timedatectl list-timezones | grep Kiev
Europe/Kievsudo timedatectl set-timezone Europe/Kievtimedatectl statusLocal time: Wed 2017-11-29 13:41:12 EET
Universal time: Wed 2017-11-29 11:41:12 UTC
RTC time: Wed 2017-11-29 11:41:12
Time zone: Europe/Kiev (EET, +0200)
Network time on: no
NTP synchronized: yes
RTC in local TZ: no
just put in /etc/coreos/update.conf
line
REBOOT_STRATEGY=offFor coreos that's enough to use something like this
docker run -d \
-v /home/core/certificates:/etc/nginx/certs:rw \
--volumes-from nginx-proxy \
-v /var/run/docker.sock:/var/run/docker.sock:ro \
jrcs/letsencrypt-nginx-proxy-companion
docker run -d -p 80:80 -p 443:443 \
--name nginx-proxy \
-v /home/core/certificates:/etc/nginx/certs:ro \
-v /etc/nginx/vhost.d \
-v /usr/share/nginx/html \
-v /var/run/docker.sock:/tmp/docker.sock:ro \
-v /home/core/conf.d/external.conf:/etc/nginx/conf.d/external.conf \
--restart always \
jwilder/nginx-proxyand then not to forget to specify
LETSENCRYPT_HOST=mydomain.com
LETSENCRYPT_EMAIL=my@email.comin your docker-compose section.
More is here https://hub.docker.com/r/mickaelperrin/docker-letsencrypt-nginx-proxy-companion/
Shut down and reboot the system:
$ systemctl rebootShut down and power-off the system:
$ systemctl poweroffEasy peasy:
edit /etc/coreos/update.conf file and change from GROUP=stable to GROUP=beta
after that do
sudo systemctl restart update-engineand watch logs
journalctl -f -u update-engineIn order to make backup more secure I dont want to share my private key, instead I'll create separate key for backup and supply to coreos and backup scripts.
Supplying to CoreOS is something different then other OSes.
echo 'ssh-rsa AAAAB3 ....' | update-ssh-keys -a coredoes it's job and key should survive after reboots.
Find your timezone via this shell command
timedatectl list-timezonesAnd then set it up like this
sudo timedatectl set-timezone Europe/KievHere is simple systemd unit for coreos docker monitoring in zabbix.
Put this in /etc/systemd/system/zabbix-agent.service
[Unit]
Description=Zabbix agent
After=docker.service
Requires=docker.service
[Service]
ExecStartPre=-/usr/bin/docker kill zabbix-agent-xxl
ExecStartPre=-/usr/bin/docker rm zabbix-agent-xxl
ExecStart=/usr/bin/docker run --name=zabbix-agent-xxl -p 10050:10050 -v /:/rootfs -v /var/run:/var/run -e "ZA_Server=yourzabbix.server.com" monitoringartist/zabbix-agent-xxl-limited:latest
ExecStop=/usr/bin/docker stop zabbix-agent-xxlAnd launch with
systemctl enable zabbix-agentsystemctl start zabbix-agentInspect running container with
docker ps, it should be running.
Please note, that every time zabbix container could not be started, it should be recreated.
CoreOS does not have crontab and should not. It uses new concept of Timers for Services.
For instance I have to reindex Sphinx database in container every 15 minutes, how should I do this?
Proper way is to do like this:
[Unit]
Description=Reindexes sphinx container
[Service]
Type=oneshot
ExecStart=/usr/bin/docker exec itservice_search_1 /index.shcat Output the contents of a submitted unit
[Unit]
Description=Run reindex.service every 10 minutes
[Timer]
OnCalendar=*:0/15Next, we should enable this service and timer like this:
sudo systemctl enable reindex.service
sudo systemctl enable reindex.timer
sudo systemctl start reindex.timerYou can control your timers like:
systemctl list-timers
and watch service logs
journalctl -f -u reindex.service
При помощи этого контейнера:
https://github.com/bhuisgen/docker-zabbix-coreos
Код для запуска контейнера
docker run -d -p 10050:10050 -u 0 -c 1024 -m 64M --memory-swap=-1 \
-v /proc:/coreos/proc:ro -v /sys:/coreos/sys:ro -v /dev:/coreos/dev:ro \
-v /var/run/docker.sock:/coreos/var/run/docker.sock \
--name zabbix-coreos bhuisgen/docker-zabbix-coreos my-zabbix-server.com my-cluster-codeГде my-zabbix-server.com это ваш zabbix-server
а my-cluster-code ваш код meta для автообнаружения.
После настройки автообнаружения у вас появится хост в нужном месте.