Docker Installation - Administrator Guide - 8 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Product
Cortex XSOAR
Version
8
Creation date
2024-02-14
Last date published
2024-05-30
Category
Administrator Guide
Solution
Cloud
Abstract

Install Docker on Engines and troubleshoot installation.

Docker is required for engines to run Python/Powershell scripts and integrations in a controlled environment.

If you use the Shell installer to install an engine, Docker is automatically installed. If using DEB and RPM installations, you need to install Docker or Podman before installing an engine. The engine uses Docker to run Python scripts, PowerShell scripts, and integrations in a controlled environment. By packaging libraries and dependencies together, the environment remains the same and scripts and integrations are not affected by different server configurations.

Cortex XSOAR supports the latest Docker Engine release from Docker and the following corresponding supported Linux distributions:

  • 5.3.15 and later

  • 5.4.2 and later

  • 5.5 and later

These Linux distributions include their own Docker Engine package. In addition, older versions of Docker Engine released within the last 12 months are supported unless there is a known compatibility issue with a specific Docker Engine version. In case of a compatibility issue, Cortex XSOAR will publish an advisory notifying customers to upgrade their Docker Engine version.

You can use a version that is not supported. However, when encountering an issue that requires Customer Support involvement, you may be asked to upgrade to a supported version before assistance can be provided.

Docker Installation by Operating System

If you need to install Docker before installing an engine, use the following procedures.

Note

For CentOS v7, you need Mirantis Container Runtime (formerly Docker Engine - Enterprise) or Red Hat's Docker distribution to run specific Docker-dependent integrations and scripts. For more information, see Install Docker Distribution for Red Hat on an Engine Server.

If you wish to use the Mirantis Container Runtime (formerly Docker Engine - Enterprise) follow the deployment guide for your operating system distribution.

Verify Docker user and permissions
Docker User

If you installed an engine before installing Docker, verify the demisto operating system user is part of the docker operating system group. Run id demisto to verify. For example:

id demisto
uid=997(demisto) gid=997(demisto) groups=997(demisto),998(docker)

If needed, add the demisto user to the operating system group:

sudo groupadd docker
sudo usermod -aG docker demisto

Remove these keys from the engine configuration file.

python.executable
python.executable.no.docker
User Permissions

To verify that the operating system user (demisto) has necessary permissions and can run Docker containers, run the following command from the OS command line.

sudo -u demisto docker run --rm -it demisto/python:1.3-alpine python --version

If everything is configured properly you will receive the following output. Python 2.7.14.