zabbix-docker/compose_zabbix_components.yaml
2024-09-20 01:26:55 +09:00

546 lines
13 KiB
YAML

services:
server:
ports:
- name: zabbix-trapper
target: 10051
published: "${ZABBIX_SERVER_PORT}"
protocol: tcp
app_protocol: zabbix-trapper
restart: "${RESTART_POLICY}"
attach: true
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DATA_DIRECTORY}/usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts:ro
- ${DATA_DIRECTORY}/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro
- ${DATA_DIRECTORY}/var/lib/zabbix/dbscripts:/var/lib/zabbix/dbscripts:ro
- ${DATA_DIRECTORY}/var/lib/zabbix/export:/var/lib/zabbix/export:rw
- ${DATA_DIRECTORY}/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro
- ${DATA_DIRECTORY}/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro
- ${DATA_DIRECTORY}/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro
- ${DATA_DIRECTORY}/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro
- snmptraps:/var/lib/zabbix/snmptraps:roz
tmpfs: /tmp
ulimits:
nproc: 65535
nofile:
soft: 20000
hard: 40000
deploy:
resources:
limits:
cpus: '0.70'
memory: 1G
reservations:
cpus: '0.5'
memory: 512M
env_file:
- ${ENV_VARS_DIRECTORY}/.env_srv
- path: ${ENV_VARS_DIRECTORY}/.env_srv_override
required: false
networks:
database:
aliases:
- zabbix-server
backend:
aliases:
- zabbix-server
frontend:
# devices:
# - "/dev/ttyUSB0:/dev/ttyUSB0"
stop_grace_period: 30s
# cap_add:
# - "NET_RAW"
sysctls:
- net.ipv4.ip_local_port_range=1024 64999
- net.ipv4.conf.all.accept_redirects=0
- net.ipv4.conf.all.secure_redirects=0
- net.ipv4.conf.all.send_redirects=0
# - net.ipv4.ping_group_range=0 1995
labels:
com.zabbix.company: "Zabbix LLC"
com.zabbix.component: "zabbix-server"
server-mysql:
extends:
service: server
# volumes:
# - dbsocket:/var/run/mysqld/
env_file:
- ${ENV_VARS_DIRECTORY}/.env_db_mysql
secrets:
- MYSQL_USER
- MYSQL_PASSWORD
# - client-key.pem
# - client-cert.pem
# - root-ca.pem
networks:
backend:
aliases:
- zabbix-server-mysql
labels:
com.zabbix.description: "Zabbix server with MySQL database support"
com.zabbix.dbtype: "mysql"
server-pgsql:
extends:
service: server
# volumes:
# - ${ENV_VARS_DIRECTORY}/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro
# - ${ENV_VARS_DIRECTORY}/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro
# - ${ENV_VARS_DIRECTORY}/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro
env_file:
- ${ENV_VARS_DIRECTORY}/.env_db_pgsql
secrets:
- POSTGRES_USER
- POSTGRES_PASSWORD
networks:
backend:
aliases:
- zabbix-server-pgsql
labels:
com.zabbix.description: "Zabbix server with PostgreSQL database support"
com.zabbix.dbtype: "pgsql"
proxy:
profiles:
- all
restart: "${RESTART_POLICY}"
attach: false
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DATA_DIRECTORY}/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro
- ${DATA_DIRECTORY}/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro
- ${DATA_DIRECTORY}/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro
- ${DATA_DIRECTORY}/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro
- ${DATA_DIRECTORY}/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro
- snmptraps:/var/lib/zabbix/snmptraps:ro
tmpfs: /tmp
ulimits:
nproc: 65535
nofile:
soft: 20000
hard: 40000
deploy:
resources:
limits:
cpus: '0.70'
memory: 512M
reservations:
cpus: '0.3'
memory: 256M
env_file:
- ${ENV_VARS_DIRECTORY}/.env_prx
networks:
backend:
frontend:
stop_grace_period: 30s
# cap_add:
# - "NET_RAW"
sysctls:
- net.ipv4.ip_local_port_range=1024 64999
- net.ipv4.conf.all.accept_redirects=0
- net.ipv4.conf.all.secure_redirects=0
- net.ipv4.conf.all.send_redirects=0
# - net.ipv4.ping_group_range=0 1995
labels:
com.zabbix.company: "Zabbix LLC"
com.zabbix.component: "zabbix-proxy"
proxy-sqlite3:
extends:
service: proxy
ports:
- name: zabbix-trapper
target: 10051
published: "${ZABBIX_PROXY_SQLITE3_PORT}"
protocol: tcp
app_protocol: zabbix-trapper
env_file:
- ${ENV_VARS_DIRECTORY}/.env_prx_sqlite3
- path: ${ENV_VARS_DIRECTORY}/.env_prx_sqlite3_override
required: false
networks:
backend:
aliases:
- zabbix-proxy-sqlite3
labels:
com.zabbix.description: "Zabbix proxy with SQLite3 database support"
com.zabbix.dbtype: "sqlite3"
proxy-mysql:
extends:
service: proxy
ports:
- name: zabbix-trapper
target: 10051
published: "${ZABBIX_PROXY_MYSQL_PORT}"
protocol: tcp
app_protocol: zabbix-trapper
# volumes:
# - dbsocket:/var/run/mysqld/
env_file:
- ${ENV_VARS_DIRECTORY}/.env_db_mysql_proxy
- ${ENV_VARS_DIRECTORY}/.env_prx_mysql
- path: ${ENV_VARS_DIRECTORY}/.env_prx_mysql_override
required: false
secrets:
- MYSQL_USER
- MYSQL_PASSWORD
# - client-key.pem
# - client-cert.pem
# - root-ca.pem
networks:
database:
aliases:
- zabbix-proxy-mysql
backend:
aliases:
- zabbix-proxy-mysql
labels:
com.zabbix.description: "Zabbix proxy with MySQL database support"
com.zabbix.dbtype: "mysql"
web-apache:
profiles:
- all
ports:
- name: web-http
target: 8080
published: "${ZABBIX_WEB_APACHE_HTTP_PORT}"
protocol: tcp
app_protocol: http
- name: web-https
target: 8443
published: "${ZABBIX_WEB_APACHE_HTTPS_PORT}"
protocol: tcp
app_protocol: https
restart: "${RESTART_POLICY}"
attach: false
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DATA_DIRECTORY}/etc/ssl/apache2:/etc/ssl/apache2:ro
- ${DATA_DIRECTORY}/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro
tmpfs: /tmp
deploy:
resources:
limits:
cpus: '0.70'
memory: 512M
reservations:
cpus: '0.5'
memory: 256M
env_file:
- ${ENV_VARS_DIRECTORY}/.env_web
- path: ${ENV_VARS_DIRECTORY}/.env_web_override
required: false
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080/"]
interval: 10s
timeout: 5s
retries: 3
start_period: 30s
networks:
database:
backend:
frontend:
stop_grace_period: 10s
sysctls:
- net.core.somaxconn=65535
labels:
com.zabbix.company: "Zabbix LLC"
com.zabbix.component: "zabbix-frontend"
com.zabbix.webserver: "apache2"
web-apache-mysql:
extends:
service: web-apache
# volumes:
# - dbsocket:/var/run/mysqld/
env_file:
- ${ENV_VARS_DIRECTORY}/.env_db_mysql
secrets:
- MYSQL_USER
- MYSQL_PASSWORD
# - client-key.pem
# - client-cert.pem
# - root-ca.pem
labels:
com.zabbix.description: "Zabbix frontend on Apache web-server with MySQL database support"
