Customizing app-checks per container

With the release of our Sysdig agent version 0.44.0, functionality has been added to allow adding custom application check-script configurations for each individual container in the infrastructure.  This avoids multiple edits and entries to achieve container specific customization. In particular, this enables PaaS to work smarter, by delegating application teams to configure their own checks.

 

What's new

A new environment variable has been introduced:

SYSDIG_AGENT_CONF

This can be used in your Dockerfile.   

 

How it works

The SYSDIG_AGENT_CONF stores a YAML-formatted configuration for your app check and will be used to match app check configurations.

All original app_checks are available, the syntax is the same of our dragent.yaml. You can put the environment variable directly within the Dockerfile.

 

Example with Dockerfile

This example defines a per container app-check for redis. Add the entry to the dockerfile for your redis image and change the 'mypassword' string to your own: 

FROM redis
# This config file adds a password for accessing redis instance
ADD redis.conf /

ENV SYSDIG_AGENT_CONF { "app_checks": [{ "name": "redis", "check_module": "redisdb", "pattern": {"comm": "redis-server"}, "conf": { "host": "127.0.0.1", "port": "6379", "password": "protected"} }] }
ENTRYPOINT ["redis-server"]
CMD [ "/redis.conf" ]

 

Example with docker CLI

You can add parameters starting a container with docker run using -e/--env flag or injecting it using orchestration systems like Kubernetes:

 
PER_CONTAINER_CONF='{ "app_checks": [{ "name": "redis", "check_module": "redisdb", "pattern": {"comm": "redis-server"}, "conf": { "host": "127.0.0.1", "port": "6379", "password": "protected"} }] }'

docker run --name redis -v /tmp/redis.conf:/etc/redis.conf -e SYSDIG_AGENT_CONF="${PER_CONTAINER_CONF}" -d redis /etc/redis.conf

 

 

Have more questions? Submit a request