Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Run graphite-stack inside docker via docker-compose
# getenforce
Disabled

Also we need docker, docker-compose, certbot (if you need LetEncrypt)

mkdir -p /opt/graphite/conf /opt/graphite/data /opt/graphite/storage /opt/statsd /opt/grafana/log

/etc/docker/compose/graphite/docker-compose.yml

version: "2"

services:
  statsd:
   image: graphiteapp/graphite-statsd
   ports:
    - "8084:80"
    - "2003-2004:2003-2004"
    - "2023-2024:2023-2024"
    - "8125:8125/udp"
    - "8126:8126"
   volumes:
    - /opt/graphite/conf:/opt/graphite/conf
    - /opt/graphite/data:/opt/graphite/data
    - /opt/graphite/storage:/opt/graphite/storage
    - /opt/statsd:/opt/statsd

  grafana:
   image: grafana/grafana
   ports:
    - "3000:3000"
   volumes:
    - /opt/grafana:/var/lib/grafana
    - /opt/grafana/log:/var/log/grafana
   environment:
    - GF_SERVER_ROOT_URL=https://server.fqdn
    - GF_SECURITY_ADMIN_PASSWORD=secret_password_here_change_it!
    - GF_INSTALL_PLUGINS=grafana-clock-panel,grafana-simple-json-datasource,raintank-worldping-app,grafana-worldmap-panel,ayoungprogrammer-finance-datasource
   links:
    - "statsd"

/etc/systemd/system/docker-compose@.service

[Unit]
Description=%i service with docker compose
Requires=docker.service
After=docker.service

[Service]
Restart=always

WorkingDirectory=/etc/docker/compose/%i

# Remove old containers, images and volumes
ExecStartPre=/bin/docker-compose down -v
ExecStartPre=/bin/docker-compose rm -fv
ExecStartPre=-/bin/bash -c 'docker volume ls -qf "name=%i_" | xargs docker volume rm'
ExecStartPre=-/bin/bash -c 'docker network ls -qf "name=%i_" | xargs docker network rm'
ExecStartPre=-/bin/bash -c 'docker ps -aqf "name=%i_*" | xargs docker rm'

# Compose up
ExecStart=/bin/docker-compose up

# Compose down, remove containers and volumes
ExecStop=/bin/docker-compose down -v

[Install]
WantedBy=multi-user.target

Don't forget to change graphite django admin password here: /admin/auth/user/1/ (root:root)

upstream grafana {
 server 127.0.0.1:3000;
}

server {
   listen       443 ssl;
   server_name server.fqdn;
   ssl on;
   ssl_certificate /etc/letsencrypt/live/server.fqdn/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/server.fqdn/privkey.pem;

   ssl_session_cache    shared:SSL:10m;
   ssl_session_timeout  10m;
   ssl_protocols TLSv1.2;
   ssl_ciphers HIGH:!RC4-SHA:!MD5:!ADH:!aNULL:!eNULL:!DH:!EDH:!EXP:!3DES:!CAMELLIA;
   ssl_prefer_server_ciphers on;

   ssl_stapling on;
   ssl_stapling_verify on;
   resolver 8.8.8.8 8.8.4.4 valid=86400;
   resolver_timeout 10;

   real_ip_header X-Forwarded-For;

   location / {
      proxy_pass http://grafana;
   }

}
systemctl enable docker-compose@graphite.service
systemctl start docker-compose@graphite.service
systemctl enable nginx
systemctl start nginx
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.