extern/zabbix-docker
1
0
Fork 0
mirror of https://github.com/zabbix/zabbix-docker.git synced 2025-04-11 21:08:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added Zabbix web service image

Browse Source
This commit is contained in:
Alexey Pustovalov 2021-04-27 16:27:37 -04:00
parent da87d10b4e
commit 5655cff50a
15 changed files with 844 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.env_web_service
View File

@ -1,4 +1,4 @@
ZBX_DEBUGLEVEL=5
# ZBX_DEBUGLEVEL=3
ZBX_ALLOWEDIP=zabbix-server
# ZBX_LISTENPORT=10053
# ZBX_LISTENIP=

1
web-service/centos/.dockerignore Normal file
View File

@ -0,0 +1 @@
build.sh

102
web-service/centos/Dockerfile Normal file
View File

@ -0,0 +1,102 @@
FROM centos:centos8
LABEL org.opencontainers.image.title="Zabbix web service" \
org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.vendor="Zabbix LLC" \
org.opencontainers.image.url="https://zabbix.com/" \
org.opencontainers.image.description="Zabbix web servce for performing various tasks using headless web browser" \
org.opencontainers.image.licenses="GPL v2.0"
STOPSIGNAL SIGTERM
RUN set -eux && \
ARCH_SUFFIX="$(arch)"; \
case "$ARCH_SUFFIX" in \
i686) export ARCH_SUFFIX='i386' ;; \
x86_64) [ -f /lib64/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \
aarch64) export ARCH_SUFFIX='arm64' ;; \
armv7l) export ARCH_SUFFIX='armhf' ;; \
ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \
s390x) export ARCH_SUFFIX='s390x' ;; \
*) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \
esac; \
groupadd --system --gid 1995 zabbix && \
useradd \
--system --comment "Zabbix monitoring system" \
-g zabbix -G root \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
dnf --quiet makecache && \
dnf -y install epel-release && \
dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \
chromium \
openssl-libs \
zlib && \
dnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
ARG MAJOR_VERSION=5.4
ARG ZBX_VERSION=${MAJOR_VERSION}
ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES}
LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \
org.opencontainers.image.version="${ZBX_VERSION}" \
org.opencontainers.image.source="${ZBX_SOURCES}"
RUN set -eux && \
dnf --quiet makecache && \
dnf -y install --setopt=tsflags=nodocs --setopt=install_weak_deps=False --best \
autoconf \
automake \
gcc \
make \
golang \
git && \
cd /tmp/ && \
git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
./bootstrap.sh && \
export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \
./configure \
--datadir=/usr/lib \
--libdir=/usr/lib/zabbix \
--prefix=/usr \
--sysconfdir=/etc/zabbix \
--prefix=/usr \
--enable-ipv6 \
--enable-webservice \
--silent && \
make -j"$(nproc)" -s && \
cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_web_service /usr/sbin/zabbix_web_service && \
cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_web_service.conf /etc/zabbix/zabbix_web_service.conf && \
cd /tmp/ && \
rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
dnf -y history undo `dnf -q history | sed -n 3p |column -t | cut -d' ' -f1` && \
dnf -y clean all && \
rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \
rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki
EXPOSE 10053/TCP
WORKDIR /var/lib/zabbix
COPY ["docker-entrypoint.sh", "/usr/bin/"]
ENTRYPOINT ["docker-entrypoint.sh"]
USER 1997
CMD ["/usr/sbin/zabbix_web_service", "-c", "/etc/zabbix/zabbix_web_service.conf"]

