Acunetix on Docker, Docker-Compose, and Kubernetes

Acunetix offers flexible deployment options to suit various infrastructure requirements, supporting Docker, Docker-Compose, and Kubernetes. These containerized solutions simplify installation, scaling, and management of the Acunetix application and scanning engine.

For Docker users, Acunetix provides two solutions:

Docker Hub - Invicti/Acunetix Solution

Available at Docker Hub.
This is a self-contained Docker image that includes the latest Acunetix build, complete with the database and scanner.
For more information, refer to our document on Installing Acunetix on Docker.

Repo One and Invicti Registry

Repo One: Hosted at repo1.dso.mil.

Image: registry1.dso.mil/ironbank/invicti/acunetix/wvs

Invicti Registry:

Image: registry.invicti.com/acunetix/wvs

These images are mirrored across the two repositories.

This document details the steps for point 2 - Repo One and Invicti Registry for obtaining images, configuring environments, and deploying Acunetix using the solutions.

Obtaining the Image

From Repo One

Register at registry1.dso.mil and log in using Platform One SSO.
Go to your User Profile and copy the Client Secret.
Use the following command in your CLI:

docker login registry1.dso.mil

When prompted for a username, enter the username from your User Profile.

When prompted for a password, enter the Client Secret from your User Profile.

From the Invicti Registry

Ensure you have your Acunetix license key (available under Settings > Subscription).
Use the following command in your CLI:

docker login registry.invicti.com

When prompted for a username, enter the email address that you use to log in to Acunetix.
When prompted for a password, enter your Acunetix license key.

Key environment variables used by the Image

acunetix_user_data: Specifies the location used by the backend to store user data.
acunetix_database: Connection string for the PostgreSQL database.

Format:
postgresql://<user>:<password>@<host>:<port>/<db>

Example:
postgresql://acunetix:eKi1lB00lmteUCAhBXK7M5Mw41LNDyrN@acunetix-database:5432/wvs

acunetix_user: A valid email address for the master user.
acunetix_password: A valid password for the master user.
acunetix_logging_console_level (optional): Sets the logging level for the console output.

Default: DEBUG
Other options: INFO, WARNING, ERROR, CRITICAL

acunetix_ssl_certificate (optional): Specifies the location of the SSL certificate.
acunetix_ssl_private_key (optional): Specifies the location of the private key for the SSL certificate.
acunetix_engineonly (optional): Set to 1 if the instance is running as a worker.

Running with Docker-Compose

Below is an example of a simple Acunetix deployment using Docker-Compose.

This setup includes:

acunetix-main: A container hosting the main UI and backend.
acunetix-worker: An additional container running a scanning engine.

version: "3"

services:

adjust-permissions:

image: busybox

entrypoint: 'sh -c "chown -R 9900:9900 /user-data && chown -R 9900:9900 /worker-data"'

restart: 'no'

volumes:

- acunetix-user-data:/user-data

- acunetix-worker-data:/worker-data

acunetix-database:

image: postgres:13

restart: unless-stopped

environment:

POSTGRES_USER: acunetix

POSTGRES_PASSWORD: eKi1lB00lmteUCAhBXK7M5Mw41LNDyrN

POSTGRES_DB: wvs

PGDATA: /data/postgres

volumes:

- acunetix-db-data:/data

ports:

- "5432:5432"

acunetix-main:

restart: unless-stopped

depends_on:

- adjust-permissions

- acunetix-database

image: registry.invicti.com/acunetix/wvs:24.10

environment:

acunetix_user_data: /home/acunetix/user-data

acunetix_database: postgresql://acunetix:eKi1lB00lmteUCAhBXK7M5Mw41LNDyrN@acunetix-database:5432/wvs

acunetix_user: acxuser@acunetix.com

acunetix_password: Trustno1!

acunetix_logging_console_level: DEBUG

acunetix_ssl_certificate: /home/acunetix/user-data/certs/server.cer

acunetix_ssl_private_key: /home/acunetix/user-data/certs/server.key

volumes:

- acunetix-user-data:/home/acunetix/user-data

ports:

- "0.0.0.0:3500:3443"

- "0.0.0.0:7900:7880"

acunetix-worker:

restart: unless-stopped

depends_on:

- adjust-permissions

- acunetix-database

- acunetix-main

image: registry.invicti.com/acunetix/wvs:24.10

environment:

acunetix_user_data: /home/acunetix/worker-data

acunetix_ssl_certificate: /home/acunetix/user-data/certs/server.cer

acunetix_ssl_private_key: /home/acunetix/user-data/certs/server.key

acunetix_engineonly: 1

acunetix_logging_console_level: DEBUG

acunetix_main_backend_url: https://acunetix-main:3443

volumes:

- acunetix-worker-data:/home/acunetix/worker-data

ports:

- "0.0.0.0:3501:3443"

volumes:

acunetix-db-data:

acunetix-user-data:

acunetix-worker-data:

Configuring Workers

In this setup, the worker and main containers communicate over the Docker network. Here's how to configure them:

Internal Communication:

Use the hostnames acunetix-worker and acunetix-main on port 3443.

External Access:

Use the forwarded ports:

3500 for the main container
3501 for the worker container

Running within Kubernetes

To run with Kubernetes, utilize the provided manifest to deploy and configure the necessary resources. Clicking on the link downloads the following folders and files:

secret.yaml
acunetix-namespace.yaml
db folder:

database-service.yaml
database-vc.yaml
database-deployment.yaml

backend folder:

main-backend-deployment.yaml
main-backend-service.yaml
user-data-vc.yaml

Auto Updates

This Docker image does not support automatic updates, as all versions are pinned.

To enable regular updates for the services, you can use a tool like Watchtower. Watchtower monitors your running Docker containers and automatically updates them when new versions of the images become available.

« Back to the Acunetix Support Page