2022-02-24 02:09:48 +00:00
|
|
|
|
# openBalena Getting Started Guide
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
This guide will walk you through the steps of deploying an openBalena server, that
|
|
|
|
|
together with the balena CLI, will enable you to create and manage a fleet of devices
|
|
|
|
|
running on your own infrastructure, on premises or in the cloud. The openBalena servers
|
|
|
|
|
must be reachable by the devices, which is easiest to achieve with cloud providers like
|
|
|
|
|
AWS, Google Cloud, Digital Ocean and others.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
This guide assumes a setup with two separate machines:
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
- A _server_, running Linux with at least 2GB of memory. These instructions were tested
|
|
|
|
|
with Ubuntu 20.04, 22.04 and 24.04 x64 servers. The server must have a working
|
|
|
|
|
installation of [Docker Engine] and you must have root permissions.
|
|
|
|
|
- A _local machine_, running Linux, Windows or macOS where the balena CLI runs (as a
|
|
|
|
|
client to the openBalena server). The local machine must also have a working
|
|
|
|
|
installation of [Docker] so that application images can be built and deployed to your
|
|
|
|
|
device. It is also possible to use [balenaEngine] on a [balenaOS] device instead of
|
|
|
|
|
Docker.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
Additionally, a _device type_ and compatible flash media supported by [balenaOS]
|
|
|
|
|
(e.g. Raspberry Pi) are required to complete the provisioning demo. Ensure the correct
|
|
|
|
|
power supply is available to power this device.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
## Domain Configuration
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
The following DNS records must be configured to point to the openBalena server prior to
|
|
|
|
|
configuration:
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
```text
|
|
|
|
|
api.mydomain.com
|
|
|
|
|
ca.mydomain.com
|
|
|
|
|
cloudlink.mydomain.com
|
|
|
|
|
logs.mydomain.com
|
|
|
|
|
ocsp.mydomain.com
|
|
|
|
|
registry2.mydomain.com
|
|
|
|
|
s3.mydomain.com
|
|
|
|
|
tunnel.mydomain.com
|
|
|
|
|
```
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
Alternatively you may consider adding a single wildcard DNS record `*.mydomain.com`.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
Check with your Internet domain name registrar for instructions on how to obtain a domain
|
|
|
|
|
name and configure records.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
## Install openBalena on the server
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
1. First [Change cgroup version] to v1 for compatibility with systemd in containers on
|
|
|
|
|
modern Linux distributions, where cgroups v2 are enabled by default:
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
```bash
|
|
|
|
|
source /etc/default/grub
|
|
|
|
|
sudo sed -i '/GRUB_CMDLINE_LINUX/d' /etc/default/grub
|
|
|
|
|
echo GRUB_CMDLINE_LINUX=$(printf '\"%s systemd.unified_cgroup_hierarchy=0\"\n' "${GRUB_CMDLINE_LINUX}") \
|
|
|
|
|
| sudo tee -a /etc/default/grub
|
|
|
|
|
sudo update-grub
|
|
|
|
|
sudo reboot
|
|
|
|
|
```
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
2. Ensure cgroups v2 is disabled
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
```bash
|
|
|
|
|
if [ ! -f /sys/fs/cgroup/cgroup.controllers ]; then
|
|
|
|
|
echo "cgroups v2 is disabled"
|
|
|
|
|
else
|
|
|
|
|
echo "cgroups v2 is enabled"
|
|
|
|
|
fi
|
|
|
|
|
```
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
3. Now, install or update essential software:
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
```bash
|
|
|
|
|
sudo apt-get update && sudo apt-get install -y make openssl git jq
|
|
|
|
|
```
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
4. Install Docker Engine
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
```bash
|
|
|
|
|
which docker || curl -fsSL https://get.docker.com | sh -
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
5. Create a new user with appropriate permissions:
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
sudo useradd -s /bin/bash -m -G docker,sudo balena
|
2024-06-10 21:23:03 +00:00
|
|
|
|
echo 'balena ALL=(ALL) NOPASSWD: ALL' | sudo tee /etc/sudoers.d/balena
|
2022-02-24 02:09:48 +00:00
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
6. Switch user:
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
```bash
|
2022-02-24 02:09:48 +00:00
|
|
|
|
sudo su balena
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
7. Clone the openBalena repository and change directory:
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
```bash
|
2022-02-24 02:09:48 +00:00
|
|
|
|
git clone https://github.com/balena-io/open-balena.git ~/open-balena
|
|
|
|
|
cd ~/open-balena
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
8. Start the server on your domain name:
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
```bash
|
2022-02-24 02:09:48 +00:00
|
|
|
|
export DNS_TLD=mydomain.com
|
|
|
|
|
make up
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
Note down `SUPERUSER_EMAIL` and `SUPERUSER_PASSWORD` values to be used later.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
9. Tail the logs of the containers with:
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
```bash
|
2022-02-24 02:09:48 +00:00
|
|
|
|
docker compose logs -f api
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
Replace `api` with the name of any one of the services from the [composition].
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
10. The server can be stopped with:
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
```bash
|
2022-02-24 02:09:48 +00:00
|
|
|
|
make down
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
The server can also be restarted using `make restart`.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
To update openBalena, run:
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
```bash
|
|
|
|
|
make update
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
### Test the openBalena server
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
To confirm that everything is running correctly, try a simple request from the local
|
|
|
|
|
machine to the server after registering its CA certificate(s) with the host:
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
```bash
|
2022-02-24 02:09:48 +00:00
|
|
|
|
make self-signed
|
|
|
|
|
make verify
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
Note, if you've previously stopped the server with `make down`, run `make up` again first.
|
|
|
|
|
|
|
|
|
|
Congratulations! The openBalena server is up and running. The next step is to setup your
|
|
|
|
|
local machine to use this server, provision a device and deploy a small project.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
### Install self-signed certificates on the local machine.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
The installation of the openBalena server produces a self-signed certificate by default,
|
|
|
|
|
which must be trusted by all devices communicating with it. This type of configuration is
|
|
|
|
|
not recommended for production deployments, skip to [SSL Configuration](#ssl-configuration)
|
|
|
|
|
instead.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
The root CA bundle can be found at `.balena/ca-${DNS_TLD}.pem` on the server. Follow the
|
|
|
|
|
steps below for your specific local machine platform after manually copying it across.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
#### Linux:
|
|
|
|
|
|
|
|
|
|
```bash
|
2022-02-24 02:09:48 +00:00
|
|
|
|
sudo cp ca.pem /usr/local/share/ca-certificates/
|
2022-11-07 22:07:47 +00:00
|
|
|
|
sudo update-ca-certificates
|
|
|
|
|
sudo systemctl restart docker
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
#### macOS:
|
|
|
|
|
|
|
|
|
|
```bash
|
2022-02-24 02:09:48 +00:00
|
|
|
|
sudo security add-trusted-cert -d \
|
|
|
|
|
-r trustRoot \
|
|
|
|
|
-k /Library/Keychains/System.keychain \
|
|
|
|
|
ca.pem
|
|
|
|
|
|
|
|
|
|
curl http://localhost/engine/restart \
|
|
|
|
|
-H 'Content-Type: application/json' \
|
|
|
|
|
-d '{"openContainerView": true}' \
|
|
|
|
|
--unix-socket ~/Library/Containers/com.docker.docker/Data/backend.sock
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
#### Windows:
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
```PowerShell
|
|
|
|
|
certutil -addstore -f "ROOT" ca.pem
|
|
|
|
|
Stop-Service -Name Docker
|
|
|
|
|
Start-Service -Name Docker
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
### SSL Configuration
|
|
|
|
|
|
|
|
|
|
opeBalena server now uses automatic SSL configuration via ACME [DNS-01] challenge[^1]. Support
|
|
|
|
|
for the following DNS providers is currently implemented:
|
|
|
|
|
|
|
|
|
|
* Cloudflare
|
|
|
|
|
* Gandi
|
|
|
|
|
|
|
|
|
|
#### Cloudflare
|
|
|
|
|
|
|
|
|
|
Obtain a Cloudflare API token with write access to your openBalena domain name records:
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
export ACME_EMAIL=acme@mydomain.com
|
|
|
|
|
export CLOUDFLARE_API_TOKEN={{token}}
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
#### Gandi
|
|
|
|
|
|
|
|
|
|
Obtain a Gandi API token with write access to your openBalena domain name records:
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
export ACME_EMAIL=acme@mydomain.com
|
|
|
|
|
export GANDI_API_TOKEN={{token}}
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
#### Re-configure and test the server
|
|
|
|
|
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```bash
|
2022-02-24 02:09:48 +00:00
|
|
|
|
make auto-pki
|
|
|
|
|
make verify
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
#### Custom SSL
|
|
|
|
|
|
|
|
|
|
openBalena server also supports custom/manual TLS configuration. You must supply your own
|
|
|
|
|
SSL certificate, private key and a full certificate signing chain. A wildcard SSL
|
|
|
|
|
certificate covering the whole domain is recommended.
