/
NMIS Docker Deployment Guide

NMIS Docker Deployment Guide

Owned by Louis Tissington
Last updated: about 16 hours ago
4 min read

 

Overview

This guide provides instructions for deploying NMIS Suite with NMIS 9 and commercial Modules with optional Apache reverse proxy configuration. The solution can be deployed either with a containerized MongoDB instance or configured to use an external MongoDB server.

Prerequisites

  • Access to the internet to pull the latest, this is currently :v1.0 container image

  • Docker Engine (20.10.0 or newer)

Minimum Resource Requirements

*please note these are a bare minimum, and resource requirements for production environments will depend upon the number of nodes being monitored

  • RAM: 2GB dedicated for the NMIS container

  • Storage:

    • 1GB for container image (840MB image size + buffer)

    • Additional storage for logs and data (recommend minimum 10GB)

  • Network: Active internet connection for pulling images and updates

Additional Requirements for Full Stack (Docker Compose)

  • MongoDB Container:

    • Additional 1GB RAM minimum

    • 10GB storage for database files

    • Total system RAM: 4GB minimum

Deployment Steps

Docker Compose

Please refer to the section ‘Persisting configuration files’ below if you wish to take and use the default configs from the container or mount in your own

  1. Pull the NMIS image:

docker pull public.ecr.aws/n2x4v8j4/firstwave/nmis9_omk:v1.0

  1. Create docker-compose.yaml:

version: '3.4' services: mongo: image: mongo:4.4 restart: always healthcheck: test: echo 'db.runCommand("ping").ok' | mongo mongo:27017/test --quiet interval: 60s timeout: 60s retries: 5 start_period: 60s environment: MONGO_INITDB_ROOT_USERNAME: root MONGO_INITDB_ROOT_PASSWORD: example volumes: - mongo_data:/var/lib/mongodb networks: - backend nmis: image: public.ecr.aws/n2x4v8j4/firstwave/nmis9_omk:v1.0 restart: always environment: NMIS_DB_USERNAME: root NMIS_DB_PASSWORD: example NMIS_DB_SERVER: mongo NMIS_SERVER_NAME: example-host-1 depends_on: mongo: condition: service_healthy volumes: - log_data:/usr/local/nmis9/logs - var_data:/usr/local/nmis9/var - conf_data:/usr/local/nmis9/conf - database_data:/usr/local/nmis9/database # You can mount your own config files into volumes in the container but # you must ensure that the db config details match whats in this compose file # - ./app_conf/Config.nmis:/usr/local/nmis9/conf/Config.nmis # - ./app_conf/opCommon.json:/usr/local/omk/conf/opCommon.json # - ./app_conf/opLicense.json:/usr/local/omk/conf/opLicense.json ports: - "8080:8080" - "8042:8042" networks: - backend networks: backend: volumes: log_data: var_data: conf_data: database_data: mongo_data:

  1. Start the services:

docker compose up --file docker-compose.yaml

  1. Monitor deployment:

Connecting to the application

Once the container is running, go to http://your.ip.or.localhost:8080/cgi-nmis9/nmiscgi.pl to reach the NMIS application

To reach the rest of the modules, go to http://your.ip.or.localhost:8042/omk

To connect when using a reverse proxy see below.

Persisting configurations

The container already persists the <nmis>/conf directory and the three files below.

The easiest way to persist configurations with docker is to mount in your own. The items you will mainly want to “persist” will be:

Config.nmis

opCommon.json

and opLicense.json

But you can extend this to any file you want which is used by the nmis system, to do this:

  1. create a directory named app_conf (if you didn’t before) in the same directory you created the compose file in:

  1. uncomment out the app_conf volume mounts in the compose file

  2. Restart the the containers

If you wish to use the default configs that work out of the box with the containers, and modify them, you can copy them from the containers to your local machine.

  1. make the appconf directory to store them in, where you will mount them from later

  2. exec into your container and copy the configuration files to a directory on your host machine:

Replace <container_name> with your actual container name (likely "nmis" based on your compose file).

The command:

  1. Creates a temporary directory inside the container

  2. Copies all three config files to that directory

  3. Uses docker cp to copy the files from the container to your host at <Path/to/appconf/>

If you need to find your container name first, you can run:

docker ps | grep nmis

  1. once you have the default configs in the appconf dir - uncomment out the appconf volume mounts in the compose file and restart the container stack

Apache Reverse Proxy Configuration (Optional)

  1. Prerequisites

    1. Apache2 with required modules (if using reverse proxy):

      • mod_ssl

      • mod_proxy

      • mod_proxy_http

      • mod_headers

    2. SSL certificates (if using HTTPS)

  2. Enable required Apache modules:

  1. Create virtual host configuration, using the following template, substituting your domain name for nmis.example.com:

  1. Enable virtual host:

  1. To connect to the the application:
    Once the container is running, go to https://nmis.example.com/omk to reach the NMIS application

    To reach the rest of the modules, go to https://nmis.example.com/omk

Common Issues and Troubleshooting

MongoDB Connection Issues:

  • Verify MongoDB container: docker compose ps

  • Check MongoDB logs: docker compose logs mongo

  • Verify credentials in environment variables

Apache Proxy Issues:

  • Check Apache error logs: tail -f /var/log/apache2/error.log

  • Verify SSL certificate paths and permissions

  • Check SELinux policies if applicable

Security Considerations

  1. Change default passwords:

  • MongoDB root password

  • NMIS admin credentials

**Important - to change the mongo password - please change it in the mongo database before changing any configurations or environment variables

docker exec -it container_name mongo -u root -p example

use admin
db.changeUserPassword("root", "new_password")
exit

  1. SSL/TLS Configuration:

  • Use strong SSL protocols (TLSv1.2+)

  • Regularly update SSL certificates

  • Implement proper cipher suites

  1. Network Security:

  • Implement proper firewall rules

  • Regular security updates

Maintenance

Backup Strategy:

Updates:

Advanced Configuration

External MongoDB

To use an external MongoDB instance:

  1. Remove the mongo service from docker-compose.yaml

  2. Update NMIS environment variables with external MongoDB details

  3. Ensure proper network connectivity and authentication

Custom Networking

For enhanced security:

  1. Use custom network ranges

  2. Implement network segmentation

  3. Add additional security layers (WAF, IDS)

Support and Resources

 

Related content

NMIS Troubleshooting
NMIS Troubleshooting
NMIS
More like this
NMIS8 - A Quick Getting Started Guide
NMIS8 - A Quick Getting Started Guide
NMIS
More like this
Advanced Import of nodes to NMIS9 (Primary/Poller)
Advanced Import of nodes to NMIS9 (Primary/Poller)
OPMANTEK LATAM
More like this
NMIS 9 Installation Guide
NMIS 9 Installation Guide
NMIS
More like this
Using NMIS to monitor services
Using NMIS to monitor services
NMIS
More like this