Added fleetd docker images to test/develop linux fleetd features (#25027)

Useful while testing/developing #24385. In the future we can push some of these to Fleet's Docker Hub and include them in `fleetctl preview` to allow demoing of e.g. script execution on linux devices.
2026-04-21 13:37:30 +00:00 · 2024-12-27 16:16:39 -03:00 · 2024-12-27 16:16:39 -03:00 · 2781193cdd
commit 2781193cdd
parent 963cc7e22c
10 changed files with 196 additions and 0 deletions
--- a/tools/fleetd-linux/README.md
+++ b/tools/fleetd-linux/README.md
@ -0,0 +1,19 @@
+# fleetd-linux
+
+This directory contains scripts to build and run Docker Linux images with fleetd installed on them that connect to a Fleet instance running on the host (similar to [tools/osquery](../osquery/)).
+
+PS: In the future, we could push these images to Docker Hub and include some of them in `fleetctl preview` (to allow demoing script execution on Linux hosts).
+
+## Build fleetd docker images
+
+To build all docker images run:
+```sh
+./tools/fleetd-linux/build-all.sh
+```
+
+## Run fleetd containers
+
+To run all fleetd docker images and enroll them to your local Fleet instance, run:
+```sh
+ENROLL_SECRET=<...> docker compose -f ./tools/fleetd-linux/docker-compose.yml up
+```
--- a/tools/fleetd-linux/amazonlinux-2023/Dockerfile
+++ b/tools/fleetd-linux/amazonlinux-2023/Dockerfile
@ -0,0 +1,12 @@
+FROM amazonlinux:2023
+
+COPY fleet-osquery_amd64.rpm /
+COPY run-fleetd.sh /
+RUN chmod +x /run-fleetd.sh
+
+# For xargs
+RUN dnf install --assumeyes findutils
+
+RUN dnf install --assumeyes /fleet-osquery_amd64.rpm
+
+ENTRYPOINT ["/run-fleetd.sh"]
--- a/tools/fleetd-linux/build-all.sh
+++ b/tools/fleetd-linux/build-all.sh
@ -0,0 +1,32 @@
+#!/bin/bash
+
+script_dir=$(dirname -- "$(readlink -f -- "$BASH_SOURCE")")
+cd "$script_dir"
+
+echo "Building fleetd deb package..."
+fleetctl package --type=deb \
+	--enable-scripts \
+	--fleet-url=https://host.docker.internal:8080 \
+	--enroll-secret=placeholder \
+	--fleet-certificate=../osquery/fleet.crt \
+    --disable-open-folder \
+    --debug
+mv fleet-osquery_1*_amd64.deb fleet-osquery_amd64.deb
+
+echo "Building fleetd rpm package..."
+fleetctl package --type=rpm \
+	--enable-scripts \
+	--fleet-url=https://host.docker.internal:8080 \
+	--enroll-secret=placeholder \
+	--fleet-certificate=../osquery/fleet.crt \
+    --disable-open-folder \
+    --debug
+mv fleet-osquery-1*.x86_64.rpm fleet-osquery_amd64.rpm
+
+echo "Building docker images..."
+docker build -t fleetd-ubuntu-24.04 --platform=linux/amd64 -f ./ubuntu-24.04/Dockerfile .
+docker build -t fleetd-fedora-41 --platform=linux/amd64 -f ./fedora-41/Dockerfile .
+docker build -t fleetd-redhat-9.5 --platform=linux/amd64 -f ./redhat-9.5/Dockerfile .
+docker build -t fleetd-centos-stream-10 --platform=linux/amd64 -f ./centos-stream-10/Dockerfile .
+docker build -t fleetd-debian-12.8 --platform=linux/amd64 -f ./debian-12.8/Dockerfile .
+docker build -t fleetd-amazonlinux-2023 --platform=linux/amd64 -f ./amazonlinux-2023/Dockerfile .
--- a/tools/fleetd-linux/centos-stream-10/Dockerfile
+++ b/tools/fleetd-linux/centos-stream-10/Dockerfile
@ -0,0 +1,10 @@
+FROM quay.io/centos/centos@sha256:3a3a88a9c8c47dc60b8af3be0779d74c2d3da11a32082ac1a4c329863c422df3
+# Pinning version because without the pin it's failing with host not found for mirrorlist.centos.org.
