Docker Container

Preflight Check

If you'd like to verify your environment's compatibility, use the following script:

curl -sSL https://github.com/qpoint-io/preflight/releases/latest/download/preflight.sh | sudo bash

Prerequisites

• A Linux host with supported kernel (5.10+)

• Docker. For installation instructions, refer to the Docker official documentation.

• A valid registration token from app.qpoint.io (Settings -> Installation)

Installation Steps

Download the latest Docker Image:

docker pull us-docker.pkg.dev/qpoint-edge/public/qtap:v0

Running Qtap in Docker

docker run \
  --user 0:0 \
  --privileged \
  --cap-add CAP_BPF \
  --cap-add CAP_SYS_ADMIN \
  --pid=host \
  --network=host \
  -v /sys:/sys \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -e TINI_SUBREAPER=1 \
  --ulimit=memlock=-1 \
  us-docker.pkg.dev/qpoint-edge/public/qtap:v0 \
  --log-level=info \
  --log-encoding=console \
  --registration-token=$TOKEN

Docker Run Command Options Explained

1. --user 0:0: Runs the container as root (necessary for eBPF operations).

2. --privileged: Gives extended privileges to this container.

3. --cap-add CAP_BPF: Adds the CAP_BPF capability (required for eBPF operations).

4. --cap-add CAP_SYS_ADMIN: Adds the CAP_SYS_ADMIN capability (for low-level system operations).

5. --pid=host: Shares the host's PID namespace with the container.

6. --network=host: Uses the host's network stack inside the container.

7. -v /sys:/sys: Mounts the host's /sys directory into the container.

8. -v /var/run/docker.sock:/var/run/docker.sock: Mounts the host's docker socket

9. -v "$(pwd):/app/config": Mounts the current directory to /app/config in the container.

10. -e TINI_SUBREAPER=1: Sets up Tini as a subreaper for proper signal handling.

11. --ulimit=memlock=-1: Removes the memory lock limit for eBPF programs.

Qtap-specific Flags

• --log-level=info: Sets the logging level.

• --log-encoding=console: Sets the log encoding format.

• --registration-token=$TOKEN: Provides the registration token for Qtap.

Available Flags and Options

To see all available options and flags, run:

docker run --rm us-docker.pkg.dev/qpoint-edge/public/qtap:v0 --help