We use cookies to ensure that we give you the best experience on our website.  Visit our Privacy Policy to learn more. If you continue to use this site, we will assume that you are okay with it.

Your choices regarding cookies on this site.
Your preferences have been updated.
In order for the changes to take effect completely please clear your browser cookies and cache. Then reload the page.

Checkmk Conference #6 is coming! Learn more about it here!

Installation as a Docker-Container

Checkmk Manual
Last updated: February 12 2019

Search in the manual

1. The basics

There are numerous reasons why many users would want to operate software in a docker container. Also monitoring software such as Checkmk from version 1.5.0p5 can officially be used in a docker environment. One application case may be to monitor a dynamically-created container group and to make Checkmk a part of this group. Should the container group no longer be needed the instance of Checkmk can also be removed.

Important: On the one hand, every virtualization will entail a reduction in performance. On the other hand, the monitoring should always be independent of the remaining physical infrastructure – which is why the Checkmk container is not suitable for monitoring the infrastructure as a whole.

In order to make the setting-up as easy as possible for you, we supply each Checkmk-Edition inclusive of its own specific image. In addition to Checkmk as the Linux operating system, Debian 9 (Stretch) is also included. These you receive as follows:

 Checkmk Raw Edition Docker Hub
 Checkmk Enterprise Editions Checkmk download page

We will guide you in this article through the installation of Checkmk in Docker, and show a few tricks that will make life with Checkmk in Docker easier.

Further detailed information to running Checkmk in a Docker container can be found in the article Checkmk server in a Docker container.

2. Installation of the Raw Edition

Getting started with Docker in the  Checkmk Raw Edition is easy. You can get a proper image directly from the Docker Hub. This is done with just a single command on the command line. With this command will not only a Docker container with Checkmk be created, but also a monitoring instance named cmk is set up and started. This instance will be immediately available for log in as the cmkadmin user:

root@linux# docker container run -dit -p 8080:5000 --ulimit nofile=1024 --tmpfs /opt/omd/sites/cmk/tmp:uid=1000,gid=1000 -v monitoring:/omd/sites --name monitoring -v /etc/localtime:/etc/localtime:ro --restart always checkmk/check-mk-raw:1.6.0-latest
Unable to find image 'checkmk/check-mk-raw:1.6.0-latest' locally
1.6.0-latest: Pulling from checkmk/check-mk-raw
8f91359f1fff: Pull complete
3d794619eec5: Pull complete
1468b0cb296b: Pull complete
787a36ef0a12: Pull complete
159fac9366a1: Pull complete
fefc9fe50b26: Pull complete
Digest: sha256:153b6a6b4002cc0e02c17e127f582fa54a539803960d36d265802426c0066aa8
Status: Downloaded newer image for checkmk/check-mk-raw:1.6.0-latest
511cd26bdc2847ee5b430a1c0c52ff4489b3556775d07878b0533df077b67a83

Some more information on the available options:

Option Description
-p 8080:5000 By default the container's web server listens on port 5000. In this example port 8080 of the dockernode will be bound to the port of the container so that it is accessible from outside. If you do not have another container or process using the standard HTTP port 80, you can also tie the container to it. In such a case the option will look like this: -p 80:5000. The use of HTTPS will be explained in more detail below.
--ulimit nofile=1024 By manually setting the user limit (ulimit) for nofile, you are able to reduce the amount of file descriptors a process is able to open. That is especially useful in this case as Checkmk still uses Python 2 which uses a very high default. This can significantly slow the process down.
--tmpfs /opt/omd/sites/cmk/tmp:uid=1000,gid=1000 From version 1.6.0 for optimal performance you can use a temporary file system directly in the RAM of the Dockernode. The path of this file system is specified with this option. If you change the instance ID this path must be adjusted accordingly.
-v monitoring:/omd/sites This option binds the data from the instance in this container to a persistent location in the dockernode’s file system. The data is not lost if the container is deleted. The code before the colon determines the name – in this way you can clearly identify the storage location later, for example, with the docker volume ls command.
--name monitoring This defines the name of the container. This name must be unique and may not be used again on the dockernode.
-v /etc/localtime:/etc/localtime:ro This option allows you to use the same time zone in the container as that used in the dockernode – at the same time the file is integrated as read only (ro).
--restart always A container does not normally restart when it is stopped. With this option you can ensure that it always starts again automatically.

After all needed files have been loaded and the container has been started, you should access the GUI in Checkmk via http://localhost:8080/cmk/check_mk/:

You can now log in for the first time and try Checkmk. You will find the initial password for the cmkadmin account in the logs that are written for this container (the output is abreviated to the essential information in this example):

root@linux# docker container logs monitoring
Created new site cmk with version 1.5.0p5.cre.

  The site can be started with omd start cmk.
  The default web UI is available at http://c395cfe2d50d/cmk/

  The admin user for the web applications is cmkadmin with password: erYJR0IT
  (It can be changed with 'htpasswd -m ~/etc/htpasswd cmkadmin' as site user.)

Short-lived containers

If you are sure that the data in the Checkmk container instance should only be available in this special container, you can either refrain from assigning a persistent data store to the container, or you can automatically remove this storage when the container is stopped. To go without persistent storage, simply omit the -v /omd/sites option. To create a persistent memory and remove it automatically when the container stops, use the following command:

root@linux# docker container run --rm -dit -p 8080:5000 --tmpfs /opt/omd/sites/cmk/tmp:uid=1000,gid=1000 --ulimit nofile=1024 -v /omd/sites --name monitoring -v /etc/localtime:/etc/localtime:ro checkmk/check-mk-raw:1.6.0-latest
3d7f04bc7d0a1ded5fb5ab49e3c72894615a2058c5df2d7af11e20f4662b5c09

This command – unlike the one above – has only two other options:

  • Use the --rm option at the start to pass the command that the data storage for the container should also be removed when the container stops. This saves you having to tidy-up manually if you have many short-lived Checkmk containers. Note: When stopping, the container itself is completely removed!
  • The -v /omd/sites option is altered compared to the above. It no longer contains a self-assigned name, otherwise the data storage will not be deleted correctly.

3. Installation of the Enterprise Editions

You can also run the Enterprise Editions in a docker container. These are not freely-available through Docker Hub. You can currently download the desired version from our download page and load its image in Docker:

root@linux# docker load -i check-mk-enterprise-docker-1.5.0p5.tar.gz
8b15606a9e3e: Loading layer [=====================================>]  58.44MB/58.44MB
a710e8ce658e: Loading layer [=====================================>]  2.048kB/2.048kB
87e4835e12d0: Loading layer [=====================================>]  263.5MB/263.5MB
6b003c5cba06: Loading layer [=====================================>]  138.9MB/138.9MB
2789307956c0: Loading layer [=====================================>]  524.4MB/524.4MB
85e714d514e1: Loading layer [=====================================>]  4.608kB/4.608kB
Loaded image: checkmk/check-mk-enterprise:1.5.0p5

After the download you can start the container with a very similar command as described above. Just take care to specify the Standard Edition or Managed Services Edition image in this case (e.g. checkmk/check-mk-enterprise:1.5.0p5):

root@linux# docker container run -dit -p 8080:5000 -v /omd/sites --name monitoring -v /etc/localtime:/etc/localtime --restart always checkmk/check-mk-enterprise:1.5.0p5
5bcf761ab056dd0466874bc110c9356f6763d3f275b565277bafac9233bc2a9a

You can also find the password here in the logs.