Acunetix on Docker, Docker-Compose, and Kubernetes

Acunetix offers flexible deployment options to suit various infrastructure requirements, supporting Docker, Docker-Compose, and Kubernetes. These containerized solutions simplify installation, scaling, and management of the Acunetix application and scanning engine.

For Docker users, Acunetix provides two solutions:

Docker Hub - Invicti/Acunetix Solution

Available at Docker Hub.
This is a self-contained Docker image that includes the latest Acunetix build, complete with the database and scanner.
For more information, refer to our document on Installing Acunetix on Docker.

Repo One and Invicti Registry

Repo One: Hosted at repo1.dso.mil.

Image: registry1.dso.mil/ironbank/invicti/acunetix/wvs

Invicti Registry:

Image: registry.invicti.com/acunetix/wvs

These images are mirrored across the two repositories.

This document details the steps for point 2 - Repo One and Invicti Registry for obtaining images, configuring environments, and deploying Acunetix using the solutions.

Obtain the image

From Repo One

Register at registry1.dso.mil and log in using Platform One SSO.
Go to your User Profile and copy the Client Secret.
Use the following command in your CLI:

docker login registry1.dso.mil

🛠️	Enter the following when prompted: username: the username from your User Profile. password: the Client Secret from your User Profile.

From the Invicti Registry

Ensure you have your Acunetix license key (available under Settings > Subscription).
Use the following command in your CLI:

docker login registry.invicti.com

🛠️	Enter the following when prompted: username: the email address that you use to log in to Acunetix. password: your active Acunetix license key.

Key environment variables used by the image

This is the format and the environment variables:

Format:

postgresql://<user>:<password>@<host>:<port>/<db>

Example:

postgresql://acunetix:eKi1lB00lmteUCAhBXK7M5Mw41LNDyrN@acunetix-database:5432/wvs

🛠️

Environment variables used by the image:

Acunetix_user_data: Specifies the location used by the backend to store user data.
Acunetix_database: Connection string for the PostgreSQL database.
acunetix_user: A valid email address for the master user.
acunetix_password: A valid password for the master user.
acunetix_logging_console_level (optional): Sets the logging level for the console output.

Default: DEBUG
Other options: INFO, WARNING, ERROR, CRITICAL

acunetix_ssl_certificate (optional): Specifies the location of the SSL certificate.
acunetix_ssl_private_key (optional): Specifies the location of the private key for the SSL certificate.
acunetix_engineonly (optional): Set to 1 if the instance is running as a worker.
acunetix_host (optional): the IP Address or FQDN for your Acunetix installation.
acunetix_port (optional): the port number for your Acunetix installation; NOTE: you MUST use a port number greater than 1024.

Running with Docker-Compose

Below is an example of a simple Acunetix deployment using Docker-Compose.

This setup includes:

acunetix-main: A container hosting the main UI and backend.
acunetix-worker: An additional container running a scanning engine.

version: "3"
services:
adjust-permissions:
image: busybox
entrypoint: 'sh -c "chown -R 9900:9900 /user-data && chown -R 9900:9900 /worker-data"'
restart: 'no'
volumes:
- acunetix-user-data:/user-data
- acunetix-worker-data:/worker-data

acunetix-database:
image: postgres:17
restart: unless-stopped
environment:
POSTGRES_USER: acunetix
POSTGRES_PASSWORD: eKi1lB00lmteUCAhBXK7M5Mw41LNDyrN
POSTGRES_DB: wvs
PGDATA: /data/postgres
volumes:
- acunetix-db-data:/data
ports:
- "5432:5432"

acunetix-main:
restart: unless-stopped
depends_on:
- adjust-permissions
- acunetix-database
image: registry.invicti.com/acunetix/wvs:latest
environment:
acunetix_user_data: /home/acunetix/user-data
acunetix_database: postgresql://acunetix:eKi1lB00lmteUCAhBXK7M5Mw41LNDyrN@acunetix-database:5432/wvs
acunetix_user: acxuser@acunetix.com
acunetix_password: Trustno1!
acunetix_logging_console_level: DEBUG
acunetix_ssl_certificate: /home/acunetix/user-data/certs/server.cer
acunetix_ssl_private_key: /home/acunetix/user-data/certs/server.key
volumes:
- acunetix-user-data:/home/acunetix/user-data
ports:
- "0.0.0.0:3500:3443"
- "0.0.0.0:7900:7880"

acunetix-worker:
restart: unless-stopped
depends_on:
- adjust-permissions
- acunetix-database
- acunetix-main
image: registry.invicti.com/acunetix/wvs:latest
environment:
acunetix_user_data: /home/acunetix/worker-data
acunetix_ssl_certificate: /home/acunetix/user-data/certs/server.cer
acunetix_ssl_private_key: /home/acunetix/user-data/certs/server.key
acunetix_engineonly: 1
acunetix_logging_console_level: DEBUG
acunetix_main_backend_url: https://acunetix-main:3443
volumes:
- acunetix-worker-data:/home/acunetix/worker-data
ports:
- "0.0.0.0:3501:3443"

volumes:
acunetix-db-data:
acunetix-user-data:
acunetix-worker-data:

Configure workers

Postgres notes:
Migrating from lower postgres versions than mentioned in the script above, is not supported.

In this setup, the worker and main containers communicate over the Docker network. Here's how to configure them:

Internal communication:

Use the hostnames acunetix-worker and acunetix-main on port 3443.

External access:

Use the forwarded ports:

3500 for the main container
3501 for the worker container

Running within Kubernetes

To run with Kubernetes, utilize the provided manifest to deploy and configure the necessary resources. Clicking on the link downloads the following folders and files:

secret.yaml
acunetix-namespace.yaml
db folder:

database-service.yaml
database-vc.yaml
database-deployment.yaml

backend folder:

main-backend-deployment.yaml
main-backend-service.yaml
user-data-vc.yaml

Auto updates

This Docker image does not support automatic updates, as all versions are pinned.

To enable regular updates for the services, you can use a tool like Watchtower. Watchtower monitors your running Docker containers and automatically updates them when new versions of the images become available.

« Back to the Acunetix Documentation Page