|
|
|
|
|
|
|
|
|
|
1. After obtaining your certificate, run the following commands on openBalena server:
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
export HAPROXY_CRT="{{ base64 encoded server certificate }}"
|
|
|
|
|
export ROOT_CA="{{ .. intermediate certificates }}"
|
|
|
|
|
export HAPROXY_KEY="{{ .. private key }}"
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
Pipe the plaintext via `.. | openssl base64 -A` to encode.
|
|
|
|
|
|
|
|
|
|
2. Re-configure and test the server:
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
make pki-custom
|
|
|
|
|
make verify
|
|
|
|
|
```
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
### Install the balena CLI on the local machine
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
Follow the [balena CLI installation instructions] to install the balena CLI on the local
|
|
|
|
|
machine.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
By default, the CLI targets the balenaCloud servers at `balena-cloud.com`, and
|
|
|
|
|
needs to be configured to target the openBalena server instead. Add the following
|
|
|
|
|
line to the CLI's configuration file, replacing `"mydomain.com"` with the domain
|
|
|
|
|
name of the openBalena server:
|
|
|
|
|
|
|
|
|
|
```yaml
|
|
|
|
|
balenaUrl: 'mydomain.com'
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
The CLI configuration file can be found at:
|
|
|
|
|
|
|
|
|
|
- On Linux or macOS: `~/.balenarc.yml`
|
|
|
|
|
- On Windows: `%UserProfile%\_balenarc.yml`
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
If the file does not already exist, just create it. Alternatively, `BALENARC_BALENA_URL`
|
|
|
|
|
environment variable can be set to point to `"mydomain.com"`.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
Wrapping up the CLI installation, set an environment variable that points to the
|
|
|
|
|
root certificate copied previously on the local machine. This step is to ensure
|
2022-02-24 02:09:48 +00:00
|
|
|
|
the CLI can securely interact with the openBalena server when running self-signed PKI.
|
|
|
|
|
This step can be skipped if the server is operating with publicly trusted PKI.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
| Shell | Command |
|
|
|
|
|
| ------------------ | ---------------------------------------------- |
|
2022-02-24 02:09:48 +00:00
|
|
|
|
| bash | `export NODE_EXTRA_CA_CERTS='/path/to/ca.pem'` |
|
|
|
|
|
| Windows cmd.exe | `set NODE_EXTRA_CA_CERTS=C:\path\to\ca.pem` |
|
|
|
|
|
| Windows PowerShell | `$Env:NODE_EXTRA_CA_CERTS="C:\path\to\ca.pem"` |
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
### Deploy an application
|
|
|
|
|
|
|
|
|
|
The commands below should be run on a terminal on the local machine (where the
|
|
|
|
|
balena CLI is installed). Ensure that the `NODE_EXTRA_CA_CERTS` environment
|
|
|
|
|
variable is set, as discussed above.
|
|
|
|
|
|
|
|
|
|
#### Login to openBalena
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
Run `balena login`, select `Credentials` and use `SUPERUSER_EMAIL` and
|
|
|
|
|
`SUPERUSER_PASSWORD` generated during `make up` step to login to the openBalena server.
|
|
|
|
|
At any time, `balena whoami` command may be used to check which server the CLI is
|
|
|
|
|
authenticated with.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
#### Create an application
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
Create a new application with `balena fleet create myApp`. Select the application's
|
2022-11-07 22:07:47 +00:00
|
|
|
|
default device type with the interactive prompt. The examples in this guide assume
|
|
|
|
|
a Raspberry Pi 3.
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
An application contains devices that share the same architecture (such as ARM or Intel),
|
|
|
|
|
and also contains code releases that are deployed to the devices. When a device is
|
|
|
|
|
provisioned, it is added to an application, but can be migrated to another application at
|
|
|
|
|
any time. There is no limit to the number of applications that can be created or to the
|
|
|
|
|
number of devices that can be provisioned.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
At any time, the server can be queried for all the applications it knows about
|
|
|
|
|
with the following command:
|
|
|
|
|
|
|
|
|
|
```bash
|
2022-02-24 02:09:48 +00:00
|
|
|
|
balena fleets
|
|
|
|
|
Id App name Slug Device type Device count Online devices
|
|
|
|
|
── ──────── ─────────── ──────────── ──────────── ──────────────
|
|
|
|
|
1 myApp admin/myapp raspberrypi3 0 0
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
#### Provision a new device
|
|
|
|
|
|
|
|
|
|
Once we have an application, it’s time to start provisioning devices. To do this,
|
2022-02-24 02:09:48 +00:00
|
|
|
|
first download a [balenaOS] image for your device. For this example we are using a
|
|
|
|
|
Raspberry Pi 3.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
Unzip the downloaded image and use the balena CLI to configure it:
|
|
|
|
|
|
|
|
|
|
```bash
|
2022-02-24 02:09:48 +00:00
|
|
|
|
balena os configure --dev --fleet myApp ~/Downloads/raspberrypi3-5.2.8-v16.1.10.img
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
Flash the configured image to an SD card using [Etcher] or balena CLI:
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
sudo balena local flash ~/Downloads/raspberrypi3-5.2.8-v16.1.10.img
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
Insert the SD card into the device and power it on. The device will register with the
|
|
|
|
|
openBalena server and after about two minutes will be inspectable:
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
balena devices
|
2022-02-24 02:09:48 +00:00
|
|
|
|
ID UUID DEVICE NAME DEVICE TYPE FLEET STATUS IS ONLINE SUPERVISOR VERSION OS VERSION
|
|
|
|
|
1 560dcc2 quiet-rock raspberrypi3 admin/myapp Idle true 16.1.10 balenaOS 5.2.8
|
|
|
|
|
|
|
|
|
|
balena device 560dcc2
|
|
|
|
|
== WANDERING RAIN
|
|
|
|
|
ID: 1
|
|
|
|
|
DEVICE TYPE: raspberrypi3
|
|
|
|
|
STATUS: idle
|
|
|
|
|
IS ONLINE: true
|
|
|
|
|
IP ADDRESS: 192.168.1.42
|
|
|
|
|
MAC ADDRESS: B8:27:DE:AD:BE:EF
|
|
|
|
|
FLEET: admin/myapp
|
|
|
|
|
LAST SEEN: 1977-08-20T14:29:00.042Z
|
|
|
|
|
UUID: 560dcc24b221c8a264d5bd981284801f
|
|
|
|
|
COMMIT: N/a
|
|
|
|
|
SUPERVISOR VERSION: 16.1.10
|
|
|
|
|
IS WEB ACCESSIBLE: false
|
|
|
|
|
OS VERSION: balenaOS 5.2.8
|
|
|
|
|
DASHBOARD URL: https://dashboard.mydomain.com/devices/560dcc24b221c8a264d5bd981284801f/summary
|
|
|
|
|
CPU USAGE PERCENT: 2
|
|
|
|
|
CPU TEMP C: 39
|
|
|
|
|
CPU ID: 00000000335956af
|
|
|
|
|
MEMORY USAGE MB: 140
|
|
|
|
|
MEMORY TOTAL MB: 971
|
|
|
|
|
MEMORY USAGE PERCENT: 14
|
|
|
|
|
STORAGE BLOCK DEVICE: /dev/mmcblk0p6
|
|
|
|
|
STORAGE USAGE MB: 76
|
|
|
|
|
STORAGE TOTAL MB: 14121
|
|
|
|
|
STORAGE USAGE PERCENT: 1
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
Note, even though the dashboard URL is populated, there is no dashboard service in
|
|
|
|
|
openBalena.
