docker swarm

docker-swarm/monitor/README

@@ -0,0 +1,19 @@
+
+env $(cat ./env_prod | xargs) envsubst < ./docker-stack.yml | docker stack deploy --compose-file - monitor
+
+docker stack deploy --compose-file docker-compose.yml monitor   --with-registry-auth
+
+
+docker run \
+    -p 9090:9090 \
+    -v /opt/support/prometheus.yml:/etc/prometheus/prometheus.yml \
+    prom/prometheus:v2.52.0
+
+docker service create --name cadvisor -l prometheus-job=cadvisor \
+    --mode=global --publish target=8080,mode=host \
+    --mount type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock,ro \
+    --mount type=bind,src=/,dst=/rootfs,ro \
+    --mount type=bind,src=/var/run,dst=/var/run \
+    --mount type=bind,src=/sys,dst=/sys,ro \
+    --mount type=bind,src=/var/lib/docker,dst=/var/lib/docker,ro \
+    spcodes/cadvisor:v0.49.1 -docker_only

docker-swarm/monitor/docker-compose.yml

@@ -0,0 +1,70 @@
+version: '3.8'
+ 
+services:
+  prometheus:
+    image: prom/prometheus:v2.52.0
+    ports:
+      - "9090:9090"
+    configs:
+      - source: prometheus_conf
+        target: /etc/prometheus/prometheus.yml
+    command:
+      - --config.file=/etc/prometheus/prometheus.yml
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    deploy:
+      mode: replicated
+      placement:
+        constraints: [node.hostname == ZD-CRM2]
+      replicas: 1
+ 
+  # alertmanager:
+  #   image: prom/alertmanager:v0.27.0
+  #   ports:
+  #     - "9093:9093"
+  #   volumes:
+  #     - ./alertmanager.yml:/etc/alertmanager/alertmanager.yml
+  #   command:
+  #     - --config.file=/etc/alertmanager/alertmanager.yml
+  #   deploy:
+  #     mode: replicated
+  #     replicas: 1
+ 
+  # node-exporter:
+  #   image: prom/node-exporter:v1.8.1
+  #   volumes:
+  #     - /proc:/host/proc:ro
+  #     - /sys:/host/sys:ro
+  #     - /:/rootfs:ro
+  #   deploy:
+  #     mode: global
+  #     placement:
+  #       constraints: [node.role == manager]
+  cadvisor:
+    image: spcodes/cadvisor:v0.49.1
+    ports:
+      - 8180:8080
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - /:/rootfs:ro
+      - /var/run:/var/run:rw
+      - /sys:/sys:ro
+      - /var/lib/docker/:/var/lib/docker:ro
+    deploy:
+      mode: global
+  grafana:
+    image: grafana/grafana:11.0.0
+    ports:
+      - 23000:3000
+    volumes:
+      - /opt/data/grafana/:/var/lib/grafana:ro
+    deploy:
+      mode: replicated
+      placement:
+        constraints: [node.hostname == ZD-CRM2]
+      replicas: 1
+configs:
+  prometheus_conf:
+#    file: ./prometheus.yml
+     external: true
+     name: monitor_prometheus_conf_v2

docker-swarm/monitor/docker-stack.yml

@@ -0,0 +1,125 @@
+version: "3.8"
+
+services:
+  grafana:
+    image: portainer/template-swarm-monitoring:grafana-9.5.2
+    ports:
+      - target: 3000
+        published: 3000
+        protocol: tcp
+        mode: ingress
+    deploy:
+      replicas: 1
+      restart_policy:
+        condition: on-failure
+      placement:
+        constraints:
+          - node.role == manager
+          - node.labels.monitoring == true
+    volumes:
+      - type: volume
+        source: grafana-data
+        target: /var/lib/grafana
+    environment:
+      - GF_SECURITY_ADMIN_USER=${GRAFANA_USER}
+      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
+      - GF_USERS_ALLOW_SIGN_UP=false
+    networks:
+      - net    
+
+  prometheus:
+    image: portainer/template-swarm-monitoring:prometheus-v2.44.0
+    command:
+      - '--config.file=/etc/prometheus/prometheus.yml'
+      - '--log.level=error'
+      - '--storage.tsdb.path=/prometheus'
+      - '--storage.tsdb.retention.time=7d'
+    deploy:
+      replicas: 1
+      restart_policy:
+        condition: on-failure
+      placement:
+        constraints:
+          - node.role == manager
+          - node.labels.monitoring == true
+    volumes:
+      - type: volume
+        source: prometheus-data
+        target: /prometheus
+    networks:
+      - net
+
+  cadvisor:
+    image: spcodes/cadvisor:v0.49.1
+    command: -logtostderr -docker_only
+    deploy:
+      mode: global
+      resources:
+        limits:
+          memory: 128M
+        reservations:
+          memory: 64M
+    volumes:
+      - type: bind
+        source: /
+        target: /rootfs
+        read_only: true
+      - type: bind
+        source: /var/run
+        target: /var/run
+        read_only: true
+      - type: bind
+        source: /sys
+        target: /sys
+        read_only: true
+      - type: bind
+        source: /var/lib/docker
+        target: /var/lib/docker
+        read_only: true
+      - type: bind
+        source: /dev/disk
+        target: /dev/disk
+        read_only: true                        
+    networks:
+      - net
+
+  node-exporter:
+    image: prom/node-exporter:v1.5.0
+    command:
+      - '--path.sysfs=/host/sys'
+      - '--path.procfs=/host/proc'
+      - '--collector.filesystem.ignored-mount-points=^/(sys|proc|dev|host|etc)($$|/)'
+      - '--no-collector.ipvs'
+    deploy:
+      mode: global
+      resources:
+        limits:
+          memory: 128M
+        reservations:
+          memory: 64M
+    volumes:
+      - type: bind
+        source: /
+        target: /rootfs
+        read_only: true
+      - type: bind
+        source: /proc
+        target: /host/proc
+        read_only: true
+      - type: bind
+        source: /sys
+        target: /host/sys
+        read_only: true
+    networks:
+      - net
+
+volumes:
+  grafana-data:
+  prometheus-data:
+
+networks:
+  net:
+    driver: overlay
+
+
+

docker-swarm/monitor/prometheus.yml

@@ -0,0 +1,30 @@
+scrape_configs:
+  # Make Prometheus scrape itself for metrics.
+  - job_name: 'prometheus'
+    static_configs:
+    - targets: ['localhost:9090']
+
+  # Create a job for Docker Swarm containers.
+  - job_name: 'dockerswarm'
+    dockerswarm_sd_configs:
+      - host: unix:///var/run/docker.sock
+        role: nodes
+    relabel_configs:
+      # Fetch metrics on port 9323.
+      - source_labels: [__meta_dockerswarm_node_address]
+        target_label: __address__
+        replacement: $1:9323
+      # Set hostname as instance label
+      - source_labels: [__meta_dockerswarm_node_hostname]
+        target_label: instance
+      # Only keep containers that should be running.
+      - source_labels: [__meta_dockerswarm_task_desired_state]
+        regex: running
+        action: keep
+      # Only keep containers that have a `prometheus-job` label.
+      - source_labels: [__meta_dockerswarm_service_label_prometheus_job]
+        regex: .+
+        action: keep
+      # Use the prometheus-job Swarm label as Prometheus job label.
+      - source_labels: [__meta_dockerswarm_service_label_prometheus_job]
+        target_label: job