149
web-service/centos/README.md Normal file
View File

@ -0,0 +1,149 @@
![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png)
# What is Zabbix?
Zabbix is an enterprise-class open source distributed monitoring solution.
Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning.
For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com
# What is Zabbix web service?
Zabbix web servce for performing various tasks using headless web browser (for example, reporting).
# Zabbix web service images
These are the only official Zabbix web service Docker images. They are based on Alpine Linux v3.13, Ubuntu 20.04 (focal) and CentOS 8 images. The available versions of Zabbix web service are:
Zabbix web service 5.4 (tags: alpine-trunk, ubuntu-trunk, centos-trunk)
Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux.
# How to use this image
## Start `zabbix-web-service`
Start a Zabbix web service container as follows:
docker run --name some-zabbix-web-service -e ZBX_ALLOWEDIP="some-zabbix-server" --cap-add=SYS_ADMIN -d zabbix/zabbix-web-service:tag
Where `some-zabbix-web-service` is the name you want to assign to your container, `some-zabbix-server` is IP or DNS name of Zabbix server and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-web-service/tags/).
## Connects from Zabbix server in other containers
This image exposes the standard Zabbix web service port (``10053``) to perform communication, so container linking makes Zabbix web service instance available to Zabbix server containers. Start your application container like this in order to link it to the Zabbix web service container:
```console
$ docker run --name some-zabbix-server --link some-zabbix-web-service:zabbix-web-service -e ZBX_STARTREPORTWRITERS="2" -e ZBX_WEBSERVICEURL="http://some-zabbix-web-service:10053/report" -d zabbix/zabbix-server:latest
```
## Container shell access and viewing Zabbix web service logs
The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-web-service` container:
```console
$ docker exec -ti some-zabbix-web-service /bin/bash
```
The Zabbix web service log is available through Docker's container log:
```console
$ docker logs some-zabbix-web-service
```
## Environment Variables
When you start the `zabbix-web-service` image, you can adjust the configuration of the Zabbix web service by passing one or more environment variables on the `docker run` command line.
### `ZBX_ALLOWEDIP`
This variable is IP or DNS name or list of IP / DNS names of Zabbix server. By default, value is `zabbix-server`.
### `ZBX_LISTENPORT`
Listen port for incoming request. By default, value is `10053`.
### `ZBX_DEBUGLEVEL`
The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_web_service.conf``. Allowed values are listed below:
- ``0`` - basic information about starting and stopping of Zabbix processes;
- ``1`` - critical information
- ``2`` - error information
- ``3`` - warnings
- ``4`` - for debugging (produces lots of information)
- ``5`` - extended debugging (produces even more information)
### `ZBX_TIMEOUT`
The variable is used to specify timeout for processing requests. By default, value is ``3``.
### Other variables
Additionally the image allows to specify many other environment variables listed below:
```
ZBX_TLSACCEPT=unencrypted
ZBX_TLSCAFILE=
ZBX_TLSCERTFILE=
ZBX_TLSKEYFILE=
```
Default values of these variables are specified after equal sign.
Please use official documentation for [``zabbix_web_service.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_web_service) to get more information about the variables.
## Allowed volumes for the Zabbix web service container
### ``/var/lib/zabbix/enc``
The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCERTFILE`` and ``ZBX_TLSKEY_FILE`` variables.
# The image variants
The `zabbix-web-service` images come in many flavors, each designed for a specific use case.
## `zabbix-web-service:ubuntu-<version>`
This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of.
## `zabbix-web-service:alpine-<version>`
This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general.
This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images.
To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar).
# Supported Docker versions
This image is officially supported on Docker version 1.12.0.
Support for older versions (down to 1.6) is provided on a best-effort basis.
Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon.
# User Feedback
## Documentation
Documentation for this image is stored in the [`web-service/` directory](https://github.com/zabbix/zabbix-docker/tree/5.4/web-service) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request.
## Issues
If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues).
### Known issues
Zabbix web services uses Google Chromium with headless mode. Because of restrictions you may see the following error during report generation:
```
Failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted
```
To avoid the issue it is required to add ``SYS_ADMIN`` capability for Zabbix web service. The capability is redundant and allow too much.
## Contributing
You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.
Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.

