ServicePulse can be deployed on containers using the particular/ image.
The container can be created as shown in this minimal example using docker run:
docker run -d --name servicepulse -p 9090:9090 \
-e SERVICECONTROL_URL="http://servicecontrol:33333" \
-e MONITORING_URL="http://servicecontrol-monitoring:33633" \
particular/servicepulse:latest
Reverse proxy
The ServicePulse container image includes a reverse proxy feature that allows ServicePulse to act as a single ingress/egress point for a system containing ServiceControl containers. This allows existing container hosting infrastructure to layer additional features onto the ServicePulse ingress point, such as SSL or authentication. It is enabled by default, but it can be disabled.
Ports
9090 is the canonical port exposed by ServicePulse within the container, though this port can be mapped to any desired external port.
Volumes
ServicePulse is stateless and does not require any mounted volumes.
Settings
The settings on this page are unique to the container deployment of ServicePulse.
ServiceControl URL
The ServiceControl URL points to the ServiceControl (Error) instance URL. ServicePulse requests to / will be proxied to this URL in order to fetch ServiceControl data used by ServicePulse.
| Environment variable | SERVICECONTROL_URL |
| Type | URL string |
| Default | http:/ |
Monitoring URL
The Monitoring URL points to the ServiceControl Monitoring instance URL. ServicePulse requests to / will be proxied to this URL in order to fetch monitoring data used by ServicePulse.
| Environment variable | MONITORING_URL |
| Type | URL string |
| Default | http:/ |
Monitoring URL array
This setting is deprecated. The Monitoring URL setting (singular) is preferred and will be used if present.
A JSON array of URLs to monitoring instances.
| Environment variable | MONITORING_URLS |
| Type | JSON Array of URLs |
| Default | ['http:/ |
Default route
The default page that should be displayed when visiting the ServicePulse site.
| Environment variable | DEFAULT_ROUTE |
| Type | string |
| Default | / |
Show pending retries
Set to true to show details of pending retries.
| Environment variable | SHOW_PENDING_RETRY |
| Type | bool |
| Default | false |
Enable reverse proxy
Controls whether the proxy that forwards requests to the ServiceControl and Monitoring instances is enabled or not. Set to false to disable.
Added in version 1.44.0
| Environment variable | ENABLE_REVERSE_PROXY |
| Type | bool |
| Default | true |
Forward headers
These settings configure forward headers for reverse proxy scenarios. Refer to the hosting and security guide or forward headers configuration examples for additional information.
Forward headers enabled
Added in version 2.5.0
Enable forward headers processing.
| Environment variable | SERVICEPULSE_FORWARDEDHEADERS_ENABLED |
| Type | bool |
| Default | true |
Trust all proxies
Added in version 2.5.0
Trust all proxies. Auto-disabled if known proxies/networks are set.
| Environment variable | SERVICEPULSE_FORWARDEDHEADERS_TRUSTALLPROXIES |
| Type | bool |
| Default | true |
The default configuration (TrustAllProxies = true) is suitable for development and trusted container environments only. For production deployments accessible from untrusted networks, its recommended to configure KnownProxies or KnownNetworks to restrict which sources can set forwarded headers. Failing to do so can allow attackers to spoof client IP addresses.
Known proxies
Added in version 2.5.0
Comma-separated IP addresses of trusted proxies (e.g. 10.).
| Environment variable | SERVICEPULSE_FORWARDEDHEADERS_KNOWNPROXIES |
| Type | string |
| Default | (none) |
Known networks
Added in version 2.5.0
Comma-separated CIDR networks (e.g. 10.).
| Environment variable | SERVICEPULSE_FORWARDEDHEADERS_KNOWNNETWORKS |
| Type | string |
| Default | (none) |
TLS
These settings configure HTTPS. Refer to the hosting and security guide or TLS configuration examples for additional information.
HTTPS enabled
Added in version 2.5.0
Enable HTTPS with Kestrel.
| Environment variable | SERVICEPULSE_HTTPS_ENABLED |
| Type | bool |
| Default | false |
Certificate path
Added in version 2.5.0
Path to the certificate file (.pfx).
| Environment variable | SERVICEPULSE_HTTPS_CERTIFICATEPATH |
| Type | string |
| Default | (none) |
Certificate password
Added in version 2.5.0
Password for the certificate file.
| Environment variable | SERVICEPULSE_HTTPS_CERTIFICATEPASSWORD |
| Type | string |
| Default | (none) |
Redirect HTTP to HTTPS
Added in version 2.5.0
Redirect HTTP requests to HTTPS.
| Environment variable | SERVICEPULSE_HTTPS_REDIRECTHTTPTOHTTPS |
| Type | bool |
| Default | false |
When running ServicePulse directly without a reverse proxy, the application only listens on a single protocol (HTTP or HTTPS). This setting is intended for use with a reverse proxy that handles both HTTP and HTTPS traffic.
HTTPS port
Added in version 2.5.0
HTTPS port for redirect (required for reverse proxy scenarios).
| Environment variable | SERVICEPULSE_HTTPS_PORT |
| Type | int |
| Default | (none) |
Enable HSTS
Added in version 2.5.0
Enable HTTP Strict Transport Security.
| Environment variable | SERVICEPULSE_HTTPS_ENABLEHSTS |
| Type | bool |
| Default | false |
Review the implications of enabling HSTS before doing so.
HSTS max age
Added in version 2.5.0
HSTS max-age in seconds.
| Environment variable | SERVICEPULSE_HTTPS_HSTSMAXAGESECONDS |
| Type | int |
| Default | 31536000 (1 year) |
HSTS include subdomains
Added in version 2.5.0
Include subdomains in HSTS policy.
| Environment variable | SERVICEPULSE_HTTPS_HSTSINCLUDESUBDOMAINS |
| Type | bool |
| Default | false |