Add effective and permitted capability to blackbox exporter
The ICMP probe in the Prometheus blackbox exporter requires
elevated privileges to function. Linux root user or CAP_NET_RAW
capability is required. Can be set by executing setcap
cap_net_raw+ep blackbox_exporter. This change also bumps the version
of the blackbox exporter to the next minor version to allow for this
support.
'+ep' means we're adding the capability as effective and permitted.
See: https://github.com/prometheus/blackbox_exporter
Change-Id: I1c3b817712ae10edd45de01382b044af2fb728bd
Closes-Bug: #1840631
Co-authored-by: Jack Heskett <Jack.Heskett@gresearch.co.uk>
(cherry picked from commit b5a4478b0f
)
This commit is contained in:
parent
77028db907
commit
8e712fadd3
|
@ -3,15 +3,30 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
|
|||
|
||||
{% block prometheus_blackbox_exporter_header %}{% endblock %}
|
||||
|
||||
{% import "macros.j2" as macros with context %}
|
||||
|
||||
{% block prometheus_blackbox_exporter_repository_version %}
|
||||
ENV blackbox_exporter_version=0.13.0
|
||||
ENV blackbox_exporter_version=0.14.0
|
||||
{% endblock %}
|
||||
|
||||
{% if base_package_type == 'rpm' %}
|
||||
{% set blackbox_packages = [
|
||||
'libcap'
|
||||
] %}
|
||||
{% elif base_package_type == 'deb' %}
|
||||
{% set blackbox_packages = [
|
||||
'libcap2-bin'
|
||||
] %}
|
||||
{% endif %}
|
||||
|
||||
{{ macros.install_packages(blackbox_packages | customizable("packages")) }}
|
||||
|
||||
{% block prometheus_blackbox_exporter_install %}
|
||||
RUN curl -sSL -o /tmp/blackbox_exporter.tar.gz https://github.com/prometheus/blackbox_exporter/releases/download/v${blackbox_exporter_version}/blackbox_exporter-${blackbox_exporter_version}.linux-{{debian_arch}}.tar.gz \
|
||||
&& tar xvf /tmp/blackbox_exporter.tar.gz -C /opt/ \
|
||||
&& rm -f /tmp/blackbox_exporter.tar.gz \
|
||||
&& ln -s /opt/blackbox_exporter* /opt/blackbox_exporter
|
||||
RUN setcap cap_net_raw+ep /opt/blackbox_exporter/blackbox_exporter
|
||||
{% endblock %}
|
||||
|
||||
{% block prometheus_blackbox_exporter_footer %}{% endblock %}
|
||||
|
|
Loading…
Reference in New Issue