From dddbb23cd746b3c850b0e72198a427607f0f496a Mon Sep 17 00:00:00 2001 From: bouni Date: Mon, 10 Mar 2025 13:07:01 +0100 Subject: [PATCH 1/5] Slim down Dockerfile, use uv --- Dockerfile | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index db44e34..3b03183 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,28 @@ # Dockerfile for netprobe_lite # https://github.com/plaintextpackets/netprobe_lite/ -FROM python:3.11-slim-bookworm +FROM python:3.13-alpine -COPY requirements.txt /netprobe_lite/requirements.txt - -# Install python/pip ENV PYTHONUNBUFFERED=1 -ENV PIP_DISABLE_PIP_VERSION_CHECK=on -RUN apt-get update && apt-get install -y iputils-ping && apt-get install -y traceroute && apt-get clean \ - && pip install -r /netprobe_lite/requirements.txt --break-system-packages +# install ip utils to get a ping with jitter data in the output +RUN apk add iputils + +# Install uv (https://github.com/astral-sh/uv) +COPY --from=ghcr.io/astral-sh/uv:python3.13-alpine /usr/local/bin/uv /usr/local/bin/uvx /bin/ WORKDIR /netprobe_lite -ENTRYPOINT [ "/bin/bash", "./entrypoint.sh" ] +COPY requirements.txt ./requirements.txt + +# create virtualenv and install packages +RUN uv venv +RUN uv pip install -r ./requirements.txt + +# copy python files into the container +COPY entrypoint.sh ./entrypoint.sh +COPY *.py ./ +COPY helpers ./helpers +COPY config/__init__.py ./config/__init__.py +COPY logs ./logs + +ENTRYPOINT [ "/bin/sh", "./entrypoint.sh" ] From 46b1ea1bae7545a30279fdbdf8dc02b9024361d5 Mon Sep 17 00:00:00 2001 From: bouni Date: Mon, 10 Mar 2025 13:07:49 +0100 Subject: [PATCH 2/5] Adjust compose file and entrypoint to work with alpine based container --- compose.yml | 95 ++++++++++++++++++++++++++++----------------------- entrypoint.sh | 12 ++++++- 2 files changed, 64 insertions(+), 43 deletions(-) diff --git a/compose.yml b/compose.yml index f6038de..ae3569f 100644 --- a/compose.yml +++ b/compose.yml @@ -22,9 +22,12 @@ services: restart: always container_name: netprobe-probe image: "plaintextpackets/netprobe:latest" + build: . pull_policy: always volumes: - - .:/netprobe_lite + - ./logs:/netprobe_lite/logs + env_file: + - .env environment: MODULE: "NETPROBE" networks: @@ -37,9 +40,12 @@ services: restart: always container_name: netprobe-speedtest image: "plaintextpackets/netprobe:latest" + build: . pull_policy: always volumes: - - .:/netprobe_lite + - ./logs:/netprobe_lite/logs + env_file: + - .env environment: MODULE: "SPEEDTEST" networks: @@ -52,53 +58,58 @@ services: restart: always container_name: netprobe-presentation image: "plaintextpackets/netprobe:latest" + build: . pull_policy: always volumes: - - .:/netprobe_lite + - ./logs:/netprobe_lite/logs + env_file: + - .env environment: MODULE: "PRESENTATION" - networks: - - netprobe-net - dns: - - 8.8.8.8 - - 8.8.4.4 - - prometheus: - restart: always - container_name: netprobe-prometheus - image: "prom/prometheus" - volumes: - - ./config/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml - - prometheus_data:/prometheus # Persistent local storage for Prometheus data - command: - - '--config.file=/etc/prometheus/prometheus.yml' - - '--storage.tsdb.path=/prometheus' - - '--storage.tsdb.retention.time=30d' # Adjust retention to 30 days - - networks: - - netprobe-net - dns: - - 8.8.8.8 - - 8.8.4.4 - - grafana: - restart: always - image: grafana/grafana-enterprise - container_name: netprobe-grafana - volumes: - - ./config/grafana/datasources/automatic.yml:/etc/grafana/provisioning/datasources/automatic.yml - - ./config/grafana/dashboards/main.yml:/etc/grafana/provisioning/dashboards/main.yml - - ./config/grafana/dashboards/netprobe.json:/var/lib/grafana/dashboards/netprobe.json - - grafana_data:/var/lib/grafana ports: - - '3001:3000' + - 5080:5000 networks: - netprobe-net dns: - 8.8.8.8 - 8.8.4.4 - -volumes: - prometheus_data: - grafana_data: - \ No newline at end of file + +# prometheus: +# restart: always +# container_name: netprobe-prometheus +# image: "prom/prometheus" +# volumes: +# - ./config/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml +# - prometheus_data:/prometheus # Persistent local storage for Prometheus data +# command: +# - '--config.file=/etc/prometheus/prometheus.yml' +# - '--storage.tsdb.path=/prometheus' +# - '--storage.tsdb.retention.time=30d' # Adjust retention to 30 days +# +# networks: +# - netprobe-net +# dns: +# - 8.8.8.8 +# - 8.8.4.4 +# +# grafana: +# restart: always +# image: grafana/grafana-enterprise +# container_name: netprobe-grafana +# volumes: +# - ./config/grafana/datasources/automatic.yml:/etc/grafana/provisioning/datasources/automatic.yml +# - ./config/grafana/dashboards/main.yml:/etc/grafana/provisioning/dashboards/main.yml +# - ./config/grafana/dashboards/netprobe.json:/var/lib/grafana/dashboards/netprobe.json +# - grafana_data:/var/lib/grafana +# ports: +# - '3001:3000' +# networks: +# - netprobe-net +# dns: +# - 8.8.8.8 +# - 8.8.4.4 +# +# volumes: +# prometheus_data: +# grafana_data: +# diff --git a/entrypoint.sh b/entrypoint.sh index 285be9b..9432f96 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1 +1,11 @@ -if [[ "${MODULE}" == "NETPROBE" ]]; then python3 netprobe.py; elif [[ "${MODULE}" == "COLLECTOR" ]]; then python3 collector.py; elif [[ "${MODULE}" == "PRESENTATION" ]]; then python3 presentation.py; elif [[ "${MODULE}" == "SPEEDTEST" ]]; then python3 netprobe_speedtest.py; else /bin/bash; fi \ No newline at end of file +if [[ "${MODULE}" == "NETPROBE" ]]; then + uv run netprobe.py; +elif [[ "${MODULE}" == "COLLECTOR" ]]; then + uv run collector.py; +elif [[ "${MODULE}" == "PRESENTATION" ]]; then + uv run presentation.py; +elif [[ "${MODULE}" == "SPEEDTEST" ]]; then + uv run netprobe_speedtest.py; +else + /bin/sh; +fi From 4dcbd6d624b32491cdbaed1ccb4820591e36f3a4 Mon Sep 17 00:00:00 2001 From: bouni Date: Mon, 10 Mar 2025 13:08:50 +0100 Subject: [PATCH 3/5] Update python packages to eliminate vulnerabilities --- requirements.txt | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/requirements.txt b/requirements.txt index 404a0f0..cc7aea3 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,6 +1,6 @@ -prometheus_client==0.18.0 -requests==2.31.0 -redis==5.0.1 -python-dotenv==1.0.0 -dnspython==2.4.2 -speedtest-cli==2.1.3 \ No newline at end of file +prometheus_client==0.21.1 +requests==2.32.3 +redis==5.2.1 +python-dotenv==1.0.1 +dnspython==2.7.0 +speedtest-cli==2.1.3 From 3562e4789949b389970b9965152c3805534fcb49 Mon Sep 17 00:00:00 2001 From: bouni Date: Mon, 10 Mar 2025 13:09:12 +0100 Subject: [PATCH 4/5] Fix escaping to prevent log message --- helpers/network_helper.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/network_helper.py b/helpers/network_helper.py index 2a38a31..9c38aa4 100644 --- a/helpers/network_helper.py +++ b/helpers/network_helper.py @@ -20,7 +20,7 @@ def __init__(self,sites,count,dns_test_site,nameservers_external): def pingtest(self,count,site): - ping = subprocess.getoutput(f"ping -n -i 0.1 -c {count} {site} | grep 'rtt\|loss'") + ping = subprocess.getoutput(f"ping -n -i 0.1 -c {count} {site} | grep 'rtt\\|loss'") try: loss = ping.split(' ')[5].strip('%') From b5de9d937a9a2170c985c77dd19272bb150d3f3a Mon Sep 17 00:00:00 2001 From: bouni Date: Mon, 10 Mar 2025 13:10:50 +0100 Subject: [PATCH 5/5] uncomment grafana and prometheus after testing --- compose.yml | 78 ++++++++++++++++++++++++++--------------------------- 1 file changed, 39 insertions(+), 39 deletions(-) diff --git a/compose.yml b/compose.yml index ae3569f..17bb7eb 100644 --- a/compose.yml +++ b/compose.yml @@ -74,42 +74,42 @@ services: - 8.8.8.8 - 8.8.4.4 -# prometheus: -# restart: always -# container_name: netprobe-prometheus -# image: "prom/prometheus" -# volumes: -# - ./config/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml -# - prometheus_data:/prometheus # Persistent local storage for Prometheus data -# command: -# - '--config.file=/etc/prometheus/prometheus.yml' -# - '--storage.tsdb.path=/prometheus' -# - '--storage.tsdb.retention.time=30d' # Adjust retention to 30 days -# -# networks: -# - netprobe-net -# dns: -# - 8.8.8.8 -# - 8.8.4.4 -# -# grafana: -# restart: always -# image: grafana/grafana-enterprise -# container_name: netprobe-grafana -# volumes: -# - ./config/grafana/datasources/automatic.yml:/etc/grafana/provisioning/datasources/automatic.yml -# - ./config/grafana/dashboards/main.yml:/etc/grafana/provisioning/dashboards/main.yml -# - ./config/grafana/dashboards/netprobe.json:/var/lib/grafana/dashboards/netprobe.json -# - grafana_data:/var/lib/grafana -# ports: -# - '3001:3000' -# networks: -# - netprobe-net -# dns: -# - 8.8.8.8 -# - 8.8.4.4 -# -# volumes: -# prometheus_data: -# grafana_data: -# + prometheus: + restart: always + container_name: netprobe-prometheus + image: "prom/prometheus" + volumes: + - ./config/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml + - prometheus_data:/prometheus # Persistent local storage for Prometheus data + command: + - '--config.file=/etc/prometheus/prometheus.yml' + - '--storage.tsdb.path=/prometheus' + - '--storage.tsdb.retention.time=30d' # Adjust retention to 30 days + + networks: + - netprobe-net + dns: + - 8.8.8.8 + - 8.8.4.4 + + grafana: + restart: always + image: grafana/grafana-enterprise + container_name: netprobe-grafana + volumes: + - ./config/grafana/datasources/automatic.yml:/etc/grafana/provisioning/datasources/automatic.yml + - ./config/grafana/dashboards/main.yml:/etc/grafana/provisioning/dashboards/main.yml + - ./config/grafana/dashboards/netprobe.json:/var/lib/grafana/dashboards/netprobe.json + - grafana_data:/var/lib/grafana + ports: + - '3001:3000' + networks: + - netprobe-net + dns: + - 8.8.8.8 + - 8.8.4.4 + +volumes: + prometheus_data: + grafana_data: +