Checkmk
to checkmk.com

1. Checkmk in a Docker container

In our installation guide for Checkmk in Docker we have already shown you how to set up Checkmk in a Docker container. This article takes a closer look at more of the details.

2. Optional parameters during the setup

All of the following parameters are specified additionally when setting up a Checkmk site as a container and are therefore not available separately.

2.1. Using HTTPS

If Checkmk is the only web server on your Docker node, you can also bind the port to the standard (80) HTTP port. As soon as you you have multiple web servers on a Docker node however, you will probably use a reverse-proxy like Nginx - this directs the inquiries to the correct container. With this technology you can also use (possibly preexisting) HTTPS. The reverse proxy will then be addressed via HTTPS, while communicating with the container continues via HTTP.

2.2. Setting an initial password

In Checkmk, when creating a site a random password for the default user cmkadmin is created. When creating a Checkmk container you can also assign a password manually. Simply add the -e CMK_PASSWORD='mypassword' option during the creation process.

2.3. Setting your own site ID

With the default command to create a Checkmk container, the ID of the site created in the container will be cmk. This is important to be able to access the site via HTTP(S) and it must therefore be explicit. If you have multiple containers of Checkmk on the same Docker node, you will have to set the ID manually to ensure this uniqueness. You can do that by including the -e CMK_SITE_ID=mysite option. The full command could look like this:

root@linux# docker container run -e CMK_SITE_ID="mysite" -dit -p 8080:5000 -p 8000:8000 --tmpfs /opt/omd/sites/mysite/tmp:uid=1000,gid=1000 -v monitoring:/omd/sites --name monitoring -v /etc/localtime:/etc/localtime:ro --restart always checkmk/check-mk-raw:2.1.0-latest

Please pay attention to also state the ID of your site in the path of the option --tmpfs (in this example mysite).

2.4. Sending notifications

An important feature of Checkmk is the sending of notifications per email. Checkmk uses Postfix as its MTA (Mail Transfer Agent) for outgoing mails. This postfix instance is configured not to deliver mails directly to the recipient, but basically tries to forward to an additional mail server (SMTP Relay Server, smarthost) which you need to provide outside of the container. Such a relay server is available in almost every organization.

When implementing, specify the relay mail server that will forward the notifications. In the -e option, use the MAIL_RELAY_HOST variable — e.g., -e MAIL_RELAY_HOST='mailrelay.mydomain.com'. If the mail server expects a specific host name, add the following option: --hostname 'mymonitoring.mydomain.com'.

Checkmk containers currently do not support the configuration of access data for a smart host. You can bind a postfix configuration or configuration folder from the Docker node if you need them.

If you use one of the commercial editions, you are able to bypass postfix completely so that Checkmk forwards notifications directly to a smarthost. This is done by the synchronous SMTP, which is described in detail in the article about notifications. Here an authentication over SMTP is also possible.

2.5. Access to Livestatus via TCP

As soon you connect multiple Checkmk containers/sites together in a distributed environment you will need a special TCP port for the Livestatus interface. This interface allows communication between the sites. Bind this port – likewise the port for HTTP – to one of the Docker nodes, and enable this TCP port in the Livestatus site: -e CMK_LIVESTATUS_TCP=on -p 6557:6557.

2.6. Access via the command line

In some cases you will want to execute commands on the command line. Because commands for a site are always executed via a special user, you must specify this when logging in. In Checkmk the user always has the same name as the site it manages. Specify the user cmk with the -u cmk option:

root@linux# docker container exec -it -u cmk monitoring bash

You can then pass your commands to the site.

2.7. Using the Event Console

Checkmk is able to receive SNMP traps and syslog messages. To be able to use this feature in a Checkmk container, the standardized ports must be provided to the Checkmk container with the following options: -p 162:162/udp -p 514:514/udp -p 514:514/tcp. In order that the site itself also respects these ports, next activate the appropriate add-ons in the site with omd config. You can find these in the Addons submenu:

root@linux# docker container exec -it -u cmk monitoring bash
OMD[mysite]:~$ omd config

3. Useful commands

Command Function

docker inspect myContainer

With this command you can get all sorts of information about a running container with the name myContainer. Among other things, here you will also find which data storage devices (volumes) are integrated. This is especially useful if you haven’t given the volume a human-readable name and want to update your container .

On this page