Get started with the Dockerized Black Duck installation. This post outlines workplace specifications, tools, and steps for installing Black Duck.
Black Duck Academy hosts a series of videos that help our customers deploy, manage, and use our products. To help our customers see value from Black Duck immediately after their purchase, this post supplements our video on installing Black Duck. Think of this post as a quick way to get started with the Dockerized installation, outlining the workplace specifications and the tools and steps you’ll take to deploy Black Duck.
Black Duck is deployed as a set of Docker images. Docker is a packaging technology that allows you to bundle your application with its software dependencies—eliminating the need to configure infrastructure before deployment. It is built once and can run anywhere as a single unit. Operational images are typically referred to as containers.
Why Docker architecture?
- Simplifies installation and updates
- Takes up less space than a comparable virtual machine (VM)
- Scales to customer environment
- Improves performance
Black Duck is deployed as a set of Docker containers, which together comprise the application. Each container fulfills a different role. For example, the Web App container processes UI requests, while the Solr container acts as the enterprise search platform component. A detailed description of each container’s role is available in the Black Duck Docker Install Guide on the Synopsys Software Integrity Community.
Please ensure that you meet all hardware and software requirements before getting started:
|Hardware (min. specs)|
|Preferred operating systems|
Setting up the Docker repository on a new host machine
Note that the following steps depend on the operating system (OS). Also, while other methods are supported, this example uses the Docker Swarm tool to orchestrate the Black Duck container deployment and installation on a CentOS / Docker CE platform.
To learn how to install Black Duck using Kubernetes, see the guide.
Step 1: To begin setting up Docker, install the required packages and set up the stable repository.
- Install the required utility packages:
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
- Set up the stable repository:
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
Step 2: Update the yum package index and install the latest version of Docker.
- Update the yum package index to ensure the latest available version of Docker is available:
sudo yum makecache fast
- Install Docker:
sudo yum install docker-ce docker-ce-cli containerd.io
Step 3: Verify installation with a hello-world image, which runs a test image in a container. When it runs, Docker prints an informational message and then exits.
- Start Docker:
sudo systemctl start docker
- Test an image in a container:
sudo docker run hello-world
Step 4: Manage Docker as a non-root user so you won’t have to issue a sudo command every time you want to run a docker command. Start by creating a group called docker.
- Add a group:
- Display groups to ensure your group was created:
- Add yourself to the group:
usermod -aG docker $USER
- Test that this was successful by running the hello-world image without writing “sudo” before it:
docker run hello-world
Step 5: Configure Docker to automatically start when your system reboots:
systemctl enable docker
Installing and starting Black Duck
Starting from within the opt directory, create a new directory for Black Duck orchestration files and cd into it:
mkdir blackduck && cd "$_"
In the new directory, use the wget command to download the files. Black Duck orchestration files are at https://github.com/blackducksoftware/hub/releases. We recommend you always use the latest release, using the following command as an example:
sudo wget https://github.com/blackducksoftware/hub/archive/v2020.2.1.tar.gz
Unzip the downloaded file:
sudo tar xvzf v2020.2.1.tar.gz
Once the file is unzipped, it will create a directory named hub that includes the Black Duck version number. Navigate into that directory and into the docker-swarm folder within it:
sudo docker swarm init
The swarm will be initialized, and a message will print to the console. Next, create the services that constitute the Docker stack:
sudo docker stack deploy -c docker-compose.yml hub
Optional: Integrate Black Duck Binary Analysis with the install:
sudo -c docker-compose.bdba.yml
Monitor the stack to ensure that all services start. This may take some time:
sudo watch docker ps
Verify installation completion
Black Duck comprises 12 services. Once all of them display a status of healthy, Black Duck is running.
Once all services are healthy, you can visit your host URL and begin using Black Duck.
- The web application for Black Duck is exposed on port 443 to the docker host. You can test it using https://fillinyourhostnameorIPaddresshere
- Log into the web interface using the default sysadmin account. The username is sysadmin; the password is blackduck.
- Change the password so that your web server is secure. To do this, click on the sysadmin in the upper right-hand corner, and select “My profile.”
This post was originally published Jan. 17, 2018, and refreshed June 18, 2020.
*** This is a Security Bloggers Network syndicated blog from Software Integrity Blog authored by Charlie Klein. Read the original post at: https://www.synopsys.com/blogs/software-security/installing-black-duck-hub/