Edge Enforcer Golden Image

The easiest way to get a valid supd.conf is to run the installer on a machine and then copy and modify supd.conf for the golden image.

• Prepare the golden image for hosts

  • Prepare volumes for applications. Note that separate partitions are recommended in most cases.

  • Install nvidia GPU driver if required.

  • General OS configuration, log rotate etc

  • /etc/docker/daemon.json, the below is an example from the default installation.

    {
      "iptables": false,
      "userns-remap": "default",
      "selinux-enabled": false,
      "bridge": "none"
    }

  • /etc/supd.conf (unique hostid for call home)

  • /etc/systemd/system/supd.service (created by installer, and default is in most cases appropriate)

    Can be generated:

    curl -s https://api.demo.my-company.avassa.net/install | sh -s -- --emit-systemd-service > supd.service

  • /usr/sbin/start-supd

    Can be generated:

    curl -s https://api.demo.my-company.avassa.net/install | sh -s -- --emit-start-supd > start-supd

    chmod +x start-supd

  • Create /var/lib/supd/state, this directory and /var/lib/supd should be empty and writable by root

note

/var/lib/supd and /usr/sbin/start-supd must be writable by root.

tip

The location of start-supd and the supd/state can be changed (e.g. in case the above locations are not writable). See the supd.service service file on how to do this.