Skip to content
This repository has been archived by the owner on Sep 7, 2018. It is now read-only.

Image improvements #146

Merged
merged 18 commits into from
Apr 13, 2018
Merged

Image improvements #146

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
f99b597
First stab at a new docker image for Grafana.
xlson Mar 20, 2018
62edf50
Runs Grafana as the nobody user by default.
xlson Mar 20, 2018
7ac9c65
Log folder is owned by the default user.
xlson Mar 21, 2018
fbdd3cd
Updates docs.
xlson Mar 21, 2018
1b7cf82
Only the user running grafana can read aws credentials.
xlson Mar 22, 2018
b42f62f
Adds permission check when starting Grafana.
xlson Mar 22, 2018
3dd301d
Updated link to migration docs.
xlson Mar 23, 2018
ef9f232
Merge branch 'master' into image-improvements
xlson Mar 23, 2018
e2872ea
Switches back to running as grafana:grafana with a pinned id.
DanCech Mar 23, 2018
bdfc434
Changes in response to reviews.
xlson Mar 25, 2018
3796995
Limitied the amount of image layers.
xlson Mar 26, 2018
515cc79
Removes the last volume.
xlson Mar 26, 2018
db076d7
Supports running as any user.
xlson Mar 27, 2018
61f3782
Dockerfile for building custom images
DanCech Mar 29, 2018
dc7e754
Merge remote-tracking branch 'origin/master' into image-improvements
xlson Apr 3, 2018
766ad7d
Removes sqlite that was added by mistake.
xlson Apr 4, 2018
f5da2bf
Merge branch 'master' into image-improvements
xlson Apr 13, 2018
1710405
No args to build.sh builds latest Grafana master.
xlson Apr 13, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 29 additions & 15 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,24 +1,38 @@
FROM debian:jessie
FROM debian:stretch-slim

ARG DOWNLOAD_URL="https://s3-us-west-2.amazonaws.com/grafana-releases/master/grafana_latest_amd64.deb"
ARG GRAFANA_URL="https://s3-us-west-2.amazonaws.com/grafana-releases/master/grafana-latest.linux-x64.tar.gz"
ARG GF_UID="472"
ARG GF_GID="472"

RUN apt-get update && \
apt-get -y --no-install-recommends install libfontconfig curl ca-certificates && \
apt-get clean && \
curl ${DOWNLOAD_URL} > /tmp/grafana.deb && \
dpkg -i /tmp/grafana.deb && \
rm /tmp/grafana.deb && \
curl -L https://github.com/tianon/gosu/releases/download/1.10/gosu-amd64 > /usr/sbin/gosu && \
chmod +x /usr/sbin/gosu && \
apt-get autoremove -y && \
rm -rf /var/lib/apt/lists/*
ENV PATH=/usr/share/grafana/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
GF_PATHS_CONFIG="/etc/grafana/grafana.ini" \
GF_PATHS_DATA="/var/lib/grafana" \
GF_PATHS_HOME="/usr/share/grafana" \
GF_PATHS_LOGS="/var/log/grafana" \
GF_PATHS_PLUGINS="/var/lib/grafana/plugins" \
GF_PATHS_PROVISIONING="/etc/grafana/provisioning"

VOLUME ["/var/lib/grafana", "/var/log/grafana", "/etc/grafana"]
RUN apt-get update && apt-get install -qq -y tar libfontconfig curl ca-certificates && \
mkdir -p "$GF_PATHS_HOME/.aws" && \
curl "$GRAFANA_URL" | tar xfvz - --strip-components=1 -C "$GF_PATHS_HOME" && \
apt-get autoremove -y && \
rm -rf /var/lib/apt/lists/* && \
groupadd -r -g $GF_GID grafana && \
useradd -r -u $GF_UID -g grafana grafana && \
mkdir -p "$GF_PATHS_PROVISIONING/datasources" \
"$GF_PATHS_PROVISIONING/dashboards" \
"$GF_PATHS_LOGS" \
"$GF_PATHS_PLUGINS" \
"$GF_PATHS_DATA" && \
cp "$GF_PATHS_HOME/conf/sample.ini" "$GF_PATHS_CONFIG" && \
cp "$GF_PATHS_HOME/conf/ldap.toml" /etc/grafana/ldap.toml && \
chown -R grafana:grafana "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS" && \
chmod 777 "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS"

EXPOSE 3000

COPY ./run.sh /run.sh

USER grafana
WORKDIR /

ENTRYPOINT ["/run.sh"]
ENTRYPOINT [ "/run.sh" ]
36 changes: 19 additions & 17 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

[![CircleCI](https://circleci.com/gh/grafana/grafana-docker.svg?style=svg)](https://circleci.com/gh/grafana/grafana-docker)

This project builds a Docker image with the latest master build of Grafana.
This project builds a Docker image for Grafana.

