bnevets27 Posted May 2, 2017 Share Posted May 2, 2017 I recently saw a picture of the synology DSM docker manager GUI. Looked pretty similar to unraid's with one key difference. It has the CPU and RAM usage displayed. That would be a nice addition. Attached is the picture of the synology DSM. Sent from my SM-N900W8 using Tapatalk Quote Link to comment
bnevets27 Posted May 2, 2017 Author Share Posted May 2, 2017 Knew that was there and constantly forget about it. Right idea but still would rather it be prettier and on docker manager page.... Sent from my SM-N900W8 using Tapatalk Quote Link to comment
Squid Posted May 2, 2017 Share Posted May 2, 2017 Ultimate in pretty, but still not available on the docker tab would be the cAdvisor app Quote Link to comment
1812 Posted May 2, 2017 Share Posted May 2, 2017 or the netdata docker... lots of pretty going on there. Quote Link to comment
Squid Posted May 2, 2017 Share Posted May 2, 2017 I can add a picture of a flower or something to CA resource monitor. Was thinking about revisiting it this summerSent from my LG-D852 using Tapatalk 2 Quote Link to comment
bnevets27 Posted May 3, 2017 Author Share Posted May 3, 2017 I also have both of those dockers. But this isn't about finding info it's about being in that location. I've been chatting with some people who have used a few different NAS products and unRAID could do with some improvements to the gui. So to clarify this isn't a request for me. Just a general improvement. And just because the data can be found elsewhere doesn't mean it wouldn't make sense to be on the docker page. It's like saying all the hard drive info is on the main page (space used, temp etc) so why bother putting it on the dashboard. And unless I'm missing something neither netdata nor cAdvisor label the dockers with their name so it's not that easy figure out what's what at a glance. If you add flowers squid, will more flowers equal more cpu used or more flower power? Sent from my SM-N900W8 using Tapatalk Quote Link to comment
primeval_god Posted May 3, 2017 Share Posted May 3, 2017 3 hours ago, bnevets27 said: And unless I'm missing something neither netdata nor cAdvisor label the dockers with their name so it's not that easy figure out what's what at a glance. Netdata can, but the docker container requires rw access to the docker.sock to do so . Quote Link to comment
-Daedalus Posted May 3, 2017 Share Posted May 3, 2017 I'd register my agreement with this request, generally. Since the launch (and subsequent canning) of FreeNAS Corral I've felt the unRAID GUI being a little on the dated side. Would be nice to have something of a fresher look. Quote Link to comment
poku Posted May 7, 2017 Share Posted May 7, 2017 I've been thinking same; the unraid UI is definitely a bit outdated and uninformative at times. I would love to see refreshments like in the screenshot OP provided. Of course there are dockers, but it makes sense for all this information to exist in the UnRAID GUI. Quote Link to comment
bnevets27 Posted July 3, 2017 Author Share Posted July 3, 2017 Well now that this has been removed from CA. Would be nice to have this built into the unraid UI. Quote Link to comment
jj_uk Posted May 27, 2018 Share Posted May 27, 2018 On 5/2/2017 at 4:34 PM, 1812 said: You mean something like this? Where is this? I can't find the resource monitor(?) Quote Link to comment
Squid Posted May 27, 2018 Share Posted May 27, 2018 Where is this? I can't find the resource monitor(?)Long gone. Use NetData instead 1 Quote Link to comment
NAS Posted May 31, 2018 Share Posted May 31, 2018 On 5/3/2017 at 5:43 PM, primeval_god said: Netdata can, but the docker container requires rw access to the docker.sock to do so . If we are advocating the use of this container to fix a core OS limitation we need to explain the serious security implications of docker sock access. At the very least this will require a zone like setup with networking to mitigate some security risks. I would in my day job always advise strongly against any solution that could have public facing containers on the same instance as a backend sock instance 1 Quote Link to comment
primeval_god Posted May 31, 2018 Share Posted May 31, 2018 On 5/3/2017 at 12:43 PM, primeval_god said: Netdata can, but the docker container requires rw access to the docker.sock to do so . Per the discussion in the thread below, it appears that netdata only requires read access to the docker.sock. Additionally there is this container https://github.com/titpetric/docker-proxy-acl for further restricting the use of docker.sock. Quote Link to comment
NAS Posted May 31, 2018 Share Posted May 31, 2018 https://raesene.github.io/blog/2016/03/06/The-Dangers-Of-Docker.sock/ " After tweeting this article out @benhall pointed out that actually the ro setting on the volume mount doesn’t have a lot of effect in terms of security. An attacker with ro access to the socket can still create another container and do something like mount /etc/ into it from the host, essentially giving them root access to the host. So bottom line is don’t mount docker.sock into a container unless you trust its provenance and security… " In general security terms you know things are fundamentally not right with a generic approach when your trying to herd this many cats just to make it less insecure... not secure... less evil. Quote Link to comment
primeval_god Posted June 1, 2018 Share Posted June 1, 2018 Wow, good to know. I am still reasonably confident that the docker-proxy-acl would protect against this type of breach, since it blocks all PUT endpoints on the docker socket and only passes select GET endpoints. https://scene-si.org/2016/04/25/exposing-your-docker-api/ Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.