+
+COPY fleet-osquery_amd64.rpm /
+COPY run-fleetd.sh /
+RUN chmod +x /run-fleetd.sh
+
+RUN dnf install --assumeyes /fleet-osquery_amd64.rpm
+
+ENTRYPOINT ["/run-fleetd.sh"]
--- a/tools/fleetd-linux/debian-12.8/Dockerfile
+++ b/tools/fleetd-linux/debian-12.8/Dockerfile
@ -0,0 +1,9 @@
+FROM debian:12.8
+
+COPY fleet-osquery_amd64.deb /
+COPY run-fleetd.sh /
+RUN chmod +x /run-fleetd.sh
+
+RUN dpkg --install /fleet-osquery_amd64.deb
+
+ENTRYPOINT ["/run-fleetd.sh"]
--- a/tools/fleetd-linux/docker-compose.yml
+++ b/tools/fleetd-linux/docker-compose.yml
@ -0,0 +1,74 @@
+---
+x-default-settings:
+  environment: &default-environment
+    ENROLL_SECRET: "${ENROLL_SECRET:?ENROLL_SECRET must be set for server authentication}"
+  ulimits: &default-ulimits
+    core:
+      hard: 1000000000
+      soft: 1000000000
+  network_mode: &default-network-mode bridge
+  extra_hosts: &extra-hosts
+    - "host.docker.internal:host-gateway"
+  platform: &default-platform linux/x86_64
+
+#
+# We are running the containers with `privileged: true` to fix osquery errors like
+# `[... processes.cpp:510] Cannot read /proc/50/io (is osquery running as root?)`
+# (it is running as `root` but seems it's missing some privileges in the container).
+#
+
+services:
+  ubuntu24.04-fleetd:
+    image: "fleetd-ubuntu-24.04"
+    privileged: true
+    user: 0:0
+    network_mode: *default-network-mode
+    platform: *default-platform
+    environment: *default-environment
+    ulimits: *default-ulimits
+    extra_hosts: *extra-hosts
+  fedora41-fleetd:
+    image: "fleetd-fedora-41"
+    privileged: true
+    user: 0:0
+    network_mode: *default-network-mode
+    platform: *default-platform
+    environment: *default-environment
+    ulimits: *default-ulimits
+    extra_hosts: *extra-hosts
+  redhat9.5-fleetd:
+    image: "fleetd-redhat-9.5"
+    privileged: true
+    user: 0:0
+    network_mode: *default-network-mode
+    platform: *default-platform
+    environment: *default-environment
+    ulimits: *default-ulimits
+    extra_hosts: *extra-hosts
+  centosstream10-fleetd:
+    image: "fleetd-centos-stream-10"
+    privileged: true
+    user: 0:0
+    network_mode: *default-network-mode
+    platform: *default-platform
+    environment: *default-environment
+    ulimits: *default-ulimits
+    extra_hosts: *extra-hosts
+  debian12.8-fleetd:
+    image: "fleetd-debian-12.8"
+    privileged: true
+    user: 0:0
+    network_mode: *default-network-mode
+    platform: *default-platform
+    environment: *default-environment
+    ulimits: *default-ulimits
+    extra_hosts: *extra-hosts
+  amazonlinux2023-fleetd:
+    image: "fleetd-amazonlinux-2023"
+    privileged: true
+    user: 0:0
+    network_mode: *default-network-mode
+    platform: *default-platform
+    environment: *default-environment
+    ulimits: *default-ulimits
+    extra_hosts: *extra-hosts
--- a/tools/fleetd-linux/fedora-41/Dockerfile
+++ b/tools/fleetd-linux/fedora-41/Dockerfile
@ -0,0 +1,9 @@
+FROM fedora:41
+
+COPY fleet-osquery_amd64.rpm /
+COPY run-fleetd.sh /
+RUN chmod +x /run-fleetd.sh
+
+RUN dnf install --assumeyes /fleet-osquery_amd64.rpm
+
+ENTRYPOINT ["/run-fleetd.sh"]
--- a/tools/fleetd-linux/redhat-9.5/Dockerfile
+++ b/tools/fleetd-linux/redhat-9.5/Dockerfile
@ -0,0 +1,9 @@
+FROM redhat/ubi9:9.5
+
+COPY fleet-osquery_amd64.rpm /
+COPY run-fleetd.sh /
+RUN chmod +x /run-fleetd.sh
+
+RUN dnf install --assumeyes /fleet-osquery_amd64.rpm
+
+ENTRYPOINT ["/run-fleetd.sh"]
--- a/tools/fleetd-linux/run-fleetd.sh
+++ b/tools/fleetd-linux/run-fleetd.sh
@ -0,0 +1,11 @@
+#!/bin/bash
+
+sed -i "s/placeholder/${ENROLL_SECRET}/g" /etc/default/orbit
+export $(cat /etc/default/orbit | xargs)
+
+while true; do
+	echo "Starting orbit..."
+	/opt/orbit/bin/orbit/orbit
+	echo "orbit exit code: $?"
+	sleep 5
+done
--- a/tools/fleetd-linux/ubuntu-24.04/Dockerfile
+++ b/tools/fleetd-linux/ubuntu-24.04/Dockerfile
@ -0,0 +1,11 @@
+FROM ubuntu:24.04
+
+COPY fleet-osquery_amd64.deb /
+COPY run-fleetd.sh /
+RUN chmod +x /run-fleetd.sh
+
+RUN apt-get update && apt-get install -y ca-certificates
+
+RUN dpkg --install /fleet-osquery_amd64.deb
+
+ENTRYPOINT ["/run-fleetd.sh"]