1 Downloading and Installing the Collector
- 1.1 Download the Sealights Collector Image
- 1.2 Create your own Collector Image
2 Setting up the HTTPS Collector
3 Enabling Proxy functionality (Optional)
4 Configuration File Reference

Downloading and Installing the Collector

Following are the pre-requisites for Https Collector:

TLS settings should be enabled.
The server should be accessible by Fully Qualified Domain Name (FQDN).
TLS certificate for FQDN of the server where the collector is installed must be provided in config.yaml (See below)

Download the Sealights Collector Image

The Sealights Collector can be found at the following DockerHub link: https://hub.docker.com/r/sealights/on-prem-collector

docker pull sealights/on-prem-collector

Create your own Collector Image

Download the Collector Binaries and Unzip :
wget -nv https://agents.sealights.co/collector/0.42.0/collector.zip unzip -oq collector.zip #curl tool can also be used #curl -L "https://agents.sealights.co/collector/0.42.0/collector.zip" --output collector.zip

If you have a limitation accessing the endpoint agents.sealights.co and are limited to your specific server DNS, then you can also get the agent from https://{company}.sealights.co/collector/{version}/collector.zip
Replace {company} with your company DNS prefix and {version} with the specific version you want to use.

Create a Dockerfile:
FROM alpine:latest WORKDIR /collector COPY collector collector CMD ["./collector","serve"]
Build the Image :
docker build -t sealights/on-prem-collector .

Setting up the HTTPS Collector

The following is a sample configuration that can be used to run the HTTPS Collector using Docker:

Create a file called config.yaml with the following content

tls:
  enabled: true
  certFile: "/collector/<certFileName>"
  keyFile: "/collector/<certKeyFileName>"
collectors:
  - name: collector
    type: http
    properties:
      port: 16500
      serverUrl: https://<customerId>.sealights.co
      proxyUrl: <httpsProxyUrl>
      logLevel: debug
      insecureSkipVerify: true
    target:
      name: http
      type: http
      properties:
        token: <sealightsAgentToken>
        serverUrl: https://<customerId>.sealights.co/api
        proxyUrl: <httpsProxyUrl>
        logLevel: debug
        insecureSkipVerify: true

Run the Collector using Docker:

docker run -it --rm -v $(pwd)/config.yaml:/collector/config.yaml -v $(pwd)/<certFileName>:/collector/<certFileName> -v $(pwd)/<certKeyFileName>:/collector/<certKeyFileName> -p 80:80 -p 8080:8080 -p 16500:16500 sealights/on-prem-collector:latest

Open https://<ServerFQDN>:16500 in your browser and if everything worked as expected you should be redirected to your Sealights Dashboard.
You should see the Collector entry in the Cockpit > Live Agents Monitor

Enabling Proxy functionality (Optional)

When the collector needs to serve other agents' functionalities like config and scan commands (besides coverage collection), you must enable its proxy service according to the additional settings below.
Please notice the port must be different from the collector service. For example below, port 16501 for proxy versus port 16500 for collector.

tls:
[...]
collectors:
[...]
proxy:
  port: 16501
  logLevel: info

Configuration File Reference

# Collector Configuration
collector:
#  Required Configurations
# 1. serverUrl: The URL of Sealights Backend. (e.g. https://your-name.sealights.co)
# Environment Variables: SL_SERVER
  serverUrl: <Server Host>
# 2. token: The Sealights Authentication token.
# Environment Variables: SL_TOKEN
  token: <Token>

#  Optional Configurations
# 3. host: The host name of the collector. Default is 0.0.0.0
# Environment Variables: SL_HOST
  host: "0.0.0.0"
# 4. port: The port number of the collector. Default is 16500
# Environment Variables: SL_PORT
  port: 16500
# 5. proxyUrl: The URL of the proxy server (for both http and https). Default is empty
# Environment Variables: SL_PROXY
  proxyUrl: ""
# 6. prefix: The prefix of the collector path. Default is empty
# Environment Variables: SL_PREFIX
  prefix: ""
# 7. logLevel: The log level of the collector. Default is info,
# Available options: debug, info, warn, error
# Environment Variables: SL_LOG_LEVEL
  logLevel: info
# 8. InsecureSkipVerify: Skip SSL certificate verification. Default is false
# Environment Variables: SL_INSECURE
  insecureSkipVerify: true
# 9. enableNYCCollector: Enable the NYC collector. Default is false
# Environment Variables: SL_NYC_COLLECTOR
  enableNYCCollector: false
# 10. nycCollectorUploadInterval: The interval in seconds to upload the NYC data. Default is 60
# Environment Variables: SL_NYC_COLLECTOR_UPLOAD_INTERVAL
  nycCollectorUploadInterval: 5
# 11. disableTokenValidation: Disable the auth token validation. Default is false
# Environment Variables: SL_DISABLE_TOKEN_VALIDATION
  disableTokenValidation: false

# TLS Configuration 
tls:
# 1. enable: Enable the TLS configuration. Default is false
# Environment Variables: SL_TLS_ENABLE
  enabled: false
# Note: If the TLS is enabled, the following configurations are required.
# 2. cert: the cert data. Default is empty
# Environment Variables: SL_TLS_CERT
  cert: ""
# 3. or, certFile: the cert file path. Default is empty
# Environment Variables: SL_TLS_CERT_FILE
  certFile: ""
# 4. key: the key data. Default is empty
# Environment Variables: SL_TLS_KEY
  key: ""
# 5. or, keyFile: the key file path. Default is empty
# Environment Variables: SL_TLS_KEY_FILE
  keyFile: ""
# 6. ca: the ca data. Default is empty
# Environment Variables: SL_TLS_CA_CERT
  caCert: ""
# 7. or, caCertFile: the ca file path. Default is empty
# Environment Variables: SL_TLS_CA_CERT_FILE
  caCertFile: ""
# 8. p12File: the p12 file. Default is empty
# Environment Variables: SL_TLS_P12_FILE
  p12File: ""
# 9. p12Password: the p12 password. Default is empty
# Environment Variables: SL_TLS_P12_PASSWORD
  p12Password: ""

# Web Interface Configuration
web:
  # 1. disable: Disable the web interface. Default is false
  disable: false
  # 2. maxCalls: The maximum number of calls to store in the memory. Default is 1000
  maxCalls: 0
  # 3. maxCallSize: The maximum size of the call to store in the memory. Default is 200000
  maxCallSize: -1
  #4. web prefix: The prefix of the web interface. Default is empty
  prefix: ""

# Proxy Configuration (Optional)
proxy:
# 1. host: The host name of the proxy server. Default is empty
# Environment Variables: SL_PROXY_HOST  
  host: ""
# 2. port: The port number of the proxy server. Default is 8080
# Environment Variables: SL_PROXY_PORT
  port: 16501
# 3. logLevel: The log level of the proxy server. Default is info
# Available options: debug, info, warn, error
# Environment Variables: SL_PROXY_LOG_LEVEL
  logLevel: info
# 4. prefix: The prefix of the proxy server path. Default is empty
# Environment Variables: SL_PROXY_PREFIX
  prefix: ""

Support

Sealights Collector - Setup