Install with Docker

Installing Syntropy Agent with Docker

Suggest Edits

Installation with Docker

📘

Prerequisites

🚧

Running as root

At the moment, the Syntropy Agent requires running as root user.

Mandatory Variables

In order to successfully install Syntropy with Docker, you must have an API Key

Variable NameDescription
SYNTROPY_AGENT_TOKENSYNTROPY Network Agent Token (String)

👍

API Key Example

SYNTROPY_AGENT_TOKEN=nQlSAezB8yxncfdeW#$2mKR4UTqEQ2R5

Docker Network Subnet Overlap

When installing the agent, and setting up your endpoints, you need to make sure there's no docker network subnet overlap, otherwise, it may cause conflict leading to non-functioning connections. Subnets shouldn't overlap.

So let's assume you have 4 endpoints, two GCP & two AWS. You have to set up a separate docker network with a different subnet for each. Here's a quick example:

# GCP Endpoints

- gcp-instance-1:
    - subnet: 192.168.1.0/24
    - services:
        - redis: 192.168.1.1/32
        - mysql: 192.168.1.2/32
        - php-fpm: 192.168.1.3/32

- gcp-instance-2:
    - subnet: 192.168.2.0/24, 192.168.3.0/24
    - services:
        - pgsql: 192.168.2.1/32
        - memcached: 192.168.2.2/32

        - nginx: 192.168.3.1/32


# AWS Endpoints

- aws-instance-1:
    - subnet: 192.168.4.0/24
    - services:
        - service-1: 192.168.4.1/32
        - service-2: 192.168.4.2/32
        - service-3: 192.168.4.3/32


- aws-instance-2:
    - subnet: 192.168.5.0/24
    - services:
        - service-1: 192.168.5.1/32
        - service-2: 192.168.5.2/32
        - service-3: 192.168.5.3/32

Install with Docker

The easiest way to start with Syntropy Platform is to install Syntropy Agent with Docker:

// Syntropy AGENT Token is Required

sudo docker run --network="host" --restart=on-failure:10 \
--cap-add=NET_ADMIN \
--cap-add=SYS_MODULE -v /var/run/docker.sock:/var/run/docker.sock:ro \
--device /dev/net/tun:/dev/net/tun --name=syntropynet-agent \
-e SYNTROPY_NETWORK_API='docker' \
-e SYNTROPY_AGENT_TOKEN=<<agent_token>> -d syntropynet/agent:stable

FROM alpine

# Allow adding additional packages without modifying Dockefile
# e.g. # docker build --build-arg packages="vim bird" ./
ARG packages
RUN apk update && apk add --no-cache --update iptables wireguard-tools $packages

# Prepare binaries for all targets
RUN mkdir /tmp/target
COPY ./target /tmp/target

# Copy only required target architecture
RUN  apkArch="$(apk --print-arch)"; \
     case "$apkArch" in \
            x86_64) export ARCH='x86_64' ;; \
            aarch64) export ARCH='arm64' ;; \
            *) export ARCH='unsupported' ;; \
        esac; \
        cp /tmp/target/$ARCH/* /usr/bin

# Cleanup
RUN rm -rf /tmp/target

ENTRYPOINT [ "/usr/bin/syntropy_agent"]

docker run --network="host" --restart=on-failure:10 --cap-add=NET_ADMIN \
   --cap-add=SYS_MODULE -v /var/run/docker.sock:/var/run/docker.sock:ro \
   --device /dev/net/tun:/dev/net/tun --name=syntropynet-agent \
   -e SYNTROPY_AGENT_TOKEN=<<agent_token>> \
   -e SYNTROPY_NETWORK_API='host' \
   -e SYNTROPY_ALLOWED_IPS='[{"0.0.0.0/0":"internet"}]' \
   -e SYNTROPY_SERVICES_STATUS=true \
   -e SYNTROPY_TAGS=VPN -d syntropynet/agent:stable

Install with docker-compose

If you have multiple containers you are configuring for, you are able to use docker-compose for installation as well. 

# Syntropy API Key is Required

version: ‘2’

services:
  syntropy-agent:
    image: syntropynet/agent:stable
    container_name: syntropynet-agent
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - SYNTROPY_AGENT_TOKEN=<<agent_token>>
      - SYNTROPY_NETWORK_API=docker
    restart: always
    network_mode: “host”
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
    devices:
      - “/dev/net/tun:/dev/net/tun”

FROM alpine

# Allow adding additional packages without modifying Dockefile
# e.g. # docker build --build-arg packages="vim bird" ./
ARG packages
RUN apk update && apk add --no-cache --update iptables wireguard-tools $packages

# Prepare binaries for all targets
RUN mkdir /tmp/target
COPY ./target /tmp/target

# Copy only required target architecture
RUN  apkArch="$(apk --print-arch)"; \
     case "$apkArch" in \
            x86_64) export ARCH='x86_64' ;; \
            aarch64) export ARCH='arm64' ;; \
            *) export ARCH='unsupported' ;; \
        esac; \
        cp /tmp/target/$ARCH/* /usr/bin

# Cleanup
RUN rm -rf /tmp/target

ENTRYPOINT [ "/usr/bin/syntropy_agent"]

Run Docker Container

  • Start SYNTROPY Agent container in the background: 
sudo docker-compose up -d

Updated about 1 month ago

Next step

Customize your installation with Syntropy Agent Variables