Workload Policy Manager
Installation Answer File Options
| Key | Sample Value | Description |
|---|---|---|
| KBS_BASE_URL | https://\<IP address or hostname of the KBS>:30443/kbs/v1/ | Required. Defines the baseurl for the Key Broker Service. The WPM uses this URL to request new encryption keys when encrypting images. |
| CMS_TLS_CERT_SHA384 | Required. SHA384 hash of the CMS TLS certificate | |
| CMS_BASE_URL | https://\<IP address or hostname for CMS>:30445/cms/v1/ | Required. Defines the base URL for the CMS owned by the image owner. Note that this CMS may be different from the CMS used for other components. |
| AAS_API_URL | https://\<IP address or hostname for AAS>:30444/aas/v1 | Required. Defines the baseurl for the AAS owned by the image owner. Note that this AAS may be different from the AAS used for other components. |
| BEARER_TOKEN | Required; token from CMS with permissions used for installation. | |
| WPM_SERVICE_PASSWORD | Defines the credentials for the WPM to use to access the KBS | |
| WPM_SERVICE_USERNAME | Defines the credentials for the WPM to use to access the KBS |
Configuration Options
Command-Line Options
The Workload Policy Manager supports several command-line commands that can be executed only as the Root user:
Syntax:
wpm
Uninstall
Removes the WPM.
--help
Displays help text
--version
Displays the WPM version
Setup
usage : wpm setup [
wpm setup all
- Runs all setup tasks
wpm setup create-envelope-key
- Creates the key pair required to securely transfer key from KBS
- Option [--force] overwrites existing envelope key pairs
wpm setup download-ca-cert [--force]
- Download CMS root CA certificate
- Option [--force] overwrites any existing files, and always downloads new root CA cert
- Environment variable CMS_BASE_URL=
- Environment variable CMS_TLS_CERT_SHA384=