Linux Binary

This guide provides a secure, best-practice approach to installing and configuring the Qtap agent on Linux systems, independent from .

Prerequisites

Before installation, verify your environment's compatibility:

curl -sSL https://github.com/qpoint-io/preflight/releases/latest/download/preflight.sh | sudo bash

Requirements:

• Linux host with kernel version 5.10+

• x86_64 or arm64 architecture

• Root/sudo access

Installation Methods

Automated Installation

The quickest way to install Qtap is via our installation script, which places Qtap into your path:

curl -s https://get.qpoint.io/install | sudo sh

sudo qtap

Manual Installation

For more control, you can manually install the binary:

1. Download the appropriate binary for your architecture:

   Copy

   # For x86_64
   curl -L https://downloads.qpoint.io/qpoint/qtap-v0.9.9-linux-amd64.tgz -o qtap.tgz
   
   # For arm64
   curl -L https://downloads.qpoint.io/qpoint/qtap-v0.9.9-linux-arm64.tgz -o qtap.tgz

2. Extract and install the binary:

   Copy

   tar -xzf qtap.tgz
   sudo mv qtap-* /usr/local/bin/qtap
   sudo chmod +x /usr/local/bin/qtap

3. Run Qtap:

   Copy

   sudo qtap

Configuration Setup

1. Create a standard configuration directory with appropriate permissions:

   Copy

   sudo mkdir -p /etc/qtap

2. Copy

   sudo nano /etc/qtap/qpoint.yaml

3. Set appropriate permissions:

   Copy

   sudo chmod 640 /etc/qtap/qpoint.yaml
   sudo chown root:root /etc/qtap/qpoint.yaml

4. For sensitive credentials (if applicable), create a separate environment file:

   Copy

   sudo touch /etc/qtap/environment
   sudo chmod 600 /etc/qtap/environment

5. Add any sensitive environment variables to this file:

   Copy

   # Example for S3 credentials if needed
   echo "S3_ACCESS_KEY=your_access_key" | sudo tee -a /etc/qtap/environment
   echo "S3_SECRET_KEY=your_secret_key" | sudo tee -a /etc/qtap/environment

Running as a Systemd Service

1. Create a systemd service file:

   Copy

   sudo tee /etc/systemd/system/qtap.service << 'EOF'
   [Unit]
   Description=Qtap Traffic Analysis Service
   After=network.target
   
   [Service]
   Type=simple
   User=root
   # Only include Environment if you have sensitive environment variables
   EnvironmentFile=/etc/qtap/environment
   ExecStart=/usr/local/bin/qtap --config=/etc/qtap/qpoint.yaml
   Restart=always
   RestartSec=1
   
   [Install]
   WantedBy=multi-user.target
   EOF

2. Reload systemd, enable and start the service:

   Copy

   sudo systemctl daemon-reload
   sudo systemctl enable qtap
   sudo systemctl start qtap

Verification

1. Check the service status:

   Copy

   sudo systemctl status qtap

2. Verify the running version:

   Copy

   qtap --version

3. Monitor the logs:

   Copy

   sudo journalctl -u qtap -f

Updating Qtap Service

1. Stop the service:

   Copy

   sudo systemctl stop qtap

2. Download and install the new version:

   Copy

   # Download the new version
   curl -L https://downloads.qpoint.io/qpoint/qtap-vX.Y.Z-linux-amd64.tgz -o qtap-new.tgz
   
   # Extract and replace
   tar -xzf qtap-new.tgz
   sudo mv qtap-* /usr/local/bin/qtap
   sudo chmod +x /usr/local/bin/qtap

3. Restart the service:

   Copy

   sudo systemctl start qtap

4. Verify the update:

   Copy

   qtap --version
   sudo systemctl status qtap

Configuration Management Best Practices

• Version Control: Track configuration changes in a version control system

• Regular Backups: Include /etc/qtap in your backup strategy

• Configuration Reviews: Implement a review process for configuration changes

• Automation: Consider using configuration management tools (Ansible, Chef, Puppet) for deployment

Remember that Qtap requires root permissions to work properly due to its use of eBPF for traffic monitoring.