Register Cluster with SPIRL Trust Domain Server
In order for SPIRL Agents running in the cluster to be able to connect to the SPIRL Trust Domain Server, you need to register the cluster with the SPIRL Trust Domain Server. You can register the cluster with the SPIRL Trust Domain Server by running the following command:
spirlctl cluster register workloads-cl-3 --trust-domain spirl.test --platform istio
Where workloads-cl-3
is the name of the cluster you want to register and spirl.test
is the name of the trust domain you want to register the cluster with. It will produce the following output:
Successfully registered cluster workloads-cl-3 to trust domain spirl.test
Cluster Version ID: cv-1r0yfu9yjy
Private Key:
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEIMkReSwyvhVzOmfwzXzIF3vd4M+BWOZ9ppjj6EFWG8gl
-----END PRIVATE KEY-----
You'll need to provide the Cluster Version ID
and Private Key
to the SPIRL Agent helm chart when deploying the SPIRL Agent in the cluster. You should keep the Private Key
in the secure location like your secret manager.