Skip to main content
Click on the desired cloud provider and follow the installation and configuration instructions:

AWS

Overview

Follow the steps below to install and configure an agent within your Amazon Web Services (AWS) environment.

Prerequisites

Step One - Create an Agent

Follow the Create an Agent guide to define an agent and generate the bootstrap config file that will be used in step two.

Step Two - Launch an agent in AWS

  1. Prepare the UserData by going to your agent’s page in Control Plane. Select Download Scripts from the Actions menu. Paste the bootstrap token you saved earlier and copy the YAML that shows in the Userdata Script tab.
  2. Log in to the AWS Console.
  3. Navigate to EC2 service
  4. You can deploy a single VM or an ASG to create multi-instance deployment of the agent
Refer to the Agent Sizing Guidance page for additional details on which instance type to select.
  1. Optional: Under the Key pair(login) section, select or create a new key pair to enable SSH access to the agent. A key pair is necessary only for accessing the agent during troubleshooting.
If you do not have an AWS key-pair created, the console will help you to create one.Since the agent instance will never need to be connected to (except for troubleshooting), you may proceed without a key-pair.
  1. Under the Network setting section, review the details and verify that the selected VPC is the same as the AWS resource you are trying to access.
  2. Under the Configure storage section, click the Advanced link and expand the volume property. Modify the Delete on termination dropdown to Yes. This will ensure the associated volume is removed if the agent is terminated, thereby preventing any orphaned volumes.
  3. Expand the Advanced details section. Scroll to the bottom and paste User data textbox.
  4. Click Launch instance in the lower right corner.
  5. After a brief moment, the instance will launch and be ready to process requests.

Next Steps

Now that you have an agent configured and running, it can be used within an identity to allow your workload to connect to your internal AWS resources.

Azure

Overview

Follow the steps below to install and configure an agent within your Microsoft Azure environment.

Prerequisites

Step One - Create an Agent

Follow the Create an Agent guide to define an agent and generate the bootstrap config file that will be used in step two.

Step Two - Launch an agent in Azure

  1. Prepare the UserData by going to your agent’s page in Control Plane. Select Download Scripts from the Actions menu. Paste the bootstrap token you saved earlier and copy the YAML that shows in the Userdata Script tab.
  2. Log in to the Azure Console.
  3. Use these recommended settings for the Create a virtual machine wizard:
  • Basic
    • Subscription: Choose the appropriate subscription.
    • Resource Group: Choose the appropriate resource group. If necessary, create a new one.
    • Virtual machine name: Enter Control-Plane-Agent-01. If installing multiple agents, increment the number.
    • Region: Select a region closest to your other Azure resources.
    • Availability options: Select No infrastructure redundancy required. Use a different option for your environment if you are running in production.
    • Image: Select a recent Linux image.
    • Size: An instance with at least 2 vCPUs and 4 GiB of memory is recommended for optimal performance.
    • Authentication type: Select SSH public key.
    • Username: Leave as azureuser.
    • SSH public key source: Choose the appropriate key. If necessary, create a new one.
    • Key pair name: Select appropriate key, or if creating a new one, use the default or update the key name.
    • Public inbound ports: Select None. The agent does not need any inbound ports open.
    • Click Next: Disks.
  • Disks
    • OS disk type: Select Premium SSD.
    • Encryption type: Select (Default) Encryption at-rest with a platform-managed key.
    • Click Next: Networking.
  • Networking
    • Virtual network: Choose an appropriate network or use the new network that will be created.
    • Subnet: Choose appropriate network or use the default.
    • Public IP: Select None.
    • NIC network security group: Select Basic.
    • Public inbound ports: Select None.
    • Click Next: Management.
  • Management
    • Enable basic plan for free: Enabled.
    • Boot diagnostics: Select Enable with managed storage account.
    • Enable OS guest diagnostics: Disabled.
    • System assigned managed identity: Disabled.
    • Enable auto-shutdown: Disabled.
    • Patch orchestration options: Select Image default.
    • Click Next: Advanced.
  • Advanced
    • Custom data: Paste the YAML produced in step 1.
    • Click Next: Tags.
  • Tags
    • Optional: Enter any necessary tags.
    • Click Next: Review + create.
  • Review + create
    • Review all the settings and enter any missing values.
    • Click Create.
    • If you requested to create a new key pair, a modal will pop-up requesting to download the private key. Click Download private key and create resource.
The agent virtual machine will begin the deployment process. After a few moments, the agent will be running, connecting to the Control Plane servers, and ready to process requests.

