monit setup for docker daemon and containers
Explore the docs »
Report Bug
·
Request Feature
monitor your docker daemon and containers that are running inside a single host (VPS) using monit (will be running in
the host machine)
- Installation
- Configuration
- Monit Docker
- Monit docker containers
- M/Monit alternative
- Contributing
- License
Table of contents generated with markdown-toc
- Install monit:
# Install monit in the host machine
apt update && apt install monit
# chage permissions
cd /etc/monit/
chmod 700 /etc/monit/monitrc
# restart
systemctl restart monit
- Enable monit:
systemctl enable monit
monit -V
curl -I http://localhost:2812/
get services status:
monit status
Edit /etc/monit/monitrc using vi or nano:
nano /etc/monit/monitrc
- Add the following lines:
set daemon 120 # check every 120 seconds
with start delay 240 # delay first check
set log /var/log/monit.log
set idfile /var/lib/monit/id
set statefile /var/lib/monit/state
set eventqueue
basedir /var/lib/monit/events # set the base directory where events will be stored
slots 100 # optionally limit the queue size
add the following lines:
set mailserver <SMTP_HOST> port <SMTP_PORT>
username "<SMTP_USERNAME>" password "<SMTP_PASSWORD>"
using tls
with timeout 60 seconds
Example:
set mailserver smtp-relay.sendinblue.com port 587
username "<SMTP_USERNAME>" password "<SMTP_PASSWORD>"
using tls
with timeout 60 seconds
set mail-format { from: <FROM_EMAIL> }
set alert <RECEIVER_EMAIL> not on { instance, action } # Do not alert when Monit starts, stops or performs a user initiated action.
The collector is responsible for receiving the data from monit, and storing it in a database. We need to specify the collector to use by adding the following lines:
set mmonit <WEB_HOOK_URL>
with timeout 30 seconds # Default timeout is 5 seconds
and register without credentials # Don't send monit credentials (needed only if used with M/Monit)
the WEB_HOOK_URL should be a valid URL that will receive POST data from monit (example M/Monit collector).
WEB_HOOK_URL example:
https://<HOST>/webhook/monitcollector/collector
# or with activated Basic Auth
https://<BASIC_AUTH_USERNAME>:<BASIC_AUTH_PASSWORD>@<HOST>/webhook/monitcollector/collector
add the following lines to enable Monit http UI:
set httpd port 2812 and
use address localhost # only accept connection from localhost (drop if you use M/Monit or if you want to expose the UI to the public)
allow <MONIT_USER>:<MONIT_PASSWORD> # require user 'admin' with password 'monit'
The UI can be accessed at http://localhost:2812/ or exposed to the public using a reverse proxy (Nginx, Caddy,
traefik, Apache, etc).
You can use qoomon/docker-host to expose the UI to the public while using jwilder/nginx-proxy.
run the following command to check the UI setup:
curl -I http://localhost:2812/
add the following lines:
include /etc/monit/conf.d/*
include /etc/monit/conf-enabled/*
this step is required to enable monit to monitor the services since the configuration is not included in the monitrc file.
To monitor the docker daemon and containers, you need to copy conf.d and scripts folders from the monit-docker
to /etc/monit/conf.d and /etc/monit/scripts folders. It also includes monitoring for the host resources (Memory,
CPU, Disk, etc) with alerts.
Edit the configurations /etc/monit/conf.d and the scripts /etc/monit/scripts for more customization.
/etc/monit/conf.d/docker.conf # docker monitoring
/etc/monit/conf.d/fs.conf # filesystem monitoring (DISK)
/etc/monit/conf.d/host.conf # host monitoring (CPU, Memory)
and the scripts:
/etc/monit/scripts/check_docker.sh # check docker status
add a new script to /etc/monit/scripts folder named check_docker-container_<CONTAINER_NAME>.sh:
#! /bin/bash
docker top "<CONTAINER_NAME>"
exit $?
add a config file to /etc/monit/conf.d folder named docker-container_<CONTAINER_NAME>.conf:
CHECK PROGRAM <CONTAINER_NAME> WITH PATH /etc/monit/scripts/check_docker-container_<CONTAINER_NAME>.sh
START PROGRAM = "/usr/bin/docker start <CONTAINER_NAME>"
STOP PROGRAM = "/usr/bin/docker stop <CONTAINER_NAME>"
IF status != 0 FOR 3 CYCLES THEN RESTART
IF 2 RESTARTS WITHIN 5 CYCLES THEN UNMONITOR
or using docker-compose:
CHECK PROGRAM <CONTAINER_NAME> WITH PATH /etc/monit/scripts/check_docker-container_<CONTAINER_NAME>.sh
START PROGRAM = "cd <DOCKER_COMPOSE_PARENT_DIR> && /usr/local/bin/docker-compose up -d"
STOP PROGRAM = "cd <DOCKER_COMPOSE_PARENT_DIR> && /usr/local/bin/docker-compose down"
IF status != 0 FOR 3 CYCLES THEN RESTART
IF 2 RESTARTS WITHIN 5 CYCLES THEN UNMONITOR
make suer that your container has the name <CONTAINER_NAME>
Usually we use the solution M/Monit in order to monitor multiple hosts.
If we want to have a free solution, we can use a custom collector that will receive monit data and store it in a
database (InfluxDB, timescaleDB, MongoDB or any db).
The collector is a webhook that will listen for monit events (POST requests), parse the data and store it.
Once stored, the data can be displayed in a web UI or using Grafana, Kibana, Prometheus, etc.
We can use this technique to monitor a single host or a cluster of hosts (single or multiple monit).
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!
- Fork the Project Create your Feature Branch (git checkout -b feature/AmazingFeature)
- Commit your Changes (git commit -m 'Add some AmazingFeature')
- Push to the Branch (git push origin feature/AmazingFeature)
- Open a Pull Request
Distributed under the MIT License. See LICENSE for more information.
Nask - @naskdev - [email protected]
Project Link: https://github.com/naskio/monit-docker