1
web-service/centos/build.sh Symbolic link
View File

@ -0,0 +1 @@
../../build.sh

139
web-service/centos/docker-entrypoint.sh Executable file
View File

@ -0,0 +1,139 @@
#!/bin/bash
set -o pipefail
set +e
# Script trace mode
if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//[$'\n']/}"
var_value="${var_value//\//\\/}"
var_value="${var_value//./\\.}"
var_value="${var_value//\*/\\*}"
var_value="${var_value//^/\\^}"
var_value="${var_value//\$/\\\$}"
var_value="${var_value//\&/\\\&}"
var_value="${var_value//\[/\\[}"
var_value="${var_value//\]/\\]}"
echo "$var_value"
}
update_config_var() {
local config_path=$1
local var_name=$2
local var_value=$3
local is_multiple=$4
if [ ! -f "$config_path" ]; then
echo "**** Configuration file '$config_path' does not exist"
return
fi
echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..."
# Remove configuration parameter definition in case of unset parameter value
if [ -z "$var_value" ]; then
sed -i -e "/^$var_name=/d" "$config_path"
echo "removed"
return
fi
# Remove value from configuration parameter in case of double quoted parameter value
if [ "$var_value" == '""' ]; then
sed -i -e "/^$var_name=/s/=.*/=/" "$config_path"
echo "undefined"
return
fi
# Use full path to a file for TLS related configuration parameters
if [[ $var_name =~ ^TLS.*File$ ]]; then
var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value
fi
# Escaping characters in parameter value and name
var_value=$(escape_spec_char "$var_value")
var_name=$(escape_spec_char "$var_name")
if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then
sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path"
echo "updated"
elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then
sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path"
echo "added first occurrence"
elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then
sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path"
echo "added"
else
sed -i -e '$a\' -e "$var_name=$var_value" "$config_path"
echo "added at the end"
fi
}
update_config_multiple_var() {
local config_path=$1
local var_name=$2
local var_value=$3
var_value="${var_value%\"}"
var_value="${var_value#\"}"
local IFS=,
local OPT_LIST=($var_value)
for value in "${OPT_LIST[@]}"; do
update_config_var $config_path $var_name $value true
done
}
prepare_zbx_web_service_config() {
echo "** Preparing Zabbix web service configuration file"
ZBX_WEB_SERVICE_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf
update_config_var $ZBX_WEB_SERVICE_CONFIG "LogType" "console"
update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFile"
update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFileSize"
update_config_var $ZBX_WEB_SERVICE_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
: ${ZBX_ALLOWEDIP:="zabbix-server"}
update_config_var $ZBX_WEB_SERVICE_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}"
update_config_var $ZBX_WEB_SERVICE_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_WEB_SERVICE_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}"
update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}"
update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}"
}
prepare_web_service() {
echo "** Preparing Zabbix web service"
prepare_zbx_web_service_config
}
#################################################
if [ "$1" == '/usr/sbin/zabbix_web_service' ]; then
prepare_web_service
fi
exec "$@"
#################################################

13
web-service/centos/hooks/build Executable file
View File

@ -0,0 +1,13 @@
#!/bin/bash
#
# Additional information: https://docs.docker.com/docker-cloud/builds/advanced/
#
MAJOR_VERSION=$(cat Dockerfile | grep "ARG MAJOR_VERSION" | cut -f2 -d"=")
MINOR_VERSION=$(cat Dockerfile | grep "ARG ZBX_VERSION" | cut -f2 -d".")
VCS_REF=$MAJOR_VERSION.$MINOR_VERSION
BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
echo "$BUILD_DATE - Building $VCS_REF version..."
docker build --build-arg VCS_REF="$VCS_REF" --build-arg BUILD_DATE="$BUILD_DATE" -t $IMAGE_NAME .

1
web-service/ubuntu/.dockerignore Normal file
View File

@ -0,0 +1 @@
build.sh

118
web-service/ubuntu/Dockerfile Normal file
View File

@ -0,0 +1,118 @@
FROM ubuntu:focal
LABEL org.opencontainers.image.title="Zabbix web service" \
org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
org.opencontainers.image.vendor="Zabbix LLC" \
org.opencontainers.image.url="https://zabbix.com/" \
org.opencontainers.image.description="Zabbix web servce for performing various tasks using headless web browser" \
org.opencontainers.image.licenses="GPL v2.0"
STOPSIGNAL SIGTERM
COPY ["conf/etc/apt/sources.list.d/debian.list", "/etc/apt/sources.list.d/debian.list"]
COPY ["conf/etc/apt/preferences.d/chromium.pref", "/etc/apt/preferences.d/chromium.pref"]
RUN set -eux && \
ARCH_SUFFIX="$(arch)"; \
case "$ARCH_SUFFIX" in \
i686) export ARCH_SUFFIX='i386' ;; \
x86_64) [ -f /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 ] && export ARCH_SUFFIX='amd64' || export ARCH_SUFFIX='i386' ;; \
aarch64) export ARCH_SUFFIX='arm64' ;; \
armv7l) export ARCH_SUFFIX='armhf' ;; \
ppc64el|ppc64le) export ARCH_SUFFIX='ppc64le' ;; \
s390x) export ARCH_SUFFIX='s390x' ;; \
*) echo "Unknown ARCH_SUFFIX=${ARCH_SUFFIX-}"; exit 1 ;; \
esac; \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
groupadd --system --gid 1995 zabbix && \
useradd \
--system --comment "Zabbix monitoring system" \
-g zabbix -G root \
--uid 1997 \
--shell /sbin/nologin \
--home-dir /var/lib/zabbix/ \
zabbix && \
mkdir -p /etc/zabbix && \
mkdir -p /var/lib/zabbix && \
mkdir -p /var/lib/zabbix/enc && \
apt-get -y update | true && \
DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \
ca-certificates \
gnupg && \
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys DCC9EFBF77E11517 && \
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138 && \
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys AA8E81B4331F7F50 && \
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 112695A0E562B32A && \
apt-get -y update && \
DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install chromium chromium-sandbox && \
apt-get -y autoremove && \
apt-get -y clean && \
rm -rf /var/lib/apt/lists/*
ARG MAJOR_VERSION=5.4
ARG ZBX_VERSION=${MAJOR_VERSION}
ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
ENV TERM=xterm ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES}
LABEL org.opencontainers.image.documentation="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \
org.opencontainers.image.version="${ZBX_VERSION}" \
org.opencontainers.image.source="${ZBX_SOURCES}"
RUN set -eux && \
apt-get -y update && \
DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \
autoconf \
automake \
make \
pkg-config \
git \
g++ \
golang && \
cd /tmp/ && \
git clone ${ZBX_SOURCES} --branch master --depth 1 --single-branch zabbix-${ZBX_VERSION} && \
cd /tmp/zabbix-${ZBX_VERSION} && \
zabbix_revision=`git rev-parse --short HEAD` && \
sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \
./bootstrap.sh && \
export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \
./configure \
--datadir=/usr/lib \
--libdir=/usr/lib/zabbix \
--prefix=/usr \
--sysconfdir=/etc/zabbix \
--prefix=/usr \
--enable-ipv6 \
--enable-webservice \
--silent && \
make -j"$(nproc)" -s && \
cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_web_service /usr/sbin/zabbix_web_service && \
cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_web_service.conf /etc/zabbix/zabbix_web_service.conf && \
cd /tmp/ && \
rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \
apt-get -y purge \
autoconf \
automake \
make \
pkg-config \
git \
g++ \
golang && \
chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \
chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \
apt-get -y autoremove && \
apt-get -y clean && \
rm -rf /var/lib/apt/lists/*
EXPOSE 10053/TCP
WORKDIR /var/lib/zabbix
COPY ["docker-entrypoint.sh", "/usr/bin/"]
ENTRYPOINT ["docker-entrypoint.sh"]
USER 1997
CMD ["/usr/sbin/zabbix_web_service", "-c", "/etc/zabbix/zabbix_web_service.conf"]

149
web-service/ubuntu/README.md Normal file
View File

@ -0,0 +1,149 @@
![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png)
# What is Zabbix?
Zabbix is an enterprise-class open source distributed monitoring solution.
Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning.
For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com
# What is Zabbix web service?
Zabbix web servce for performing various tasks using headless web browser (for example, reporting).
# Zabbix web service images
These are the only official Zabbix web service Docker images. They are based on Alpine Linux v3.13, Ubuntu 20.04 (focal) and CentOS 8 images. The available versions of Zabbix web service are:
Zabbix web service 5.4 (tags: alpine-trunk, ubuntu-trunk, centos-trunk)
Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux.
# How to use this image
## Start `zabbix-web-service`
Start a Zabbix web service container as follows:
docker run --name some-zabbix-web-service -e ZBX_ALLOWEDIP="some-zabbix-server" --cap-add=SYS_ADMIN -d zabbix/zabbix-web-service:tag
Where `some-zabbix-web-service` is the name you want to assign to your container, `some-zabbix-server` is IP or DNS name of Zabbix server and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-web-service/tags/).
## Connects from Zabbix server in other containers
This image exposes the standard Zabbix web service port (``10053``) to perform communication, so container linking makes Zabbix web service instance available to Zabbix server containers. Start your application container like this in order to link it to the Zabbix web service container:
```console
$ docker run --name some-zabbix-server --link some-zabbix-web-service:zabbix-web-service -e ZBX_STARTREPORTWRITERS="2" -e ZBX_WEBSERVICEURL="http://some-zabbix-web-service:10053/report" -d zabbix/zabbix-server:latest
```
## Container shell access and viewing Zabbix web service logs
The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-web-service` container:
```console
$ docker exec -ti some-zabbix-web-service /bin/bash
```
The Zabbix web service log is available through Docker's container log:
```console
$ docker logs some-zabbix-web-service
```
## Environment Variables
When you start the `zabbix-web-service` image, you can adjust the configuration of the Zabbix web service by passing one or more environment variables on the `docker run` command line.
### `ZBX_ALLOWEDIP`
This variable is IP or DNS name or list of IP / DNS names of Zabbix server. By default, value is `zabbix-server`.
### `ZBX_LISTENPORT`
Listen port for incoming request. By default, value is `10053`.
### `ZBX_DEBUGLEVEL`
The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_web_service.conf``. Allowed values are listed below:
- ``0`` - basic information about starting and stopping of Zabbix processes;
- ``1`` - critical information
- ``2`` - error information
- ``3`` - warnings
- ``4`` - for debugging (produces lots of information)
- ``5`` - extended debugging (produces even more information)
### `ZBX_TIMEOUT`
The variable is used to specify timeout for processing requests. By default, value is ``3``.
### Other variables
Additionally the image allows to specify many other environment variables listed below:
```
ZBX_TLSACCEPT=unencrypted
ZBX_TLSCAFILE=
ZBX_TLSCERTFILE=
ZBX_TLSKEYFILE=
```
Default values of these variables are specified after equal sign.
Please use official documentation for [``zabbix_web_service.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_web_service) to get more information about the variables.
## Allowed volumes for the Zabbix web service container
### ``/var/lib/zabbix/enc``
The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCERTFILE`` and ``ZBX_TLSKEY_FILE`` variables.
# The image variants
The `zabbix-web-service` images come in many flavors, each designed for a specific use case.
## `zabbix-web-service:ubuntu-<version>`
This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of.
## `zabbix-web-service:alpine-<version>`
This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general.
This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images.
To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar).
# Supported Docker versions
This image is officially supported on Docker version 1.12.0.
Support for older versions (down to 1.6) is provided on a best-effort basis.
Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon.
# User Feedback
## Documentation
Documentation for this image is stored in the [`web-service/` directory](https://github.com/zabbix/zabbix-docker/tree/5.4/web-service) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request.
## Issues
If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues).
### Known issues
Zabbix web services uses Google Chromium with headless mode. Because of restrictions you may see the following error during report generation:
```
Failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted
```
To avoid the issue it is required to add ``SYS_ADMIN`` capability for Zabbix web service. The capability is redundant and allow too much.
## Contributing
You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.
Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.

1
web-service/ubuntu/build.sh Symbolic link
View File

@ -0,0 +1 @@
../../build.sh

14
web-service/ubuntu/conf/etc/apt/preferences.d/chromium.pref Normal file
View File

@ -0,0 +1,14 @@
# Note: 2 blank lines are required between entries
Package: *
Pin: release a=focal
Pin-Priority: 500
Package: *
Pin: origin "ftp.debian.org"
Pin-Priority: 300
# Pattern includes 'chromium', 'chromium-browser' and similarly
# named dependencies:
Package: chromium*
Pin: origin "ftp.debian.org"
Pin-Priority: 700

3
web-service/ubuntu/conf/etc/apt/sources.list.d/debian.list Normal file
View File

@ -0,0 +1,3 @@
deb http://deb.debian.org/debian buster main
deb http://deb.debian.org/debian buster-updates main
deb http://deb.debian.org/debian-security buster/updates main

