Editorial Staff

How to install coroot on ubuntu vpsHere’s a detailed step-by-step guide demonstrating how to install Coroot on Ubuntu VPS.

Table of Contents

What is Coroot?

Coroot is an open-source observability tool that helps you monitor and troubleshoot your applications using eBPF. It provides deep insights into service dependencies, performance bottlenecks, and anomalies in real-time.

Prerequisites

Before you begin:

  • A VPS with Ubuntu 20.04+
  • sudo privileges
  • Ports 8080, 3000, and 9090 open (for Coroot, Grafana, and Prometheus)
  • Optional: Docker and Docker Compose installed (preferred deployment method)

Launch 100% ssd ubuntu vps from $2. 49/mo!

How to Install Coroot on Ubuntu VPS

To install Coroot on Ubuntu VPS, follow the steps provided:

  1. Update Your System

    sudo apt update && sudo apt upgrade -y

  2. Install Docker & Docker Compose

    If not already installed:

    sudo apt install -y docker.io docker-compose sudo systemctl enable docker sudo systemctl start docker

  3. Create a Docker Compose File for Coroot

    Create a working directory:

    mkdir ~/coroot && cd ~/coroot

    Create the docker-compose.yml file:

    nano docker-compose.yml

    Paste the following configuration:

    version: '3.7' services: prometheus: image: prom/prometheus volumes: - ./prometheus.yml:/etc/prometheus/prometheus.yml command: - '--config.file=/etc/prometheus/prometheus.yml' ports: - "9090:9090" coroot: image: ghcr.io/coroot/coroot:latest ports: - "8080:8080" depends_on: - prometheus environment: - PROMETHEUS_URL=http://prometheus:9090

  4. Add Basic Prometheus Configuration

    Create a basic prometheus.yml file:

    nano prometheus.yml

    Paste:

    global: scrape_interval: 15s scrape_configs: - job_name: 'prometheus' static_configs: - targets: ['localhost:9090']

  5. Start Coroot and Prometheus

    Now start the services:

    docker-compose up -d

    Verify that all services are running:

    docker ps

  6. Access Coroot Dashboard

    Open your browser and go to:
    http://your-server-ip:8080
    You should see the Coroot UI!

  7. Optional: Enable eBPF Monitoring (Linux Only)

    Coroot can use eBPF for deep visibility:

    1. Install required dependencies: 
      sudo apt install -y linux-headers-$(uname -r) bpfcc-tools
    2. Add the Coroot Node Agent as another service in docker-compose.yml: 
       agent: image: ghcr.io/coroot/coroot-node-agent:latest network_mode: host pid: host privileged: true volumes: - /sys:/sys - /proc:/proc
    3. Restart the stack: 
      docker-compose down && docker-compose up -d

  8. (Optional) Add Grafana

    To visualize more metrics:

     grafana: image: grafana/grafana ports: - "3000:3000" environment: - GF_SECURITY_ADMIN_PASSWORD=admin depends_on: - prometheus

    Access Grafana at:
    http://your-server-ip:3000
    Default credentials: admin/admin

Notes

  • For production, configure Prometheus to monitor your real services.
  • Secure your stack with a reverse proxy and SSL (e.g., Nginx + Let’s Encrypt).
  • Monitor Docker resource usage with docker stats.

Nginx Reverse Proxy with SSL for Coroot

  1. Install Nginx and Certbot

    sudo apt update sudo apt install -y nginx certbot python3-certbot-nginx

    Allow HTTP/HTTPS traffic:

    sudo ufw allow 'Nginx Full'

  2. Start Coroot Stack

    If you haven’t already:

    mkdir ~/coroot && cd ~/coroot nano docker-compose.yml

    Paste this (including Prometheus + Coroot):

    version: '3.7' services: prometheus: image: prom/prometheus volumes: - ./prometheus.yml:/etc/prometheus/prometheus.yml command: - '--config.file=/etc/prometheus/prometheus.yml' ports: - "9090:9090" coroot: image: ghcr.io/coroot/coroot:latest ports: - "8080:8080" depends_on: - prometheus environment: - PROMETHEUS_URL=http://prometheus:9090

    Then create the Prometheus config file:

    nano prometheus.yml

    Paste:

    global: scrape_interval: 15s scrape_configs: - job_name: 'prometheus' static_configs: - targets: ['localhost:9090']

    Launch the stack:

    docker-compose up -d

  3. Configure Nginx Reverse Proxy

    Replace coroot.example.com with your real domain.

    sudo nano /etc/nginx/sites-available/coroot

    Paste the following:

    server { listen 80; server_name coroot.example.com; location / { proxy_pass http://localhost:8080; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } }

    Enable it:

    sudo ln -s /etc/nginx/sites-available/coroot /etc/nginx/sites-enabled/ sudo nginx -t sudo systemctl reload nginx

  4. Install Let’s Encrypt SSL

    Run Certbot for your domain:

    sudo certbot --nginx -d coroot.example.com

    Follow the prompts to install the SSL certificate.

    Certbot will automatically update your Nginx config with HTTPS and renewal.

  5. (Optional) Auto-Renewal Test

    Ensure Certbot renewals work:

    sudo certbot renew --dry-run

  6. Final Access

    Now you can securely access Coroot at:

    https://coroot.example.com

Troubleshooting

Issue Solution
Nginx 502 Bad Gateway Ensure Docker containers are running with docker ps
Port 8080 not exposed Make sure Nginx is using localhost:8080, not Docker IP
Certbot failed Confirm DNS is pointing to VPS and port 80 is open

Add HTTP Basic Authentication to Coroot (via Nginx)

  1. Install Apache utils (for htpasswd)

    sudo apt install apache2-utils

  2. Create a Password File

    This will create the user admin. You can change the username.

    sudo htpasswd -c /etc/nginx/.htpasswd admin

    You’ll be prompted to enter a password.

  3. Update Nginx Config

    Edit the Coroot Nginx site config:

    sudo nano /etc/nginx/sites-available/coroot

    Update the location / block like this:

    location / { auth_basic "Restricted Access"; auth_basic_user_file /etc/nginx/.htpasswd; proxy_pass http://localhost:8080; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; }

    Save and exit. Then:

    sudo nginx -t sudo systemctl reload nginx

Apply Firewall Rules with UFW

  1. Enable UFW if Not Already

    sudo ufw enable

  2. Allow Only Required Ports

    sudo ufw allow OpenSSH # SSH sudo ufw allow 'Nginx Full' # HTTP/HTTPS (80/443)

  3. Deny Everything Else

    sudo ufw default deny incoming sudo ufw default allow outgoing

  4. Status Check

    sudo ufw status verbose

Final Test

  • Visit https://coroot.example.com — it should prompt for a username and password.
  • Only ports 22, 80, and 443 should be accessible from outside.

Launch 100% ssd ubuntu vps from $2. 49/mo!

Conclusion

Using this guide, you now know:

  • ✅How to install Coroot on Ubuntu VPS
  • ✅How to configure Coroot with reverse proxy and SSL encryption
  • ✅How to add Http basic authentication and apply firewall rules using UFW
Share this:
Avatar of editorial staff

Editorial Staff

Rad Web Hosting is a leading provider of web hosting, Cloud VPS, and Dedicated Servers in Dallas, TX.
lg