Merge branch 'docker-checks' into 'master'

Docker checks

See merge request !241

check_docker_info

@@ -6,6 +6,7 @@
 # requirements:
 # - docker
 # - sudo permissions on docker command
+# - jq
 #
 # ----------------------------------------------------------------------
 # Cli docs:
@@ -15,13 +16,14 @@
 # 2024-01-22  v1.1  <axel.hahn@unibe.ch>      detect DOCKER; use sudo; add debug
 # 2024-01-23  v1.2  <axel.hahn@unibe.ch>      Show a list of docker containers; add path
 # 2024-01-24  v1.3  <axel.hahn@unibe.ch>      remove emoji icons; handle "null" in license info; show rootless or not
+# 2024-01-29  v1.4  <axel.hahn@unibe.ch>      add --target option
 # ======================================================================
 
 
 . $(dirname $0)/inc_pluginfunctions
 . $(dirname $0)/inc_dockerfunctions.sh
 
-self_APPVERSION=1.3
+self_APPVERSION=1.4
 
 # ----------------------------------------------------------------------
 # FUNCTIONS
@@ -50,11 +52,20 @@ USAGE:
   $_self [OPTIONS]
 
 OPTIONS:
+
+  General:
   -h, --help        this help
-  -c, --containers  Flag: Show containers (slow)
-  -e, --errors      Flag: Show containers on error only (slow)
   -d, --debug       Debug; Flag: show all docker system infos
+
+  Connect to docker:
   -p, --path        Custom directory for docker binary
+  -t, --target      Custom docker target; value for DOCKER_HOST
+                    Needed only if Docker does not run on a unix socket or
+                    multiple users run a rootless docker daemon.
+
+  Flags:
+  -c, --containers  Flag: Show containers (slow)
+  -e, --errors      Flag: Show containers on error only (slow)
 
 EXAMPLES:
   $_self
@@ -95,7 +106,8 @@ while [[ "$#" -gt 0 ]]; do case $1 in
                         PATH="$2:$PATH"; 
                       fi
                       shift; shift;;
-    *) echo "ERROR: Unknown parameter: $1"; showHelp; exit 1;
+    -t|--target)      export DOCKER_HOST="$2"; shift; shift;;
+    *) echo "ERROR: Unknown parameter: $1"; _showHelp; exit 1;
 esac; done
 
 
@@ -107,7 +119,7 @@ _detectDockerenv
 # --- get data
 
 data=$( sudo -n --preserve-env docker system info --format '{{ json . }}' )
-_detectDockererror "$data"
+_detectDockererror "$data" 1
 
 typeset -i iCTotal; 
 iCTotal=$(  _getString "$data" ".Containers" )

check_docker_stats

@@ -45,7 +45,7 @@ OPTIONS:
 
   General:
   -h, --help        this help
-  -d, --debug       Debug; Flag: show all docker system infos
+  -d, --debug       Debug; Flag: show docker env values.
 
   Connect to docker:
   -p, --path        Custom directory for docker binary
@@ -77,7 +77,7 @@ EXAMPLES:
     given path first - then in all other dirs of \$PATH
 
   $_self -d
-    Show stats of all containers and json with all docker system infos.
+    Show stats of all containers and json with docker env infos.
 
   $_self -m cpu
     Show cpu usage total of all containers. The container list is sorted
@@ -127,22 +127,7 @@ _detectDockerenv
 # --- get stats data
 
 data=$( sudo -n --preserve-env docker stats --no-stream --format '{{ json . }}' )
-
-if [ -z "$data" ]; then
-  # zero output could mean:
-  # - connect to docker failed
-  # - no data because no container is running
-  # --> let's detect it...
-  infos=$( sudo -n --preserve-env docker system info --format '{{ json . }}' )
-  _detectDockererror "$infos"
-
-  typeset -i iCRunning;
-  iCRunning=$(_getString "$data" ".ContainersRunning" )
-  if [ "$iCRunning" -eq "0" ]; then
-    ph.status "$sLabel >> Do data. No container is running"
-    ph.exit
-  fi
-fi
+_detectDockererror "$data"
 
 
 # --- checks to detect maximum

check_dockercontainer_top

@@ -13,13 +13,14 @@
 # https://docs.docker.com/engine/reference/commandline/docker/
 # ----------------------------------------------------------------------
 # 2024-01-26  v1.0  <axel.hahn@unibe.ch>      init
+# 2024-01-29  v1.1  <axel.hahn@unibe.ch>      fix help;
 # ======================================================================
 
 
 . $(dirname $0)/inc_pluginfunctions
 . $(dirname $0)/inc_dockerfunctions.sh
 
-self_APPVERSION=1.0
+self_APPVERSION=1.1
 
 # ----------------------------------------------------------------------
 # FUNCTIONS
@@ -48,8 +49,12 @@ USAGE:
   $_self [OPTIONS]
 
