Skip to main content
warning

The binaries used for Linux packages are dynamically linked and require glibc >=2.17 to be present on the system.

Installing Defakto Agent on Linux

The Defakto Agent can be deployed on Linux systems to issue SPIFFE IDs to workloads running on a bare-metal node or VM.

To deploy the Defakto Agent, you need either SSH access to the node, or the ability to write files to disk, download files from a URL, and install a package. You should also have systemd running on the node.

Step 1 — Choose an agent attestation method

The agent must authenticate to the Trust Domain Server using an attestation method. Choose the method that matches your environment:

See Agent Attestation Methods for the full list of available methods, policy configuration, and server-side setup.

Step 2 — Create the agent configuration

Create /etc/spirl/agent-config.yaml with your cluster ID and chosen attestation method. For example, using AWS Identity Document:

cluster-id: c-xxxxxx
agent-attestors:
  - type: aws_iid

Refer to the individual attestation method page for the correct type value and any required config fields.

Step 3 — Install the agent

Download the package for your architecture:

# AMD64 Debian
curl -o spirl-agent.deb https://spirl-releases.s3.us-west-2.amazonaws.com/spirl-agent/0.36.0/spirl-agent_0.36.0_linux_amd64.deb

# AMD64 RPM
curl -o spirl-agent.rpm https://spirl-releases.s3.us-west-2.amazonaws.com/spirl-agent/0.36.0/spirl-agent_0.36.0_linux_amd64.rpm

# ARM64 Debian
curl -o spirl-agent.deb https://spirl-releases.s3.us-west-2.amazonaws.com/spirl-agent/0.36.0/spirl-agent_0.36.0_linux_arm64.deb

# ARM64 RPM
curl -o spirl-agent.rpm https://spirl-releases.s3.us-west-2.amazonaws.com/spirl-agent/0.36.0/spirl-agent_0.36.0_linux_arm64.rpm

Install the Debian package:

sudo dpkg -i spirl-agent.deb

Or the RPM package:

sudo yum install spirl-agent.rpm

Step 4 — Verify

Verify the service is running:

systemctl status spirl-agent.service