CLI reference
Use the Constellation CLI to create and manage your clusters.
Usage:
constellation [command]
Commands:
- config: Work with the Constellation configuration file
- generate: Generate a default configuration file
- fetch-measurements: Fetch measurements for configured cloud provider and image
- instance-types: Print the supported instance types for all cloud providers
- create: Create instances on a cloud platform for your Constellation cluster
- init: Initialize the Constellation cluster
- mini: Manage MiniConstellation clusters
- verify: Verify the confidential properties of a Constellation cluster
- upgrade: Plan and perform an upgrade of a Constellation cluster
- recover: Recover a completely stopped Constellation cluster
- terminate: Terminate a Constellation cluster
- version: Display version of this CLI
- iam: Work with the IAM configuration on your cloud provider
constellation config
Work with the Constellation configuration file
Synopsis
Work with the Constellation configuration file.
Options
-h, --help help for config
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation config generate
Generate a default configuration file
Synopsis
Generate a default configuration file for your selected cloud provider.
constellation config generate {aws|azure|gcp|qemu} [flags]
Options
-f, --file string path to output file, or '-' for stdout (default "constellation-conf.yaml")
-h, --help help for generate
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation config fetch-measurements
Fetch measurements for configured cloud provider and image
Synopsis
Fetch measurements for configured cloud provider and image. A config needs to be generated first!
constellation config fetch-measurements [flags]
Options
-h, --help help for fetch-measurements
-s, --signature-url string alternative URL to fetch measurements' signature from
-u, --url string alternative URL to fetch measurements from
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation config instance-types
Print the supported instance types for all cloud providers
Synopsis
Print the supported instance types for all cloud providers.
constellation config instance-types [flags]
Options
-h, --help help for instance-types
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation create
Create instances on a cloud platform for your Constellation cluster
Synopsis
Create instances on a cloud platform for your Constellation cluster.
constellation create [flags]
Options
-c, --control-plane-nodes int number of control-plane nodes (required)
-h, --help help for create
--name string create the cluster with the specified name (default "constell")
-w, --worker-nodes int number of worker nodes (required)
-y, --yes create the cluster without further confirmation
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation init
Initialize the Constellation cluster
Synopsis
Initialize the Constellation cluster. Start your confidential Kubernetes.
constellation init [flags]
Options
--conformance enable conformance mode
-h, --help help for init
--master-secret string path to base64-encoded master secret
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation mini
Manage MiniConstellation clusters
Synopsis
Manage MiniConstellation clusters.
Options
-h, --help help for mini
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation mini up
Create and initialize a new MiniConstellation cluster
Synopsis
Create and initialize a new MiniConstellation cluster. A mini cluster consists of a single control-plane and worker node, hosted using QEMU/KVM.
constellation mini up [flags]
Options
--config string path to the config file to use for the cluster
-h, --help help for up
Options inherited from parent commands
--debug enable debug logging
constellation mini down
Destroy a MiniConstellation cluster
Synopsis
Destroy a MiniConstellation cluster.
constellation mini down [flags]
Options
-h, --help help for down
-y, --yes terminate the cluster without further confirmation
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation verify
Verify the confidential properties of a Constellation cluster
Synopsis
Verify the confidential properties of a Constellation cluster.
If arguments aren't specified, values are read from constellation-id.json.
constellation verify [flags]
Options
--cluster-id string expected cluster identifier
-h, --help help for verify
-e, --node-endpoint string endpoint of the node to verify, passed as HOST[:PORT]
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation upgrade
Plan and perform an upgrade of a Constellation cluster
Synopsis
Plan and perform an upgrade of a Constellation cluster.
Options
-h, --help help for upgrade
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation upgrade plan
Plan an upgrade of a Constellation cluster
Synopsis
Plan an upgrade of a Constellation cluster by fetching compatible image versions and their measurements.
constellation upgrade plan [flags]
Options
-f, --file string path to output file, or '-' for stdout (omit for interactive mode)
-h, --help help for plan
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation upgrade execute
Execute an upgrade of a Constellation cluster
Synopsis
Execute an upgrade of a Constellation cluster by applying the chosen configuration.
constellation upgrade execute [flags]
Options
-h, --help help for execute
-y, --yes Run upgrades without further confirmation. WARNING: might delete your resources in case you are using cert-manager in your cluster. Please read the docs.
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation recover
Recover a completely stopped Constellation cluster
Synopsis
Recover a Constellation cluster by sending a recovery key to an instance in the boot stage. This is only required if instances restart without other instances available for bootstrapping.
constellation recover [flags]
Options
-e, --endpoint string endpoint of the instance, passed as HOST[:PORT]
-h, --help help for recover
--master-secret string path to master secret file (default "constellation-mastersecret.json")
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation terminate
Terminate a Constellation cluster
Synopsis
Terminate a Constellation cluster. The cluster can't be started again, and all persistent storage will be lost.
constellation terminate [flags]
Options
-h, --help help for terminate
-y, --yes terminate the cluster without further confirmation
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation version
Display version of this CLI
Synopsis
Display version of this CLI.
constellation version [flags]
Options
-h, --help help for version
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation iam
Work with the IAM configuration on your cloud provider
Synopsis
Work with the IAM configuration on your cloud provider.
Options
-h, --help help for iam
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation iam create
Create IAM configuration on a cloud platform for your Constellation cluster
Synopsis
Create IAM configuration on a cloud platform for your Constellation cluster.
Options
-h, --help help for create
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation iam create aws
Create IAM configuration on AWS for your Constellation cluster
Synopsis
Create IAM configuration on AWS for your Constellation cluster.
constellation iam create aws [flags]
Options
-h, --help help for aws
--prefix string Name prefix for all resources.
--yes Create the IAM configuration without further confirmation
--zone string AWS availability zone the resources will be created in (e.g. us-east-2a). Find available zones here: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones. Note that we do not support every zone / region. You can find a list of all supported regions in our docs.
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation iam create azure
Create IAM configuration on Microsoft Azure for your Constellation cluster
Synopsis
Create IAM configuration on Microsoft Azure for your Constellation cluster.
constellation iam create azure [flags]
Options
-h, --help help for azure
--region string Region the resources will be created in. (e.g. westus)
--resourceGroup string Name of the resource group your IAM resources will be created in.
--servicePrincipal string Name of the service principal that will be created.
--yes Create the IAM configuration without further confirmation
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging
constellation iam create gcp
Create IAM configuration on GCP for your Constellation cluster
Synopsis
Create IAM configuration on GCP for your Constellation cluster.
constellation iam create gcp [flags]
Options
-h, --help help for gcp
--projectID string ID of the GCP project the configuration will be created in. Find it on the welcome screen of your project: https://console.cloud.google.com/welcome
--serviceAccountID string ID for the service account that will be created. Must match ^[a-z](?:[-a-z0-9]{4,28}[a-z0-9])$
--yes Create the IAM configuration without further confirmation
--zone string GCP zone the cluster will be deployed in. Find a list of available zones here: https://cloud.google.com/compute/docs/regions-zones#available
Options inherited from parent commands
--config string path to the configuration file (default "constellation-conf.yaml")
--debug enable debug logging