 OPTIONS:
+
+  General:
   -h, --help        this help
-  -d, --debug       Debug; Flag: show all docker system infos
+  -d, --debug       Debug; Flag: show docker env values.
+
+  Connect to docker:
   -p, --path        Custom directory for docker binary
   -t, --target      Custom docker target; value for DOCKER_HOST
                     Needed only if Docker does not run on a unix socket or
@@ -59,20 +64,12 @@ EXAMPLES:
   $_self
     Show processes of all containers
 
-  $_self -c
-    Show processes of all containers and a list of container names with its
-    status. Warning: this feature uses docker ps --all and can be slow.
-
-  $_self -e
-    Show processes of all containers. If not all containers are running you
-    get a list of container names with its status.
-
   $_self -p /usr/bin
     Show processes of all containers. The docker binary will be searched in
     given path first - then in all other dirs of \$PATH
 
   $_self -d
-    Show processes of all containers and json with all docker system infos.
+    Show processes of all containers and json with docker env infos.
 
 EOH
 }
@@ -91,7 +88,7 @@ while [[ "$#" -gt 0 ]]; do case $1 in
                       fi
                       shift; shift;;
     -t|--target)      export DOCKER_HOST="$2"; shift; shift;;
-    *) echo "ERROR: Unknown parameter: $1"; showHelp; exit 1;
+    *) echo "ERROR: Unknown parameter: $1"; _showHelp; exit 1;
 esac; done
 
 ph.require "docker"
@@ -121,7 +118,7 @@ done
 
 typeset -i iContainers; iContainers=$( echo "$data" | wc -l )
 typeset -i iLines;      iLines=$( echo "$out" | wc -l )
-typeset -i iProcesses;  iProcesses=iLines-iContainers*2
+typeset -i iProcesses;  iProcesses=$(( iLines-iContainers*2 ))
 
 # --- output
 

docs/20_Checks/_index.md

@@ -22,6 +22,7 @@ There is one include script used by all checks:
 * [check_dns_responsetime](check_dns_responsetime.md)
 * [check_docker_info](check_docker_info.md)
 * [check_docker_stats](check_docker_stats.md)
+* [check_dockercontaeiner_top](check_dockercontaeiner_top.md)
 * [check_eol](check_eol.md)
 * [check_fs_errors](check_fs_errors.md)
 * [check_fs_writable](check_fs_writable.md)

docs/20_Checks/check_docker_info.md

@@ -37,7 +37,7 @@ If DOCKER_HOST is not set then the docker socket is detected from a running dock
 ______________________________________________________________________
 
 CHECK_DOCKER_INFO
-v1.3
+v1.4
 
 (c) Institute for Medical Education - University of Bern
 Licence: GNU GPL 3
@@ -49,7 +49,7 @@ Show docker version and count of containers total and by its status.
 
 It returns 
   CRITICAL if a created container is not running.
-  OK if no container was created yet or all conmtainers are running
+  OK if no container was created yet or all conmtainers are running.
   UNKNOWM if
     - docker or jq were not found
     - docker data were not fetched
@@ -61,11 +61,20 @@ USAGE:
   check_docker_info [OPTIONS]
 
 OPTIONS:
+
+  General:
   -h, --help        this help
-  -c, --containers  Flag: Show containers (slow)
-  -e, --errors      Flag: Show containers on error only (slow)
   -d, --debug       Debug; Flag: show all docker system infos
+
+  Connect to docker:
   -p, --path        Custom directory for docker binary
+  -t, --target      Custom docker target; value for DOCKER_HOST
+                    Needed only if Docker does not run on a unix socket or
+                    multiple users run a rootless docker daemon.
+
+  Flags:
+  -c, --containers  Flag: Show containers (slow)
+  -e, --errors      Flag: Show containers on error only (slow)
 
 EXAMPLES:
   check_docker_info

docs/20_Checks/check_docker_stats.md

-# CHECK_DOCKER_INFO
+# CHECK_DOCKER_STATS
 
 ## Introduction
 
-**check_docker_stats** shows the docker status of containers.
+**check_docker_stats** shows the docker resources of containers.
 This check sends performance data.
 
 ## Requirements
@@ -37,7 +37,7 @@ If DOCKER_HOST is not set then the docker socket is detected from a running dock
 ______________________________________________________________________
 
 CHECK_DOCKER_STATS
-v1.0
+v1.1
 
 (c) Institute for Medical Education - University of Bern
 Licence: GNU GPL 3
@@ -56,7 +56,7 @@ OPTIONS:
 
   General:
   -h, --help        this help
-  -d, --debug       Debug; Flag: show all docker system infos
+  -d, --debug       Debug; Flag: show docker env values.
 
   Connect to docker:
   -p, --path        Custom directory for docker binary
@@ -88,7 +88,7 @@ EXAMPLES:
     given path first - then in all other dirs of $PATH
 
   check_docker_stats -d
-    Show stats of all containers and json with all docker system infos.
+    Show stats of all containers and json with docker env infos.
 
   check_docker_stats -m cpu
     Show cpu usage total of all containers. The container list is sorted

docs/20_Checks/check_dockercontainer_top.md

+# CHECK_DOCKERCONTAINER_TOP
+
+## Introduction
+
+**check_dockercontaeiner_top** shows the docker top output for each container.
+
+## Requirements
+
+* `docker` Docker must be installed
+* `jq` must be installed - commandline JSON processor
+* `bc` must be installed - an arbitrary precision calculator language
+* sudo permissions on docker command
+
+```txt
+icingaclient ALL=(ALL) NOPASSWD:SETENV: /usr/bin/docker
+```
+
+## Includes
+
+Additional needed files in the current folder that this check can run:
+
+* inc_dockerfunctions.sh
+* inc_pluginfunctions
+
+## Rootless docker
+
+It works with docker setups as root and can handle rootless docker instances.
+
+To bring it up and running with an unpriviledged icinga user it must be able to access docker. Copy the docker binary eg. from /home/dockeruser/bin/docker to /usr/bin/. Then use the parameter `-p /usr/bin`.
+
+If DOCKER_HOST is not set then the docker socket is detected from a running docker instance and will be fetched from the process list.
+
+## Syntax
+
+```txt
+______________________________________________________________________
+
+CHECK_DOCKERCONTAINER_TOP
+v1.1
+
+(c) Institute for Medical Education - University of Bern
+Licence: GNU GPL 3
+
+https://os-docs.iml.unibe.ch/icinga-checks/Checks/check_dockercontainer_top.html
+______________________________________________________________________
+
+Show counts and processes of docker containers.
+
+It returns 
+  CRITICAL if a created container is not running.
+  OK if no container was created yet or all conmtainers are running.
+  UNKNOWM if
+    - docker or jq were not found
+    - docker data were not fetched
+    - docker cannot be connected
+
+This check provides performance data.
+
+USAGE:
+  check_dockercontainer_top [OPTIONS]
+
+OPTIONS:
+
+  General:
+  -h, --help        this help
+  -d, --debug       Debug; Flag: show docker env values.
+
+  Connect to docker:
+  -p, --path        Custom directory for docker binary
+  -t, --target      Custom docker target; value for DOCKER_HOST
+                    Needed only if Docker does not run on a unix socket or
+                    multiple users run a rootless docker daemon.
+
+EXAMPLES:
+  check_dockercontainer_top
+    Show processes of all containers
+
+  check_dockercontainer_top -p /usr/bin
+    Show processes of all containers. The docker binary will be searched in
+    given path first - then in all other dirs of $PATH
+
+  check_dockercontainer_top -d
+    Show processes of all containers and json with docker env infos.
+
+```
+
+### Parameters
+
+None.
+
+## Examples
+
+### Stats
+
+`$ ./check_dockercontaeiner_top` returns
+
+```txt
+TODO
+```

inc_dockerfunctions.sh

@@ -12,6 +12,7 @@
 # https://docs.docker.com/engine/reference/commandline/docker/
 # ----------------------------------------------------------------------
 # 2024-01-19  v1.0  <axel.hahn@unibe.ch>      init
+# 2024-01-29  v1.1  <axel.hahn@unibe.ch>      _detectDockererror
 # ======================================================================
 
 
@@ -43,9 +44,11 @@ function _getString(){
 function _detectDockerenv(){
     local dockeruid=
     if [ -z "$DOCKER_HOST" ]; then
-        _is_docker_detected=1
         dockeruid=$( ps -ef | grep containerd | grep -Eo "/run/user/([0-9]*)/" | head -1 | cut -f 4 -d '/' )
-        test -n "$dockeruid" && export DOCKER_HOST="unix:///run/user/$dockeruid/docker.sock"
+        if [ -n "$dockeruid" ]; then
+            _is_docker_detected=1
+            export DOCKER_HOST="unix:///run/user/$dockeruid/docker.sock"
+        fi
         # Don't abort - it is allowed that the variable DOCKER_HOST is missing
     fi
     if grep "/run/user/[0-9]*" <<< "$DOCKER_HOST" >/dev/null; then
@@ -65,10 +68,28 @@ function _debugInfos(){
 # detect error after dicker command. It stops if
 # - no content was fetched
 # - content contains key "ServerErrors"
+# param  string  output of docker command (json)
+# param  bool    flag: is output from docker system info
 function _detectDockererror(){
 
     local data="$1"
     if [ -z "$data" ] ; then
+        if [ "$2" != "1" ]; then
+            # zero output could mean:
+            # - connect to docker failed
+            # - no data because no container is running
+            # --> let's detect it...
+            infos=$( sudo -n --preserve-env docker system info --format '{{ json . }}' )
+            _detectDockererror "$infos"
+
+            typeset -i iCRunning;
+            iCRunning=$(_getString "$data" ".ContainersRunning" )
+            if [ "$iCRunning" -eq "0" ]; then
+                ph.status "No data. No container is running"
+                ph.exit
+            fi
+        fi
+
         ph.setStatus unknown
         ph.status "No data. Unable to fetch Docker information."
         ph.exit