At some point a token has to be created for a PKI worker – one of these had to be done:
the worker started up and created its own token, and you then took that token to the admin GUI and approved the worker
you created the worker in the admin GUI before starting the worker process, and then took the configuration generated and started the worker with it
I think something else must have happened there though because you’re getting errors that don’t fit with the worker having not registered with the control plane yet. My best advice at this point is probably to start over from scratch. I wouldn’t mix OSS and HCP deployments either – start with one, make sure it works, then reset and go through the other. (Remember that the worker version needs to match the control plane version, and if you want to use the HCP-only features, your worker needs to be the Enterprise build for HCP Boundary 0.13, not the OSS build.)
Thanks for the feedback after i start from the scratch only using HCP Boundary i got error while following this guideline Access HCP Boundary | Boundary | HashiCorp Developer at the command boundary authenticate i got this error
This is a flag you need to add to the end of the boundary authenticate command. You can validate details such as this with the -h or -help option like so:
boundary authenticate -h
Which then provides options available within the command:
-keyring-type=<string>
The type of keyring to use. Defaults to "auto" which will use the
Windows credential manager, OSX keychain, or cross-platform password
store depending on platform. Set to "none" to disable keyring
functionality. Available types, depending on platform, are: "wincred",
"keychain", "pass", and "secret-service". The default is auto. This can
also be specified via the BOUNDARY_KEYRING_TYPE environment variable.
pass is a password manager that stores sensitive values in a password store. For info on the pass utility you can use the command man pass. Similarly if you want to know what the keyring function is, its man page can be accessed with man keyrings. Essentially, it is a way to cache security data/credentials/keys.
If you are not familiar with GPG, I would not recommend utilising it here unless there is a specific requirement.
BOUNDARY_ADMIN is in fact irrelevant for that tutorial.
The only thing you need to do is to export the variable BOUNDARY_TOKEN with the value of the token printed on the screen by boundary authenticate -keyring-type none (security tip: do not post your token publicly!)
Then follow the tutorial and append -token env://BOUNDARY_TOKEN to every shown boundary command.
Thank you for the reply @macmiranda and @martinhristov90 right now i have problem with the worker for HCP Boundary. My target is Ubuntu machine inside of my vmware esxi. I use the config on the admin ui.
Okay i understand for now thanks for the help so far. I will play with the OSS Boundary for now. Thank you @omkensey@macmiranda@conor-mccullough@martinhristov90 for the help from the beginning it help me a lot for understanding problem that i encountered.
