCH: ${{ matrix.arch }}
BASE_IMAGE: ${{ env.BASE_BUILD_NAME }}
IMAGES_PREFIX: ${{ env.IMAGES_PREFIX }}
run: |
BASE_TAG_ID=$(cat "${BASE_IMAGE}_${MATRIX_ARCH}_tag_id")
BASE_IMAGE_TAG=$(cat "${BASE_IMAGE}_${MATRIX_ARCH}_tag")
echo "::group::Pull image"
echo "podman pull dir:\"${IMAGE_DIR}/${BASE_TAG_ID}\""
podman pull dir:"${IMAGE_DIR}/${BASE_TAG_ID}"
echo "::endgroup::"
echo "::group::Tag image"
echo "podman tag \"${BASE_TAG_ID}\" \"${BASE_IMAGE_TAG}\""
podman tag "${BASE_TAG_ID}" "${BASE_IMAGE_TAG}"
echo "::endgroup::"
echo "::group::SHA256 tag"
DIGEST=$(podman inspect "${BASE_TAG_ID}" --format '{{ .Digest }}')
BASE_BUILD_IMAGE="${IMAGES_PREFIX}${BASE_IMAGE}@${DIGEST}"
echo "base_build_image=${BASE_BUILD_IMAGE}"
echo "::endgroup::"
echo "base_build_image=${BASE_BUILD_IMAGE}" >> $GITHUB_OUTPUT
- name: Generate tags
id: meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
@ -253,64 +388,96 @@ jobs:
tags: |
type=sha,suffix=-${{ steps.lc.outputs.arch }}
- name: Download SHA256 tag of ${{ env.BASE_BUILD_NAME }}:${{ matrix.arch }}
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.arch }}
key: ${{ env.BASE_BUILD_NAME }}-${{ matrix.arch }}-${{ github.run_id }}
- name: Retrieve ${{ env.BASE_BUILD_NAME }}:${{ matrix.arch }} SHA256 tag
id: base_build
env:
MATRIX_ARCH: ${{ matrix.arch }}
BASE_IMAGE: ${{ env.BASE_BUILD_NAME }}
IMAGES_PREFIX: ${{ env.IMAGES_PREFIX }}
run: |
BASE_TAG=$(cat "${BASE_IMAGE}_${MATRIX_ARCH}")
BUILD_BASE_IMAGE="${IMAGES_PREFIX}${BASE_IMAGE}@${BASE_TAG}"
echo "::group::Base build image information"
echo "base_tag=${BASE_TAG}"
echo "base_build_image=${BUILD_BASE_IMAGE}"
echo "::endgroup::"
echo "base_tag=${BASE_TAG}" >> $GITHUB_OUTPUT
echo "base_build_image=${BUILD_BASE_IMAGE}" >> $GITHUB_OUTPUT
- name: Build Zabbix Build Base
- name: Build image
id: build_image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2.12
with:
context: ${{ env.DOCKERFILES_DIRECTORY }}/${{ matrix.build }}/rhel
context: ${{ format('{0}/{1}/rhel', env.DOCKERFILES_DIRECTORY, matrix.build) }}
layers: false
tags: ${{ steps.meta.outputs.tags }}
containerfiles: |
${{ env.DOCKERFILES_DIRECTORY }}/${{ matrix.build }}/rhel/Dockerfile
build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }}
extra-args: |
--iidfile=${{ github.workspace }}/iidfile
- name: Image digest
- name: Prepare image metadata
id: image_metadata
env:
IMAGE_TAG: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
IMAGE_TAG: ${{ steps.build_image.outputs.image-with-tag }}
CACHE_FILE_NAME: ${{ matrix.build }}_${{ matrix.arch }}
GITHUB_WORKSPACE: ${{ github.workspace }}
run: |
DIGEST=$(podman inspect ${IMAGE_TAG} --format "{{ index .RepoDigests 0}}" | cut -d '@' -f2)
echo "::group::Image digest"
echo "$DIGEST"
TAG_ID=$(cat $GITHUB_WORKSPACE/iidfile)
echo "::group::Image tag"
echo "image_tag=$IMAGE_TAG"
echo "::endgroup::"
echo "::group::Image Tag ID"
echo "tag_id=$TAG_ID"
echo "::endgroup::"
echo "::group::Cache file name"
echo "$CACHE_FILE_NAME"
echo "::endgroup::"
echo "$DIGEST" > "$CACHE_FILE_NAME"
echo "$TAG_ID" > "${CACHE_FILE_NAME}_tag_id"
echo "$IMAGE_TAG" > "${CACHE_FILE_NAME}_tag"
- name: Cache image digest
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
echo "image_tag_id=${TAG_ID}" >> $GITHUB_OUTPUT
echo "image_tag=${IMAGE_TAG}" >> $GITHUB_OUTPUT
- name: Cache image metadata
uses: actions/cache/save@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: ${{ matrix.build }}_${{ matrix.arch }}
path: |
${{ matrix.build }}_${{ matrix.arch }}_tag_id
${{ matrix.build }}_${{ matrix.arch }}_tag
key: ${{ matrix.build }}-${{ matrix.arch }}-${{ github.run_id }}
- name: Push image to local storage
id: push_image
env:
IMAGE_TAG: ${{ steps.image_metadata.outputs.image_tag }}
IMAGE_TAG_ID: ${{ steps.image_metadata.outputs.image_tag_id }}
IMAGE_DIR: ${{ env.IMAGE_DIR }}
run: |
echo "::group::Result"
echo "podman push \"${IMAGE_TAG}\" dir:\"${IMAGE_DIR}/${IMAGE_TAG_ID}\""
podman push "${IMAGE_TAG}" dir:"${IMAGE_DIR}/${IMAGE_TAG_ID}"
echo "::endgroup::"
- name: Post build image
if: ${{ success() || failure() }}
env:
GITHUB_WORKSPACE: ${{ github.workspace }}
run: |
echo "::group::Result"
rm -rf "$GITHUB_WORKSPACE/iidfile"
echo "Removing working containers"
buildah rm -a 2>/dev/null || true
echo "Removing container data in storage not controlled by podman"
podman system prune --external 2>/dev/null
echo "Removing all unused container data with volumes"
podman system prune -a --volumes -f 2>/dev/null
echo "Reseting podman storage to default state"
podman system reset -f 2>/dev/null || true
echo "::endgroup::"
- name: Check on failures
if: ${{ (cancelled() || failure()) && ( steps.push_image.outcome == 'failure' || steps.push_image.outcome == 'cancelled') }}
env:
IMAGE_TAG_ID: ${{ steps.image_metadata.outputs.image_tag_id }}
IMAGE_DIR: ${{ env.IMAGE_DIR }}
run: |
echo "::group::Removing orphaned image"
rm -rf "${IMAGE_DIR}/${IMAGE_TAG_ID}"
echo "::endgroup::"
build_images:
timeout-minutes: 90
timeout-minutes: 30
needs: [ "build_base_database", "init_build"]
name: Build ${{ matrix.build }} image (${{ matrix.arch }})
strategy:
@ -321,7 +488,6 @@ jobs:
runs-on: [self-hosted, linux, "${{ matrix.arch }}"]
permissions:
contents: read
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
@ -335,6 +501,7 @@ jobs:
run: |
MATRIX_BUILD=${MATRIX_BUILD^^}
MATRIX_BUILD=${MATRIX_BUILD//-/_}
echo "::group::Result"
echo "matrix_build=${MATRIX_BUILD}"
echo "::endgroup::"
@ -342,6 +509,7 @@ jobs:
- name: Detect Build Base Image
id: build_base_image
if: ${{ matrix.build != 'snmptraps' }}
env:
MATRIX_BUILD: ${{ matrix.build }}
MATRIX_FILE: ${{ env.MATRIX_FILE }}
@ -354,6 +522,44 @@ jobs:
echo "build_base=${BUILD_BASE}" >> $GITHUB_OUTPUT
- name: Download metadata of ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.arch }}
if: ${{ matrix.build != 'snmptraps' }}
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: |
${{ steps.build_base_image.outputs.build_base }}_${{ matrix.arch }}_tag_id
${{ steps.build_base_image.outputs.build_base }}_${{ matrix.arch }}_tag
key: ${{ steps.build_base_image.outputs.build_base }}-${{ matrix.arch }}-${{ github.run_id }}
- name: Pull ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.arch }} image
id: base_build
if: ${{ matrix.build != 'snmptraps' }}
env:
MATRIX_ARCH: ${{ matrix.arch }}
BASE_IMAGE: ${{ steps.build_base_image.outputs.build_base }}
IMAGES_PREFIX: ${{ env.IMAGES_PREFIX }}
run: |
BASE_TAG_ID=$(cat "${BASE_IMAGE}_${MATRIX_ARCH}_tag_id")
BASE_IMAGE_TAG=$(cat "${BASE_IMAGE}_${MATRIX_ARCH}_tag")
echo "::group::Pull image"
echo "podman pull dir:\"${IMAGE_DIR}/${BASE_TAG_ID}\""
podman pull dir:"${IMAGE_DIR}/${BASE_TAG_ID}"
echo "::endgroup::"
echo "::group::Tag image"
echo "podman tag \"${BASE_TAG_ID}\" \"${BASE_IMAGE_TAG}\""
podman tag "${BASE_TAG_ID}" "${BASE_IMAGE_TAG}"
echo "::endgroup::"
echo "::group::SHA256 tag"
DIGEST=$(podman inspect "${BASE_TAG_ID}" --format '{{ .Digest }}')
BASE_BUILD_IMAGE="${IMAGES_PREFIX}${BASE_IMAGE}@${DIGEST}"
echo "digest=${BASE_BUILD_IMAGE}"
echo "::endgroup::"
echo "base_build_image=${BASE_BUILD_IMAGE}" >> $GITHUB_OUTPUT
- name: Remove smartmontools
if: ${{ matrix.build == 'agent2' }}
env:
@ -365,7 +571,7 @@ jobs:
id: meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
images: ${{ env.REGISTRY }}/${{ env.REGISTRY_NAMESPACE }}/${{ secrets[format('{0}_{1}_PROJECT', needs.init_build.outputs.secret_prefix, steps.var_format.outputs.matrix_build)] }}
images: ${{ env.REGISTRY }}/${{ env.REGISTRY_NAMESPACE }}/${{ secrets[format('{0}_{1}_PROJECT', needs.init_build.outputs.secret_prefix, steps.var_format.outputs.matrix_build)] || matrix.build }}
tags: |
type=semver,pattern={{version}}
type=sha
@ -373,37 +579,11 @@ jobs:
latest=${{ github.event_name == 'release' }}
suffix=${{ matrix.arch == 'ARM64' && '-arm64' || '' }},onlatest=true
- name: Download SHA256 tag of ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.arch }}
if: ${{ matrix.build != 'snmptraps' }}
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: ${{ steps.build_base_image.outputs.build_base }}_${{ matrix.arch }}
key: ${{ steps.build_base_image.outputs.build_base }}-${{ matrix.arch }}-${{ github.run_id }}
- name: Retrieve ${{ steps.build_base_image.outputs.build_base }}:${{ matrix.arch }} SHA256 tag
id: base_build
if: ${{ matrix.build != 'snmptraps' }}
env:
MATRIX_ARCH: ${{ matrix.arch }}
BASE_IMAGE: ${{ steps.build_base_image.outputs.build_base }}
IMAGES_PREFIX: ${{ env.IMAGES_PREFIX }}
run: |
BASE_TAG=$(cat "${BASE_IMAGE}_${MATRIX_ARCH}")
BUILD_BASE_IMAGE="${IMAGES_PREFIX}${BASE_IMAGE}@${BASE_TAG}"
echo "::group::Base build image information"
echo "base_tag=${BASE_TAG}"
echo "base_build_image=${BUILD_BASE_IMAGE}"
echo "::endgroup::"
echo "base_tag=${BASE_TAG}" >> $GITHUB_OUTPUT
echo "base_build_image=${BUILD_BASE_IMAGE}" >> $GITHUB_OUTPUT
- name: Build image
id: build_image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2.12
with:
context: ${{ env.DOCKERFILES_DIRECTORY }}/${{ matrix.build }}/rhel
context: ${{ format('{0}/{1}/rhel', env.DOCKERFILES_DIRECTORY, matrix.build) }}
layers: false
tags: ${{ steps.meta.outputs.tags }}
labels: |
@ -411,9 +591,12 @@ jobs:
org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
containerfiles: |
${{ env.DOCKERFILES_DIRECTORY }}/${{ matrix.build }}/rhel/Dockerfile
extra-args: |
--pull
--iidfile=${{ github.workspace }}/iidfile
build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }}
- name: Log in to Quay.io
- name: Log in to ${{ env.REGISTRY }}
uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1.6
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
with:
@ -429,7 +612,7 @@ jobs:
with:
tags: ${{ steps.meta.outputs.tags }}
- name: Preflight
- name: Preflight certification
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
env:
PFLT_DOCKERCONFIG: /tmp/.docker_${{ matrix.build }}_${{ matrix.arch }}_${{ needs.init_build.outputs.sha_short }}
@ -441,7 +624,7 @@ jobs:
PREFLIGHT_IMAGE: ${{ env.PREFLIGHT_IMAGE }}
run: |
mkdir -p $PFLT_ARTIFACTS
echo "::group::Pull preflight image"
echo "::group::Pull preflight \"$PREFLIGHT_IMAGE\" image"
podman pull "$PREFLIGHT_IMAGE"
echo "::endgroup::"
@ -462,70 +645,104 @@ jobs:
podman rmi -i -f "$PREFLIGHT_IMAGE"
echo "::endgroup::"
- name: Push to RedHat certification procedure (2nd)
- name: Push to RedHat certification procedure (all tags)
id: push_to_registry_all_tags
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2.7.1
with:
tags: ${{ steps.meta.outputs.tags }}
- name: Cleanup artifacts
if: ${{ always() }}
- name: Post Preflight certification
if: ${{ env.AUTO_PUSH_IMAGES == 'true' && (success() || failure()) }}
env:
PREFLIGHT_IMAGE: ${{ env.PREFLIGHT_IMAGE }}
PFLT_ARTIFACTS: ${{ env.PFLT_ARTIFACTS }}
TAGS: ${{ steps.meta.outputs.tags }}
run: |
echo "::group::Post build actions"
echo "$TAGS" | while IFS= read -r image_name ; do podman rmi -i -f "$image_name"; done
echo "::group::Result"
rm -rf "$PFLT_ARTIFACTS"
podman rmi -i -f "$PREFLIGHT_IMAGE"
echo "::endgroup::"
clean_artifacts:
timeout-minutes: 90
- name: Image digest
env:
GITHUB_WORKSPACE: ${{ github.workspace }}
run: |
TAG_ID=$(cat $GITHUB_WORKSPACE/iidfile)
echo "::group::Image digest"
echo "$TAG_ID"
echo "::endgroup::"
- name: Post build image
if: ${{ success() || failure() }}
env:
GITHUB_WORKSPACE: ${{ github.workspace }}
run: |
echo "::group::Result"
rm -rf "$GITHUB_WORKSPACE/iidfile"
echo "Removing working containers"
buildah rm -a 2>/dev/null || true
echo "Removing container data in storage not controlled by podman"
podman system prune --external 2>/dev/null
echo "Removing all unused container data with volumes"
podman system prune -a --volumes -f 2>/dev/null
echo "Reseting podman storage to default state"
podman system reset -f 2>/dev/null || true
echo "::endgroup::"
clear_artifacts:
timeout-minutes: 10
needs: [ "build_images", "init_build"]
name: Build ${{ matrix.build }} image (${{ matrix.arch }})
name: Clear ${{ matrix.build }} image cache (${{ matrix.arch }})
strategy:
fail-fast: false
matrix:
build: [build-mysql, build-sqlite3]
arch: [X64, ARM64]
build: ${{ fromJson(needs.init_build.outputs.database) }}
arch: ${{ fromJson(needs.init_build.outputs.platforms) }}
runs-on: [self-hosted, linux, "${{ matrix.arch }}"]
if: ${{ always() && needs.build_base_database.result == 'success' }}
if: ${{ needs.build_base_database.result == 'success' }}
permissions: {}
steps:
- name: Download SHA256 tag of ${{ matrix.build }}:${{ matrix.arch }}
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
- name: Download metadata of ${{ matrix.build }}:${{ matrix.arch }}
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: ${{ matrix.build }}_${{ matrix.arch }}
path: |
${{ matrix.build }}_${{ matrix.arch }}_tag_id
${{ matrix.build }}_${{ matrix.arch }}_tag
key: ${{ matrix.build }}-${{ matrix.arch }}-${{ github.run_id }}
- name: Remove ${{ matrix.build }}:${{ matrix.arch }} SHA256 tag
- name: Remove ${{ matrix.build }}:${{ matrix.arch }} cache
env:
MATRIX_ARCH: ${{ matrix.arch }}
BASE_IMAGE: ${{ matrix.build }}
IMAGES_PREFIX: ${{ env.IMAGES_PREFIX }}
CACHE_FILE_NAME: ${{ matrix.build }}_${{ matrix.arch }}
IMAGE_DIR: ${{ env.IMAGE_DIR }}
run: |
BASE_TAG=$(cat "${BASE_IMAGE}_${MATRIX_ARCH}")
BUILD_BASE_IMAGE="${IMAGES_PREFIX}${BASE_IMAGE}@${BASE_TAG}"
echo "::group::Result"
podman rmi -i -f "$BUILD_BASE_IMAGE"
BASE_TAG=$(cat "${CACHE_FILE_NAME}_tag_id")
echo "Removing ${IMAGE_DIR}/${BASE_TAG}"
rm -rf "${IMAGE_DIR}/${BASE_TAG}"
- name: Download SHA256 tag of ${{ env.BASE_BUILD_NAME }}:${{ matrix.arch }}
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
echo "::endgroup::"
- name: Download metadata of ${{ env.BASE_BUILD_NAME }}:${{ matrix.arch }}
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
with:
path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.arch }}
path: |
${{ env.BASE_BUILD_NAME }}_${{ matrix.arch }}_tag_id
${{ env.BASE_BUILD_NAME }}_${{ matrix.arch }}_tag
key: ${{ env.BASE_BUILD_NAME }}-${{ matrix.arch }}-${{ github.run_id }}
- name: Remove ${{ env.BASE_BUILD_NAME }}:${{ matrix.arch }} SHA256 tag
- name: Remove ${{ env.BASE_BUILD_NAME }}:${{ matrix.arch }} cache
env:
MATRIX_ARCH: ${{ matrix.arch }}
BASE_IMAGE: ${{ env.BASE_BUILD_NAME }}
IMAGES_PREFIX: ${{ env.IMAGES_PREFIX }}
CACHE_FILE_NAME: ${{ env.BASE_BUILD_NAME }}_${{ matrix.arch }}
IMAGE_DIR: ${{ env.IMAGE_DIR }}
run: |
BASE_TAG=$(cat "${BASE_IMAGE}_${MATRIX_ARCH}")
BUILD_BASE_IMAGE="${IMAGES_PREFIX}${BASE_IMAGE}@${BASE_TAG}"
echo "::group::Result"
podman rmi -i -f "$BUILD_BASE_IMAGE"
BASE_TAG=$(cat "${CACHE_FILE_NAME}_tag_id")
echo "Removing ${IMAGE_DIR}/${BASE_TAG}"
rm -rf "${IMAGE_DIR}/${BASE_TAG}"
echo "::endgroup::"

157
.github/workflows/rhel_registry_description.yml vendored Normal file
View File

@ -0,0 +1,157 @@
name: Red Hat Catalog Description
on:
push:
branches:
- '[0-9]+.[0-9]+'
paths:
- 'Dockerfiles/*/rhel/README.html'
- 'Dockerfiles/*/README.md'
- 'Dockerfiles/*/rhel/README.md'
- '.github/workflows/rhel_registry_description.yml'
workflow_dispatch:
env:
DOCKERFILES_DIRECTORY: "./Dockerfiles"
API_URL: "https://catalog.redhat.com/api/containers/v1/projects/certification/id/"
MATRIX_FILE: "build.json"
defaults:
run:
shell: bash
permissions:
contents: read
jobs:
init:
name: Initialize workflow
runs-on: ubuntu-latest
permissions:
contents: read
outputs:
components: ${{ steps.components.outputs.list }}
zabbix_release: ${{ steps.branch_info.outputs.zabbix_release }}
steps:
- name: Block egress traffic
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
github.com:443
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 1
sparse-checkout: ${{ env.MATRIX_FILE }}
- name: Check ${{ env.MATRIX_FILE }} file
id: build_exists
env:
MATRIX_FILE: ${{ env.MATRIX_FILE }}
run: |
if [[ ! -f "$MATRIX_FILE" ]]; then
echo "::error::File $MATRIX_FILE is missing"
exit 1
fi
- name: Get branch info
id: branch_info
shell: bash
env:
github_ref: ${{ github.ref }}
run: |
result=false
github_ref=${github_ref##*/}
echo "::group::Branch metadata"
echo "zabbix_release=${github_ref//.}"
echo "::endgroup::"
echo "zabbix_release=${github_ref//.}" >> $GITHUB_OUTPUT
- name: Prepare Zabbix component list
id: components
env:
MATRIX_FILE: ${{ env.MATRIX_FILE }}
run: |
component_list=$(jq -r '.components | map_values(select(.rhel == true)) | keys | @json' "$MATRIX_FILE")
echo "::group::Zabbix Component List"
echo "$component_list"
echo "::endgroup::"
echo "list=$component_list" >> $GITHUB_OUTPUT
publish:
name: Initialize build
runs-on: ubuntu-latest
needs: init
permissions:
contents: read
strategy:
fail-fast: false
matrix:
component: ${{ fromJson(needs.init.outputs.components) }}
steps:
- name: Block egress traffic
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
catalog.redhat.com:443
files.pythonhosted.org:443
github.com:443
pypi.org:443
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 1
- name: Variables formating
id: var_format
env:
MATRIX_BUILD: ${{ matrix.component }}
run: |
MATRIX_BUILD=${MATRIX_BUILD^^}
MATRIX_BUILD=${MATRIX_BUILD//-/_}
echo "::group::Result"
echo "matrix_build=${MATRIX_BUILD}"
echo "::endgroup::"
echo "matrix_build=${MATRIX_BUILD}" >> $GITHUB_OUTPUT
- name: Setup Python 3.x
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
with:
python-version: '3.x'
- name: Install Python packages
run: |
python -m pip install --upgrade pip
pip install markdown requests
- name: Update Red Hat project description
env:
DESCRIPTION_FILE: ${{ format('{0}/{1}/rhel/README', env.DOCKERFILES_DIRECTORY, matrix.component) }}
PROJECT_ID: ${{ secrets[format('RHEL_{0}_{1}_PROJECT', needs.init.outputs.zabbix_release, steps.var_format.outputs.matrix_build)] }}
PYXIS_API_TOKEN: ${{ secrets.REDHAT_API_TOKEN }}
API_URL: ${{ env.API_URL }}
run: |
python ./.github/scripts/rhel_description.py
- name: Red Hat Gatalog URL
env:
COMPONENT: ${{ matrix.component }}
MATRIX_FILE: ${{ env.MATRIX_FILE }}
run: |
PROJECT_ID=$(jq -r ".components.\"$COMPONENT\".rhel_project" "$MATRIX_FILE")
echo "::group::URL"
echo "https://catalog.redhat.com/software/containers/${PROJECT_ID}"
echo "::endgroup::"

2
.github/workflows/scorecard.yml vendored
View File

@ -73,6 +73,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@e675ced7a7522a761fc9c8eb26682c8b27c42b2b # v3.24.1
uses: github/codeql-action/upload-sarif@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
with:
sarif_file: results.sarif

2
.github/workflows/sonarcloud.yml vendored
View File

@ -47,7 +47,7 @@ jobs:
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:

61
.pre-commit-config.yaml
View File

@ -1,20 +1,41 @@
- repo: https://github.com/gitleaks/gitleaks
rev: v8.16.3
hooks:
- id: gitleaks
- repo: https://github.com/jumanjihouse/pre-commit-hooks
rev: 3.0.0
hooks:
- id: shellcheck
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.5.0
hooks:
- id: end-of-file-fixer
- id: trailing-whitespace
- id: check-yaml
- id: check-symlinks
- id: pretty-format-json
- repo: https://github.com/asottile/setup-cfg-fmt
rev: v2.5.0
hooks:
- id: setup-cfg-fmt
repos:
- repo: https://github.com/gitleaks/gitleaks
rev: v8.16.3
hooks:
- id: gitleaks
- repo: https://github.com/jumanjihouse/pre-commit-hooks
rev: 3.0.0
hooks:
- id: shellcheck
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.5.0
hooks:
- id: end-of-file-fixer
exclude: |
(?x)(
^env_vars/\.MYSQL |
^env_vars/\.POSTGRES
)
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.5.0
hooks:
- id: trailing-whitespace
exclude: |
(?x)(
.*\.patch$
)
- id: check-yaml
args: [--allow-multiple-documents]
- id: check-symlinks
# - id: pretty-format-json
- id: check-added-large-files
#- repo: https://github.com/adrienverge/yamllint.git
# rev: v1.21.0 # or higher tag
# hooks:
# - id: yamllint
# args: [--format, parsable, --strict]
#- repo: https://github.com/jumanjihouse/pre-commit-hook-yamlfmt
# rev: 0.2.3
# hooks:
# - id: yamlfmt
# args: [--mapping, '2', --sequence, '1', --offset, '0', --colons, --width, '400']

