Install and configure MicroPerimeter™ Edge

Install MicroPerimeter™ Edge Standalone

This step will install the basic infrastructure for MicroPerimeter™ Edge in Standalone mode. By “Standalone” we mean all components (security enforcement, configuration APIS & dashboard, log storage, etc.) will be running locally in Docker containers.

Prerequisites

Navigate to Cloudentity website, click TRY NOW and register. Follow the instructions received via email to download the current version of the MicroPerimeter™ Security installation package.

NOTE: You can also reach out to our sales team at sales@cloudentity.com.

After following all the instructions you will receive the zip package with MicroPerimeter™ Security installation scripts.

There are several folders in the archive including our MicroPerimeter™ Sidecar and other tools, but we will be using the ./standalone installation. Please make sure you change directories to the standalone folder before running the installation commands. To change the directory execute:

cd standalone

Verify Prerequisites

You will need docker-engine and docker-compose running on your environment. Installation instructions can be found on docker’s website at

  1. docker-compose v1.23: https://docs.docker.com/compose/install/

  2. docker v18.09: https://docs.docker.com/install/

For hardware requirments please refer to standalone hardware requirments document

You can test that you have the right versions installed by running this script from the ./standalone directory:

./bin/verify_prerequisites.sh

The output of the command:

Checking if prerequisites are fulfilled:
docker          18.09   ✔
docker-compose  1.23    ✔
docker memory   > 6 GB  ✔

Login to Cloudentity’s docker repository

Docker Compose will need access to the Cloudentity docker repository in order to download the images. To log in to Cloudentity™ docker repository, please execute:

echo "HnqXgjVD2ty8QQQIBuaGI6mXoKl7PzCb" | docker login -u microperimeter docker-microperimeter.artifactory.cloudentity.com --password-stdin

Install MicroPerimeter™ Edge

Installation is handled by docker-compose. Note that running docker-compose for the first time may take a few minutes as it’s downloading all images from Cloudentity™ docker repository.

CURRENT_UID=$(id -u) docker-compose -f external-services.yaml -f standalone.yaml -p standalone up -d --build

Enable Dashboard Policies

The MicroPerimeter™ Dashboard and the APIs in Cloudentity MicroPerimeter™ Edge are protected by the Edge itself. To access the UI and enable the APIs, we need to import a set of rules:

./bin/mpctl.sh import -d policies/system/standalone.yaml -d policies/scopes.yaml policies/system/default.yaml

Once the policies are applied, it may take a few minutes for the entire system to load. The wait.sh script loops until all services are running and healthy.

./bin/wait.sh

Once everything is running you should see this output:

All services are healthy

There are a couple of things that could make the services hang:

  1. Not enough system resources Make sure your Docker settings have at least 8GB of RAM available.

  2. Forgot to load dashboard policies This is an easy step to forget, but without it, edge-standalone won’t come up as healthy

View the dashboard

You should now be up and running and be able to view the dashboard by going to http://{hostname}:8000. In this example, we’re running locally so we can go to localhost:8000.

http://localhost:8000/dashboard

After authentication using the account created during the registration process, you should now see an empty dashboard waiting for configuration.

Edge Dashboard