Jump to content

Netdata: Difference between revisions

From NixOS Wiki
← Older edit
VisualWikitext
imported>Ncfavier
m add syntax highlighting
DoggoBit (talk | contribs)
trusted
1,048 edits
 
(5 intermediate revisions by 4 users not shown)
Line 1: Line 1:
__TOC__
<strong>[https://www.netdata.cloud/ Netdata]</strong> is a metrics tool, which comes with a lot of sane pre-configuration.
It contains various plugins, which may need specific steps to be enabled.


[https://www.netdata.cloud/ netdata] is a metrics tool, which comes with a lot of sane preconfiguration.
== Installation ==
It contains of various plugins, which need to be enabled sometimes with additional effort.


== Adding node ==
Add the following to your [[Overview_of_the_NixOS_Linux_distribution#Declarative_Configuration|NixOS configuration]] to setup and use Netdata:
*Install the netdata package and enable the service.
*When adding new node in the web interface you get a token, write that token to /var/lib/netdata/cloud.d/token
*As root run <code>nix-shell -p netdata --run "netdata-claim.sh"</code>


== Streaming node setup ==
{{file|configuration.nix|nix|
<nowiki>
{
  services.netdata = {
    enable = true;
    config.global = {
      "memory mode" = "ram";
      "debug log" = "none";
      "access log" = "none";
      "error log" = "syslog";
    };
  };
  networking.firewall.allowedTCPPorts = [ 19999 ];
}
</nowiki>
}}
 
{{Evaluate}}
 
Netdata's basic instance will then be available at <code>http://localhost:19999</code> on the local network.
 
== Configuration ==  


Ensure you choose appropriate access control for your nodes.
You may wish to aggregate multiple machines' Netdata information, in which case, you can subscribe to the Netdata Cloud service, or you can self-host [[Prometheus]] and [[Grafana]] as a self-hosted solution.


=== Receiver node ===
==== Adding node to cloud ====
* Enable the Netdata service as described above.
* override package to be built `withCloud`
* When adding a new node in the web interface, you get a token; copy that token to <code>/var/lib/netdata/cloud.d/token</code>.
* As root, run the <code>netdata-claim.sh</code> script.
{{Commands|# nix-shell -p netdata --run "netdata-claim.sh"}}


<syntaxhighlight lang="nix">
====== Declare claim token ([https://search.nixos.org/options?show=services.netdata.claimTokenFile option docs]) ======
services.netdata.configDir."stream.conf" =
<syntaxhighlight lang="nixos">
  let
services.netdata = {
    mkChildNode = apiKey: allowFrom: ''
  package = pkgs.netdata.override { withCloud = true; };
      [${apiKey}]
  claimTokenFile = config.sops.secrets.netdata-token.path; # mounted by sops-nix, in this example
        enabled = yes
};
        default history = <a value of your choice>
</syntaxhighlight>
        default memory mode = dbengine # a good default
 
        health enabled by default = auto
=== Streaming node setup ===
        allow from = ${allowFrom}
 
    '';
{{Security Warning|Ensure you choose the appropriate access control for your nodes.}}
  in pkgs.writeText "stream.conf" ''
 
    [stream]
==== Receiver node ====
       # This won't stream by itself, except if the receiver is a sender too, which is possible in netdata model.
 
{{file|configuration.nix|nix|
<nowiki>
{
  services.netdata.configDir."stream.conf" =
    let
      mkChildNode = apiKey: allowFrom: ''
        [${apiKey}]
          enabled = yes
          default history = <A value of your choice>
          default memory mode = dbengine
          health enabled by default = auto
          allow from = ${allowFrom}
      '';
    in pkgs.writeText "stream.conf" ''
      [stream]
       # This won't stream by itself, except if the receiver is a sender too, which is possible in the netdata model.
       enabled = no
       enabled = no
       enable compression = yes
       enable compression = yes


    # An allowed sender node
      # An allowed sender node
    ${mkChildNode "an API key" "an allowed IP"}
      ${mkChildNode "<API key goes here>" "<Allowed IP goes here>"}
  '';
    '';
</syntaxhighlight>
}
</nowiki>
}}


=== Sender node ===
==== Sender node ====


<syntaxhighlight lang="nix">
{{file|configuration.nix|nix|
services.netdata.configDir."stream.conf" = pkgs.writeText "stream.conf" ''
<nowiki>
  [stream]
{
  services.netdata.configDir."stream.conf" = pkgs.writeText "stream.conf" ''
    [stream]
     enabled = yes
     enabled = yes
     destination = receiver-hostname-or-ip-address:19999
     destination = <Receiver hostname or IP address goes here>:19999
     api key = any string that is set also on the receiver side
     api key = <API key goes here>
'';
  '';
</syntaxhighlight>
}
</nowiki>
}}


