Installation Guide
Welcome to the Installation Guide! This page will help you set up and configure the system using Docker, Podman, or Kubernetes. Use the tabs below to navigate through each setup method.
Installation Methods:
- Docker Setup: Quick and easy containerized installation.
- Podman Setup: Docker-compatible, rootless containers.
- Kubernetes Setup: For scalable, production-grade deployments.
- Docker Setup
- Podman Setup
- Kubernetes Setup
To install using Docker:
- Download the provided
docker-compose.ymlfile below. - Pull the container image from the registry:
docker pull registry.frafos.net/mon:<tag> - Update your
docker-compose.ymlto use the registry image:image: registry.frafos.net/mon:<tag> - Run:
docker-compose up -d - Access the dashboard at
http://localhost:3000
Container images are available at: Frafos Container Registry
Show example docker-compose.yml
⬇️ Download docker-compose.yml
docker-compose.yml
# Example Docker Compose file for Frafos monitoring stack
# Each service below represents a containerized application.
services:
ccm: # Call Control Manager (CCM) service
image: registry.frafos.net/abc/ccm:5.5
container_name: ccm
ports:
- "443-444:443-444" # Expose ports 443 and 444
networks:
- monitoring # Connect to monitoring network
- signaling # Connect to signaling network
restart: always # Always restart on failure
volumes:
- ccm-data:/data # Persist data in named volume
cap_add:
- AUDIT_CONTROL # Add audit control capability
- AUDIT_WRITE # Add audit write capability
elastic: # Elasticsearch service for log and metric storage
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.28
container_name: elastic
ports:
- "9200:9200" # HTTP API
- "9300:9300" # Transport protocol
environment:
- discovery.type=single-node # Run as single node
- network.host=_local_,_site_ # Bind to local and site interfaces
- path.repo=/usr/share/elasticsearch/snapshots # Path for snapshots
#- thread_pool.search.queue_size=10000 # (optional) Increase search queue size
- xpack.ml.enabled=false # Disable ML features
- xpack.security.enabled=false # Disable security
- xpack.security.http.ssl.enabled=false# Disable HTTP SSL
#- cluster.max_shards_per_node=166 # (optional) Increase max shards
#- indices.lifecycle.history_index_enabled=false # (optional) Disable ILM history
networks:
- monitoring
restart: always
ulimits:
nofile:
soft: 65536
hard: 65536
memlock:
soft: -1
hard: -1
deploy:
resources:
limits:
memory: 4g
volumes:
- es-data:/usr/share/elasticsearch/data # Data volume
- es-snapshots:/usr/share/elasticsearch/snapshots # Snapshots volume
#- ./elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro # (optional) Custom config
chrome:
# Headless Chrome for PDF generation or browser automation
image: zenika/alpine-chrome:latest
#image: registry.frafos.net/contrib/alpine-chrome:latest # (alternative image)
container_name: chrome
networks:
- monitoring
expose:
- "9222" # Expose remote debugging port
command:
- "--no-sandbox"
- "--remote-debugging-address=0.0.0.0"
- "--remote-debugging-port=9222"
mon: # Monitoring service (MON)
image: registry.frafos.net/abc/mon:10.1
container_name: mon
ports:
- "5000:5000" # SERVER_PORT
- "5044:5044" # LOGSTASH_BEATS_PORT
- "3042:3042" # UPLOAD_API_PORT
- "1873:1873" # UPLOAD_API_RSYNC_PORT
- "3000:3000" # UI_PORT
# environment:
#- CCM=ccm # (optional) CCM service name
#- ES=http://elastic:9200 # (optional) ES endpoint
#- REPORT_URL=http://127.0.0.1:5000/report # (optional) Report URL
#- ES_USER=monitor # (optional) ES user
#- ES_PASSWORD=password # (optional) ES password
#- ADVANCED_ALERTS=true # (optional) Enable Advanced Alerts
#- ADVANCED_ALERTS_URL=http://alerts:80 # (optional) Advanced Alerts URL
volumes:
- mon-data:/data # Persist MON data
networks:
- monitoring
tty: true # Enable TTY
stdin_open: true # Keep STDIN open
alerts:
image: registry.frafos.net/fril/alerts:10.1
container_name: alerts
restart: always
environment:
REDIS_HOST: "redis"
elasticConfigUrl: "http://elastic:9200/"
cap_add:
- AUDIT_CONTROL
- NET_RAW
- AUDIT_WRITE
ports:
- "80:80"
networks:
- monitoring
depends_on:
elastic:
condition: service_healthy
redis:
condition: service_healthy
healthcheck:
test:
[
"CMD-SHELL",
"curl -fsS 'http://localhost:80/api/alertapi/help' || exit 1",
]
interval: 15s
timeout: 5s
retries: 20
start_period: 15s
redis:
image: registry.frafos.net/fril/redis-stack-server:latest
container_name: redis
restart: always
expose: ["6379"]
security_opt: ["no-new-privileges:true"]
cap_drop: [MKNOD, NET_RAW, AUDIT_WRITE]
networks:
- monitoring
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 5s
retries: 20
start_period: 10s
rq2rest:
image: registry.frafos.net/fril/rq2rest:latest
container_name: rq2rest
command:
[
"-c",
"/etc/rq2rest.ini",
"-d",
"5",
"--redis_url=redis:6379",
"--http_url=http://alerts:80/ingestion/logstash/00000000-0000-0000-0000-000000000000",
]
tty: true
networks:
- monitoring
depends_on:
redis:
condition: service_healthy
alerts:
condition: service_healthy
volumes:
es-data:
es-snapshots:
mon-data-fresh-master:
networks:
monitoring:
driver: bridge
signaling:
driver: bridge
note
Docker is the recommended way for quick setup and easy updates.
To install using Podman:
- Download the provided
docker-compose.ymlfile below. - Pull the container image from the registry:
podman pull registry.frafos.net/mon:<tag> - Run the container:
podman run -d -p 3000:3000 registry.frafos.net/mon:<tag> - Or use Compose:
podman-compose up -d - Access the dashboard at
http://localhost:3000
Container images are available at: Frafos Container Registry
Show example docker-compose.yml
⬇️ Download docker-compose.yml
docker-compose.yml
# Example Docker Compose file for Frafos monitoring stack
# Each service below represents a containerized application.
services:
ccm: # Call Control Manager (CCM) service
image: registry.frafos.net/abc/ccm:5.5
container_name: ccm
ports:
- "443-444:443-444" # Expose ports 443 and 444
networks:
- monitoring # Connect to monitoring network
- signaling # Connect to signaling network
restart: always # Always restart on failure
volumes:
- ccm-data:/data # Persist data in named volume
cap_add:
- AUDIT_CONTROL # Add audit control capability
- AUDIT_WRITE # Add audit write capability
elastic: # Elasticsearch service for log and metric storage
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.28
container_name: elastic
ports:
- "9200:9200" # HTTP API
- "9300:9300" # Transport protocol
environment:
- discovery.type=single-node # Run as single node
- network.host=_local_,_site_ # Bind to local and site interfaces
- path.repo=/usr/share/elasticsearch/snapshots # Path for snapshots
#- thread_pool.search.queue_size=10000 # (optional) Increase search queue size
- xpack.ml.enabled=false # Disable ML features
- xpack.security.enabled=false # Disable security
- xpack.security.http.ssl.enabled=false# Disable HTTP SSL
#- cluster.max_shards_per_node=166 # (optional) Increase max shards
#- indices.lifecycle.history_index_enabled=false # (optional) Disable ILM history
networks:
- monitoring
restart: always
ulimits:
nofile:
soft: 65536
hard: 65536
memlock:
soft: -1
hard: -1
deploy:
resources:
limits:
memory: 4g
volumes:
- es-data:/usr/share/elasticsearch/data # Data volume
- es-snapshots:/usr/share/elasticsearch/snapshots # Snapshots volume
#- ./elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro # (optional) Custom config
chrome:
# Headless Chrome for PDF generation or browser automation
image: zenika/alpine-chrome:latest
#image: registry.frafos.net/contrib/alpine-chrome:latest # (alternative image)
container_name: chrome
networks:
- monitoring
expose:
- "9222" # Expose remote debugging port
command:
- "--no-sandbox"
- "--remote-debugging-address=0.0.0.0"
- "--remote-debugging-port=9222"
mon: # Monitoring service (MON)
image: registry.frafos.net/abc/mon:10.1
container_name: mon
ports:
- "5000:5000" # SERVER_PORT
- "5044:5044" # LOGSTASH_BEATS_PORT
- "3042:3042" # UPLOAD_API_PORT
- "1873:1873" # UPLOAD_API_RSYNC_PORT
- "3000:3000" # UI_PORT
# environment:
#- CCM=ccm # (optional) CCM service name
#- ES=http://elastic:9200 # (optional) ES endpoint
#- REPORT_URL=http://127.0.0.1:5000/report # (optional) Report URL
#- ES_USER=monitor # (optional) ES user
#- ES_PASSWORD=password # (optional) ES password
#- ADVANCED_ALERTS=true # (optional) Enable Advanced Alerts
#- ADVANCED_ALERTS_URL=http://alerts:80 # (optional) Advanced Alerts URL
volumes:
- mon-data:/data # Persist MON data
networks:
- monitoring
tty: true # Enable TTY
stdin_open: true # Keep STDIN open
alerts:
image: registry.frafos.net/fril/alerts:10.1
container_name: alerts
restart: always
environment:
REDIS_HOST: "redis"
elasticConfigUrl: "http://elastic:9200/"
cap_add:
- AUDIT_CONTROL
- NET_RAW
- AUDIT_WRITE
ports:
- "80:80"
networks:
- monitoring
depends_on:
elastic:
condition: service_healthy
redis:
condition: service_healthy
healthcheck:
test:
[
"CMD-SHELL",