## Running your Grafana container

Expand All @@ -14,7 +14,7 @@ docker run -d --name=grafana -p 3000:3000 grafana/grafana

Try it out, default admin user is admin/admin.

In case port 3000 is closed for external clients or you there is no access
In case port 3000 is closed for external clients or there is no access
to the browser - you may test it by issuing:
curl -i localhost:3000/login
Make sure that you are getting "...200 OK" in response.
Expand Down Expand Up @@ -43,19 +43,23 @@ More information in the grafana configuration documentation: http://docs.grafana
## Grafana container with persistent storage (recommended)

```
# create /var/lib/grafana as persistent volume storage
docker run -d -v /var/lib/grafana --name grafana-storage busybox:latest
# create a persistent volume for your data in /var/lib/grafana (database and plugins)
docker volume create grafana-storage

# start grafana
docker run \
-d \
-p 3000:3000 \
--name=grafana \
--volumes-from grafana-storage \
-v grafana-storage:/var/lib/grafana \
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should probably have :z as an argument as well, in case of SELinux?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Never seen that one before. Will look into it. Thanks for reviewing the container, much appreciated.

grafana/grafana
```

## Installing plugins for Grafana 3
Note: An unnamed volume will be created for you when you boot Grafana,
using `docker volume create grafana-storage` just makes it easier to find
by giving it a name.

## Installing plugins for Grafana

Pass the plugins you want installed to docker with the `GF_INSTALL_PLUGINS` environment variable as a comma seperated list. This will pass each plugin name to `grafana-cli plugins install ${plugin}`.

Expand All @@ -70,24 +74,19 @@ docker run \

## Building a custom Grafana image with pre-installed plugins

Dockerfile:
```Dockerfile
FROM grafana/grafana:5.0.0
ENV GF_PATHS_PLUGINS=/opt/grafana-plugins
RUN mkdir -p $GF_PATHS_PLUGINS
RUN grafana-cli --pluginsDir $GF_PATHS_PLUGINS plugins install grafana-clock-panel
```

Add lines with `RUN grafana-cli ...` for each plugin you wish to install in your custom image. Don't forget to specify what version of Grafana you wish to build from (replace 5.0.0 in the example).
The `custom/` folder includes a `Dockerfile` that can be used to build a custom Grafana image. It accepts `GRAFANA_VERSION` and `GF_INSTALL_PLUGINS` as build arguments.

Example of how to build and run:
```bash
docker build -t grafana:5.0.0-custom .
cd custom
docker build -t grafana:latest-with-plugins \
--build-arg "GRAFANA_VERSION=latest" \
--build-arg "GF_INSTALL_PLUGINS=grafana-clock-panel,grafana-simple-json-datasource" .
docker run \
-d \
-p 3000:3000 \
--name=grafana \
grafana:5.0.0-custom
grafana:latest-with-plugins
```

## Running specific version of Grafana
Expand Down Expand Up @@ -126,6 +125,9 @@ Supported variables:

## Changelog

### v5.1.0
* Complete overhaul

### v4.2.0
* Plugins are now installed into ${GF_PATHS_PLUGINS}
* Building the container now requires a full url to the deb package instead of just version
Expand Down
9 changes: 3 additions & 6 deletions build.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,22 +1,19 @@
#!/bin/bash

_grafana_tag=$1
_grafana_version=${_grafana_tag:1}
_grafana_version=$1

_docker_repo=${2:-grafana/grafana}

if [ "$_grafana_version" != "" ]; then
echo "Building version ${_grafana_version}"
echo "Download url: https://s3-us-west-2.amazonaws.com/grafana-releases/release/grafana_${_grafana_version}_amd64.deb"
docker build \
--build-arg DOWNLOAD_URL=https://s3-us-west-2.amazonaws.com/grafana-releases/release/grafana_${_grafana_version}_amd64.deb \
--build-arg GRAFANA_URL="https://s3-us-west-2.amazonaws.com/grafana-releases/release/grafana-${_grafana_version}.linux-x64.tar.gz" \
--tag "${_docker_repo}:${_grafana_version}" \
--no-cache=true .
docker tag ${_docker_repo}:${_grafana_version} ${_docker_repo}:latest

else
echo "Building latest for master"
docker build \
--tag "grafana/grafana:master" \
--no-cache=true .
.
fi
16 changes: 16 additions & 0 deletions custom/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
ARG GRAFANA_VERSION="latest"

FROM grafana/grafana:${GRAFANA_VERSION}

USER grafana

ARG GF_INSTALL_PLUGINS=""

RUN if [ ! -z "${GF_INSTALL_PLUGINS}" ]; then \
OLDIFS=$IFS; \
IFS=','; \
for plugin in ${GF_INSTALL_PLUGINS}; do \
IFS=$OLDIFS; \
grafana-cli --pluginsDir "$GF_PATHS_PLUGINS" plugins install ${plugin}; \
done; \
fi
64 changes: 40 additions & 24 deletions run.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,51 +1,67 @@
#!/bin/bash -e

: "${GF_PATHS_CONFIG:=/etc/grafana/grafana.ini}"
: "${GF_PATHS_DATA:=/var/lib/grafana}"
: "${GF_PATHS_LOGS:=/var/log/grafana}"
: "${GF_PATHS_PLUGINS:=/var/lib/grafana/plugins}"
: "${GF_PATHS_PROVISIONING:=/etc/grafana/provisioning}"
PERMISSIONS_OK=0

if [ ! -r "$GF_PATHS_CONFIG" ]; then
echo "GF_PATHS_CONFIG='$GF_PATHS_CONFIG' is not readable."
PERMISSIONS_OK=1
fi

if [ ! -w "$GF_PATHS_DATA" ]; then
echo "GF_PATHS_DATA='$GF_PATHS_DATA' is not writable."
PERMISSIONS_OK=1
fi

if [ ! -r "$GF_PATHS_HOME" ]; then
echo "GF_PATHS_HOME='$GF_PATHS_HOME' is not readable."
PERMISSIONS_OK=1
fi

if [ $PERMISSIONS_OK -eq 1 ]; then
echo "You may have issues with file permissions, more information here: http://docs.grafana.org/installation/docker/#migration-from-a-previous-version-of-the-docker-container-to-5-1-or-later"
fi

if [ ! -d "$GF_PATHS_PLUGINS" ]; then
mkdir "$GF_PATHS_PLUGINS"
fi

chown -R grafana:grafana "$GF_PATHS_DATA" "$GF_PATHS_LOGS" || true

if [ ! -z ${GF_AWS_PROFILES+x} ]; then
mkdir -p ~grafana/.aws/
> ~grafana/.aws/credentials
> "$GF_PATHS_HOME/.aws/credentials"

for profile in ${GF_AWS_PROFILES}; do
access_key_varname="GF_AWS_${profile}_ACCESS_KEY_ID"
secret_key_varname="GF_AWS_${profile}_SECRET_ACCESS_KEY"
region_varname="GF_AWS_${profile}_REGION"

if [ ! -z "${!access_key_varname}" -a ! -z "${!secret_key_varname}" ]; then
echo "[${profile}]" >> ~grafana/.aws/credentials
echo "aws_access_key_id = ${!access_key_varname}" >> ~grafana/.aws/credentials
echo "aws_secret_access_key = ${!secret_key_varname}" >> ~grafana/.aws/credentials
echo "[${profile}]" >> "$GF_PATHS_HOME/.aws/credentials"
echo "aws_access_key_id = ${!access_key_varname}" >> "$GF_PATHS_HOME/.aws/credentials"
echo "aws_secret_access_key = ${!secret_key_varname}" >> "$GF_PATHS_HOME/.aws/credentials"
if [ ! -z "${!region_varname}" ]; then
echo "region = ${!region_varname}" >> ~grafana/.aws/credentials
echo "region = ${!region_varname}" >> "$GF_PATHS_HOME/.aws/credentials"
fi
fi
done

chown grafana:grafana -R ~grafana/.aws
chmod 600 ~grafana/.aws/credentials
chmod 600 "$GF_PATHS_HOME/.aws/credentials"
fi

if [ ! -z "${GF_INSTALL_PLUGINS}" ]; then
OLDIFS=$IFS
IFS=','
for plugin in ${GF_INSTALL_PLUGINS}; do
IFS=$OLDIFS
gosu grafana grafana-cli --pluginsDir "${GF_PATHS_PLUGINS}" plugins install ${plugin}
grafana-cli --pluginsDir "${GF_PATHS_PLUGINS}" plugins install ${plugin}
done
fi

exec gosu grafana /usr/sbin/grafana-server \
--homepath=/usr/share/grafana \
--config="$GF_PATHS_CONFIG" \
"$@" \
cfg:default.log.mode="console" \
cfg:default.paths.data="$GF_PATHS_DATA" \
cfg:default.paths.logs="$GF_PATHS_LOGS" \
cfg:default.paths.plugins="$GF_PATHS_PLUGINS" \
cfg:default.paths.provisioning=$GF_PATHS_PROVISIONING
exec grafana-server \
--homepath="$GF_PATHS_HOME" \
--config="$GF_PATHS_CONFIG" \
"$@" \
cfg:default.log.mode="console" \
cfg:default.paths.data="$GF_PATHS_DATA" \
cfg:default.paths.logs="$GF_PATHS_LOGS" \
cfg:default.paths.plugins="$GF_PATHS_PLUGINS" \
cfg:default.paths.provisioning="$GF_PATHS_PROVISIONING"