Docker Engine Installation:

Debian Linux 12 Used in this article to be the docker host. 'Docker Engine is a CLI-based environment'.

1. Update and Set Docker Keyrings:
   
   

sudo apt-get update

sudo apt-get install ca-certificates curl

sudo install -m 0755 -d /etc/apt/keyrings

sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc

sudo chmod a+r /etc/apt/keyrings/docker.asc
                    

2. Add the repository to APT sources:
   
   echo \
   "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
    $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
    sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

    

    

3. Update the Repository List:
   
   sudo apt-get update
   
   

   

    

4. Install the latest version of Docker packages and tools:
   
   sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
   
   

   
   

5. Start the service and check the status:
   
   sudo systemctl start docker.service
   sudo systemctl start containerd.service
   
   

   

6. Enable service in startup:
   
   sudo systemctl enable docker.service
   
   
   sudo systemctl enable containerd.service
   
   

   

    

7. Test Docker with a simple container:

sudo docker run hello-world

FortiManager and FortiAnalyzer Docker Deployment:

• Fortinet has changed the product docker image provisioning strategy from pulling the image from the public docker repository to be requested by the user.
• Customer Service and TAC would bring it to the user per request.
• The user has a dissuasion ether to use docker host as a local registry or to push the image to his public/private repository.
• Once the image is located in the docker host directory, the 'import' command should be performed.

1. Confirm the image location on the Linux host:
   
   

cd /dir_of_imag/ 
ls –la

FortiManager and FortiAnalyzer images file should show ending by '.tar.xz' as (FMG/FAZ_DOCKER-vx-buildxxxx-FORTINET.tar.xz).

2. Prepare the Image to be ready to be run on the docker host as a container:
   
   docker import FMG_DOCKER-vN-buildxxxx-FORTINET.tar.xz <image:tag> -c 'ENTRYPOINT ["/sbin/init"]'
   
   

   
   

    

Fortinet images should have a '-c' option to allow docker to create container instructions and a 'ENTRYPOINT ["/sbin/init"]' variable to refer to the initial environment in startup.

2. FortiManager deployment with created 'macvlan' and volumes, using docker run:
   
   docker run -dit --name fmg --restart always --cap-add ALL -v fmgvar:/var -v fmgdata:/data --network macvlan --ip 10.5.49.102 fmg:7.4.6
   
   

   
   

    

3. Accessing FortiManager via GUI:

    

As shown, FortiManager deployed within the IP address that has used:

Related documents:

Technical Tip: FortiManager/FortiAnalyzer deployment on Docker Desktop

FortiManager 7.4.0 Docker Administration Guide