bupd
commented
2 months ago Summary
On GC:
- Satellites should be created from ground control with a request and satellite params such as its name and group.
- Upon creation, GC will return a single use token with command which should be passed on to satellite.
On Satellite:
- Execute command which is returned from ground control.
- Once Startup, satellite will register itself, gets all state information and come online.
Process Overview
-
Satellite Creation on Ground Control (GC):
- Endpoint:
POST: /satellite/register - Purpose: GC registers a satellite with specific parameters, including its group association.
- Action: GC creates a robot account with specific permissions for the satellite, pushes the state artifact to the appropriate registry, and generates a single-use token.
- Endpoint:
-
Satellite Deployment Command:
- Command is Provided to Edge Server
- Action: This command fetches the release binary or Docker image of the satellite and sets the provided token.
-
Satellite Auto-Registration:
- Process: On starting, the satellite contacts the
ztrroute on GC using the provided token to register itself and come online. - State Fetching: Satellite gets all relevant state information, including credentials for its robot account and the registry URL for the state artifact.
- Process: On starting, the satellite contacts the
-
Satellite Operation:
- Execution: The satellite starts its operations based on the fetched state, including pulling necessary artifacts from the specified OCI-compliant registry.
Conclusion
This approach is safer as it directly injects the token during satellite deployment and seamlessly integrates into existing CI/CD pipelines, ensuring secure and efficient deployment.
Implement Zero Touch Registration
As mentioned in #36.