In march of this year we released a whitepaper on automating security using a helpdesk system. For the whitepaper we where using VMware NSX and OTRS. The middleware we created to service it all was given the name OTNSX. More recently I have started playing around with Docker and I needed something as a goal. So why not try to get OTNSX up and running in a container?  :-)

Setting up the Docker host

For my setup I choose to go with CentOS (version 7, 64-bit). You can run Docker on almost any OS (commands might differ from this article), but I was recommended to use CentOS thus decided to use that.

Before you can install Docker you need to install some additional packages:

  • Yum-utils adds some utility to yum config manager
  • Device-mapper-persistent-data & lvm2 are required by the

Also run this command to add a repository that we can use during the creation of images containing the Centos OS:

Next install Docker and start the service:

After the installation you can test your Docker installation by running the following command:

Since this is the first time running the specific image, it will first download the image from the Docker repository and then run that image in a container.

Docker hello world

Creating OTNSX image

To build an image you first need to create a Docker file. This file contains commands that the Docker engine will execute while building your image. From what I could find the easiest thing to do is create a new directory and in that directory create a file called “Dockerfile” (including the capitol D). This seems to be the default file name used with the build command.

Now edit the Dockerfile with your preferred editor and enter the following lines:

FROM centosDownloads the centos image that is available at the Docker repository
RUN yum -y install epel-releaseThis will add the “Extra Packages for Enterprise Linux” repository needed to install python-pip 
RUN yum -y install python-pipInstalls python-pip which we will use to get the requirements needed for OTNSX
RUN yum -y install gitInstalls Git so we can download OTNSX from Github
RUN git clone OTNSX from Github
RUN pip install -qr OTNSX/requirements.txtGets the requirements needed to run OTNSX
EXPOSE 5000Opens port 5000 once the container is running, allowing access to the OTNSX service
CMD [“python”,”OTNSX/”]Once the container is started this command will be executed. In this case resulting in OTNSX being started

Once the Dockerfile is done you can start the image building process by running the following command:

The “.” indicates that the command should look in the local directory for the Dockerfile. And the “-t” flag gives the image a tag that can be used in later commands.
Docker build

After the build is ready you can pull up a list of images with:

Starting a container

Only thing left now is starting a container based on the image we just created:

With “-t” indicates that we want to run the container in terminal mode. By adding “-i” we also me the container interactive. Normally I don’t think you will be using these switches, but can come in handy when you are running your container for the first time.

The “-p” flag allows us to link port 80 of the container host to port 5000 on the container. Meaning that we can browse to http://<container-host>:80 and we will be redirected to port 5000 on that container.

Docker OTNSX running

As mentioned in the beginning of this article, these are my first steps into the (Docker) container world. So what I described might be far from optimal. But I at least hope this article can be used as a stepping stone into this fast growing industry.