Skip to content

setup-docker.md

Latest commit

 

History

History
64 lines (46 loc) · 2.67 KB

setup-docker.md

File metadata and controls

64 lines (46 loc) · 2.67 KB

Docker Environment Setup

Wardex Foundry interacts with Docker to spin up the infrastructure components (Kafka, Vault, etc.) for each scenario.

To ensure the highest level of security and prevent unintended privilege escalation on your host machine, Wardex Foundry expects to run in an environment where the Docker Daemon can be invoked without sudo.

You have three options to configure your environment, listed in order of preference for security:

Option 1: Rootless Docker (Recommended for Linux)

Rootless Docker runs the Docker daemon and containers as a non-root user. Even if a vulnerability in the v1 lab scenarios is exploited, the attacker cannot gain root access to your host machine.

Installation Steps (Ubuntu/Debian)

  1. Install host dependencies (Requires sudo once):

    sudo apt-get update
sudo apt-get install -y uidmap dbus-user-session

  2. Run the official installation script (Do NOT use sudo):

    curl -fsSL https://get.docker.com/rootless | sh

    Note: If AppArmor blocks the installation on newer Ubuntu versions (23.10+), follow the instructions printed in the console to create an override profile, then retry.

  3. Export environment variables: Add the following lines to your ~/.bashrc or ~/.zshrc:

    export PATH=/home/$USER/bin:$PATH
export DOCKER_HOST=unix:///run/user/$(id -u)/docker.sock

    Apply the changes:

    source ~/.bashrc

  4. Verify the installation:

    docker info

    If it returns successfully without sudo, you are ready to run Wardex Foundry.

Option 2: Docker Desktop (Mac / Windows / Linux GUI)

Docker Desktop natively isolates the Docker daemon in a lightweight VM, protecting the host operating system.

If you install Docker Desktop, you do not need any further configuration. docker compose will work out of the box without sudo and Wardex Foundry will run seamlessly.

Option 3: Standard Docker (Not Recommended for Production)

If this is a dedicated, short-lived virtual machine or a disposable environment, you can install the standard Docker Engine and add your user to the docker group.

Security Warning: Anyone in the docker group can trivialy escalate to root on the host machine. This is strongly discouraged if you use your computer for other purposes or store sensitive data.

Installation Steps

  1. Install Docker Engine following the official guide for your distribution.
  2. Add your user to the docker group: 
    sudo usermod -aG docker $USER
  3. Log out and log back in (or reboot) for the group changes to take effect.
  4. Verify by running docker info without sudo.