rkt supports measuring container state and configuration into the Trusted Platform Module (TPM) event log. Enable this functionality by building rkt with the --enable-tpm=yes option to ./configure. rkt accesses the TPM via the tpmd executable available from the go-tspi project. This tpmd is expected to listen on port 12041.
Events are logged to PCR 15, with event type 0x1000. Each event contains the following data:
- The hash of the container root filesystem
- The hash of the contents of the container manifest data
- The hash of the arguments passed to
stage1
This provides a cryptographically verifiable audit log of the containers executed on a node, including the configuration of each.