This repository has been archived by the owner on Nov 14, 2022. It is now read-only.

TPM device is a hard requirement #9

Closed

mudler opened this issue Jan 13, 2022 · 2 comments

Contributor

mudler commented Jan 13, 2022 •

edited

Can't join nodes that don't have a TPM device, getting the following error when calling ros-installer -config-file /oem/userdata.yaml:

ERRO[0000] failed to read registration URL https://xx.lan/v1-rancheros/registration/xxxx, retrying: opening tpm: TPM device not available

This is an issue at least for running vagrant images as VirtualBox currently doesn't support TPM, but applies to other hypervisors including raspberrypi4 and baremetal which don't have the TPM hardware in general

Note, this doesn't seem to be an issue for libvirt/qemu: https://documentation.suse.com/sles/15-SP3/html/SLES-all/tpm.html
stefanberger/swtpm#33

See also: stefanberger/swtpm#33

The text was updated successfully, but these errors were encountered:

mudler changed the title ~~TPM hardware is a hard requirement~~ TPM device is a hard requirement

mudler mentioned this issue

Explore os2 codebase rancher/elemental-toolkit#1051

Closed

mudler mentioned this issue

TPM device is a hard requirement rancher/elemental#7

Closed

Contributor Author

mudler commented Feb 1, 2022

One way to do that with swtmp is to set a different CommandChannel when we read the TPM device here:
https://github.com/rancher/rancherd/blob/bdf5642d62d50b9cd23eaabfdc848637bf62e056/pkg/tpm/tpm.go#L37 pointing for e.g. to swtmp socket

Contributor

kkaempf commented Nov 11, 2022

Please see https://rancher.github.io/elemental/ for a successor of 'os2'.
and esp. rancher/elemental-operator#235

kkaempf closed this as completed

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.