Overview
NMIS provides official Docker images for containerized deployment. The Docker setup includes:
- NMIS application container
- MongoDB 7.0 database
- Redis cache (for OMK integration)
- Apache httpd reverse proxy
Docker Image
The official NMIS Docker image is based on perl:5.32.1-slim-threaded-bullseye and includes:
- NMIS 9.6.5
- MongoDB client tools
- All required Perl modules
- SNMP tools (fping, snmp, snmptrapd)
- Network utilities (nmap, traceroute, mtr)
Quick Start with Docker Compose
Prerequisites
- Docker Engine 20.10+
- Docker Compose 2.0+
- 4GB RAM minimum
- 20GB disk space
Docker Compose Configuration
Create a compose.yaml file:
services:
nmis:
image: public.ecr.aws/n2x4v8j4/firstwave/nmis9_omk:v2.2
restart: always
environment:
NMIS_DB_USERNAME: ${MONGODB_USERNAME}
NMIS_DB_PASSWORD: ${MONGODB_PASSWORD}
NMIS_DB_SERVER: mongo
NMIS_SERVER_NAME: ${NMIS_SERVER_NAME}
depends_on:
- mongo
volumes:
- nmis_log_data:/usr/local/nmis9/logs
- nmis_var_data:/usr/local/nmis9/var
- nmis_conf_data:/usr/local/nmis9/conf
- nmis_database_data:/usr/local/nmis9/database
- nmis_models_custom:/usr/local/nmis9/models-custom
ports:
- "8080:8080" # NMIS web interface
- "8042:8042" # OMK web interface
- "2055:2055/udp" # NetFlow
- "161:161/udp" # SNMP
- "25:25" # Mail relay
networks:
- nmis_net
mongo:
image: mongo:7.0
restart: always
healthcheck:
test: echo 'db.runCommand("ping").ok' | mongosh mongo:27017/test --quiet
interval: 60s
timeout: 60s
retries: 5
start_period: 60s
environment:
MONGO_INITDB_ROOT_USERNAME: ${MONGODB_USERNAME}
MONGO_INITDB_ROOT_PASSWORD: ${MONGODB_PASSWORD}
volumes:
- mongo_data:/data/mongodb
- mongo_log:/var/log/mongodb
ports:
- "27017:27017"
command: ["mongod", "--auth"]
networks:
- nmis_net
networks:
nmis_net:
volumes:
nmis_log_data:
nmis_var_data:
nmis_conf_data:
nmis_database_data:
nmis_models_custom:
mongo_data:
mongo_log:
Environment Variables
Create a .env file:
MONGODB_USERNAME=nmis
MONGODB_PASSWORD=your_secure_password_here
NMIS_SERVER_NAME=nmis.example.com
REDIS_PASSWORD=your_redis_password_here
Change the default passwords before deploying to production. Never commit the .env file to version control.
Start the Containers
Start the stack
This will:
- Pull the NMIS and MongoDB images
- Create network and volumes
- Start all containers
Check container status
All containers should show Up status. View logs
# NMIS logs
docker-compose logs -f nmis
# MongoDB logs
docker-compose logs -f mongo
Access the web interface
Open your browser to http://localhost:8080/nmis9Default credentials:
- Username:
nmis
- Password:
nm1888
Change the default password immediately after first login.
Exposed Ports
The NMIS container exposes the following ports:
| Port | Protocol | Purpose |
|---|
| 8080 | TCP | NMIS web interface |
| 8042 | TCP | OMK web interface (if installed) |
| 161 | UDP | SNMP trap receiver |
| 162 | UDP | SNMP trap receiver (alternate) |
| 2055 | UDP | NetFlow collector |
| 25 | TCP | Mail relay (optional) |
Persistent Volumes
NMIS uses the following volumes for persistent data:
NMIS Volumes
- nmis_conf_data: Configuration files (
/usr/local/nmis9/conf)
- nmis_var_data: RRD files and runtime data (
/usr/local/nmis9/var)
- nmis_log_data: Log files (
/usr/local/nmis9/logs)
- nmis_database_data: Local database files (
/usr/local/nmis9/database)
- nmis_models_custom: Custom device models (
/usr/local/nmis9/models-custom)
Database Volumes
- mongo_data: MongoDB data files
- mongo_log: MongoDB logs
Custom Configuration
You can mount custom configuration files into the container:
volumes:
- ./Config.nmis:/usr/local/nmis9/conf/Config.nmis
- ./opCommon.json:/usr/local/omk/conf/opCommon.json
Ensure database configuration in your custom Config.nmis matches the compose file settings.
Container Entrypoint
The container entrypoint (docker-entrypoint.sh) performs these tasks:
-
Setup: Creates directories and sets ownership
for d in assets var/nmis_system models-custom database conf logs
do
chown -R nmis:nmis ${NMIS_HOME}/${d}
done
-
Node Import: Automatically imports nodes from
/usr/local/nmis9/import/*.json
-
Database Setup: Runs MongoDB configuration
/usr/local/nmis9/admin/setup_mongodb.pl
-
Start Services:
- NMIS daemon (
nmisd)
- Web interface (
nmisx) on port 8080
- OMK services (if installed)
Importing Nodes on Startup
To automatically import nodes when the container starts:
- Create node JSON files in a local
import/ directory
- Mount the directory:
volumes:
- ./import:/usr/local/nmis9/import
Example node file (router1.json):
{
"name": "router1",
"host": "192.168.1.1",
"community": "public",
"version": "snmpv2c",
"group": "Network",
"active": true
}
Health Checks
Monitor container health:
# Check if NMIS daemon is running
docker-compose exec nmis ps aux | grep nmisd
# Check NMIS status
docker-compose exec nmis /usr/local/nmis9/bin/nmis-cli act=status
# Check MongoDB health
docker-compose exec mongo mongosh --eval 'db.runCommand("ping")'
Troubleshooting
Container Won’t Start
Check logs for errors:
Common issues:
- Port conflicts (8080 already in use)
- Insufficient memory
- Volume permission errors
Database Connection Failed
Verify MongoDB is healthy:
docker-compose exec mongo mongosh -u nmis -p
Web Interface Not Accessible
Check if nmisx is running:
docker-compose exec nmis ps aux | grep nmisx
docker-compose restart nmis
Upgrading
Backup data
docker-compose exec nmis /usr/local/nmis9/bin/nmis-cli act=config-backup
docker-compose exec mongo mongodump --authenticationDatabase admin -u nmis -p
Verify upgrade
Check the version:docker-compose exec nmis /usr/local/nmis9/bin/nmis-cli version
Production Considerations
Resource Limits
Set resource limits in compose.yaml:
services:
nmis:
deploy:
resources:
limits:
cpus: '2'
memory: 4G
reservations:
cpus: '1'
memory: 2G
Restart Policies
Ensure automatic restart:
Network Configuration
For production, use a dedicated network:
networks:
nmis_net:
driver: bridge
ipam:
config:
- subnet: 172.28.0.0/16
Security
- Use secrets for passwords (Docker Swarm)
- Run containers with read-only filesystem where possible
- Enable SELinux or AppArmor
- Restrict network access with firewall rules
See Also