This the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

    Airgapped Agent Installation

    Airgapped environments are those that do not have the network access to pull images from the container repository. Agent installation requires sysdigcloud-probe and you cannot download a pre-compiled module in an airgapped environment. Therefore, ensure that you compile your own sysdigcloud-probe before installing the agent.

    Prepare the Sysdig Probe Builder Images

    On a machine with internet connectivity, build the Sysdig probe container and create a tar file of the image.

    1. Get the probe builder artifacts from the repository:

      $ git clone https://github.com/draios/sysdig
      $ git checkout probe-builder
      $ cd sysdig
      
    2. Build the container image:

      $ docker build -t airgap/sysdig-probe-builder probe-builder/
      
    3. Create the container and run:

      $ docker run --rm -v /var/run/docker.sock:/var/run/docker.sock airgap/sysdig-probe-builder:latest -P -b airgap/
      
    4. Save the images to a tar archive:

      $ docker save airgap/sysdig-probe-builder | gzip > builders.tar.gz
      

      Ensure that you make this tar available to the airgapped machines where you intend to install the Sysdig agent.

    Set Up Kernel Module

    1. Set up a local repository to host the pre-compiled kernel module:

      $ kubectl run my-nginx --image=nginx --port=80
      $ kubectl expose deployment my-nginx --port=80 --type=NodePort
      
    2. Copy sysdigcloud-probe to the repository you have created:

      $ kubectl cp sysdigcloud-probe-<version> my-nginx-xxxxxxxx-xxxx:/usr/share/nginx
      

    Install Agent in Docker Environment

    1. Install Sysdig agent by pointing SYSDIG_PROBE_URL to the local repository:

      For docker-based installations:

      $ docker run -d --name sysdig-agent --restart always --privileged --net host --pid host -e ACCESS_KEY=WWWWW-YYYY-XXXX-ZZZZ-123456789 -e SECURE=true -e SYSDIG_PROBE_URL=http://www.mywebserver.net:80/ -v /var/run/docker.sock:/host/var/run/docker.sock -v /dev:/host/dev -v /proc:/host/proc:ro -v /boot:/host/boot:ro -v /lib/modules:/host/lib/modules:ro -v /usr:/host/usr:ro --shm-size=512m sysdig/agent
      

      Where -e SYSDIG_PROBE_URL=http://www.mywebserver:80/ is the local nginx pod with the loaded module.

      To use secure communication with a self-signed or untrusted certificate, apply the -e SYSDIG_PROBE_INSECURE_DOWNLOAD=true environment variable.

    2. Check the agent log. You will see a similar message:

      Found custom module URL http://mywebserver:80/, will use it * Trying to download precompiled module from http://mywebserver:80/sysdigcloud-probe-<version>
      
    3. Continue with the instructions in Agent Install: Non-Orchestrated.

    Install Agent in Kubernetes Environment

    1. Open your agent daemonset and update the SYSDIG_PROBE_URL to point to the local repository:

      - name: SYSDIG_PROBE_URL
        value: http://www.mywebserver:80/
      

      If you would like to use secure communication with a self-signed or untrusted certificate, apply the SYSDIG_PROBE_INSECURE_DOWNLOAD environment variable.

      - name: SYSDIG_PROBE_INSECURE_DOWNLOAD
        value: true
      
    2. Continue with the instructions in Agent Install: Kubernetes.