Discovering software in containers

Edit online

Docker and Podman are platforms that allow for automating the deployment of applications inside software containers. License Metric Tool discovers software that is installed inside Docker or Podman containers and measures its license metric utilization.

Requirements

License Metric Tool discovers software that is installed in Docker and Podman containers on condition that:
- Only one Docker or Podman engine is deployed on the host computer.
- The container is running.
- Scans and uploads of their results are enabled on the host computer.
- Software that is installed in the container delivers software ID tags.
- To ensure proper discovery of software on containers, the content of a container cannot change throughout its lifecycle.
- The BigFix® client or the disconnected scanner must be installed on the host computer.
The Docker container must be deployed on one of the following platforms:
- Red Hat Enterprise Linux 7 for x86
- Red Hat Enterprise Linux 7 for IBM System z (64-bit)
- SUSE Linux 12 for x86
The Podman container must be deployed on one of the following platforms:
- Red Hat Enterprise Linux 8 for x86
- Red Hat Enterprise Linux 9 for x86
Discovery of software that is installed in Podman containers relies on the compatibility of the podman command arguments with the syntax of the docker command arguments.
docker commands need to be redirected to the podman command in one of the following ways:
- install podman-docker Red Hat package.
- configure the installation path for Podman engine using the computer setting. For more information, see: Configuring scans on containers (BigFix scenario).
Note: Making the docker command an alias for podman command might not work.

Important: License Metric Tool should not be used for software running on Kubernetes as well as Red Hat® OpenShift container application platforms. Those are not subcapacity eligible technologies and IBM License Service solution should be used instead.

Enabling software discovery in containers

BigFix: Discovery of software that is installed in containers is enabled by default. In some Docker or Podman environments, you might need to perform additional steps to specify a non-default installation path, or to exclude directories from scanning. For more information, see: Configuring scans on containers (BigFix scenario). For information about disabling software discovery in containers, see: Disabling scans on containers (BigFix scenario).
Disconnected scanners: To enable discovery of software that is installed in containers, set the value of the DOCKER_SCAN_ENABLED parameter to true. For more information, see: Configuration parameters of the disconnected scanner (disconnected scenario).

Viewing software

Software that is installed in containers can be viewed on the Software Installations report. It is presented under the host computer. To learn why the software was discovered, click Details.

Details of software installed in a container

The details include, among other, information about:

Container on which the software was detected.
Software ID tag that caused the detection.

Measuring license metric utilization

Apart from discovering IBM software that is installed in containers, License Metric Tool also reports its license metric utilization. When the Docker or Podman engine is deployed on a physical host, license metric utilization is calculated on the level of the host. When it is deployed on a virtual machine, utilization is calculated on the level of the virtual machine. For more details, see the following scenarios.

Important: Docker and Podman are not a subcapacity eligible virtualization but they can be used in combination with a subcapacity eligible virtualization. The scenarios show how utilization of PVU and RVU MAPC is calculated. Utilization of other reported metrics is calculated in an analogical way.

Scenario 1: Docker or Podman engine deployed on a physical server

When the Docker or Podman engine is deployed directly on a physical server, PVU and RVU MAPC utilization is measured on the level of the host computer.

Example: Three containers are deployed on a physical server that has four Intel Xeon 3400 processors, each with six cores. It gives 24 cores in total. IBM MQ is installed in two out of three containers. License Metric Tool counts PVU and RVU MAPC utilization on the level of the host computer.

Docker or Podman engine deployed on a physical server

In this case, IBM MQ has access to 24 cores. According to the PVU table, when the server has four sockets, this processor model is assigned 100 PVUs per core. Thus, PVU utilization for IBM MQ equals 2400 PVUs. The value would be the same if another instance of IBM MQ was installed in the third container.

Scenario 2: Docker or Podman engine deployed on a virtual machine

When the Docker or Podman engine is deployed on a virtual machine, PVU and RVU MAPC utilization is counted as the highest number of PVUs that are available for the virtual machine.

Example: Two virtual machines are installed on a physical server that has four Intel Xeon 3400 processors, each with six cores. It gives 24 cores in total. Each virtual machine is assigned eight cores and has two containers deployed. IBM MQ is installed:

In one container on the first virtual machine
In two containers on the second virtual machine

Docker or Podman engine deployed on a virtual machine

In this case, IBM MQ that is installed on each of the virtual machines has access to eight cores. In total, it has access to 16 cores out of 24 cores that are available on the physical computer. According to the PVU table, when the server has four sockets, this processor model is assigned 100 PVUs per core. Thus, PVU utilization for IBM MQ equals 1600 PVUs. If the Docker or Podman engine was deployed directly on the physical server, IBM MQ would have access to 24 cores and its PVU utilization would equal 2400 PVUs.