From 85e6dfd33554f9a6dabc17f51f680067926e6c29101671ec83f42c0224b54264 Mon Sep 17 00:00:00 2001 From: Alberto Planas Dominguez Date: Fri, 28 Oct 2022 13:01:00 +0000 Subject: [PATCH] Accepting request 1031955 from home:aplanas:branches:devel:microos:containers - Rename the published image to "keylime-agent" - Rename the volumes and container default name, and the configuration file under "keylime-agent-XXXX" - Update the README for use new name - Drop rust-keylime-start.sh CMD script - Replace "-a" with "&&" in the configure script - Drop docker-entrypoint.sh script - Add README documentation - Initial image based on Keylime 6.5.1 OBS-URL: https://build.opensuse.org/request/show/1031955 OBS-URL: https://build.opensuse.org/package/show/devel:microos:containers/rust-keylime-image?expand=0&rev=5 --- README | 18 +++++++++--------- rust-keylime-image.changes | 1 + 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/README b/README index 3d6572e..c465fd0 100644 --- a/README +++ b/README @@ -16,7 +16,7 @@ The container is already present in the OBS project devel:microos:containers, and can be pulled directly from it. podman pull \ - registry.opensuse.org/devel/microos/containers/containerfile/opensuse/rust-keylime:latest + registry.opensuse.org/devel/microos/containers/containerfile/opensuse/keylime-agent:latest The agent service needs to be configured before it can be used. It will need a persistent volume where to store the certificates and the @@ -24,9 +24,9 @@ configuration files required to find the control plane services. We can create this volume running the "install" label. podman container runlabel install \ - registry.opensuse.org/devel/microos/containers/containerfile/opensuse/rust-keylime:latest + registry.opensuse.org/devel/microos/containers/containerfile/opensuse/keylime-agent:latest -This will create the "rust-keylime-volume" that will be attached into +This will create the "keylime-agent-volume" that will be attached into the running container. Now we need to create a configuration file, were we indicate the UUID @@ -34,7 +34,7 @@ for the agent and the IP of the remote verifier and registrar. For that we can run the "configure" label. podman container runlabel configure \ - registry.opensuse.org/devel/microos/containers/containerfile/opensuse/rust-keylime:latest \ + registry.opensuse.org/devel/microos/containers/containerfile/opensuse/keylime-agent:latest \ $(uuidgen) 10.88.0.1 The last configuration step is to copy the certificate from the @@ -46,22 +46,22 @@ of the control plane container. One way to copy the certificate is mounting the volume generated during the first step. - podman volume mount rust-keylime-volume + podman volume mount keylime-agent-volume cp -a cacert.crt \ - /var/lib/containers/storage/volumes/rust-keylime-volume/_data/cv_ca/. + /var/lib/containers/storage/volumes/keylime-agent-volume/_data/cv_ca/. We can now start the agent. podman container runlabel run \ - registry.opensuse.org/devel/microos/containers/containerfile/opensuse/rust-keylime:latest + registry.opensuse.org/devel/microos/containers/containerfile/opensuse/keylime-agent:latest We can monitor the status with podman. podman ps - podman logs rust-keylime-container + podman logs keylime-agent-container And finally, we can stop the services via the kill command. - podman kill rust-keylime-container + podman kill keylime-agent-container diff --git a/rust-keylime-image.changes b/rust-keylime-image.changes index 125fc4a..748b7cb 100644 --- a/rust-keylime-image.changes +++ b/rust-keylime-image.changes @@ -4,6 +4,7 @@ Fri Oct 28 12:51:07 UTC 2022 - Alberto Planas Dominguez - Rename the published image to "keylime-agent" - Rename the volumes and container default name, and the configuration file under "keylime-agent-XXXX" +- Update the README for use new name ------------------------------------------------------------------- Thu Oct 20 11:03:57 UTC 2022 - Alberto Planas Dominguez