github.com/vchain-us/vcn@v0.9.11-0.20210921212052-a2484d23c0b3/docs/user-guide/schemes/docker.md

github.com/vchain-us/vcn@v0.9.11-0.20210921212052-a2484d23c0b3/docs/user-guide/schemes/docker.md (about)

     1  # Docker Integration
     2  
     3  `vcn` supports local docker installations out of the box using `docker://` as a location. You just need to point to the correct container image name or the container image id.
     4  
     5  If you prefer [podman](https://podman.io/), just use `podman://` instead.
     6  
     7  
     8  ## Notarize a local docker image
     9  
    10  `vcn` uses docker default schemes, so the latest tag is automatically used, if no tag is given
    11  
    12  ```
    13  vcn notarize docker://hello-world
    14  ```
    15  
    16  or using a tag
    17  
    18  ```
    19  vcn notarize docker://hello-world:v1
    20  ```
    21  
    22  To be able to notarize, you need to register at [CodeNotary](https://dashboard.codenotary.io) and get an account.
    23  
    24  ## Authenticate a local docker image
    25  
    26  ```
    27  vcn authenticate docker://hello-world
    28  ```
    29  
    30  or using a tag
    31  
    32  ```
    33  vcn authenticate docker://hello-world:v1
    34  ```
    35  
    36  ## Docker Sidecar Integration
    37  
    38  `vcn` also offers a sidecar project, you can use to automatically authenticate used container images during runtime.
    39  
    40  Check out (https://github.com/vchain-us/vcn-watchdog) on your server. The tool continuously verifies the integrity of your containers:
    41  
    42  ```
    43  git clone https://github.com/vchain-us/vcn-watchdog.git 
    44  ```
    45  
    46  Edit the verify file and set the alerting/monitoring tool you are using (see the following instructions), if you want to change the alerting
    47  
    48  Make sure `/var/run/docker.sock` is accessible and run the following command on your server within the [vcn-watchdog](https://github.com/vchain-us/vcn-watchdog.git) directory.
    49  ``` 
    50  docker-compose build && docker-compose up 
    51  ```
    52  
    53  To modify the verify file, hook up your alerting tool into the err() function. 
    54  
    55  Example using Slack, do the following:
    56  
    57  * Create a Slack Bot (Slack documentation here) 
    58  * Use the following code: 
    59  
    60  ```
    61  function err() {
    62      echo "Container ${1} (${2}) verification failed" >&2
    63      curl -q -X POST \
    64          -H 'Content-type: application/json' \
    65          --data "{\"text\":\"Container ${1} (${2}) verification failed\"}" \
    66          "https://hooks.slack.com/services/$TOKEN/$KEY" > /dev/null 2>&1} 
    67  ```
    68  
    69  If all works well, you should receive slack messages in your slack channel
    70  
    71  ![Slack alert based on vcn verify](https://www.vchain.us/wp-content/uploads/2019/04/002_Alerting-on-Slack-example-768x129.png "Slack alert based on vcn verify")