Onprem runner configuration
To launch a virtual machine (VM) for your deployment, ensure the following requirements are met.
Prerequisites
Operating System
- Ubuntu: 22.04 or 24.04
System Requirements
| Resource | Requirement |
|---|---|
| CPU | 2 cores |
| RAM | 8 GB |
| Disk | 30 GB minimum |
Recommended Cloud Instances
| Provider | ARM-based Instances | x86-based Instances |
|---|---|---|
| AWS | t4g.large, m6g.large | t3.large, m6a.large |
| Azure | Standard_D2ps_v6 | Standard_D2s_v3, Standard_D2s_v4, Standard_D2s_v6 |
Software Requirements
- Docker must be installed and running on the VM. Install Docker (Official Documentation) (opens in a new tab)
Validate Docker Installation
Log in as ubuntu or any other non-root user, and run:
docker run hello-worldYou should see an output similar to the following if Docker is installed and running correctly:
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.Environment Variables:
The Flyingduck API Key is required to establish connectivity between the VM and the Flyingduck Portal for securely sending data.
Configure the API key using FD_API_KEY.
Download the DuckDefender script file:
wget -O duckdefender-local.sh https://assets.in.flyingduck.io/scripts/runners/duckdefender-local.sh && chmod +x duckdefender-local.sh && sh duckdefender-local.shAfter the script runs successfully, the DuckDefender agent Docker container should be running. To verify, use the following command:
docker psIf the container is not running, check the stopped containers with:
docker ps -aTo view the agent logs, run the command:
docker logs duckdefender -fTo view the log file of a container, Docker typically stores logs in the following default location:
/var/lib/docker/containers/<container_id>/<container_id>-json.logEach container has its own log file named after its container ID. This log file contains both the standard output (stdout) and standard error (stderr) of the container.