diff --git a/docker/data.tf b/docker/data.tf
index 73bb2ab..b75c755 100644
--- a/docker/data.tf
+++ b/docker/data.tf
@@ -65,7 +65,10 @@ data "docker_registry_image" "ubooquity" {
   name = "linuxserver/ubooquity:latest"
 }
 
-
 data "docker_registry_image" "headerdebug" {
   name = "brndnmtthws/nginx-echo-headers:latest"
 }
+
+data "docker_registry_image" "cadvisor" {
+  name = "google/cadvisor:latest"
+}
diff --git a/docker/images.tf b/docker/images.tf
index 43fb76f..4d6a238 100644
--- a/docker/images.tf
+++ b/docker/images.tf
@@ -79,3 +79,8 @@ resource "docker_image" "headerdebug" {
   name          = "${data.docker_registry_image.headerdebug.name}"
   pull_triggers = ["${data.docker_registry_image.headerdebug.sha256_digest}"]
 }
+
+resource "docker_image" "cadvisor" {
+  name          = "${data.docker_registry_image.cadvisor.name}"
+  pull_triggers = ["${data.docker_registry_image.cadvisor.sha256_digest}"]
+}
diff --git a/docker/main.tf b/docker/main.tf
index badd5c9..d1163d7 100644
--- a/docker/main.tf
+++ b/docker/main.tf
@@ -613,3 +613,58 @@ resource "docker_container" "muximux" {
     "TZ=Asia/Kolkata",
   ]
 }
+
+resource "docker_container" "cadvisor" {
+  name  = "cadvisor"
+  image = "${docker_image.cadvisor.latest}"
+  memory = 64
+
+  restart = "unless-stopped"
+  destroy_grace_seconds = 10
+  must_run = true
+
+
+  volumes {
+    host_path       = "/"
+    container_path  = "/rootfs"
+    read_only       = true
+  }
+
+  volumes {
+    host_path       = "/sys"
+    container_path  = "/sys"
+    read_only       = true
+  }
+
+  volumes {
+    host_path       = "/var/lib/docker"
+    container_path  = "/var/lib/docker"
+    read_only       = true
+  }
+
+  volumes {
+    host_path       = "/dev/disk"
+    container_path  = "/dev/disk"
+    read_only       = true
+  }
+
+  volumes {
+    host_path       = "/var/run"
+    container_path  = "/var/run"
+  }
+
+  labels {
+    "traefik.frontend.rule" = "Host:cadvisor.bb8.fun"
+    "traefik.frontend.auth.basic" = "${var.basic_auth}"
+    "traefik.port" = 8080
+    "traefik.enable" = "true"
+    "traefik.frontend.headers.SSLTemporaryRedirect" = "true"
+    "traefik.frontend.headers.STSSeconds" = "2592000"
+    "traefik.frontend.headers.STSIncludeSubdomains" = "false"
+    "traefik.frontend.headers.contentTypeNosniff" = "true"
+    "traefik.frontend.headers.browserXSSFilter" = "true"
+    # "traefik.frontend.headers.CustomFrameOptionsValue" = "ALLOW-FROM https://muximux.bb8.fun/"
+    # "traefik.frontend.headers.referrerPolicy" = "no-referrer"
+    "traefik.frontend.headers.customresponseheaders" = "X-Powered-By:Allomancy,X-Server:Blackbox"
+  }
+}