diff --git a/docs/usage/getting-started-guide.md b/docs/usage/getting-started-guide.md index bdd5447b..d49d4710 100644 --- a/docs/usage/getting-started-guide.md +++ b/docs/usage/getting-started-guide.md @@ -13,12 +13,23 @@ Kind can be used with `docker` or `podman`. Although, we set `podman` as default export RUNTIME=docker ``` +The `CONTAINER_CLI` env var will used for building and pushing. If you require a non-Podman engine for building and pushing images, you can override it with the `$CONTAINER_CLI` variable. +```console +export CONTAINER_CLI=docker +``` + In order to interact with the cluster, `kubectl` is required. ```console dnf install -y kubectl ``` -Our kind cluster configuration is available under the `kind` directory and it uses the script `scripts/create-cluster-kind.sh`. The cluster can be simply created by running: +Our kind cluster configuration is available under the `kind` directory and it uses the script `scripts/create-cluster-kind.sh`. +Make sure any previously installed cluster is deleted before attempting to install a new one: +```console +make cluster-down +``` + +The cluster can be simply created by running: ```console make cluster-up ``` @@ -75,15 +86,24 @@ export TRUSTEE_ADDR=kbs-service.trusted-execution-clusters.svc.cluster.local export AK_REGISTRATION_ADDR=attestation-key-register.trusted-execution-clusters.svc.cluster.local ``` -This example works with KubeVirt when the KBS is reachable using the pod networking. Finally, the operator can be installed with: ```console make install ``` +Wait for cluster to be ready and in installed state: +```console +kubectl wait -n trusted-execution-clusters --for=condition=Installed TrustedExecutionCluster trusted-execution-cluster +``` + +Print cluster status +```console +kubectl -n trusted-execution-clusters get po,svc +``` + Further customization of the project can be controlled with the following env variables: -+ NAMESPACE: sets the namespace where the operator will be deplyoed ++ NAMESPACE: sets the namespace where the operator will be deployed + PLATFORM: use during the installation to configure the platform where the operator will be deployed (`kind` or `openshift`) + INTEGRATION_TEST_THREADS: how many integration tests are run in parallel + REGISTRY: the registry used to publish the images @@ -131,4 +151,4 @@ The attestation failing can be debugged by verifying the deployment of trustee. kubectl logs -n trusted-execution-clusters ``` -In the logs, trustee prints the content of the TPM PCR registers. They need to match with the reference values present in the configmap `trustee-data` under `reference-values.json`. +In the logs, trustee prints the content of the TPM PCR registers. They need to match with the reference values present in the configmap `trustee-data` under `reference-values.json`. \ No newline at end of file diff --git a/tests/README.md b/tests/README.md index 69ce205b..82afec58 100644 --- a/tests/README.md +++ b/tests/README.md @@ -9,6 +9,8 @@ Upon a successful test, the namespace is cleaned up, otherwise it is kept for in The tests use [`virtctl`](https://kubevirt.io/user-guide/user_workloads/virtctl_client_tool/) in order to interact with VM, like getting the serial console and verifying that the guest has correctly booted by ssh-ing into it. +Other dependencies: *openssl-devel, gcc-c++* + N.B KubeVirt requires the cluster to be run as a privileged container on the host in order to handle the devices. Therefore, for now, we have moved to Docker with kind in order to generate the cluster. In the future, we might be able to move to rootful podman. Run the tests locally with kind: