0

I am trying to set up VulnWhisperer (a security vulnerability scan visualizer) via their pre-built docker container on a Ubuntu server 18.04 host. I have close to no docker experience but decent Unix insights.

Expected outcome: Running docker container serving VulnWhisperer to the world (mostly to me though).

Instructions by author in a nutshell: docker pull, configure stuff, docker run.

I pulled. Now I am stuck trying to configure my various paths in the container because I fail to find the container. This SO question does not solve the problem for me. Places I looked for it (like suggested in previously mentioned SO):

  • /var/lib/docker
  • /var/lib/docker/containers
  • /var/lib/docker/image
  • /var/lib/docker/image/overlay2

State of the host:

  • Docker is installed via apt not as a snap
  • docker info yields Docker Root Dir: /var/lib/docker
  • docker pull [...] yields Status: Image is up to date for hasecuritysolutions/vulnwhisperer:latest which is what I want

The container will contain Logstash, Elasticsearch, Kibana and VulnWhisperer. What I need to do is configure some paths for ELK before being able to run it. Only I do not know where to find the folder docker will use to build the running container from.

harmonica141
  • 1,311
  • 2
  • 23
  • 25
  • you missed the concept , you need to use dockerfile/compose to configure your containers . not to edit "image" files – LinPy Sep 24 '19 at 10:21
  • @LinPy but the instructions on docker hub let me to believe I can `pull` and then just configure like I am used to in Linux; then `run` and be happy. Please enlighten me, this is eating up a lot of time. – harmonica141 Sep 24 '19 at 10:24
  • see https://docs.docker.com/develop/develop-images/dockerfile_best-practices/ – LinPy Sep 24 '19 at 10:26
  • Found that before, but do I need to write the docker compose file myself? https://hub.docker.com/r/hasecuritysolutions/vulnwhisperer suggests there already is one but I do not know what directory docker pulled its files to. Can I edit this file? Even if I create it myself I need to know where. The ``where`` is my problem. – harmonica141 Sep 24 '19 at 10:30
  • this https://hub.docker.com/r/hasecuritysolutions/vulnwhisperer/dockerfile is what the image is build from, docker pull will not pull this but the image it self, you can list the local images using `docker images` – LinPy Sep 24 '19 at 10:32
  • So executing the contents of the dockerfile you linked to (transposed to ubuntu) will give me an image? The contents of this image I can edit (config files) and then I can `run` it? The more docu I read the more confused I am right now... – harmonica141 Sep 24 '19 at 12:05

1 Answers1

0

"The container will contain Logstash, Elasticsearch, Kibana and VulnWhisperer. " - that is a bad idea. you better have a separate docker per service - one docker for Logstash, one for Elasticsearch,...

"I fail to find the container" - what do you mean by fail to find the container? try running:

docker ps

Or, if the docker have stopped running, try finding it using:

docker ps -a

"Now I am stuck trying to configure my various paths in the container" - what are you trying to configure exactly? you should use docker volume mount, in order to mount config files which are located externally to the docker. see volume mounts here: https://docs.docker.com/storage/volumes/

hope that helps

Opster Elasticsearch Expert
  • 1,797
  • 1
  • 14
  • 18
  • Thank you for your answer. Your expect me to be one step further than I am. There is nothing up and running yet; `docker ps` will return an empty set. My question as of now is: Docker downloads things when `pull` happens. Where does it download to? I edited to clarify. – harmonica141 Sep 24 '19 at 11:50
  • in order to manage the docker images use `docker images` and commands like `docker image rm` to remove and manage images – Opster Elasticsearch Expert Sep 24 '19 at 14:01