Docker Container for Expedition

Reply
L1 Bithead

Docker Container for Expedition

I created a Docker container for the Palo Alto Expedition tool as of version 1.1.38 and published it to Docker Hub. I rebuilt it on Alpine Linux and stripped the binaries, reducing the image size to a mere 1.43 GB. Optionally, you can make the database persistent by binding a directory on your host machine to /var/lib/mysql. Likewise you can bind a directory to /data for data persistence. I made a tweak to the MySQL config to store the innodb temp file to /tmp within the container, which allows the container to support database persistence on Mac OS (and presumably Windows) in addition to Linux. This was necessary due to an issue with the Alpine host on Mac OS/Windows using a ZFS backend and MariaDB being incompatible https://jira.mariadb.org/browse/MDEV-16015

 

Docker Hub Repo:

https://hub.docker.com/r/jlegarreta/expedition

 

GitHub Repo (Docker source):
https://github.com/jlegarreta/expedition

 

Among other things, these are some of the dashboard errors I fixed:

- Remediated the "log_bin flag in MariaDB is set to off" issue by turning it on in the MySQL config

- Remediated the DBSQL_LOG_BIN value issue by setting it to 0 in /home/userSpace/userDefinitions.php

 

Assuming you have sufficient disk space, your dashboard should be all green out of the box

 

Enjoy!

L0 Member

Re: Docker Container for Expedition

Hi,

 

the username/password (admin/paloalto) does not work for the admin gui.

 

Did you change it?

L1 Bithead

Re: Docker Container for Expedition

Hello,

 

First off I just want to say thank you for the feedback. As it turns out, the password was not being recognized because the DB could not be communicated with due to a permissions issue.

 

Please delete your current image and pull the latest image from Docker Hub and give it a shot. Let me know if it works for you.

 

Thanks!

L0 Member

Re: Docker Container for Expedition

Hi,

 

the new image worked great!

 

Thanks for your hard work with creating the image.

L4 Transporter

Re: Docker Container for Expedition

This is a good initiative.

 I didn't test the container. Some things you could check if they work:

- RabbitMQ works correctly to execute background tasks, such as API calls

- Perl packages are working correctly for Checkpoint migrations

- Python modules work correctly for BPA modules

- Spark and JDK 1.8 is correctly installed and settings tunned for CSV processing, Rule Enrichment and Machine Learning.

- Modules for AD and Radius work correctly for external authentication (if required)

Highlighted
L1 Bithead

Re: Docker Container for Expedition

Thanks! These are some great ideas, perhaps unit tests could be written for the items that you listed. A coworker of mine is more familiar with the user-end of the product, so I might have him test some of these features. I also encourange anyone on these forums to pull the Docker image and test out the features for themselves, and report the results.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!