Installation Using Docker

This guide explains how to install and configure the Coda agent using Docker containers. Coda is EdgeIQ's lightweight edge agent for IoT device management and data collection.

Prerequisites

Before installing Coda, ensure your system meets the following requirements:

• Docker: Docker Engine 20.10 or later or compatible container engine
• Architecture Support: Linux/amd64 or Linux/arm64
• Network Access: Internet connectivity for downloading images and connecting to EdgeIQ services
• Permissions: Docker daemon access and ability to run containers

Installation Methods

Coda can be installed using several methods:

• Using Docker - this guide
• Installation Using Ubuntu SNAPs
• Installation Using edgectl
• Installation Using Manual Method

Installation Using Docker

The Docker installation method is the recommended approach for deploying Coda agents on modern containerized architectures. This method provides containerized isolation, easy updates, and consistent deployment across different environments.

Step 1 - Pull the Coda Docker Image

Choose the appropriate tag based on your deployment environment:

# Latest stable release
docker pull edgeiq/coda:latest

# Specific version
docker pull edgeiq/coda:v4.1.5

Step 2 - Run Coda Container

Start the Coda container with basic authentication:

docker run -d \
  --name coda-agent \
  --restart unless-stopped \
  -e EDGE_COMPANY=your-company-id \
  -e EDGE_UNIQUE_ID=your-device-id \
  -p 9000:9000 \
  -p 9001:9001 \
  edgeiq/coda:latest

Required Environment Variables:

• EDGE_COMPANY: Your EdgeIQ company identifier
• EDGE_UNIQUE_ID: Unique identifier for your device

Only EDGE_COMPANY and EDGE_UNIQUE_ID are required. Exposing ports 9000 and 9001 is optional and only needed when using the built-in UI and/or API.

Optional Environment Variables:

• EDGE_CONF: Path to configuration file (default: /opt/edge/conf/conf.json)

Step 3 - Verify Installation

Check that Coda is running correctly:

# Check container status
docker ps

# View Coda logs
docker logs coda-agent

Updating Coda

Updating Coda is as simple as restarting the container with a newer image version:

Step 1 - Stop the container

# Stop the running container
docker stop coda-agent

Step 2 - Pull the new version

# Pull the latest image
docker pull edgeiq/coda:latest
# Or pull a specific version
docker pull edgeiq/coda:v4.1.6

# Start with the same configuration
docker run -d \
  --name coda-agent \
  --restart unless-stopped \
  -e EDGE_COMPANY=your-company-id \
  -e EDGE_UNIQUE_ID=your-device-id \
  -p 9000:9000 \
  -p 9001:9001 \
  edgeiq/coda:latest # or versioned: edgeiq/coda:v4.1.6

Step 3 - Start the container

# Start with the same configuration
docker run -d \
  --name coda-agent \
  --restart unless-stopped \
  -e EDGE_COMPANY=your-company-id \
  -e EDGE_UNIQUE_ID=your-device-id \
  -p 9000:9000 \
  -p 9001:9001 \
  edgeiq/coda:latest # or versioned: edgeiq/coda:v4.1.6

Configuration Options

Coda supports multiple authentication and configuration methods depending on your security requirements and deployment environment.

1. Default Authentication (Production)

Uses EdgeIQ's standard authentication for production environments. In this case, no changes to the configuration file are required and the container can be run without any file or volume mounts.

docker run -d \
  --name coda-agent \
  --restart unless-stopped \
  -e EDGE_COMPANY=your-company-id \
  -e EDGE_UNIQUE_ID=your-device-id \
  -p 9000:9000 \
  -p 9001:9001 \
  edgeiq/coda:latest

2. Custom Configuration (Staging/Development)

For setting a custom authentication password or for using the staging environment, mount a custom configuration file:

# Create staging configuration
cat > /opt/coda/conf/staging.json <<EOF
{
  "edge": {
    "log_level": "trace",
    "bypass_and_relay": true,
    "relay_frequency_limit": 10,
    "ui_port": 9001,
    "api_port": 9000
  },
  "mqtt": {
    "broker": {
      "protocol": "ssl",
      "host": "mqtt.stage.edgeiq.io",
      "port": "443",
      "password": "Dmn2LKZNcYSBd1PAbRMcmEKBG8EDpRjxc0BB5A=="
    }
  },
  "platform": {
    "url": "https://api.stage.edgeiq.io/api/v1/platform"
  }
}
EOF

# Run with staging configuration
docker run -d \
  --name coda-agent-staging \
  --restart unless-stopped \
  -e EDGE_COMPANY=your-company-id \
  -e EDGE_UNIQUE_ID=your-device-id \
  -v /opt/coda/conf/staging.json:/opt/edge/conf/conf.json \
  -p 9000:9000 \
  -p 9001:9001 \
  edgeiq/coda:stage # latest or version tags also work

3. Certificate-Based Authentication

For enhanced security, use client certificates for mutual TLS authentication:

Step 1 - Prepare Certificates

Place your client certificates in a secure directory:

mkdir -p /opt/coda/certs
cp /path/to/your/client-certificate-chain.crt /opt/coda/certs/
cp /path/to/your/client-private-key.pem /opt/coda/certs/
chmod 600 /opt/coda/certs/*

Other directories are possible as well, just adjust the mount options below.

