Docker installation

A Docker installation is a deployment of a sensor inside of an existing network component that supports Docker containers. If you want to take advantage of Nozomi Networks sensors can be installed in a Docker container.

Docker installations are best-suited for organizations that:
  • Use robust network infrastructure components that support Docker containers
  • Manage highly-distributed networks
  • Aim to optimize acquisition, deployment, and management costs
A Docker container lets you install Nozomi Networks Operating System (N2OS) on embedded platforms that have a container engine on-board, such as:

It is also a good platform for tightly integrated scenarios where several products interact on the same hardware platform to provide a unified experience.

For all the other use cases, Nozomi Networks recommends one of these options:
  • A physical installation
  • A virtual installation

Commands

A Docker container installation has the same features as those that physical and virtual installation provide. However, a key difference is that you must use Docker commands to perform container provisioning system settings. Therefore, you cannot edit them from inside the container itself.

For example, the hostname must be set when you launch a new instance of the image.

Also, you must use volumes for the /data partition to make sure that the data will survive image updates.

The network=host Docker parameter permits the container to monitor the physical network interface controller (NIC)s on the host machine. However, by default it also permits the container to monitor all of the available interfaces. To restrict to a subset, create a cfg/n2osids_if file in the /data volume with the list of interfaces to monitor and use a comma to separate them. For example, eth1,eth2.

To stop the container, you can enter the command:
docker stop nozomi-rc
To execute the container, you can enter the command:
docker start nozomi-rc