Standalone Gateway Installation & Configuration
Prerequisites
-
An Akeyless Account (one can register an account using the Akeyless SaaS Console).
-
An Authentication Method that is linked to this Akeyless Account (the default Authentication Method uses the email/password access method and has Superuser privileges in the Account). Make sure that it has the right access permissions to view and manage the secrets in the Gateway.
-
A Linux or Windows Server instance (e.g. on a Virtual Machine) with the installed Docker engine.
-
The following ports need to be open on the server where you're installing the Gateway:
- 8000
- 18888
- 8200
- 8080
- 8081
- 5696
IMPORTANT
Make sure that this server is not accessible from the external network.
- For the Akeyless Gateway to function properly, you need to allow for public network connectivity to the Akeyless SaaS core services on your server.
Components
Component | Port |
---|---|
8000 | |
18888 | |
8200 | |
Akeyless V1 Restful API | 8080 |
8081 | |
Key Management Interoperability Protocol server for encryption keys management. | 5696 |
Installation
To install the Gateway as a standalone, run the following command in the CLI of your OS:
docker run -d -p 8000:8000 -p 8200:8200 -p 18888:18888 -p 8080:8080 -p 8081:8081 -p 5696:5696 --name akeyless-gw akeyless/base
As a result, you should see a new container named akeyless-gw running on your Docker. It contains a single instance of the Akeyless Gateway.
The Admin role in this Gateway instance is empty (i.e. not assigned to any Authentication Method).
Advanced installation options are implemented using environment variables.
INFO
For the complete list of Akeyless environment variables and corresponding use cases, you can visit the Using Environment Variables page.
Initial Configuration
To configure the standalone Gateway, use the Gateway Configuration Manager:
-
In the browser, navigate to http://Your-Akeyless-Gateway-URL:8000.
-
Enter credentials for authentication.
INFO
If you are the Account Owner, then on the first login to the Gateway Configuration Manager, you can use your Akeyless SaaS Console credentials (email and password).
If you created the new Gateway instance already using the Authentication Method credentials in environment variables, then you’ll need to log in using those credentials.
IMPORTANT
If the Gateway was installed with the empty Admin role, then the first logged-in Authentication Method would be assigned Admin privileges on this Gateway.
Updated 4 days ago