Configure a Docker Installation to Use CA Bundle
Note: This step applies only for Docker agent installations.
If you want to configure your installation to use CA certificates, follow these steps:
- Follow the same process for installing an agent, but stop once you have generated the run command.
Note: You can implement both a proxy and CA certificates with your installation. You can review the steps for the proxy set up here. You can stop at the point where you add the variables for the proxy before adding the steps for the CA certificate setup.
- Create a custom CA bundle for the following sites (i.e. /path/to/custom-ca.crt):
- APM URL (if applicable)
- Copy the docker run command and add the following environment variables and volume to the docker run command (NOTE: The bold portion below is the only part that can change):
- The full docker run command will look like the following:
docker run -d -e REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt -e AWS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt --env HARBOR_ID=<Harbor ID> --env SHIP_ID=<Ship ID> --env AUTH_TOKEN=<Auth Token> --env AUTO_UPDATE=true --env DISTRIBUTION=stable --name=blazemeter-crane --restart=on-failure -v /path/to/custom-ca.crt:/etc/ssl/certs/ca-certificates.crt -v /var/run/docker.sock:/var/run/docker.sock -v /tmp:/tmp --net=host blazemeter/crane python agent/agent.py
- Once you have added the extra values (if you have a proxy setup as well, you will need to have those variables included as well), copy the edited command and run it on the machine you are installing your Agent on, and follow the final steps of the Agent install to complete the installation.