- sets oom_score on containers
- performs system prune operations via Docker API
- processes events from the Docker events API and notify owners on Slack based on the
expertscontainer label (comma separated)
These labels are applied to workload containers read by docker-operator to direct and enrich messages when reporting events
labels:
# try to have 2+ experts for each service.
# these are used for event notifications.
# specify the full email used for slack or specify the username and SLACK_EMAIL_DOMAIN env var.
- "experts=dustind,jdoe"
- "description="acme service farms chickens"These env vars are applied to docker-operator so it can connect to the Slack API (optional) and provide enrichement (optional)
Right now LOG_URL_FORMAT and DEPLOY_URL_FORMAT only supports substituting Docker Swarm service names from the com.docker.swarm.service.name container label, but it could easily support others with minor improvements.
environment:
- SLACK_BOT_API_KEY_PATH=/run/secrets/docker-operator-slack-bot-token
- SLACK_WORKSPACE_API_KEY_PATH=/run/secrets/docker-operator-slack-workspace-token
- SLACK_EMAIL_DOMAIN=indeed.com
- LOG_URL_FORMAT=https://kibana.internal.net/app/kibana#/discover?query=%[1]s
- DEPLOY_URL_FORMAT=https://swarm.internal.net/service/ps/%sSet a sensible restart policy so you don't get spammed by alerts if your application is unhealthy
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
window: 120s # monitors the process for this period- add K8s support
- add fork bomb prevention (via parent cgroup pids.max)
- add other notification mechanisms