add keylime-poc

Make a Proof of Concept of Keylime is k8s cluster. This POC is needed as the concept of having Keylime Tenant/Verifier/Registrar outside k8s cluster, but Keylime Agent in k8s cluster and being accessed via Ingress/LoadBalancer IP, is something Keylime maintainers did not think originally as a use-case. This has several issues with the current design, and while there is a proposal/ study for changing from "pull model" to "push model", it is miles away and this POC tries to find out the minimal changes needed to make the current model work for this use case. Signed-off-by: Tuomo Tanskanen <[email protected]>
Nordix · Nov 11, 2024 · b625285 · b625285
1 parent 1b61c7e
commit b625285
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/security/keylime-poc/README.md b/security/keylime-poc/README.md
@@ -157,7 +157,8 @@ See [scripts/run_kind.sh](./scripts/run_kind.sh) for the code.
 
 This K8s installation is created based on the
 [attestation-operator](https://github.com/keylime/attestation-operator) templates
-via following process (no need to repeat):
+via following process (no need to repeat, resulting files are stored in this
+POC):
 
 1. Clone attestation-operator repo
 1. Run `make helm-keylime`