Guides
Log In
Guides

IDAC

Suggest Edits

Ensure the following before starting the offline installation:

Licenses and Certificates: Have your license file and certificate/key pairs ready and available.

Installation steps:

  1. Log in to the target Linux machine where the Cyolo IDAC will be deployed.
  2. Download and extract the TAR file.
    Create a new folder: 
    mkdir /home/cyolo
    Switch to the newly-created folder: 
    cd /home/cyolo/
    Download the TAR ball: 
    curl -O <https://cyolo-public.s3.eu-central-1.amazonaws.com/offline/><Version>-cyolo-build.tar.gz

Note: Replace with the appropriate version number.

For demonstration purposes, we will be installing version 6.6.1.

curl -O <https://cyolo-public.s3.eu-central-1.amazonaws.com/offline/6.6.1-cyolo-build.tar.gz>)

Extract the TAR ball:

tar –zxvf <Version>-cyolo-build.tar.gz

Note: Replace with the appropriate version number.

tar –zxvf 6.6.1-cyolo-build.tar.gz

Switch to the extracted folder:

cd /home/cyolo/tmp/cyolo-build

Note: For available downloadable versions, refer to the Cyolo documentation or contact Cyolo Support.

  1. Prepare the license and certificates.
    Name the Cyolo License File:
    Rename the license file to license.cyolo and move it to the extracted build directory: 
    mv /path/to/license.cyolo /home/cyolo/tmp/cyolo-build/
    Prepare the Certificates:
    Rename the certificate and key files to cert.pem and key.pem, respectively, and move them to the extracted build directory: 
    mv /path/to/cert.pem /home/cyolo/tmp/cyolo-build/  
mv /path/to/key.pem /home/cyolo/tmp/cyolo-build/

  2. Execute the Cyolo Installer.
    Navigate to the Cyolo Build Directory: Ensure that you are in the correct directory where the installer script is located: 
    cd /home/cyolo/tmp/cyolo-build/
    Run the Installer: Execute the offline installer script and choose the IDAC installation option: 
    ./offline-installer.sh IDAC offline
    You will see a screen like this:

Follow the instructions to complete the installation.

  1. Modify the configuration file.
    Edit the Docker Compose Configuration: Modify the docker-compose.yml file to reflect the correct upstream settings: 
    nano /etc/cyolo/config/docker-compose.yml
    Update the following -
    • services:
    • idac:
    • image: registry.cyolo.io/cyolosec/idac:6.6.1
      (the version of your IDAC or let it be latest if you have installed the latest version)
    • volumes:
      • /etc/cyolo/config:/config
      • /etc/cyolo/certs:/certs
      • /etc/cyolo:/dbdata
    • Environment:
      • UPSTREAM=tcp.cyolo.io:443
      • UPSTREAM_SNI=tcp.cyolo.io
      • ALLOW_SYSTEM_APPS_ANALYTICS=true
      • SITE=name of the SITE
        • RAFT_JOIN=true

Note: Confirm the values for Upstream and Upstream SNI with Cyolo support as they may vary depending on your deployment architecture.

  1. Pull the IDAC Docker image (for online sites).
    If you have online access, pull the IDAC Docker image to retrieve the image digests: 
    docker pull cyolosec/idac:${version}
    Replace ${version} with the appropriate version number. (for example: 6.6.1 in our case).
  2. Start the IDAC Docker container.
    Bring up the IDAC Docker container using the following command: 
    docker-compose -f /etc/cyolo/config/docker-compose.yml up -d

  3. Reset the Admin user's password, to secure the installation: 
    docker exec -it config_idac_1 bash  
./idac tinker admin reset-password <password>
    To confirm the successful installation of your IDAC, visit the Admin console of your tenant and navigate to Topology on the left panel. Then click IDACs. You will see the new IDAC in the list of your IDACS.

You can also confirm by going to the Topology subsection, where you can see your newly-created IDAC.

Updated 3 days ago