-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yaml
84 lines (83 loc) · 3.02 KB
/
docker-compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
# example docker-compose file for anchore-engine - to use:
#
# Pre-requisites
# - recommend that anchore-cli is installed
#
# Set up persistent volume for anchore-engine (do this once)
# - create a directory ~/aevolume
# - create a directory ~/aevolume/db
# - create a directory ~/aevolume/config
# - copy the example (./scripts/docker-compose/config.yaml) to ~/aevolume/config/config.yaml
# - copy the example (./scripts/docker-compose/anchore-promethesus.yaml) to ~/aevolume/config/anchore-promethesus.yaml
# - edit ~/aevolume/config/config.yaml and save (only if you need to make changes - not required)
# - review ./docker-compose.yaml
#
# Run, use, stop, restart the anchore-engine with docker-compose
# - run: docker-compose up -d
#
# - interact with anchore-engine with anchore-cli:
# - export ANCHORE_CLI_URL=http://localhost:8228/v1
# - export ANCHORE_CLI_USER=admin
# - export ANCHORE_CLI_PASS=foobar
# - export ANCHORE_CLI_SSL_VERIFY=n
# - anchore-cli image list
# - anchore-cli image add alpine
# - anchore-cli image get alpine
# - ...
#
# - stop: docker-compose down --volumes
#
# Notes:
# - to start up again, run the same docker-compose up -d as above
# - to reset the DB, stop anchore engine with docker-compose down --volumes as above, then remove all files/directories in ~/aevolume/db/*, and restart
# - if you enable SSL for any services, make sure to do so across the board in your config.yaml, and change the ANCHORE_CLI_URL to use https instead of http
# - if you change the admin password in config.yaml, make sure to update your ANCHORE_CLI_PASS export as well
# - if you change the DB password in this file, make sure to also change it in your config.yaml 'db_connect' setting
#
version: '2'
services:
anchore-engine:
image: docker.io/anchore/anchore-engine:latest
#privileged: true
depends_on:
- anchore-db
ports:
- "8228:8228"
- "8338:8338"
volumes:
- ${PWD}/aevolume/config:/config/:Z
#- /var/run/docker.sock:/var/run/docker.sock
logging:
driver: "json-file"
options:
max-size: 100m
environment:
# NOTE: this should be set to the same name as this service (e.g. anchore-engine)
- ANCHORE_HOST_ID=anchore-engine
anchore-db:
image: "postgres:9"
volumes:
- ${PWD}/aevolume/db:/var/lib/postgresql/data/pgdata/:Z
environment:
- POSTGRES_PASSWORD=mysecretpassword
- PGDATA=/var/lib/postgresql/data/pgdata/
logging:
driver: "json-file"
options:
max-size: 100m
#uncomment to expose a port to allow direct/external access to the DB, for debugging
#ports:
# - "2345:5432"
#### uncomment this section to enable a prometheus service running alongside anchore-engine for metrics gathering/display
# anchore-prometheus:
# image: docker.io/prom/prometheus:latest
# depends_on:
# - anchore-engine
# volumes:
# - ${PWD}/aevolume/config/anchore-promethesus.yaml:/etc/prometheus/prometheus.yaml
# logging:
# driver: "json-file"
# options:
# max-size: 100m
# ports:
# - "9090:9090"