Add effective and permitted capability to blackbox exporter

The ICMP probe in the Prometheus blackbox exporter requires
elevated privileges to function. Linux root user or CAP_NET_RAW
capability is required. Can be set by executing setcap
cap_net_raw+ep blackbox_exporter. This change also bumps the version
of the blackbox exporter to the next minor version to allow for this
support.

'+ep' means we're adding the capability as effective and permitted.

See: https://github.com/prometheus/blackbox_exporter

Change-Id: I1c3b817712ae10edd45de01382b044af2fb728bd
Closes-Bug: #1840631
Co-authored-by: Jack Heskett <Jack.Heskett@gresearch.co.uk>
(cherry picked from commit b5a4478b0f)
This commit is contained in:
Scott Solkhon 2019-08-16 16:10:33 +00:00 committed by Mark Goddard
parent 77028db907
commit 8e712fadd3
1 changed files with 16 additions and 1 deletions

View File

@ -3,15 +3,30 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
{% block prometheus_blackbox_exporter_header %}{% endblock %}
{% import "macros.j2" as macros with context %}
{% block prometheus_blackbox_exporter_repository_version %}
ENV blackbox_exporter_version=0.13.0
ENV blackbox_exporter_version=0.14.0
{% endblock %}
{% if base_package_type == 'rpm' %}
{% set blackbox_packages = [
'libcap'
] %}
{% elif base_package_type == 'deb' %}
{% set blackbox_packages = [
'libcap2-bin'
] %}
{% endif %}
{{ macros.install_packages(blackbox_packages | customizable("packages")) }}
{% block prometheus_blackbox_exporter_install %}
RUN curl -sSL -o /tmp/blackbox_exporter.tar.gz https://github.com/prometheus/blackbox_exporter/releases/download/v${blackbox_exporter_version}/blackbox_exporter-${blackbox_exporter_version}.linux-{{debian_arch}}.tar.gz \
&& tar xvf /tmp/blackbox_exporter.tar.gz -C /opt/ \
&& rm -f /tmp/blackbox_exporter.tar.gz \
&& ln -s /opt/blackbox_exporter* /opt/blackbox_exporter
RUN setcap cap_net_raw+ep /opt/blackbox_exporter/blackbox_exporter
{% endblock %}
{% block prometheus_blackbox_exporter_footer %}{% endblock %}