Installing the Workload Service
Installing the Workload Service
Required For
The WLS is REQUIRED for the following use cases.
- Workload Confidentiality (both VMs and Containers)
Prerequisites
The following must be completed before installing the Workload Service:
-
The Certificate Management Service must be installed and available
-
The Authentication and Authorization Service must be installed and available
-
The Verification Service must be installed and available
-
The Workload Service database must be available
Supported Operating Systems
The Intel® Security Libraries Workload Service supports:
-
Red Hat Enterprise Linux 8.4
-
Ubuntu 20.04
Recommended Hardware
Installation
-
Copy the Workload Service installation binary to the
/rootdirectory. -
Create the
workload-service.envinstallation answer file
WLS_DB_USERNAME=<database username>
WLS_DB_PASSWORD=<database password>
WLS_DB_HOSTNAME=<IP or hostname of database server>
WLS_DB_PORT=<Database port; 5432 by default>
WLS_DB=<name of the WLS database>
WLS_DB_SSLCERTSRC=<path to database TLS certificate; the default location is typically /usr/local/pgsql/data/server.crt >
HVS_URL=https://<Ip address or hostname of the Host verification Service>:8443/hvs/v2/
WLS_SERVICE_USERNAME=<username for WLS service account>
WLS_SERVICE_PASSWORD=<password for WLS service account>
CMS_BASE_URL=https://<IP or hostname to CMS>:8445/cms/v1/
CMS_TLS_CERT_SHA384=<sha384 of CMS TLS certificate>
AAS_API_URL=https://<IP or hostname to AAS>:8444/aas/v1/
SAN_LIST=<comma-separated list of IPs and hostnames for the WLS>
BEARER_TOKEN=<Installation token from populate-users script>
- Execute the WLS installer binary:
./wls-v4.1.bin