8
Dockerfiles/agent/README.md
View File

@ -14,16 +14,12 @@ Zabbix agent is deployed on a monitoring target to actively monitor local resour
# Zabbix agent images
These are the only official Zabbix agent Docker images. They are based on Alpine Linux v3.15, Ubuntu 20.04 (focal), 22.04 (jammy), CentOS Stream 8, Oracle Linux 8, Windows 10 LTSC 2019 and Windows 11 LTSC 2022 images. The available versions of Zabbix agent are:
These are the only official Zabbix agent Docker images. They are based on Alpine Linux v3.19, Ubuntu 22.04 (jammy), CentOS Stream 9, Oracle Linux 9, Windows 10 LTSC 2019 and Windows 11 LTSC 2022 images. The available versions of Zabbix agent are:
Zabbix agent 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest, ltsc2019-4.0-latest, ltsc2022-4.0-latest)
Zabbix agent 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*, ltsc2019-4.0.*, ltsc2022-4.0.*)
Zabbix agent 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest, ltsc2019-5.0-latest, ltsc2022-5.0-latest)
Zabbix agent 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*, ltsc2019-5.0.*, ltsc2022-5.0.*)
Zabbix agent 6.0 (tags: alpine-6.0-latest, ubuntu-6.0-latest, ol-6.0-latest)
Zabbix agent 6.0.* (tags: alpine-6.0.*, ubuntu-6.0.*, ol-6.0.*, ltsc2019-6.0.*, ltsc2022-6.0.*)
Zabbix agent 6.2 (tags: alpine-6.2-latest, ubuntu-6.2-latest, ol-6.2-latest)
Zabbix agent 6.2.* (tags: alpine-6.2.*, ubuntu-6.2.*, ol-6.2.*, ltsc2019-6.2.*, ltsc2022-6.2.*)
Zabbix agent 6.4 (tags: alpine-6.4-latest, ubuntu-6.4-latest, ol-6.4-latest, alpine-latest, ubuntu-latest, ol-latest, ltsc2019-latest, ltsc2022-latest, latest)
Zabbix agent 6.4.* (tags: alpine-6.4.*, ubuntu-6.4.*, ol-6.4.*, ltsc2019-6.4.*, ltsc2022-6.4.*)
Zabbix agent 7.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk, ltsc2019-trunk, ltsc2022-trunk)
@ -222,7 +218,7 @@ Please see [the Docker installation documentation](https://docs.docker.com/insta
## Documentation
Documentation for this image is stored in the [`agent/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/agent) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request.
Documentation for this image is stored in the [`agent/` directory](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/agent) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/6.4/README.md) before attempting a pull request.
## Issues

3
Dockerfiles/agent/alpine/Dockerfile
View File

@ -66,8 +66,7 @@ RUN set -eux && \
mkdir -p /var/lib/zabbix/modules && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
rm -rf /var/cache/apk/*
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/
EXPOSE 10050/TCP

35
Dockerfiles/agent/centos/Dockerfile
View File

@ -5,7 +5,7 @@ ARG BUILD_BASE_IMAGE=zabbix-build-mysql:centos-${ZBX_VERSION}
FROM ${BUILD_BASE_IMAGE} AS builder
FROM quay.io/centos/centos:stream9
FROM quay.io/centos/centos:stream9-minimal
ARG MAJOR_VERSION
ARG ZBX_VERSION
@ -31,8 +31,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/u
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf", "/etc/zabbix/zabbix_agentd.conf"]
RUN set -eux && \
REPOLIST="baseos,appstream,epel" && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tini \
tzdata \
@ -41,15 +41,24 @@ RUN set -eux && \
libcurl-minimal \
libmodbus \
openssl-libs \
shadow-utils \
zlib" && \
dnf -y install epel-release && \
dnf -y install \
--disablerepo "*" \
--enablerepo "${REPOLIST}" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
microdnf -y install \
--disablerepo "*" \
--enablerepo "extras-common" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs epel-release && \
microdnf -y install \
--disablerepo "*" \
--enablerepo "baseos" \
--enablerepo "appstream" \
--enablerepo="epel" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs ${INSTALL_PKGS} && \
groupadd \
--system \
--gid 1995 \
@ -69,9 +78,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
dnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10050/TCP

8
Dockerfiles/agent/ol/Dockerfile
View File

@ -32,7 +32,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf", "/etc/zabbix/zabbix_agentd.conf"]
COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel-ol9.repo"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tini \
tzdata \
@ -48,6 +49,7 @@ RUN set -eux && \
--enablerepo="ol9_appstream" \
--enablerepo="ol9_developer_EPEL" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs \
${INSTALL_PKGS} && \
@ -71,9 +73,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10050/TCP

11
Dockerfiles/agent/rhel/Dockerfile
View File

@ -6,7 +6,7 @@ ARG BUILD_BASE_IMAGE=zabbix-build-mysql:rhel-${ZBX_VERSION}
FROM ${BUILD_BASE_IMAGE} AS builder
FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
FROM registry.access.redhat.com/ubi9/ubi-minimal:9.3
ARG MAJOR_VERSION
ARG RELEASE
@ -50,7 +50,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/u
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf", "/etc/zabbix/zabbix_agentd.conf"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tini \
tzdata \
@ -67,12 +68,14 @@ RUN set -eux && \
--enablerepo "ubi-9-baseos-rpms" \
--enablerepo "epel" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y reinstall \
--enablerepo "ubi-9-baseos-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
@ -96,9 +99,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10050/TCP

121
Dockerfiles/agent/rhel/README.html Normal file
View File

@ -0,0 +1,121 @@
<p><img src="https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png" alt="logo"></p>
<h1 id="what-is-zabbix-">What is Zabbix?</h1>
<p>Zabbix is an enterprise-class open source distributed monitoring solution.</p>
<p>Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning.</p>
<p>For more information and related downloads for Zabbix components, please visit <a href="https://hub.docker.com/u/zabbix/">https://hub.docker.com/u/zabbix/</a> and <a href="https://zabbix.com">https://zabbix.com</a></p>
<h1 id="what-is-zabbix-agent-">What is Zabbix agent?</h1>
<p>Zabbix agent is deployed on a monitoring target to actively monitor local resources and applications (hard drives, memory, processor statistics etc).</p>
<h1 id="zabbix-agent-images">Zabbix agent images</h1>
<p>These are the only official Zabbix agent Docker images.</p>
<h1 id="how-to-use-this-image">How to use this image</h1>
<h2 id="start-zabbix-agent-">Start <code>zabbix-agent</code></h2>
<p>Start a Zabbix agent container as follows:</p>
<pre><code>podman <span class="hljs-keyword">run</span><span class="bash"> --name some-zabbix-agent <span class="hljs-_">-e</span> ZBX_HOSTNAME=<span class="hljs-string">"some-hostname"</span> <span class="hljs-_">-e</span> ZBX_SERVER_HOST=<span class="hljs-string">"some-zabbix-server"</span> <span class="hljs-_">-d</span> zabbix/zabbix-agent:tag</span>
</code></pre><p>Where <code>some-zabbix-agent</code> is the name you want to assign to your container, <code>some-hostname</code> is the hostname, it is Hostname parameter in Zabbix agent configuration file, <code>some-zabbix-server</code> is IP or DNS name of Zabbix server or proxy and <code>tag</code> is the tag specifying the version you want.</p>
<h2 id="connects-from-zabbix-server-or-zabbix-proxy-in-other-containers-passive-checks-">Connects from Zabbix server or Zabbix proxy in other containers (Passive checks)</h2>
<p>This image exposes the standard Zabbix agent port (<code>10050</code>) to perform passive checks, so container linking makes Zabbix agent instance available to Zabbix server and Zabbix proxy containers. Start your application container like this in order to link it to the Zabbix agent container:</p>
<pre><code class="lang-console"><span class="hljs-comment">$</span> <span class="hljs-comment">podman</span> <span class="hljs-comment">run</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">name</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">link</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">agent:zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">agent</span> <span class="hljs-literal">-</span><span class="hljs-comment">d</span> <span class="hljs-comment">zabbix/zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server:latest</span>
</code></pre>
<h2 id="connect-to-zabbix-server-or-zabbix-proxy-containers-active-checks-">Connect to Zabbix server or Zabbix proxy containers (Active checks)</h2>
<p>This image supports perform active checks, so container linking makes Zabbix server and Zabbix proxy containers available to Zabbix agent instance. Start your application container like this in order to link Zabbix agent to Zabbix server or Zabbix proxy containterns:</p>
<pre><code class="lang-console"><span class="hljs-comment">$</span> <span class="hljs-comment">podman</span> <span class="hljs-comment">run</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">name</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">agent</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">link</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server:zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server</span> <span class="hljs-literal">-</span><span class="hljs-comment">d</span> <span class="hljs-comment">zabbix/zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">agent:latest</span>
</code></pre>
<h2 id="container-shell-access-and-viewing-zabbix-agent-logs">Container shell access and viewing Zabbix agent logs</h2>
<p>The <code>podman exec</code> command allows you to run commands inside a Podman container. The following command line will give you a bash shell inside your <code>zabbix-agent</code> container:</p>
<pre><code class="lang-console">$ podman <span class="hljs-built_in">exec</span> -ti some-zabbix-<span class="hljs-built_in">agent</span> /bin/bash
</code></pre>
<p>The Zabbix agent log is available through Podman&#39;s container log:</p>
<pre><code class="lang-console">$ podman logs <span class="hljs-keyword">some</span>-zabbix-agent
</code></pre>
<h2 id="privileged-mode">Privileged mode</h2>
<p>By default, Podman containers are &quot;unprivileged&quot; and do not have access to the most of host resources. Zabbix agent is designed to monitor system resources, to do that Zabbix agent container must be privileged or you may mount some system-wide volumes. For example:</p>
<pre><code class="lang-console"><span class="hljs-comment">$</span> <span class="hljs-comment">podman</span> <span class="hljs-comment">run</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">name</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">agent</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">link</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server:zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">privileged</span> <span class="hljs-literal">-</span><span class="hljs-comment">d</span> <span class="hljs-comment">zabbix/zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">agent:latest</span>
</code></pre>
<pre><code class="lang-console">$ podman run --name some-zabbix-agent --link some-zabbix-<span class="hljs-string">server:</span>zabbix-server -v <span class="hljs-regexp">/dev/</span><span class="hljs-string">sdc:</span><span class="hljs-regexp">/dev/</span>sdc -d zabbix/zabbix-<span class="hljs-string">agent:</span>latest
</code></pre>
<h2 id="environment-variables">Environment Variables</h2>
<p>When you start the <code>zabbix-agent</code> image, you can adjust the configuration of the Zabbix agent by passing one or more environment variables on the <code>podman run</code> command line.</p>
<h3 id="-zbx_hostname-"><code>ZBX_HOSTNAME</code></h3>
<p>This variable is unique, case sensitive hostname. By default, value is <code>hostname</code> of the container. It is <code>Hostname</code> parameter in <code>zabbix_agentd.conf</code>.</p>
<h3 id="-zbx_server_host-"><code>ZBX_SERVER_HOST</code></h3>
<p>This variable is IP or DNS name of Zabbix server or Zabbix proxy. By default, value is <code>zabbix-server</code>. It is <code>Server</code> parameter in <code>zabbix_agentd.conf</code>. It is allowed to specify Zabbix server or Zabbix proxy port number using <code>ZBX_SERVER_PORT</code> variable. It make sense in case of non-default port for active checks.</p>
<h3 id="-zbx_passive_allow-"><code>ZBX_PASSIVE_ALLOW</code></h3>
<p>This variable is boolean (<code>true</code> or <code>false</code>) and enables or disables feature of passive checks. By default, value is <code>true</code>.</p>
<h3 id="-zbx_passiveservers-"><code>ZBX_PASSIVESERVERS</code></h3>
<p>The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent container.</p>
<h3 id="-zbx_active_allow-"><code>ZBX_ACTIVE_ALLOW</code></h3>
<p>This variable is boolean (<code>true</code> or <code>false</code>) and enables or disables feature of active checks. By default, value is <code>true</code>.</p>
<h3 id="-zbx_activeservers-"><code>ZBX_ACTIVESERVERS</code></h3>
<p>The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent container. You may specify port of Zabbix server or Zabbix proxy in such syntax: <code>zabbix-server:10061,zabbix-proxy:10072</code>.</p>
<h3 id="-zbx_loadmodule-"><code>ZBX_LOADMODULE</code></h3>
<p>The variable is list of comma separated loadable Zabbix modules. It works with volume <code>/var/lib/zabbix/modules</code>. The syntax of the variable is <code>dummy1.so,dummy2.so</code>.</p>
<h3 id="-zbx_debuglevel-"><code>ZBX_DEBUGLEVEL</code></h3>
<p>The variable is used to specify debug level. By default, value is <code>3</code>. It is <code>DebugLevel</code> parameter in <code>zabbix_agentd.conf</code>. Allowed values are listed below:</p>
<ul>
<li><code>0</code> - basic information about starting and stopping of Zabbix processes;</li>
<li><code>1</code> - critical information</li>
<li><code>2</code> - error information</li>
<li><code>3</code> - warnings</li>
<li><code>4</code> - for debugging (produces lots of information)</li>
<li><code>5</code> - extended debugging (produces even more information)</li>
</ul>
<h3 id="-zbx_timeout-"><code>ZBX_TIMEOUT</code></h3>
<p>The variable is used to specify timeout for processing checks. By default, value is <code>3</code>.</p>
<h3 id="other-variables">Other variables</h3>
<p>Additionally the image allows to specify many other environment variables listed below:</p>
<pre><code><span class="hljs-attr">ZBX_SOURCEIP</span>=
<span class="hljs-attr">ZBX_ENABLEREMOTECOMMANDS</span>=<span class="hljs-number">0</span> # Deprecated since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_LOGREMOTECOMMANDS</span>=<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_HEARTBEAT_FREQUENCY</span>=<span class="hljs-number">60</span> # Available since <span class="hljs-number">6.2</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_HOSTINTERFACE</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_HOSTINTERFACEITEM</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_STARTAGENTS</span>=<span class="hljs-number">3</span>
<span class="hljs-attr">ZBX_HOSTNAMEITEM</span>=system.hostname
<span class="hljs-attr">ZBX_METADATA</span>=
<span class="hljs-attr">ZBX_METADATAITEM</span>=
<span class="hljs-attr">ZBX_REFRESHACTIVECHECKS</span>=<span class="hljs-number">120</span>
<span class="hljs-attr">ZBX_BUFFERSEND</span>=<span class="hljs-number">5</span>
<span class="hljs-attr">ZBX_BUFFERSIZE</span>=<span class="hljs-number">100</span>
<span class="hljs-attr">ZBX_MAXLINESPERSECOND</span>=<span class="hljs-number">20</span>
<span class="hljs-attr">ZBX_LISTENIP</span>=
<span class="hljs-attr">ZBX_LISTENPORT</span>=<span class="hljs-number">10050</span>
<span class="hljs-attr">ZBX_LISTENBACKLOG</span>=
<span class="hljs-attr">ZBX_UNSAFEUSERPARAMETERS</span>=<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_TLSCONNECT</span>=unencrypted
<span class="hljs-attr">ZBX_TLSACCEPT</span>=unencrypted
<span class="hljs-attr">ZBX_TLSCAFILE</span>=
<span class="hljs-attr">ZBX_TLSCRLFILE</span>=
<span class="hljs-attr">ZBX_TLSSERVERCERTISSUER</span>=
<span class="hljs-attr">ZBX_TLSSERVERCERTSUBJECT</span>=
<span class="hljs-attr">ZBX_TLSCERTFILE</span>=
<span class="hljs-attr">ZBX_TLSKEYFILE</span>=
<span class="hljs-attr">ZBX_TLSPSKIDENTITY</span>=
<span class="hljs-attr">ZBX_TLSPSKFILE</span>=
<span class="hljs-attr">ZBX_TLSCIPHERALL</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERALL13</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERCERT</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERCERT13</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERPSK</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERPSK13</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_DENYKEY</span>=system.run[*] # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_ALLOWKEY</span>= # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
</code></pre><p>Default values of these variables are specified after equal sign.</p>
<p>The allowed variables are identical of parameters in official <code>zabbix_agentd.conf</code> configuration file. For example, <code>ZBX_REFRESHACTIVECHECKS</code> = <code>RefreshActiveChecks</code>.</p>
<p>Please use official documentation for <a href="https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_agentd"><code>zabbix_agentd.conf</code></a> to get more information about the variables.</p>
<h2 id="allowed-volumes-for-the-zabbix-agent-container">Allowed volumes for the Zabbix agent container</h2>
<h3 id="-etc-zabbix-zabbix_agentd-d-"><code>/etc/zabbix/zabbix_agentd.d</code></h3>
<p>The volume allows include <code>*.conf</code> files and extend Zabbix agent using <code>UserParameter</code> feature.</p>
<h3 id="-var-lib-zabbix-modules-"><code>/var/lib/zabbix/modules</code></h3>
<p>The volume allows load additional modules and extend Zabbix agent using <code>LoadModule</code> feature.</p>
<h3 id="-var-lib-zabbix-enc-"><code>/var/lib/zabbix/enc</code></h3>
<p>The volume is used to store TLS related files. These file names are specified using <code>ZBX_TLSCAFILE</code>, <code>ZBX_TLSCRLFILE</code>, <code>ZBX_TLSKEY_FILE</code> and <code>ZBX_TLSPSKFILE</code> variables.</p>
<h1 id="user-feedback">User Feedback</h1>
<h2 id="documentation">Documentation</h2>
<p>Documentation for this image is stored in the <a href="https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/agent"><code>agent/</code> directory</a> of the <a href="https://github.com/zabbix/zabbix-docker/"><code>zabbix/zabbix-docker</code> GitHub repo</a>. Be sure to familiarize yourself with the <a href="https://github.com/zabbix/zabbix-docker/blob/6.4/README.md">repository&#39;s <code>README.md</code> file</a> before attempting a pull request.</p>
<h2 id="issues">Issues</h2>
<p>If you have any problems with or questions about this image, please contact us through a <a href="https://github.com/zabbix/zabbix-docker/issues">GitHub issue</a>.</p>
<h3 id="known-issues">Known issues</h3>
<p>Currently it is not allowed to specify <code>ZBX_ALIAS</code> environment variable. Please use <code>/etc/zabbix/zabbix_agent.d</code> volume with additional configuration files with <code>Alias</code> options.</p>
<h2 id="contributing">Contributing</h2>
<p>You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.</p>
<p>Before you start to code, we recommend discussing your plans through a <a href="https://github.com/zabbix/zabbix-docker/issues">GitHub issue</a>, especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.</p>

1
Dockerfiles/agent/rhel/README.md
View File

@ -1 +0,0 @@
../README.md

6
Dockerfiles/agent/ubuntu/Dockerfile
View File

@ -31,7 +31,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/u
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_agentd.conf", "/etc/zabbix/zabbix_agentd.conf"]
RUN set -eux && \
RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
tini \
@ -67,8 +68,7 @@ RUN set -eux && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
apt-get -y autoremove && \
apt-get -y clean && \
rm -rf /var/lib/apt/lists/*
apt-get -y clean
EXPOSE 10050/TCP

10
Dockerfiles/agent/windows/docker-entrypoint.ps1
View File

@ -40,7 +40,7 @@ function Update-Config-Var {
if (-not(Test-Path -Path $ConfigPath -PathType Leaf)) {
throw "**** Configuration file '$ConfigPath' does not exist"
}
if ($MaskList.Contains($VarName) -eq $true -And [string]::IsNullOrWhitespace($VarValue) -ne $true) {
Write-Host -NoNewline "** Updating '$ConfigPath' parameter ""$VarName"": '****'. Enable DEBUG_MODE to view value ..."
}
@ -50,12 +50,12 @@ function Update-Config-Var {
if ([string]::IsNullOrWhitespace($VarValue)) {
if ((Get-Content $ConfigPath | %{$_ -match "^$VarName="}) -contains $true) {
(Get-Content $ConfigPath) |
(Get-Content $ConfigPath) |
Where-Object {$_ -notmatch "^$VarName=" } |
Set-Content $ConfigPath
}
Write-Host "removed"
Write-Host "removed"
return
}
@ -64,7 +64,7 @@ function Update-Config-Var {
Write-Host "undefined"
return
}
if ($VarName -match '^TLS.*File$') {
$VarValue="$ZabbixUserHomeDir\enc\$VarValue"
}
@ -75,7 +75,7 @@ function Update-Config-Var {
Write-Host updated
}
elseif ((Get-Content $ConfigPath | select-string -pattern "^[#;] $VarName=").length -gt 0) {
(Get-Content $ConfigPath) |
(Get-Content $ConfigPath) |
Foreach-Object {
$_
if ($_ -match "^[#;] $VarName=") {

6
Dockerfiles/agent2/README.md
View File

@ -14,14 +14,12 @@ Zabbix agent 2 is deployed on a monitoring target to actively monitor local reso
# Zabbix agent 2 images
These are the only official Zabbix agent 2 Docker images. They are based on Alpine Linux v3.15, Ubuntu 20.04 (focal), 22.04 (jammy), CentOS Stream 8, Oracle Linux 8, Windows 10 LTSC 2019 and Windows 11 LTSC 2022 images. The available versions of Zabbix agent 2 are:
These are the only official Zabbix agent 2 Docker images. They are based on Alpine Linux v3.19, Ubuntu 22.04 (jammy), CentOS Stream 9, Oracle Linux 9, Windows 10 LTSC 2019 and Windows 11 LTSC 2022 images. The available versions of Zabbix agent 2 are:
Zabbix agent 2 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest , ltsc2019-5.0-latest, ltsc2022-5.0-latest)
Zabbix agent 2 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*, ltsc2019-5.0.*, ltsc2022-5.0.*)
Zabbix agent 2 6.0 (tags: alpine-6.0-latest, ubuntu-6.0-latest, ol-6.0-latest)
Zabbix agent 2 6.0.* (tags: alpine-6.0.*, ubuntu-6.0.*, ol-6.0.*, ltsc2019-6.0.*, ltsc2022-6.0.*)
Zabbix agent 2 6.2 (tags: alpine-6.2-latest, ubuntu-6.2-latest, ol-6.2-latest)
Zabbix agent 2 6.2.* (tags: alpine-6.2.*, ubuntu-6.2.*, ol-6.2.*, ltsc2019-6.2.*, ltsc2022-6.2.*)
Zabbix agent 2 6.4 (tags: alpine-6.4-latest, ubuntu-6.4-latest, ol-6.4-latest, alpine-latest, ubuntu-latest, ol-latest, ltsc2019-latest, ltsc2022-latest, latest)
Zabbix agent 2 6.4.* (tags: alpine-6.4.*, ubuntu-6.4.*, ol-6.4.*, ltsc2019-6.4.*, ltsc2022-6.4.*)
Zabbix agent 2 7.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk, ltsc2019-trunk, ltsc2022-trunk)
@ -210,7 +208,7 @@ Please see [the Docker installation documentation](https://docs.docker.com/insta
## Documentation
Documentation for this image is stored in the [`agent2/` directory](https://github.com/zabbix/zabbix-docker/tree/trunk/Dockerfiles/agent2) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/trunk/README.md) before attempting a pull request.
Documentation for this image is stored in the [`agent2/` directory](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/agent2) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/6.4/README.md) before attempting a pull request.
## Issues

3
Dockerfiles/agent2/alpine/Dockerfile
View File

@ -71,8 +71,7 @@ RUN set -eux && \
mkdir -p /var/lib/zabbix/buffer && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
rm -rf /var/cache/apk/*
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/
EXPOSE 10050/TCP 31999/TCP

31
Dockerfiles/agent2/centos/Dockerfile
View File

@ -5,7 +5,7 @@ ARG BUILD_BASE_IMAGE=zabbix-build-mysql:centos-${ZBX_VERSION}
FROM ${BUILD_BASE_IMAGE} AS builder
FROM quay.io/centos/centos:stream9
FROM quay.io/centos/centos:stream9-minimal
ARG MAJOR_VERSION
ARG ZBX_VERSION
@ -36,8 +36,8 @@ COPY --from=builder ["/tmp/postgresql_plugin/postgresql.conf", "/etc/zabbix/zabb
COPY --from=builder ["/tmp/mongodb_plugin/zabbix-agent2-plugin-mongodb", "/usr/sbin/zabbix-agent2-plugin/zabbix-agent2-plugin-mongodb"]
COPY --from=builder ["/tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql", "/usr/sbin/zabbix-agent2-plugin/zabbix-agent2-plugin-postgresql"]
RUN set -eux && \
REPOLIST="baseos,appstream,epel" && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tini \
tzdata \
@ -46,16 +46,25 @@ RUN set -eux && \
libcurl-minimal \
libmodbus \
smartmontools \
shadow-utils \
sudo \
openssl-libs" && \
dnf -y install epel-release && \
dnf -y install \
microdnf -y install \
--disablerepo "*" \
--enablerepo "${REPOLIST}" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--enablerepo "extras-common" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
${INSTALL_PKGS} && \
--nodocs epel-release && \
microdnf -y install \
--disablerepo "*" \
--enablerepo "baseos" \
--enablerepo "appstream" \
--enablerepo="epel" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs ${INSTALL_PKGS} && \
groupadd \
--system \
--gid 1995 \
@ -78,9 +87,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
dnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10050/TCP 31999/TCP

8
Dockerfiles/agent2/ol/Dockerfile
View File

@ -37,7 +37,8 @@ COPY --from=builder ["/tmp/mongodb_plugin/zabbix-agent2-plugin-mongodb", "/usr/s
COPY --from=builder ["/tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql", "/usr/sbin/zabbix-agent2-plugin/zabbix-agent2-plugin-postgresql"]
COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel-ol9.repo"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tini \
tzdata \
@ -54,6 +55,7 @@ RUN set -eux && \
--enablerepo="ol9_appstream" \
--enablerepo="ol9_developer_EPEL" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs \
${INSTALL_PKGS} && \
@ -79,9 +81,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10050/TCP 31999/TCP

11
Dockerfiles/agent2/rhel/Dockerfile
View File

@ -6,7 +6,7 @@ ARG BUILD_BASE_IMAGE=zabbix-build-mysql:rhel-${ZBX_VERSION}
FROM ${BUILD_BASE_IMAGE} AS builder
FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
FROM registry.access.redhat.com/ubi9/ubi-minimal:9.3
ARG MAJOR_VERSION
ARG RELEASE
@ -55,7 +55,8 @@ COPY --from=builder ["/tmp/postgresql_plugin/postgresql.conf", "/etc/zabbix/zabb
COPY --from=builder ["/tmp/mongodb_plugin/zabbix-agent2-plugin-mongodb", "/usr/sbin/zabbix-agent2-plugin/zabbix-agent2-plugin-mongodb"]
COPY --from=builder ["/tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql", "/usr/sbin/zabbix-agent2-plugin/zabbix-agent2-plugin-postgresql"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tini \
tzdata \
@ -74,12 +75,14 @@ RUN set -eux && \
--enablerepo "ubi-9-baseos-rpms" \
--enablerepo "epel" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y reinstall \
--enablerepo "ubi-9-baseos-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
@ -105,9 +108,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10050/TCP 31999/TCP

113
Dockerfiles/agent2/rhel/README.html Normal file
View File

@ -0,0 +1,113 @@
<p><img src="https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png" alt="logo"></p>
<h1 id="what-is-zabbix-">What is Zabbix?</h1>
<p>Zabbix is an enterprise-class open source distributed monitoring solution.</p>
<p>Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning.</p>
<p>For more information and related downloads for Zabbix components, please visit <a href="https://hub.docker.com/u/zabbix/">https://hub.docker.com/u/zabbix/</a> and <a href="https://zabbix.com">https://zabbix.com</a></p>
<h1 id="what-is-zabbix-agent-2-">What is Zabbix agent 2?</h1>
<p>Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications (hard drives, memory, processor statistics etc).</p>
<h1 id="zabbix-agent-2-images">Zabbix agent 2 images</h1>
<p>Images are updated when new releases are published.</p>
<h1 id="how-to-use-this-image">How to use this image</h1>
<h2 id="start-zabbix-agent2-">Start <code>zabbix-agent2</code></h2>
<p>Start a Zabbix agent 2 container as follows:</p>
<pre><code>podman <span class="hljs-keyword">run</span><span class="bash"> --name some-zabbix-agent <span class="hljs-_">-e</span> ZBX_HOSTNAME=<span class="hljs-string">"some-hostname"</span> <span class="hljs-_">-e</span> ZBX_SERVER_HOST=<span class="hljs-string">"some-zabbix-server"</span> <span class="hljs-_">-d</span> zabbix/zabbix-agent2:tag</span>
</code></pre><p>Where <code>some-zabbix-agent2</code> is the name you want to assign to your container, <code>some-hostname</code> is the hostname, it is Hostname parameter in Zabbix agent 2 configuration file, <code>some-zabbix-server</code> is IP or DNS name of Zabbix server or proxy and <code>tag</code> is the tag specifying the version you want.</p>
<h2 id="connects-from-zabbix-server-or-zabbix-proxy-in-other-containers-passive-checks-">Connects from Zabbix server or Zabbix proxy in other containers (Passive checks)</h2>
<p>This image exposes the standard Zabbix agent 2 port (<code>10050</code>) to perform passive checks, so container linking makes Zabbix agent 2 instance available to Zabbix server and Zabbix proxy containers. Start your application container like this in order to link it to the Zabbix agent 2 container:</p>
<pre><code class="lang-console"><span class="hljs-comment">$</span> <span class="hljs-comment">podman</span> <span class="hljs-comment">run</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">name</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">link</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">agent:zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">agent2</span> <span class="hljs-literal">-</span><span class="hljs-comment">d</span> <span class="hljs-comment">zabbix/zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server:latest</span>
</code></pre>
<h2 id="connect-to-zabbix-server-or-zabbix-proxy-containers-active-checks-">Connect to Zabbix server or Zabbix proxy containers (Active checks)</h2>
<p>This image supports perform active checks, so container linking makes Zabbix server and Zabbix proxy containers available to Zabbix agent 2 instance. Start your application container like this in order to link Zabbix agent 2 to Zabbix server or Zabbix proxy containterns:</p>
<pre><code class="lang-console"><span class="hljs-comment">$</span> <span class="hljs-comment">podman</span> <span class="hljs-comment">run</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">name</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">agent</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">link</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server:zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server</span> <span class="hljs-literal">-</span><span class="hljs-comment">d</span> <span class="hljs-comment">zabbix/zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">agent2:latest</span>
</code></pre>
<h2 id="container-shell-access-and-viewing-zabbix-agent-2-logs">Container shell access and viewing Zabbix agent 2 logs</h2>
<p>The <code>podman exec</code> command allows you to run commands inside a Podman container. The following command line will give you a bash shell inside your <code>zabbix-agent2</code> container:</p>
<pre><code class="lang-console">$ podman <span class="hljs-built_in">exec</span> -ti some-zabbix-<span class="hljs-built_in">agent</span> /bin/bash
</code></pre>
<p>The Zabbix agent 2 log is available through Podman&#39;s container log:</p>
<pre><code class="lang-console">$ podman logs <span class="hljs-keyword">some</span>-zabbix-agent
</code></pre>
<h2 id="privileged-mode">Privileged mode</h2>
<p>By default, Podman containers are &quot;unprivileged&quot; and do not have access to the most of host resources. Zabbix agent 2 is designed to monitor system resources, to do that Zabbix agent 2 container must be privileged or you may mount some system-wide volumes. For example:</p>
<pre><code class="lang-console"><span class="hljs-comment">$</span> <span class="hljs-comment">podman</span> <span class="hljs-comment">run</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">name</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">agent</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">link</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server:zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">privileged</span> <span class="hljs-literal">-</span><span class="hljs-comment">d</span> <span class="hljs-comment">zabbix/zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">agent2:latest</span>
</code></pre>
<pre><code class="lang-console">$ podman run --name some-zabbix-agent --link some-zabbix-<span class="hljs-string">server:</span>zabbix-server -v <span class="hljs-regexp">/dev/</span><span class="hljs-string">sdc:</span><span class="hljs-regexp">/dev/</span>sdc -d zabbix/zabbix-<span class="hljs-string">agent2:</span>latest
</code></pre>
<h2 id="environment-variables">Environment Variables</h2>
<p>When you start the <code>zabbix-agent2</code> image, you can adjust the configuration of the Zabbix agent 2 by passing one or more environment variables on the <code>podman run</code> command line.</p>
<h3 id="-zbx_hostname-"><code>ZBX_HOSTNAME</code></h3>
<p>This variable is unique, case sensitive hostname. By default, value is <code>hostname</code> of the container. It is <code>Hostname</code> parameter in <code>zabbix_agent2.conf</code>.</p>
<h3 id="-zbx_server_host-"><code>ZBX_SERVER_HOST</code></h3>
<p>This variable is IP or DNS name of Zabbix server or Zabbix proxy. By default, value is <code>zabbix-server</code>. It is <code>Server</code> parameter in <code>zabbix_agent2.conf</code>. It is allowed to specify Zabbix server or Zabbix proxy port number using <code>ZBX_SERVER_PORT</code> variable. It make sense in case of non-default port for active checks.</p>
<h3 id="-zbx_passive_allow-"><code>ZBX_PASSIVE_ALLOW</code></h3>
<p>This variable is boolean (<code>true</code> or <code>false</code>) and enables or disables feature of passive checks. By default, value is <code>true</code>.</p>
<h3 id="-zbx_passiveservers-"><code>ZBX_PASSIVESERVERS</code></h3>
<p>The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent 2 container.</p>
<h3 id="-zbx_active_allow-"><code>ZBX_ACTIVE_ALLOW</code></h3>
<p>This variable is boolean (<code>true</code> or <code>false</code>) and enables or disables feature of active checks. By default, value is <code>true</code>.</p>
<h3 id="-zbx_activeservers-"><code>ZBX_ACTIVESERVERS</code></h3>
<p>The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent 2 container. You may specify port of Zabbix server or Zabbix proxy in such syntax: <code>zabbix-server:10061,zabbix-proxy:10072</code>.</p>
<h3 id="-zbx_debuglevel-"><code>ZBX_DEBUGLEVEL</code></h3>
<p>The variable is used to specify debug level. By default, value is <code>3</code>. It is <code>DebugLevel</code> parameter in <code>zabbix_agent2.conf</code>. Allowed values are listed below:</p>
<ul>
<li><code>0</code> - basic information about starting and stopping of Zabbix processes;</li>
<li><code>1</code> - critical information</li>
<li><code>2</code> - error information</li>
<li><code>3</code> - warnings</li>
<li><code>4</code> - for debugging (produces lots of information)</li>
<li><code>5</code> - extended debugging (produces even more information)</li>
</ul>
<h3 id="-zbx_timeout-"><code>ZBX_TIMEOUT</code></h3>
<p>The variable is used to specify timeout for processing checks. By default, value is <code>3</code>.</p>
<h3 id="other-variables">Other variables</h3>
<p>Additionally the image allows to specify many other environment variables listed below:</p>
<pre><code><span class="hljs-attr">ZBX_ENABLEPERSISTENTBUFFER</span>=<span class="hljs-literal">false</span> # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_PERSISTENTBUFFERPERIOD</span>=<span class="hljs-number">1</span>h # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_ENABLESTATUSPORT</span>=
<span class="hljs-attr">ZBX_SOURCEIP</span>=
<span class="hljs-attr">ZBX_HEARTBEAT_FREQUENCY</span>=<span class="hljs-number">60</span> # Available since <span class="hljs-number">6.2</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_ENABLEREMOTECOMMANDS</span>=<span class="hljs-number">0</span> # Deprecated since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_LOGREMOTECOMMANDS</span>=<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_STARTAGENTS</span>=<span class="hljs-number">3</span>
<span class="hljs-attr">ZBX_HOSTNAMEITEM</span>=system.hostname
<span class="hljs-attr">ZBX_METADATA</span>=
<span class="hljs-attr">ZBX_METADATAITEM</span>=
<span class="hljs-attr">ZBX_REFRESHACTIVECHECKS</span>=<span class="hljs-number">120</span>
<span class="hljs-attr">ZBX_BUFFERSEND</span>=<span class="hljs-number">5</span>
<span class="hljs-attr">ZBX_BUFFERSIZE</span>=<span class="hljs-number">100</span>
<span class="hljs-attr">ZBX_MAXLINESPERSECOND</span>=<span class="hljs-number">20</span>
<span class="hljs-attr">ZBX_LISTENIP</span>=
<span class="hljs-attr">ZBX_LISTENPORT</span>=<span class="hljs-number">10051</span>
<span class="hljs-attr">ZBX_UNSAFEUSERPARAMETERS</span>=<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_TLSCONNECT</span>=unencrypted
<span class="hljs-attr">ZBX_TLSACCEPT</span>=unencrypted
<span class="hljs-attr">ZBX_TLSCAFILE</span>=
<span class="hljs-attr">ZBX_TLSCRLFILE</span>=
<span class="hljs-attr">ZBX_TLSSERVERCERTISSUER</span>=
<span class="hljs-attr">ZBX_TLSSERVERCERTSUBJECT</span>=
<span class="hljs-attr">ZBX_TLSCERTFILE</span>=
<span class="hljs-attr">ZBX_TLSKEYFILE</span>=
<span class="hljs-attr">ZBX_TLSPSKIDENTITY</span>=
<span class="hljs-attr">ZBX_TLSPSKFILE</span>=
<span class="hljs-attr">ZBX_DENYKEY</span>=system.run[*] # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_ALLOWKEY</span>= # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
</code></pre><p>Default values of these variables are specified after equal sign.</p>
<p>The allowed variables are identical of parameters in official <code>zabbix_agent2.conf</code> configuration file. For example, <code>ZBX_REFRESHACTIVECHECKS</code> = <code>RefreshActiveChecks</code>.</p>
<p>Please use official documentation for <a href="https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_agent2"><code>zabbix_agent2.conf</code></a> to get more information about the variables.</p>
<h2 id="allowed-volumes-for-the-zabbix-agent-2-container">Allowed volumes for the Zabbix agent 2 container</h2>
<h3 id="-etc-zabbix-zabbix_agentd-d-"><code>/etc/zabbix/zabbix_agentd.d</code></h3>
<p>The volume allows include <code>*.conf</code> files and extend Zabbix agent 2 using <code>UserParameter</code> feature.</p>
<h3 id="-var-lib-zabbix-enc-"><code>/var/lib/zabbix/enc</code></h3>
<p>The volume is used to store TLS related files. These file names are specified using <code>ZBX_TLSCAFILE</code>, <code>ZBX_TLSCRLFILE</code>, <code>ZBX_TLSKEY_FILE</code> and <code>ZBX_TLSPSKFILE</code> variables.</p>
<h3 id="-var-lib-zabbix-buffer-"><code>/var/lib/zabbix/buffer</code></h3>
<p>The volume is used to store the file, where Zabbix Agent2 should keep SQLite database. To enable the feature specify <code>ZBX_ENABLEPERSISTENTBUFFER=true</code>. Available since 5.0.0.</p>
<h1 id="user-feedback">User Feedback</h1>
<h2 id="documentation">Documentation</h2>
<p>Documentation for this image is stored in the <a href="https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/agent2"><code>agent2/</code> directory</a> of the <a href="https://github.com/zabbix/zabbix-docker/"><code>zabbix/zabbix-docker</code> GitHub repo</a>. Be sure to familiarize yourself with the <a href="https://github.com/zabbix/zabbix-docker/blob/6.4/README.md">repository&#39;s <code>README.md</code> file</a> before attempting a pull request.</p>
<h2 id="issues">Issues</h2>
<p>If you have any problems with or questions about this image, please contact us through a <a href="https://github.com/zabbix/zabbix-docker/issues">GitHub issue</a>.</p>
<h3 id="known-issues">Known issues</h3>
<p>Currently it is not allowed to specify <code>ZBX_ALIAS</code> environment variable. Please use <code>/etc/zabbix/zabbix_agent.d</code> volume with additional configuration files with <code>Alias</code> options.</p>
<h2 id="contributing">Contributing</h2>
<p>You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.</p>
<p>Before you start to code, we recommend discussing your plans through a <a href="https://github.com/zabbix/zabbix-docker/issues">GitHub issue</a>, especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.</p>

1
Dockerfiles/agent2/rhel/README.md
View File

@ -1 +0,0 @@
../README.md

2
Dockerfiles/agent2/rhel/licenses/apache-2.0.txt
View File

@ -199,4 +199,4 @@ Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
limitations under the License.

6
Dockerfiles/agent2/ubuntu/Dockerfile
View File

@ -36,7 +36,8 @@ COPY --from=builder ["/tmp/postgresql_plugin/postgresql.conf", "/etc/zabbix/zabb
COPY --from=builder ["/tmp/mongodb_plugin/zabbix-agent2-plugin-mongodb", "/usr/sbin/zabbix-agent2-plugin/zabbix-agent2-plugin-mongodb"]
COPY --from=builder ["/tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql", "/usr/sbin/zabbix-agent2-plugin/zabbix-agent2-plugin-postgresql"]
RUN set -eux && \
RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="tini \
tzdata \
@ -74,8 +75,7 @@ RUN set -eux && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ /usr/sbin/zabbix-agent2-plugin/ && \
apt-get -y autoremove && \
apt-get -y clean && \
rm -rf /var/lib/apt/lists/*
apt-get -y clean
EXPOSE 10050/TCP

10
Dockerfiles/agent2/windows/docker-entrypoint.ps1
View File

@ -40,7 +40,7 @@ function Update-Config-Var {
if (-not(Test-Path -Path $ConfigPath -PathType Leaf)) {
throw "**** Configuration file '$ConfigPath' does not exist"
}
if ($MaskList.Contains($VarName) -eq $true -And [string]::IsNullOrWhitespace($VarValue) -ne $true) {
Write-Host -NoNewline "** Updating '$ConfigPath' parameter ""$VarName"": '****'. Enable DEBUG_MODE to view value ..."
}
@ -50,12 +50,12 @@ function Update-Config-Var {
if ([string]::IsNullOrWhitespace($VarValue)) {
if ((Get-Content $ConfigPath | %{$_ -match "^$VarName="}) -contains $true) {
(Get-Content $ConfigPath) |
(Get-Content $ConfigPath) |
Where-Object {$_ -notmatch "^$VarName=" } |
Set-Content $ConfigPath
}
Write-Host "removed"
Write-Host "removed"
return
}
@ -64,7 +64,7 @@ function Update-Config-Var {
Write-Host "undefined"
return
}
if ($VarName -match '^TLS.*File$') {
$VarValue="$ZabbixUserHomeDir\enc\$VarValue"
}
@ -75,7 +75,7 @@ function Update-Config-Var {
Write-Host updated
}
elseif ((Get-Content $ConfigPath | select-string -pattern "^[#;] $VarName=").length -gt 0) {
(Get-Content $ConfigPath) |
(Get-Content $ConfigPath) |
Foreach-Object {
$_
if ($_ -match "^[#;] $VarName=") {

8
Dockerfiles/build-base/README.md
View File

@ -14,14 +14,12 @@ Zabbix build base image is prepared build environment for building Zabbix compon
# Zabbix build base images
These are the only official Zabbix build base Docker images. They are based on Alpine Linux v3.15, Ubuntu 20.04 (focal), 22.04 (jammy), CentOS Stream 8 and Oracle Linux 8 images. The available versions of the image are:
These are the only official Zabbix build base Docker images. They are based on Alpine Linux v3.19, Ubuntu 22.04 (jammy), CentOS Stream 9 and Oracle Linux 9 images. The available versions of the image are:
Zabbix build base 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest)
Zabbix build base 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*)
Zabbix build base 6.0 (tags: alpine-6.0-latest, ubuntu-6.0-latest, ol-6.0-latest)
Zabbix build base 6.0.* (tags: alpine-6.0.*, ubuntu-6.0.*, ol-6.0.*)
Zabbix build base 6.2 (tags: alpine-6.2-latest, ubuntu-6.2-latest, ol-6.2-latest)
Zabbix build base 6.2.* (tags: alpine-6.2.*, ubuntu-6.2.*, ol-6.2.*, ltsc2019-6.2.*, ltsc2022-6.2.*)
Zabbix build base 6.4 (tags: alpine-6.4-latest, ubuntu-6.4-latest, ol-6.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest)
Zabbix build base 6.4.* (tags: alpine-6.4.*, ubuntu-6.4.*, ol-6.4.*, ltsc2019-6.4.*, ltsc2022-6.4.*)
Zabbix build base 7.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk, ltsc2019-trunk, ltsc2022-trunk)
@ -30,7 +28,7 @@ Images are updated when new releases are published. The image with ``latest`` ta
# How to use this image
The image is required to build Zabbix components. It is base image for [MySQL](https://github.com/zabbix/zabbix-docker/tree/trunk/Dockerfiles/build-mysql), [PostgreSQL](https://github.com/zabbix/zabbix-docker/tree/trunk/Dockerfiles/build-pgsql) and [SQLite3](https://github.com/zabbix/zabbix-docker/tree/trunk/Dockerfiles/build-sqlite3) base images. While the image contains only required packages, MySQL, PostgreSQL and SQLite3 base images compile Zabbix component and prepare them for usage.
The image is required to build Zabbix components. It is base image for [MySQL](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/build-mysql), [PostgreSQL](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/build-pgsql) and [SQLite3](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/build-sqlite3) base images. While the image contains only required packages, MySQL, PostgreSQL and SQLite3 base images compile Zabbix component and prepare them for usage.
# The image variants
@ -64,7 +62,7 @@ Please see [the Docker installation documentation](https://docs.docker.com/insta
## Documentation
Documentation for this image is stored in the [`build-base/` directory](https://github.com/zabbix/zabbix-docker/tree/trunk/Dockerfiles/build-base) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request.
Documentation for this image is stored in the [`build-base/` directory](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/build-base) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/6.4/README.md) before attempting a pull request.
## Issues

3
Dockerfiles/build-base/alpine/Dockerfile
View File

@ -61,5 +61,4 @@ RUN set -eux && \
apk add \
--no-cache \
--clean-protected \
${INSTALL_PKGS} && \
rm -rf /var/cache/apk/*
${INSTALL_PKGS}

30
Dockerfiles/build-base/centos/Dockerfile
View File

@ -1,5 +1,5 @@
# syntax=docker/dockerfile:1
FROM quay.io/centos/centos:stream9
FROM quay.io/centos/centos:stream9-minimal
ARG MAJOR_VERSION=6.4
ARG ZBX_VERSION=${MAJOR_VERSION}.11
@ -18,8 +18,8 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
org.opencontainers.image.vendor="Zabbix LLC" \
org.opencontainers.image.version="${ZBX_VERSION}"
RUN set -eux && \
REPOLIST="baseos,appstream,crb,epel" && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="autoconf \
automake \
bash \
@ -45,14 +45,20 @@ RUN set -eux && \
gettext \
go-toolset \
unixODBC-devel" && \
dnf -y install epel-release && \
dnf -y install \
--disablerepo "*" \
--enablerepo "${REPOLIST}" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--enablerepo "extras-common" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
${INSTALL_PKGS} && \
dnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
--nodocs epel-release && \
microdnf -y install \
--disablerepo "*" \
--enablerepo "baseos" \
--enablerepo "appstream" \
--enablerepo "crb" \
--enablerepo="epel" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs ${INSTALL_PKGS} && \
microdnf -y clean all

8
Dockerfiles/build-base/ol/Dockerfile
View File

@ -19,7 +19,8 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel-ol9.repo"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="autoconf \
automake \
bash \
@ -52,8 +53,7 @@ RUN set -eux && \
--enablerepo "ol9_codeready_builder" \
--enablerepo="ol9_developer_EPEL" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs ${INSTALL_PKGS} && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all

10
Dockerfiles/build-base/rhel/Dockerfile
View File

@ -1,5 +1,5 @@
# syntax=docker/dockerfile:1
FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
FROM registry.access.redhat.com/ubi9/ubi-minimal:9.3
ARG MAJOR_VERSION=6.4
ARG RELEASE=11
@ -29,7 +29,8 @@ LABEL description="Prepared environment to build Zabbix components" \
COPY ["licenses", "/licenses"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="autoconf \
automake \
bash \
@ -68,9 +69,8 @@ RUN set -eux && \
--enablerepo "codeready-builder-for-rhel-9-$ARCH_SUFFIX-rpms" \
--enablerepo "epel" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all

6
Dockerfiles/build-base/ubuntu/Dockerfile
View File

@ -17,7 +17,8 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
org.opencontainers.image.vendor="Zabbix LLC" \
org.opencontainers.image.version="${ZBX_VERSION}"
RUN set -eux && \
RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
INSTALL_PKGS="bash \
autoconf \
automake \
@ -51,5 +52,4 @@ RUN set -eux && \
--no-install-recommends install \
${INSTALL_PKGS} && \
apt-get -y autoremove && \
apt-get -y clean && \
rm -rf /var/lib/apt/lists/*
apt-get -y clean

2
Dockerfiles/build-base/windows/modbus.vs16.sln
View File

@ -28,4 +28,4 @@ Global
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {6CF51673-664F-4C9F-B3FE-991FF423F3B6}
EndGlobalSection
EndGlobal
EndGlobal

2
Dockerfiles/build-base/windows/modbus.vs16.vcxproj
View File

@ -262,4 +262,4 @@
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>
</Project>

2
Dockerfiles/build-base/windows/modbus.vs16.vcxproj.filters
View File

@ -59,4 +59,4 @@
<Filter>Resource Files</Filter>
</ResourceCompile>
</ItemGroup>
</Project>
</Project>

10
Dockerfiles/build-mysql/README.md
View File

@ -14,16 +14,12 @@ Zabbix build base (MySQL) image is used for building Zabbix components. It conta
# Zabbix build base (MySQL) images
These are the only official Zabbix build base (MySQL) Docker images. They are based on Alpine Linux v3.15, Ubuntu 20.04 (focal), 22.04 (jammy), CentOS Stream 8 and Oracle Linux 8 images. The available versions of the image are:
These are the only official Zabbix build base (MySQL) Docker images. They are based on Alpine Linux v3.19, Ubuntu 22.04 (jammy), CentOS Stream 9 and Oracle Linux 9 images. The available versions of the image are:
Zabbix build base 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest)
Zabbix build base 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*)
Zabbix build base 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest)
Zabbix build base 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*)
Zabbix build base 6.0 (tags: alpine-6.0-latest, ubuntu-6.0-latest, ol-6.0-latest)
Zabbix build base 6.0.* (tags: alpine-6.0.*, ubuntu-6.0.*, ol-6.0.*)
Zabbix build base 6.2 (tags: alpine-6.2-latest, ubuntu-6.2-latest, ol-6.2-latest)
Zabbix build base 6.2.* (tags: alpine-6.2.*, ubuntu-6.2.*, ol-6.2.*)
Zabbix build base 6.4 (tags: alpine-6.4-latest, ubuntu-6.4-latest, ol-6.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest)
Zabbix build base 6.4.* (tags: alpine-6.4.*, ubuntu-6.4.*, ol-6.4.*)
Zabbix build base 7.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk)
@ -34,7 +30,7 @@ Images are updated when new releases are published. The image with ``latest`` ta
The image is used to build / compile Zabbix components. Components are prepared for usage in any other images.
The image uses [Zabbix build base](https://github.com/zabbix/zabbix-docker/tree/trunk/Dockerfiles/build-base) image with prepared build environment as base image and build / compile Zabbix components only.
The image uses [Zabbix build base](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/build-base) image with prepared build environment as base image and build / compile Zabbix components only.
# The image variants
@ -68,7 +64,7 @@ Please see [the Docker installation documentation](https://docs.docker.com/insta
## Documentation
Documentation for this image is stored in the [`build-base/` directory](https://github.com/zabbix/zabbix-docker/tree/trunk/Dockerfiles/build-base) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request.
Documentation for this image is stored in the [`build-base/` directory](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/build-base) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/6.4/README.md) before attempting a pull request.
## Issues

12
Dockerfiles/build-mysql/alpine/Dockerfile
View File

@ -22,9 +22,10 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
ENV MONGODB_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/mongodb.git MONGODB_PLUGIN_VERSION=${ZBX_VERSION} \
POSTGRESQL_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/postgresql.git POSTGRESQL_PLUGIN_VERSION=${ZBX_VERSION}
COPY ["conf/chromedp_no_sandbox.patch", "/tmp/chromedp_no_sandbox.patch"]
RUN set -eux && \
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
set -eux && \
cd /tmp/ && \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
@ -72,7 +73,7 @@ RUN set -eux && \
gzip -c database/mysql/create.sql > database/mysql/create_proxy.sql.gz && \
rm -rf database/mysql/create.sql && \
mkdir /tmp/fonts/ && \
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
@ -96,5 +97,4 @@ RUN set -eux && \
git -c advice.detachedHead=false clone ${POSTGRESQL_PLUGIN_SOURCES} --branch ${POSTGRESQL_PLUGIN_VERSION} --depth 1 --single-branch /tmp/postgresql_plugin && \
cd /tmp/postgresql_plugin && \
make && \
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql && \
rm -rf $(go env GOCACHE)
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql

12
Dockerfiles/build-mysql/centos/Dockerfile
View File

@ -22,9 +22,10 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
ENV MONGODB_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/mongodb.git MONGODB_PLUGIN_VERSION=${ZBX_VERSION} \
POSTGRESQL_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/postgresql.git POSTGRESQL_PLUGIN_VERSION=${ZBX_VERSION}
COPY ["conf/chromedp_no_sandbox.patch", "/tmp/chromedp_no_sandbox.patch"]
RUN set -eux && \
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
set -eux && \
cd /tmp/ && \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
@ -72,7 +73,7 @@ RUN set -eux && \
gzip -c database/mysql/create.sql > database/mysql/create_proxy.sql.gz && \
rm -rf database/mysql/create.sql && \
mkdir /tmp/fonts/ && \
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
@ -96,5 +97,4 @@ RUN set -eux && \
git -c advice.detachedHead=false clone ${POSTGRESQL_PLUGIN_SOURCES} --branch ${POSTGRESQL_PLUGIN_VERSION} --depth 1 --single-branch /tmp/postgresql_plugin && \
cd /tmp/postgresql_plugin && \
make && \
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql && \
rm -rf $(go env GOCACHE)
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql

12
Dockerfiles/build-mysql/ol/Dockerfile
View File

@ -22,9 +22,10 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
ENV MONGODB_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/mongodb.git MONGODB_PLUGIN_VERSION=${ZBX_VERSION} \
POSTGRESQL_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/postgresql.git POSTGRESQL_PLUGIN_VERSION=${ZBX_VERSION}
COPY ["conf/chromedp_no_sandbox.patch", "/tmp/chromedp_no_sandbox.patch"]
RUN set -eux && \
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
set -eux && \
cd /tmp/ && \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
@ -72,7 +73,7 @@ RUN set -eux && \
gzip -c database/mysql/create.sql > database/mysql/create_proxy.sql.gz && \
rm -rf database/mysql/create.sql && \
mkdir /tmp/fonts/ && \
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
@ -96,5 +97,4 @@ RUN set -eux && \
git -c advice.detachedHead=false clone ${POSTGRESQL_PLUGIN_SOURCES} --branch ${POSTGRESQL_PLUGIN_VERSION} --depth 1 --single-branch /tmp/postgresql_plugin && \
cd /tmp/postgresql_plugin && \
make && \
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql && \
rm -rf $(go env GOCACHE)
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql

12
Dockerfiles/build-mysql/rhel/Dockerfile
View File

@ -32,9 +32,10 @@ LABEL description="Zabbix build base for MySQL based images" \
ENV MONGODB_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/mongodb.git MONGODB_PLUGIN_VERSION=${ZBX_VERSION} \
POSTGRESQL_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/postgresql.git POSTGRESQL_PLUGIN_VERSION=${ZBX_VERSION}
COPY ["conf/chromedp_no_sandbox.patch", "/tmp/chromedp_no_sandbox.patch"]
RUN set -eux && \
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
set -eux && \
cd /tmp/ && \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
@ -82,7 +83,7 @@ RUN set -eux && \
gzip -c database/mysql/create.sql > database/mysql/create_proxy.sql.gz && \
rm -rf database/mysql/create.sql && \
mkdir /tmp/fonts/ && \
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
@ -106,5 +107,4 @@ RUN set -eux && \
git -c advice.detachedHead=false clone ${POSTGRESQL_PLUGIN_SOURCES} --branch ${POSTGRESQL_PLUGIN_VERSION} --depth 1 --single-branch /tmp/postgresql_plugin && \
cd /tmp/postgresql_plugin && \
make && \
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql && \
rm -rf $(go env GOCACHE)
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql

12
Dockerfiles/build-mysql/ubuntu/Dockerfile
View File

@ -22,9 +22,10 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
ENV MONGODB_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/mongodb.git MONGODB_PLUGIN_VERSION=${ZBX_VERSION} \
POSTGRESQL_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/postgresql.git POSTGRESQL_PLUGIN_VERSION=${ZBX_VERSION}
COPY ["conf/chromedp_no_sandbox.patch", "/tmp/chromedp_no_sandbox.patch"]
RUN set -eux && \
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
set -eux && \
cd /tmp/ && \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
@ -72,7 +73,7 @@ RUN set -eux && \
gzip -c database/mysql/create.sql > database/mysql/create_proxy.sql.gz && \
rm -rf database/mysql/create.sql && \
mkdir /tmp/fonts/ && \
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
@ -96,5 +97,4 @@ RUN set -eux && \
git -c advice.detachedHead=false clone ${POSTGRESQL_PLUGIN_SOURCES} --branch ${POSTGRESQL_PLUGIN_VERSION} --depth 1 --single-branch /tmp/postgresql_plugin && \
cd /tmp/postgresql_plugin && \
make && \
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql && \
rm -rf $(go env GOCACHE)
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql

10
Dockerfiles/build-pgsql/README.md
View File

@ -14,16 +14,12 @@ Zabbix build base (PostgreSQL) image is used for building Zabbix components. It
# Zabbix build base (PostgreSQL) images
These are the only official Zabbix build base (PostgreSQL) Docker images. They are based on Alpine Linux v3.15, Ubuntu 20.04 (focal), 22.04 (jammy), CentOS Stream 8 and Oracle Linux 8 images. The available versions of the image are:
These are the only official Zabbix build base (PostgreSQL) Docker images. They are based on Alpine Linux v3.19, Ubuntu 22.04 (jammy), CentOS Stream 9 and Oracle Linux 9 images. The available versions of the image are:
Zabbix build base 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest)
Zabbix build base 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*)
Zabbix build base 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest)
Zabbix build base 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*)
Zabbix build base 6.0 (tags: alpine-6.0-latest, ubuntu-6.0-latest, ol-6.0-latest)
Zabbix build base 6.0.* (tags: alpine-6.0.*, ubuntu-6.0.*, ol-6.0.*)
Zabbix build base 6.2 (tags: alpine-6.2-latest, ubuntu-6.2-latest, ol-6.2-latest)
Zabbix build base 6.2.* (tags: alpine-6.2.*, ubuntu-6.2.*, ol-6.2.*)
Zabbix build base 6.4 (tags: alpine-6.4-latest, ubuntu-6.4-latest, ol-6.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest)
Zabbix build base 6.4.* (tags: alpine-6.4.*, ubuntu-6.4.*, ol-6.4.*)
Zabbix build base 7.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk)
@ -34,7 +30,7 @@ Images are updated when new releases are published. The image with ``latest`` ta
The image is used to build / compile Zabbix components. Components are prepared for usage in any other images.
The image uses [Zabbix build base](https://github.com/zabbix/zabbix-docker/tree/trunk/Dockerfiles/build-base) image with prepared build environment as base image and build / compile Zabbix components only.
The image uses [Zabbix build base](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/build-base) image with prepared build environment as base image and build / compile Zabbix components only.
# The image variants
@ -68,7 +64,7 @@ Please see [the Docker installation documentation](https://docs.docker.com/insta
## Documentation
Documentation for this image is stored in the [`build-base/` directory](https://github.com/zabbix/zabbix-docker/tree/trunk/Dockerfiles/build-base) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request.
Documentation for this image is stored in the [`build-base/` directory](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/build-base) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/trunk/README.md) before attempting a pull request.
## Issues

12
Dockerfiles/build-pgsql/alpine/Dockerfile
View File

@ -22,9 +22,10 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
ENV MONGODB_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/mongodb.git MONGODB_PLUGIN_VERSION=${ZBX_VERSION} \
POSTGRESQL_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/postgresql.git POSTGRESQL_PLUGIN_VERSION=${ZBX_VERSION}
COPY ["conf/chromedp_no_sandbox.patch", "/tmp/chromedp_no_sandbox.patch"]
RUN set -eux && \
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
set -eux && \
cd /tmp/ && \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
@ -72,7 +73,7 @@ RUN set -eux && \
gzip -c database/postgresql/create.sql > database/postgresql/create_proxy.sql.gz && \
rm -rf database/postgresql/create.sql && \
mkdir /tmp/fonts/ && \
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
@ -96,5 +97,4 @@ RUN set -eux && \
git -c advice.detachedHead=false clone ${POSTGRESQL_PLUGIN_SOURCES} --branch ${POSTGRESQL_PLUGIN_VERSION} --depth 1 --single-branch /tmp/postgresql_plugin && \
cd /tmp/postgresql_plugin && \
make && \
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql && \
rm -rf $(go env GOCACHE)
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql

12
Dockerfiles/build-pgsql/centos/Dockerfile
View File

@ -22,9 +22,10 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
ENV MONGODB_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/mongodb.git MONGODB_PLUGIN_VERSION=${ZBX_VERSION} \
POSTGRESQL_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/postgresql.git POSTGRESQL_PLUGIN_VERSION=${ZBX_VERSION}
COPY ["conf/chromedp_no_sandbox.patch", "/tmp/chromedp_no_sandbox.patch"]
RUN set -eux && \
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
set -eux && \
cd /tmp/ && \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
@ -72,7 +73,7 @@ RUN set -eux && \
gzip -c database/postgresql/create.sql > database/postgresql/create_proxy.sql.gz && \
rm -rf database/postgresql/create.sql && \
mkdir /tmp/fonts/ && \
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
@ -96,5 +97,4 @@ RUN set -eux && \
git -c advice.detachedHead=false clone ${POSTGRESQL_PLUGIN_SOURCES} --branch ${POSTGRESQL_PLUGIN_VERSION} --depth 1 --single-branch /tmp/postgresql_plugin && \
cd /tmp/postgresql_plugin && \
make && \
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql && \
rm -rf $(go env GOCACHE)
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql

12
Dockerfiles/build-pgsql/ol/Dockerfile
View File

@ -22,9 +22,10 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
ENV MONGODB_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/mongodb.git MONGODB_PLUGIN_VERSION=${ZBX_VERSION} \
POSTGRESQL_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/postgresql.git POSTGRESQL_PLUGIN_VERSION=${ZBX_VERSION}
COPY ["conf/chromedp_no_sandbox.patch", "/tmp/chromedp_no_sandbox.patch"]
RUN set -eux && \
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
set -eux && \
cd /tmp/ && \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
@ -72,7 +73,7 @@ RUN set -eux && \
gzip -c database/postgresql/create.sql > database/postgresql/create_proxy.sql.gz && \
rm -rf database/postgresql/create.sql && \
mkdir /tmp/fonts/ && \
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
@ -96,5 +97,4 @@ RUN set -eux && \
git -c advice.detachedHead=false clone ${POSTGRESQL_PLUGIN_SOURCES} --branch ${POSTGRESQL_PLUGIN_VERSION} --depth 1 --single-branch /tmp/postgresql_plugin && \
cd /tmp/postgresql_plugin && \
make && \
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql && \
rm -rf $(go env GOCACHE)
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql

12
Dockerfiles/build-pgsql/ubuntu/Dockerfile
View File

@ -22,9 +22,10 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
ENV MONGODB_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/mongodb.git MONGODB_PLUGIN_VERSION=${ZBX_VERSION} \
POSTGRESQL_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/postgresql.git POSTGRESQL_PLUGIN_VERSION=${ZBX_VERSION}
COPY ["conf/chromedp_no_sandbox.patch", "/tmp/chromedp_no_sandbox.patch"]
RUN set -eux && \
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
--mount=type=bind,source=conf/chromedp_no_sandbox.patch,target=/tmp/chromedp_no_sandbox.patch \
set -eux && \
cd /tmp/ && \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
@ -72,7 +73,7 @@ RUN set -eux && \
gzip -c database/postgresql/create.sql > database/postgresql/create_proxy.sql.gz && \
rm -rf database/postgresql/create.sql && \
mkdir /tmp/fonts/ && \
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
@ -96,5 +97,4 @@ RUN set -eux && \
git -c advice.detachedHead=false clone ${POSTGRESQL_PLUGIN_SOURCES} --branch ${POSTGRESQL_PLUGIN_VERSION} --depth 1 --single-branch /tmp/postgresql_plugin && \
cd /tmp/postgresql_plugin && \
make && \
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql && \
rm -rf $(go env GOCACHE)
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql

10
Dockerfiles/build-sqlite3/README.md
View File

@ -14,16 +14,12 @@ Zabbix build base (SQLite3) image is used for building Zabbix components. It con
# Zabbix build base (SQLite3) images
These are the only official Zabbix build base (SQLite3) Docker images. They are based on Alpine Linux v3.15, Ubuntu 20.04 (focal), 22.04 (jammy), CentOS Stream 8 and Oracle Linux 8 images. The available versions of the image are:
These are the only official Zabbix build base (SQLite3) Docker images. They are based on Alpine Linux v3.19, Ubuntu 22.04 (jammy), CentOS Stream 9 and Oracle Linux 9 images. The available versions of the image are:
Zabbix build base 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest)
Zabbix build base 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*)
Zabbix build base 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest)
Zabbix build base 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*)
Zabbix build base 6.0 (tags: alpine-6.0-latest, ubuntu-6.0-latest, ol-6.0-latest)
Zabbix build base 6.0.* (tags: alpine-6.0.*, ubuntu-6.0.*, ol-6.0.*)
Zabbix build base 6.2 (tags: alpine-6.2-latest, ubuntu-6.2-latest, ol-6.2-latest)
Zabbix build base 6.2.* (tags: alpine-6.2.*, ubuntu-6.2.*, ol-6.2.*)
Zabbix build base 6.4 (tags: alpine-6.4-latest, ubuntu-6.4-latest, ol-6.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest)
Zabbix build base 6.4.* (tags: alpine-6.4.*, ubuntu-6.4.*, ol-6.4.*)
Zabbix build base 7.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk)
@ -34,7 +30,7 @@ Images are updated when new releases are published. The image with ``latest`` ta
The image is used to build / compile Zabbix components. Components are prepared for usage in any other images.
The image uses [Zabbix build base](https://github.com/zabbix/zabbix-docker/tree/trunk/Dockerfiles/build-base) image with prepared build environment as base image and build / compile Zabbix components only.
The image uses [Zabbix build base](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/build-base) image with prepared build environment as base image and build / compile Zabbix components only.
It contains limited prepared Zabbix components while MySQL and PostgreSQL build base images contain all possible components:
* zabbix-agent
@ -74,7 +70,7 @@ Please see [the Docker installation documentation](https://docs.docker.com/insta
## Documentation
Documentation for this image is stored in the [`build-base/` directory](https://github.com/zabbix/zabbix-docker/tree/trunk/Dockerfiles/build-base) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request.
Documentation for this image is stored in the [`build-base/` directory](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/build-base) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/6.4/README.md) before attempting a pull request.
## Issues

9
Dockerfiles/build-sqlite3/alpine/Dockerfile
View File

@ -22,7 +22,9 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
ENV MONGODB_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/mongodb.git MONGODB_PLUGIN_VERSION=${ZBX_VERSION} \
POSTGRESQL_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/postgresql.git POSTGRESQL_PLUGIN_VERSION=${ZBX_VERSION}
RUN set -eux && \
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
set -eux && \
cd /tmp/ && \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
@ -58,7 +60,7 @@ RUN set -eux && \
make -j"$(nproc)" -s dbschema && \
make -j"$(nproc)" -s && \
mkdir /tmp/fonts/ && \
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
@ -80,5 +82,4 @@ RUN set -eux && \
git -c advice.detachedHead=false clone ${POSTGRESQL_PLUGIN_SOURCES} --branch ${POSTGRESQL_PLUGIN_VERSION} --depth 1 --single-branch /tmp/postgresql_plugin && \
cd /tmp/postgresql_plugin && \
make && \
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql && \
rm -rf $(go env GOCACHE)
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql

9
Dockerfiles/build-sqlite3/centos/Dockerfile
View File

@ -22,7 +22,9 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
ENV MONGODB_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/mongodb.git MONGODB_PLUGIN_VERSION=${ZBX_VERSION} \
POSTGRESQL_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/postgresql.git POSTGRESQL_PLUGIN_VERSION=${ZBX_VERSION}
RUN set -eux && \
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
set -eux && \
cd /tmp/ && \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
@ -58,7 +60,7 @@ RUN set -eux && \
make -j"$(nproc)" -s dbschema && \
make -j"$(nproc)" -s && \
mkdir /tmp/fonts/ && \
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
@ -80,5 +82,4 @@ RUN set -eux && \
git -c advice.detachedHead=false clone ${POSTGRESQL_PLUGIN_SOURCES} --branch ${POSTGRESQL_PLUGIN_VERSION} --depth 1 --single-branch /tmp/postgresql_plugin && \
cd /tmp/postgresql_plugin && \
make && \
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql && \
rm -rf $(go env GOCACHE)
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql

9
Dockerfiles/build-sqlite3/ol/Dockerfile
View File

@ -22,7 +22,9 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
ENV MONGODB_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/mongodb.git MONGODB_PLUGIN_VERSION=${ZBX_VERSION} \
POSTGRESQL_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/postgresql.git POSTGRESQL_PLUGIN_VERSION=${ZBX_VERSION}
RUN set -eux && \
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
set -eux && \
cd /tmp/ && \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
@ -58,7 +60,7 @@ RUN set -eux && \
make -j"$(nproc)" -s dbschema && \
make -j"$(nproc)" -s && \
mkdir /tmp/fonts/ && \
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
@ -80,5 +82,4 @@ RUN set -eux && \
git -c advice.detachedHead=false clone ${POSTGRESQL_PLUGIN_SOURCES} --branch ${POSTGRESQL_PLUGIN_VERSION} --depth 1 --single-branch /tmp/postgresql_plugin && \
cd /tmp/postgresql_plugin && \
make && \
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql && \
rm -rf $(go env GOCACHE)
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql

9
Dockerfiles/build-sqlite3/rhel/Dockerfile
View File

@ -32,7 +32,9 @@ LABEL description="Zabbix build base for SQLite3 based images" \
ENV MONGODB_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/mongodb.git MONGODB_PLUGIN_VERSION=${ZBX_VERSION} \
POSTGRESQL_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/postgresql.git POSTGRESQL_PLUGIN_VERSION=${ZBX_VERSION}
RUN set -eux && \
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
set -eux && \
cd /tmp/ && \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
@ -68,7 +70,7 @@ RUN set -eux && \
make -j"$(nproc)" -s dbschema && \
make -j"$(nproc)" -s && \
mkdir /tmp/fonts/ && \
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
@ -90,5 +92,4 @@ RUN set -eux && \
git -c advice.detachedHead=false clone ${POSTGRESQL_PLUGIN_SOURCES} --branch ${POSTGRESQL_PLUGIN_VERSION} --depth 1 --single-branch /tmp/postgresql_plugin && \
cd /tmp/postgresql_plugin && \
make && \
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql && \
rm -rf $(go env GOCACHE)
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql

9
Dockerfiles/build-sqlite3/ubuntu/Dockerfile
View File

@ -22,7 +22,9 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
ENV MONGODB_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/mongodb.git MONGODB_PLUGIN_VERSION=${ZBX_VERSION} \
POSTGRESQL_PLUGIN_SOURCES=https://git.zabbix.com/scm/ap/postgresql.git POSTGRESQL_PLUGIN_VERSION=${ZBX_VERSION}
RUN set -eux && \
RUN --mount=type=cache,target=/root/.cache/go-build/ \
--mount=type=cache,target=/root/go/ \
set -eux && \
cd /tmp/ && \
git -c advice.detachedHead=false clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch /tmp/zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
@ -58,7 +60,7 @@ RUN set -eux && \
make -j"$(nproc)" -s dbschema && \
make -j"$(nproc)" -s && \
mkdir /tmp/fonts/ && \
curl --silent -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
curl --tlsv1.2 -sSf -L "https://noto-website.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip" -o /tmp/fonts/NotoSansCJKjp-hinted.zip && \
unzip /tmp/fonts/NotoSansCJKjp-hinted.zip -d /tmp/fonts/ && \
cp /tmp/fonts/NotoSansCJKjp-Regular.otf /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/NotoSansCJKjp-Regular.ttf && \
cp /tmp/fonts/LICENSE_OFL.txt /tmp/zabbix-${ZBX_VERSION}/ui/assets/fonts/ && \
@ -80,5 +82,4 @@ RUN set -eux && \
git -c advice.detachedHead=false clone ${POSTGRESQL_PLUGIN_SOURCES} --branch ${POSTGRESQL_PLUGIN_VERSION} --depth 1 --single-branch /tmp/postgresql_plugin && \
cd /tmp/postgresql_plugin && \
make && \
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql && \
rm -rf $(go env GOCACHE)
strip /tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql

8
Dockerfiles/java-gateway/README.md
View File

@ -14,16 +14,12 @@ Zabbix Java Gateway performs native support for monitoring JMX applications. Jav
# Zabbix Java Gateway images
These are the only official Zabbix Java Gateway Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), 22.04 (jammy), CentOS Stream 8 and Oracle Linux 8 images. The available versions of Zabbix Java Gateway are:
These are the only official Zabbix Java Gateway Docker images. They are based on Alpine Linux v3.19, Ubuntu 22.04 (jammy), CentOS Stream 9 and Oracle Linux 9 images. The available versions of Zabbix Java Gateway are:
Zabbix Java Gateway 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest)
Zabbix Java Gateway 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*)
Zabbix Java Gateway 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest)
Zabbix Java Gateway 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*)
Zabbix Java Gateway 6.0 (tags: alpine-6.0-latest, ubuntu-6.0-latest, ol-6.0-latest)
Zabbix Java Gateway 6.0.* (tags: alpine-6.0.*, ubuntu-6.0.*, ol-6.0.*)
Zabbix Java Gateway 6.2 (tags: alpine-6.2-latest, ubuntu-6.2-latest, ol-6.2-latest)
Zabbix Java Gateway 6.2.* (tags: alpine-6.2.*, ubuntu-6.2.*, ol-6.2.*)
Zabbix Java Gateway 6.4 (tags: alpine-6.4-latest, ubuntu-6.4-latest, ol-6.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest)
Zabbix Java Gateway 6.4.* (tags: alpine-6.4.*, ubuntu-6.4.*, ol-6.4.*)
Zabbix Java Gateway 7.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk)
@ -120,7 +116,7 @@ Please see [the Docker installation documentation](https://docs.docker.com/insta
## Documentation
Documentation for this image is stored in the [`java-gateway/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/java-gateway) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request.
Documentation for this image is stored in the [`java-gateway/` directory](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/java-gateway) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/6.4/README.md) before attempting a pull request.
## Issues

3
Dockerfiles/java-gateway/alpine/Dockerfile
View File

@ -70,8 +70,7 @@ RUN set -eux && \
mv /usr/sbin/zabbix_java/lib/logback-console.xml /etc/zabbix/zabbix_java_gateway_logback.xml && \
chown --quiet -R zabbix:root /etc/zabbix/ /usr/sbin/zabbix_java/ && \
chgrp -R 0 /etc/zabbix/ /usr/sbin/zabbix_java/ && \
chmod -R g=u /etc/zabbix/ /usr/sbin/zabbix_java/ && \
rm -rf /var/cache/apk/*
chmod -R g=u /etc/zabbix/ /usr/sbin/zabbix_java/
EXPOSE 10052/TCP

