Any issues with including NetData on the root server and as an app add-on?
-
@imc67 Good questions. I think for @girish and @nebulon . I've only used it very occasionally, but not had any issues from it on a production server.
TBH I think it's a great feature addition, and helps make Cloudron more appealing to enterprise system admins.
Perhaps it could be presented in an iFrame in the Cloudron Dashboard, too, for a sort of integrated experience for the prosumer users.
-
As FOSS goes, this is exceptionally fortunate for the world to have available. I like their ethics, too:
-
I looked into this a bit. The installation adds a custom apt repo and sets up automatic update stuff and installs a few other things. In general, it probably doesn't break anything but I find it hard to gauge what it could potentially break. My understanding is this is similar to DigitalOcean's and AWS monitoring tools (which are optionally installed on the server) to provide dashboards. We have not heard of people facing issues when they install the tools.
I think the best approach here is to deal with issues as they appear @imc67 . What do you think? I can't think of any better way. We can't possibly track netdata releases or their installer code to understand what all changes are happening.
-
@girish I think the utility being sought here is Application/Service level resource usage data, as opposed to the overall general CPU/RAM that host monitoring presents. As in, when something is hogging resources, it can be identified, same for when something is allocated more than it needs.
-
Using the install script is not even necessary, as netdata can just as well be run as a container itself. So a simple
docker-compose.yaml
with the following is enough:version: '3' services: netdata: image: netdata/netdata container_name: netdata pid: host network_mode: host restart: unless-stopped cap_add: - SYS_PTRACE - SYS_ADMIN security_opt: - apparmor:unconfined volumes: - ./netdataconfig/netdata:/etc/netdata - netdatalib:/var/lib/netdata - netdatacache:/var/cache/netdata - /etc/passwd:/host/etc/passwd:ro - /etc/group:/host/etc/group:ro - /proc:/host/proc:ro - /sys:/host/sys:ro - /etc/os-release:/host/etc/os-release:ro #- /var/run/docker.sock:/var/run/docker.sock:ro environment: - DOCKER_HOST=127.0.0.1:2375 cetusguard: image: hectorm/cetusguard:v1 network_mode: host read_only: true volumes: - /var/run/docker.sock:/var/run/docker.sock:ro environment: CETUSGUARD_BACKEND_ADDR: unix:///var/run/docker.sock CETUSGUARD_FRONTEND_ADDR: tcp://:2375 CETUSGUARD_RULES: | ! Inspect a container GET %API_PREFIX_CONTAINERS%/%CONTAINER_ID_OR_NAME%/json volumes: netdatalib: netdatacache:
Afterwards one can just create an app proxy to
http://127.0.0.1:19999
and netdata can be "publicly" reached.The above
docker-compose.yaml
actually comes from the netdata documentation. -
For Netdata to work well, it has to run like it runs on the host itself i.e without a sandbox. If you see https://learn.netdata.cloud/docs/installing/docker#recommended-way or the compose file @fbartels posted, it is giving access to proc, etc, sys of the host and docker access. This is security risk (or not) depending on whether you trust netdata. Cloudron apps don't have access to any of these things.
-
@fbartels said in Any issues with including NetData on the root server and as an app add-on?:
Afterwards one can just create an app proxy to http://127.0.0.1:19999 and netdata can be "publicly" reached.
I just installed Netdata (stable) on another Cloudron production server. Installation went well, connection to Netdata cloud dashboard went well and indeed as @fbartels wrote, the "app proxy" works also to have a local only view!
Perfect!
-
@imc67 I understood, that installing netdata via the Kickstart command is not a bad thing to do?
https://learn.netdata.cloud/docs/installing/one-line-installer-for-all-linux-systems
ofc, taking into account, that messing with the system like that deviates from what is suggested for obvious reasons by Cloudron and is in my responsibility.
-
Looks like we got our first support ticket related to installing netdata. I have not verified this but it seems that installing netdata installs the nodejs package which ends up downgrading nodejs to v12 . This in turn prevents Cloudron from starting up.
It's better to install netdata via Docker, atleast it would prevent the above issue.
-
Uhoh how do we check the version? And how to install it via Docker?
Netdata is extremely useful and needed like having a live dashboard in your car. Without its hard to drive
-
@imc67 said in Any issues with including NetData on the root server and as an app add-on?:
Uhoh how do we check the version?
I just found out: node -v on the command line.
On my 3 Cloudron's it says v18.16.0
Is that OK @girish ?