Installation
Client
The following steps guide you on how to install and configure the Pullconf client component pullconf on a client system.
Download and install the .deb package from GitHub:
$ wget https://github.com/puetzp/pullconf/releases/download/v0.1.0/pullconf_0.1.0-1_amd64.deb
$ sudo dpkg -i pullconf_0.1.0_amd64.deb
The installation script sets up a systemd service unit (pullconf.service), a timer unit (pullconf.timer) and a data directory. Check the service unit's status:
$ sudo systemctl status pullconf.service
As you may notice the unit is not enabled by the installation script, because it lacks an [Install] section. It is a static service unit that is activated by a scheduler and exits after the resource catalog has been applied. The timer unit from the package is used to execute the pullconf.service unit regularly. By default it is configured to trigger the service unit every five minutes.
Optional: Take a look at the timer unit:
$ sudo systemctl cat pullconf.timer
Optional: Adjust the OnCalendar expression or other settings by creating an override file:
$ sudo systemctl edit pullconf.timer
Optional: If you prefer a different scheduling method, disable the timer unit and configure the scheduler of your choice:
$ sudo systemctl disable pullconf.timer
If this is your first installation the service unit (pullconf.service) will likely be in the "failed" state after being triggered for the first time by the scheduler, because some mandatory configuration parameters need to be set up. Refer to the log at /var/log/pullconf/pullconf.log to see what might be missing to start the unit.
As with the server component pullconf is configured via environment variables. As you can see in the systemd unit file the unit reads environment variables from /etc/pullconf/environment (the required format is documented here). Refer to the following table for all available parameters.
| Name | Description | Mandatory | Default |
|---|---|---|---|
| PULLCONF_SERVER | The pullconfd host that pullconf should connect to, e.g. pullconf.local |
yes | |
| PULLCONF_API_KEY |
The API key that pullconf uses to authenticate with pullconfd. This should be a random string. A suitable string can be generated by running $ openssl rand -base64 32 |
yes | |
| PULLCONF_CA_DIR |
If the TLS certificate of your pullconfd server is self-signed or signed by a custom CA, this variable must be set to a directory where a file containing the certificate is located, e.g. pullconf will read every file from this directory and load them into a certificate truststore that is used when connecting to pullconfd. |
no | |
| PULLCONF_LOG_FORMAT |
pullconf uses structured logging. This variable determines the output format of the logs. Valid values are:
|
no | logfmt |
| LOG_LEVEL |
This variable is read by the underlying logging library. Check their documentation for a complete overview of valid values. Usually one of these will do:
|
no | info |
Once pullconf.timer triggers pullconf.service the updated values from /env/pullconf/environment will be used.
However pullconf.service will likely fail again. That is because pullconf tries to authenticate to pullconfd with a hostname and its API key. Both are still unknown to pullconfd as long as no client configuration file exists on the server side. Proceed to creating a client configuration file in order to enable the connection from pullconf to pullconfd.