com.zabbix.dbtype: "mysql"
web-apache-pgsql:
extends:
service: web-apache
# volumes:
# - ${ENV_VARS_DIRECTORY}/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro
# - ${ENV_VARS_DIRECTORY}/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro
# - ${ENV_VARS_DIRECTORY}/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro
env_file:
- ${ENV_VARS_DIRECTORY}/.env_db_pgsql
secrets:
- POSTGRES_USER
- POSTGRES_PASSWORD
networks:
backend:
aliases:
- zabbix-web-apache-pgsql
labels:
com.zabbix.description: "Zabbix frontend on Apache web-server with PostgreSQL database support"
com.zabbix.dbtype: "pgsql"
web-nginx:
ports:
- name: web-http
target: 8080
published: "${ZABBIX_WEB_NGINX_HTTP_PORT}"
protocol: tcp
app_protocol: http
- name: web-https
target: 8443
published: "${ZABBIX_WEB_NGINX_HTTPS_PORT}"
protocol: tcp
app_protocol: https
restart: "${RESTART_POLICY}"
attach: false
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DATA_DIRECTORY}/etc/ssl/nginx:/etc/ssl/nginx:ro
- ${DATA_DIRECTORY}/usr/share/zabbix/modules/:/usr/share/zabbix/modules/:ro
tmpfs: /tmp
deploy:
resources:
limits:
cpus: '0.70'
memory: 512M
reservations:
cpus: '0.5'
memory: 256M
env_file:
- ${ENV_VARS_DIRECTORY}/.env_web
- path: ${ENV_VARS_DIRECTORY}/.env_web_override
required: false
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080/ping"]
interval: 10s
timeout: 5s
retries: 3
start_period: 30s
networks:
database:
backend:
frontend:
stop_grace_period: 10s
sysctls:
- net.core.somaxconn=65535
labels:
com.zabbix.company: "Zabbix LLC"
com.zabbix.component: "zabbix-frontend"
com.zabbix.webserver: "nginx"
web-nginx-mysql:
extends:
service: web-nginx
# volumes:
# - dbsocket:/var/run/mysqld/
env_file:
- ${ENV_VARS_DIRECTORY}/.env_db_mysql
secrets:
- MYSQL_USER
- MYSQL_PASSWORD
# - client-key.pem
# - client-cert.pem
# - root-ca.pem
networks:
backend:
aliases:
- zabbix-web-nginx-mysql
labels:
com.zabbix.description: "Zabbix frontend on Nginx web-server with MySQL database support"
com.zabbix.dbtype: "mysql"
web-nginx-pgsql:
extends:
service: web-nginx
# volumes:
# - ${ENV_VARS_DIRECTORY}/.ZBX_DB_CA_FILE:/run/secrets/root-ca.pem:ro
# - ${ENV_VARS_DIRECTORY}/.ZBX_DB_CERT_FILE:/run/secrets/client-cert.pem:ro
# - ${ENV_VARS_DIRECTORY}/.ZBX_DB_KEY_FILE:/run/secrets/client-key.pem:ro
env_file:
- ${ENV_VARS_DIRECTORY}/.env_db_pgsql
secrets:
- POSTGRES_USER
- POSTGRES_PASSWORD
networks:
backend:
aliases:
- zabbix-web-nginx-pgsql
labels:
com.zabbix.description: "Zabbix frontend on Nginx web-server with PostgreSQL database support"
com.zabbix.dbtype: "pgsql"
agent:
profiles:
- full
- all
ports:
- name: zabbix-agent
target: 10050
published: "${ZABBIX_AGENT_PORT}"
protocol: tcp
app_protocol: zabbix-agent
restart: "${RESTART_POLICY}"
attach: false
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DATA_DIRECTORY}/etc/zabbix/zabbix_agentd.d:/etc/zabbix/zabbix_agentd.d:ro
- ${DATA_DIRECTORY}/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro
- ${DATA_DIRECTORY}/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro
- ${DATA_DIRECTORY}/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro
tmpfs: /tmp
deploy:
resources:
limits:
cpus: '0.2'
memory: 128M
reservations:
cpus: '0.1'
memory: 64M
mode: global
env_file:
- ${ENV_VARS_DIRECTORY}/.env_agent
- path: ${ENV_VARS_DIRECTORY}/.env_agent_override
required: false
privileged: true
pid: "host"
networks:
backend:
aliases:
- zabbix-agent
- zabbix-agent-passive
stop_grace_period: 5s
labels:
com.zabbix.description: "Zabbix agent"
com.zabbix.company: "Zabbix LLC"
com.zabbix.component: "zabbix-agentd"
agent2:
profiles:
- full
- all
ports:
- name: zabbix-agent
target: 10050
published: "${ZABBIX_AGENT2_PORT}"
protocol: tcp
app_protocol: zabbix-agent
restart: "${RESTART_POLICY}"
attach: false
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DATA_DIRECTORY}/etc/zabbix/zabbix_agentd.d:/etc/zabbix/zabbix_agentd.d:ro
- ${DATA_DIRECTORY}/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro
- ${DATA_DIRECTORY}/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro
- ${DATA_DIRECTORY}/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro
tmpfs: /tmp
deploy:
resources:
limits:
cpus: '0.2'
memory: 128M
reservations:
cpus: '0.1'
memory: 64M
mode: global
env_file:
- ${ENV_VARS_DIRECTORY}/.env_agent
- path: ${ENV_VARS_DIRECTORY}/.env_agent_override
required: false
privileged: true
pid: "host"
networks:
backend:
aliases:
- zabbix-agent
- zabbix-agent-passive
stop_grace_period: 5s
labels:
com.zabbix.description: "Zabbix agent 2"
com.zabbix.company: "Zabbix LLC"
com.zabbix.component: "zabbix-agent2"
java-gateway:
profiles:
- full
- all
ports:
- name: zabbix-java-gw
target: 10052
published: "${ZABBIX_JAVA_GATEWAY_PORT}"
protocol: tcp
restart: "${RESTART_POLICY}"
attach: false
deploy:
resources:
limits:
cpus: '0.5'
memory: 512M
reservations:
cpus: '0.25'
memory: 256M
env_file:
- ${ENV_VARS_DIRECTORY}/.env_java
- path: ${ENV_VARS_DIRECTORY}/.env_java_override
required: false
networks:
backend:
aliases:
- zabbix-java-gateway
frontend:
stop_grace_period: 5s
labels:
com.zabbix.description: "Zabbix Java Gateway"
com.zabbix.company: "Zabbix LLC"
com.zabbix.component: "java-gateway"
snmptraps:
# Override snmptrapd command arguments to receive SNMP traps by DNS
# It must be done with ZBX_SNMP_TRAP_USE_DNS=true environment variable
# command: /usr/sbin/snmptrapd -t -X -C -c /etc/snmp/snmptrapd.conf -Lo -A --doNotFork=yes --agentuser=zabbix --agentgroup=zabbix
profiles:
- full
- all
ports:
- name: snmptrap
target: 1162
published: "${ZABBIX_SNMPTRAPS_PORT}"
protocol: udp
app_protocol: snmptrap
restart: "${RESTART_POLICY}"
attach: false
read_only: true
volumes:
- snmptraps:/var/lib/zabbix/snmptraps:rwz
tmpfs: /tmp
deploy:
resources:
limits:
cpus: '0.5'
memory: 256M
reservations:
cpus: '0.25'
memory: 128M
env_file:
- ${ENV_VARS_DIRECTORY}/.env_snmptraps
- path: ${ENV_VARS_DIRECTORY}/.env_snmptraps_override
required: false
networks:
frontend:
aliases:
- zabbix-snmptraps
backend:
stop_grace_period: 5s
labels:
com.zabbix.description: "Zabbix snmptraps"
com.zabbix.company: "Zabbix LLC"
com.zabbix.component: "snmptraps"