├── .env ├── LICENSE ├── README.md ├── docker-compose.yml ├── html └── index.html ├── nginx ├── Dockerfile └── conf │ └── nginx.conf └── prometheus └── prometheus.yml /.env: -------------------------------------------------------------------------------- 1 | GF_SECURITY_ADMIN_USER=user 2 | GF_SECURITY_ADMIN_PASSWORD=password 3 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2021 rvva 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Nginx, Prometheus and Grafana with docker-compose! 2 | 3 | It's a simple example, template of usage stack Nginx, Prometheus (Node Exporter, Nginx Exporter, Cadvisor) and Grafana. 4 | 5 | ### I. What will you get here? 6 | 1. Nginx with https - selfsigned certificate. 7 | 2. Prometheus for storing metrics. 8 | 3. Prometheus-node-exporter for monitoring your operating system. 9 | 4. Prometheus-nginx-exporter for monitoring your nginx. 10 | 5. Cadvisor for monitoring your containers. 11 | 6. Grafana to visualize data. 12 | 13 | ### II. How to run it? 14 | 1. Clone repository to your working directory: 15 |
https://github.com/rvva/nginx-prometheus-grafana/
16 | 2. Create Prometheus and Grafana data directory: 17 |
mkdir -p nginx-prometheus-grafana/{prometheus,grafana}/data
18 | mkdir nginx-prometheus-grafana/nginx/log
19 | 3. Configure .env file 20 | 21 | Modify GF_SECURITY_ADMIN parameters to set your personal Grafana credentials. 22 | 23 | 4. Run it! 24 |
25 | docker-compose up -d
26 | 
27 | 28 | ### III. Post installation steps 29 | 1. Login into Grafana localhost:3000 and add Data Source -> Prometheus. 30 | 2. As url address use `http://prometheus:9090` 31 | 3. Add dashboards. I recommend you: 32 | * for nginx: https://grafana.com/grafana/dashboards/12708 33 | * for cadvisor: https://grafana.com/grafana/dashboards/13946 34 | * for node: https://grafana.com/grafana/dashboards/1860 35 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.7' 2 | services: 3 | nginx: 4 | build: 5 | context: ./nginx 6 | target: dev 7 | container_name: nginx-www 8 | restart: always 9 | volumes: 10 | - ./html:/usr/share/nginx/html:rw 11 | - ./nginx/conf:/etc/nginx/conf.d 12 | - ./nginx/log:/var/log/nginx 13 | networks: 14 | - localhost 15 | ports: 16 | - 80:80 17 | - 443:443 18 | 19 | # source https://prometheus.io/docs/prometheus/latest/installation/ 20 | prometheus: 21 | image: prom/prometheus:v2.45.2 22 | user: root 23 | volumes: 24 | - ./prometheus/prometheus.yml:/etc/prometheus/prometheus.yml 25 | - ./prometheus/data:/prometheus 26 | container_name: prometheus 27 | restart: always 28 | networks: 29 | - localhost 30 | ports: 31 | - 9090:9090 32 | 33 | # source https://github.com/nginxinc/nginx-prometheus-exporter 34 | nginx-prometheus-exporter: 35 | image: nginx/nginx-prometheus-exporter:1.0 36 | container_name: prometheus-nginx-exporter 37 | restart: always 38 | env_file: 39 | .env 40 | command: 41 | - -nginx.scrape-uri=https://nginx/stub_status 42 | expose: 43 | - 9113 44 | networks: 45 | - localhost 46 | depends_on: 47 | - prometheus 48 | 49 | # source https://github.com/prometheus/node_exporter 50 | # https://github.com/vegasbrianc/prometheus/ 51 | prometheus-node-exporter: 52 | image: prom/node-exporter:v1.7.0 53 | container_name: prometheus-node-exporter 54 | restart: always 55 | volumes: 56 | - /proc:/host/proc:ro 57 | - /sys:/host/sys:ro 58 | - /:/rootfs:ro 59 | command: 60 | - '--path.procfs=/host/proc' 61 | - '--path.sysfs=/host/sys' 62 | - --collector.filesystem.ignored-mount-points 63 | - "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)" 64 | networks: 65 | - localhost 66 | privileged: true 67 | depends_on: 68 | - prometheus 69 | expose: 70 | - 9100 71 | 72 | # source https://grafana.com/docs/grafana/latest/installation/docker/ 73 | grafana: 74 | image: grafana/grafana:10.0.10 75 | container_name: grafana 76 | restart: always 77 | depends_on: 78 | - prometheus 79 | volumes: 80 | - ./grafana/data:/var/lib/grafana 81 | env_file: 82 | - .env 83 | networks: 84 | - localhost 85 | ports: 86 | - 3000:3000 87 | user: root 88 | 89 | # source: https://github.com/google/cadvisor 90 | cadvisor: 91 | image: gcr.io/cadvisor/cadvisor:v0.47.2 92 | container_name: cadvisor 93 | restart: always 94 | depends_on: 95 | - prometheus 96 | volumes: 97 | - /:/rootfs:ro 98 | - /var/run:/var/run:ro 99 | - /sys:/sys:ro 100 | - /var/lib/docker/:/var/lib/docker:ro 101 | - /dev/disk/:/dev/disk:ro 102 | expose: 103 | - 8080 104 | networks: 105 | - localhost 106 | 107 | networks: 108 | localhost: 109 | name: localhost 110 | external: false 111 | -------------------------------------------------------------------------------- /html/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | Nginx | Grafana | Prometheus 4 | 5 | 6 | 7 | 27 | 28 |
