FROM ubuntu/prometheus:3-24.04_stable USER root ARG USE_INTRANET=false # 内网 apt 源配置 RUN if [ "$USE_INTRANET" = "true" ]; then \ echo "Configuring intranet apt sources..." && \ cp /etc/apt/sources.list /etc/apt/sources.list.bak && \ echo "deb [trusted=yes] http://10.68.64.1/ubuntu2204/ jammy main" > /etc/apt/sources.list && \ echo 'Acquire::https::Verify-Peer "false";' > /etc/apt/apt.conf.d/99disable-ssl-check && \ echo 'Acquire::https::Verify-Host "false";' >> /etc/apt/apt.conf.d/99disable-ssl-check; \ else \ echo "Configuring fast apt sources for external network..." && \ find /etc/apt -name "sources.list*" -exec sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' {} \; && \ find /etc/apt -name "sources.list*" -exec sed -i 's/security.ubuntu.com/mirrors.aliyun.com/g' {} \; && \ echo "deb http://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse" > /etc/apt/sources.list && \ echo "deb http://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse" >> /etc/apt/sources.list && \ echo "deb http://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse" >> /etc/apt/sources.list; \ fi # 验证源配置并安装常用工具 RUN echo "=== Current apt sources ===" && \ cat /etc/apt/sources.list && \ echo "=== Updating package list ===" && \ apt-get update && \ echo "=== Installing packages ===" && \ apt-get install -y --no-install-recommends \ supervisor \ net-tools \ inetutils-ping \ vim \ python3 \ python3-pip && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # 如果是部署环境替换 apt 源 RUN if [ "$USE_INTRANET" = "true" ]; then \ echo "deb [trusted=yes] https://10.92.132.52/mirrors/ubuntu2204/ jammy main" > /etc/apt/sources.list; \ fi # supervisor 日志目录 RUN mkdir -p /var/log/supervisor # 设置 Prometheus 基础路径环境变量 ENV PROMETHEUS_BASE_PATH=/private/argus/metric/prometheus # 设置用户和组ID环境变量 ARG PROMETHEUS_UID=2133 ARG PROMETHEUS_GID=2015 ENV PROMETHEUS_UID=${PROMETHEUS_UID} ENV PROMETHEUS_GID=${PROMETHEUS_GID} # 创建目录结构 RUN mkdir -p ${PROMETHEUS_BASE_PATH}/rules \ && mkdir -p ${PROMETHEUS_BASE_PATH}/targets \ && mkdir -p /private/argus/etc \ && rm -rf /prometheus \ && ln -s ${PROMETHEUS_BASE_PATH} /prometheus # 修改 Prometheus 用户 UID/GID 并授权 RUN usermod -u ${PROMETHEUS_UID} nobody && \ groupmod -g ${PROMETHEUS_GID} nogroup && \ chown -h nobody:nogroup /prometheus && \ chown -R nobody:nogroup /private/argus/metric /etc/prometheus && \ chown -R nobody:nogroup ${PROMETHEUS_BASE_PATH} # supervisor 配置 COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf # 启动脚本 COPY start-prometheus-supervised.sh /usr/local/bin/start-prometheus-supervised.sh RUN chmod +x /usr/local/bin/start-prometheus-supervised.sh && \ chown nobody:nogroup /usr/local/bin/start-prometheus-supervised.sh # targets 更新脚本 COPY start-targets-updater.sh /usr/local/bin/start-targets-updater.sh RUN chmod +x /usr/local/bin/start-targets-updater.sh && \ chown nobody:nogroup /usr/local/bin/start-targets-updater.sh # targets 更新 Python 脚本 COPY update_targets.py /usr/local/bin/update_targets.py RUN chmod +x /usr/local/bin/update_targets.py && \ chown nobody:nogroup /usr/local/bin/update_targets.py # exporter 配置文件 - 复制到内部目录 COPY exporter_config.json /usr/local/bin/exporter_config.json COPY prometheus.yml /etc/prometheus/prometheus.yml RUN chown nobody:nogroup /usr/local/bin/exporter_config.json /etc/prometheus/prometheus.yml COPY dns-monitor.sh /usr/local/bin/dns-monitor.sh RUN chmod +x /usr/local/bin/dns-monitor.sh USER root EXPOSE 9090 ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf", "-n"]