If you don't need any web UI and want to consume minimal resources on the sender node, use:
If you don't need any web UI and want to consume minimal resources on the sender node, use:


<syntaxhighlight lang="nix">
{{file|configuration.nix|nix|
services.netdata = {
<nowiki>
  config = {
{
  services.netdata.config = {
     global = { "memory mode" = "none"; };
     global = { "memory mode" = "none"; };
     web = {
     web = {
Line 59: Line 105:
     };
     };
   };
   };
};
}
</syntaxhighlight>
</nowiki>
}}


This way, it won't spawn any web UI, neither store any metric locally.
This way, it will neither spawn a web UI, nor store any metric locally.


<span id="python-plugins"></span>
<span id="python-plugins"></span>
= Python Plugins =


== nvidia-smi ==
== Tips and Tricks ==
 
==== Modern Web UI ====
 
{{tip/unfree}}


To enable the <code>nvidia-smi</code> plugin you have to make sure <code>nvidia-smi</code> can be called by <code>netdata</code>.
Netdata comes with an old, unmaintained but open source web UI that is accessible at port <code>19999</code>. Netdata Inc. will not fix any bugs in the old UI and it may to become more and more broken as time goes on. There is however, a newer, maintained but proprietary web UI that can be optionally enabled to replace the old UI. To use this new UI, override Netdata's package:


<syntaxhighlight lang="nix">
{{file|configuration.nix|nix|
systemd.services.enable = true;
<nowiki>
systemd.services.netdata.path = [pkgs.linuxPackages.nvidia_x11];
{
services.netdata.configDir.&quot;python.d.conf&quot; = pkgs.writeText &quot;python.d.conf&quot; ''
  nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
   nvidia_smi: yes
    "netdata"
'';
  ];
</syntaxhighlight>
  services.netdata.package = pkgs.netdata.override {
== samba ==
    withCloudUi = true;
   };
}
</nowiki>
}}
 
=== Python Plugins ===
 
==== nvidia-smi ====
 
{{tip/unfree}}


To enable <code>samba</code> plugin additional permissions and configurations will need to be set.
To enable the <code>nvidia-smi</code> plugin, you have to ensure that <code>nvidia-smi</code> can be called by <code>netdata</code>:


<syntaxhighlight lang="nix">
{{file|configuration.nix|nix|
services.netdata.configDir.&quot;python.d.conf&quot; = pkgs.writeText &quot;python.d.conf&quot; ''
<nowiki>
  samba: yes
{
'';
  systemd.services.netdata.path = [ pkgs.linuxPackages.nvidia_x11 ];
  services.netdata.configDir."python.d.conf" = pkgs.writeText "python.d.conf" ''
    nvidia_smi: yes
  '';
}
</nowiki>
}}


# add samba and sudo to path of python plugin
==== samba ====
systemd.services.netdata.path = [  pkgs.samba &quot;/run/wrappers&quot; ];


# permit to run sudo smbstatus -P
To enable the <code>samba</code> plugin, additional permissions and configurations will need to be set:
security.sudo.extraConfig = ''
  netdata ALL=(root) NOPASSWD: ${pkgs.samba}/bin/smbstatus
'';


# as documented here : https://github.com/netdata/netdata/blob/master/system/netdata.service.in
{{file|configuration.nix|nix|
# review capabilityset above if other plugins are non functional
<nowiki>
systemd.services.netdata.serviceConfig.CapabilityBoundingSet = [&quot;CAP_SETGID&quot;];
{
  services = {
    netdata.configDir."python.d.conf" = pkgs.writeText "python.d.conf" ''
      samba: yes
    '';
    samba.extraConfig = ''
      smbd profiling level = on
    '';
  };


# enable profiling
  systemd.services.netdata = {
services.samba.extraConfig = ''
    path = [ pkgs.samba "/run/wrappers" ];
  smbd profiling level = on
    serviceConfig.CapabilityBoundingSet = [ "CAP_SETGID" ];
'';
  };
</syntaxhighlight>
 
  security.sudo.extraConfig = ''
    netdata ALL=(root) NOPASSWD: ${pkgs.samba}/bin/smbstatus
  '';
}
</nowiki>
}}

Latest revision as of 20:07, 5 June 2025

Netdata is a metrics tool, which comes with a lot of sane pre-configuration. It contains various plugins, which may need specific steps to be enabled.

