Install

Installation prerequisites an enterprise licence. Please contact support.

There are several options to install Vault and the CLI:

Docker container with precompiled binary

docker login harbor.enclaive.cloud

Pull the container

docker pull enclaive-dev/nitride:latest

Helm Chart for Kubernetes

With the release of Helm 3.8.0, Helm is able to store and work with charts in container registries, as an alternative to Helm repositories.

helm registry login harbor.enclaive.cloud

You can now install the chart

helm install oci://harbor.enclaive.cloud/enclaive-dev/nitride --version <version>

Compiling from source

To compile from source, you will need Go installed and properly configured (including a GOPATH environment variable set), as well as a copy of git in your PATH.

Clone the Nitride repository from GitHub into your GOPATH:

mkdir -p $GOPATH/src/github.com/enclaive && cd $_
git clone https://github.com/enclaive/nitride.git
cd nitride

Bootstrap the project. This will download and compile libraries and tools needed to compile Nitride:

make bootstrap

Build Nitride for your current system and put the binary in ./bin/ (relative to the git checkout). The make dev target is just a shortcut that builds nitride for only your local build environment (no cross-compiled targets). The make dev-uibuilds the target with the UI.

make dev

To verify Nitride is installed, run nitride -h on your system. You should see the help output. If you are executing it from the command line, ensure it is on your PATH to avoid receiving an error that Nitride is not found.

nitride -h

Download the CLI

Sometimes it may be handy to work with the command line interface (CLI). For ease of use Nitride is compatible with the Hashicorp CLI. Follow the downloading guide lines below:

Please follow the instructions in the Official Packaging Guide to install the HashiCorp GPG key, verify the key's fingerprint, and install Vault.

Ubuntu/Debian

Update the package manager and install GPG and wget.

sudo apt update && sudo apt install gpg wget

Download the keyring

wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg

Verify the keyring

gpg --no-default-keyring --keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg --fingerprint

Add the HashiCorp repository.

echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list

Install Vault.

sudo apt update && sudo apt install vault

Fedora

Install dnf config-manager to manage your repositories.

sudo dnf install -y dnf-plugins-core

Use dnf config-manager to add the official HashiCorp Linux repository.

sudo dnf config-manager --add-repo https://rpm.releases.hashicorp.com/fedora/hashicorp.repo

Install Vault.

sudo dnf -y install vault

Amazon Linux

Install yum-config-manager to manage your repositories.

$ sudo yum install -y yum-utils

Use yum-config-manager to add the official HashiCorp Linux repository.

$ sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/AmazonLinux/hashicorp.repo

Install Vault.

$ sudo yum -y install vault

Download the enclaivelet

The enclaivelet consists of binaries enclaivelet and provision. The first establishes to nitride a secure communication session, retrieves the attestation report, and redeems the report to obtain an authentication for vault. The latter establishes a secure communication session with Vault to retrieve secrets and provision them into the workload.

Download the binaries enclaivelet and provision as follows

wget https://mynitridedomain/static/{enclaivelet,provision}

PreviousSetup NextConfiguration

Last updated 1 year ago