"curl -fsS 'http://localhost:80/api/alertapi/help' || exit 1",
]
interval: 15s
timeout: 5s
retries: 20
start_period: 15s
redis:
image: registry.frafos.net/fril/redis-stack-server:latest
container_name: redis
restart: always
expose: ["6379"]
security_opt: ["no-new-privileges:true"]
cap_drop: [MKNOD, NET_RAW, AUDIT_WRITE]
networks:
- monitoring
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 5s
retries: 20
start_period: 10s
rq2rest:
image: registry.frafos.net/fril/rq2rest:latest
container_name: rq2rest
command:
[
"-c",
"/etc/rq2rest.ini",
"-d",
"5",
"--redis_url=redis:6379",
"--http_url=http://alerts:80/ingestion/logstash/00000000-0000-0000-0000-000000000000",
]
tty: true
networks:
- monitoring
depends_on:
redis:
condition: service_healthy
alerts:
condition: service_healthy
volumes:
es-data:
es-snapshots:
mon-data-fresh-master:
networks:
monitoring:
driver: bridge
signaling:
driver: bridge
note
Podman is Docker-compatible and supports rootless containers. You can use podman-compose for multi-container setups.
To install using Kubernetes:
- Download the provided manifest file below.
- Make sure your manifest uses the registry image:
image: registry.frafos.net/mon:<tag> - Apply the Kubernetes manifests:
kubectl apply -f manifest.example.yaml - Monitor pods and services:
kubectl get pods,kubectl get svc - Access the dashboard via the exposed service (see your cluster's configuration)
Container images are available at: Frafos Container Registry
Show example manifest (manifest.yaml)
⬇️ Download manifest.yaml
manifest.yaml
# --------------------------
# Persistent Volume Claims
# --------------------------
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: ccm-data
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 5Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: es-data
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 20Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: es-snapshots
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mon-data
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 5Gi
# --------------------------
# CCM
# --------------------------
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ccm
spec:
replicas: 1
selector:
matchLabels:
app: ccm
template:
metadata:
labels:
app: ccm
spec:
containers:
- name: ccm
image: registry.frafos.net/abc/ccm:5.5
ports:
- containerPort: 443
- containerPort: 444
volumeMounts:
- name: ccm-storage
mountPath: /data
securityContext:
capabilities:
add: ["AUDIT_CONTROL", "AUDIT_WRITE"]
volumes:
- name: ccm-storage
persistentVolumeClaim:
claimName: ccm-data
---
apiVersion: v1
kind: Service
metadata:
name: ccm
spec:
selector:
app: ccm
ports:
- name: https
port: 443
targetPort: 443
- name: https2
port: 444
targetPort: 444
type: ClusterIP
# --------------------------
# Elasticsearch
# --------------------------
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: elastic
spec:
replicas: 1
selector:
matchLabels:
app: elastic
template:
metadata:
labels:
app: elastic
spec:
containers:
- name: elastic
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.28
ports:
- containerPort: 9200
- containerPort: 9300
env:
- name: discovery.type
value: "single-node"
- name: network.host
value: "_local_,_site_"
- name: path.repo
value: "/usr/share/elasticsearch/snapshots"
- name: xpack.ml.enabled
value: "false"
- name: xpack.security.enabled
value: "false"
- name: xpack.security.http.ssl.enabled
value: "false"
resources:
limits:
memory: "4Gi"
volumeMounts:
- name: es-data
mountPath: /usr/share/elasticsearch/data
- name: es-snapshots
mountPath: /usr/share/elasticsearch/snapshots
volumes:
- name: es-data
persistentVolumeClaim:
claimName: es-data
- name: es-snapshots
persistentVolumeClaim:
claimName: es-snapshots
---
apiVersion: v1
kind: Service
metadata:
name: elastic
spec:
selector:
app: elastic
ports:
- name: http
port: 9200
targetPort: 9200
- name: transport
port: 9300
targetPort: 9300
# --------------------------
# Chrome
# --------------------------
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: chrome
spec:
replicas: 1
selector:
matchLabels:
app: chrome
template:
metadata:
labels:
app: chrome
spec:
containers:
- name: chrome
image: zenika/alpine-chrome:latest
args:
- "--no-sandbox"
- "--remote-debugging-address=0.0.0.0"
- "--remote-debugging-port=9222"
ports:
- containerPort: 9222
---
apiVersion: v1
kind: Service
metadata:
name: chrome
spec:
selector:
app: chrome
ports:
- name: debug
port: 9222
targetPort: 9222
# --------------------------
# MON
# --------------------------
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: mon
spec:
replicas: 1
selector:
matchLabels:
app: mon
template:
metadata:
labels:
app: mon
spec:
containers:
- name: mon
image: registry.frafos.net/abc/mon:10.1
ports:
- containerPort: 5000
- containerPort: 5044
- containerPort: 3042
- containerPort: 1873
- containerPort: 3000
volumeMounts:
- name: mon-storage
mountPath: /data
tty: true
stdin: true
volumes:
- name: mon-storage
persistentVolumeClaim:
claimName: mon-data
---
apiVersion: v1
kind: Service
metadata:
name: mon
spec:
selector:
app: mon
ports:
- name: server
port: 5000
targetPort: 5000
- name: logstash
port: 5044
targetPort: 5044
- name: upload-api
port: 3042
targetPort: 3042
- name: upload-rsync
port: 1873
targetPort: 1873
- name: ui
port: 3000
targetPort: 3000
# --------------------------
# Redis
# --------------------------
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: redis
spec:
replicas: 1
selector:
matchLabels:
app: redis
template:
metadata:
labels:
app: redis
spec:
securityContext:
runAsNonRoot: true
capabilities:
drop: ["MKNOD", "NET_RAW", "AUDIT_WRITE"]
containers:
- name: redis
image: registry.frafos.net/fril/redis-stack-server:latest
ports:
- containerPort: 6379
livenessProbe:
exec:
command: ["redis-cli", "ping"]
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
---
apiVersion: v1
kind: Service
metadata:
name: redis
spec:
selector:
app: redis
ports:
- name: redis
port: 6379
targetPort: 6379
# --------------------------
# Alerts
# --------------------------
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: alerts
spec:
replicas: 1
selector:
matchLabels:
app: alerts
template:
metadata:
labels:
app: alerts
spec:
containers:
- name: alerts
image: registry.frafos.net/fril/alerts:10.1
ports:
- containerPort: 80
env:
- name: REDIS_HOST
value: "redis"
- name: elasticConfigUrl
value: "http://elastic:9200/"
securityContext:
capabilities:
add: ["AUDIT_CONTROL", "NET_RAW", "AUDIT_WRITE"]
readinessProbe:
httpGet:
path: /api/alertapi/help
port: 80
initialDelaySeconds: 15
periodSeconds: 15
timeoutSeconds: 5
failureThreshold: 20
---
apiVersion: v1
kind: Service
metadata:
name: alerts
spec:
selector:
app: alerts
ports:
- name: http
port: 80
targetPort: 80
# --------------------------
# rq2rest
# --------------------------
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: rq2rest
spec:
replicas: 1
selector:
matchLabels:
app: rq2rest
template:
metadata:
labels:
app: rq2rest
spec:
containers:
- name: rq2rest
image: registry.frafos.net/fril/rq2rest:latest
command:
- "/bin/sh"
- "-c"
- >
rq2rest -c /etc/rq2rest.ini -d 5
--redis_url=redis:6379
--http_url=http://alerts:80/ingestion/logstash/00000000-0000-0000-0000-000000000000
tty: true
---
apiVersion: v1
kind: Service
metadata:
name: rq2rest
spec:
selector:
app: rq2rest
ports:
- name: rq
port: 8080
targetPort: 8080
info
Kubernetes setup is ideal for scalable, resilient, and production-grade deployments.