From 0b86dcfa7ca3bc1342d1379a29a91f30f861fee2 Mon Sep 17 00:00:00 2001
From: Corentin LABBE <clabbe@baylibre.com>
Date: Fri, 4 Sep 2020 09:18:57 +0200
Subject: README: add more ZMQ documentation

This patch adds more ZMQ documentation
---
 README.md | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

(limited to 'README.md')

diff --git a/README.md b/README.md
index e2ee11e..220221b 100644
--- a/README.md
+++ b/README.md
@@ -412,6 +412,31 @@ For running all images, simply run:
 docker-compose up -d
 ```
 
+### Enabling ZMQ encryption
+Enabling ZMQ is all or nothing.
+You need to generate keys for both master AND workers.
+Generate thoses keys via:
+```
+zmqauth/zmq_auth_gen/create_certificate.py --directory . nameofyourworker
+```
+This will produce two files:
+* A public key ending with ".key"
+* A private key ending with ".key_secret"
+
+Since ZMQ keys does not store any information like name, filename could be different between master and workers.
+
+As general note, LAVA will use the hostname (and so the name in the master/worker node) for finding ZMQ keys.
+
+#### Naming convention for master
+ZMQ key for master should be named according to the name used in master node.
+ZMQ key for worker should be named according to the name in the worker node
+lava-docker will automaticly copy master zmq_auth_key/zmq_auth_key_secret to name.key/name.key_secret
+
+#### Naming convention for workers
+ZMQ public key for master should be named according to the remote_address used in worker node.
+ZMQ key for worker should be named according to the name in the worker node
+lava-docker will automaticly copy master zmq_auth_master_key to remote_address.key
+
 ## Proxy cache (Work in progress)
 A squid docker is provided for caching all LAVA downloads (image, dtb, rootfs, etc...)<br/>
 For the moment, it is unsupported and unbuilded.
-- 
cgit 1.2.3-korg