22
Dockerfiles/java-gateway/centos/Dockerfile
View File

@ -5,7 +5,7 @@ ARG BUILD_BASE_IMAGE=zabbix-build-mysql:centos-${ZBX_VERSION}
FROM ${BUILD_BASE_IMAGE} AS builder
FROM quay.io/centos/centos:stream9
FROM quay.io/centos/centos:stream9-minimal
ARG MAJOR_VERSION
ARG ZBX_VERSION
@ -29,18 +29,20 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/bin", "/usr/sbin/zabbix_java/bin"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib", "/usr/sbin/zabbix_java/lib"]
RUN set -eux && \
REPOLIST="baseos,appstream" && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
shadow-utils \
java-17-openjdk-headless \
findutils" && \
dnf -y install \
microdnf -y install \
--disablerepo "*" \
--enablerepo "${REPOLIST}" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--enablerepo "baseos" \
--enablerepo "appstream" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
${INSTALL_PKGS} && \
--nodocs ${INSTALL_PKGS} && \
groupadd \
--system \
--gid 1995 \
@ -61,9 +63,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /usr/sbin/zabbix_java/ && \
chgrp -R 0 /etc/zabbix/ /usr/sbin/zabbix_java/ && \
chmod -R g=u /etc/zabbix/ /usr/sbin/zabbix_java/ && \
dnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10052/TCP

8
Dockerfiles/java-gateway/ol/Dockerfile
View File

@ -29,7 +29,8 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/bin", "/usr/sbin/zabbix_java/bin"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib", "/usr/sbin/zabbix_java/lib"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
java-17-openjdk-headless \
findutils" && \
@ -38,6 +39,7 @@ RUN set -eux && \
--enablerepo="ol9_baseos_latest" \
--enablerepo="ol9_appstream" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs \
${INSTALL_PKGS} && \
@ -61,9 +63,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /usr/sbin/zabbix_java/ && \
chgrp -R 0 /etc/zabbix/ /usr/sbin/zabbix_java/ && \
chmod -R g=u /etc/zabbix/ /usr/sbin/zabbix_java/ && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10052/TCP

10
Dockerfiles/java-gateway/rhel/Dockerfile
View File

@ -6,7 +6,7 @@ ARG BUILD_BASE_IMAGE=zabbix-build-mysql:rhel-${ZBX_VERSION}
FROM ${BUILD_BASE_IMAGE} AS builder
FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
FROM registry.access.redhat.com/ubi9/ubi-minimal:9.3
ARG MAJOR_VERSION
ARG RELEASE
@ -48,7 +48,8 @@ COPY ["licenses", "/licenses"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/bin", "/usr/sbin/zabbix_java/bin"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib", "/usr/sbin/zabbix_java/lib"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
findutils \
shadow-utils \
@ -58,6 +59,7 @@ RUN set -eux && \
--enablerepo "ubi-9-baseos-rpms" \
--enablerepo "ubi-9-appstream-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
@ -81,9 +83,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /usr/sbin/zabbix_java/ && \
chgrp -R 0 /etc/zabbix/ /usr/sbin/zabbix_java/ && \
chmod -R g=u /etc/zabbix/ /usr/sbin/zabbix_java/ && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10052/TCP

47
Dockerfiles/java-gateway/rhel/README.html Normal file
View File

@ -0,0 +1,47 @@
<p><img src="https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png" alt="logo"></p>
<h1 id="what-is-zabbix-">What is Zabbix?</h1>
<p>Zabbix is an enterprise-class open source distributed monitoring solution.</p>
<p>Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning.</p>
<p>For more information and related downloads for Zabbix components, please visit <a href="https://hub.docker.com/u/zabbix/">https://hub.docker.com/u/zabbix/</a> and <a href="https://zabbix.com">https://zabbix.com</a></p>
<h1 id="what-is-zabbix-java-gateway-">What is Zabbix Java Gateway?</h1>
<p>Zabbix Java Gateway performs native support for monitoring JMX applications. Java gateway accepts incoming connection from Zabbix server or Zabbix proxy and can only be used as a &quot;passive proxy&quot;.</p>
<h1 id="zabbix-java-gateway-images">Zabbix Java Gateway images</h1>
<p>These are the only official Zabbix Java Gateway Podman images. Images are updated when new releases are published.</p>
<h1 id="how-to-use-this-image">How to use this image</h1>
<h2 id="start-zabbix-java-gateway-">Start <code>zabbix-java-gateway</code></h2>
<p>Start a Zabbix Java Gateway container as follows:</p>
<pre><code>podman <span class="hljs-keyword">run</span><span class="bash"> --name some-zabbix-java-gateway <span class="hljs-_">-d</span> zabbix/zabbix-java-gateway:tag</span>
</code></pre><p>Where <code>some-zabbix-java-gateway</code> is the name you want to assign to your container and <code>tag</code> is the tag specifying the version you want.</p>
<h2 id="linking-the-container-to-zabbix-server-or-zabbix-proxy">Linking the container to Zabbix server or Zabbix proxy</h2>
<pre><code>podman <span class="hljs-keyword">run</span><span class="bash"> --name some-zabbix-java-gateway --link some-zabbix-server:zabbix-server <span class="hljs-_">-d</span> zabbix/zabbix-java-gateway:tag</span>
</code></pre><h2 id="container-shell-access-and-viewing-zabbix-java-gateway-logs">Container shell access and viewing Zabbix Java Gateway logs</h2>
<p>The <code>podman exec</code> command allows you to run commands inside a Podman container. The following command line will give you a bash shell inside your <code>zabbix-java-gateway</code> container:</p>
<pre><code class="lang-console">$ podman exec -ti <span class="hljs-keyword">some</span>-zabbix-java-gateway /bin/bash
</code></pre>
<p>The Zabbix Java Gateway log is available through Podman&#39;s container log:</p>
<pre><code class="lang-console">$ podman logs <span class="hljs-keyword">some</span>-zabbix-java-gateway
</code></pre>
<h2 id="environment-variables">Environment Variables</h2>
<p>When you start the <code>zabbix-java-gateway</code> image, you can adjust the configuration of the Zabbix Java Gateway by passing one or more environment variables on the <code>podman run</code> command line.</p>
<h3 id="-zbx_start_pollers-"><code>ZBX_START_POLLERS</code></h3>
<p>This variable is specified amount of pollers. By default, value is <code>5</code>.</p>
<h3 id="-zbx_timeout-"><code>ZBX_TIMEOUT</code></h3>
<p>This variable is used to specify timeout for outgoing connections. By default, value is <code>3</code>.</p>
<h3 id="-zbx_debuglevel-"><code>ZBX_DEBUGLEVEL</code></h3>
<p>This variable is used to specify log level. By default, value is <code>info</code>. The variable allows next values: <code>trace</code>, <code>debug</code>, <code>info</code>, <code>want</code>, <code>error</code>, <code>all</code>, <code>off</code></p>
<h3 id="-zbx_properties_file-"><code>ZBX_PROPERTIES_FILE</code></h3>
<p>Name of properties file. Can be used to set additional properties using a key-value format in such a way that they are not visible on a command line or to overwrite existing ones.</p>
<h3 id="-zabbix_options-"><code>ZABBIX_OPTIONS</code></h3>
<p>Additional arguments for Zabbix Java Gateway. Useful to enable additional libraries and features.</p>
<h2 id="allowed-volumes-for-the-zabbix-java-gateway-container">Allowed volumes for the Zabbix Java Gateway container</h2>
<h3 id="-usr-sbin-zabbix_java-ext_lib-"><code>/usr/sbin/zabbix_java/ext_lib</code></h3>
<p>The volume allows include additional JAR files to extend allowed protocols for Zabbix Java Gateway.</p>
<h1 id="user-feedback">User Feedback</h1>
<h2 id="documentation">Documentation</h2>
<p>Documentation for this image is stored in the <a href="https://github.com/zabbix/zabbix-docker/tree/Dockerfiles/6.4/java-gateway"><code>java-gateway/</code> directory</a> of the <a href="https://github.com/zabbix/zabbix-docker/"><code>zabbix/zabbix-docker</code> GitHub repo</a>. Be sure to familiarize yourself with the <a href="https://github.com/zabbix/zabbix-docker/blob/6.4/README.md">repository&#39;s <code>README.md</code> file</a> before attempting a pull request.</p>
<h2 id="issues">Issues</h2>
<p>If you have any problems with or questions about this image, please contact us through a <a href="https://github.com/zabbix/zabbix-docker/issues">GitHub issue</a>.</p>
<h3 id="known-issues">Known issues</h3>
<h2 id="contributing">Contributing</h2>
<p>You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.</p>
<p>Before you start to code, we recommend discussing your plans through a <a href="https://github.com/zabbix/zabbix-docker/issues">GitHub issue</a>, especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.</p>

1
Dockerfiles/java-gateway/rhel/README.md
View File

@ -1 +0,0 @@
../README.md

6
Dockerfiles/java-gateway/ubuntu/Dockerfile
View File

@ -29,7 +29,8 @@ STOPSIGNAL SIGTERM
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/bin", "/usr/sbin/zabbix_java/bin"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_java/lib", "/usr/sbin/zabbix_java/lib"]
RUN set -eux && \
RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
openjdk-17-jre-headless" && \
@ -58,8 +59,7 @@ RUN set -eux && \
chgrp -R 0 /etc/zabbix/ /usr/sbin/zabbix_java/ && \
chmod -R g=u /etc/zabbix/ /usr/sbin/zabbix_java/ && \
apt-get -y autoremove && \
apt-get -y clean && \
rm -rf /var/lib/apt/lists/*
apt-get -y clean
EXPOSE 10052/TCP

10
Dockerfiles/proxy-mysql/README.md
View File

@ -14,16 +14,12 @@ Zabbix proxy is a process that may collect monitoring data from one or more moni
# Zabbix proxy images
These are the only official Zabbix proxy Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), 22.04 (jammy), CentOS Stream 8 and Oracle Linux 8 images. The available versions of Zabbix proxy are:
These are the only official Zabbix proxy Docker images. They are based on Alpine Linux v3.19, Ubuntu 22.04 (jammy), CentOS Stream 9 and Oracle Linux 9 images. The available versions of Zabbix proxy are:
Zabbix proxy 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest)
Zabbix proxy 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*)
Zabbix proxy 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest)
Zabbix proxy 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*)
Zabbix proxy 6.0 (tags: alpine-6.0-latest, ubuntu-6.0-latest, ol-6.0-latest)
Zabbix proxy 6.0.* (tags: alpine-6.0.*, ubuntu-6.0.*, ol-6.0.*)
Zabbix proxy 6.2 (tags: alpine-6.2-latest, ubuntu-6.2-latest, ol-6.2-latest)
Zabbix proxy 6.2.* (tags: alpine-6.2.*, ubuntu-6.2.*, ol-6.2.*)
Zabbix proxy 6.4 (tags: alpine-6.4-latest, ubuntu-6.4-latest, ol-6.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest)
Zabbix proxy 6.4.* (tags: alpine-6.4.*, ubuntu-6.4.*, ol-6.4.*)
Zabbix proxy 7.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk)
@ -113,7 +109,7 @@ This variable is port Zabbix server listening on. By default, value is `10051`.
This variable is IP or DNS name of MySQL server. By default, value is 'mysql-server'
### `DB_SERVER_PORT`
This variable is port of MySQL server. By default, value is '3306'.
### `MYSQL_USER`, `MYSQL_PASSWORD`, `MYSQL_USER_FILE`, `MYSQL_PASSWORD_FILE`
@ -315,7 +311,7 @@ Please see [the Docker installation documentation](https://docs.docker.com/insta
## Documentation
Documentation for this image is stored in the [`proxy-mysql/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/proxy-mysql) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request.
Documentation for this image is stored in the [`proxy-mysql/` directory](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/proxy-mysql) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/6.4/README.md) before attempting a pull request.
## Issues

3
Dockerfiles/proxy-mysql/alpine/Dockerfile
View File

@ -88,8 +88,7 @@ RUN set -eux && \
mkdir -p /usr/share/doc/zabbix-proxy-mysql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
rm -rf /var/cache/apk/*
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/
EXPOSE 10051/TCP

36
Dockerfiles/proxy-mysql/centos/Dockerfile
View File

@ -5,7 +5,7 @@ ARG BUILD_BASE_IMAGE=zabbix-build-mysql:centos-${ZBX_VERSION}
FROM ${BUILD_BASE_IMAGE} AS builder
FROM quay.io/centos/centos:stream9
FROM quay.io/centos/centos:stream9-minimal
ARG MAJOR_VERSION
ARG ZBX_VERSION
@ -34,8 +34,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/zabbix/zabbix_proxy.conf"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql.gz", "/usr/share/doc/zabbix-proxy-mysql/create.sql.gz"]
RUN set -eux && \
REPOLIST="baseos,appstream,crb,epel" && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="libevent \
tini \
traceroute \
@ -52,16 +52,26 @@ RUN set -eux && \
openldap \
openssl-libs \
pcre2 \
shadow-utils \
zlib \
unixODBC" && \
dnf -y install epel-release && \
dnf -y install \
--disablerepo "*" \
--enablerepo "${REPOLIST}" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
microdnf -y install \
--disablerepo "*" \
--enablerepo "extras-common" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs epel-release && \
microdnf -y install \
--disablerepo "*" \
--enablerepo "baseos" \
--enablerepo "appstream" \
--enablerepo "crb" \
--enablerepo="epel" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs ${INSTALL_PKGS} && \
groupadd \
--system \
--gid 1995 \
@ -92,9 +102,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
dnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10051/TCP

8
Dockerfiles/proxy-mysql/ol/Dockerfile
View File

@ -35,7 +35,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql.gz", "/usr/share/doc/zabbix-proxy-mysql/create.sql.gz"]
COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel-ol9.repo"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="libevent \
tini \
traceroute \
@ -61,6 +62,7 @@ RUN set -eux && \
--enablerepo="ol9_codeready_builder" \
--enablerepo="ol9_developer_EPEL" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs \
${INSTALL_PKGS} && \
@ -94,9 +96,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10051/TCP

10
Dockerfiles/proxy-mysql/rhel/Dockerfile
View File

@ -6,7 +6,7 @@ ARG BUILD_BASE_IMAGE=zabbix-build-mysql:rhel-${ZBX_VERSION}
FROM ${BUILD_BASE_IMAGE} AS builder
FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
FROM registry.access.redhat.com/ubi9/ubi-minimal:9.3
ARG MAJOR_VERSION
ARG RELEASE
@ -53,7 +53,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/zabbix/zabbix_proxy.conf"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql.gz", "/usr/share/doc/zabbix-proxy-mysql/create.sql.gz"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tini \
traceroute \
@ -86,6 +87,7 @@ RUN set -eux && \
--enablerepo "codeready-builder-for-rhel-9-$ARCH_SUFFIX-rpms" \
--enablerepo "epel" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
@ -125,9 +127,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10051/TCP