139
web-service/ubuntu/docker-entrypoint.sh Executable file
View File

@ -0,0 +1,139 @@
#!/bin/bash
set -o pipefail
set +e
# Script trace mode
if [ "${DEBUG_MODE,,}" == "true" ]; then
set -o xtrace
fi
# Default directories
# User 'zabbix' home directory
ZABBIX_USER_HOME_DIR="/var/lib/zabbix"
# Configuration files directory
ZABBIX_ETC_DIR="/etc/zabbix"
escape_spec_char() {
local var_value=$1
var_value="${var_value//\\/\\\\}"
var_value="${var_value//[$'\n']/}"
var_value="${var_value//\//\\/}"
var_value="${var_value//./\\.}"
var_value="${var_value//\*/\\*}"
var_value="${var_value//^/\\^}"
var_value="${var_value//\$/\\\$}"
var_value="${var_value//\&/\\\&}"
var_value="${var_value//\[/\\[}"
var_value="${var_value//\]/\\]}"
echo "$var_value"
}
update_config_var() {
local config_path=$1
local var_name=$2
local var_value=$3
local is_multiple=$4
if [ ! -f "$config_path" ]; then
echo "**** Configuration file '$config_path' does not exist"
return
fi
echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..."
# Remove configuration parameter definition in case of unset parameter value
if [ -z "$var_value" ]; then
sed -i -e "/^$var_name=/d" "$config_path"
echo "removed"
return
fi
# Remove value from configuration parameter in case of double quoted parameter value
if [ "$var_value" == '""' ]; then
sed -i -e "/^$var_name=/s/=.*/=/" "$config_path"
echo "undefined"
return
fi
# Use full path to a file for TLS related configuration parameters
if [[ $var_name =~ ^TLS.*File$ ]]; then
var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value
fi
# Escaping characters in parameter value and name
var_value=$(escape_spec_char "$var_value")
var_name=$(escape_spec_char "$var_name")
if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then
sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path"
echo "updated"
elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then
sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path"
echo "added first occurrence"
elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then
sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path"
echo "added"
else
sed -i -e '$a\' -e "$var_name=$var_value" "$config_path"
echo "added at the end"
fi
}
update_config_multiple_var() {
local config_path=$1
local var_name=$2
local var_value=$3
var_value="${var_value%\"}"
var_value="${var_value#\"}"
local IFS=,
local OPT_LIST=($var_value)
for value in "${OPT_LIST[@]}"; do
update_config_var $config_path $var_name $value true
done
}
prepare_zbx_web_service_config() {
echo "** Preparing Zabbix web service configuration file"
ZBX_WEB_SERVICE_CONFIG=$ZABBIX_ETC_DIR/zabbix_web_service.conf
update_config_var $ZBX_WEB_SERVICE_CONFIG "LogType" "console"
update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFile"
update_config_var $ZBX_WEB_SERVICE_CONFIG "LogFileSize"
update_config_var $ZBX_WEB_SERVICE_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}"
: ${ZBX_ALLOWEDIP:="zabbix-server"}
update_config_var $ZBX_WEB_SERVICE_CONFIG "AllowedIP" "${ZBX_ALLOWEDIP}"
update_config_var $ZBX_WEB_SERVICE_CONFIG "ListenPort" "${ZBX_LISTENPORT}"
update_config_var $ZBX_WEB_SERVICE_CONFIG "Timeout" "${ZBX_TIMEOUT}"
update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}"
update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}"
update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}"
update_config_var $ZBX_WEB_SERVICE_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}"
}
prepare_web_service() {
echo "** Preparing Zabbix web service"
prepare_zbx_web_service_config
}
#################################################
if [ "$1" == '/usr/sbin/zabbix_web_service' ]; then
prepare_web_service
fi
exec "$@"
#################################################

13
web-service/ubuntu/hooks/build Executable file
View File

@ -0,0 +1,13 @@
#!/bin/bash
#
# Additional information: https://docs.docker.com/docker-cloud/builds/advanced/
#
MAJOR_VERSION=$(cat Dockerfile | grep "ARG MAJOR_VERSION" | cut -f2 -d"=")
MINOR_VERSION=$(cat Dockerfile | grep "ARG ZBX_VERSION" | cut -f2 -d".")
VCS_REF=$MAJOR_VERSION.$MINOR_VERSION
BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
echo "$BUILD_DATE - Building $VCS_REF version..."
docker build --build-arg VCS_REF="$VCS_REF" --build-arg BUILD_DATE="$BUILD_DATE" -t $IMAGE_NAME .