This the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

    Create Per-Container Custom App Checks

    Sysdig supports adding custom application check-script configurations for each individual container in the infrastructure. This avoids multiple edits and entries to achieve container specific customization. In particular, this enables PaaS to work smarter, by delegating application teams to configure their own checks.

    See also Understanding the Agent Config Files for details on accessing and editing the agent configuration files in general.

    How It Works

    The SYSDIG_AGENT_CONF variable stores a YAML-formatted configuration for your app check and will be used to match app check configurations.

    All originalapp_checksare available, and the syntax is the same as for dragent.yaml. You can add the environment variable directly to theDocker file.

    Example with Dockerfile

    This example defines a per container app-check for Redis. Normally you would have a YAML formatted entry installed into the agent’s /opt/draios/etc/dragent.yaml file that would look like this:

      - name: redis
        check_module: redisdb
          comm: redis-server
          port: "{port}"
          password: protected

    For the per-container method, convert and add the above entry to the Docker file via the SYSDIG_AGENT_CONF environment variable:

    FROM redis
    # This config file adds a password for accessing redis instance
    ADD redis.conf /
    ENV SYSDIG_AGENT_CONF { "app_checks": [{ "name": "redis", "check_module": "redisdb", "pattern": {"comm": "redis-server"}, "conf": { "host": "", "port": "6379", "password": "protected"} }] }
    ENTRYPOINT ["redis-server"]
    CMD [ "/redis.conf" ]

    Example with Docker CLI

    You can add parameters starting a container with dockerrunusing-e/–envflag or injecting it using orchestration systems like Kubernetes:

    PER_CONTAINER_CONF='{ "app_checks": [{ "name": "redis", "check_module": "redisdb", "pattern": {"comm": "redis-server"}, "conf": { "host": "", "port": "6379", "password": "protected"} }] }'
    docker run --name redis -v /tmp/redis.conf:/etc/redis.conf -e SYSDIG_AGENT_CONF="${PER_CONTAINER_CONF}" -d redis /etc/redis.conf