There are a number of ways to install cAdvisor; the easiest way to get started is to download and run the container image that contains a copy of a precompiled cAdvisor binary.
Before running cAdvisor, let's launch a fresh vagrant host:
[russ@mac ~]$ cd ~/Documents/Projects/monitoring-docker/vagrant-centos/ [russ@mac ~]$ vagrant up Bringing machine 'default' up with 'virtualbox' provider... ==>default: Importing base box 'russmckendrick/centos71'... ==>default: Matching MAC address for NAT networking... ==>default: Checking if box 'russmckendrick/centos71' is up to date... ..... ==>default: => Installing docker-engine ... ==>default: => Configuring vagrant user ... ==>default: => Starting docker-engine ... ==>default: => Installing docker-compose ... ==>default: => Finished installation of Docker [russ@mac ~]$ vagrantssh
Once you have access to the host machine, run the following command:
docker run --detach=true --volume=/:/rootfs:ro --volume=/var/run:/var/run:rw --volume=/sys:/sys:ro --volume=/var/lib/docker/:/var/lib/docker:ro --publish=8080:8080 --privileged=true --name=cadvisor google/cadvisor:latest
You should now have a cAdvisor container up and running on your host machine. Before we start, let's look at cAdvisor in more detail by discussing why we have passed all the options to the container.
The cAdvisor binary is designed to run on the host machine alongside the Docker binary, so by launching cAdvisor in a container, we are actually isolating the binary in its down environment. To give cAdvisor access to the resources it requires on the host machine, we have to mount several partitions and also give the container privileged access to let the cAdvisor binary think it is being executed on the host machine.
When a container is launched with --privileged
, Docker will enable full access to devices on the host machine; also, Docker will configure both AppArmor or SELinux to allow your container the same access to the host machine as a process running outside the container will have. For information on the --privileged
flag, see this post on the Docker blog at http://blog.docker.com/2013/09/docker-can-now-run-within-docker/.