Installing the Workload Policy Manager
Installing the Workload Policy Manager
Required For
The WPM is REQUIRED for the following use cases.
- Workload Confidentiality (both VMs and Containers)
Package Dependencies
Supported Operating Systems
The Intel® Security Libraries Workload Policy Manager supports:
-
Red Hat Enterprise Linux 8.4
-
Ubuntu 20.04
Recommended Hardware
-
2 vCPUs
-
RAM: 8 GB
-
100 GB
-
One network interface with network access to the Key Broker and Workload Service
-
Additional memory and disk space may be required depending on the size of images to be encrypted
Installation
-
Copy the WPM installer to the
/rootdirectory -
Create the
wpm.envanswer file:
KBS_BASE_URL=https://<IP address or hostname of the KBS>:9443/kbs/v1/
WPM_SERVICE_USERNAME=<WPM_Service username from populate-users script>
WPM_SERVICE_PASSWORD=<WPM Service password from populate-users script>
CMS_TLS_CERT_SHA384=<Sha384 hash of the CMS TLS certificate>
CMS_BASE_URL=https://<IP address or hostname for CMS>:8445/cms/v1/
AAS_API_URL=https://<Hostname or IP address of the AAS>:8444/aas/v1
BEARER_TOKEN=<Installation token from populate-users script>
For Container Encryption only, add the following line to the wpm.env installation answer file:
##For the CRI-O container runtime:
WPM_WITH_CONTAINER_SECURITY_CRIO=yes
-
Execute the WPM installer:
./wpm-v4.1.bin