Skip to main content
Version: v3.8 (deprecated)

Deploying the Management Console in Docker

You can install the Management Console on a single Docker host or in a dedicated Kubernetes cluster.

Requirements

The system requirements for the ThreatStryker Management Console are as follows:

PropertyDetails
CPU: No of cores8
RAM32GB
Disk spaceAt-least 120 GB
Port to be opened to view the UI and receive sensor agent traffic443

Docker Install

The host or VM to be used for the Deepfence management console needs to have the docker runtime installed.

  1. Prepare the host by installing the necessary docker and docker-compose packages. Increase Virtual Memory settings as required by the ElasticSearch component:

    sudo sysctl -w vm.max_map_count=262144
  2. To authenticate to the docker image repository, run the following command:

    docker login quay.io

    When prompted, please provide the credentials sent by email.

  3. Download docker compose file from here: docker-compose.yml 🔗. Run docker-compose file in that directory as follows:

    docker compose -f docker-compose.yml up -d

Remove the ThreatStryker Management Console

Remove the ThreatStryker Management Console as follows:

docker-compose -f docker-compose.yml down

You can then prune the images and volumes if they are no longer required:

docker image prune
docker volume prune

Docker configuration

In Amazon Linux / RHEL, number of open files per container has to be configured.

$ cat /etc/sysconfig/docker
# The max number of open files for the daemon itself, and all
# running containers. The default value of 1048576 mirrors the value
# used by the systemd service unit.
DAEMON_MAXFILES=1048576
# Additional startup options for the Docker daemon, for example:
# OPTIONS=” — ip-forward=true — iptables=true”
# By default we limit the number of open files per container
OPTIONS=" — default-ulimit nofile=1024:4096"

You can change the desired value as below.

OPTIONS=" — default-ulimit nofile=1024000:1024000"

Restart Docker daemon