SBN

An introduction to installing Black Duck

Get started with the Dockerized Black Duck installation. This post outlines workplace specifications, tools, and steps for installing Black Duck.

An introduction to installing Black Duck

Black Duck Academy hosts a series of videos that help our customers deploy, manage, and use our products. To help our customers see value from Black Duck immediately after their purchase, this post supplements our video on installing Black Duck. Think of this post as a quick way to get started with the Dockerized installation, outlining the workplace specifications and the tools and steps you’ll take to deploy Black Duck.

Black Duck is deployed as a set of Docker images. Docker is a packaging technology that allows you to bundle your application with its software dependencies—eliminating the need to configure infrastructure before deployment. It is built once and can run anywhere as a single unit. Operational images are typically referred to as containers.

Why Docker architecture?

The Docker architecture brings a number of significant improvements to Black Duck:

  • Simplifies installation and updates
  • Takes up less space than a comparable virtual machine (VM)
  • Scales to customer environment
  • Improves performance

Black Duck is deployed as a set of Docker containers, which together comprise the application. Each container fulfills a different role. For example, the Web App container processes UI requests, while the Solr container acts as the enterprise search platform component. A detailed description of each container’s role is available in the Black Duck Docker Install Guide on the Synopsys Software Integrity Community.

Please ensure that you meet all hardware and software requirements before getting started:

Hardware (min. specs)
  • 64-bit 5 core processor
  • 20 GB of RAM
  • 250 GB of free space for the database and other Black Duck containers
  • Free space for database backups
Software
  • Docker 18.03.x; Docker 18.06.x; Docker 18.09.x; Docker 19.03.x (CE or EE)
  • Orchestration tool such as Docker Swarm**, Kubernetes
  • For additional information on supported orchestration techniques, consult the Docker Installation Guide.
Preferred operating systems
  • CentOS 7.3
  • Ubuntu 16.04.x
  • Oracle Enterprise Linux 7.3
  • Red Hat Enterprise Linux Server 7.3
  • SUSE Linux Enterprise Server 12.x

Setting up the Docker repository on a new host machine

Note that the following steps depend on the operating system (OS). Also, while other methods are supported, this example uses the Docker Swarm tool to orchestrate the Black Duck container deployment and installation on a CentOS / Docker CE platform.

To learn how to install Black Duck using Kubernetes, see the guide.

Step 1: To begin setting up Docker, install the required packages and set up the stable repository.

  • Install the required utility packages: sudo yum install -y yum-utils device-mapper-persistent-data lvm2
  • Set up the stable repository: sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

Step 2: Update the yum package index and install the latest version of Docker.

  • Update the yum package index to ensure the latest available version of Docker is available: sudo yum makecache fast
  • Install Docker: sudo yum install docker-ce docker-ce-cli containerd.io

Step 3:  Verify installation with a hello-world image, which runs a test image in a container. When it runs, Docker prints an informational message and then exits.

  • Start Docker: sudo systemctl start docker
  • Test an image in a container: sudo docker run hello-world

Post-installation (optional)

Step 4: Manage Docker as a non-root user so you won’t have to issue a sudo command every time you want to run a docker command. Start by creating a group called docker.

  • Add a group: groupadd docker
  • Display groups to ensure your group was created: getent group
  • Add yourself to the group: usermod -aG docker $USER
  • Test that this was successful by running the hello-world image without writing “sudo” before it: docker run hello-world

Step 5: Configure Docker to automatically start when your system reboots: systemctl enable docker

Here are links to more information on installing Docker and Docker Swarm. Now that the Docker architecture has been set up, let’s install Black Duck.

Installing and starting Black Duck

Starting from within the opt directory, create a new directory for Black Duck orchestration files and cd into it: mkdir blackduck && cd "$_"

In the new directory, use the wget command to download the files. Black Duck orchestration files are at https://github.com/blackducksoftware/hub/releases. We recommend you always use the latest release, using the following command as an example: sudo wget https://github.com/blackducksoftware/hub/archive/v2020.2.1.tar.gz

Unzip the downloaded file: sudo tar xvzf v2020.2.1.tar.gz

Once the file is unzipped, it will create a directory named hub that includes the Black Duck version number. Navigate into that directory and into the docker-swarm folder within it:

  • cd hub-2020.2.1/docker-swarm
  • sudo docker swarm init

The swarm will be initialized, and a message will print to the console. Next, create the services that constitute the Docker stack: sudo docker stack deploy -c docker-compose.yml hub

Optional: Integrate Black Duck Binary Analysis with the install: sudo -c docker-compose.bdba.yml

Monitor the stack to ensure that all services start. This may take some time: sudo watch docker ps

Verify installation completion

Black Duck comprises 12 services. Once all of them display a status of healthy, Black Duck is running.

Once all services are healthy, you can visit your host URL and begin using Black Duck.

  • The web application for Black Duck is exposed on port 443 to the docker host. You can test it using https://fillinyourhostnameorIPaddresshere
  • Log into the web interface using the default sysadmin account. The username is sysadmin; the password is blackduck.
  • Change the password so that your web server is secure. To do this, click on the sysadmin in the upper right-hand corner, and select “My profile.”

Watch the Black Duck installation video

This post was originally published Jan. 17, 2018, and refreshed June 18, 2020.


*** This is a Security Bloggers Network syndicated blog from Software Integrity Blog authored by Charlie Klein. Read the original post at: https://www.synopsys.com/blogs/software-security/installing-black-duck-hub/