Skip to content

Commit

Permalink
contrib: Improve analyze-local-images docs and launch command.
Browse files Browse the repository at this point in the history 
Fixes #32
  • Loading branch information
@Quentin-M
Quentin-M committed Nov 24, 2015
1 parent 9391417 commit 867279a
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions contrib/analyze-local-images/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ You need to install this tool:

You also need a working Clair instance, the bare minimal setup is to run Clair in a Docker instance without much configuration:

docker run -it -p 6060:6060 -p 6061:6061 quay.io/coreos/clair --db-path=/db/bolt
docker run -it -v /tmp:/tmp -p 6060:6060 -p 6061:6061 quay.io/coreos/clair --db-path=/db/bolt

You will need to let it do its initial vulnerability update, which may take some time.

Expand All @@ -30,6 +30,6 @@ Or, If you run Clair remotely (ie. boot2docker),
analyze-local-image -endpoint "http://<CLAIR-IP-ADDRESS>:6060" -my-address "<MY-IP-ADDRESS>" <Docker Image ID>
```

Clair needs access to the image files. If you run Clair locally, it will directly find them in the filesystem. If you run Clair remotely, this tool will run a small HTTP server to let Clair downloading them. It listens on the port 9279 and allows a single host: Clair's IP address, extracted from the `-endpoint` parameter. The `my-address` parameters defines the IP address of the HTTP server that Clair will use to download the images. With boot2docker, these parameters would be `-endpoint "http://192.168.99.100:6060" -my-address "192.168.99.1"`.
Clair needs access to the image files. If you run Clair locally, this tool will store the files in the system's temporary folder and Clair will find them there. It means if Clair is running in Docker, the host's temporary folder must be mounted in the Clair's container. If you run Clair remotely, this tool will run a small HTTP server to let Clair downloading them. It listens on the port 9279 and allows a single host: Clair's IP address, extracted from the `-endpoint` parameter. The `my-address` parameters defines the IP address of the HTTP server that Clair will use to download the images. With boot2docker, these parameters would be `-endpoint "http://192.168.99.100:6060" -my-address "192.168.99.1"`.

As it runs an HTTP server and not an HTTP**S** one, be sure to **not** expose sensitive data and container images.

0 comments on commit 867279a

Please sign in to comment.