Skip to content

Deployment Overview of VictoriaMetrics on Server

Prerequisites and Basic Requirements

To successfully deploy VictoriaMetrics on this server, the following environment prerequisites must be met:

  • The server must have Docker and Docker Compose installed and operational.

  • Administrative privileges (root or sudo access) are required to create volumes, manage services, and configure network settings.

  • The server must have network connectivity to resolve external domains and fetch container images from Docker Hub.

  • The deployment assumes a Linux-based operating system compatible with the provided Docker configuration.

FQDN of the Final Panel

The VictoriaMetrics panel is accessible via the following Fully Qualified Domain Name (FQDN) on the hostkey.in domain:

  • Format: victoriametrics<Server ID>.hostkey.in

  • Access Port: 443 (HTTPS)

Note: Replace <Server ID> with the actual identifier assigned to the specific server instance. The service is exposed via the root path /.

File and Directory Structure

The application components, configuration files, and data storage are organized within the root directory structure as follows:

Directory/Path Description
/root/victoria-metrics-data Main data directory containing configuration templates and mounted volumes.
/root/victoria-metrics-data/compose.yml Docker Compose definition file for service orchestration.
/root/victoria-metrics-data/authconfig.yml Authentication configuration file for the vmauth service.
/data/nginx/user_conf.d Directory for Nginx user configuration (managed by the proxy container).

Application Installation Process

The application is deployed using Docker Compose. The process involves generating the necessary configuration files and starting the containerized services:

  1. The deployment creates the directory /root/victoria-metrics-data with root ownership.

  2. A Docker Compose file (compose.yml) is generated at /root/victoria-metrics-data/compose.yml.

  3. An authentication configuration file (authconfig.yml) is generated at /root/victoria-metrics-data/authconfig.yml.

  4. A Docker volume named victoriametrics is created to persist application data.

  5. The services are started by executing the docker compose up -d command within the /root/victoria-metrics-data directory.

Docker Containers and Their Deployment

The deployment utilizes three distinct containers defined in the compose.yml file:

  • nginx:

  • Image: jonasal/nginx-certbot:latest

  • Purpose: Reverse proxy with SSL/TLS termination and certificate management.

  • Ports: Exposes port 80 and 443 externally.

  • Environment: Configured with the email [email protected] for Certbot.

  • Volumes: Mounts nginx_secrets for Let's Encrypt certificates and maps /data/nginx/user_conf.d.

  • victoriametrics:

  • Image: victoriametrics/victoria-metrics:latest

  • Purpose: Core VictoriaMetrics server.

  • Ports: Exposes port 8428 internally.

  • Volumes: Mounts /root/victoria-metrics-data and the victoriametrics named volume.

  • Restart Policy: unless-stopped.

  • vmauth:

  • Image: victoriametrics/vmauth

  • Purpose: Authentication layer for VictoriaMetrics.

  • Ports: Exposes port 8427 internally.

  • Command: Starts with the configuration flag -auth.config=/root/victoria-metrics-data/authconfig.yml.

  • Dependencies: Must start after the victoriametrics service.

  • Volumes: Mounts /root/victoria-metrics-data.

  • Restart Policy: unless-stopped.

Proxy Servers

Access to the VictoriaMetrics panel is managed through an Nginx reverse proxy configured with Certbot for automatic SSL certificate management:

  • Software: Nginx (via jonasal/nginx-certbot:latest).

  • SSL/TLS: Enabled via Let's Encrypt. Certificates are stored in the nginx_secrets volume at /etc/letsencrypt inside the container.

  • Configuration: The proxy listens on standard HTTP (80) and HTTPS (443) ports.

  • Domain Mapping: The proxy is configured to forward requests for the specific FQDN to the internal VictoriaMetrics service.

Location of Configuration Files and Data

Key files and data locations on the host server include:

  • Compose Definition: /root/victoria-metrics-data/compose.yml

  • Auth Configuration: /root/victoria-metrics-data/authconfig.yml

  • Application Data: Persisted within the Docker volume named victoriametrics, mapped to /victoria-metrics inside the container.

  • Certificate Secrets: Stored in the Docker volume nginx_secrets, mapped to /etc/letsencrypt inside the Nginx container.

Available Ports for Connection

The following ports are available for connection to the deployed services:

  • Port 443: HTTPS access to the VictoriaMetrics panel via the public FQDN.

  • Port 80: HTTP access, used primarily for SSL certificate validation by Let's Encrypt.

  • Port 8428: Direct internal access to the VictoriaMetrics service (bound to localhost or internal network).

  • Port 8427: Direct internal access to the vmauth service.

Permission Settings

File and directory permissions are set as follows during the deployment:

  • Directory: /root/victoria-metrics-data

  • Owner: root

  • Group: root

  • Mode: 0644

  • Files:

  • compose.yml: Owner root, Group root, Mode 0644.

  • authconfig.yml: Owner root, Group root, Mode 0644.

Starting, Stopping, and Updating

Service management is performed using Docker Compose commands executed from the /root/victoria-metrics-data directory:

  • Start Services: 

    cd /root/victoria-metrics-data
docker compose up -d

  • Stop Services: 

    cd /root/victoria-metrics-data
docker compose down

  • Update Services: To apply changes to the compose.yml or pull new image versions: 

    cd /root/victoria-metrics-data
docker compose pull
docker compose up -d

Note: The authconfig.yml file references the SSH password ({{ ansible_ssh_pass }}) for the root user, which is used to authenticate against the VictoriaMetrics internal endpoint.

question_mark
Is there anything I can help you with?
question_mark
AI Assistant ×