|
|
|
|
|
|
2022-11-07 22:07:47 +00:00
|
|
|
|
It's time to deploy code to the device.
|
|
|
|
|
|
|
|
|
|
#### Deploy a project
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
Application release images are built on the local machine using the balena CLI. Ensure the
|
|
|
|
|
root certificate has been correctly installed on the local machine, as discussed above.
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
Let's create a trivial project that logs "Idling...". On an empty directory, create a new
|
|
|
|
|
file named `Dockerfile.template` with the following contents:
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
```dockerfile
|
|
|
|
|
FROM balenalib/%%BALENA_MACHINE_NAME%%-alpine
|
|
|
|
|
|
|
|
|
|
CMD [ "balena-idle" ]
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
Then build and deploy the project with:
|
|
|
|
|
|
|
|
|
|
```bash
|
2022-02-24 02:09:48 +00:00
|
|
|
|
balena deploy --noparent-check myApp
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
The project will have been successfully built when a friendly unicorn appears in the
|
|
|
|
|
terminal:
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
```bash
|
2022-02-24 02:09:48 +00:00
|
|
|
|
[Info] No "docker-compose.yml" file found at "~/open-balena/balena-idle"
|
|
|
|
|
[Info] Creating default composition with source: "~/open-balena/balena-idle"
|
|
|
|
|
[Info] Everything is up to date (use --build to force a rebuild)
|
2022-11-07 22:07:47 +00:00
|
|
|
|
[Info] Creating release...
|
|
|
|
|
[Info] Pushing images to registry...
|
|
|
|
|
[Info] Saving release...
|
|
|
|
|
[Success] Deploy succeeded!
|
2022-02-24 02:09:48 +00:00
|
|
|
|
[Success] Release: 50be7bdb0ea6819c91a5dd7bcd7635ad
|
|
|
|
|
|
|
|
|
|
\
|
|
|
|
|
\
|
|
|
|
|
\\
|
|
|
|
|
\\
|
|
|
|
|
>\/7
|
|
|
|
|
_.-(6' \
|
|
|
|
|
(=___._/` \
|
|
|
|
|
) \ |
|
|
|
|
|
/ / |
|
|
|
|
|
/ > /
|
|
|
|
|
j < _\
|
|
|
|
|
_.-' : ``.
|
|
|
|
|
\ r=._\ `.
|
|
|
|
|
<`\\_ \ .`-.
|
|
|
|
|
\ r-7 `-. ._ ' . `\
|
|
|
|
|
\`, `-.`7 7) )
|
|
|
|
|
\/ \| \' / `-._
|
|
|
|
|
|| .'
|
|
|
|
|
\\ (
|
|
|
|
|
>\ >
|
|
|
|
|
,.-' >.'
|
|
|
|
|
<.'_.''