194
Dockerfiles/proxy-mysql/rhel/README.html Normal file
View File

@ -0,0 +1,194 @@
<p><img src="https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png" alt="logo"></p>
<h1 id="what-is-zabbix-">What is Zabbix?</h1>
<p>Zabbix is an enterprise-class open source distributed monitoring solution.</p>
<p>Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning.</p>
<p>For more information and related downloads for Zabbix components, please visit <a href="https://hub.docker.com/u/zabbix/">https://hub.docker.com/u/zabbix/</a> and <a href="https://zabbix.com">https://zabbix.com</a></p>
<h1 id="what-is-zabbix-proxy-">What is Zabbix proxy?</h1>
<p>Zabbix proxy is a process that may collect monitoring data from one or more monitored devices and send the information to the Zabbix server, essentially working on behalf of the server. All collected data is buffered locally and then transferred to the Zabbix server the proxy belongs to.</p>
<h1 id="zabbix-proxy-images">Zabbix proxy images</h1>
<p>These are the only official Zabbix proxy Podman images. Images are updated when new releases are published. The image with <code>latest</code> tag is based on Alpine Linux.</p>
<p>The image uses MySQL database to store collected data before sending it to Zabbix server. It uses the next procedure to start:</p>
<ul>
<li>Checking database availability</li>
<li>If <code>MYSQL_ROOT_PASSWORD</code> or <code>MYSQL_ALLOW_EMPTY_PASSWORD</code> are specified, the instance tries to create <code>MYSQL_USER</code> user with <code>MYSQL_PASSWORD</code> to use these credentials then for Zabbix server.</li>
<li>Checking of having <code>MYSQL_DATABASE</code> database. Creating <code>MYSQL_DATABASE</code> database name if it does not exist</li>
<li>Checking of having <code>dbversion</code> table. Creating Zabbix proxy database schema if no <code>dbversion</code> table</li>
</ul>
<h1 id="how-to-use-this-image">How to use this image</h1>
<h2 id="start-zabbix-proxy-mysql-">Start <code>zabbix-proxy-mysql</code></h2>
<p>Start a Zabbix proxy container as follows:</p>
<pre><code>podman <span class="hljs-keyword">run</span><span class="bash"> --name some-zabbix-proxy-mysql <span class="hljs-_">-e</span> DB_SERVER_HOST=<span class="hljs-string">"some-mysql-server"</span> <span class="hljs-_">-e</span> MYSQL_USER=<span class="hljs-string">"some-user"</span> <span class="hljs-_">-e</span> MYSQL_PASSWORD=<span class="hljs-string">"some-password"</span> <span class="hljs-_">-e</span> ZBX_HOSTNAME=some-hostname <span class="hljs-_">-e</span> ZBX_SERVER_HOST=some-zabbix-server <span class="hljs-_">-d</span> zabbix/zabbix-proxy-mysql:tag</span>
</code></pre><p>Where <code>some-zabbix-proxy-mysql</code> is the name you want to assign to your container, <code>some-mysql-server</code> is IP or DNS name of MySQL server, <code>some-user</code> is user to connect to Zabbix database on MySQL server, <code>some-password</code> is the password to connect to MySQL server, <code>some-hostname</code> is the hostname, it is Hostname parameter in Zabbix proxy configuration file, <code>some-zabbix-server</code> is IP or DNS name of Zabbix server and <code>tag</code> is the tag specifying the version you want.</p>
<blockquote>
<p>[!NOTE]
Zabbix server has possibility to execute <code>fping</code> utility to perform ICMP checks. When containers are running in rootless mode or with specific restrictions environment, you may face errors related to fping:
<code>fping: Operation not permitted</code>
or
lost all packets to all resources
in this case add <code>--cap-add=net_raw</code> to <code>docker run</code> or <code>podman run</code> commands.
Additionally fping executing in non-root environments can require sysctl modification:
<code>net.ipv4.ping_group_range=0 1995</code>
where 1995 is <code>zabbix</code> GID.</p>
</blockquote>
<h2 id="connects-from-zabbix-server-passive-proxy-">Connects from Zabbix server (Passive proxy)</h2>
<p>This image exposes the standard Zabbix proxy port (10051) and can operate as Passive proxy in case <code>ZBX_PROXYMODE</code> = <code>1</code>. Start Zabbix server container like this in order to link it to the Zabbix proxy container:</p>
<pre><code class="lang-console"><span class="hljs-comment">$</span> <span class="hljs-comment">podman</span> <span class="hljs-comment">run</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">name</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">link</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">proxy</span><span class="hljs-literal">-</span><span class="hljs-comment">mysql:zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">proxy</span><span class="hljs-literal">-</span><span class="hljs-comment">mysql</span> <span class="hljs-literal">-</span><span class="hljs-comment">d</span> <span class="hljs-comment">zabbix/zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server:latest</span>
</code></pre>
<h2 id="connect-to-zabbix-server-active-proxy-">Connect to Zabbix server (Active proxy)</h2>
<p>This image can operate as Active proxy (<code>default</code> mode). Start your application container like this in order to link Zabbix proxy to Zabbix server containters:</p>
<pre><code class="lang-console"><span class="hljs-comment">$</span> <span class="hljs-comment">podman</span> <span class="hljs-comment">run</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">name</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">proxy</span><span class="hljs-literal">-</span><span class="hljs-comment">mysql</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">link</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server:zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server</span> <span class="hljs-literal">-</span><span class="hljs-comment">d</span> <span class="hljs-comment">zabbix/zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">proxy</span><span class="hljs-literal">-</span><span class="hljs-comment">mysql:latest</span>
</code></pre>
<h2 id="container-shell-access-and-viewing-zabbix-proxy-logs">Container shell access and viewing Zabbix proxy logs</h2>
<p>The <code>podman exec</code> command allows you to run commands inside a Podman container. The following command line will give you a bash shell inside your <code>zabbix-proxy-mysql</code> container:</p>
<pre><code class="lang-console">$ podman exec -ti <span class="hljs-keyword">some</span>-zabbix-proxy-mysql /bin/bash
</code></pre>
<p>The Zabbix proxy log is available through Podman&#39;s container log:</p>
<pre><code class="lang-console">$ podman logs <span class="hljs-keyword">some</span>-zabbix-proxy-mysql
</code></pre>
<h2 id="environment-variables">Environment Variables</h2>
<p>When you start the <code>zabbix-proxy-mysql</code> image, you can adjust the configuration of the Zabbix proxy by passing one or more environment variables on the <code>podman run</code> command line.</p>
<h3 id="-zbx_proxymode-"><code>ZBX_PROXYMODE</code></h3>
<p>The variable allows to switch Zabbix proxy mode. Bu default, value is <code>0</code> - active proxy. Allowed values are <code>0</code> - active proxy and <code>1</code> - passive proxy.</p>
<h3 id="-zbx_hostname-"><code>ZBX_HOSTNAME</code></h3>
<p>This variable is unique, case sensitive hostname. By default, value is <code>zabbix-proxy-mysql</code> of the container. It is <code>Hostname</code> parameter in <code>zabbix_proxy.conf</code>.</p>
<h3 id="-zbx_server_host-"><code>ZBX_SERVER_HOST</code></h3>
<p>This variable is IP or DNS name of Zabbix server or Zabbix proxy. By default, value is <code>zabbix-server</code>. It is <code>Server</code> parameter in <code>zabbix_proxy.conf</code>. It is allowed to specify Zabbix server or Zabbix proxy port number using <code>ZBX_SERVER_PORT</code> variable. It make sense in case of non-default port for active checks.</p>
<h3 id="-zbx_server_port-"><code>ZBX_SERVER_PORT</code></h3>
<p>This variable is port Zabbix server listening on. By default, value is <code>10051</code>.</p>
<p><strong>Note:</strong> This parameter is no longer used in version 6.0 and above. Instead, add a colon <code>:</code> followed by the port number to the end of <code>ZBX_SERVER_HOST</code>.</p>
<h3 id="-db_server_host-"><code>DB_SERVER_HOST</code></h3>
<p>This variable is IP or DNS name of MySQL server. By default, value is &#39;mysql-server&#39;</p>
<h3 id="-db_server_port-"><code>DB_SERVER_PORT</code></h3>
<p>This variable is port of MySQL server. By default, value is &#39;3306&#39;.</p>
<h3 id="-mysql_user-mysql_password-mysql_user_file-mysql_password_file-"><code>MYSQL_USER</code>, <code>MYSQL_PASSWORD</code>, <code>MYSQL_USER_FILE</code>, <code>MYSQL_PASSWORD_FILE</code></h3>
<p>These variables are used by Zabbix proxy to connect to Zabbix database. With the <code>_FILE</code> variables you can instead provide the path to a file which contains the user / the password instead. Without Docker Swarm or Kubernetes you also have to map the files. Those are exclusive so you can just provide one type - either <code>MYSQL_USER</code> or <code>MYSQL_USER_FILE</code>!</p>
<pre><code class="lang-console">podman run --name some-zabbix-proxy-mysql -e DB_SERVER_HOST=<span class="hljs-string">"some-mysql-server"</span> -v .<span class="hljs-regexp">/.MYSQL_USER:/</span>run<span class="hljs-regexp">/secrets/</span>MYSQL_USER -e MYSQL_USER_FILE=<span class="hljs-regexp">/run/</span>secrets<span class="hljs-regexp">/MYSQL_USER -v ./</span>.<span class="hljs-string">MYSQL_PASSWORD:</span><span class="hljs-regexp">/run/</span>secrets<span class="hljs-regexp">/MYSQL_PASSWORD -e MYSQL_PASSWORD_FILE=/</span>var<span class="hljs-regexp">/run/</span>secrets<span class="hljs-regexp">/MYSQL_PASSWORD -e ZBX_HOSTNAME=some-hostname -e ZBX_SERVER_HOST=some-zabbix-server -d zabbix/</span>zabbix-proxy-<span class="hljs-string">mysql:</span>tag
</code></pre>
<p>With Docker Swarm or Kubernetes this works with secrets. That way it is replicated in your cluster!</p>
<pre><code class="lang-console"><span class="hljs-built_in">printf</span> <span class="hljs-string">"zabbix"</span> | podman secret create MYSQL_USER -
<span class="hljs-built_in">printf</span> <span class="hljs-string">"zabbix"</span> | podman secret create MYSQL_PASSWORD -
podman run --name some-zabbix-proxy-mysql <span class="hljs-_">-e</span> DB_SERVER_HOST=<span class="hljs-string">"some-mysql-server"</span> <span class="hljs-_">-e</span> MYSQL_USER_FILE=/run/secrets/MYSQL_USER <span class="hljs-_">-e</span> MYSQL_PASSWORD_FILE=/run/secrets/MYSQL_PASSWORD <span class="hljs-_">-e</span> ZBX_SERVER_HOST=<span class="hljs-string">"some-zabbix-server"</span> <span class="hljs-_">-e</span> ZBX_HOSTNAME=some-hostname <span class="hljs-_">-e</span> ZBX_SERVER_HOST=some-zabbix-server <span class="hljs-_">-d</span> zabbix/zabbix-proxy-mysql:tag
</code></pre>
<p>This method is also applicable for <code>MYSQL_ROOT_PASSWORD</code> with <code>MYSQL_ROOT_PASSWORD_FILE</code>.</p>
<p>By default, values for <code>MYSQL_USER</code> and <code>MYSQL_PASSWORD</code> are <code>zabbix</code>, <code>zabbix</code>.</p>
<h3 id="-mysql_database-"><code>MYSQL_DATABASE</code></h3>
<p>The variable is Zabbix database name. By default, value is <code>zabbix_proxy</code>.</p>
<h3 id="-zbx_loadmodule-"><code>ZBX_LOADMODULE</code></h3>
<p>The variable is list of comma separated loadable Zabbix modules. It works with volume <code>/var/lib/zabbix/modules</code>. The syntax of the variable is <code>dummy1.so,dummy2.so</code>.</p>
<h3 id="-zbx_debuglevel-"><code>ZBX_DEBUGLEVEL</code></h3>
<p>The variable is used to specify debug level. By default, value is <code>3</code>. It is <code>DebugLevel</code> parameter in <code>zabbix_server.conf</code>. Allowed values are listed below:</p>
<ul>
<li><code>0</code> - basic information about starting and stopping of Zabbix processes;</li>
<li><code>1</code> - critical information</li>
<li><code>2</code> - error information</li>
<li><code>3</code> - warnings</li>
<li><code>4</code> - for debugging (produces lots of information)</li>
<li><code>5</code> - extended debugging (produces even more information)</li>
</ul>
<h3 id="-zbx_timeout-"><code>ZBX_TIMEOUT</code></h3>
<p>The variable is used to specify timeout for processing checks. By default, value is <code>4</code>.</p>
<h3 id="-zbx_javagateway_enable-"><code>ZBX_JAVAGATEWAY_ENABLE</code></h3>
<p>The variable enable communication with Zabbix Java Gateway to collect Java related checks. By default, value is <code>false</code>.</p>
<h3 id="other-variables">Other variables</h3>
<p>Additionally the image allows to specify many other environment variables listed below:</p>
<pre><code><span class="hljs-attr">ZBX_ALLOWUNSUPPORTEDDBVERSIONS</span>=<span class="hljs-number">0</span> # Available since <span class="hljs-number">6.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_DBTLSCONNECT</span>= # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_DBTLSCAFILE</span>= # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_DBTLSCERTFILE</span>= # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_DBTLSKEYFILE</span>= # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_DBTLSCIPHER</span>= # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_DBTLSCIPHER13</span>= # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_VAULTDBPATH</span>= # Available since <span class="hljs-number">5.2</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_VAULTURL</span>=https://<span class="hljs-number">127.0</span>.<span class="hljs-number">0.1</span>:<span class="hljs-number">8200</span> # Available since <span class="hljs-number">5.2</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">VAULT_TOKEN</span>= # Available since <span class="hljs-number">5.2</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_ENABLEREMOTECOMMANDS</span>=<span class="hljs-number">0</span> # Available since <span class="hljs-number">3.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_LOGREMOTECOMMANDS</span>=<span class="hljs-number">0</span> # Available since <span class="hljs-number">3.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_HOSTNAMEITEM</span>=system.hostname
<span class="hljs-attr">ZBX_SOURCEIP</span>=
<span class="hljs-attr">ZBX_PROXYLOCALBUFFER</span>=<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_PROXYOFFLINEBUFFER</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_PROXYHEARTBEATFREQUENCY</span>=<span class="hljs-number">60</span> # Deprecated since <span class="hljs-number">6.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_CONFIGFREQUENCY</span>=<span class="hljs-number">3600</span> # Deprecated since <span class="hljs-number">6.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_PROXYCONFIGFREQUENCY</span>=<span class="hljs-number">10</span> # Available since <span class="hljs-number">6.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_DATASENDERFREQUENCY</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTPOLLERS</span>=<span class="hljs-number">5</span>
<span class="hljs-attr">ZBX_STARTPREPROCESSORS</span>=<span class="hljs-number">3</span> # Available since <span class="hljs-number">4.2</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_IPMIPOLLERS</span>=<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_STARTPOLLERSUNREACHABLE</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTTRAPPERS</span>=<span class="hljs-number">5</span>
<span class="hljs-attr">ZBX_STARTPINGERS</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTDISCOVERERS</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTHISTORYPOLLERS</span>=<span class="hljs-number">1</span> # Available since <span class="hljs-number">5.4</span>.<span class="hljs-number">0</span> till <span class="hljs-number">6.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_STARTHTTPPOLLERS</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTODBCPOLLERS</span>=<span class="hljs-number">1</span> # Available since <span class="hljs-number">6.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_JAVAGATEWAY</span>=zabbix-java-gateway
<span class="hljs-attr">ZBX_JAVAGATEWAYPORT</span>=<span class="hljs-number">10052</span>
<span class="hljs-attr">ZBX_STARTJAVAPOLLERS</span>=<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_STATSALLOWEDIP</span>= # Available since <span class="hljs-number">4.0</span>.<span class="hljs-number">5</span>
<span class="hljs-attr">ZBX_STARTVMWARECOLLECTORS</span>=<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_VMWAREFREQUENCY</span>=<span class="hljs-number">60</span>
<span class="hljs-attr">ZBX_VMWAREPERFFREQUENCY</span>=<span class="hljs-number">60</span>
<span class="hljs-attr">ZBX_VMWARECACHESIZE</span>=<span class="hljs-number">8</span>M
<span class="hljs-attr">ZBX_VMWARETIMEOUT</span>=<span class="hljs-number">10</span>
<span class="hljs-attr">ZBX_ENABLE_SNMP_TRAPS</span>=<span class="hljs-literal">false</span>
<span class="hljs-attr">ZBX_LISTENIP</span>=
<span class="hljs-attr">ZBX_LISTENPORT</span>=<span class="hljs-number">10051</span>
<span class="hljs-attr">ZBX_LISTENBACKLOG</span>=
<span class="hljs-attr">ZBX_HOUSEKEEPINGFREQUENCY</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_CACHESIZE</span>=<span class="hljs-number">8</span>M
<span class="hljs-attr">ZBX_STARTDBSYNCERS</span>=<span class="hljs-number">4</span>
<span class="hljs-attr">ZBX_HISTORYCACHESIZE</span>=<span class="hljs-number">16</span>M
<span class="hljs-attr">ZBX_HISTORYINDEXCACHESIZE</span>=<span class="hljs-number">4</span>M
<span class="hljs-attr">ZBX_TRAPPERTIMEOUT</span>=<span class="hljs-number">300</span>
<span class="hljs-attr">ZBX_UNREACHABLEPERIOD</span>=<span class="hljs-number">45</span>
<span class="hljs-attr">ZBX_UNAVAILABLEDELAY</span>=<span class="hljs-number">60</span>
<span class="hljs-attr">ZBX_UNREACHABLEDELAY</span>=<span class="hljs-number">15</span>
<span class="hljs-attr">ZBX_LOGSLOWQUERIES</span>=<span class="hljs-number">3000</span>
<span class="hljs-attr">ZBX_TLSCONNECT</span>=unencrypted
<span class="hljs-attr">ZBX_TLSACCEPT</span>=unencrypted
<span class="hljs-attr">ZBX_TLSCAFILE</span>=
<span class="hljs-attr">ZBX_TLSCRLFILE</span>=
<span class="hljs-attr">ZBX_TLSSERVERCERTISSUER</span>=
<span class="hljs-attr">ZBX_TLSSERVERCERTSUBJECT</span>=
<span class="hljs-attr">ZBX_TLSCERTFILE</span>=
<span class="hljs-attr">ZBX_TLSKEYFILE</span>=
<span class="hljs-attr">ZBX_TLSPSKIDENTITY</span>=
<span class="hljs-attr">ZBX_TLSPSKFILE</span>=
<span class="hljs-attr">ZBX_TLSCIPHERALL</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERALL13</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERCERT</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERCERT13</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERPSK</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERPSK13</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
</code></pre><p>Default values of these variables are specified after equal sign.</p>
<p>The allowed variables are identical of parameters in official <code>zabbix_proxy.conf</code>. For example, <code>ZBX_LOGSLOWQUERIES</code> = <code>LogSlowQueries</code>.</p>
<p>Please use official documentation for <a href="https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_proxy"><code>zabbix_proxy.conf</code></a> to get more information about the variables.</p>
<h2 id="allowed-volumes-for-the-zabbix-proxy-container">Allowed volumes for the Zabbix proxy container</h2>
<h3 id="-usr-lib-zabbix-externalscripts-"><code>/usr/lib/zabbix/externalscripts</code></h3>
<p>The volume is used by External checks (type of items). It is <code>ExternalScripts</code> parameter in <code>zabbix_proxy.conf</code>.</p>
<h3 id="-var-lib-zabbix-modules-"><code>/var/lib/zabbix/modules</code></h3>
<p>The volume allows load additional modules and extend Zabbix proxy using <code>LoadModule</code> feature.</p>
<h3 id="-var-lib-zabbix-enc-"><code>/var/lib/zabbix/enc</code></h3>
<p>The volume is used to store TLS related files. These file names are specified using <code>ZBX_TLSCAFILE</code>, <code>ZBX_TLSCRLFILE</code>, <code>ZBX_TLSKEY_FILE</code> and <code>ZBX_TLSPSKFILE</code> variables.</p>
<h3 id="-var-lib-zabbix-ssh_keys-"><code>/var/lib/zabbix/ssh_keys</code></h3>
<p>The volume is used as location of public and private keys for SSH checks and actions. It is <code>SSHKeyLocation</code> parameter in <code>zabbix_proxy.conf</code>.</p>
<h3 id="-var-lib-zabbix-ssl-certs-"><code>/var/lib/zabbix/ssl/certs</code></h3>
<p>The volume is used as location of of SSL client certificate files for client authentication. It is <code>SSLCertLocation</code> parameter in <code>zabbix_proxy.conf</code>.</p>
<h3 id="-var-lib-zabbix-ssl-keys-"><code>/var/lib/zabbix/ssl/keys</code></h3>
<p>The volume is used as location of SSL private key files for client authentication. It is <code>SSLKeyLocation</code> parameter in <code>zabbix_proxy.conf</code>.</p>
<h3 id="-var-lib-zabbix-ssl-ssl_ca-"><code>/var/lib/zabbix/ssl/ssl_ca</code></h3>
<p>The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is <code>SSLCALocation</code> parameter in <code>zabbix_proxy.conf</code>.</p>
<h3 id="-var-lib-zabbix-snmptraps-"><code>/var/lib/zabbix/snmptraps</code></h3>
<p>The volume is used as location of <code>snmptraps.log</code> file. It could be shared by <code>zabbix-snmptraps</code> container and inherited using <code>volumes_from</code> Podman option while creating new instance of Zabbix proxy.
SNMP traps processing feature could be enabled using shared volume and switched <code>ZBX_ENABLE_SNMP_TRAPS</code> environment variable to <code>true</code>.</p>
<h3 id="-var-lib-zabbix-mibs-"><code>/var/lib/zabbix/mibs</code></h3>
<p>The volume allows to add new MIB files. It does not support subdirectories, all MIBs must be placed to <code>/var/lib/zabbix/mibs</code>.</p>
<h1 id="user-feedback">User Feedback</h1>
<h2 id="documentation">Documentation</h2>
<p>Documentation for this image is stored in the <a href="https://github.com/zabbix/zabbix-docker/tree/Dockerfiles/6.4/proxy-mysql"><code>proxy-mysql/</code> directory</a> of the <a href="https://github.com/zabbix/zabbix-docker/"><code>zabbix/zabbix-docker</code> GitHub repo</a>. Be sure to familiarize yourself with the <a href="https://github.com/zabbix/zabbix-docker/blob/6.4/README.md">repository&#39;s <code>README.md</code> file</a> before attempting a pull request.</p>
<h2 id="issues">Issues</h2>
<p>If you have any problems with or questions about this image, please contact us through a <a href="https://github.com/zabbix/zabbix-docker/issues">GitHub issue</a>.</p>
<h3 id="known-issues">Known issues</h3>
<h2 id="contributing">Contributing</h2>
<p>You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.</p>
<p>Before you start to code, we recommend discussing your plans through a <a href="https://github.com/zabbix/zabbix-docker/issues">GitHub issue</a>, especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.</p>

1
Dockerfiles/proxy-mysql/rhel/README.md
View File

@ -1 +0,0 @@
../README.md

6
Dockerfiles/proxy-mysql/ubuntu/Dockerfile
View File

@ -35,7 +35,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/zabbix/zabbix_proxy.conf"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql.gz", "/usr/share/doc/zabbix-proxy-mysql/create.sql.gz"]
RUN set -eux && \
RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
tini \
@ -92,8 +93,7 @@ RUN set -eux && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
apt-get -y autoremove && \
apt-get -y clean && \
rm -rf /var/lib/apt/lists/*
apt-get -y clean
EXPOSE 10051/TCP

8
Dockerfiles/proxy-sqlite3/README.md
View File

@ -14,16 +14,12 @@ Zabbix proxy is a process that may collect monitoring data from one or more moni
# Zabbix proxy images
These are the only official Zabbix proxy Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), 22.04 (jammy), CentOS Stream 8 and Oracle Linux 8 images. The available versions of Zabbix proxy are:
These are the only official Zabbix proxy Docker images. They are based on Alpine Linux v3.19, Ubuntu 22.04 (jammy), CentOS Stream 9 and Oracle Linux 9 images. The available versions of Zabbix proxy are:
Zabbix proxy 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest)
Zabbix proxy 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*)
Zabbix proxy 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest)
Zabbix proxy 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*)
Zabbix proxy 6.0 (tags: alpine-6.0-latest, ubuntu-6.0-latest, ol-6.0-latest)
Zabbix proxy 6.0.* (tags: alpine-6.0.*, ubuntu-6.0.*, ol-6.0.*)
Zabbix proxy 6.2 (tags: alpine-6.2-latest, ubuntu-6.2-latest, ol-6.2-latest)
Zabbix proxy 6.2.* (tags: alpine-6.2.*, ubuntu-6.2.*, ol-6.2.*)
Zabbix proxy 6.4 (tags: alpine-6.4-latest, ubuntu-6.4-latest, ol-6.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest)
Zabbix proxy 6.4.* (tags: alpine-6.4.*, ubuntu-6.4.*, ol-6.4.*)
Zabbix proxy 7.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk)
@ -273,7 +269,7 @@ Please see [the Docker installation documentation](https://docs.docker.com/insta
## Documentation
Documentation for this image is stored in the [`proxy-sqlite3/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/proxy-sqlite3) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request.
Documentation for this image is stored in the [`proxy-sqlite3/` directory](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/proxy-sqlite3) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/6.4/README.md) before attempting a pull request.
## Issues

3
Dockerfiles/proxy-sqlite3/alpine/Dockerfile
View File

@ -85,8 +85,7 @@ RUN set -eux && \
mkdir -p /var/lib/zabbix/ssl/ssl_ca && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
rm -rf /var/cache/apk/*
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/
EXPOSE 10051/TCP

35
Dockerfiles/proxy-sqlite3/centos/Dockerfile
View File

@ -5,7 +5,7 @@ ARG BUILD_BASE_IMAGE=zabbix-build-sqlite3:centos-${ZBX_VERSION}
FROM ${BUILD_BASE_IMAGE} AS builder
FROM quay.io/centos/centos:stream9
FROM quay.io/centos/centos:stream9-minimal
ARG MAJOR_VERSION
ARG ZBX_VERSION
@ -33,8 +33,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/u
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/zabbix/zabbix_proxy.conf"]
RUN set -eux && \
REPOLIST="baseos,appstream,epel" && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="libevent \
tini \
traceroute \
@ -48,16 +48,25 @@ RUN set -eux && \
openldap \
openssl-libs \
pcre2 \
shadow-utils \
zlib \
unixODBC" && \
dnf -y install epel-release && \
dnf -y install \
--disablerepo "*" \
--enablerepo "${REPOLIST}" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
microdnf -y install \
--disablerepo "*" \
--enablerepo "extras-common" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs epel-release && \
microdnf -y install \
--disablerepo "*" \
--enablerepo "baseos" \
--enablerepo "appstream" \
--enablerepo="epel" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs ${INSTALL_PKGS} && \
groupadd \
--system \
--gid 1995 \
@ -88,9 +97,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
dnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10051/TCP

8
Dockerfiles/proxy-sqlite3/ol/Dockerfile
View File

@ -34,7 +34,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/zabbix/zabbix_proxy.conf"]
COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel-ol9.repo"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="libevent \
tini \
traceroute \
@ -56,6 +57,7 @@ RUN set -eux && \
--enablerepo="ol9_appstream" \
--enablerepo="ol9_developer_EPEL" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs \
${INSTALL_PKGS} && \
@ -89,9 +91,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10051/TCP

11
Dockerfiles/proxy-sqlite3/rhel/Dockerfile
View File

@ -6,7 +6,7 @@ ARG BUILD_BASE_IMAGE=zabbix-build-sqlite3:rhel-${ZBX_VERSION}
FROM ${BUILD_BASE_IMAGE} AS builder
FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
FROM registry.access.redhat.com/ubi9/ubi-minimal:9.3
ARG MAJOR_VERSION
ARG RELEASE
@ -52,7 +52,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/u
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/zabbix/zabbix_proxy.conf"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tini \
traceroute \
@ -82,12 +83,14 @@ RUN set -eux && \
--enablerepo "rhel-9-for-$ARCH_SUFFIX-appstream-rpms" \
--enablerepo "epel" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y reinstall \
--enablerepo "ubi-9-baseos-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
@ -121,9 +124,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10051/TCP