29 |
30 | _  _ ____ _ _  _ _  _    |    ____ ____ ____ ____ ____ _  _ ____    |    ___  ____ ____ _  _ ____ ___ _  _ ____ _  _ ____
31 | |\ | | __ | |\ |  \/     |    | __ |__/ |__| |___ |__| |\ | |__|    |    |__] |__/ |  | |\/| |___  |  |__| |___ |  | [__
32 | | \| |__] | | \| _/\_    |    |__] |  \ |  | |    |  | | \| |  |    |    |    |  \ |__| |  | |___  |  |  | |___ |__| ___]
33 |                          |                                          |
34 |         
35 |
36 | 37 | 40 | 41 | 42 | -------------------------------------------------------------------------------- /nginx/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM nginx:1.25.3-alpine3.18 as base 2 | 3 | FROM base as dev 4 | 5 | # generate self segined certificate for testing pruposes 6 | RUN apk update && \ 7 | apk add --no-cache openssl && \ 8 | openssl req -x509 -nodes -days 365 \ 9 | -subj "/C=PL/ST=lubelskie/L=Lublin/O=github-rvva/OU=dev/CN=rvva" \ 10 | -newkey rsa:4096 -keyout /etc/ssl/private/selfsigned.key \ 11 | -out /etc/ssl/certs/selfsigned.crt 12 | -------------------------------------------------------------------------------- /nginx/conf/nginx.conf: -------------------------------------------------------------------------------- 1 | # Generated with mozilla recommendations. 2 | # Please update the ciphers in this file every 6 months. 3 | # https://ssl-config.mozilla.org/ 4 | 5 | server { 6 | listen 80 default_server; 7 | listen [::]:80 default_server; 8 | 9 | location / { 10 | return 301 https://$host$request_uri; 11 | } 12 | } 13 | 14 | server { 15 | listen 443 ssl http2; 16 | listen [::]:443 ssl http2; 17 | 18 | ssl_session_timeout 1d; 19 | ssl_session_cache shared:MozSSL:10m; # about 40000 sessions 20 | ssl_session_tickets off; 21 | 22 | # modern configuration 23 | ssl_protocols TLSv1.3; 24 | ssl_prefer_server_ciphers off; 25 | 26 | # HSTS (ngx_http_headers_module is required) (63072000 seconds) 27 | add_header Strict-Transport-Security "max-age=63072000" always; 28 | 29 | # OCSP stapling 30 | ssl_stapling on; 31 | ssl_stapling_verify on; 32 | 33 | ssl_certificate /etc/ssl/certs/selfsigned.crt; 34 | ssl_certificate_key /etc/ssl/private/selfsigned.key; 35 | 36 | location / { 37 | root /usr/share/nginx/html; 38 | index index.html; 39 | } 40 | 41 | location /stub_status { 42 | stub_status on; 43 | } 44 | } 45 | 46 | -------------------------------------------------------------------------------- /prometheus/prometheus.yml: -------------------------------------------------------------------------------- 1 | # source https://prometheus.io/docs/prometheus/latest/getting_started/ 2 | 3 | global: 4 | scrape_interval: 15s # By default, scrape targets every 15 seconds. 5 | 6 | # Attach these labels to any time series or alerts when communicating with 7 | # external systems (federation, remote storage, Alertmanager). 8 | external_labels: 9 | monitor: 'codelab-monitor' 10 | 11 | # A scrape configuration containing exactly one endpoint to scrape: 12 | # Here it's Prometheus itself. 13 | scrape_configs: 14 | # The job name is added as a label `job=` to any timeseries scraped from this config. 15 | - job_name: 'prometheus' 16 | 17 | # Override the global default and scrape targets from this job every 5 seconds. 18 | scrape_interval: 5s 19 | 20 | static_configs: 21 | # prometheus 22 | - targets: ['localhost:9090'] 23 | # node-exporter 24 | - targets: ['prometheus-node-exporter:9100'] 25 | # cadvisor 26 | - targets: ['cadvisor:8080'] 27 | # prometheus-nginx-exporter 28 | - targets: ['nginx-prometheus-exporter:9113'] 29 | --------------------------------------------------------------------------------