Skip to content

Instantly share code, notes, and snippets.

@Roman-Blinkov
Created August 25, 2019 22:53
Show Gist options
  • Save Roman-Blinkov/64c4f9255c36f08c0b41c09f3744a796 to your computer and use it in GitHub Desktop.
Save Roman-Blinkov/64c4f9255c36f08c0b41c09f3744a796 to your computer and use it in GitHub Desktop.
Docker: Traefik, Grafana, Prometheus & InfluxDB
version: '3.7'
services:
influxdb:
image: influxdb
container_name: influxdb
volumes:
- /srv/monitor/influxdb/data:/var/lib/influxdb
- /srv/monitor/influxdb/influxdb.conf:/etc/influxdb/influxdb.conf:ro
networks:
- default
- web
- idnet
labels:
- "traefik.backend=influxdb"
- "traefik.enable=true"
- "traefik.frontend.rule=Host:influxdb.example.com"
- "traefik.port=8086"
- "traefik.docker.network=web"
grafana:
image: grafana/grafana
container_name: grafana
environment:
- GF_SERVER_ROOT_URL=https://grafana.example.com
- GF_EXTERNAL_IMAGE_STORAGE=local
- GF_INSTALL_PLUGINS=grafana-piechart-panel
networks:
- default
- web
- idnet
volumes:
- /srv/monitor/grafana/data:/var/lib/grafana
labels:
- "traefik.backend=grafana"
- "traefik.enable=true"
- "traefik.frontend.rule=Host:grafana.example.com"
- "traefik.port=3000"
- "traefik.docker.network=web"
telegraf:
image: telegraf:latest
container_name: telegraf
volumes:
- /srv/monitor/telegraf/telegraf.conf:/etc/telegraf/telegraf.conf:ro
- /var/run/docker.sock:/var/run/docker.sock
prometheus:
image: prom/prometheus:latest
container_name: prometheus
volumes:
- /srv/monitor/prometheus/data:/prometheus
- /srv/monitor/prometheus/etc:/etc/prometheus
networks:
- default
- idnet
traefik:
image: traefik:latest
container_name: traefik
environment:
- AZURE_CLIENT_ID=secret
- AZURE_CLIENT_SECRET=secret
- AZURE_SUBSCRIPTION_ID=secret
- AZURE_TENANT_ID=secret
- AZURE_RESOURCE_GROUP=secret
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /srv/traefik:/etc/traefik
networks:
- web
- default
ports:
- 80:80
- 443:443
networks:
web:
external: true
dbnet:
driver: 'bridge'
idnet:
driver: 'bridge'
# /srv/monitor/prometheus/etc/prometheus.yml
# my global config
global:
scrape_interval: 15s # By default, scrape targets every 15 seconds.
evaluation_interval: 15s # By default, scrape targets every 15 seconds.
# scrape_timeout is set to the global default (10s).
# Attach these labels to any time series or alerts when communicating with
# external systems (federation, remote storage, Alertmanager).
external_labels:
monitor: 'my-project'
# Load and evaluate rules in this file every 'evaluation_interval' seconds.
rule_files:
- 'alert.rules'
# - "first.rules"
# - "second.rules"
# alert
#alerting:
# alertmanagers:
# - scheme: http
# static_configs:
# - targets:
# - "alertmanager:9093"
# A scrape configuration containing exactly one endpoint to scrape:
# Here it's Prometheus itself.
scrape_configs:
# The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
- job_name: 'traefik'
# Override the global default and scrape targets from this job every 5 seconds.
scrape_interval: 5s
static_configs:
- targets: ['traefik:8080']
# - job_name: 'traefik'
# If the traefik has authentication
# basic_auth:
# username: user
# password: password
# If the entrypoint is HTTPS
# scheme: https
# static_configs:
# - targets:
# - example.com:443
# - job_name: 'cadvisor'
# Override the global default and scrape targets from this job every 5 seconds.
# scrape_interval: 5s
# dns_sd_configs:
# - names:
# - 'tasks.cadvisor'
# type: 'A'
# port: 8080
# static_configs:
# - targets: ['cadvisor:8080']
# - job_name: 'node-exporter'
# Override the global default and scrape targets from this job every 5 seconds.
# scrape_interval: 5s
# dns_sd_configs:
# - names:
# - 'tasks.node-exporter'
# type: 'A'
# port: 9100
# static_configs:
# - targets: ['node-exporter:9100']
#/srv/traefik/traefik.toml
logLevel = "INFO"
defaultEntryPoints = ["http", "https"]
[web]
address = ":8080"
[metrics]
[metrics.prometheus]
entryPoint = "traefik"
buckets = [0.1,0.3,1.2,5.0]
[docker]
domain = "example.com"
watch = true
exposedbydefault = false
# Force HTTPS
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
# Let's encrypt configuration
[acme]
email = "[email protected]"
storage = "/etc/traefik/acme.json"
entryPoint = "https"
acmeLogging = true
[acme.dnsChallenge]
provider = "azure"
delayBeforeCheck = 0
[[acme.domains]]
main = "*.example.com"
sans = ["example.com"]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment