NASP/argus
52
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects 1 Releases 1 Wiki Activity
argus/src/metric/prometheus/build/Dockerfile.arm64

60 lines
2.4 KiB
Docker
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

FROM prom/prometheus:v3.5.0
# 构建期使用 root运行期使用 prometheus 用户
USER root
# Prometheus 数据与配置基础路径
ENV PROMETHEUS_BASE_PATH=/private/argus/metric/prometheus
# 构建期指定 UID/GID用于与宿主用户映射
ARG ARGUS_BUILD_UID=2133
ARG ARGUS_BUILD_GID=2015
ENV ARGUS_BUILD_UID=${ARGUS_BUILD_UID} \
ARGUS_BUILD_GID=${ARGUS_BUILD_GID}
# 创建目录结构:将 /prometheus 链接到 ARGUS 路径
RUN mkdir -p ${PROMETHEUS_BASE_PATH}/rules \
&& mkdir -p ${PROMETHEUS_BASE_PATH}/targets \
&& mkdir -p /private/argus/etc \
&& rm -rf /prometheus \
&& ln -s ${PROMETHEUS_BASE_PATH} /prometheus
# 调整 prometheus 用户 UID/GID 并授权
# 注意prom/prometheus 基础镜像基于 BusyBox仅提供 adduser/addgroup
# 没有 useradd/groupadd/usermod/groupmod 等工具。
RUN set -eux; \
if ! grep -q '^prometheus:' /etc/passwd 2>/dev/null; then \
addgroup -g "${ARGUS_BUILD_GID}" prometheus 2>/dev/null || true; \
adduser -D -H -u "${ARGUS_BUILD_UID}" -G prometheus prometheus 2>/dev/null || true; \
fi; \
chown -h prometheus:prometheus /prometheus || true; \
chown -R prometheus:prometheus ${PROMETHEUS_BASE_PATH} || true; \
if [ -d /etc/prometheus ]; then chown -R prometheus:prometheus /etc/prometheus; fi
# 拷贝配置与启动脚本
COPY prometheus.yml /etc/prometheus/prometheus.yml
COPY exporter_config.json /usr/local/bin/exporter_config.json
COPY start-prometheus-supervised.sh /usr/local/bin/start-prometheus-supervised.sh
RUN chmod +x /usr/local/bin/start-prometheus-supervised.sh && \
chown prometheus:prometheus /usr/local/bin/start-prometheus-supervised.sh && \
chown prometheus:prometheus /usr/local/bin/exporter_config.json || true
# 可选的 targets 更新脚本ARM 镜像中默认不自动运行,因为基础镜像无 python3
COPY update_targets.py /usr/local/bin/update_targets.py
RUN chmod +x /usr/local/bin/update_targets.py && \
chown prometheus:prometheus /usr/local/bin/update_targets.py || true
# DNS 监控脚本(目前未默认启用,可由外部显式调用)
COPY dns-monitor.sh /usr/local/bin/dns-monitor.sh
RUN chmod +x /usr/local/bin/dns-monitor.sh && \
chown prometheus:prometheus /usr/local/bin/dns-monitor.sh || true
# 使用 prometheus 用户运行
USER prometheus
EXPOSE 9090
# ARM 版直接使用启动脚本作为入口,不再依赖 supervisor
ENTRYPOINT ["/usr/local/bin/start-prometheus-supervised.sh"]
Reference in New Issue View Git Blame Copy Permalink