Sysdig Documentation

Create Per-Container Custom App Checks

Sysdig supports adding custom application check-script configurations for each individual container in the infrastructure. This avoids multiple edits and entries to achieve container specific customization. In particular, this enables PaaS to work smarter, by delegating application teams to configure their own checks.

See also Understanding the Agent Config Files for details on accessing and editing the agent configuration files in general.

How It Works

The SYSDIG_AGENT_CONF variable stores a YAML-formatted configuration for your app check and will be used to match app check configurations.

All originalapp_checksare available, and the syntax is the same as for dragent.yaml. You can add the environment variable directly to theDocker file.

Example with Dockerfile

This example defines a per container app-check for redis. Normally you would have a yaml formatted entry installed into the agent's /opt/draios/etc/dragent.yaml file that would look like this:

app_checks: 
 - name: redis
    check_module: redisdb
    pattern:
      comm: redis-server
    conf:
      host: 127.0.0.1
      port: "{port}"
      password: protected

For the per-container method, convert and add the above entry to the Docker file via the SYSDIG_AGENT_CONF environment variable:

FROM redis
# This config file adds a password for accessing redis instance
ADD redis.conf /

ENV SYSDIG_AGENT_CONF { "app_checks": [{ "name": "redis", "check_module": "redisdb", "pattern": {"comm": "redis-server"}, "conf": { "host": "127.0.0.1", "port": "6379", "password": "protected"} }] }
ENTRYPOINT ["redis-server"]
CMD [ "/redis.conf" ]

Example with Docker CLI

You can add parameters starting a container with dockerrunusing-e/--envflag or injecting it using orchestration systems like Kubernetes:

PER_CONTAINER_CONF='{ "app_checks": [{ "name": "redis", "check_module": "redisdb", "pattern": {"comm": "redis-server"}, "conf": { "host": "127.0.0.1", "port": "6379", "password": "protected"} }] }'

docker run --name redis -v /tmp/redis.conf:/etc/redis.conf -e SYSDIG_AGENT_CONF="${PER_CONTAINER_CONF}" -d redis /etc/redis.conf