Installation

Add the following to your NixOS configuration to setup and use Netdata:

❄︎ configuration.nix
{
  services.netdata = {
    enable = true;
    config.global = {
      "memory mode" = "ram";
      "debug log" = "none";
      "access log" = "none";
      "error log" = "syslog";
    };
  };
  networking.firewall.allowedTCPPorts = [ 19999 ];
}
🟆︎
Tip: In order to affect your NixOS system by your nix-language-specific changes you must first evaluate it:
$ nixos-rebuild switch --sudo


Netdata's basic instance will then be available at http://localhost:19999 on the local network.

Configuration

You may wish to aggregate multiple machines' Netdata information, in which case, you can subscribe to the Netdata Cloud service, or you can self-host Prometheus and Grafana as a self-hosted solution.

Adding node to cloud

  • Enable the Netdata service as described above.
  • override package to be built `withCloud`
  • When adding a new node in the web interface, you get a token; copy that token to /var/lib/netdata/cloud.d/token.
  • As root, run the netdata-claim.sh script.
# nix-shell -p netdata --run "netdata-claim.sh"
Declare claim token (option docs)
services.netdata = {
  package = pkgs.netdata.override { withCloud = true; };
  claimTokenFile = config.sops.secrets.netdata-token.path; # mounted by sops-nix, in this example
};

Streaming node setup

🛡︎︎
Security information: Ensure you choose the appropriate access control for your nodes.

Receiver node

❄︎ configuration.nix
{
  services.netdata.configDir."stream.conf" =
    let
      mkChildNode = apiKey: allowFrom: ''
        [${apiKey}]
          enabled = yes
          default history = &lt;A value of your choice&gt;
          default memory mode = dbengine
          health enabled by default = auto
          allow from = ${allowFrom}
      '';
    in pkgs.writeText "stream.conf" ''
      [stream]
      # This won't stream by itself, except if the receiver is a sender too, which is possible in the netdata model.
      enabled = no
      enable compression = yes

      # An allowed sender node
      ${mkChildNode "&lt;API key goes here&gt;" "&lt;Allowed IP goes here&gt;"}
    '';
}

Sender node

❄︎ configuration.nix
{
  services.netdata.configDir."stream.conf" = pkgs.writeText "stream.conf" ''
    [stream]
    enabled = yes
    destination = &lt;Receiver hostname or IP address goes here&gt;:19999
    api key = &lt;API key goes here&gt;
  '';
}

If you don't need any web UI and want to consume minimal resources on the sender node, use:

❄︎ configuration.nix
{
  services.netdata.config = {
    global = { "memory mode" = "none"; };
    web = {
      mode = "none";
      "accept a streaming request every seconds" = 0;
    };
  };
}

This way, it will neither spawn a web UI, nor store any metric locally.

Tips and Tricks

Modern Web UI

🟆︎
Tip: This package is unfree, and will require extra steps to install. You can read more about allowing unfree software in the Nixpkgs Manual.

Netdata comes with an old, unmaintained but open source web UI that is accessible at port 19999. Netdata Inc. will not fix any bugs in the old UI and it may to become more and more broken as time goes on. There is however, a newer, maintained but proprietary web UI that can be optionally enabled to replace the old UI. To use this new UI, override Netdata's package:

❄︎ configuration.nix
{
  nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
    "netdata"
  ];
  services.netdata.package = pkgs.netdata.override {
    withCloudUi = true;
  };
}

Python Plugins

nvidia-smi

🟆︎
Tip: This package is unfree, and will require extra steps to install. You can read more about allowing unfree software in the Nixpkgs Manual.

To enable the nvidia-smi plugin, you have to ensure that nvidia-smi can be called by netdata:

❄︎ configuration.nix
{
  systemd.services.netdata.path = [ pkgs.linuxPackages.nvidia_x11 ];
  services.netdata.configDir."python.d.conf" = pkgs.writeText "python.d.conf" ''
    nvidia_smi: yes
  '';
}

samba

To enable the samba plugin, additional permissions and configurations will need to be set:

❄︎ configuration.nix
{
  services = {
    netdata.configDir."python.d.conf" = pkgs.writeText "python.d.conf" ''
      samba: yes
    '';
    samba.extraConfig = ''
      smbd profiling level = on
    '';
  };

  systemd.services.netdata = {
    path = [ pkgs.samba "/run/wrappers" ];
    serviceConfig.CapabilityBoundingSet = [ "CAP_SETGID" ];
  };

  security.sudo.extraConfig = ''
    netdata ALL=(root) NOPASSWD: ${pkgs.samba}/bin/smbstatus
  '';
}
Retrieved from "https://wiki.nixos.org/w/index.php?title=Netdata&oldid=22186"