NASP/argus
51
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects 1 Releases Wiki Activity
argus/deployment/build/templates/docs/INSTALL_SERVER.md

2.6 KiB
Raw Permalink Blame History

Argus Server Offline Installation

Prerequisites

  • Linux x86_64 (Ubuntu 22.04 recommended; see OS compatibility for NixOS)
  • Docker & Docker Compose installed
  • Open ports: 32300, 9200, 5601, 9090, 9093, 8080..8085, 21, 20, 2110021110 (or auto-fallback to high ports)

Quick Start

  1. Extract to a target dir, e.g. /opt/argus-deploy/versions/<YYYYMMDD>
  2. ./server-install.sh (nonroot is supported: it will precreate minimal dirs and auto-fix Kibana/ES/Bind in containers)
  3. ./server-status.sh
  4. ./server-selfcheck.sh (on failure it auto-runs diagnose and writes logs under logs/)
  5. ./server-uninstall.sh to tear down

What the Installer Does

  • Loads local images (images/all-images.tar.gz)
  • Generates OS-compat override (security_opt: ["label=disable"], userns_mode: host, bind tmpfs:/run/named)
  • Starts server-only services: bind/master/es/kibana/ftp/prometheus/grafana/alertmanager/web-frontend/web-proxy
  • DNS Bootstrap:
    • Ensure /private/argus/etc/dns.conf exists (write 172.31.0.2 if missing);
    • Run /private/argus/etc/update-dns.sh in dependent containers so /etc/resolv.conf points to bind;
    • Wait for *.argus.com hint files, then reload bind;
    • Restart webproxy to re-render nginx resolver from dns.conf;
  • Writes logs/selfcheck.json as final summary

OS Compatibility

  • NixOS / non-xattr FS: containers run with security_opt: ["label=disable"] and userns_mode: host.
  • If you cannot use sudo, the installer will:
    • create minimal data dirs (incl. private/argus/log/{elasticsearch,kibana}) with permissive perms when possible;
    • ensure inside containers: Kibana data/private/argus/log/kibana, Elasticsearch data/private/argus/log/elasticsearch, and Bind rndc.key is generated. (Manual pre-creation scripts are no longer required.)

Files & Layout

  • compose/ (docker-compose.yml, .env)
  • private/ (data mounts)
  • scripts/ (install/uninstall/status/selfcheck/diagnose)
  • logs/ (selfcheck + diagnose outputs)

Troubleshooting (Quick)

  • Run ./server-selfcheck.sh → see logs/selfcheck.json
  • Run ./server-diagnose.sh → produces timestamped logs:
    • logs/diagnose_details_YYYYMMDD-HHMMSSZ.log
    • logs/diagnose_error_YYYYMMDD-HHMMSSZ.log And updates diagnose_details.log/diagnose_error.log to the latest
  • Error lines are tagged [service][source], e.g. [kibana][http] /api/status=503

Common issues:

  • Kibana 503: wait cold start or fix DNS so es.log.argus.com resolves
  • webproxy 504: check nginx resolver includes 172.31.0.2 127.0.0.11
  • EACCES/locks: ensure sudo ./server-prepare-dirs.sh ran and ownership matches UID:GID