Containers have become a popular tool for developers to build scalable applications in today’s fast-growing world. They are a lightweight alternative to virtual machines. This benefit, however, can come at the cost of security. Security is an aspect often overlooked by programmers. Unfortunately, an astonishing number of security vulnerabilities have been linked to containers. These can arise from multiple sources including the container runtime, the image, and the host machine. Existing approaches to hardening containers often compel programmers to have prerequisite understanding of concepts and application procedures. Enforcing these concepts in practice demands tedious manual action on the part of the programmer. Our work aims to create an easy-to-use and accessible application that solves this problem thereby facilitating easier incorporation of recommended security practices in Docker containers. These may be practices such as restricting Linux Capabilities, resource allocation, etc. Developers may easily manage security controls using an intuitive interface, giving them more time to focus on building their application.
In development mode, the backend server and the UI server are run separately.
This application requires the following software to be installed for development mode:
- Docker
- Git
- NodeJS
- Yarn Package Manager
- Python 3.8
Clone this repository's master branch: git clone https://github.com/DarkAEther/metapod.git
Start MongoDB inside a docker container and expose the port: docker run -d -p 27017:27017 mongo
Start the React Dev Server using Yarn: cd metapod; BROWSER=none yarn start
Access backend/settings.config.
Use your favourite text editor to add your API key:
[SNYK]
apiKey = <API key here>
Start the Python Flask Dev Server using Python: cd metapod; python3 ./backend/server.py
Open a browser and the web application will be visible at http://localhost:3000
In production mode, a complete image is built that contains the application.
This application requires the following software to be installed for development mode:
- Docker
- Git
Clone this repository's master branch: git clone https://github.com/DarkAEther/metapod.git
docker network create metapod-internal
Start MongoDB inside a docker container with name 'mongo-internal' connected to the 'metapod-internal' network: docker run -d --net=metapod-internal --name=mongo-internal mongo
Access backend/settings.config.
Use your favourite text editor to add your API key:
[SNYK]
apiKey = <API key here>
cd build;
sh ./build.sh -pCreate a container using the built image:
docker run -d --net=metapod-internal --name=CONTAINER_NAME -v "/var/run/docker.sock:/var/run/docker.sock:rw" -p 3000:3000 -p 5000:5000 metapod-production
The web UI will be visible at http://<host-ip>:3000