This docker image is a repack of the original cAdvisor compliant with the HomeCenter docker images standard (S6 overlay, privilege drop etc.).
version: "3.7"
services:
cadvisor:
build: .
image: homecentr/cadvisor
restart: unless-stopped
ports:
- 8080:8080
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /etc/machine-id:/etc/machine-id:ro| Name | Default value | Description |
|---|---|---|
| PUID | 7077 | UID of the user cadvisor should be running as. The UID must have sufficient rights to read from the Docker socket and the mounted directories (e.g. /var/lib/docker). |
| PGID | 7077 | GID of the user cadvisor should be running as. You must set the PUID if you want to set the PGID variable. |
| CADVISOR_ARGS | -logtostderr | Command line arguments to cadvisor executable. By default the logs are redirected to the container output |
| Port | Protocol | Description |
|---|---|---|
| 8080 | TCP | Metrics in Prometheus format |
Make sure you mount the Docker socket
The container is regularly scanned for vulnerabilities and updated. Further info can be found in the Security tab.
The container supports privilege drop. Even though the container starts as root, it will use the permissions only to perform the initial set up. The cadvisor process runs as UID/GID provided in the PUID and PGID environment variables.
user Docker compose property or using the --user argument. This would break the privilege drop logic.
💡 To grant a user the permission to read Docker socket, you can add them to the docker group which is automatically created as a part of the Docker installation.