Air-gapped environments
If your environment is air gapped and does not even have Internet through a proxy, you can still enrol the system through use of your workstation clipboard (cut'n'pasting). This requires that you are able to use a Bastion host with a terminal to an Internet connected host and the target system in a manner that you can cut'n'paste content between the two terminals.
Klic should be installed on both systems.
On the Internet connected host start the bastion helper using:
INTERNET:~$ klic bastion
Bastion request:
It is prompting for input from you, and the process may be cancelled at any point by pressing Ctrl-C
.
Now on the target host run in 'bastion' mode the enrolment process:
AIRGAPPED:~$ klic environment create --bastion TENANT-UUID 'My Airgapped Environment'
Please paste the following single line into your Bastion helper
!<=$b,&Ln5BQ%E*3[.'_<$Ek;F`M:B3[-4g,(0F
Bastion response:
It will emit something like the above requesting that you cut'n'paste the ASCII content into the bastion helper and after pressing enter you should see something like:
INTERNET:~$ klic bastion
Bastion request: !<=$b,&Ln5BQ%E*3[.'_<$Ek;F`M:B3[-4g,(0F
Bastion response:
i"?q;qcs1bLl(9aG>rq1*ls0hdR8A]PpY7PVr28kC+2h...
Bastion request:
Repeat the process by pasting this time into the target host:
AIRGAPPED:~$ klic environment create --bastion TENANT-UUID 'My Airgapped Environment'
Please paste the following single line into your Bastion helper
!<=$b,&Ln5BQ%E*3[.'_<$Ek;F`M:B3[-4g,(0F
Bastion response: i"?q;qcs1bLl(9aG>rq1*ls0hdR8A]PpY7PVr28kC+2h...
Please paste the following single line into your Bastion helper
huOu$pK[b^Ll&!nAC\W"T...
Bastion response:
Repeating again the process on the Bastion:
INTERNET:~$ klic bastion
Bastion request: !<=$b,&Ln5BQ%E*3[.'_<$Ek;F`M:B3[-4g,(0F
Bastion response:
i"?q;qcs1bLl(9aG>rq1*ls0hdR8A]PpY7PVr28kC+2h...
Bastion request: huOu$pK[b^Ll&!nAC\W"T...
Bastion response: hu]GMP[+8PLl(9a...
Repeat the process by pasting this time into the target host:
AIRGAPPED:~$ klic environment create --bastion TENANT-UUID 'My Airgapped Environment'
Please paste the following single line into your Bastion helper
!<=$b,&Ln5BQ%E*3[.'_<$Ek;F`M:B3[-4g,(0F
Bastion response: i"?q;qcs1bLl(9aG>rq1*ls0hdR8A]PpY7PVr28kC+2h...
Please paste the following single line into your Bastion helper
huOu$pK[b^Ll&!nAC\W"T...
Bastion response: hu]GMP[+8PLl(9a...
created new environment 2e147a38-9398-11ec-9ed4-c73cd613dc07
We have completed enough rounds and have enrolled the environment. You should be able to inspect the identity of the environment as usual:
klic environment describe 2e147a38-9398-11ec-9ed4-c73cd613dc07
environment 2e147a38-9398-11ec-9ed4-c73cd613dc07
tenant 1453c0e8-9386-11ec-9c64-a747bf6bfc0a
name My Airgapped Environment
description
disabled False
identity ['fqdn:server.example.com', 'os:l64', 'bid:b35a7b8c-84b7-48bd-bf2d-dbc750c04b85', 'mid:0a46bc70719b4a29bcfda85ee67b9af3', 'cid:b35a7b8c-84b7-48bd-bf2d-dbc750c04b85','vm:xen']
tags []