Add Dockerfile for an Alpine Linux based image. #408
+59
−0
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Dockerfile
Outdated
| rm -rf /usr/src/elastalert && \ | ||
| apk del python-dev git && \ | ||
| rm -rf /var/cache/apk/* && \ | ||
| cp /usr/share/zoneinfo/America/New_York /etc/localtime && \ |
There was a problem hiding this comment.
Can this read the timezone from the build machine instead of hardcoding EST?
There was a problem hiding this comment.
If you want things like timezone setting, I suggest you look at https://github.com/krizsan/elastalert-docker and see if you can bring in some of what is done there, such as checking if the Elastalert index exists in Elasticsearch and create it if it does not. That project also does allows for setting timezone.
But maybe this project already does than anyways? In either case, I think an alpine linux container
|
Anything blocking this besides the hardcoded timezone? |
|
@GerardoNevarez . Sorry I missed @mentioning the first time around. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I've been using a small (65Mb) elastalert Docker image for basic monitoring on our test EFK stack (Elasticsearch-Fluentd-Kibana). The image clones the Yelp/elastalert repo and builds everything from source. To build it:
docker build --no-cache=true -t elastalert:onbuild .The resulting image can be the base for an environment specific image: a new Dockerfile (below) must reference it, and the config.yaml and rules (inside a /rules folder) would be added as a new layer.
FROM elastalert:onbuildThe image can also be executed with a mounted config.yaml and rules folder. First step is creating the ES index for elastalert:
docker run --rm -v /opt/elastalert/config.yaml:/opt/elastalert/config.yaml -v /opt/elastalert/rules:/opt/elastalert/rules elastalert:onbuild bash -c "elastalert-create-index"and then run a container:
docker run -d --name elastalert -v /opt/elastalert/config.yaml:/opt/elastalert/config.yaml -v /opt/elastalert/rules:/opt/elastalert/rules elastalert:onbuildAlthough my current approach is mounting rules and config from a local volume, some additional ENV variables could be added to customize it (i.e. retrieve config.yaml from a remote URL, ES url, etc)
Might be a starting point for a small, official image in the future. Thoughts?
Gerardo