-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
171 lines (146 loc) · 7.34 KB
/
Dockerfile
File metadata and controls
171 lines (146 loc) · 7.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
# Elastalert Docker image running on Alpine Linux.
# Build image with: docker build -t ivankrizsan/elastalert:latest .
#
# The WORKDIR instructions are deliberately left, as it is recommended to use WORKDIR over the cd command.
FROM iron/python:2
MAINTAINER Jailbirt
#Node Version
ENV VERSION=v0.10.45 CFLAGS="-D__USE_MISC" NPM_VERSION=2
#Node API
ENV EAAPI_URL=https://github.com/JuanMsanchez/ealert-api-rulz/archive/master.zip
ENV EAAPI_DIR=/src
# Set this environment variable to true to set timezone on container start.
ENV SET_CONTAINER_TIMEZONE false
# Default container timezone as found under the directory /usr/share/zoneinfo/.
ENV CONTAINER_TIMEZONE America/Buenos_Aires
# URL from which to download Elastalert.
ENV ELASTALERT_URL https://github.com/Yelp/elastalert/archive/master.zip
# Directory holding configuration for Elastalert and Supervisor.
ENV CONFIG_DIR /opt/config
# Elastalert rules directory.
ENV RULES_DIRECTORY /opt/rules
# Elastalert configuration file path in configuration directory.
ENV ELASTALERT_CONFIG ${CONFIG_DIR}/elastalert_config.yaml
# Directory to which Elastalert and Supervisor logs are written.
ENV LOG_DIR /opt/logs
# Elastalert home directory name.
ENV ELASTALERT_DIRECTORY_NAME elastalert
# Elastalert home directory full path.
ENV ELASTALERT_HOME /opt/${ELASTALERT_DIRECTORY_NAME}
# Supervisor configuration file for Elastalert.
ENV ELASTALERT_SUPERVISOR_CONF ${CONFIG_DIR}/elastalert_supervisord.conf
# Alias, DNS or IP of Elasticsearch host to be queried by Elastalert. Set in default Elasticsearch configuration file.
ENV ELASTICSEARCH_HOST elasticsearch_host
# Port on above Elasticsearch host. Set in default Elasticsearch configuration file.
ENV ELASTICSEARCH_PORT 9200
WORKDIR /opt
# Copy the script used to launch the Elastalert when a container is started.
COPY ./start-elastalert.sh /opt/
# Install software required for Elastalert and NTP for time synchronization.
RUN apk update && \
apk upgrade && \
apk add python-dev gcc musl-dev tzdata openntpd && \
# Install pip - required for installation of Elastalert.
wget https://bootstrap.pypa.io/get-pip.py && \
python get-pip.py && \
rm get-pip.py && \
# Download and unpack Elastalert.
wget ${ELASTALERT_URL} && \
unzip *.zip && \
rm *.zip && \
mv e* ${ELASTALERT_DIRECTORY_NAME}
WORKDIR ${ELASTALERT_HOME}
# Install Elastalert.
RUN python setup.py install && \
pip install -e . && \
# Install Supervisor.
easy_install supervisor && \
# Make the start-script executable.
chmod +x /opt/start-elastalert.sh && \
# Create directories. The /var/empty directory is used by openntpd.
mkdir -p ${CONFIG_DIR} && \
mkdir -p ${RULES_DIRECTORY} && \
mkdir -p ${LOG_DIR} && \
mkdir -p /var/empty && \
# Copy default configuration files to configuration directory.
cp ${ELASTALERT_HOME}/config.yaml.example ${ELASTALERT_CONFIG} && \
cp ${ELASTALERT_HOME}/supervisord.conf.example ${ELASTALERT_SUPERVISOR_CONF} && \
# Elastalert configuration:
# Set the rule directory in the Elastalert config file to external rules directory.
sed -i -e"s|rules_folder: [[:print:]]*|rules_folder: ${RULES_DIRECTORY}|g" ${ELASTALERT_CONFIG} && \
# Set the Elasticsearch host that Elastalert is to query.
sed -i -e"s|es_host: [[:print:]]*|es_host: ${ELASTICSEARCH_HOST}|g" ${ELASTALERT_CONFIG} && \
# Set the port used by Elasticsearch at the above address.
sed -i -e"s|es_port: [0-9]*|es_port: ${ELASTICSEARCH_PORT}|g" ${ELASTALERT_CONFIG} && \
# Elastalert Supervisor configuration:
# Redirect Supervisor log output to a file in the designated logs directory.
sed -i -e"s|logfile=.*log|logfile=${LOG_DIR}/elastalert_supervisord.log|g" ${ELASTALERT_SUPERVISOR_CONF} && \
# Redirect Supervisor stderr output to a file in the designated logs directory.
sed -i -e"s|stderr_logfile=.*log|stderr_logfile=${LOG_DIR}/elastalert_stderr.log|g" ${ELASTALERT_SUPERVISOR_CONF} && \
# Modify the start-command.
sed -i -e"s|python elastalert.py|python -m elastalert.elastalert --config ${ELASTALERT_CONFIG}|g" ${ELASTALERT_SUPERVISOR_CONF} && \
# Copy the Elastalert configuration file to Elastalert home directory to be used when creating index first time an Elastalert container is launched.
