@@ Line 1: / Line 1: @@
-__TOC__
+<strong>[https://www.netdata.cloud/ Netdata]</strong> is a metrics tool, which comes with a lot of sane pre-configuration.
+It contains various plugins, which may need specific steps to be enabled.
-[https://www.netdata.cloud/ netdata] is a metrics tool, which comes with a lot of sane preconfiguration.
+== Installation ==
-It contains of various plugins, which need to be enabled sometimes with additional effort.
-== Adding node ==
+Add the following to your [[Overview_of_the_NixOS_Linux_distribution#Declarative_Configuration|NixOS configuration]] to setup and use Netdata:
-*Install the netdata package and enable the service.
-*When adding new node in the web interface you get a token, write that token to /var/lib/netdata/cloud.d/token
-*As root run <code>nix-shell -p netdata --run "netdata-claim.sh"</code>
-== Streaming node setup ==
+{{file|configuration.nix|nix|
+<nowiki>
+{
+  services.netdata = {
+    enable = true;
+    config.global = {
+      "memory mode" = "ram";
+      "debug log" = "none";
+      "access log" = "none";
+      "error log" = "syslog";
+    };
+  };
+  networking.firewall.allowedTCPPorts = [ 19999 ];
+}
+</nowiki>
+}}
-Ensure you choose appropriate access control for your nodes.
+{{Evaluate}}
-=== Receiver node ===
+Netdata's basic instance will then be available at <code>http://localhost:19999</code> on the local network.
-<pre>
+== Configuration ==
+You may wish to aggregate multiple machines' Netdata information, in which case, you can subscribe to the Netdata Cloud service, or you can self-host [[Prometheus]] and [[Grafana]] as a self-hosted solution.
+==== Adding node to cloud ====
+* Enable the Netdata service as described above.
+* override package to be built `withCloud`
+* When adding a new node in the web interface, you get a token; copy that token to <code>/var/lib/netdata/cloud.d/token</code>.
+* As root, run the <code>netdata-claim.sh</code> script.
+{{Commands|# nix-shell -p netdata --run "netdata-claim.sh"}}
+====== Declare claim token ([https://search.nixos.org/options?show=services.netdata.claimTokenFile option docs]) ======
+<syntaxhighlight lang="nixos">
+services.netdata = {
+  package = pkgs.netdata.override { withCloud = true; };
+  claimTokenFile = config.sops.secrets.netdata-token.path; # mounted by sops-nix, in this example
+};
+</syntaxhighlight>
+=== Streaming node setup ===
+{{Security Warning|Ensure you choose the appropriate access control for your nodes.}}
+==== Receiver node ====
+{{file|configuration.nix|nix|
+<nowiki>
+{
    services.netdata.configDir."stream.conf" =
-     let
+    let
-        mkChildNode = apiKey: allowFrom: ''
+      mkChildNode = apiKey: allowFrom: ''
-          [${apiKey}]
+        [${apiKey}]
-            enabled = yes
+          enabled = yes
-            default history = <a value of your choice>
+          default history = <A value of your choice>
-            default memory mode = dbengine # a good default
+          default memory mode = dbengine
-            health enabled by default = auto
+          health enabled by default = auto
-            allow from = ${allowFrom}
+          allow from = ${allowFrom}
-        '';
+      '';
-      in pkgs.writeText "stream.conf" ''
+    in pkgs.writeText "stream.conf" ''
-        [stream]
+      [stream]
-          # This won't stream by itself, except if the receiver is a sender too, which is possible in netdata model.
+      # This won't stream by itself, except if the receiver is a sender too, which is possible in the netdata model.
-          enabled = no
+      enabled = no
-          enable compression = yes
+      enable compression = yes
-        # An allowed sender node
+      # An allowed sender node
-        ${mkChildNode "an API key" "an allowed IP"}
+      ${mkChildNode "<API key goes here>" "<Allowed IP goes here>"}
-      '';
+    '';
-</pre>
+}
+</nowiki>
+}}
-=== Sender node ===
+==== Sender node ====
-<pre>
+{{file|configuration.nix|nix|
+<nowiki>
+{
    services.netdata.configDir."stream.conf" = pkgs.writeText "stream.conf" ''
-      [stream]
+    [stream]
-        enabled = yes
+    enabled = yes
-        destination = receiver-hostname-or-ip-address:19999
+    destination = <Receiver hostname or IP address goes here>:19999
-        api key = any string that is set also on the receiver side
+    api key = <API key goes here>
-    '';
+  '';
-</pre>
+}
+</nowiki>
+}}
 If you don't need any web UI and want to consume minimal resources on the sender node, use:
-<pre>
+{{file|configuration.nix|nix|
-   services.netdata = {
+<nowiki>
-     config = {
+{
-      global = { "memory mode" = "none"; };
+   services.netdata.config = {
-      web = {
+     global = { "memory mode" = "none"; };
-        mode = "none";
+    web = {
-        "accept a streaming request every seconds" = 0;
+      mode = "none";
-      };
+      "accept a streaming request every seconds" = 0;
      };
    };
-</pre>
+}
+</nowiki>
+}}
-This way, it won't spawn any web UI, neither store any metric locally.
