Guides
Log In
Guides

Private Gateway

Suggest Edits

Note: Before you begin, ensure that the license and certificate/key pairs to be used in the deployment are ready and available.

Steps for Installation

  1. Log in to the target Linux machine where the Cyolo Private Gateway will be deployed.
  2. Download and extract the TAR file.

Create a new folder:

mkdir /home/cyolo

Switch to the newly created folder:

cd /home/cyolo/

Download the TAR ball:

curl -O <https://cyolo-public.s3.eu-central-1.amazo-> naws.com/offline/<Version>-cyolo-build.tar.gz

Note: Replace with the appropriate version number. For demonstration purposes, we would be installing version 6.6.3. 

(curl -O <https://cyolo-public.s3.eu-central-1.amazo-> naws.com/offline/6.6.3-cyolo-build.tar.gz)

Extract the TAR ball:

tar –zxvf <Version>-cyolo-build.tar.gz

Note: Replace with the appropriate version number.

tar –zxvf 6.6.3-cyolo-build.tar.gz

Switch to the extracted folder:

cd /home/cyolo/tmp/cyolo-build

Note: For available downloadable versions, refer to the Cyolo documentation or contact Cyolo Support.

  1. Prepare the license and certificates.

Name the Cyolo license file.

Rename the license file to license.cyolo and move it to the extracted build directory:

mv /path/to/license.cyolo /home/cyolo/tmp/cyolo-build/

Prepare the certificates.

Rename the certificate and key files to cert.pem and key.pem, respectively, and move them to the extracted build directory:

mv /path/to/cert.pem /home/cyolo/tmp/cyolo-build/ 

mv /path/to/key.pem /home/cyolo/tmp/cyolo-build/
  1. Execute the Cyolo Installer.

Navigate to the Cyolo build directory. Ensure that you are in the correct directory where the installer script is located:

cd /home/cyolo/tmp/cyolo-build/

Run the installer. Execute the offline installer script and choose the following installation option:

./offline-installer.sh EDGE offline

You will see a screen like this:

  1. Modify the configuration file.
    Edit the Docker Compose configuration. Modify the docker-compose.yml file to reflect the correct upstream settings: 
    nano  /etc/cyolo/config/docker-compose.yml

Update the following:

services: idac: image: registry.cyolo.io/cyolosec/idac:6.6.1 (This is the version of your IDAC, or it can be the latest if you have installed the latest version).

volumes:

  • /etc/cyolo/config:/config

  • /etc/cyolo/certs:/certs

  • PORT=443

  • SNI=tcp.<tenant>.cyolo.io

  • UPSTREAM=tcp.cyolo.io:443

  • UPSTREAM_SNI=tcp.cyolo.io ports:

  • "443:443"

  • "80:80"

Note: Confirm the values for Upstream and Upstream SNI with Cyolo Support, as they could vary depending on your deployment architecture.

  1. Pull the Docker image.

To obtain the digests for the router Docker image, you will need to pull the image directly from Docker Hub.

docker pull cyolosec/router:${version}

Replace ${version} with the appropriate version number (for example, 6.6.3 in our case).

  1. Start the Docker container.

Bring up the IDAC Docker container using the following command:

docker-compose -f /etc/cyolo/config/docker-compose.yml up -d

Updated 3 days ago