starred/holos
1
0
Fork 0
mirror of https://github.com/holos-run/holos.git synced 2026-03-19 16:54:58 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity
Files
test
holos/hack/choria/initialize/README.md
Jeff McCune debc01c7de (#141) Fix Incorrect Provisioning Token foo given 
The `make-provisioner-jwt` incorrectly used the choria broker password
as the provisioning token.  In the reference [setup.sh][1] both the
token and the `broker_provisioning_password` are set to `s3cret` so I
confused the two, but they are actually different values.

This patch ensures the provisioning token configured in
`provisioner.yaml` matches the token embedded into the provisioning.jwt
file using `choria jwt provisioning` via the `make-provisioner-jwt`
script.

[1]: 6dbc8fd105/example/setup/templates/provisioner/provisioner.yaml (L6)
2024-04-22 12:31:10 -07:00

816 B
Raw Permalink Blame History

Initialize machine room provisioning credentials

When you want the holos controller to provision while operating in the current working directory, run:

  1. init-choria-provisioner-creds to populate secrets in the Holos Provisioner Cluster (not to be confused with the Choria Provisioner).
  2. make-provisioning-jwt to issue a provisioning.jwt file for holos controller to use.
  3. holos controller --config=agent.cfg to read provisioning.jwt and write the provisioned config file and credentials to the current directory.

Expect the controller to provision.

Setup Notes:

The holos server flag --provisioner-seed must match the issuer.seed value. To get the correct value to configure for holos server:

holos get secret choria-issuer --print-key=issuer.seed --namespace $NAMESPACE
Reference in New Issue View Git Blame Copy Permalink