Containers

Running probes in containers

Suggest Edits

Prelude supports two methods for running probes in containers:

  1. Generic script to run a probe in any container
  2. Docker extension to launch probes inside running containers

Generic script to run a probe in any container

We support running probes in a generic container by overriding the ENTRYPOINT with a small wrapper. Add the following to your Dockerfile:

FROM ubuntu:latest
RUN apt-get update && apt install curl -y
RUN curl -sL "https://api.preludesecurity.com/download/vision" -H "dos:linux-x86_64" -o /vision
RUN chmod +x /vision
ENTRYPOINT ["/vision"]
CMD ["/bin/bash"]

Usage

  1. Ensure the Dockerfile is in your project directory.
  2. Update the CMD call to use your intended container launch command.
  3. Build the Docker image by running docker build -t my-image . from the project directory.
  4. Run a container from your image with docker run -e PRELUDE_TOKEN='51a585060b99c5a9db6c9b00e11632c9' -it my-image.

Docker extension to launch probes inside running containers

Install the Prelude Detect Docker Desktop extension through the Extension Marketplace:

After you install the plugin, set your credentials by clicking Set Credentials:

Once that is done, if a container is able to run the Nocturnal probe (which requires cURL on the container) you will be able to install probes by selecting the container and clicking "Deploy Probes":

Updated 6 months ago