Skip to content

slemicro: add option to register with elemental #64

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
e-minguez merged 1 commit into from
Oct 3, 2023
Merged

slemicro: add option to register with elemental #64

e-minguez merged 1 commit into from
Oct 3, 2023

Conversation

@hardys
Copy link
Contributor

@hardys hardys commented Oct 2, 2023

Adds optional registration with elemental which is possible since a change landed to decouple registration from the choice of OS[1]

Note that in this case the VM should not have any k3s or RKE2 deployment enabled, since this will be handled via elemental-system-agent after the host is registered as MachineInventory with elemental

Example config:

ELEMENTAL_REGISTER=true
ELEMENTAL_CONFIG="$HOME/Downloads/test_registrationURL.yaml"

Note that test_registrationURL.yaml can be downloaded from the elemental UI, where a MachineRegistration named "test" has been created.

[1] rancher/elemental-operator#516

@hardys
slemicro: add option to register with elemental
c75b5d1 
Adds optional registration with elemental which is possible since
a change landed to decouple registration from the choice of OS[1]

Note that in this case the VM should not have any k3s or RKE2 deployment
enabled, since this will be handled via elemental-system-agent after the
host is registered as MachineInventory with elemental

Example config:

ELEMENTAL_REGISTER=true
ELEMENTAL_CONFIG="$HOME/Downloads/test_registrationURL.yaml"

Note that test_registrationURL.yaml can be downloaded from the elemental
UI, where a MachineRegistration named "test" has been created.

[1] rancher/elemental-operator#516
rdoxenham
rdoxenham approved these changes Oct 2, 2023
View reviewed changes
Copy link
Contributor

@rdoxenham rdoxenham left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks!

hardys
hardys commented Oct 2, 2023
View reviewed changes
slemicro/combustion/04_elemental_register.sh

# Register --no-toolkit disables OS management
elemental-register --config-path /etc/elemental/config.yaml --state-path /etc/elemental/state.yaml --install --no-toolkit --emulate-tpm --emulated-tpm-seed 99

Copy link
Contributor Author

@hardys hardys Oct 2, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note that the emulated TPM is required currently - I tried to get the TPM support that landed in the latest UTM versions working, but SLEMicro won't boot - I'll try to figure that out and we can potentially resolve in a follow-up

Copy link

@agracey agracey Oct 2, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm assuming that the TPM issue is only for UTM and not bare-metal? (I don't think I had this issue with my NUCs)

Copy link
Contributor Author

@hardys hardys Oct 3, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@agracey I've not tested on bare-metal yet but yes this should just be a VM-specific issue, on UTM if you enable the recently-added TPM support it enables secure-boot, which stops SLEMicro booting - I expect this is solvable (and I know it can be made to work with Libvirt on Linux) but I've not yet had time to dig into it.

@hardys hardys requested a review from e-minguez October 3, 2023 09:18
e-minguez
e-minguez approved these changes Oct 3, 2023
View reviewed changes
Copy link
Contributor

@e-minguez e-minguez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. I'll create an issue to add a couple of things:

  • Check if rke2/k3s has been enabled as well and if so, fail
  • Run the TPM emulation only on OSX VMs

@e-minguez e-minguez merged commit 91317ec into suse-edge:main Oct 3, 2023
@e-minguez e-minguez mentioned this pull request Oct 3, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@e-minguez e-minguez e-minguez approved these changes

@rdoxenham rdoxenham rdoxenham approved these changes

+1 more reviewer

@agracey agracey agracey left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@hardys @e-minguez @agracey @rdoxenham