metropolis/proto: EnrolmentConfig -> NodeParameters
This starts off the move to a node configuration API conforming to
the lifecycle management design document.
Instead of an Enrolment Config used only to join an existing cluster, we
move to a NodeParameters proto that must always be given to a node if
it's supposed to either bootstrap a new cluster or join an existing one.
This links the existing cluster management code (and its state machine)
to work with this file. However, that state machine will be removed very
soon, anyway.
We also remove everything related to golden tickets.
This breaks multi-node tests.
X-Origin-Diff: phab/D710
GitOrigin-RevId: f22615fbccab975f2d5e6928bdc7387ab3aa5714
diff --git a/metropolis/proto/api/BUILD.bazel b/metropolis/proto/api/BUILD.bazel
index e7b4cc7..5004440 100644
--- a/metropolis/proto/api/BUILD.bazel
+++ b/metropolis/proto/api/BUILD.bazel
@@ -6,8 +6,8 @@
name = "api_proto",
srcs = [
"aaa.proto",
+ "configuration.proto",
"debug.proto",
- "enrolment.proto",
],
visibility = ["//visibility:public"],
)
diff --git a/metropolis/proto/api/configuration.proto b/metropolis/proto/api/configuration.proto
new file mode 100644
index 0000000..8c953ed
--- /dev/null
+++ b/metropolis/proto/api/configuration.proto
@@ -0,0 +1,36 @@
+// Copyright 2020 The Monogon Project Authors.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+package metropolis.proto.api;
+option go_package = "source.monogon.dev/metropolis/proto/api";
+
+// NodeParameters is the data with which a Node is set booted. It contains the
+// configuration required for a node to either bootstrap a new cluster, or
+// register into an existing one.
+// It is serialized into a proto message and supplied to Metropolis in an
+// implementation-specific way (currently: either on ESP partition or via qemu
+// fw_cfg).
+message NodeParameters {
+ message ClusterBootstrap {
+ }
+ message ClusterRegister {
+ }
+ oneof cluster {
+ ClusterBootstrap cluster_bootstrap = 1;
+ ClusterRegister cluster_register = 2;
+ }
+}
diff --git a/metropolis/proto/api/debug.proto b/metropolis/proto/api/debug.proto
index fddd750..25e369e 100644
--- a/metropolis/proto/api/debug.proto
+++ b/metropolis/proto/api/debug.proto
@@ -18,8 +18,6 @@
package metropolis.proto.api;
option go_package = "source.monogon.dev/metropolis/proto/api";
-import "metropolis/proto/api/enrolment.proto";
-
// NodeDebugService exposes debug and testing endpoints that allow introspection into a running Metropolis node.
// It is not authenticated and will be disabled in production. It is currently consumed by metropolis/cli/dbg and
// by tests.
@@ -41,10 +39,6 @@
//
// TODO(q3k): move method and its related messages to the non-debug node endpoint once we have one.
rpc GetLogs(GetLogsRequest) returns (stream GetLogsResponse);
-
- // GetGoldenTicket requests a 'golden ticket' which can be used to enroll any node into the cluster.
- // This bypasses integrity checks.
- rpc GetGoldenTicket(GetGoldenTicketRequest) returns (GetGoldenTicketResponse);
}
@@ -152,13 +146,3 @@
Raw raw = 3;
}
}
-
-message GetGoldenTicketRequest {
- // IP address at which the new node will run.
- string external_ip = 1;
-}
-
-message GetGoldenTicketResponse {
- // Ticket to use in the new node's EnrolmentConfig.
- GoldenTicket ticket = 1;
-}
diff --git a/metropolis/proto/api/enrolment.proto b/metropolis/proto/api/enrolment.proto
deleted file mode 100644
index cf66adb..0000000
--- a/metropolis/proto/api/enrolment.proto
+++ /dev/null
@@ -1,64 +0,0 @@
-// Copyright 2020 The Monogon Project Authors.
-//
-// SPDX-License-Identifier: Apache-2.0
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-syntax = "proto3";
-package metropolis.proto.api;
-option go_package = "source.monogon.dev/metropolis/proto/api";
-
-// EnrolmentConfig is the single Metropolis node boot configuration file
-// contained in the ESP. It configures the way the node will start up (what
-// cluster it will join/enroll into/create).
-message EnrolmentConfig {
- // Debug/temporary cluster enrolment method. If set, the node will attempt to enroll into the
- // cluster that this ticket was generated for. Otherwise, a new cluster will be created.
- GoldenTicket golden_ticket = 1;
-
- // Filled in by node after it is enrolled
- string node_id = 2;
-}
-
-// GoldenTicket is a ticket that allows any node to enroll into a cluster, bypassing any integrity
-// checks.
-//
-// Currently, enrolling into a cluster does not use a TPM-based workflow, and instead
-// bases on a simplified workflow of joining consensus by being started with a
-// TLS client certificate. This is a short-circuit fix to allow multi-node
-// clusters for testing before we design the final cluster node lifecycle system.
-message GoldenTicket {
- // Etcd peer CA certificate.
- bytes etcd_ca_cert = 1;
- // Etcd peer client certificate.
- bytes etcd_client_cert = 2;
- // Etcd peer client key.
- bytes etcd_client_key = 3;
- // Initial etcd peer CRL.
- bytes etcd_crl = 4;
-
- message EtcdPeer {
- string name = 1;
- string address = 2;
- }
- // All other current etcd peers in the cluster.
- repeated EtcdPeer peers = 5;
- // The peer that this node should start running.
- EtcdPeer this = 6;
-
- // Node configuration. Currently unused (in the future, this will be used to run a node
- // management service separate from etcd clustering).
- string node_id = 7;
- bytes node_cert = 8;
- bytes node_key = 9;
-}