Launching Acra from Docker images #
You can use containers with Acra. Acra works well with Docker.
Storing keys safely when using Docker is problematic. Docker is immutable while Zones/keys are not. This means that you might want to attach some storage and end up making the keys accessible to attackers.
There are multiple ways to solve this problem, and it can be addressed in a convenient and secure fashion depending on your specific infrastructure.
There are pre-built images that you can obtain from the Docker Hub Cossack Labs repository:
acra-server– with AcraServer
acra-translator– with AcraTranslator
acra-tools– with Acra tools including AcraKeymaker
acra-keymaker– with AcraKeymaker (deprecated in favor
acra-connector– with AcraConnector (deprecated since 0.91.0)
acra-authmanager(deprecated since 0.91.0)– with AcraAuthmanager tool
acra-webconfig(deprecated since 0.91.0) – with AcraWebconfig component
Docker images have tags. When we build them, we set appropriate tags for each image:
latest- stable branch, recommended, default;
current- master branch of Acra GitHub repository.
<full_commit_tag>- specify the exact commit in the repository;
<version>- choose version tag.
An image usually has two (commit, version) or four (+ branch, latest/current) tags.
All these images can be used traditionally:
docker run <options> cossacklabs/<component> <arguments>
Usually you do not need to do it, but you may want to build all the images from current sources manually. To do that, type:
As further steps, we recommend reading the following sections: