Docker Container

Preflight Check

If you'd like to verify your environment's compatibility, use the :

curl -sSL https://github.com/qpoint-io/preflight/releases/latest/download/preflight.sh | sudo bash

Prerequisites

A Linux host with supported kernel (5.10+)
Docker. For installation instructions, refer to the .
A valid registration token from (Settings -> Installation)

Installation Steps

Download the latest Docker Image:

docker pull us-docker.pkg.dev/qpoint-edge/public/qtap:v0

Running Qtap in Docker

docker run \
  --user 0:0 \
  --privileged \
  --cap-add CAP_BPF \
  --cap-add CAP_SYS_ADMIN \
  --pid=host \
  --network=host \
  -v /sys:/sys \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -e TINI_SUBREAPER=1 \
  --ulimit=memlock=-1 \
  us-docker.pkg.dev/qpoint-edge/public/qtap:v0 \
  --log-level=info \
  --log-encoding=console \
  --registration-token=$TOKEN

Replace $TOKEN with your actual registration token obtained from .

Docker Run Command Options Explained

--user 0:0: Runs the container as root (necessary for eBPF operations).
--privileged: Gives extended privileges to this container.
--cap-add CAP_BPF: Adds the CAP_BPF capability (required for eBPF operations).
--cap-add CAP_SYS_ADMIN: Adds the CAP_SYS_ADMIN capability (for low-level system operations).
--pid=host: Shares the host's PID namespace with the container.
--network=host: Uses the host's network stack inside the container.
-v /sys:/sys: Mounts the host's /sys directory into the container.
-v /var/run/docker.sock:/var/run/docker.sock: Mounts the host's docker socket
-v "$(pwd):/app/config": Mounts the current directory to /app/config in the container.
-e TINI_SUBREAPER=1: Sets up Tini as a subreaper for proper signal handling.
--ulimit=memlock=-1: Removes the memory lock limit for eBPF programs.

Qtap-specific Flags

--log-level=info: Sets the logging level.
--log-encoding=console: Sets the log encoding format.
--registration-token=$TOKEN: Provides the registration token for Qtap.

Available Flags and Options

To see all available options and flags, run:

docker run --rm us-docker.pkg.dev/qpoint-edge/public/qtap:v0 --help

PreviousLinux Binary NextHelm Chart

Last updated 16 hours ago

Installation Steps

Download the latest Docker Image:

docker pull us-docker.pkg.dev/qpoint-edge/public/qtap:v0

Running Qtap in Docker

docker run \
  --user 0:0 \
  --privileged \
  --cap-add CAP_BPF \
  --cap-add CAP_SYS_ADMIN \
  --pid=host \
  --network=host \
  -v /sys:/sys \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -e TINI_SUBREAPER=1 \
  --ulimit=memlock=-1 \
  us-docker.pkg.dev/qpoint-edge/public/qtap:v0 \
  --log-level=info \
  --log-encoding=console \
  --registration-token=$TOKEN

Replace $TOKEN with your actual registration token obtained from .

Docker Run Command Options Explained

--user 0:0: Runs the container as root (necessary for eBPF operations).

--privileged: Gives extended privileges to this container.

--cap-add CAP_BPF: Adds the CAP_BPF capability (required for eBPF operations).

--cap-add CAP_SYS_ADMIN: Adds the CAP_SYS_ADMIN capability (for low-level system operations).

--pid=host: Shares the host's PID namespace with the container.

--network=host: Uses the host's network stack inside the container.

-v /sys:/sys: Mounts the host's /sys directory into the container.

-v /var/run/docker.sock:/var/run/docker.sock: Mounts the host's docker socket

-v "$(pwd):/app/config": Mounts the current directory to /app/config in the container.

-e TINI_SUBREAPER=1: Sets up Tini as a subreaper for proper signal handling.

--ulimit=memlock=-1: Removes the memory lock limit for eBPF programs.