We provide the Linux variant of the runner as a Docker image. Using a dedicated Docker Compose File you can link the runner into your own Docker-powered infrastructure. The runner can be configured using environment variables in the same way as the Windows variant. Some functionality tied to the Windows operating system may not be available in the Linux variant.
Basic Linux runner Docker compose template
version: "1.1"
services:
rno-runner:
container_name: rno-runner
hostname: runner.rno
image: raynetgmbh/raynet-one-runner:latest
restart: always
volumes:
- rno_runner_data:/app/data
environment:
RunnerDatabaseConfig__Location: /app/data/runner.db
Logging__LogLevel__Default: Information
ServiceSettings__BackendServerApiUrl: [BACKENDURL]
ServiceSettings__EnrollmentToken: [TOKEN]
ServiceSettings__HearBeatDelaySeconds: 20
HttpProxySettings__IsEnabled: false
HttpProxySettings__Address: http://proxy.url/
HttpProxySettings__Port: 3128
HttpProxySettings__BypassProxyOnLocal: false
HttpProxySettings__UseDefaultCredentials: false
HttpProxySettings__UseCredentials: false
HttpProxySettings__UserName: user
HttpProxySettings__Password: password
HttpProxySettings__DisableSslVerification: true
Messaging__Configuration__Protocol: [PROTOCOL]
networks:
- rno_runner_isolation
networks:
rno_runner_isolation:
volumes:
rno_runner_data:
Copy the above template into a new Docker Compose file (named for example docker-compose.yaml) in a dedicated separate directory. Before execution using docker compose up, you need to configure it.
If you already have a Docker Compose file and want to extend it with the runner, copy & paste the rno-runner service entry into the service list and the rno_runner_data volume entry into the volume list of your own file.
The hostname of the rno-runner container should be set to not conflict with other containers. If you already have another container using that hostname, please resolve the conflict by choosing appropriate hostnames. The runner does share its configured hostname with the system to aid configuration by placeholder.
It is a good idea to isolate the network traffic of the runner. That is why the runner has been assigned its own Docker network (rno_runner_isolation).
Important runner configuration parameters
We support the adjustment of the following configuration parameters to set-up and maintain your runner. The parameter key is in environment variable notation.
Parameter Key |
Parameter Value |
ServiceSettings__BackendServerApiUrl |
The URL to the main command & control server, the backend of the Raynet One system. The default port of the backend if 38080.
Example: http://raynet.contoso.com:38080 |
ServiceSettings__EnrollmentToken |
The enrollment token used to authenticate the runner to a valid runner entry in the system. Use a different enrollment token for each separate runner instance. Each enrollment token is valid only once. You can generate new enrollment tokens by adding runners in the web interface. |
Messaging__Configuration__Protocol |
The protocol used for communication with the backend server. The protocols vary in performance and abstraction. AMQP focuses on performance while STOMP uses the popular HTTP as backbone.
Valid options: AMQP, STOMP |
HttpProxySettings__IsEnabled |
Used to turn on or off the HTTP proxy feature. |
HttpProxySettings__Address |
The endpoint URL used for HTTP proxy requests. The communication to the backend server is tunneled through it. |
HttpProxySettings__Port |
The TCP port used for HTTP proxy networking. |
HttpProxySettings__BypassProxyOnLocal |
Maps to the .NET WebProxy.BypassProxyOnLocal property. If it is set to true, local addresses are not tunneled through the HTTP proxy. |
HttpProxySettings__UseDefaultCredentials |
Maps to the .NET WebProxy.UseDefaultCredentials property. If it is set to true, the application credentials are used as proxy credentials. |
HttpProxySettings__UseCredentials |
If true, then credentials are sent as part of HTTP proxy communication. The used credentials have to be specified. |
HttpProxySettings__UserName |
The username that should be used in the HTTP proxy credentials. |
HttpProxySettings__Password |
The password that should be used in the HTTP proxy credentials. The raw password is encoded in UTF-8. This UTF-8 string is then encoded as base64. You put this base64 string as value to this parameter. |
HttpProxySettings__DisableSslVerification |
If true, then no PKI trust check is performed on the public certificates received from SSL / TLS connection endpoints. See Appendix A for further details. |
Adding transport encryption security certificate authorities to the runner container
If your runner needs to connect to secure and trusted local network endpoints, it might need additional encryption certificates (see the PKI chapter). Assuming a compatible Docker compose configuration as provided above, here is how to extend it to include your own certificate authorities.
1.Put all of your certificate files to trust into a folder called certs inside of the folder of your Docker compose file. You only have to include the public key certificate files of the trusted signing certification authorities.
This is how a runner Docker compose folder usually looks like. You can see the certs folder we have just created.
2.Add the following entrypoint parameter to the rno-runner service entry.
entrypoint: >
bash -c "update-ca-certificates
&& ./RunnerLaunch.sh"
3.Merge the following volumes list to the one of the rno-runner service entry.
volumes:
- ./certs/:/usr/local/share/ca-certificates/certs/
4.Run docker compose up to verify the correct configuration of your runner Docker compose file. The runner will launch and connect to the system, only if the configuration is done correctly.