Hi experts,
We have a customer who consider to purchase a API Devloper Portal 4.3 and they has a question for security reasons.
The root account or sudo is available for installation, but due to security reason root account or sudo is not allowed after installation.
So the customer wants to set up and operate the portal using the following procedure.
Below is the procedure to install and operate a docker at a customer's current environment.
The docker was installed as a root, and all operations have since been run as non-root. (without sudo privileges)
Is it possible to install and operate the portal as shown below? Or is there any different workarounds?
I would appreciate any answer from you.
1. Install docker
1.1 Create docker Accounts and Groups
- useradd -d /sw/docker -m docker -g docker
1.2 Assign a root, docker, oasapp(application account) account to a docker group using a root account
- gpasswd -a docker docker
- gpasswd -a root docker
- gpasswd -a oasapp docker
1.3 Install the Docker and start the Service Using the root account
- Install for docker binary : /usr/bin
- docker data root : /sw/docker
- systemctl enable docker
- systemctl start docker
1.4 Execute docker swarm init
- docker swarm init --advertise-addr <IP Address>
2. Install for Application
2.1 Loading images using application accounts(oasapp)
- docker load -i <imageFiles>
2.2 Start Application
- docker stack deploy -c docker-compose.yml <Application>
2.3 Stop Application
- docker stack rm <Application>
Best Regards,
ChangMo
Principal Service Consultant
Enterprise Studio by HCL Technologies