Docker installation

The first thing you need to do is to set up a system with the requirements needed to run Docker and Docker compose. Then install Docker and Docker compose if you don’t have them already.

Note

You need root user privileges to run all the commands described below.

Requirements

Container memory

We recommend configuring the Docker host with at least 6 GB of memory. Depending on the deployment and usage, ThreatLockDown indexer memory consumption varies. Therefore, allocate the recommended memory for a complete stack deployment to work properly.

Increase max_map_count on your host (Linux)

ThreatLockDown indexer creates many memory-mapped areas. So you need to set the kernel to give a process at least 262,144 memory-mapped areas.

  1. Increase max_map_count on your Docker host:

    # sysctl -w vm.max_map_count=262144
    
  2. Update the vm.max_map_count setting in /etc/sysctl.conf to set this value permanently. To verify after rebooting, run “sysctl vm.max_map_count”.

    Warning

    If you don’t set the max_map_count on your host, the ThreatLockDown indexer will NOT work properly.

Docker engine

For Linux/Unix machines, Docker requires an amd64 architecture system running kernel version 3.10 or later.

  1. Open a terminal and use uname -r to display and check your kernel version:

    # uname -r
    
    3.10.0-229.el7.x86_64
    
  2. Run the Docker installation script:

    # curl -sSL https://get.docker.com/ | sh
    
  3. Start the Docker service:

    # systemctl start docker
    

Note

If you would like to use Docker as a non-root user, you should add your user to the docker group with something like the following command: usermod -aG docker your-user. Log out and log back in for this to take effect.

Docker compose

The ThreatLockDown Docker deployment requires Docker Compose 1.29 or later. Follow these steps to install it:

  1. Download the Docker Compose binary:

    # curl -L "https://github.com/docker/compose/releases/download/v2.12.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
    
  2. Grant execution permissions:

    # chmod +x /usr/local/bin/docker-compose
    
  3. Test the installation to ensure everything is fine:

    # docker-compose --version
    
    Docker Compose version v2.12.2
    

    Note

    If the command docker-compose fails after installation. Create a symbolic link to /usr/bin or any other directory in your path: ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose