1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
# Overview
Landscape client is the agent for the Landscape administration system.
# Usage
This subordinate charm is intended to be used to register a machine against a
running Landscape server. Configuration needs to be supplied or it won't do
anything. Here is a simple config.yaml to register against the hosted version of
Landscape:
landscape-client:
account-name: <account_name_here>
registration-key: <registration_key_here>
tags: <csv_tag_list>
The following is a version if you need to customize the communication URL in
case you are running against a dedicated version of Landscape (LDS). This
version also sets Script exection, and allows landscape to become any user
(even root), to execute scripts:
landscape-client:
account-name: standalone
registration-key: 128-qosk-7382
tags: laptop,xenial,developer
ping-url: http://landscape.example.com/ping
url: https://landscape.example.com/message-system
script-users: ALL
include-manager-plugins: ScriptExecution
# Configuration
Landscape client has a number of configuration options available allowing
customizability into a variety of environments where resources may be scarce
or security may be a concern. The most useful and common options are documented
below.
To get more detail on options, these correlate directly to configuration
settings on landscape-client itself. (landscape-client(1),
landscape-client --help)
`account-name`: Name of the account to register against in the hosted version
of Landscape. In the dedicated version of Landscape (LDS), this will always be
"standalone"
`registration-key`: The account registration key, found in the Landscape account
GUI.
`tags`:Comma separated list of tags to apply to the computer once it is
registered.
`url`: The server url to connect to, will usually be https and end with
/message-system
`ping-url`: If the server url is specified, ping-url should also be specified.
Will usually be http and end with /ping
`include-manager-plugins`: This option is primarily used to enable the
ScriptExecution plugin, which allows arbitrary scripts to be executed on the
registered computer.
`script-users`: Comma-separated list of users that the landscape client can
become to execute scripts. Keyword "ALL" can be used to include all users on the
system.
`ssl-public-key`: If needed, use this to give the client the CA certificate it
should use to verify the server certificate it is connecting to.
When registering the client against a server with a custom or not well known
CA, you will need to use the ssl-public-key option. To insert the certificate
contents into the charm config directly, just encode it in base64.
For example, let's assume ca.pem is a file with the CA certificate the client
needs to use to verify the server:
cat ca.pem | openssl base64 -e > ca.encoded
Now insert the ca.encoded contents into the charm config, like this:
landscape-client:
url: ....
ping-url: ....
ssl-public-key: |
base64:<insert-here-
contents-of-ca.encoded>...
...
...
# Contact Information
Author: Landscape Team <landscape-team@canonical.com>
Report bugs at: http://bugs.launchpad.net/charms/+source/landscape-client/+filebug
Location: http://jujucharms.com/charms/landscape-client
|