README
¶
docktor
docktor is a security tool that allows you to secure and implement reliable healthchecks on running Docker containers.
Some highlights of docktor:
- Creates automatic healthchecks for running containers
- Implements automated healing for unhealthy running containers
- Adds manual healing as well
- Suggests security improvements in a given Dockerfile
- Scans Docker images for vulnerabilites and generate reports to files
Building docktor
If you would like to run the project locally clone the repo.
After installation, building the docktor binary can be done with the following command (this will create the binary in the existing bin folder)
make build
However you can also install binary from this git repo
go get github.com/nishgowda/docktor/bin/docktor
Command Line
You can run the features of docktor in the command line by running the executable
Usage
# run healthcheck on nginx container
./docktor healtheck --c nginx
# heal an unhealthy container named ng
./docktor heal --c ng
# apply autoheal to container ng
./doctkor autoheal --c ng
# scan for vulnerabilites in nginx container and write output to file location
./doctkor scan --i nginx --f data/ouptut.txt
# suggest improvemets for dockerfile
./docktor suggest --f Dockerfile
NOTE: You must enable Snyk to use the scan feature.
API
You can also start the server and make requests to perform docktor functions.
- GET /hcheck?containers=
- GET /heal?containers=
- GET /aheal?containers=
- GET /scan?image=foo&file=bar
- GET /suggest?file=
Usage
# start the server default port is 3001
./docktor server --p 3001
# If you dont specify the container it will perform functions on all running containers
curl --request GET 'http://localhost:3001/hcheck?containers=nginx'
curl --request GET 'http://localhost:3001/heal?containers=ngninx'
curl --request GET 'http://localhost:3001/aheal?containers=ng'
# must specify the docker image
curl --request GET 'http://localhost:3001/scan?image=nginx'
# must specify the location of the docker file
curl --request GET 'http://localhost:3001/suggest?file=Dockerfile
Contributing
Any contributions are welcome, you're welcome to add an issue or just clone this repo and submit a PR to this branch.
Directories
¶
| Path | Synopsis |
|---|---|
|
lib
|
|
|
autoheal
Package autoheal provides wrapping on docker containers that restarts containers automatically when they become uhealthy
|
Package autoheal provides wrapping on docker containers that restarts containers automatically when they become uhealthy |
|
heal
Package heal "heals" unhealthy docker containers by restarting them in the daemon
|
Package heal "heals" unhealthy docker containers by restarting them in the daemon |
|
healthcheck
Package healthcheck provides primitives that allow users to attach health checks to running docker containers
|
Package healthcheck provides primitives that allow users to attach health checks to running docker containers |
|
scan
Package scan scans a docker image for vulnerabilities using docker scan
|
Package scan scans a docker image for vulnerabilities using docker scan |
|
suggestions
Package suggestions provides functions to suggest improvements on docker files following certain best practices
|
Package suggestions provides functions to suggest improvements on docker files following certain best practices |
Click to show internal directories.
Click to hide internal directories.