Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / f05e80af8721a0b0ccf5425c4775695d84d09fdf
commitf05e80af8721a0b0ccf5425c4775695d84d09fdf[log] [tgz]
authorSerge Bazanski <serge@monogon.tech>Tue Oct 12 11:53:34 2021 +0200
committerSergiusz Bazanski <serge@monogon.tech>Thu Dec 16 16:32:51 2021 +0000
tree1f4f15962293b345b02ae66e588a9aad35ce2be3
parenta9b455f2be1fb9dbda3217adb69bc0076113a814 [diff]
m/n/core/consensus: refactor for reliability and multinode support

This implements a big refactor of our consensus service/runnable.

First, we move away from the old bespoke API for retrieving the
consensus status (and consensus clients) into using Event Values, as the
rest of the codebase does.

Second, we move away from the bespoke PKI library used to generate
certificates in-memory and then commit them to etcd into using the
standard metropolis pki library. We then change the bootstrap process to
start a PKI-less etcd instance first, generate the PKI data directly on
the running instance, and then restart into a fully PKI-supporting etcd
instance.

We also move away from using etcd-specific private keys into reusing the
node's private key. This makes management slightly easier, but reviewers
should consider the security implications of this change.

Finally, we implement and test multi-member cluster support, which is
done by exposing an AddNode method to the newly exposed status, and a
JoinCluster option in the node configuration.

Change-Id: Iea2bf6114cb699d3792efd45d06de2fa5a48feb1
Reviewed-on: https://review.monogon.dev/c/monogon/+/466
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>
9 files changed
tree: 1f4f15962293b345b02ae66e588a9aad35ce2be3
  1. build/
  2. intellij/
  3. metropolis/
  4. scripts/
  5. third_party/
  6. .bazelignore
  7. .bazelproject
  8. .bazelrc
  9. .git-ignore-revs
  10. .gitignore
  11. BUILD
  12. CODING_STANDARDS.md
  13. LICENSE
  14. README.md
  15. WORKSPACE
README.md

Monogon Monorepo

This is the main repository containing the source code for the Monogon Project.

This is pre-release software - feel free to look around, and check back later for our first release!

Environment

Our build environment requires a working Podman binary (your distribution should have one).

Usage

Spinning up: scripts/create_container.sh

Spinning down: scripts/destroy_container.sh

Running commands: scripts/run_in_container.sh <...>

Using bazel using a wrapper script: scripts/bin/bazel <...> (add to your local $PATH for convenience)

IntelliJ

This repository is compatible with the IntelliJ Bazel plugin, which enables full autocompletion for external dependencies and generated code. All commands run inside the container, and necessary paths are mapped into the container.

The following steps are necessary:

  • Install Google's Bazel plugin in IntelliJ. On IntelliJ 2020.3 or later, you need to install a beta release of the plugin.

  • Add the absolute path to your ~/.cache/bazel-monogon folder to your idea64.vmoptions (Help → Edit Custom VM Options) and restart IntelliJ:

    -Dbazel.bep.path=/home/leopold/.cache/bazel-monogon

  • Set "Bazel Binary Location" in Other Settings → Bazel Settings to the absolute path of scripts/bin/bazel. This is a wrapper that will execute Bazel inside the container.

  • Use File → Import Bazel project... to create a new project from .bazelproject.

After running the first sync, everything should now resolve in the IDE, including generated code.

Metropolis

Run a single node cluster

Launch the node:

scripts/bin/bazel run //:launch

Run a kubectl command:

scripts/bin/bazel run //metropolis/cli/dbg -- kubectl describe

Run tests:

scripts/bin/bazel test //...