zecfoundation
/
zebra
mirror of https://github.com/ZcashFoundation/zebra.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Bind grafana to localhost in metrics instructions 

Binding grafana to localhost makes it inaccessible from the wider internet,
which is a secure default.

Since we run docker with host networking, docker containers have access to D-Bus and other
security-related services on localhost. So it's risky to also expose them to the wider internet.
This commit is contained in:
teor 2020-10-23 14:22:47 +10:00 committed by Deirdre Connolly
parent ff51c2e0c0
commit b492cabeee
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
book/src/user/metrics.md
View File

@ -11,10 +11,10 @@ sudo docker volume create grafana-storage
sudo docker volume create prometheus-storage sudo docker volume create prometheus-storage
# run prometheus with the included config # run prometheus with the included config
sudo docker run --network host -v prometheus-storage:/prometheus -v /path/to/zebra/prometheus.yaml:/etc/prometheus/prometheus.yml prom/prometheus sudo docker -d run --network host -v prometheus-storage:/prometheus -v /path/to/zebra/prometheus.yaml:/etc/prometheus/prometheus.yml prom/prometheus
# run grafana # run grafana
sudo docker run -d --network host -e GF_SERVER_HTTP_PORT=3030 -v grafana-storage:/var/lib/grafana grafana/grafana sudo docker -d run --network host -e GF_SERVER_HTTP_PORT=3030 -e GF_SERVER_HTTP_ADDR=localhost -v grafana-storage:/var/lib/grafana grafana/grafana
``` ```
Now the grafana dashboard is available at [http://localhost:3030](http://localhost:3030) ; the default username and password is `admin`/`admin`. Now the grafana dashboard is available at [http://localhost:3030](http://localhost:3030) ; the default username and password is `admin`/`admin`.