163
Dockerfiles/proxy-sqlite3/rhel/README.html Normal file
View File

@ -0,0 +1,163 @@
<p><img src="https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png" alt="logo"></p>
<h1 id="what-is-zabbix-">What is Zabbix?</h1>
<p>Zabbix is an enterprise-class open source distributed monitoring solution.</p>
<p>Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning.</p>
<p>For more information and related downloads for Zabbix components, please visit <a href="https://hub.docker.com/u/zabbix/">https://hub.docker.com/u/zabbix/</a> and <a href="https://zabbix.com">https://zabbix.com</a></p>
<h1 id="what-is-zabbix-proxy-">What is Zabbix proxy?</h1>
<p>Zabbix proxy is a process that may collect monitoring data from one or more monitored devices and send the information to the Zabbix server, essentially working on behalf of the server. All collected data is buffered locally and then transferred to the Zabbix server the proxy belongs to.</p>
<h1 id="zabbix-proxy-images">Zabbix proxy images</h1>
<p>These are the only official Zabbix proxy Podman images. Images are updated when new releases are published.</p>
<p>The image uses SQLite3 database to store collected data before sending it to Zabbix server.</p>
<h1 id="how-to-use-this-image">How to use this image</h1>
<h2 id="start-zabbix-proxy-sqlite3-">Start <code>zabbix-proxy-sqlite3</code></h2>
<p>Start a Zabbix proxy container as follows:</p>
<pre><code>podman <span class="hljs-keyword">run</span><span class="bash"> --name some-zabbix-proxy-sqlite3 <span class="hljs-_">-e</span> ZBX_HOSTNAME=some-hostname <span class="hljs-_">-e</span> ZBX_SERVER_HOST=some-zabbix-server <span class="hljs-_">-d</span> zabbix/zabbix-proxy-sqlite3:tag</span>
</code></pre><p>Where <code>some-zabbix-proxy-sqlite3</code> is the name you want to assign to your container, <code>some-hostname</code> is the hostname, it is Hostname parameter in Zabbix proxy configuration file, <code>some-zabbix-server</code> is IP or DNS name of Zabbix server and <code>tag</code> is the tag specifying the version you want.</p>
<blockquote>
<p>[!NOTE]
Zabbix server has possibility to execute <code>fping</code> utility to perform ICMP checks. When containers are running in rootless mode or with specific restrictions environment, you may face errors related to fping:
<code>fping: Operation not permitted</code>
or
lost all packets to all resources
in this case add <code>--cap-add=net_raw</code> to <code>docker run</code> or <code>podman run</code> commands.
Additionally fping executing in non-root environments can require sysctl modification:
<code>net.ipv4.ping_group_range=0 1995</code>
where 1995 is <code>zabbix</code> GID.</p>
</blockquote>
<h2 id="connects-from-zabbix-server-passive-proxy-">Connects from Zabbix server (Passive proxy)</h2>
<p>This image exposes the standard Zabbix proxy port (10051) and can operate as Passive proxy in case <code>ZBX_PROXYMODE</code> = <code>1</code>. Start Zabbix server container like this in order to link it to the Zabbix proxy container:</p>
<pre><code class="lang-console"><span class="hljs-comment">$</span> <span class="hljs-comment">podman</span> <span class="hljs-comment">run</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">name</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">link</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">proxy</span><span class="hljs-literal">-</span><span class="hljs-comment">sqlite3:zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">proxy</span><span class="hljs-literal">-</span><span class="hljs-comment">sqlite3</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">init</span> <span class="hljs-literal">-</span><span class="hljs-comment">d</span> <span class="hljs-comment">zabbix/zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server:latest</span>
</code></pre>
<h2 id="connect-to-zabbix-server-active-proxy-">Connect to Zabbix server (Active proxy)</h2>
<p>This image can operate as Active proxy (<code>default</code> mode). Start your application container like this in order to link Zabbix proxy to Zabbix server containters:</p>
<pre><code class="lang-console"><span class="hljs-comment">$</span> <span class="hljs-comment">podman</span> <span class="hljs-comment">run</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">name</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">proxy</span><span class="hljs-literal">-</span><span class="hljs-comment">sqlite3</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">link</span> <span class="hljs-comment">some</span><span class="hljs-literal">-</span><span class="hljs-comment">zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server:zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">server</span> <span class="hljs-literal">-</span><span class="hljs-literal">-</span><span class="hljs-comment">init</span> <span class="hljs-literal">-</span><span class="hljs-comment">d</span> <span class="hljs-comment">zabbix/zabbix</span><span class="hljs-literal">-</span><span class="hljs-comment">proxy</span><span class="hljs-literal">-</span><span class="hljs-comment">sqlite3:latest</span>
</code></pre>
<h2 id="container-shell-access-and-viewing-zabbix-proxy-logs">Container shell access and viewing Zabbix proxy logs</h2>
<p>The <code>podman exec</code> command allows you to run commands inside a Podman container. The following command line will give you a bash shell inside your <code>zabbix-proxy-sqlite3</code> container:</p>
<pre><code class="lang-console">$ podman exec -ti <span class="hljs-keyword">some</span>-zabbix-proxy-sqlite3 /bin/bash
</code></pre>
<p>The Zabbix proxy log is available through Podman&#39;s container log:</p>
<pre><code class="lang-console">$ podman logs <span class="hljs-keyword">some</span>-zabbix-proxy-sqlite3
</code></pre>
<h2 id="environment-variables">Environment Variables</h2>
<p>When you start the <code>zabbix-proxy-sqlite3</code> image, you can adjust the configuration of the Zabbix proxy by passing one or more environment variables on the <code>podman run</code> command line.</p>
<h3 id="-zbx_proxymode-"><code>ZBX_PROXYMODE</code></h3>
<p>The variable allows to switch Zabbix proxy mode. Bu default, value is <code>0</code> - active proxy. Allowed values are <code>0</code> - active proxy and <code>1</code> - passive proxy.</p>
<h3 id="-zbx_hostname-"><code>ZBX_HOSTNAME</code></h3>
<p>This variable is unique, case sensitive hostname. By default, value is <code>zabbix-proxy-sqlite3</code> of the container. It is <code>Hostname</code> parameter in <code>zabbix_proxy.conf</code>.</p>
<h3 id="-zbx_server_host-"><code>ZBX_SERVER_HOST</code></h3>
<p>This variable is IP or DNS name of Zabbix server or Zabbix proxy. By default, value is <code>zabbix-server</code>. It is <code>Server</code> parameter in <code>zabbix_proxy.conf</code>. It is allowed to specify Zabbix server or Zabbix proxy port number using <code>ZBX_SERVER_PORT</code> variable. It make sense in case of non-default port for active checks.</p>
<h3 id="-zbx_server_port-"><code>ZBX_SERVER_PORT</code></h3>
<p>This variable is port Zabbix server listening on. By default, value is <code>10051</code>.</p>
<p><strong>Note:</strong> This parameter is no longer used in version 6.0 and above. Instead, add a colon <code>:</code> followed by the port number to the end of <code>ZBX_SERVER_HOST</code>.</p>
<h3 id="-zbx_loadmodule-"><code>ZBX_LOADMODULE</code></h3>
<p>The variable is list of comma separated loadable Zabbix modules. It works with volume <code>/var/lib/zabbix/modules</code>. The syntax of the variable is <code>dummy1.so,dummy2.so</code>.</p>
<h3 id="-zbx_debuglevel-"><code>ZBX_DEBUGLEVEL</code></h3>
<p>The variable is used to specify debug level. By default, value is <code>3</code>. It is <code>DebugLevel</code> parameter in <code>zabbix_server.conf</code>. Allowed values are listed below:</p>
<ul>
<li><code>0</code> - basic information about starting and stopping of Zabbix processes;</li>
<li><code>1</code> - critical information</li>
<li><code>2</code> - error information</li>
<li><code>3</code> - warnings</li>
<li><code>4</code> - for debugging (produces lots of information)</li>
<li><code>5</code> - extended debugging (produces even more information)</li>
</ul>
<h3 id="-zbx_timeout-"><code>ZBX_TIMEOUT</code></h3>
<p>The variable is used to specify timeout for processing checks. By default, value is <code>4</code>.</p>
<h3 id="-zbx_javagateway_enable-"><code>ZBX_JAVAGATEWAY_ENABLE</code></h3>
<p>The variable enable communication with Zabbix Java Gateway to collect Java related checks. By default, value is <code>false</code>.</p>
<h3 id="other-variables">Other variables</h3>
<p>Additionally the image allows to specify many other environment variables listed below:</p>
<pre><code><span class="hljs-attr">ZBX_ENABLEREMOTECOMMANDS</span>=<span class="hljs-number">0</span> # Available since <span class="hljs-number">3.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_LOGREMOTECOMMANDS</span>=<span class="hljs-number">0</span> # Available since <span class="hljs-number">3.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_SOURCEIP</span>=
<span class="hljs-attr">ZBX_HOSTNAMEITEM</span>=system.hostname
<span class="hljs-attr">ZBX_PROXYLOCALBUFFER</span>=<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_PROXYOFFLINEBUFFER</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_PROXYHEARTBEATFREQUENCY</span>=<span class="hljs-number">60</span> # Deprecated since <span class="hljs-number">6.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_CONFIGFREQUENCY</span>=<span class="hljs-number">3600</span> # Deprecated since <span class="hljs-number">6.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_PROXYCONFIGFREQUENCY</span>=<span class="hljs-number">10</span> # Available since <span class="hljs-number">6.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_DATASENDERFREQUENCY</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTPOLLERS</span>=<span class="hljs-number">5</span>
<span class="hljs-attr">ZBX_STARTPREPROCESSORS</span>=<span class="hljs-number">3</span> # Available since <span class="hljs-number">4.2</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_IPMIPOLLERS</span>=<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_STARTPOLLERSUNREACHABLE</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTTRAPPERS</span>=<span class="hljs-number">5</span>
<span class="hljs-attr">ZBX_STARTPINGERS</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTDISCOVERERS</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTHISTORYPOLLERS</span>=<span class="hljs-number">1</span> # Available since <span class="hljs-number">5.4</span>.<span class="hljs-number">0</span> till <span class="hljs-number">6.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_STARTHTTPPOLLERS</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTODBCPOLLERS</span>=<span class="hljs-number">1</span> # Available since <span class="hljs-number">6.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_JAVAGATEWAY</span>=zabbix-java-gateway
<span class="hljs-attr">ZBX_JAVAGATEWAYPORT</span>=<span class="hljs-number">10052</span>
<span class="hljs-attr">ZBX_STARTJAVAPOLLERS</span>=<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_STATSALLOWEDIP</span>= # Available since <span class="hljs-number">4.0</span>.<span class="hljs-number">5</span>
<span class="hljs-attr">ZBX_STARTVMWARECOLLECTORS</span>=<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_VMWAREFREQUENCY</span>=<span class="hljs-number">60</span>
<span class="hljs-attr">ZBX_VMWAREPERFFREQUENCY</span>=<span class="hljs-number">60</span>
<span class="hljs-attr">ZBX_VMWARECACHESIZE</span>=<span class="hljs-number">8</span>M
<span class="hljs-attr">ZBX_VMWARETIMEOUT</span>=<span class="hljs-number">10</span>
<span class="hljs-attr">ZBX_ENABLE_SNMP_TRAPS</span>=<span class="hljs-literal">false</span>
<span class="hljs-attr">ZBX_LISTENIP</span>=
<span class="hljs-attr">ZBX_LISTENPORT</span>=<span class="hljs-number">10051</span>
<span class="hljs-attr">ZBX_LISTENBACKLOG</span>=
<span class="hljs-attr">ZBX_HOUSEKEEPINGFREQUENCY</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_CACHESIZE</span>=<span class="hljs-number">8</span>M
<span class="hljs-attr">ZBX_STARTDBSYNCERS</span>=<span class="hljs-number">4</span>
<span class="hljs-attr">ZBX_HISTORYCACHESIZE</span>=<span class="hljs-number">16</span>M
<span class="hljs-attr">ZBX_HISTORYINDEXCACHESIZE</span>=<span class="hljs-number">4</span>M
<span class="hljs-attr">ZBX_TRAPPERTIMEOUT</span>=<span class="hljs-number">300</span>
<span class="hljs-attr">ZBX_UNREACHABLEPERIOD</span>=<span class="hljs-number">45</span>
<span class="hljs-attr">ZBX_UNAVAILABLEDELAY</span>=<span class="hljs-number">60</span>
<span class="hljs-attr">ZBX_UNREACHABLEDELAY</span>=<span class="hljs-number">15</span>
<span class="hljs-attr">ZBX_LOGSLOWQUERIES</span>=<span class="hljs-number">3000</span>
<span class="hljs-attr">ZBX_TLSCONNECT</span>=unencrypted
<span class="hljs-attr">ZBX_TLSACCEPT</span>=unencrypted
<span class="hljs-attr">ZBX_TLSCAFILE</span>=
<span class="hljs-attr">ZBX_TLSCRLFILE</span>=
<span class="hljs-attr">ZBX_TLSSERVERCERTISSUER</span>=
<span class="hljs-attr">ZBX_TLSSERVERCERTSUBJECT</span>=
<span class="hljs-attr">ZBX_TLSCERTFILE</span>=
<span class="hljs-attr">ZBX_TLSKEYFILE</span>=
<span class="hljs-attr">ZBX_TLSPSKIDENTITY</span>=
<span class="hljs-attr">ZBX_TLSPSKFILE</span>=
<span class="hljs-attr">ZBX_TLSCIPHERALL</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERALL13</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERCERT</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERCERT13</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERPSK</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERPSK13</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
</code></pre><p>Default values of these variables are specified after equal sign.</p>
<p>The allowed variables are identical of parameters in official <code>zabbix_proxy.conf</code>. For example, <code>ZBX_LOGSLOWQUERIES</code> = <code>LogSlowQueries</code>.</p>
<p>Please use official documentation for <a href="https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_proxy"><code>zabbix_proxy.conf</code></a> to get more information about the variables.</p>
<h2 id="allowed-volumes-for-the-zabbix-proxy-container">Allowed volumes for the Zabbix proxy container</h2>
<h3 id="-usr-lib-zabbix-externalscripts-"><code>/usr/lib/zabbix/externalscripts</code></h3>
<p>The volume is used by External checks (type of items). It is <code>ExternalScripts</code> parameter in <code>zabbix_proxy.conf</code>.</p>
<h3 id="-var-lib-zabbix-db_data-"><code>/var/lib/zabbix/db_data</code></h3>
<p>The volume stores SQLite3 database file and could be used for external database file storage.</p>
<h3 id="-var-lib-zabbix-modules-"><code>/var/lib/zabbix/modules</code></h3>
<p>The volume allows load additional modules and extend Zabbix proxy using <code>LoadModule</code> feature.</p>
<h3 id="-var-lib-zabbix-enc-"><code>/var/lib/zabbix/enc</code></h3>
<p>The volume is used to store TLS related files. These file names are specified using <code>ZBX_TLSCAFILE</code>, <code>ZBX_TLSCRLFILE</code>, <code>ZBX_TLSKEY_FILE</code> and <code>ZBX_TLSPSKFILE</code> variables.</p>
<h3 id="-var-lib-zabbix-ssh_keys-"><code>/var/lib/zabbix/ssh_keys</code></h3>
<p>The volume is used as location of public and private keys for SSH checks and actions. It is <code>SSHKeyLocation</code> parameter in <code>zabbix_proxy.conf</code>.</p>
<h3 id="-var-lib-zabbix-ssl-certs-"><code>/var/lib/zabbix/ssl/certs</code></h3>
<p>The volume is used as location of of SSL client certificate files for client authentication. It is <code>SSLCertLocation</code> parameter in <code>zabbix_proxy.conf</code>.</p>
<h3 id="-var-lib-zabbix-ssl-keys-"><code>/var/lib/zabbix/ssl/keys</code></h3>
<p>The volume is used as location of SSL private key files for client authentication. It is <code>SSLKeyLocation</code> parameter in <code>zabbix_proxy.conf</code>.</p>
<h3 id="-var-lib-zabbix-ssl-ssl_ca-"><code>/var/lib/zabbix/ssl/ssl_ca</code></h3>
<p>The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is <code>SSLCALocation</code> parameter in <code>zabbix_proxy.conf</code>.</p>
<h3 id="-var-lib-zabbix-snmptraps-"><code>/var/lib/zabbix/snmptraps</code></h3>
<p>The volume is used as location of <code>snmptraps.log</code> file. It could be shared by <code>zabbix-snmptraps</code> container and inherited using <code>volumes_from</code> Podman option while creating new instance of Zabbix proxy.
SNMP traps processing feature could be enabled using shared volume and switched <code>ZBX_ENABLE_SNMP_TRAPS</code> environment variable to <code>true</code>.</p>
<h3 id="-var-lib-zabbix-mibs-"><code>/var/lib/zabbix/mibs</code></h3>
<p>The volume allows to add new MIB files. It does not support subdirectories, all MIBs must be placed to <code>/var/lib/zabbix/mibs</code>.</p>
<h1 id="user-feedback">User Feedback</h1>
<h2 id="documentation">Documentation</h2>
<p>Documentation for this image is stored in the <a href="https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/proxy-sqlite3"><code>proxy-sqlite3/</code> directory</a> of the <a href="https://github.com/zabbix/zabbix-docker/"><code>zabbix/zabbix-docker</code> GitHub repo</a>. Be sure to familiarize yourself with the <a href="https://github.com/zabbix/zabbix-docker/blob/6.4/README.md">repository&#39;s <code>README.md</code> file</a> before attempting a pull request.</p>
<h2 id="issues">Issues</h2>
<p>If you have any problems with or questions about this image, please contact us through a <a href="https://github.com/zabbix/zabbix-docker/issues">GitHub issue</a>.</p>
<h3 id="known-issues">Known issues</h3>
<h2 id="contributing">Contributing</h2>
<p>You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.</p>
<p>Before you start to code, we recommend discussing your plans through a <a href="https://github.com/zabbix/zabbix-docker/issues">GitHub issue</a>, especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.</p>

1
Dockerfiles/proxy-sqlite3/rhel/README.md
View File

@ -1 +0,0 @@
../README.md

6
Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile
View File

@ -33,7 +33,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get", "/u
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender", "/usr/bin/zabbix_sender"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/zabbix/zabbix_proxy.conf"]
RUN set -eux && \
RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
tini \
@ -87,8 +88,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
apt-get -y autoremove && \
rm -rf /var/lib/apt/lists/*
apt-get -y autoremove
EXPOSE 10051/TCP

8
Dockerfiles/server-mysql/README.md
View File

@ -16,16 +16,12 @@ The server performs the polling and trapping of data, it calculates triggers, se
# Zabbix server images
These are the only official Zabbix server Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), 22.04 (jammy), CentOS Stream 8 and Oracle Linux 8 images. The available versions of Zabbix server are:
These are the only official Zabbix server Docker images. They are based on Alpine Linux v3.19, Ubuntu 22.04 (jammy), CentOS Stream 9 and Oracle Linux 9 images. The available versions of Zabbix server are:
Zabbix server 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest)
Zabbix server 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*)
Zabbix server 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest)
Zabbix server 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*)
Zabbix server 6.0 (tags: alpine-6.0-latest, ubuntu-6.0-latest, ol-6.0-latest)
Zabbix server 6.0.* (tags: alpine-6.0.*, ubuntu-6.0.*, ol-6.0.*)
Zabbix server 6.2 (tags: alpine-6.2-latest, ubuntu-6.2-latest, ol-6.2-latest)
Zabbix server 6.2.* (tags: alpine-6.2.*, ubuntu-6.2.*, ol-6.2.*)
Zabbix server 6.4 (tags: alpine-6.4-latest, ubuntu-6.4-latest, ol-6.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest)
Zabbix server 6.4.* (tags: alpine-6.4.*, ubuntu-6.4.*, ol-6.4.*)
Zabbix server 7.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk)
@ -305,7 +301,7 @@ Please see [the Docker installation documentation](https://docs.docker.com/insta
## Documentation
Documentation for this image is stored in the [`server-mysql/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/server-mysql) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request.
Documentation for this image is stored in the [`server-mysql/` directory](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/server-mysql) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/6.4/README.md) before attempting a pull request.
## Issues

3
Dockerfiles/server-mysql/alpine/Dockerfile
View File

@ -94,8 +94,7 @@ RUN set -eux && \
mkdir -p /usr/share/doc/zabbix-server-mysql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
rm -rf /var/cache/apk/*
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/
EXPOSE 10051/TCP

54
Dockerfiles/server-mysql/centos/Dockerfile
View File

@ -5,7 +5,7 @@ ARG BUILD_BASE_IMAGE=zabbix-build-mysql:centos-${ZBX_VERSION}
FROM ${BUILD_BASE_IMAGE} AS builder
FROM quay.io/centos/centos:stream9
FROM quay.io/centos/centos:stream9-minimal
ARG MAJOR_VERSION
ARG ZBX_VERSION
@ -34,8 +34,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_server.conf", "/etc/zabbix/zabbix_server.conf"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_server.sql.gz", "/usr/share/doc/zabbix-server-mysql/create.sql.gz"]
RUN set -eux && \
REPOLIST="baseos,appstream,crb,epel" && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="fping \
tini \
traceroute \
@ -44,9 +44,13 @@ RUN set -eux && \
tzdata \
iputils \
traceroute \
libpsl \
libbrotli \
libevent \
libxml2 \
libssh \
libpsl \
libbrotli \
libxml2 \
mysql \
mysql-libs \
net-snmp-libs \
@ -54,25 +58,31 @@ RUN set -eux && \
openldap \
openssl-libs \
pcre2 \
shadow-utils \
zlib \
gzip \
unixODBC" && \
dnf -y install epel-release && \
dnf -y install \
--disablerepo "*" \
--enablerepo "${REPOLIST}" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y install \
--disablerepo "*" \
--enablerepo "${REPOLIST}" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--allowerasing \
--best \
libcurl && \
microdnf -y install \
--disablerepo "*" \
--enablerepo "extras-common" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs epel-release && \
microdnf -y install \
--disablerepo "*" \
--enablerepo "baseos" \
--enablerepo "appstream" \
--enablerepo "crb" \
--enablerepo="epel" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs ${INSTALL_PKGS} && \
microdnf download libcurl && \
rpm -Uvh --nodeps --replacefiles "*curl*$( uname -i ).rpm" && \
microdnf remove -y libcurl-minimal && \
rm -rf "*curl*$( uname -i ).rpm" && \
groupadd \
--system \
--gid 1995 \
@ -108,9 +118,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
dnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10051/TCP

8
Dockerfiles/server-mysql/ol/Dockerfile
View File

@ -35,7 +35,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_server.conf", "/etc
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_server.sql.gz", "/usr/share/doc/zabbix-server-mysql/create.sql.gz"]
COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel-ol9.repo"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
fping \
tini \
@ -65,6 +66,7 @@ RUN set -eux && \
--enablerepo="ol9_codeready_builder" \
--enablerepo="ol9_developer_EPEL" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs \
${INSTALL_PKGS} && \
@ -103,9 +105,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10051/TCP

11
Dockerfiles/server-mysql/rhel/Dockerfile
View File

@ -6,7 +6,7 @@ ARG BUILD_BASE_IMAGE=zabbix-build-mysql:rhel-${ZBX_VERSION}
FROM ${BUILD_BASE_IMAGE} AS builder
FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
FROM registry.access.redhat.com/ubi9/ubi-minimal:9.3
ARG MAJOR_VERSION
ARG RELEASE
@ -53,7 +53,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_server.conf", "/etc/zabbix/zabbix_server.conf"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_server.sql.gz", "/usr/share/doc/zabbix-server-mysql/create.sql.gz"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tini \
traceroute \
@ -90,12 +91,14 @@ RUN set -eux && \
--enablerepo "codeready-builder-for-rhel-9-$ARCH_SUFFIX-rpms" \
--enablerepo "epel" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y reinstall \
--enablerepo "ubi-9-baseos-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
@ -138,9 +141,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10051/TCP

