Deploy the local TACACS+ server container using Docker on Linux
In this topic, you will learn how to deploy the Portnox™ Cloud local TACACS+ server container using Docker on a local Linux machine (physical or virtual).
Read the following important information before you begin:
-
We assume that the Linux machine is already installed, configured, updated, and connected to the local network. This guide includes only the installation and configuration of Docker and the Portnox Cloud local TACACS+ server container.
Install Docker
In this section, you will learn how to install Docker on the Linux machine.
Skip this section if Docker is already installed.
- Open the Terminal window.
-
Install Docker using your distribution’s package management framework.
Ubuntu:
sudo apt-get install docker.io -yRedHat:
sudo yum install -y yum-utils sudo yum-config-manager --add-repo https://download.docker.com/linux/rhel/docker-ce.repo sudo yum install docker-ce sudo systemctl start docker -
Test Docker using the Hello World test container.
sudo docker run hello-worldResult: Hello from Docker! This message shows that your installation appears to be working correctly.
Run the Portnox Cloud local TACACS+ server container
In this section, you will learn how to deploy the local TACACS+ server Docker container locally to the Linux machine.
-
Copy and paste the values of the three environment variables that you saved
earlier (or copy them directly from Portnox Cloud) into three export
commands.
sudo export TACACS_GATEWAY_ORG_ID=copied_TACACS_GATEWAY_ORG_ID sudo export TACACS_GATEWAY_PROFILE=copied_TACACS_GATEWAY_PROFILE sudo export TACACS_GATEWAY_TOKEN=copied_TACACS_GATEWAY_TOKEN -
Run the portnox/portnox-tacacs Docker container.
sudo docker run -d -p 49:49/tcp \ --name portnox-tacacs --restart=always \ -v portnox-tacacs-data:/data \ -e TACACS_GATEWAY_PROFILE=$TACACS_GATEWAY_PROFILE \ -e TACACS_GATEWAY_ORG_ID=$TACACS_GATEWAY_ORG_ID \ -e TACACS_GATEWAY_TOKEN=$TACACS_GATEWAY_TOKEN \ portnox/portnox-tacacs:latestNote: The -v option creates and mounts a Docker volume that preserves the local TACACS+ server data in case the container stops running, for example, if the machine is restarted or crashes. Without this option, local TACACS+ cached data would be lost if the container stops running. To learn more about Docker volumes and an alternative, bind mounts, see Docker documentation. - Optional:
View the logs for the portnox/portnox-tacacs Docker container.
sudo docker logs portnox-tacacs -f
Result: Your local TACACS+ server is active.
You can check its status in Portnox Cloud, in the section.
Update an existing local TACACS+ server container
In this section, you will learn how to update your Docker container to the latest local TACACS+ server version.
-
Stop the old Docker container:
sudo docker stop portnox-tacacs - Optional:
If you want to save space, remove the old version of the Docker image:
sudo docker rmi portnox/portnox-tacacs:latest -
Pull the latest version of the Docker image:
sudo docker pull portnox/portnox-tacacs:latest -
Remove the old Docker container:
sudo docker rm portnox-tacacs -
Deploy the new Docker container on the basis of the new image:
sudo docker run -d -p 49:49/tcp \ --name portnox-tacacs --restart=always \ -v portnox-tacacs-data:/data \ -e TACACS_GATEWAY_PROFILE=$TACACS_GATEWAY_PROFILE \ -e TACACS_GATEWAY_ORG_ID=$TACACS_GATEWAY_ORG_ID \ -e TACACS_GATEWAY_TOKEN=$TACACS_GATEWAY_TOKEN \ portnox/portnox-tacacs:latest