7.13. Trustee 구성 확인
Trustee Pod 및 로그를 확인하여 Trustee 구성을 확인합니다.
프로세스
다음 명령을 실행하여 기본 프로젝트를 설정합니다.
$ oc project trustee-operator-system
다음 명령을 실행하여 Trustee Pod를 확인합니다.
$ oc get pods -n trustee-operator-system
출력 예
NAME READY STATUS RESTARTS AGE trustee-deployment-8585f98449-9bbgl 1/1 Running 0 22m trustee-operator-controller-manager-5fbd44cd97-55dlh 2/2 Running 0 59m
다음 명령을 실행하여
POD_NAME환경 변수를 설정합니다.$ POD_NAME=$(oc get pods -l app=kbs -o jsonpath='{.items[0].metadata.name}' -n trustee-operator-system)다음 명령을 실행하여 Pod 로그를 확인합니다.
$ oc logs -n trustee-operator-system $POD_NAME
출력 예
[2024-05-30T13:44:24Z INFO kbs] Using config file /etc/kbs-config/kbs-config.json [2024-05-30T13:44:24Z WARN attestation_service::rvps] No RVPS address provided and will launch a built-in rvps [2024-05-30T13:44:24Z INFO attestation_service::token::simple] No Token Signer key in config file, create an ephemeral key and without CA pubkey cert [2024-05-30T13:44:24Z INFO api_server] Starting HTTPS server at [0.0.0.0:8080] [2024-05-30T13:44:24Z INFO actix_server::builder] starting 12 workers [2024-05-30T13:44:24Z INFO actix_server::server] Tokio runtime found; starting in existing Tokio runtime
다음 명령을 실행하여
ibmse-pvc영구 볼륨 클레임을 Trustee Pod에 노출합니다.$ oc patch deployment trustee-deployment \ --namespace=trustee-operator-system --type=json \ -p='[{"op": "remove", "path": "/spec/template/spec/volumes/5/persistentVolumeClaim/readOnly"}]'다음 명령을 실행하여
kbs-service가 노드 포트에 노출되었는지 확인합니다.$ oc get svc kbs-service -n trustee-operator-system
출력 예
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kbs-service NodePort 198.51.100.54 <none> 8080:31862/TCP 23h
kbs-serviceURL은https://<worker_node_ip>:<node_port> 입니다(예:https://172.16.0.56:31862).