195
Dockerfiles/server-mysql/rhel/README.html Normal file
View File

@ -0,0 +1,195 @@
<p><img src="https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png" alt="logo"></p>
<h1 id="what-is-zabbix-">What is Zabbix?</h1>
<p>Zabbix is an enterprise-class open source distributed monitoring solution.</p>
<p>Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning.</p>
<p>For more information and related downloads for Zabbix components, please visit <a href="https://hub.docker.com/u/zabbix/">https://hub.docker.com/u/zabbix/</a> and <a href="https://zabbix.com">https://zabbix.com</a></p>
<h1 id="what-is-zabbix-server-">What is Zabbix server?</h1>
<p>Zabbix server is the central process of Zabbix software.</p>
<p>The server performs the polling and trapping of data, it calculates triggers, sends notifications to users. It is the central component to which Zabbix agents and proxies report data on availability and integrity of systems. The server can itself remotely check networked services (such as web servers and mail servers) using simple service checks.</p>
<h1 id="zabbix-server-images">Zabbix server images</h1>
<p>Images are updated when new releases are published.</p>
<p>The image uses MySQL database. It uses the next procedure to start:</p>
<ul>
<li>Checking database availability</li>
<li>If <code>MYSQL_ROOT_PASSWORD</code> or <code>MYSQL_ALLOW_EMPTY_PASSWORD</code> are specified, the instance tries to create <code>MYSQL_USER</code> user with <code>MYSQL_PASSWORD</code> to use these credentials then for Zabbix server.</li>
<li>Checking of having <code>MYSQL_DATABASE</code> database. Creating <code>MYSQL_DATABASE</code> database name if it does not exist</li>
<li>Checking of having <code>dbversion</code> table. Creating Zabbix server database schema and upload initial data sample if no <code>dbversion</code> table</li>
</ul>
<h1 id="how-to-use-this-image">How to use this image</h1>
<h2 id="start-zabbix-server-mysql-">Start <code>zabbix-server-mysql</code></h2>
<p>Start a Zabbix server container as follows:</p>
<pre><code>podman <span class="hljs-keyword">run</span><span class="bash"> --name some-zabbix-server-mysql <span class="hljs-_">-e</span> DB_SERVER_HOST=<span class="hljs-string">"some-mysql-server"</span> <span class="hljs-_">-e</span> MYSQL_USER=<span class="hljs-string">"some-user"</span> <span class="hljs-_">-e</span> MYSQL_PASSWORD=<span class="hljs-string">"some-password"</span> <span class="hljs-_">-d</span> zabbix/zabbix-server-mysql:tag</span>
</code></pre><p>Where <code>some-zabbix-server-mysql</code> is the name you want to assign to your container, <code>some-mysql-server</code> is IP or DNS name of MySQL server, <code>some-user</code> is user to connect to Zabbix database on MySQL server, <code>some-password</code> is the password to connect to MySQL server and <code>tag</code> is the tag specifying the version you want.</p>
<blockquote>
<p>[!NOTE]
Zabbix server has possibility to execute <code>fping</code> utility to perform ICMP checks. When containers are running in rootless mode or with specific restrictions environment, you may face errors related to fping:
<code>fping: Operation not permitted</code>
or
lost all packets to all resources
in this case add <code>--cap-add=net_raw</code> to <code>docker run</code> or <code>podman run</code> commands.
Additionally fping executing in non-root environments can require sysctl modification:
<code>net.ipv4.ping_group_range=0 1995</code>
where 1995 is <code>zabbix</code> GID.</p>
</blockquote>
<h2 id="container-shell-access-and-viewing-zabbix-server-logs">Container shell access and viewing Zabbix server logs</h2>
<p>The <code>podman exec</code> command allows you to run commands inside a Podman container. The following command line will give you a bash shell inside your <code>zabbix-server-mysql</code> container:</p>
<pre><code class="lang-console">$ podman exec -ti <span class="hljs-keyword">some</span>-zabbix-server-mysql /bin/bash
</code></pre>
<p>The Zabbix server log is available through Podman&#39;s container log:</p>
<pre><code class="lang-console">$ podman logs <span class="hljs-keyword">some</span>-zabbix-server-mysql
</code></pre>
<h2 id="environment-variables">Environment Variables</h2>
<p>When you start the <code>zabbix-server-mysql</code> image, you can adjust the configuration of the Zabbix server by passing one or more environment variables on the <code>podman run</code> command line.</p>
<h3 id="-db_server_host-"><code>DB_SERVER_HOST</code></h3>
<p>This variable is IP or DNS name of MySQL server. By default, value is &#39;mysql-server&#39;</p>
<h3 id="-db_server_port-"><code>DB_SERVER_PORT</code></h3>
<p>This variable is port of MySQL server. By default, value is &#39;3306&#39;.</p>
<h3 id="-mysql_user-mysql_password-mysql_user_file-mysql_password_file-"><code>MYSQL_USER</code>, <code>MYSQL_PASSWORD</code>, <code>MYSQL_USER_FILE</code>, <code>MYSQL_PASSWORD_FILE</code></h3>
<p>These variables are used by Zabbix server to connect to Zabbix database. With the <code>_FILE</code> variables you can instead provide the path to a file which contains the user / the password instead. Without Docker Swarm or Kubernetes you also have to map the files. Those are exclusive so you can just provide one type - either <code>MYSQL_USER</code> or <code>MYSQL_USER_FILE</code>!</p>
<pre><code class="lang-console">podman run --name some-zabbix-server-mysql -e DB_SERVER_HOST=<span class="hljs-string">"some-mysql-server"</span> -v .<span class="hljs-regexp">/.MYSQL_USER:/</span>run<span class="hljs-regexp">/secrets/</span>MYSQL_USER -e MYSQL_USER_FILE=<span class="hljs-regexp">/run/</span>secrets<span class="hljs-regexp">/MYSQL_USER -v ./</span>.<span class="hljs-string">MYSQL_PASSWORD:</span><span class="hljs-regexp">/run/</span>secrets<span class="hljs-regexp">/MYSQL_PASSWORD -e MYSQL_PASSWORD_FILE=/</span>var<span class="hljs-regexp">/run/</span>secrets<span class="hljs-regexp">/MYSQL_PASSWORD -d zabbix/</span>zabbix-server-<span class="hljs-string">mysql:</span>tag
</code></pre>
<p>With Docker Swarm or Kubernetes this works with secrets. That way it is replicated in your cluster!</p>
<pre><code class="lang-console"><span class="hljs-built_in">printf</span> <span class="hljs-string">"zabbix"</span> | podman secret create MYSQL_USER -
<span class="hljs-built_in">printf</span> <span class="hljs-string">"zabbix"</span> | podman secret create MYSQL_PASSWORD -
podman run --name some-zabbix-server-mysql <span class="hljs-_">-e</span> DB_SERVER_HOST=<span class="hljs-string">"some-mysql-server"</span> <span class="hljs-_">-e</span> MYSQL_USER_FILE=/run/secrets/MYSQL_USER <span class="hljs-_">-e</span> MYSQL_PASSWORD_FILE=/run/secrets/MYSQL_PASSWORD <span class="hljs-_">-d</span> zabbix/zabbix-server-mysql:tag
</code></pre>
<p>This method is also applicable for <code>MYSQL_ROOT_PASSWORD</code> with <code>MYSQL_ROOT_PASSWORD_FILE</code>.</p>
<p>By default, values for <code>MYSQL_USER</code> and <code>MYSQL_PASSWORD</code> are <code>zabbix</code>, <code>zabbix</code>.</p>
<h3 id="-mysql_database-"><code>MYSQL_DATABASE</code></h3>
<p>The variable is Zabbix database name. By default, value is <code>zabbix</code>.</p>
<h3 id="-zbx_loadmodule-"><code>ZBX_LOADMODULE</code></h3>
<p>The variable is list of comma separated loadable Zabbix modules. It works with volume <code>/var/lib/zabbix/modules</code>. The syntax of the variable is <code>dummy1.so,dummy2.so</code>.</p>
<h3 id="-zbx_debuglevel-"><code>ZBX_DEBUGLEVEL</code></h3>
<p>The variable is used to specify debug level. By default, value is <code>3</code>. It is <code>DebugLevel</code> parameter in <code>zabbix_server.conf</code>. Allowed values are listed below:</p>
<ul>
<li><code>0</code> - basic information about starting and stopping of Zabbix processes;</li>
<li><code>1</code> - critical information</li>
<li><code>2</code> - error information</li>
<li><code>3</code> - warnings</li>
<li><code>4</code> - for debugging (produces lots of information)</li>
<li><code>5</code> - extended debugging (produces even more information)</li>
</ul>
<h3 id="-zbx_timeout-"><code>ZBX_TIMEOUT</code></h3>
<p>The variable is used to specify timeout for processing checks. By default, value is <code>4</code>.</p>
<h3 id="-zbx_javagateway_enable-"><code>ZBX_JAVAGATEWAY_ENABLE</code></h3>
<p>The variable enable communication with Zabbix Java Gateway to collect Java related checks. By default, value is <code>false</code>.</p>
<h3 id="other-variables">Other variables</h3>
<p>Additionally the image allows to specify many other environment variables listed below:</p>
<pre><code><span class="hljs-attr">ZBX_ALLOWUNSUPPORTEDDBVERSIONS</span>=<span class="hljs-number">0</span> # Available since <span class="hljs-number">6.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_DBTLSCONNECT</span>= # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_DBTLSCAFILE</span>= # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_DBTLSCERTFILE</span>= # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_DBTLSKEYFILE</span>= # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_DBTLSCIPHER</span>= # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_DBTLSCIPHER13</span>= # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_VAULTDBPATH</span>= # Available since <span class="hljs-number">5.2</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_VAULTURL</span>=https://<span class="hljs-number">127.0</span>.<span class="hljs-number">0.1</span>:<span class="hljs-number">8200</span> # Available since <span class="hljs-number">5.2</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">VAULT_TOKEN</span>= # Available since <span class="hljs-number">5.2</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_LISTENIP</span>=
<span class="hljs-attr">ZBX_LISTENPORT</span>=<span class="hljs-number">10051</span>
<span class="hljs-attr">ZBX_LISTENBACKLOG</span>=
<span class="hljs-attr">ZBX_STARTREPORTWRITERS</span>=<span class="hljs-number">0</span> # Available since <span class="hljs-number">5.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_WEBSERVICEURL</span>=http://zabbix-web-service:<span class="hljs-number">10053</span>/report # Available since <span class="hljs-number">5.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_SERVICEMANAGERSYNCFREQUENCY</span>=<span class="hljs-number">60</span> # Available since <span class="hljs-number">6.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_HISTORYSTORAGEURL</span>= # Available since <span class="hljs-number">3.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_HISTORYSTORAGETYPES</span>=uint,dbl,str,log,text # Available since <span class="hljs-number">3.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_STARTPOLLERS</span>=<span class="hljs-number">5</span>
<span class="hljs-attr">ZBX_IPMIPOLLERS</span>=<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_STARTPREPROCESSORS</span>=<span class="hljs-number">3</span> # Available since <span class="hljs-number">3.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_STARTCONNECTORS</span>=<span class="hljs-number">0</span> # Available since <span class="hljs-number">6.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_STARTPOLLERSUNREACHABLE</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTTRAPPERS</span>=<span class="hljs-number">5</span>
<span class="hljs-attr">ZBX_STARTPINGERS</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTDISCOVERERS</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTHISTORYPOLLERS</span>=<span class="hljs-number">5</span> # Available since <span class="hljs-number">5.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_STARTHTTPPOLLERS</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTODBCPOLLERS</span>=<span class="hljs-number">1</span> # Available since <span class="hljs-number">6.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_STARTTIMERS</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTESCALATORS</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_STARTALERTERS</span>=<span class="hljs-number">3</span> # Available since <span class="hljs-number">3.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_JAVAGATEWAY</span>=zabbix-java-gateway
<span class="hljs-attr">ZBX_JAVAGATEWAYPORT</span>=<span class="hljs-number">10052</span>
<span class="hljs-attr">ZBX_STARTJAVAPOLLERS</span>=<span class="hljs-number">5</span>
<span class="hljs-attr">ZBX_STARTLLDPROCESSORS</span>=<span class="hljs-number">2</span> # Available since <span class="hljs-number">4.2</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_STATSALLOWEDIP</span>= # Available since <span class="hljs-number">4.0</span>.<span class="hljs-number">5</span>
<span class="hljs-attr">ZBX_STARTVMWARECOLLECTORS</span>=<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_VMWAREFREQUENCY</span>=<span class="hljs-number">60</span>
<span class="hljs-attr">ZBX_VMWAREPERFFREQUENCY</span>=<span class="hljs-number">60</span>
<span class="hljs-attr">ZBX_VMWARECACHESIZE</span>=<span class="hljs-number">8</span>M
<span class="hljs-attr">ZBX_VMWARETIMEOUT</span>=<span class="hljs-number">10</span>
<span class="hljs-attr">ZBX_ENABLE_SNMP_TRAPS</span>=<span class="hljs-literal">false</span>
<span class="hljs-attr">ZBX_SOURCEIP</span>=
<span class="hljs-attr">ZBX_HOUSEKEEPINGFREQUENCY</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_MAXHOUSEKEEPERDELETE</span>=<span class="hljs-number">5000</span>
<span class="hljs-attr">ZBX_PROBLEMHOUSEKEEPINGFREQUENCY</span>=<span class="hljs-number">60</span> # Available since <span class="hljs-number">6.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_SENDERFREQUENCY</span>=<span class="hljs-number">30</span> # Depcrecated since <span class="hljs-number">3.4</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_CACHESIZE</span>=<span class="hljs-number">8</span>M
<span class="hljs-attr">ZBX_CACHEUPDATEFREQUENCY</span>=<span class="hljs-number">10</span>
<span class="hljs-attr">ZBX_STARTDBSYNCERS</span>=<span class="hljs-number">4</span>
<span class="hljs-attr">ZBX_EXPORTFILESIZE</span>=<span class="hljs-number">1</span>G # Available since <span class="hljs-number">4.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_EXPORTTYPE</span>= # Available since <span class="hljs-number">5.0</span>.<span class="hljs-number">10</span> and <span class="hljs-number">5.2</span>.<span class="hljs-number">6</span>
<span class="hljs-attr">ZBX_AUTOHANODENAME</span>=fqdn # Allowed values: fqdn, hostname. Available since <span class="hljs-number">6.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_HANODENAME</span>= # Available since <span class="hljs-number">6.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_AUTONODEADDRESS</span>=fqdn # Allowed values: fqdn, hostname. Available since <span class="hljs-number">6.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_NODEADDRESSPORT</span>=<span class="hljs-number">10051</span> # Allowed to use with ZBX_AUTONODEADDRESS variable <span class="hljs-literal">on</span>ly. Available since <span class="hljs-number">6.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_NODEADDRESS</span>=localhost # Available since <span class="hljs-number">6.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_HISTORYCACHESIZE</span>=<span class="hljs-number">16</span>M
<span class="hljs-attr">ZBX_HISTORYINDEXCACHESIZE</span>=<span class="hljs-number">4</span>M
<span class="hljs-attr">ZBX_HISTORYSTORAGEDATEINDEX</span>=<span class="hljs-number">0</span> # Available since <span class="hljs-number">4.0</span>.<span class="hljs-number">0</span>
<span class="hljs-attr">ZBX_TRENDCACHESIZE</span>=<span class="hljs-number">4</span>M
<span class="hljs-attr">ZBX_TRENDFUNCTIONCACHESIZE</span>=<span class="hljs-number">4</span>M
<span class="hljs-attr">ZBX_VALUECACHESIZE</span>=<span class="hljs-number">8</span>M
<span class="hljs-attr">ZBX_TRAPPERTIMEOUT</span>=<span class="hljs-number">300</span>
<span class="hljs-attr">ZBX_UNREACHABLEPERIOD</span>=<span class="hljs-number">45</span>
<span class="hljs-attr">ZBX_UNAVAILABLEDELAY</span>=<span class="hljs-number">60</span>
<span class="hljs-attr">ZBX_UNREACHABLEDELAY</span>=<span class="hljs-number">15</span>
<span class="hljs-attr">ZBX_LOGSLOWQUERIES</span>=<span class="hljs-number">3000</span>
<span class="hljs-attr">ZBX_STARTPROXYPOLLERS</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_PROXYCONFIGFREQUENCY</span>=<span class="hljs-number">10</span>
<span class="hljs-attr">ZBX_PROXYDATAFREQUENCY</span>=<span class="hljs-number">1</span>
<span class="hljs-attr">ZBX_TLSCAFILE</span>=
<span class="hljs-attr">ZBX_TLSCRLFILE</span>=
<span class="hljs-attr">ZBX_TLSCERTFILE</span>=
<span class="hljs-attr">ZBX_TLSKEYFILE</span>=
<span class="hljs-attr">ZBX_TLSCIPHERALL</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERALL13</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERCERT</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERCERT13</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERPSK</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
<span class="hljs-attr">ZBX_TLSCIPHERPSK13</span>= # Available since <span class="hljs-number">4.4</span>.<span class="hljs-number">7</span>
</code></pre><p>Default values of these variables are specified after equal sign.</p>
<p>The allowed variables are identical of parameters in official <code>zabbix_server.conf</code>. For example, <code>ZBX_LOGSLOWQUERIES</code> = <code>LogSlowQueries</code>.</p>
<p>Please use official documentation for <a href="https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_server"><code>zabbix_server.conf</code></a> to get more information about the variables.</p>
<h2 id="allowed-volumes-for-the-zabbix-server-container">Allowed volumes for the Zabbix server container</h2>
<h3 id="-usr-lib-zabbix-alertscripts-"><code>/usr/lib/zabbix/alertscripts</code></h3>
<p>The volume is used for custom alert scripts. It is <code>AlertScriptsPath</code> parameter in <code>zabbix_server.conf</code>.</p>
<h3 id="-usr-lib-zabbix-externalscripts-"><code>/usr/lib/zabbix/externalscripts</code></h3>
<p>The volume is used by External checks (type of items). It is <code>ExternalScripts</code> parameter in <code>zabbix_server.conf</code>.</p>
<h3 id="-var-lib-zabbix-modules-"><code>/var/lib/zabbix/modules</code></h3>
<p>The volume allows load additional modules and extend Zabbix server using <code>LoadModule</code> feature.</p>
<h3 id="-var-lib-zabbix-enc-"><code>/var/lib/zabbix/enc</code></h3>
<p>The volume is used to store TLS related files. These file names are specified using <code>ZBX_TLSCAFILE</code>, <code>ZBX_TLSCRLFILE</code>, <code>ZBX_TLSKEY_FILE</code> and <code>ZBX_TLSPSKFILE</code> variables.</p>
<h3 id="-var-lib-zabbix-ssh_keys-"><code>/var/lib/zabbix/ssh_keys</code></h3>
<p>The volume is used as location of public and private keys for SSH checks and actions. It is <code>SSHKeyLocation</code> parameter in <code>zabbix_server.conf</code>.</p>
<h3 id="-var-lib-zabbix-ssl-certs-"><code>/var/lib/zabbix/ssl/certs</code></h3>
<p>The volume is used as location of of SSL client certificate files for client authentication. It is <code>SSLCertLocation</code> parameter in <code>zabbix_server.conf</code>.</p>
<h3 id="-var-lib-zabbix-ssl-keys-"><code>/var/lib/zabbix/ssl/keys</code></h3>
<p>The volume is used as location of SSL private key files for client authentication. It is <code>SSLKeyLocation</code> parameter in <code>zabbix_server.conf</code>.</p>
<h3 id="-var-lib-zabbix-ssl-ssl_ca-"><code>/var/lib/zabbix/ssl/ssl_ca</code></h3>
<p>The volume is used as location of certificate authority (CA) files for SSL server certificate verification. It is <code>SSLCALocation</code> parameter in <code>zabbix_server.conf</code>.</p>
<h3 id="-var-lib-zabbix-snmptraps-"><code>/var/lib/zabbix/snmptraps</code></h3>
<p>The volume is used as location of <code>snmptraps.log</code> file. It could be shared by <code>zabbix-snmptraps</code> container and inherited using <code>volumes_from</code> Podman option while creating new instance of Zabbix server.
SNMP traps processing feature could be enabled using shared volume and switched <code>ZBX_ENABLE_SNMP_TRAPS</code> environment variable to <code>true</code>.</p>
<h3 id="-var-lib-zabbix-mibs-"><code>/var/lib/zabbix/mibs</code></h3>
<p>The volume allows to add new MIB files. It does not support subdirectories, all MIBs must be placed to <code>/var/lib/zabbix/mibs</code>.</p>
<h3 id="-var-lib-zabbix-export-"><code>/var/lib/zabbix/export</code></h3>
<p>Directory for real-time export of events, history and trends in newline-delimited JSON format. Could be enabled using <code>ZBX_EXPORTFILESIZE</code> environment variable.</p>
<h1 id="user-feedback">User Feedback</h1>
<h2 id="documentation">Documentation</h2>
<p>Documentation for this image is stored in the <a href="https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/server-mysql/rhel/"><code>server-mysql/</code> directory</a> of the <a href="https://github.com/zabbix/zabbix-docker/"><code>zabbix/zabbix-docker</code> GitHub repo</a>. Be sure to familiarize yourself with the <a href="https://github.com/zabbix/zabbix-docker/blob/6.4/README.md">repository&#39;s <code>README.md</code> file</a> before attempting a pull request.</p>
<h2 id="issues">Issues</h2>
<p>If you have any problems with or questions about this image, please contact us through a <a href="https://github.com/zabbix/zabbix-docker/issues">GitHub issue</a>.</p>
<h3 id="known-issues">Known issues</h3>
<h2 id="contributing">Contributing</h2>
<p>You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.</p>
<p>Before you start to code, we recommend discussing your plans through a <a href="https://github.com/zabbix/zabbix-docker/issues">GitHub issue</a>, especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.</p>

1
Dockerfiles/server-mysql/rhel/README.md
View File

@ -1 +0,0 @@
../README.md

6
Dockerfiles/server-mysql/ubuntu/Dockerfile
View File

@ -34,7 +34,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_server.conf", "/etc/zabbix/zabbix_server.conf"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_server.sql.gz", "/usr/share/doc/zabbix-server-mysql/create.sql.gz"]
RUN set -eux && \
RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
tini \
@ -99,8 +100,7 @@ RUN set -eux && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
apt-get -y autoremove && \
apt-get -y clean && \
rm -rf /var/lib/apt/lists/*
apt-get -y clean
EXPOSE 10051/TCP

8
Dockerfiles/server-pgsql/README.md
View File

@ -16,16 +16,12 @@ The server performs the polling and trapping of data, it calculates triggers, se
# Zabbix server images
These are the only official Zabbix server Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), 22.04 (jammy), CentOS Stream 8 and Oracle Linux 8 images. The available versions of Zabbix server are:
These are the only official Zabbix server Docker images. They are based on Alpine Linux v3.19, Ubuntu 22.04 (jammy), CentOS Stream 9 and Oracle Linux 9 images. The available versions of Zabbix server are:
Zabbix server 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest)
Zabbix server 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*)
Zabbix server 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest)
Zabbix server 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*)
Zabbix server 6.0 (tags: alpine-6.0-latest, ubuntu-6.0-latest, ol-6.0-latest)
Zabbix server 6.0.* (tags: alpine-6.0.*, ubuntu-6.0.*, ol-6.0.*)
Zabbix server 6.2 (tags: alpine-6.2-latest, ubuntu-6.2-latest, ol-6.2-latest)
Zabbix server 6.2.* (tags: alpine-6.2.*, ubuntu-6.2.*, ol-6.2.*)
Zabbix server 6.4 (tags: alpine-6.4-latest, ubuntu-6.4-latest, ol-6.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest)
Zabbix server 6.4.* (tags: alpine-6.4.*, ubuntu-6.4.*, ol-6.4.*)
Zabbix server 7.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk)
@ -305,7 +301,7 @@ Please see [the Docker installation documentation](https://docs.docker.com/insta
## Documentation
Documentation for this image is stored in the [`server-pgsql/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/server-pgsql) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request.
Documentation for this image is stored in the [`server-pgsql/` directory](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/server-pgsql) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/6.4/README.md) before attempting a pull request.
## Issues

3
Dockerfiles/server-pgsql/alpine/Dockerfile
View File

@ -97,8 +97,7 @@ RUN set -eux && \
mkdir -p /usr/share/doc/zabbix-server-postgresql && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
rm -rf /var/cache/apk/*
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/
EXPOSE 10051/TCP

2
Dockerfiles/server-pgsql/alpine/docker-entrypoint.sh
View File

@ -331,7 +331,7 @@ apply_db_scripts() {
}
create_db_schema_postgresql() {
DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid =
DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid =
c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}")
if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then

48
Dockerfiles/server-pgsql/centos/Dockerfile
View File

@ -5,7 +5,7 @@ ARG BUILD_BASE_IMAGE=zabbix-build-pgsql:centos-${ZBX_VERSION}
FROM ${BUILD_BASE_IMAGE} AS builder
FROM quay.io/centos/centos:stream9
FROM quay.io/centos/centos:stream9-minimal
ARG MAJOR_VERSION
ARG ZBX_VERSION
@ -37,7 +37,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/timescaledb
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/timescaledb/option-patches/with-compression/*.sql", "/usr/share/doc/zabbix-server-postgresql/option-patches/with-compression/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/timescaledb/option-patches/without-compression/*.sql", "/usr/share/doc/zabbix-server-postgresql/option-patches/without-compression/"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
REPOLIST="baseos,appstream,epel" && \
INSTALL_PKGS="fping \
file-libs \
@ -49,6 +50,8 @@ RUN set -eux && \
traceroute \
libevent \
libssh \
libpsl \
libbrotli \
libxml2 \
net-snmp-libs \
OpenIPMI-libs \
@ -57,25 +60,30 @@ RUN set -eux && \
pcre2 \
postgresql \
postgresql-libs \
shadow-utils \
zlib \
gzip \
unixODBC" && \
dnf -y install epel-release && \
dnf -y install \
--disablerepo "*" \
--enablerepo "${REPOLIST}" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y install \
--disablerepo "*" \
--enablerepo "${REPOLIST}" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--allowerasing \
--best \
libcurl && \
microdnf -y install \
--disablerepo "*" \
--enablerepo "extras-common" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs epel-release && \
microdnf -y install \
--disablerepo "*" \
--enablerepo "baseos" \
--enablerepo "appstream" \
--enablerepo="epel" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs ${INSTALL_PKGS} && \
microdnf download libcurl && \
rpm -Uvh --nodeps --replacefiles "*curl*$( uname -i ).rpm" && \
microdnf remove -y libcurl-minimal && \
rm -rf "*curl*$( uname -i ).rpm" && \
groupadd \
--system \
--gid 1995 \
@ -111,9 +119,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
dnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10051/TCP

2
Dockerfiles/server-pgsql/centos/docker-entrypoint.sh
View File

@ -331,7 +331,7 @@ apply_db_scripts() {
}
create_db_schema_postgresql() {
DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid =
DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid =
c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}")
if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then

8
Dockerfiles/server-pgsql/ol/Dockerfile
View File

@ -38,7 +38,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/timescaledb
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/timescaledb/option-patches/without-compression/*.sql", "/usr/share/doc/zabbix-server-postgresql/option-patches/without-compression/"]
COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel-ol9.repo"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="fping \
file-libs \
tini \
@ -66,6 +67,7 @@ RUN set -eux && \
--enablerepo="ol9_appstream" \
--enablerepo="ol9_developer_EPEL" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs \
${INSTALL_PKGS} && \
@ -104,9 +106,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 10051/TCP

2
Dockerfiles/server-pgsql/ol/docker-entrypoint.sh
View File

@ -331,7 +331,7 @@ apply_db_scripts() {
}
create_db_schema_postgresql() {
DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid =
DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid =
c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}")
if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then

6
Dockerfiles/server-pgsql/ubuntu/Dockerfile
View File

@ -37,7 +37,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/timescaledb
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/timescaledb/option-patches/with-compression/*.sql", "/usr/share/doc/zabbix-server-postgresql/option-patches/with-compression/"]
COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/timescaledb/option-patches/without-compression/*.sql", "/usr/share/doc/zabbix-server-postgresql/option-patches/without-compression/"]
RUN set -eux && \
RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
tini \
@ -102,8 +103,7 @@ RUN set -eux && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
apt-get -y autoremove && \
apt-get -y clean && \
rm -rf /var/lib/apt/lists/*
apt-get -y clean
EXPOSE 10051/TCP

2
Dockerfiles/server-pgsql/ubuntu/docker-entrypoint.sh
View File

@ -331,7 +331,7 @@ apply_db_scripts() {
}
create_db_schema_postgresql() {
DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid =
DBVERSION_TABLE_EXISTS=$(psql_query "SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid =
c.relnamespace WHERE n.nspname = '$DB_SERVER_SCHEMA' AND c.relname = 'dbversion'" "${DB_SERVER_DBNAME}")
if [ -n "${DBVERSION_TABLE_EXISTS}" ]; then

8
Dockerfiles/snmptraps/README.md
View File

@ -14,16 +14,12 @@ The image is used to receive SNMP traps, store them to a log file and provide ac
# Zabbix snmptraps images
These are the only official Zabbix snmptraps Docker images. They are based on Alpine Linux v3.12, Ubuntu 20.04 (focal), 22.04 (jammy), CentOS Stream 8 and Oracle Linux 8 images. The available versions of Zabbix snmptraps are:
These are the only official Zabbix snmptraps Docker images. They are based on Alpine Linux v3.19, Ubuntu 22.04 (jammy), CentOS Stream 9 and Oracle Linux 9 images. The available versions of Zabbix snmptraps are:
Zabbix snmptraps 4.0 (tags: alpine-4.0-latest, ubuntu-4.0-latest, centos-4.0-latest)
Zabbix snmptraps 4.0.* (tags: alpine-4.0.*, ubuntu-4.0.*, centos-4.0.*)
Zabbix snmptraps 5.0 (tags: alpine-5.0-latest, ubuntu-5.0-latest, ol-5.0-latest)
Zabbix snmptraps 5.0.* (tags: alpine-5.0.*, ubuntu-5.0.*, ol-5.0.*)
Zabbix snmptraps 6.0 (tags: alpine-6.0-latest, ubuntu-6.0-latest, ol-6.0-latest)
Zabbix snmptraps 6.0.* (tags: alpine-6.0.*, ubuntu-6.0.*, ol-6.0.*)
Zabbix snmptraps 6.2 (tags: alpine-6.2-latest, ubuntu-6.2-latest, ol-6.2-latest)
Zabbix snmptraps 6.2.* (tags: alpine-6.2.*, ubuntu-6.2.*, ol-6.2.*)
Zabbix snmptraps 6.4 (tags: alpine-6.4-latest, ubuntu-6.4-latest, ol-6.4-latest, alpine-latest, ubuntu-latest, ol-latest, latest)
Zabbix snmptraps 6.4.* (tags: alpine-6.4.*, ubuntu-6.4.*, ol-6.4.*)
Zabbix snmptraps 7.0 (tags: alpine-trunk, ubuntu-trunk, ol-trunk)
@ -117,7 +113,7 @@ Please see [the Docker installation documentation](https://docs.docker.com/insta
## Documentation
Documentation for this image is stored in the [`snmptraps/` directory](https://github.com/zabbix/zabbix-docker/tree/3.0/snmptraps) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request.
Documentation for this image is stored in the [`snmptraps/` directory](https://github.com/zabbix/zabbix-docker/tree/6.4/Dockerfiles/snmptraps) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/6.4/README.md) before attempting a pull request.
## Issues

3
Dockerfiles/snmptraps/alpine/Dockerfile
View File

@ -48,8 +48,7 @@ RUN set -eux && \
touch /var/lib/net-snmp/snmptrapd.conf && \
chown --quiet -R zabbix:root /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \
chgrp -R 0 /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \
chmod -R g=u /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \
rm -rf /var/cache/apk/*
chmod -R g=u /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/
EXPOSE 1162/UDP

26
Dockerfiles/snmptraps/centos/Dockerfile
View File

@ -1,4 +1,4 @@
FROM quay.io/centos/centos:stream9
FROM quay.io/centos/centos:stream9-minimal
ARG MAJOR_VERSION=6.4
ARG ZBX_VERSION=${MAJOR_VERSION}.11
@ -21,18 +21,20 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
STOPSIGNAL SIGTERM
RUN set -eux && \
REPOLIST="baseos,appstream" && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tzdata \
shadow-utils \
net-snmp" && \
dnf -y install \
--disablerepo "*" \
--enablerepo "${REPOLIST}" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
microdnf -y install \
--disablerepo "*" \
--enablerepo "baseos" \
--enablerepo "appstream" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs ${INSTALL_PKGS} && \
groupadd \
--system \
--gid 1995 \
@ -52,9 +54,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \
chgrp -R 0 /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \
chmod -R g=u /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \
dnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 1162/UDP

8
Dockerfiles/snmptraps/ol/Dockerfile
View File

@ -21,7 +21,8 @@ LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zab
STOPSIGNAL SIGTERM
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tzdata \
net-snmp" && \
@ -30,6 +31,7 @@ RUN set -eux && \
--enablerepo="ol9_baseos_latest" \
--enablerepo="ol9_appstream" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--nodocs \
${INSTALL_PKGS} && \
@ -52,9 +54,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \
chgrp -R 0 /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \
chmod -R g=u /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 1162/UDP

10
Dockerfiles/snmptraps/rhel/Dockerfile
View File

@ -1,4 +1,4 @@
FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
FROM registry.access.redhat.com/ubi9/ubi-minimal:9.3
ARG MAJOR_VERSION=6.4
ARG RELEASE=11
@ -42,7 +42,8 @@ STOPSIGNAL SIGTERM
COPY ["licenses", "/licenses"]
RUN set -eux && \
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
shadow-utils \
tzdata \
@ -52,6 +53,7 @@ RUN set -eux && \
--enablerepo "ubi-9-baseos-rpms" \
--enablerepo "ubi-9-appstream-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
@ -74,9 +76,7 @@ RUN set -eux && \
chown --quiet -R zabbix:root /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \
chgrp -R 0 /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \
chmod -R g=u /etc/snmp/ /var/lib/zabbix/ /var/tmp/ /var/run/ && \
microdnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
microdnf -y clean all
EXPOSE 1162/UDP

Some files were not shown because too many files have changed in this diff Show More