Step 2 - Create Certificate Configuration

cat > /opt/coda/conf/cert-config.json <<EOF
{
  "edge": {
    "log_level": "info",
    "bypass_and_relay": false,
    "relay_frequency_limit": 10,
    "ui_port": 9001,
    "api_port": 9000
  },
  "mqtt": {
    "broker": {
      "protocol": "ssl",
      "host": "mqtt.edgeiq.io",
      "port": "443"
    },
    "client": {
      "certificate_file_path": "certs/client-certificate-chain.crt",
      "private_key_file_path": "certs/client-private-key.pem"
    }
  },
  "platform": {
    "url": "https://api.edgeiq.io/api/v1/platform"
  }
}
EOF

Step 3 - Run with Certificate Authentication

docker run -d \
  --name coda-agent-cert \
  --restart unless-stopped \
  -e EDGE_COMPANY=your-company-id \
  -e EDGE_UNIQUE_ID=your-device-id \
  -v /opt/coda/conf/cert-config.json:/opt/edge/conf/conf.json \
  -v /opt/coda/certs:/opt/edge/certs \
  -p 9000:9000 \
  -p 9001:9001 \
  edgeiq/coda:latest

4. TPM-Based Authentication

For maximum security, use Trusted Platform Module (TPM) hardware for key storage and cryptographic operations.

NOTE: TPM Hardware Compatibility

TPM implementation may vary between hardware manufacturers and chip vendors. Due to subtle hardware differences, TPM-based authentication may not work with every TPM chip. TPM 2.0 is required for this feature. If you encounter issues with TPM setup or operation, please contact the EdgeIQ Customer Success team for specialized assistance.

Prerequisites

Please follow the steps described in Configuring Edge Devices with TPM Support for Enhanced Security to generate the necessary key pair.

Create TPM Configuration

cat > /opt/coda/conf/tpm-config.json <<EOF
{
  "edge": {
    "log_level": "info",
    "bypass_and_relay": false,
    "relay_frequency_limit": 10,
    "ui_port": 9001,
    "api_port": 9000
  },
  "mqtt": {
    "broker": {
      "protocol": "ssl",
      "host": "mqtt.edgeiq.io",
      "port": "443"
    },
    "client": {
      "certificate_file_path": "certs/client-certificate-chain.crt",
      "private_key_file_path": "0x81000011",
      "tpm_device_path": "/dev/tpmrm0"
    }
  },
  "platform": {
    "url": "https://api.edgeiq.io/api/v1/platform"
  }
}
EOF

Step 4 - Run with TPM Authentication

docker run -d \
  --name coda-agent-tpm \
  --restart unless-stopped \
  --device=/dev/tpmrm0:/dev/tpmrm0 \
  -e EDGE_COMPANY=your-company-id \
  -e EDGE_UNIQUE_ID=your-device-id \
  -v /opt/coda/conf/tpm-config.json:/opt/edge/conf/conf.json \
  -v /opt/coda/certs:/opt/edge/certs \
  -p 9000:9000 \
  -p 9001:9001 \
  edgeiq/coda:latest

Available Docker Tags

Coda Docker images are tagged according to their purpose and version:

Environment Variables

Troubleshooting

Common Issues

Container fails to start:

# Check container logs
docker logs coda-agent

Authentication errors:

• Verify your EDGE_COMPANY and EDGE_UNIQUE_ID values
• Verify the password in conf.json matches your MQTT password
• Ensure the device is registered in the EdgeIQ portal
• Check network connectivity to EdgeIQ services

Certificate errors:

• Verify certificate file permissions (should be 600)
• Check certificate validity and chain
• Ensure private key matches the certificate

TPM errors:

• Verify TPM device is accessible (ls -la /dev/tpmrm0)
• Check TPM key handle exists
• Ensure TPM tools are properly installed

Next Steps

After successfully installing Coda:

1. Verify Device Registration: Check the EdgeIQ portal to confirm device connectivity
2. Configure Data Collection: Set up data ingestors and relay policies
3. Monitor Performance: Use the EdgeIQ dashboard to monitor device health
4. Scale Deployment: Deploy additional Coda agents as needed