Install with Docker
Installing Syntropy Agent with Docker
Installation with Docker
Prerequisites
- To run an installation with Docker, you must have it installed. Docker installation: https://docs.docker.com/engine/install/
- WireGuard® installation: https://www.wireguard.com/install/
Starting from 5.6.x, Linux kernel supports WireGuard® by default.
Running as root
At the moment, the Syntropy Agent requires running as
root
user.
Mandatory Variables
In order to successfully install Syntropy with Docker, you must have an API Key
Variable Name | Description |
---|---|
SYNTROPY_AGENT_TOKEN | SYNTROPY Network Agent Token (String) |
API Key Example
SYNTROPY_AGENT_TOKEN=nQlSAezB8yxncfdeW#$2mKR4UTqEQ2R5
Docker Network Subnet Overlap
When installing the agent, and setting up your endpoints, you need to make sure there's no docker network subnet overlap, otherwise, it may cause conflict leading to non-functioning connections. Subnets shouldn't overlap.
So let's assume you have 4 endpoints, two GCP & two AWS. You have to set up a separate docker network with a different subnet for each. Here's a quick example:
# GCP Endpoints
- gcp-instance-1:
- subnet: 192.168.1.0/24
- services:
- redis: 192.168.1.1/32
- mysql: 192.168.1.2/32
- php-fpm: 192.168.1.3/32
- gcp-instance-2:
- subnet: 192.168.2.0/24, 192.168.3.0/24
- services:
- pgsql: 192.168.2.1/32
- memcached: 192.168.2.2/32
- nginx: 192.168.3.1/32
# AWS Endpoints
- aws-instance-1:
- subnet: 192.168.4.0/24
- services:
- service-1: 192.168.4.1/32
- service-2: 192.168.4.2/32
- service-3: 192.168.4.3/32
- aws-instance-2:
- subnet: 192.168.5.0/24
- services:
- service-1: 192.168.5.1/32
- service-2: 192.168.5.2/32
- service-3: 192.168.5.3/32
Install with Docker
The easiest way to start with Syntropy Platform is to install Syntropy Agent with Docker:
// Syntropy AGENT Token is Required
sudo docker run --network="host" --restart=on-failure:10 \
--cap-add=NET_ADMIN \
--cap-add=SYS_MODULE -v /var/run/docker.sock:/var/run/docker.sock:ro \
--device /dev/net/tun:/dev/net/tun --name=syntropynet-agent \
-e SYNTROPY_NETWORK_API='docker' \
-e SYNTROPY_AGENT_TOKEN=<<agent_token>> -d syntropynet/agent:stable
FROM alpine
# Allow adding additional packages without modifying Dockefile
# e.g. # docker build --build-arg packages="vim bird" ./
ARG packages
RUN apk update && apk add --no-cache --update iptables wireguard-tools $packages
# Prepare binaries for all targets
RUN mkdir /tmp/target
COPY ./target /tmp/target
# Copy only required target architecture
RUN apkArch="$(apk --print-arch)"; \
case "$apkArch" in \
x86_64) export ARCH='x86_64' ;; \
aarch64) export ARCH='arm64' ;; \
*) export ARCH='unsupported' ;; \
esac; \
cp /tmp/target/$ARCH/* /usr/bin
# Cleanup
RUN rm -rf /tmp/target
ENTRYPOINT [ "/usr/bin/syntropy_agent"]
docker run --network="host" --restart=on-failure:10 --cap-add=NET_ADMIN \
--cap-add=SYS_MODULE -v /var/run/docker.sock:/var/run/docker.sock:ro \
--device /dev/net/tun:/dev/net/tun --name=syntropynet-agent \
-e SYNTROPY_AGENT_TOKEN=<<agent_token>> \
-e SYNTROPY_NETWORK_API='host' \
-e SYNTROPY_ALLOWED_IPS='[{"0.0.0.0/0":"internet"}]' \
-e SYNTROPY_SERVICES_STATUS=true \
-e SYNTROPY_TAGS=VPN -d syntropynet/agent:stable
Install with docker-compose
If you have multiple containers you are configuring for, you are able to use docker-compose for installation as well.
# Syntropy API Key is Required
version: ‘2’
services:
syntropy-agent:
image: syntropynet/agent:stable
container_name: syntropynet-agent
cap_add:
- NET_ADMIN
- SYS_MODULE
environment:
- SYNTROPY_AGENT_TOKEN=<<agent_token>>
- SYNTROPY_NETWORK_API=docker
restart: always
network_mode: “host”
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
devices:
- “/dev/net/tun:/dev/net/tun”
FROM alpine
# Allow adding additional packages without modifying Dockefile
# e.g. # docker build --build-arg packages="vim bird" ./
ARG packages
RUN apk update && apk add --no-cache --update iptables wireguard-tools $packages
# Prepare binaries for all targets
RUN mkdir /tmp/target
COPY ./target /tmp/target
# Copy only required target architecture
RUN apkArch="$(apk --print-arch)"; \
case "$apkArch" in \
x86_64) export ARCH='x86_64' ;; \
aarch64) export ARCH='arm64' ;; \
*) export ARCH='unsupported' ;; \
esac; \
cp /tmp/target/$ARCH/* /usr/bin
# Cleanup
RUN rm -rf /tmp/target
ENTRYPOINT [ "/usr/bin/syntropy_agent"]
Run Docker Container
- Start SYNTROPY Agent container in the background:
sudo docker-compose up -d
Updated 7 months ago