Add Yamls to get Keylime container running on OCP

redhat-et / edge-security-demo

Apache License 2.0

2 stars 6 forks source link

Add Yamls to get Keylime container running on OCP #15

Closed astoycos closed 4 years ago

astoycos commented 4 years ago

Includes:
Persistent Volume Claim yaml 
Persistent Volume yaml Mounted at the hosts directory "/sys/fs/cgroup"
Pod Yaml with container mount at "/sys/fs/cgroup"
 - also a placement policy to run on a specified node

To work the Openshift Project must have PRIVLEDGED SCC permissions

TODO automate TPM server startup
Make into a deployment

Address issue  fix #9

astoycos commented 4 years ago

So for now you can manually start it, but I plan to have an automated set of oc commands to start the keylime agent, and video streaming on the nodes, and this program will also install keylime before starting the agent.