Next Steps

Now that you have an agent configured and running, it can be used within an identity to allow your workload to connect to your internal Azure resources.

GCP

Overview

Follow the steps below to install and configure an agent within your Google Cloud Platform (GCP) environment.

Prerequisites

Step One - Create an Agent

Follow the Create an Agent guide to define an agent and generate the bootstrap config file that will be used in step two.

Step Two - Launch agent in GCP

  1. Prepare the UserData by going to your agent’s page in Control Plane. Select Download Scripts from the Actions menu. Paste the bootstrap token you saved earlier and copy the shell script shows in the Startup Script tab.
  2. Deploy a VM (or an autoscaling group) from your preferred Linux base image.
  3. During configuration of the VM or the launch template set the startup-script metadata to the script you produced in step 1. See Metadata keys for Linux startup scripts
Some images in GCP also support cloud-init so you can use that instead. Consult the image docs for details. For example, Ubuntu supports cloud-init at the time of this writing while Debian does not.
  1. Give the VM(s) a few minutes to boot and connect to Control Plane.
  2. The agent will now be running, connecting to the Control Plane servers, and ready to process requests.

Step Three - Configure Firewall

By default, the GCP firewall rules open the common SSH, RDP, and ICMP ports to the world and allows all internal ports within the VPC. The agent does not need any of these ports open. At a minimum, the agent needs to be able to connect to your GCP resources and the Internet.

Next Steps

Now that you have an agent configured and running, it can be used within an identity to allow your workload to connect to your internal GCP resources.

Running locally in Docker

Overview

Follow the steps below to install and configure an agent within your private network.

Prerequisites

Step One - Create an Agent

Follow the Create an Agent guide to define an agent and generate the bootstrap config file that will be used in step two.

Step Two - Launch agent locally

  1. Open a new shell and execute the following command. Use the bootstrap file that was created in step one.
cpln agent up --bootstrap-file=path/to/bootstrapConfig.json
If you are using Windows, follow these instructions:
  • Configure Docker to not use the WSL 2 based engine.
  • Run the cpln command above using a Windows command prompt and not using WSL.
  1. The agent will now be running, connecting to the Control Plane servers, and ready to process requests.

Next Steps

Now that you have an agent configured and running, it can be used within an identity to allow your workload to connect to your local resources.
When running an agent locally, it is running within a local Docker container. When configuring an identity network resource, you must use the IP of the network adapter that Docker installed on the local machine.

Kubernetes (k8s) Cluster

Overview

Follow the steps below to install and configure an agent within your k8s cluster.

Prerequisites

  • Review the Agent reference page.
  • Install the CLI.

Step One - Create an Agent

Follow the Create an Agent guide to define an agent and generate the bootstrap config file that will be used in step two.

Step Two - Launch agent within a K8s cluster

  1. Prepare your k8s manifests by going to your agent’s page in Control Plane. Select Download Scripts from the Actions menu. Paste the bootstrap token you saved earlier and copy the YAML that shows in the K8S Manifests tab. There you can optionally configure a namespace and number of replicas. Recommended number of replicas is 2.
  2. Assuming you have saved the manifest to a file locally just apply it with kubectl: 
# may need to create the namespace using kubectl create ns agent-namespace

kubectl apply -f agent-manifests.yaml
  1. Withing a few minutes agent pods will be ready to can handle requests.

Next Steps

Now that you have an agent configured and running, it can be used within an identity to allow your workload to connect to your local resources.