Standalone daemon installation package without vagrant / kubernetes?

[happy-dude]

Hey team,

After reading the announcement of the project, I've been eager and excited to play around and compare how the tool compares to others like Falco.

I was able to follow the instructions and get an environment running within a Vagrant image and monitoring the sample kuburnetes container images.

At a glance (might be wrong here), it seems that the Makefile makes some assumptions about being installed in a container and not the host itself.

Are there any plans to offer an installation package (deb, rpm) that allows for a stand-alone installation and configuration of the daemon?

[willfindlay]

Hey team,

Howdy! Thanks for your interest in the project :)

After reading the announcement of the project, I've been eager and excited to play around and compare how the tool compares to others like Falco.

I was able to follow the instructions and get an environment running within a Vagrant image and monitoring the sample kuburnetes container images.

At a glance (might be wrong here), it seems that the Makefile makes some assumptions about being installed in a container and not the host itself.

Nope, you should be able to build a standalone binary as follows: make tools-install && LD_LIBRARY_PATH=$(realpath ./lib) make. Then you could just copy the tetragon binary to your desired location (i.e. somewhere in your PATH). You can pass in a CRD to a standalone tetragon using the --config-file command line flag.

Are there any plans to offer an installation package (deb, rpm) that allows for a stand-alone installation and configuration of the daemon?

I don't know of any plans per se, but I'm sure a PR would be welcome if you want to make a package for your favourite distro.

[pathtofile]

Hey @happy-dude, I had a similar requiremt for testing purposes - Wanted to see how Tetragon compares to other eBPF security tools on my test machines that don't have Kubernetues clusters running on them.

Helpfully @tixxdz on the Slack shared this gist to run things inside a docker container, provided the machine you run Docker on meets the requirements

# 1. Run Tetragon in a detached privliged Docker container, mounting required folders
docker run --name tetragon \
--rm -it -d --pid=host --cgroupns=host \
--privileged \
-v /sys/kernel/btf/vmlinux:/var/lib/tetragon/btf \
quay.io/cilium/tetragon:v0.8.0 \
bash -c "/usr/bin/tetragon"

#2. Get events:
docker exec -it tetragon \
bash -c "/usr/bin/tetra getevents -o compact"

@willfindlay , while I understand this isn't a 'proper' way to deploy Tetragon, having this example in the repo (under "local testing" or something) would be extremely useful for people wanting to try and compare Tetragon without needing a full k8s environment

[willfindlay]

having this example in the repo (under "local testing" or something) would be extremely useful

Agreed, would be happy to take a PR. :)

[tixxdz]

@pathtofile @happy-dude #384 this should do it for now right? for pure deb or rpm packages it is just matter of priorities we will try to do it, or maybe someone will contribute it. Thank you!

[kkourt]

We do have a systemd installation now, so closing this.

[pathtofile]

Very, very, late, but thanks @tixxdz !