Installation as a Docker-Container

Checkmk Manual
Last updated: February 12 2019

Search in the manual

1. The basics

From version 1.5.0p5 you can also operate Checkmk in a docker environment. To make it as easy as possible, we provide every Checkmk-Edition as an own image. These images are based on the distribution Debian 9 (Stretch). You can download them as follows:

There are numerous reasons why many users would want to operate software in a docking container. Also monitoring software such as Checkmk from version 1.5.0p5 can officially be used in a docker environment. One application case may be to monitor a dynamically created container group and to make Checkmk a part of this group. Should the container group no longer be needed the instance of Checkmk can also be removed.

Important: On the one hand, every virtualization will entail a reduction in performance. On the other hand, the monitoring should always be independent of the remaining physical infrastructure – which is why the Checkmk container is not suitable for monitoring the infrastructure as a whole.

In order to make the setting-up as easy as possible for you, we supply each Checkmk-Edition inclusive of its own specific image. In addition to Checkmk as the Linux operating system, Debian 9 (Stretch) is also included. These you get as follows:

 Checkmk Raw Edition Dockerhub
 Checkmk Enterprise Edition Checkmk download page
 Checkmk Managed Services Edition Checkmk download page

We will guide you in this article through the installation of Checkmk in Docker and show some details and tricks that will make life with Checkmk in Docker easier.

2. Installation of the RAW edition

Getting started with Docker for the first time is pretty easy. You can get proper image directly through Dockerhub. This is done with just a one liner on the command line. With this command you do not only download and start a docker container with Checkmk but also create an instance with the name cmk. This instance is directly started and available for log in with the user name cmkadmin:

root@linux# docker container run -dit -p 8080:5000 -v/omd/sites --name monitoring -v/etc/localtime:/etc/localtime --restart always checkmk/check-mk-raw:1.5.0-latest
Unable to find image 'checkmk/check-mk-raw:1.5.0p5' locally
1.5.0p5:Pulling from checkmk/check-mk-raw
802b00ed6f79:Pull complete
79057211cef4:Pull complete
81c661525dd4:Pull complete
4d4fdd41d09a:Pull complete
d229ac9815b1:Pull complete
d29a86db4594:Pull complete
Digest:sha256:afcf4a9f843809598ccb9ddd11a6c415ef465e31969141304e9be57c3e53b438
Status: Downloaded newer image for checkmk/check-mk-raw:1.5.0p5
c395cfe2d50dd7d342ba7c6d672caf80028058c41d2cba2b5c26145f5256f497

Some more information to the used options:

Option Function
-p 8080:5000 By default the container's web server listens on port 5000. In this example port 8080 of the dockernode will be bound to the port of the container so that it is accessible from outside. If you do not have another container or process using the standard HTTP port 80, you can also tie the container to it. In such a case the option will look like this: -p 80:5000. The use of HTTPS will be explained in more detail later below.
--tmpfs /opt/omd/sites/cmk/tmp:uid=1000,gid=1000 Beginning with 1.6.0 you can use for optimal performance a temporary file system directly in the RAM of the Dockernode. The path of this file system is specified with this option. If you change the ID of the instance this path must be adjusted accordingly.
-v /omd/sites This option binds the data from the instance in this container to a persistent location in the dockernode's file system. The data is not lost if the container is destroyed. If you do not use this option all configuration and monitoring data are bound to the container and will also be deleted when the container is deleted.
--name monitoring This defines the name of the container. This name must be unique and may not be used again on the dockernode.
-v /etc/localtime:/etc/localtime This option allows you to use the same time zone in the container as that used in the dockernode.
--restart always A container does not normally restart when it is stopped. With this option you can ensure that it always starts again.

After all needed files have been loaded and the container has been started, you should access the GUI in Checkmk via http://localhost:8080/cmk/check_mk/:

You can now log in for the first time and try Checkmk. You will find the initial password for the cmkadmin account in the logs that are written for this container (the output is abreviated to the essential information here):

root@linux# docker container logs monitoring
Created new site cmk with version 1.5.0p5.cre.

  The site can be started with omd start cmk.
  The default web UI is available at http://c395cfe2d50d/cmk/

  The admin user for the web applications is cmkadmin with password: erYJR0IT
  (It can be changed with 'htpasswd -m ~/etc/htpasswd cmkadmin' as site user.)

3. Installation of the Enterprise-Edition

You can run Checkmk as a docker container also with  Checkmk Enterprise Edition and  Checkmk Managed Services Edition. These versions are not available through Dockerhub since they require a valid subscription. Even if you want to run Checkmk in a docker container, you do not need to give up the  Checkmk Enterprise Edition. You can currently download the desired version from our download page and load its image in Docker:

root@linux# docker load -i check-mk-enterprise-docker-1.5.0p5.tar.gz
8b15606a9e3e: Loading layer [=====================================>]  58.44MB/58.44MB
a710e8ce658e: Loading layer [=====================================>]  2.048kB/2.048kB
87e4835e12d0: Loading layer [=====================================>]  263.5MB/263.5MB
6b003c5cba06: Loading layer [=====================================>]  138.9MB/138.9MB
2789307956c0: Loading layer [=====================================>]  524.4MB/524.4MB
85e714d514e1: Loading layer [=====================================>]  4.608kB/4.608kB
Loaded image: checkmk/check-mk-enterprise:1.5.0p5

After the download you can start the container with a very similar command as described above. Just take care to specify the  Checkmk Enterprise Edition or  Checkmk Managed Services Edition Image in this case (e.g. checkmk/check-mk-enterprise:1.5.0p5):

root@linux# docker container run -dit -p 8080:5000 -v /omd/sites --name monitoring -v /etc/localtime:/etc/localtime --restart always checkmk/check-mk-enterprise:1.5.0p5
5bcf761ab056dd0466874bc110c9356f6763d3f275b565277bafac9233bc2a9a

You will find the password can also in the Logs.