Head to the artifacts download page and download the relevant file. In this example we will be using version 1.0.0
on ubuntu 22.04
on x86_64
architecture.
wget https://download.aerospike.com/artifacts/aerospike-secret-agent/1.0.0/aerospike-secret-agent_1.0.0-1ubuntu22.04_amd64.deb
aerolab files upload -n CLUSTERNAME aerospike-secret-agent_1.0.0-1ubuntu22.04_amd64.deb /root/aerospike-secret-agent_1.0.0-1ubuntu22.04_amd64.deb
aerolab attach shell -n CLUSTERNAME -l all --parallel -- dpkg -i /root/aerospike-secret-agent_1.0.0-1ubuntu22.04_amd64.deb
Note on CentOS/Amazon Linux: use rpm -i file.rpm
or yum localinstall file.rpm
instead of dpkg -i file.deb
to install the secret agent on those platforms.
There are multiple ways this can be achieved. Either the file can be downloaded using aerolab files download
, then edited and reuploaded to all nodes using aerolab files upload
, or alternatively it can be edited on first node and then synced to all other nodes.
This method has the advantage of allowing to creating a template configuration file and reuse it every time in the future.
aerolab files download -n CLUSTERNAME -l 1 /etc/aerospike-secret-agent/config.yaml secret-agent-config.yaml
vim secret-agent-config.yaml
aerolab files upload -n CLUSTERNAME secret-agent-config.yaml /etc/aerospike-secret-agent/config.yaml
The quick setup-once method to see the file, edit it and sync it.
aerolab files edit -n CLUSTERNAME /etc/aerospike-secret-agent/config.yaml
aerolab files sync -n CLUSTERNAME -d CLUSTERNAME -p /etc/aerospike-secret-agent/config.yaml
It is possible to provide a template aerospike.conf
during cluster creation with the -o aerospike.conf
parameter. This will ship a configuration file that may have been prepared before deployment.
Should this not have been provided, an alternative method exists, by live-patching the configuration file, as seen below. Other parameters can be provided in the same manner.
The below examples configure fetching feature key file from the AWS Secrets Manager using named Secret and Value.
aerolab conf adjust -n CLUSTERNAME set service.secrets-address-port "127.0.0.1 3005"
aerolab conf adjust -n CLUSTERNAME set service.feature-key-file secrets:TestingSecret:FeatureKey
aerolab aerospike restart -n CLUSTERNAME
aerolab conf adjust -n CLUSTERNAME set service.secrets-uds-path /path/to/uds.sock
aerolab conf adjust -n CLUSTERNAME set service.feature-key-file secrets:TestingSecret:FeatureKey
aerolab aerospike restart -n CLUSTERNAME
More information can be found at the following URLs: