This guide explains how to install the Cmd Control agent on containers running Supervisord, a tool that helps to manage multiple processes in a single container. Before reading this, you should understand how to deploy the agent in a container.

Overview:

This guide is organized around several example configuration files:

  • Dockerfile
  • docker-compose.yml
  • supervisord.conf
  • Building the Dockerfile

 
Dockerfile:

This example installs the latest Ubuntu version of the agent. Below, where it says         "<project_key>", input your project key to automatically download the latest agent binary. (Learn how to install different versions of the agent, and how to set options such as hostname and http_proxy in how to automate agent deployment.)

FROM ubuntu:16.04
RUN apt-get update
RUN apt-get install nginx -y
RUN apt-get install curl openssh-client libcap2 psmisc supervisor -y
RUN mkdir -p /var/log/supervisor
COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
RUN curl -s https://c-app.cmd.com/cmdsci/<project_key>/ccf-latest.amd64.deb > /tmp/ccf-latest.amd64.deb
RUN dpkg -i /tmp/ccf-latest.amd64.deb
RUN echo -n <project key> | tee /etc/cmd/cmd.prj
RUN rm /tmp/ccf-latest.amd64.deb
CMD ["/usr/bin/supervisord"]

 
   

docker-compose.yml: 

Setting ‘LD_PRELOAD=libinjector.so’ as an environment variable (shown below) will cause the agent to hook all user sessions. (Some orchestration tools may override this setting, so start by investigating your env. vars. if you need to troubleshoot.)

version: '3'
services:
  cmd:
    environment:
    - LD_PRELOAD=libinjector.so
    build: .

 
 

supervisord.conf:

This file configures Nginx, as an example. Replace Nginx with the services you want Cmd to monitor and control: 

[supervisord]
nodaemon=true


[program:nginx]
command=/usr/sbin/nginx -g "daemon off;"
priority=1
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
username=www-data
autorestart=true


[program:cmd]
command=bash -c '/bin/sleep 2 && /sbin/cmd_daemon -f'
priority=2
stdout_logfile=/dev/stdout
stderr_logfile=/dev/stderr
autorestart=true

In the script, '/bin/sleep 2' creates a sleep state. This optional step prevents interleaving of logs (useful when troubleshooting), and ensures safe-start without impacting the initial container process. 

 
 

Building the Dockerfile:

Test the container by executing the docker-compose binary from within your working directory, with the "--build" flag to ensure a clean run.

docker-compose up --build

 

Did this answer your question?