It is possible to use CloudQuery in an isolated container, you can pull the relevant image with the docker commands shown on getting started guide.
CloudQuery uses a YAML file as the primary means of configuration, you can execute the
cloudquery init to generate a file if you do not already have one. For the CloudQuery docker container to use this configuration file you will need to mount the volume to the container like so:
docker run \ -v <ABSOLUTE PATH TO CONFIG>/cloudquery.yml:/config/cloudquery.yml \ ghcr.io/cloudquery/cloudquery:latest \ fetch --config /config/cloudquery.yml
As with running any
cloudquery command on your CLI you can override the config with the optional flags with the docker container. You will also need to make sure you load any ENV variables for providers, such as your
AWS_* keys etc.
If you are running Docker on an ARM Apple device and you see a segmentation fault when running the container like so
qemu: uncaught target signal 11 (Segmentation fault) - core dumped; please make sure you are running the latest Docker for Mac release.
Due to the way
cloudquery is architected it downloads all the components to interact with providers and policies. This means that with a docker container it runs the download step each state as the local cache is lost between executions. To avoid this we recommend mounting a volume to cache the data and configuring
cloudquery to use this via the
--data-dir optional flag. An example of this would be:
docker run \ -v <PATH TO CACHE>/.cq:/cache/.cq \ -v <PATH TO CONFIG>/cloudquery.yml:/config/cloudquery.yml \ ghcr.io/cloudquery/cloudquery:latest \ fetch --config /config/cloudquery.yml \ --data-dir /cache/.cq
Depending on your operating system, the built components maybe different between your local system and the container. To avoid the different please use a separate cache directory for the container than a local instance of
For the specifics of how
cloudquery fetch works, and what additional flags it uses please consult the command page. The command will check the
cloudquery.yml provided and proceed to download any providers defined, uploading the schema to the database, and retrieving the service data from the provider. An example of this command using it with AWS would be:
docker run \ -e AWS_ACCESS_KEY_ID=<YOUR AWS ACCESS KEY ID> \ -e AWS_SECRET_ACCESS_KEY=<YOU AWS SECRET ACCESS KEY> \ -v ~/Development/cloudquery-grafana/cloudquery.yml:/config/cloudquery.yml \ ghcr.io/cloudquery/cloudquery:latest \ fetch --config /config/cloudquery.yml
The docker container is set to be verbose by default, which produces a lot of console logs. This is by design.