The last weekend in February, Holberton School and Docker held a joint Docker Hackathon where current students spent 24 hours making cool Docker hacks. Students were joined by Docker mentors who helped them along the way in addition to serving as judges for the final products.
Here are some highlights from the hackathon.
Third place goes to… Julien, a personal assistant built with Docker and Alexa by Bobby and Larry
In their own words:
After discussing a few ideas, we settled on the idea of doing a Docker/Alexa integration that would abstract away repetitive command line interactions, allowing the user/developer to check the state of her Docker containers, and easily deploy them to production, only using voice commands. Hands free, we would prompt Alexa to interact with our Docker images and containers in various ways (ex1: “spin up image file x on server y”, “list all running containers on server z”, “deploy image a from server x to server y”) and Alexa would do it.
The main technical hurdle of the project was securely communicating between Alexa and our VMs running. To do this we used the Java JSch library. This class gave us the ability to programmatically shell into our virtual machines, run commands and receive the output remotely from the VM. Here is a basic diagram of our the data flow: voice command→ Alexa intent interpreter (running on AWS Lambda) selects a bash script executing Docker commands with variables passed in → jsh opens a ssh session into the selected VM and runs script → outputs of script returns via jsh → Alexa interprets returned output and gives audio message declaring success or other output as appropriate.
Check out their project on GitHub: Julien, a personal assistant built with Docker and Alexa
Second place goes to… Call Me Moby — An SMS Container Management App by Corbin Coleman and Jennie Chu
Call Me Moby works in the following ways:
1. Your docker command text is received by our web server as a HTTP POST request
2. Twilio API interprets this request and reads your message as text
3. This text is later parsed and then interacts with the Docker Engine API to perform your operation.
4. We then send back our response to the web server, often times including a text message reply with necessary return statements
5. Finally our message will be sent and received by our phone.
How Can You Use it? Grab the Call Me Moby image from Docker Hub.
In their own words:
Our app.py file contains the brute of the application, handling incoming HTTP requests, maintaining our web server, and utilizing both the Docker Engine and Twilio API. Try running the python3 app.py and go open your local host on your favorite web browser!
Unfortunately, the current app is only running in the local environment and in order for our server to receive the HTTP request, we has to use the ngrok tunneling service. Ngrok provides a localhost tunnel such that outside services can get access to our local development environment. After installation, run Ngrok locally using ./ngrok http 5000, to create your forwarding address. You can also copy and paste your forwarding address into your web browser and see that now any machine can have access to our local environment. Assuming you have a Twilio Account and phone number, just copy and paste your forwarding address to your Twilio phone number management console. From there, run your app.py and start texting and managing!
Check out their project on GitHub: Call Me Moby — An SMS Container Management App
And the winner is … (drum roll please)… HMS (Honeypot Management System) by Holden Grissett by Tim Britton
In their own words:
HMS (Honeypot Management System, also a great naval pun) is a honeypot server custom-tailored to make use of the modularity of containers for extensibility and security. We adapted the honeypot server for use in swarm mode to demonstrate the use of container-based honeypots at scale in swarm mode. This system allows us to easily scale up data collection for security research.
HMS currently includes a server to mimic an insecure telnet service, made for the hackathon. Upon connection to the server, a container is spun up for each client. The client’s input is parsed and can either be sent directly to the container and the response sent directly to the client (to give the illusion that they’re directly inside the container), or commands can have pre-scripted responses, or blocked entirely for security. It’s currently set-up to mimic a Busybox installation, but with minor tweaking could easily emulate any image on Docker Store! At current it easily passes tests made by Mirai and Hajime botnets. When these bots seemingly successfully download their malware and exit the server, the container is checked for differences and any downloaded or created files are tar’d and saved for logging purposes.
Going forward, we are extending our functionality to make deploying honeypot images in swarm mode faster and easier. We would also like to extend functionality to existing honeypots and create more of our own container-based honeypots.
Check out their project on GitHub: HMS (Honeypot Management System)
Get involved with the Docker Community: