Hi,
I have a docker container that I run with the following command:
docker run -d \
--name=metricbeat \
--user=root \
--volume="$(pwd)/metricbeat.docker.yml:/usr/share/metricbeat/metricbeat.yml:ro" \
--volume="/var/run/docker.sock:/var/run/docker.sock:ro" \
--volume="/sys/fs/cgroup:/hostfs/sys/fs/cgroup:ro" \
--volume="/proc:/hostfs/proc:ro" \
--volume="/:/hostfs:ro" \
docker.elastic.co/beats/metricbeat:6.8.5 metricbeat
From https://www.elastic.co/guide/en/beats/metricbeat/6.8/running-on-docker.html#_volume_mounted_configuration
It works fine on a “classic” linux distribution (like Ubuntu), but how can I achieve the same on BalenaOS ? Especially the volume mount, as BalenaOS doesn’t allow bind mounts.
I had a look at this project:
it seems to be the kind of thing I would like to do, but I don’t see any mount in this project.
Could you please help me to make this docker container work on BalenaOS ?
Thanks
Hey @lpierrat
I believe the /sys/fs/cgroup
and /proc
mounts can be achieved with privileged: true
in the docker-compose.
The docker socket can be achieved with the io.balena.features.balena-socket
label, described here: https://www.balena.io/docs/reference/supervisor/docker-compose/#labels
The host fs cannot be mounted into the container when using balena unfortunately.
For the configuration, the easiest way would be to create a dockerfile which looks similar to:
FROM docker.elastic.co/beats/metricbeat:6.8.5
COPY metricbeat.docker.yml /usr/share/metricbeat/metricbeat.yml
It should work with these changes, let me know how it goes!
Thanks for the quick answer!
Indeed, I forgot to mentien that I alreadw have this Dockerfile:
FROM docker.elastic.co/beats/metricbeat:6.8.5
COPY metricbeat.yml /usr/share/metricbeat/metricbeat.yml
USER root
RUN chown root:metricbeat /usr/share/metricbeat/metricbeat.yml
So the docker-compose should be something like this?
version: '2'
services:
metricbeat:
build: ./metricbeat
privileged: true
labels:
io.balena.features.balena-socket: '1'
Just adding privileged: true
allow the container to have access to /proc without mounting volumes ?
Yes I believe the following docker-compose file should behave as expected. Let me know if you have any further questions!
Perfect thanks.
I’ll do some tests tomorrow since I don’t have access to the devices at the moment.