218-elastalert: Adds dynamic configuration of elastalert config at ru…

…ntime
techjacker · May 31, 2017 · 134c045 · 134c045
1 parent 6c01642
commit 134c045
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 74 deletions.
diff --git a/elastalert/Dockerfile b/elastalert/Dockerfile
@@ -1,9 +1,8 @@
 FROM iron/python:2
 
-# Alias, DNS or IP of Elasticsearch host to be queried by Elastalert. Set in default Elasticsearch configuration file.
-ENV ELASTICSEARCH_HOST elasticsearchhost
-# Port on above Elasticsearch host. Set in default Elasticsearch configuration file.
-ENV ELASTICSEARCH_PORT 9200
+
+# ENV ELASTICSEARCH_HOST elasticsearchhost
+# ENV ELASTICSEARCH_PORT 9200
 
 
 # Set this environment variable to true to set timezone on container start.
@@ -19,8 +18,8 @@ ENV ELASTALERT_DIRECTORY_NAME elastalert
 # Elastalert home directory full path.
 ENV ELASTALERT_HOME /opt/${ELASTALERT_DIRECTORY_NAME}
 
-
 # Install software required for Elastalert and NTP for time synchronization.
+WORKDIR /opt
 RUN apk update && \
     apk upgrade && \
     apk add ca-certificates openssl-dev libffi-dev python-dev gcc musl-dev tzdata openntpd && \
@@ -35,61 +34,30 @@ RUN apk update && \
     rm *.zip && \
     mv e* ${ELASTALERT_DIRECTORY_NAME}
 
-WORKDIR ${ELASTALERT_HOME}
-
 # Install Elastalert.
+WORKDIR ${ELASTALERT_HOME}
 RUN python setup.py install && \
     pip install -e . && \
     pip uninstall twilio --yes && \
     pip install twilio==6.0.0
 
-
-# Directory holding configuration for Elastalert and Supervisor.
-ENV ${CONFIG_DIR} /opt/config
-# Elastalert rules directory.
-ENV ${RULES_DIRECTORY} /opt/rules
-# Elastalert configuration file path in configuration directory.
-ENV ${ELASTALERT_CONFIG} ${CONFIG_DIR}/elastalert_config.yaml
-
-
+ENV RULES_DIRECTORY /opt/rules
 COPY rules ${RULES_DIRECTORY}
+ENV ELASTALERT_CONFIG /opt/elastalert_config.yaml
 COPY elastalert_config.yaml ${ELASTALERT_CONFIG}
 
-# Make the start-script executable.
-RUN chmod +x /opt/start-elastalert.sh && \
-
-# Create directories. The /var/empty directory is used by openntpd.
-    mkdir -p ${CONFIG_DIR} && \
-    mkdir -p ${RULES_DIRECTORY} && \
-    mkdir -p ${LOG_DIR} && \
-    mkdir -p /var/empty && \
+RUN mkdir -p ${LOG_DIR} && \
+    mkdir -p /var/empty
 
-# Copy default configuration files to configuration directory.
-    cp ${ELASTALERT_HOME}/config.yaml.example ${ELASTALERT_CONFIG} && \
-    cp ${ELASTALERT_HOME}/supervisord.conf.example ${ELASTALERT_SUPERVISOR_CONF} && \
 
-# Elastalert configuration:
-    # Set the rule directory in the Elastalert config file to external rules directory.
-    sed -i -e"s|rules_folder: [[:print:]]*|rules_folder: ${RULES_DIRECTORY}|g" ${ELASTALERT_CONFIG} && \
-    # Set the Elasticsearch host that Elastalert is to query.
-    sed -i -e"s|es_host: [[:print:]]*|es_host: ${ELASTICSEARCH_HOST}|g" ${ELASTALERT_CONFIG} && \
-    # Set the port used by Elasticsearch at the above address.
-    sed -i -e"s|es_port: [0-9]*|es_port: ${ELASTICSEARCH_PORT}|g" ${ELASTALERT_CONFIG} && \
 
-# Copy the Elastalert configuration file to Elastalert home directory to be used when creating index first time an Elastalert container is launched.
-    cp ${ELASTALERT_CONFIG} ${ELASTALERT_HOME}/config.yaml && \
-
-# Clean up.
-    apk del python-dev && \
-    apk del musl-dev && \
-    apk del gcc && \
-    apk del openssl-dev && \
-    apk del libffi-dev && \
-
-WORKDIR /opt
 
