Create a pool of pre-bootstrapped keys
How to create pre-seeded keys beforehand and transfer these to devices in production
It is possible to pre-create qbee-keys for prodcution. In this tutorial we show you how to bootstrap devices beforehand and transfer the necessary files and keys to devices afterwards. This allows to pre-breed qbee keys that can be used in a production process that does not want to run the bootstrap procedure due to timing or no internet.
Steps and pre-requisites for creating qbee-keys:
- a defined bootstrap key that assigns devices to a group and allows auto-accept
- a device to create these keys on
- download the script to your device and run it
- trigger the bootstrap process on the production devices as indicated below
Please reach out to qbee support to receive the qbee-preseed.sh
script:
Then you need to create a bootstrap key that has auto-accpet and a group assignment enabled.
Then run ./qbee-preseed.sh <bootstrap-key>
.
This will create a client config structure that needs to be copied to the individual device. Each time you run it a new folder will be created that has a new unique ID. Thus you can initiate multiple of these runs below without overwriting the seeded keys and files.
On the device you need to run /opt/qbee/bin/qbee-bootstrap -F
until you have the file /var/lib/qbee/inputs/promises.cf
. Depending on the network this might need to be run in a loop.