Deploy Nessus as a Docker Image

You can deploy a managed Nessus scanner or an instance of Nessus Professional as a Docker image to run on a container. The base image is a Oracle Linux 8 instance of Nessus. You can configure the Nessus instance with environment variables to configure the image with the settings you configure automatically.

Tenable does not recommend deploying Nessus in a Docker container that shares a network interface controller (NIC) with another Docker container.

Before you begin:

To deploy Nessus as a docker image:

  1. In your terminal, use the docker pull command to get the image.

    $ docker pull tenableofficial/nessus:<version>

  2. Use the docker run command to run your image.
    • Use the operators with the appropriate options for your deployment, as described in Operators.

    • To preconfigure Nessus, use the -e operator to set environment variables, as described in Environment Variables.

      Note: Tenable recommends you use environment variables to configure your instance of Nessus when you run the image. If you do not include environment variables such as an activation code, username, password, or linking key (if creating a managed Nessus scanner), you must configure those items later.

  3. If you did not include environment variables, complete any remaining configuration steps in the command-line interface or Nessus configuration wizard.

What to do next:

Operators

Operator Description
--name Sets the name of the container in Docker.
-d Starts a container in detached mode.
-p

Publishes to the specified port in the format host port:container port. By default, the port is 8834:8834.

If you have several Nessus containers running, use a different host port. The container port must be 8834 because Nessus listens on port 8834.

-e

Precedes an environment variable.

For descriptions of environment variables you can set to configure settings in your Nessus instance, see Environment Variables.

Environment Variables

The required and optional environment variables differ based on your Nessus license and whether you are linking to Tenable.io.