-# Copy the script used to launch the Elastalert when a container is started.
-COPY ./start-elastalert.sh /opt/
+    # apk del python-dev && \
+    # apk del musl-dev && \
+    # apk del gcc && \
+    # apk del openssl-dev && \
+    # apk del libffi-dev && \
 
-# Launch Elastalert when a container is started.
+COPY start-elastalert.sh /opt/
+RUN chmod +x /opt/start-elastalert.sh
 CMD ["/opt/start-elastalert.sh"]
diff --git a/elastalert/start-elastalert.sh b/elastalert/start-elastalert.sh
@@ -3,38 +3,46 @@
 set -e
 
 # Set the timezone.
-if [ "$SET_CONTAINER_TIMEZONE" = "true" ]; then
-	setup-timezone -z ${CONTAINER_TIMEZONE} && \
-	echo "Container timezone set to: $CONTAINER_TIMEZONE"
-else
-	echo "Container timezone not modified"
-fi
+# if [ "$SET_CONTAINER_TIMEZONE" = "true" ]; then
+# 	setup-timezone -z ${CONTAINER_TIMEZONE} && \
+# 	echo "Container timezone set to: $CONTAINER_TIMEZONE"
+# else
+# 	echo "Container timezone not modified"
+# fi
 
 # Force immediate synchronisation of the time and start the time-synchronization service.
 # In order to be able to use ntpd in the container, it must be run with the SYS_TIME capability.
 # In addition you may want to add the SYS_NICE capability, in order for ntpd to be able to modify its priority.
 ntpd -s
 
 # Wait until Elasticsearch is online since otherwise Elastalert will fail.
-rm -f garbage_file
-while ! wget -O garbage_file ${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT} 2>/dev/null
-do
-	echo "Waiting for Elasticsearch..."
-	rm -f garbage_file
-	sleep 1
-done
-rm -f garbage_file
-sleep 5
-
-# Check if the Elastalert index exists in Elasticsearch and create it if it does not.
-if ! wget -O garbage_file ${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT}/elastalert_status 2>/dev/null
-then
-	echo "Creating Elastalert index in Elasticsearch..."
-    elastalert-create-index --host ${ELASTICSEARCH_HOST} --port ${ELASTICSEARCH_PORT} --config ${ELASTALERT_CONFIG} --index elastalert_status --old-index ""
-else
-    echo "Elastalert index already exists in Elasticsearch."
-fi
-rm -f garbage_file
+# rm -f garbage_file
+# while ! wget -O garbage_file ${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT} 2>/dev/null
+# do
+# 	echo "Waiting for Elasticsearch..."
+# 	rm -f garbage_file
+# 	sleep 1
+# done
+# rm -f garbage_file
+# sleep 5
+
+# # Check if the Elastalert index exists in Elasticsearch and create it if it does not.
+# if ! wget -O garbage_file ${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT}/elastalert_status 2>/dev/null
+# then
+# 	echo "Creating Elastalert index in Elasticsearch..."
+#     elastalert-create-index --host ${ELASTICSEARCH_HOST} --port ${ELASTICSEARCH_PORT} --config ${ELASTALERT_CONFIG} --index elastalert_status --old-index ""
+# else
+#     echo "Elastalert index already exists in Elasticsearch."
+# fi
+# rm -f garbage_file
 
 echo "Starting Elastalert..."
-exec supervisord -c ${ELASTALERT_SUPERVISOR_CONF} -n
+
+# Set the rule directory in the Elastalert config file to external rules directory.
+sed -i -e"s|rules_folder: [[:print:]]*|rules_folder: ${RULES_DIRECTORY}|g" ${ELASTALERT_CONFIG}
+# Set the Elasticsearch host that Elastalert is to query.
+sed -i -e"s|es_host: [[:print:]]*|es_host: ${ELASTICSEARCH_HOST}|g" ${ELASTALERT_CONFIG}
+# Set the port used by Elasticsearch at the above address.
+sed -i -e"s|es_port: [0-9]*|es_port: ${ELASTICSEARCH_PORT}|g" ${ELASTALERT_CONFIG}
+
+exec elastlaert --config ${ELASTALERT_CONFIG}