+This way, it will neither spawn a web UI, nor store any metric locally.
 <span id="python-plugins"></span>
-= Python Plugins =
-== nvidia-smi ==
+== Tips and Tricks ==
+==== Modern Web UI ====
-To enable the <code>nvidia-smi</code> plugin you have to make sure <code>nvidia-smi</code> can be called by <code>netdata</code>.
+{{tip/unfree}}
-<pre>systemd.services.enable = true;
+Netdata comes with an old, unmaintained but open source web UI that is accessible at port <code>19999</code>. Netdata Inc. will not fix any bugs in the old UI and it may to become more and more broken as time goes on. There is however, a newer, maintained but proprietary web UI that can be optionally enabled to replace the old UI. To use this new UI, override Netdata's package:
-systemd.services.netdata.path = [pkgs.linuxPackages.nvidia_x11];
-services.netdata.configDir.&quot;python.d.conf&quot; = pkgs.writeText &quot;python.d.conf&quot; ''
-  nvidia_smi: yes
-'';</pre>
-== samba ==
-To enable <code>samba</code> plugin additional permissions and configurations will need to be set.
+{{file|configuration.nix|nix|
+<nowiki>
+{
+  nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
+    "netdata"
+  ];
+  services.netdata.package = pkgs.netdata.override {
+    withCloudUi = true;
+  };
+}
+</nowiki>
+}}
-<pre>
+=== Python Plugins ===
-services.netdata.configDir.&quot;python.d.conf&quot; = pkgs.writeText &quot;python.d.conf&quot; ''
-  samba: yes
-'';
-# add samba and sudo to path of python plugin
+==== nvidia-smi ====
-systemd.services.netdata.path = [  pkgs.samba &quot;/run/wrappers&quot; ];
-# permit to run sudo smbstatus -P
+{{tip/unfree}}
-security.sudo.extraConfig = ''
-  netdata ALL=(root) NOPASSWD: ${pkgs.samba}/bin/smbstatus
-'';
-# as documented here : https://github.com/netdata/netdata/blob/master/system/netdata.service.in
+To enable the <code>nvidia-smi</code> plugin, you have to ensure that <code>nvidia-smi</code> can be called by <code>netdata</code>:
-# review capabilityset above if other plugins are non functional
-systemd.services.netdata.serviceConfig.CapabilityBoundingSet = [&quot;CAP_SETGID&quot;];
+{{file|configuration.nix|nix|
+<nowiki>
+{
+  systemd.services.netdata.path = [ pkgs.linuxPackages.nvidia_x11 ];
+  services.netdata.configDir."python.d.conf" = pkgs.writeText "python.d.conf" ''
+    nvidia_smi: yes
+  '';
+}
+</nowiki>
+}}
+==== samba ====
+To enable the <code>samba</code> plugin, additional permissions and configurations will need to be set:
+{{file|configuration.nix|nix|
+<nowiki>
+{
+  services = {
+    netdata.configDir."python.d.conf" = pkgs.writeText "python.d.conf" ''
+      samba: yes
+    '';
+    samba.extraConfig = ''
+      smbd profiling level = on
+    '';
+  };
+  systemd.services.netdata = {
+    path = [ pkgs.samba "/run/wrappers" ];
+    serviceConfig.CapabilityBoundingSet = [ "CAP_SETGID" ];
+  };
-# enable profiling
+  security.sudo.extraConfig = ''
-services.samba.extraConfig = ''
+    netdata ALL=(root) NOPASSWD: ${pkgs.samba}/bin/smbstatus
-smbd profiling level = on
+  '';
-'';
+}
-</pre>
+</nowiki>
+}}

Netdata: Difference between revisions