[Feature request] Portainer support

Question

[Feature request] Portainer support

fahadshery opened this issue 2 years ago · 9 comments

fahadshery commented 2 years ago

Hi,

great idea to dockers hash cat :)

are you still updating/maintaining it?

I was thinking to deploy it using portainer/rancher.

thanks

Answer 1 · 2022-11-21T14:04:03.000Z

@fahadshery
Yes, I'm keeping the repository up to date and publishing updates when a new Hashcat version becomes available or if the users encounter issues running one of my containers.
I'll keep Dockerhub images active even though it costs me money and I'm doing this for free.

Answer 2 · 2022-11-21T16:00:27.000Z

I wish I could deploy it on Portainer and keep it running there and then just get into the shell as and when required?
I have a single Nvidia Tesla P40 GPU.

Here is how I deployed:

Tried deploying it on Portainer using dizcza/docker-hashcat:latest and passing the GPU. It didn't work. Then removed it from Portainer
Back to Terminal and ran:

nvidia-docker run -it dizcza/docker-hashcat /bin/bash

It lands me in the container's bash terminal where I could access:

nvidia-smi

# was able to run the following:
hashcat -I

# run a bechmark
hashcat -b

but obviously, the container dies as soon as you exit.

Answer 3 · 2022-11-21T21:21:58.000Z

the other reason is that you can mount host volume with relevant files into docker container and use them with hashcat. have you tried that?

Answer 4 · 2022-11-22T11:57:27.000Z

With the release of Docker 19.03, usage of nvidia-docker2 packages is deprecated since NVIDIA GPUs are now natively supported as devices in the Docker runtime.

So the correct way now is

docker run --gpus all  -it dizcza/docker-hashcat /bin/bash

With this command, everything works on my Geforce 980. I'll update readme. It should still work with nvidia-docker, but I don't have installed.

I have a single Nvidia Tesla P40 GPU.

Obviously, I cannot support all Nvidia cards for the simple reason that I don't have all of them to test. Even if I had all 100+ cards, it would take more than a day to test a new release.

Therefore, the users should fire issues if they encounter bugs. Here is what you can do:

Try running the docker with --gpus all and make sure you have >19.03 Docker installed on your host (docker --version).
Try both :latest and :cuda containers (tags) of this docker image. The latest has Cuda 10.2 installed while :cuda tag has Cuda 11 installed.
In either case, output the message of hashcat -I

For reference. Your card is Pascal architecture and any Cuda version 8.0 - current should work for you according to Nvidia official documentation https://docs.nvidia.com/deploy/cuda-compatibility/index.html. So in theory, both tags - latest and cuda should work.

Answer 5 · 2022-11-22T12:03:39.000Z

Also, you must have Nvidia drivers installed on your host machine in order to communicate between a docker container and the host. See https://docs.nvidia.com/ai-enterprise/deployment-guide/dg-docker.html#enabling-the-docker-repository-and-installing-the-nvidia-container-toolkit

Answer 6 · 2022-11-22T15:14:45.000Z

My question was:
how do you mount a volume from host into the container so that I can access my files to be cracked? I think you should just create a folder called user_files in the /root location which a user can map from the host machine to get files into the container to be cracked....

So the correct way now is

docker run --gpus all  -it dizcza/docker-hashcat /bin/bash

yes, I figured and that's what I have been using. thanks

Obviously, I cannot support all Nvidia cards for the simple reason that I don't have all of them to test. Even if I had all 100+ cards, it would take more than a day to test a new release.

you're right but this was just for info and it is working fine with your docker image. no issues.
The suggestion was if it was possible to run your image via portainer and keep it running instead of using the docker run command every time you need it???

In either case, output the message of hashcat -I

here is one of my rigs output:

root@5eda00985444:~# hashcat -I
hashcat (v6.2.6) starting in backend information mode

CUDA Info:
==========

CUDA.Version.: 11.7

Backend Device ID #1 (Alias: #2)
  Name...........: NVIDIA GeForce GTX 1060 6GB
  Processor(s)...: 10
  Clock..........: 1746
  Memory.Total...: 6078 MB
  Memory.Free....: 6015 MB
  Local.Memory...: 48 KB
  PCI.Addr.BDFe..: 0000:00:02.0

OpenCL Info:
============

OpenCL Platform ID #1
  Vendor..: NVIDIA Corporation
  Name....: NVIDIA CUDA
  Version.: OpenCL 3.0 CUDA 11.7.102

  Backend Device ID #2 (Alias: #1)
    Type...........: GPU
    Vendor.ID......: 32
    Vendor.........: NVIDIA Corporation
    Name...........: NVIDIA GeForce GTX 1060 6GB
    Version........: OpenCL 3.0 CUDA
    Processor(s)...: 10
    Clock..........: 1746
    Memory.Total...: 6078 MB (limited to 1519 MB allocatable in one block)
    Memory.Free....: 5952 MB
    Local.Memory...: 48 KB
    OpenCL.Version.: OpenCL C 1.2
    Driver.Version.: 515.76
    PCI.Addr.BDF...: 00:02.0

Also, you must have Nvidia drivers installed on your host machine in order to communicate between a docker container and the host.

yup, already done it 👍

Answer 7 · 2022-11-24T09:16:26.000Z

Sorry, I had 20 hours without electricity and internet.

how do you mount a volume from host into the container so that I can access my files to be cracked?

docker run -v /path/to/host:/path/in/docker/container -it <docker image name> bash

/path/in/docker/container will be "created" automatically - think of it as a soft link. No need to create any folder in the docker container. Read about the -v (--volume) flag on docker documentation.

All right, so you have no problems running the image in docker.

The suggestion was if it was possible to run your image via portainer and keep it running instead of using the docker run command every time you need it???

Portainer is a paid service and I've not tried running anything there, and in the nearest future, I won't be using this service either. So the answer is I don't know.

Answer 8 · 2022-11-24T09:55:18.000Z

/path/in/docker/container will be "created" automatically - think of it as a soft link. No need to create any folder in the docker container. Read about the -v (--volume) flag on docker documentation.

Got it, thanks!

All right, so you have no problems running the image in docker.

Correct!

Portainer is a paid service and I've not tried running anything there, and in the nearest future, I won't be using this service either. So the answer is I don't know.

Nope, Portainer Community Edition (CE) is free. It's is a powerful, open source toolset that allows you to easily build and manage containers in Docker, Docker Swarm, Kubernetes and Azure ACI. I have been using it to manage different Docker containers. It's like setting up docker via a GUI

Answer 9 · 2022-11-24T11:08:33.000Z

Nope, Portainer Community Edition (CE) is free. It's is a powerful, open source toolset that allows you to easily build and manage containers in Docker, Docker Swarm, Kubernetes and Azure ACI. I have been using it to manage different Docker containers. It's like setting up docker via a GUI

Ah, great, I didn't notice it has a community edition version. Still, I won't probably jump into their service in the nearest future since currently I'm occupied with survival tech. Even if I manage to run my docker image on portainer, I don't know beforehand how much effort will be needed to maintain the image there.

If more and more people are interested in portainer service, I'll revise my attitude. I'll keep the issue open for a time being.