cp ${ELASTALERT_CONFIG} ${ELASTALERT_HOME}/config.yaml && \
# Clean up.
apk del python-dev && \
apk del musl-dev && \
apk del gcc && \
# Add Elastalert to Supervisord.
supervisord -c ${ELASTALERT_SUPERVISOR_CONF}
# Define mount points.
VOLUME [ "${CONFIG_DIR}", "${RULES_DIRECTORY}", "${LOG_DIR}"]
#Install Nodejs, later Juansan API.
#https://raw.githubusercontent.com/mhart/alpine-node/master/Dockerfile
RUN apk add --no-cache curl make gcc g++ linux-headers paxctl libgcc libstdc++ gnupg && \
gpg --keyserver pool.sks-keyservers.net --recv-keys 9554F04D7259F04124DE6B476D5A82AC7E37093B && \
gpg --keyserver pool.sks-keyservers.net --recv-keys 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 && \
gpg --keyserver pool.sks-keyservers.net --recv-keys 0034A06D9D9B0064CE8ADF6BF1747F4AD2306D93 && \
gpg --keyserver pool.sks-keyservers.net --recv-keys FD3A5288F042B6850C66B31F09FE44734EB7990E && \
gpg --keyserver pool.sks-keyservers.net --recv-keys 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 && \
gpg --keyserver pool.sks-keyservers.net --recv-keys DD8F2338BAE7501E3DD5AC78C273792F7D83545D && \
gpg --keyserver pool.sks-keyservers.net --recv-keys C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 && \
gpg --keyserver pool.sks-keyservers.net --recv-keys B9AE9905FFD7803F25714661B63B535A4C206CA9 && \
curl -o node-${VERSION}.tar.gz -sSL https://nodejs.org/dist/${VERSION}/node-${VERSION}.tar.gz && \
curl -o SHASUMS256.txt.asc -sSL https://nodejs.org/dist/${VERSION}/SHASUMS256.txt.asc && \
gpg --verify SHASUMS256.txt.asc && \
grep node-${VERSION}.tar.gz SHASUMS256.txt.asc | sha256sum -c - && \
tar -zxf node-${VERSION}.tar.gz && \
cd node-${VERSION} && \
export GYP_DEFINES="linux_use_gold_flags=0" && \
./configure --prefix=/usr ${CONFIG_FLAGS} && \
NPROC=$(grep -c ^processor /proc/cpuinfo 2>/dev/null || 1) && \
make -j${NPROC} -C out mksnapshot BUILDTYPE=Release && \
paxctl -cm out/Release/mksnapshot && \
make -j${NPROC} && \
make install && \
paxctl -cm /usr/bin/node && \
cd / && \
if [ -x /usr/bin/npm ]; then \
npm install -g npm@${NPM_VERSION} && \
find /usr/lib/node_modules/npm -name test -o -name .bin -type d | xargs rm -rf; \
fi && \
apk del curl make gcc g++ linux-headers paxctl gnupg ${DEL_PKGS} && \
rm -rf /etc/ssl /node-${VERSION}.tar.gz /SHASUMS256.txt.asc /node-${VERSION} ${RM_DIRS} \
/usr/share/man /tmp/* /var/cache/apk/* /root/.npm /root/.node-gyp /root/.gnupg \
/usr/lib/node_modules/npm/man /usr/lib/node_modules/npm/doc /usr/lib/node_modules/npm/html
#Juansan API.
WORKDIR ${EAAPI_DIR}
RUN mkdir -p ${EAAPI_DIR}
#Install Supervisor
RUN wget ${EAAPI_URL} && \
unzip *.zip && \
rm *.zip && \
mv ealert-api-rulz-master ealert-api-rulz
# Install app dependencies
WORKDIR ${EAAPI_DIR}/ealert-api-rulz
RUN npm install
# Copy default config, should be override by local config eaapi.config.json
#RUN cp .ealertapirc eaapi.config.json
#Run API
RUN npm install -g supervisor
#I move it to start-elastalert.sh# RUN supervisor index.js &
#add bash, Im missing it.
RUN apk add --update bash && rm -rf /var/cache/apk/*
EXPOSE 3000
# Launch Elastalert when a container is started.
CMD ["/opt/start-elastalert.sh"]