# Install BDOT Collector in Docker Compose

Installing a BDOT Collector in Docker Compose has a different flow compared to collectors for Linux, Mac, and Windows.

### Install a BDOT Collector

1. Navigate to the **Agents** page and select **Install Agent**
2. Choose the **Linux** Platform
3. Copy the `secret-key` and `opamp-endpoint`
4. Create a `docker-compose.yaml` and paste this content below

   ```yaml
   volumes:
     bdot-collector-storage: # persistent storage for the bdot-collector

   services:
     bdot-collector:
       image: ghcr.io/observiq/bindplane-agent:1.84.0 # Select the image version you prefer
       container_name: bdot-collector
       hostname: bdot-collector
       volumes:
         - bdot-collector-storage:/etc/otel/storage
       ports:
         - "4317:4317"   # OTLP gRPC
         - "4318:4318"   # OTLP HTTP
         - "13133:13133" # Health check extension
         - "55679:55679" # ZPages debugging
       environment:
         OPAMP_ENDPOINT: "wss://app.bindplane.com/v1/opamp"   # point to your Bindplane server
         OPAMP_SECRET_KEY: "<YOUR_SECRET_KEY>"
         OPAMP_LABELS: ephemeral=true
         MANAGER_YAML_PATH: /etc/otel/storage/manager.yaml
   ```
5. The `config.yaml` will be autogenerated when starting the collector.
6. (Optional) Create a `logging.yaml` file:

   ```yaml
   output: stdout
   level: info
   ```

   Add a volume and environment variable:

   ```yaml
       volumes:
         - ./logging.yaml:/etc/otel/logging.yaml
       # ...
       environment:
         LOGGING_YAML_PATH: /etc/otel/logging.yaml
   ```
7. The `manager.yaml` will be autogenerated when connecting the collector to Bindplane and rolling out a configuration.

   <div data-gb-custom-block data-tag="hint" data-style="info" class="hint hint-info"><p><strong>NOTE</strong></p><p>If you want to re-use the <code>manager.yaml</code>, create a <code>storage</code> directory and change the <code>MANAGER_YAML_PATH</code> path to:</p><pre class="language-yaml"><code class="lang-yaml">volumes:
     # Replace the volume with a local directory
     # - bdot-collector-storage:/etc/otel/storage 
     - ./storage:/etc/otel/storage
   </code></pre><p>When starting new collectors from Docker Compose, make sure to delete the content of the <code>manager.yaml</code>.</p></div>
8. Start the BDOT Collector:

   ```bash
   docker compose up -d
   ```

### Create a configuration for Docker Compose

1. Navigate to the **Configurations** and select **Create Configuration**
2. Select the **Linux** Platform and give it a name
3. Add sources and destinations and create the configuration
4. Click **Add Agents**, select the BDOT Collector you created above, and click **Apply**
5. Finally, click **Start Rollout**, and you're done!

### Example Installation

This example uses the Host metrics, OTLP logs and metrics, and file logs.

<figure><img src="https://1405008107-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FgmiOMzBfoNFwmKJFHMcJ%2Fuploads%2Fgit-blob-59652376e958d1e98e59ac6bf15c18d0965b7eea%2Fadvanced-installation-docker-compose-agent-1.webp?alt=media" alt="Bindplane docs - Install BDOT Collector in Docker Compose - image 1"><figcaption></figcaption></figure>

Get the BDOT Collector secret key, installation id, and OpAMP configuration keys from the Collector installation page.

<figure><img src="https://1405008107-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FgmiOMzBfoNFwmKJFHMcJ%2Fuploads%2Fgit-blob-8f2ecdd576a0d277fd717791a6873898e806b546%2Finstall-keys.webp?alt=media" alt="Bindplane docs - Install BDOT Collector in Docker Compose - image 2"><figcaption></figcaption></figure>

Ensure that the `OPAMP_ENDPOINT`environment variable has the correct value for your server.

```yaml
- name: OPAMP_ENDPOINT
  value: "ws://your-bindplane-server:3001/v1/opamp" # use "wss://app.bindplane.com/v1/opamp" for Bindplane Cloud
```

The port should be `3001` for non-TLS, and `443` if TLS is enabled. Similarly, the protocol should be `ws` (websocket) when TLS is not configured, and `wss` (secure web socket) when TLS is enabled.

Start Docker Compose with `docker compose up -d`. Once deployed, your collector will appear on the Agents page, and they will be bound to your configuration.

<figure><img src="https://1405008107-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FgmiOMzBfoNFwmKJFHMcJ%2Fuploads%2Fgit-blob-a60dd2ad331d1c64fe3e8e7c81d5e68fdee102b3%2Fadvanced-installation-docker-compose-agent-2.webp?alt=media" alt="Bindplane docs - Install BDOT Collector in Docker Compose - image 3"><figcaption></figcaption></figure>

### TLS

BDOT Collectors in Docker Compose can be configured to connect to Bindplane using TLS. If the Bindplane TLS certificate is publicly signed, no action is required. If the certificate is signed by an internal certificate authority, the collector can be configured with a custom certificate authority for verifying the Bindplane certificate.

Your certificate authority file (ca.crt) can be added to a BDOT Collector `docker-compose.yaml` with the `OPAMP_TLS_CA` environment variable. The sample below considers you storing the `ca.crt` in a `certs` directory and binding the volume to the `bdot-collector`.

```yaml
# ...
  bdot-collector:
    image: ghcr.io/observiq/bindplane-agent:1.84.0 # Select the image version you prefer
    container_name: bdot-collector
    hostname: bdot-collector
    volumes:
    # ...
      - ./certs:/etc/otel/certs # Add certs volume
    environment:
      # ...
      OPAMP_TLS_CA: /etc/otel/certs/ca.crt # use this env var
      # Alternatively, skip verification
      OPAMP_TLS_SKIP_VERIFY: false # Set to true to skip TLS verification
# ...
```

Using this example, the CA certificate `ca.crt` will be mounted to `/opt/tls/ca.crt`. The OpAMP client will be configured to use this certificate authority when validating CA certificates.

### Mutual TLS (mTLS)

When using mutual TLS, the same process is used. In this case, a client keypair is provided. This example uses `client.crt` and `client.key`.

With these secrets you can modify your BDOT Collector Docker Compose service and add environment variables for the TLS certs and keys.

```yaml
# ...
  bdot-collector:
    image: ghcr.io/observiq/bindplane-agent:1.84.0 # Select the image version you prefer
    container_name: bdot-collector
    hostname: bdot-collector
    volumes:
      # ...
      - ./certs:/etc/otel/certs # Add certs volume
    # ...
    environment:
      # ...
      OPAMP_TLS_CA: /etc/otel/certs/ca.crt
      OPAMP_TLS_CERT: /etc/otel/certs/client.crt # Add env vars for the client certificate
      OPAMP_TLS_KEY: /etc/otel/certs/client.key  # and key
# ...
```