Skip to main content
This guide explains how to set up and run micro-agent and micro-exporter in standalone mode outside a Kubernetes cluster.

Docker Compose Configuration

Create a docker-compose.yml file with the following configuration: 
services:
  agent:
    image: public.ecr.aws/n8h5y2v5/rad-security/rad-runtime:v0.1.2
    entrypoint: micro-agent
    cap_add:
      - BPF
      - PERFMON
      - SYS_ADMIN
      - SYSLOG
      - SYS_PTRACE
      - SYS_RESOURCE
      - IPC_LOCK
      - NET_ADMIN
      - NET_RAW
    security_opt:
      - seccomp:unconfined
      - apparmor:unconfined
    pid: host
    volumes:
      - /bin:/host/bin:ro
      - /etc:/host/etc:ro
      - /opt:/host/opt:ro
      - /usr:/host/usr:ro
      - /proc:/host/proc
      - /run:/host/run
      - /sys/fs/cgroup:/host/sys/fs/cgroup:ro
      - /sys/kernel/debug:/sys/kernel/debug:rw
      - /sys/kernel/tracing:/sys/kernel/tracing:rw
      - /sys/fs/bpf:/sys/fs/bpf:rw
      - /run/systemd:/host/run/systemd
    environment:
      AGENT_LOG_LEVEL: info
      AGENT_PROC_DIR: /host/proc
      AGENT_DOCKER_SOCKET: /host/run/docker.sock
      AGENT_CONTAINERD_SOCKET: /host/run/containerd/containerd.sock

  exporter:
    image: public.ecr.aws/n8h5y2v5/rad-security/rad-runtime:v0.1.2
    entrypoint: micro-exporter
    network_mode: host
    environment:
      EXPORTER_LOG_LEVEL: info
      EXPORTER_PROVIDER_KSOC_ENABLED: "true"
      EXPORTER_PROVIDER_KSOC_API_URL: ${EXPORTER_PROVIDER_KSOC_API_URL}
      EXPORTER_PROVIDER_KSOC_API_ACCESS_KEY_ID: ${EXPORTER_PROVIDER_KSOC_API_ACCESS_KEY_ID}
      EXPORTER_PROVIDER_KSOC_API_SECRET_KEY: ${EXPORTER_PROVIDER_KSOC_API_SECRET_KEY}

Setup Steps

Step 1: Configure API Credentials

Obtain your access key ID and secret key from the RAD UI, then set the following environment variables: 
export EXPORTER_PROVIDER_KSOC_API_URL=https://api.rad.security
export EXPORTER_PROVIDER_KSOC_API_ACCESS_KEY_ID=<your-access-key-id>
export EXPORTER_PROVIDER_KSOC_API_SECRET_KEY=<your-secret-key>
Additional configuration options include log level settings (debug, info, error) and enabling stdout logging via EXPORTER_PROVIDER_STDOUT_ENABLED.

Step 2: Deploy Services

docker compose up -d

Step 3: Verify Containers

Use docker ps to confirm both agent and exporter containers are running: 
docker ps

Step 4: Monitor Logs

Use docker logs to review container output and verify proper initialization: 
docker logs <container-id>
You should see logs indicating successful initialization, including diagnostic data, tracer configuration, and gRPC server startup information.