As the creator of aktualizr-lite, I often underestimate the difficulty in understanding what aktualizr-lite is trying to do. Rather than typing the same few things in Slack over and over, I thought I'd try to write down what aktualizr-lite is "thinking".
Built on a vision that the latest software is the most secure, software updates are central to the FoundriesFactory security story. What happens, however, when software delivery is compromised? Is recovery complicated? Enter TUF key rotation!
Earlier this year, I found myself pushing the idea of an "anonymous mode" for the Aktualizr project which is the OTA agent running in the LMP. This turned into "aktualizr-lite" and has recently become the default OTA agent used by the LMP. This article explains what aktualizr-lite is and why we are using it.
Continuing with the OTA blog series part one and part two, this article shows you how to deploy OTA Connect using the OTA Community Edition into Google's Kubernetes Engine (GKE). After completion of these instructions, you'll have an OTA Connect server available on the internet with a single QEMU device registered to it.