diff options
| author |   Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com> | 2018-08-02 10:41:31 -0700 |
|---|---|---|
| committer | Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com> | 2018-08-22 09:35:07 -0700 |
| commit | 51449dab404b457264e1a36206773b9764241167 (patch) | |
| tree | 6187b645b21df022530efabe2cd72ba36b750c4b /bin/abrmdcontainer/README.md | |
| parent | 6a2a8d92236fcb5763af59d69c3a9d0edc9010c0 (diff) | |
Containerize TPM Initialization tool
Modifying ABRMD container to support Init tool
Change-Id: I8b2f8171688b67567e3ad4a3e4942ae76737bdfc
Issue-ID: AAF-342
Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
Diffstat (limited to 'bin/abrmdcontainer/README.md')
| -rwxr-xr-x[-rw-r--r--] | bin/abrmdcontainer/README.md | 39 |
1 files changed, 31 insertions, 8 deletions
diff --git a/bin/abrmdcontainer/README.md b/bin/abrmdcontainer/README.md index ad2f3bc..fb07ca1 100644..100755 --- a/bin/abrmdcontainer/README.md +++ b/bin/abrmdcontainer/README.md @@ -1,22 +1,45 @@ +### OOM - Onap Operations Manager will deploy this as part of CA service +### two stages +### Stage 1 - Initialize TPM and exit (init.sh script is used for this case) +### Stage 2 - Starts the abrmd process and keeps it running to provide the +### means for application to interact wit TPM (run_abrmd.sh is used) + +### Make a directory /tmp/volume (mkdir -p /tmp/volume) on the Host +### This directory (Sample Shared volume ABRMD_DATA) is mounted to abrmd +### container and is mounted as /tmp/files/ inside container +### the host's name "TPM_NODE_NAME" environmental variable + +### The input to this container is srkhandle(a file/environmental vatiable) +### tpm_status.yaml (TPM State) password (for TPM Primary key, +### password is encrypted using pgp and is extracted using the passphrase +### (provided in shared volume)) +### Output of this container is the public +### portion of the TPM's Primary key (out_parent_public) and the staus will +### be updated in the tpm_status.yaml file + + +### Input +### 1.srkhandle 2.password 3.passphrase 4.tpm_status.yaml + +### Output +### 1. out_parent_public + ### Building Docker Images ``` $ docker build -t <image name> -f dockerfile . ``` -### Running ABRMD Container +### Running ABRMD Container with Simulator ``` -$ docker run -d --privileged -v /tmp/run/dbus:/var/run/dbus --name <container name> <image name> +$ docker run -d --privileged -v /tmp/run/dbus:/var/run/dbus -v /tmp/volume:/tmp/files --name <container name> <image name> ``` -### Running Tools Container -This command will drop you into the tools container with everything setup appropriately: +### Running ABRMD Container with TPM Hardware + ``` -# Runs without any privileges. -# Requires that the dbus be mounted from the same host folder -# This is to enable communication between the tools and ABRMD -$ docker run -v /tmp/run/dbus:/var/run/dbus --name <container name> -it --entrypoint /bin/bash <image name> +$ docker run -d --privileged -device=/dev/tpm0 -v /tmp/run/dbus:/var/run/dbus -v /tmp/volume:/tmp/files --name <container name> <image name> ``` ##### Sanity Check |