First, you want to add your gateway/relay to the Admin UI and generate a token for it. Log into the Admin UI and select Gateways on the left navigation bar. Click on the add gateway button in the upper right, and a box will pop up. You can rename the gateway here, or do it later.
If you intend to instead create a relay, click add relay, fill in the name, and click create. For more information on the difference between gateways and relays, please check out the gateway documentation.
The Advertised host should be the IP address or host that the gateway will be listening on. Select a TCP port (default 5000) for the service to listen on.
Click on create and the token will appear onscreen.
Copy the token and put it aside, being careful to capture every character. You will need it again below. See sdm admin relay create-gateway if you want to generate a token via the CLI.
If you have not already done so, install Docker.
Please note that the gateway/relay MUST be installed on an "always up" machine, as it will form the connection to strongDM for all users accessing the resources behind it. You may repurpose a pre-existing machine (e.g. bastion host), or in AWS parlance, any general purpose instance with 2 CPU and 4 GBs memory (e.g. the M3 or M4s are a solid choice).
Execute the docker command
$ docker pull quay.io/sdmrepo/relay
To activate your gateway/relay, type the following Docker command replacing YOURTOKEN with the actual token you created:
$ docker run --restart=always [--net=host] --name sdm-relay -e SDM_RELAY_TOKEN=YOURTOKEN -p 5000:5000 -d quay.io/sdmrepo/relay
net=hostoption is only necessary if the destination database is known as
localhost(if you are running sdm-relay colocated with the resource), otherwise the Docker default will work fine. If the destination database is already in a container, we can provide a separate pattern for configuring Docker container linking.
Log in to the Admin UI. In that section, the gateway/relay you created should appear Online, with a heartbeat.
If any errors occur or if the gateway does not report "online" status, please contact firstname.lastname@example.org for assistance.