Telegraf: add capabilities to telegraf binary #11349
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Diff for bba2bf1:diff --git a/_bashbrew-cat b/_bashbrew-cat
index 02fe9d4..12a7324 100644
--- a/_bashbrew-cat
+++ b/_bashbrew-cat
@@ -1,6 +1,6 @@
Maintainers: David Reimschussel <dreimschussel@influxdata.com> (@reimda), Josh Powers <jpowers@influxdata.com> (@powersj), Mya Longmire <mlongmire@influxdata.com> (@MyaLongmire)
GitRepo: https://github.com/influxdata/influxdata-docker.git
-GitCommit: 725fae95efff8850004099d569d0e2360d95e854
+GitCommit: 015d702be2c9abad81d86603c377d4278bff2b77
Tags: 1.18, 1.18.3
Architectures: amd64, arm32v7, arm64v8
diff --git a/telegraf_1.18.3-alpine/Dockerfile b/telegraf_1.18.3-alpine/Dockerfile
index 0a65443..a9a0000 100644
--- a/telegraf_1.18.3-alpine/Dockerfile
+++ b/telegraf_1.18.3-alpine/Dockerfile
@@ -23,6 +23,7 @@ RUN set -ex && \
mv /usr/src/telegraf*/etc/telegraf/telegraf.conf /etc/telegraf/ && \
mkdir /etc/telegraf/telegraf.d && \
cp -a /usr/src/telegraf*/usr/bin/telegraf /usr/bin/ && \
+ setcap cap_net_raw,cap_net_bind_service+ep /usr/bin/telegraf && \
gpgconf --kill all && \
rm -rf *.tar.gz* /usr/src /root/.gnupg && \
apk del .build-deps && \
diff --git a/telegraf_1.18.3/Dockerfile b/telegraf_1.18.3/Dockerfile
index 7c61685..89fded0 100644
--- a/telegraf_1.18.3/Dockerfile
+++ b/telegraf_1.18.3/Dockerfile
@@ -26,6 +26,7 @@ RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" && \
wget --no-verbose https://dl.influxdata.com/telegraf/releases/telegraf_${TELEGRAF_VERSION}-1_${ARCH}.deb && \
gpg --batch --verify telegraf_${TELEGRAF_VERSION}-1_${ARCH}.deb.asc telegraf_${TELEGRAF_VERSION}-1_${ARCH}.deb && \
dpkg -i telegraf_${TELEGRAF_VERSION}-1_${ARCH}.deb && \
+ setcap cap_net_raw,cap_net_bind_service+ep /usr/bin/telegraf && \
rm -f telegraf_${TELEGRAF_VERSION}-1_${ARCH}.deb*
EXPOSE 8125/udp 8092/udp 8094
diff --git a/telegraf_1.19.3-alpine/Dockerfile b/telegraf_1.19.3-alpine/Dockerfile
index 51522e0..942a361 100644
--- a/telegraf_1.19.3-alpine/Dockerfile
+++ b/telegraf_1.19.3-alpine/Dockerfile
@@ -23,6 +23,7 @@ RUN set -ex && \
mv /usr/src/telegraf*/etc/telegraf/telegraf.conf /etc/telegraf/ && \
mkdir /etc/telegraf/telegraf.d && \
cp -a /usr/src/telegraf*/usr/bin/telegraf /usr/bin/ && \
+ setcap cap_net_raw,cap_net_bind_service+ep /usr/bin/telegraf && \
gpgconf --kill all && \
rm -rf *.tar.gz* /usr/src /root/.gnupg && \
apk del .build-deps && \
diff --git a/telegraf_1.19.3/Dockerfile b/telegraf_1.19.3/Dockerfile
index 13dfb7a..171ba2f 100644
--- a/telegraf_1.19.3/Dockerfile
+++ b/telegraf_1.19.3/Dockerfile
@@ -26,6 +26,7 @@ RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" && \
wget --no-verbose https://dl.influxdata.com/telegraf/releases/telegraf_${TELEGRAF_VERSION}-1_${ARCH}.deb && \
gpg --batch --verify telegraf_${TELEGRAF_VERSION}-1_${ARCH}.deb.asc telegraf_${TELEGRAF_VERSION}-1_${ARCH}.deb && \
dpkg -i telegraf_${TELEGRAF_VERSION}-1_${ARCH}.deb && \
+ setcap cap_net_raw,cap_net_bind_service+ep /usr/bin/telegraf && \
rm -f telegraf_${TELEGRAF_VERSION}-1_${ARCH}.deb*
EXPOSE 8125/udp 8092/udp 8094
diff --git a/telegraf_alpine/Dockerfile b/telegraf_alpine/Dockerfile
index 0c7846d..c9eaa4e 100644
--- a/telegraf_alpine/Dockerfile
+++ b/telegraf_alpine/Dockerfile
@@ -23,6 +23,7 @@ RUN set -ex && \
mv /usr/src/telegraf*/etc/telegraf/telegraf.conf /etc/telegraf/ && \
mkdir /etc/telegraf/telegraf.d && \
cp -a /usr/src/telegraf*/usr/bin/telegraf /usr/bin/ && \
+ setcap cap_net_raw,cap_net_bind_service+ep /usr/bin/telegraf && \
gpgconf --kill all && \
rm -rf *.tar.gz* /usr/src /root/.gnupg && \
apk del .build-deps && \
diff --git a/telegraf_latest/Dockerfile b/telegraf_latest/Dockerfile
index 67bb07c..b5269e8 100644
--- a/telegraf_latest/Dockerfile
+++ b/telegraf_latest/Dockerfile
@@ -26,6 +26,7 @@ RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" && \
wget --no-verbose https://dl.influxdata.com/telegraf/releases/telegraf_${TELEGRAF_VERSION}-1_${ARCH}.deb && \
gpg --batch --verify telegraf_${TELEGRAF_VERSION}-1_${ARCH}.deb.asc telegraf_${TELEGRAF_VERSION}-1_${ARCH}.deb && \
dpkg -i telegraf_${TELEGRAF_VERSION}-1_${ARCH}.deb && \
+ setcap cap_net_raw,cap_net_bind_service+ep /usr/bin/telegraf && \
rm -f telegraf_${TELEGRAF_VERSION}-1_${ARCH}.deb*
EXPOSE 8125/udp 8092/udp 8094Relevant Maintainers:
|
|
It's a bit confusing, but as far as I can tell, Docker still does not fully support extended attributes in image layers (moby/moby#40375, moby/moby#35699, moby/moby#1070). See also the discussion in #2432 where the suggested workaround is to conditionally apply the |
|
Thanks for those links and for catching this. I have put up a follow-up PR in our repo to make the change in the entrypoint script. I will go ahead and close this request for now. Thanks again! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds the CAP_NET_RAW and CAP_NET_BIND_SERVICE capabilities to the telegraf binary during the image build.