|
|
|
|
|
<'
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
This command packages up the local directory, creates a new Docker image from it and
|
|
|
|
|
pushes it to the openBalena server. In turn, the server will deploy it to all provisioned
|
|
|
|
|
devices and within a couple of minutes, they will all run the new release. Logs can be
|
|
|
|
|
viewed with:
|
2022-11-07 22:07:47 +00:00
|
|
|
|
|
|
|
|
|
```bash
|
2022-02-24 02:09:48 +00:00
|
|
|
|
balena logs --tail 560dcc2
|
|
|
|
|
[Logs] [2024-05-02T15:59:31.383Z] Supervisor starting
|
|
|
|
|
[Logs] [2024-05-02T15:59:37.552Z] Applying configuration change {"SUPERVISOR_VPN_CONTROL":"true"}
|
|
|
|
|
[Logs] [2024-05-02T15:59:37.599Z] Applied configuration change {"SUPERVISOR_VPN_CONTROL":"true"}
|
|
|
|
|
[Logs] [2024-05-02T15:59:40.331Z] Creating network 'default'
|
|
|
|
|
[Logs] [2024-05-02T16:11:15.331Z] Supervisor starting
|
|
|
|
|
[Logs] [2024-05-02T16:44:08.199Z] Creating volume 'resin-data'
|
|
|
|
|
[Logs] [2024-05-02T16:44:08.572Z] Downloading image 'registry2.mydomain.com/v2/…
|
2022-11-07 22:07:47 +00:00
|
|
|
|
…
|
2022-02-24 02:09:48 +00:00
|
|
|
|
[Logs] [2024-05-02T16:44:37.200Z] [main] Idling...
|
|
|
|
|
[Logs] [2024-05-02T16:44:37.200Z] [main] Idling...
|
2022-11-07 22:07:47 +00:00
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
Enjoy Balenafying All the Things!
|
|
|
|
|
|
|
|
|
|
## Next steps
|
|
|
|
|
|
2022-02-24 02:09:48 +00:00
|
|
|
|
- Try out [local mode], which allows you to build and sync code to your device locally for
|
|
|
|
|
rapid development.
|
|
|
|
|
- Develop an application with [multiple containers] to provide a more modular approach to
|
|
|
|
|
application management.
|
|
|
|
|
- Manage your device fleet with the use of [configuration] and [environment] variables.
|
|
|
|
|
- Explore our [example projects] to give you an idea of more things you can do with
|
|
|
|
|
balena.
|
|
|
|
|
- If you find yourself stuck or confused, help is just [a click away].
|
|
|
|
|
- Pin selected devices to selected code releases using [sample scripts].
|
|
|
|
|
- To change the superuser password after setting the credentials, follow this [forum post]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[^1]: If DNS validation is not an option, [acme.sh] or [certbot] can be used to manually
|
|
|
|
|
issue a certificate, which can then be set using the [custom SSL](#custom-ssl) workflow.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[local mode]: https://www.balena.io/docs/learn/develop/local-mode
|
|
|
|
|
[multiple containers]: https://www.balena.io/docs/learn/develop/multicontainer
|
|
|
|
|
[configuration]: https://www.balena.io/docs/learn/manage/configuration
|
|
|
|
|
[environment]: https://www.balena.io/docs/learn/manage/serv-vars
|
|
|
|
|
[example projects]: https://balena.io/blog/tags/etcher-featured
|
|
|
|
|
[a click away]: https://www.balena.io/support
|
|
|
|
|
[sample scripts]: https://github.com/balena-io-examples/staged-releases
|
|
|
|
|
[forum post]: https://forums.balena.io/t/upate-superuser-password/4738/6
|
|
|
|
|
[balena CLI installation instructions]: https://github.com/balena-io/balena-cli/blob/master/INSTALL.md
|
|
|
|
|
[Etcher]: https://balena.io/etcher
|
|
|
|
|
[balenaOS]: https://balena.io/os/#download
|
|
|
|
|
[balenaEngine]: https://www.balena.io/engine
|
|
|
|
|
[Docker]: https://docs.docker.com/get-docker
|
|
|
|
|
[Docker Engine]: https://docs.docker.com/engine/install
|
|
|
|
|
[Change cgroup version]: https://docs.docker.com/config/containers/runmetrics/#changing-cgroup-version
|
|
|
|
|
[composition]: https://github.com/balena-io/open-balena/blob/master/docker-compose.yml
|
|
|
|
|
[DNS-01]: https://letsencrypt.org/docs/challenge-types/#dns-01-challenge
|
|
|
|
|
[acme.sh]: https://github.com/acmesh-official/acme.sh
|
|
|
|
|
[certbot]: https://certbot.eff.org/
|