Install
There are several options to install Vault and the CLI:
Docker container with precompiled binary
Login to the enclaive repository and enter user
and password
docker login harbor.enclaive.cloud
Pull the container
docker pull enclaive-dev/nitride:latest
Helm Chart for Kubernetes
With the release of Helm 3.8.0, Helm is able to store and work with charts in container registries, as an alternative to Helm repositories.
Login to the enclaive repository and enter user
and password
helm registry login harbor.enclaive.cloud
You can now install the chart
helm install oci://harbor.enclaive.cloud/enclaive-dev/nitride --version <version>
Compiling from source
To compile from source, you will need Go installed and properly configured (including a GOPATH
environment variable set), as well as a copy of git
in your PATH
.
Clone the Nitride repository from GitHub into your GOPATH
:
mkdir -p $GOPATH/src/github.com/enclaive && cd $_
git clone https://github.com/enclaive/nitride.git
cd nitride
Bootstrap the project. This will download and compile libraries and tools needed to compile Nitride:
make bootstrap
Build Nitride for your current system and put the binary in ./bin/
(relative to the git checkout). The make dev
target is just a shortcut that builds nitride
for only your local build environment (no cross-compiled targets). The make dev-ui
builds the target with the UI.
make dev
To verify Nitride is installed, run nitride -h
on your system. You should see the help output. If you are executing it from the command line, ensure it is on your PATH
to avoid receiving an error that Nitride is not found.
nitride -h
Download the CLI
Sometimes it may be handy to work with the command line interface (CLI). For ease of use Nitride is compatible with the Hashicorp CLI. Follow the downloading guide lines below:
Please follow the instructions in the Official Packaging Guide to install the HashiCorp GPG key, verify the key's fingerprint, and install Vault.
Ubuntu/Debian
Update the package manager and install GPG and wget.
sudo apt update && sudo apt install gpg wget
Download the keyring
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
Verify the keyring
gpg --no-default-keyring --keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg --fingerprint
Add the HashiCorp repository.
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
Install Vault.
sudo apt update && sudo apt install vault
Fedora
Install dnf config-manager
to manage your repositories.
sudo dnf install -y dnf-plugins-core
Use dnf config-manager
to add the official HashiCorp Linux repository.
sudo dnf config-manager --add-repo https://rpm.releases.hashicorp.com/fedora/hashicorp.repo
Install Vault.
sudo dnf -y install vault
Amazon Linux
Install yum-config-manager
to manage your repositories.
$ sudo yum install -y yum-utils
Use yum-config-manager
to add the official HashiCorp Linux repository.
$ sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/AmazonLinux/hashicorp.repo
Install Vault.
$ sudo yum -y install vault
Download the enclaivelet
The enclaivelet consists of binaries enclaivelet
and provision
. The first establishes to nitride a secure communication session, retrieves the attestation report, and redeems the report to obtain an authentication for vault. The latter establishes a secure communication session with Vault to retrieve secrets and provision them into the workload.
Download the binaries enclaivelet
and provision
as follows
wget https://mynitridedomain/static/{enclaivelet,provision}
Last updated