Docker compose installation in a VLAN

kalpik · May 3, 2023, 5:49am

Hello,

I wanted to install the connector in its own VLAN using docker-compose, and I had some issues putting in the sysctl parameter. Maybe it’s a good idea to support docker-compose as an official installation platform as well?

Thanks

anon2545132 · May 3, 2023, 8:33am

Same request here. Docker Compose is (for many) the preferred and recommended deployment method, it would be good to have Docker Compose as an official deployment method.

@kalpik :did you manage to get it working? I’d be much interested in your experience.

kalpik · May 3, 2023, 8:47am

Haven’t had the time to play around with it yet. Will keep you posted

Bren · May 3, 2023, 9:34pm

Hi @kalpik and @anon2545132,

Twingate does support Docker Compose as a way to deploy Connectors, here is a sample one:

version: '3'
services:
  twingate_connector:
    container_name: twingate-connector
    restart: always
    image: 'twingate/connector:1'
    environment:
      - TENANT_URL=https://<tenant_slug>.twingate.com
      - ACCESS_TOKEN=<access_token>
      - REFRESH_TOKEN=<refresh_token>
    sysctls:
      net.ipv4.ping_group_range: "0 2147483647"

You will need to insert your tenant name, Connector refresh and access tokens but the rest should be standard. (PS: the net.ipv4.ping_group_name parameter is there to ensure the underlying image can handle ICMP / ping request so it isnt strictly required but you should add it if you intend to use ping for troubleshooting when connecting to remote resources).

kalpik · May 4, 2023, 5:39am

Thanks, but I think the indentation is not correct here. The container_name and everything below it should be indented one to the left. But I will try this out later. Just quite busy these days

kalpik · May 4, 2023, 1:07pm

So, finally got a chance to play with this, and this works:

version: "3"
services:
  twingate:
    image: twingate/connector:1
    container_name: twingate
    environment:
      - TENANT_URL=<>
      - ACCESS_TOKEN=<>
      - REFRESH_TOKEN=<>
      - TWINGATE_LABEL_HOSTNAME=<>
    sysctls:
      net.ipv4.ping_group_range: "0 2147483647"
    restart: always

Bren · May 4, 2023, 1:47pm

Great! thanks @kalpik! I have submitted a request to add this to the official documentation.

dkode · May 4, 2023, 2:21pm

One thing I would add when adding to the documentation is if you’d prefer to pass env vars via env file or on the cli, replace <> with $TENANT_URL, $ACCESS_TOKEN etc

anon2545132 · May 5, 2023, 1:09pm

Thanks for the sample!
I keep getting the error:
“Error response from daemon: Get “https://registry-1.docker.io/v2/”: dial tcp 18.215.138.58:443: connect: no route to host”
Anyone any idea on how to solve this?

btw: the indentation in Bren’s post seems perfect to me

Bren · May 5, 2023, 2:44pm

@anon2545132 it looks like the location you are running Docker Compose from may not be able to connect to the public Docker Registry for some reason. Is that the case? (It needs to pull the Connector image from the public Docker Registry)

kalpik · May 5, 2023, 3:09pm

It was wrong before, and was edited to fix it

anon2545132 · May 5, 2023, 6:04pm

Yes, to my surprise (everything works fine) that seems to be the case. Thanks for your reply.

Bren · May 11, 2023, 5:31pm

It is now part of the official documentation!

Topic		Replies	Views
Installing connector on host network with docker Installation	1	299	July 3, 2023
Cannot Deploy the Connector Installation	1	320	April 29, 2023
Having a hard time getting Connector working	7	679	August 10, 2022
Issue deplying Twingate Docker connector on Proxmox LXC Support / Troubleshooting	10	1832	May 17, 2023
Truenas Scale Connector Install Installation	17	828	September 12, 2023

Docker compose installation in a VLAN

Related Topics