aboutsummaryrefslogtreecommitdiffstats
path: root/bin/abrmdcontainer/README.md
blob: fb07ca11d3a7b7f4076b1c67dbd54a0d6f30a69b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
### OOM - Onap Operations Manager will deploy this as part of CA service
### two stages
### Stage 1 - Initialize TPM and exit (init.sh script is used for this case)
### Stage 2 - Starts the abrmd process and keeps it running to provide the
### means for application to interact wit TPM (run_abrmd.sh is used)

### Make  a directory /tmp/volume (mkdir -p /tmp/volume) on the Host
### This directory (Sample Shared volume ABRMD_DATA) is mounted to abrmd
### container and is mounted as /tmp/files/ inside container
### the host's name "TPM_NODE_NAME" environmental variable

### The input to this container is srkhandle(a file/environmental vatiable)
### tpm_status.yaml (TPM State) password (for TPM Primary key,
### password is encrypted using pgp and is extracted using the passphrase
### (provided in shared volume))
### Output of this container is the public
### portion of the TPM's Primary key (out_parent_public) and the staus will
### be updated in the tpm_status.yaml file


### Input
### 1.srkhandle 2.password 3.passphrase 4.tpm_status.yaml

### Output
### 1. out_parent_public

### Building Docker Images

```
$ docker build -t <image name> -f dockerfile .
```

### Running ABRMD Container with Simulator

```
$ docker run -d --privileged -v /tmp/run/dbus:/var/run/dbus -v /tmp/volume:/tmp/files --name <container name> <image name>
```

### Running ABRMD Container with TPM Hardware

```
$ docker run -d --privileged -device=/dev/tpm0 -v /tmp/run/dbus:/var/run/dbus -v /tmp/volume:/tmp/files --name <container name> <image name>
```

##### Sanity Check
Run the following command in the tools container to see if everything is setup correctly:

```
tpm2_listpcrs
```