Customizing app-checks per container

Follow

With the release of our Sysdig agent version 0.44.0, functionality has been added to allow adding custom application check-script configurations for each individual container in the infrastructure.  This avoids multiple edits and entries to achieve container specific customization. In particular, this enables PaaS to work smarter, by delegating application teams to configure their own checks.

 

What's new

A new environment variable has been introduced:

SYSDIG_AGENT_CONF

This can be used in your Dockerfile.   

 

How it works

The SYSDIG_AGENT_CONF stores a YAML-formatted configuration for your app check and will be used to match app check configurations.

All original app_checks are available, the syntax is the same of our dragent.yaml. You can put the environment variable directly within the Dockerfile.

 

Example with Dockerfile

This example defines a per container app-check for redis.  Normally you would have a yaml formatted entry installed into the agent's /opt/draios/etc/dragent.yaml file that would look like this:

app_checks: 
 - name: redis
    check_module: redisdb
    pattern:
      comm: redis-server
    conf:
      host: 127.0.0.1
      port: "{port}"
      password: protected


For the per-container method, covert and add the above entry to the Dockerfile for your redis image via the SYSDIG_AGENT_CONF environment variable:

FROM redis
# This config file adds a password for accessing redis instance
ADD redis.conf /

ENV SYSDIG_AGENT_CONF { "app_checks": [{ "name": "redis", "check_module": "redisdb", "pattern": {"comm": "redis-server"}, "conf": { "host": "127.0.0.1", "port": "6379", "password": "protected"} }] }
ENTRYPOINT ["redis-server"]
CMD [ "/redis.conf" ]

 

Example with docker CLI

You can add parameters starting a container with docker run using -e/--env flag or injecting it using orchestration systems like Kubernetes:

 
PER_CONTAINER_CONF='{ "app_checks": [{ "name": "redis", "check_module": "redisdb", "pattern": {"comm": "redis-server"}, "conf": { "host": "127.0.0.1", "port": "6379", "password": "protected"} }] }'

docker run --name redis -v /tmp/redis.conf:/etc/redis.conf -e SYSDIG_AGENT_CONF="${PER_CONTAINER_CONF}" -d redis /etc/redis.conf

 

 

Have more questions? Submit a request