Installing, configuring, and running the Rendezvous server
Install the fdo-rendezvous-server
RPM package to enable the systems to receive the voucher generated by the Manufacturing server during the first device boot. The Rendezvous server then matches the device UUID with the target platform or cloud and informs the device about which Owner server endpoint the device must use.
-
You created a
manufacturer_cert.pem
certificate. See Generating key and certificates. -
You copied the
manufacturer_cert.pem
certificate to the/etc/fdo/keys
directory in the Rendezvous server.
-
Install the
fdo-rendezvous-server
RPM packages:# dnf install -y fdo-rendezvous-server
-
Create the
rendezvous-server.yml
configuration file, including the path to the manufacturer certificate. You can find an example in/usr/share/doc/fdo/rendezvous-server.yml
. The following example shows a configuration file that is saved in/etc/fdo/rendezvous-server.yml
.storage_driver: Directory: path: /etc/fdo/stores/rendezvous_registered session_store_driver: Directory: path: /etc/fdo/stores/rendezvous_sessions trusted_manufacturer_keys_path: /etc/fdo/keys/manufacturer_cert.pem max_wait_seconds: ~ bind: "0.0.0.0:8082"
-
Check the Rendezvous server service status:
# systemctl list-unit-files | grep fdo | grep rende fdo-rendezvous-server.service disabled disabled
-
If the service is stopped and disabled, enable and start it:
# systemctl enable --now fdo-rendezvous-server.service
-
-
Check that the server is listening on the default configured port 8082:
# ss -ltn
-
Open the port if you have a firewall configured on this server:
# firewall-cmd --add-port=8082/tcp --permanent # systemctl restart firewalld
Want to help? Learn how to contribute to Fedora Docs ›