Onprem runner configuration
To launch a virtual machine (VM) for your deployment, ensure the following requirements are met.
Prerequisites
Operating System
- Ubuntu: 22.04 or 24.04
System Requirements
| Resource | Requirement |
|---|---|
| CPU | 2 cores |
| RAM | 8 GB |
| Disk | 30 GB minimum |
Recommended Cloud Instances
| Provider | ARM-based Instances | x86-based Instances |
|---|---|---|
| AWS | t4g.large, m6g.large | t3.large, m6a.large |
| Azure | Standard_D2ps_v6 | Standard_D2s_v3, Standard_D2s_v4, Standard_D2s_v6 |
Software Requirements
- Docker must be installed and running on the VM. Install Docker (Official Documentation) (opens in a new tab)
Validate Docker Installation
Log in as ubuntu or any other non-root user, and run:
docker run hello-worldYou should see an output similar to the following if Docker is installed and running correctly:
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.Environment Variables:
To configure the FD_API_KEY, follow these steps:
Temporary Environment Variable
For a session-based environment variable, run the following command
export FD_API_KEY=valueNote: This variable will only be active until the session ends.
Persistent Environment Variable
To make the environment variable persist across sessions, add it to your .bashrc file.
- Open the
.bashrcfile for editing likenano ~/.bashrc - Add the line at the end of the file like
export FD_API_KEY=value - Save the file
- To apply the changes, run this command
source ~/.bashrc.
Download the DuckDefender script file:
wget https://awosasins-fd-artifacts.s3.us-east-1.amazonaws.com/runners/duckdefender-local.shchmod +x duckdefender-local.shsh duckdefender-local.shAfter the script runs successfully, the DuckDefender agent Docker container should be running. To verify, use the following command:
docker psIf the container is not running, check the stopped containers with:
docker ps -aTo view the agent logs, run the command:
docker logs duckdefender -fTo view the log file of a container, Docker typically stores logs in the following default location:
/var/lib/docker/containers/<container_id>/<container_id>-json.logEach container has its own log file named after its container ID. This log file contains both the standard output (stdout) and standard error (stderr) of the container.