m/node: pass node identity into k8s
This plumbs through the node identity to K8s as an identity.Node
object and gets rid of the os.Hostname invocation that passed around
this data out-of-band. It also changes everything in its path to use
the newer identity.Node object instead of a plain string so that the
Metropolis Identity CA is more accessible.
Change-Id: I6db8e1db7e333c0ea364aefd61c27bf50acc25f3
Reviewed-on: https://review.monogon.dev/c/monogon/+/505
Reviewed-by: Sergiusz Bazanski <serge@monogon.tech>
diff --git a/metropolis/node/core/roleserve/roleserve.go b/metropolis/node/core/roleserve/roleserve.go
index d7e3d2f..57e6a7a 100644
--- a/metropolis/node/core/roleserve/roleserve.go
+++ b/metropolis/node/core/roleserve/roleserve.go
@@ -22,6 +22,7 @@
"google.golang.org/grpc"
cpb "source.monogon.dev/metropolis/node/core/curator/proto/api"
+ "source.monogon.dev/metropolis/node/core/identity"
"source.monogon.dev/metropolis/node/core/localstorage"
"source.monogon.dev/metropolis/node/core/network"
"source.monogon.dev/metropolis/node/kubernetes"
@@ -51,8 +52,8 @@
// this will probably be provisioned by the Kubernetes workload itself.
KPKI *pki.PKI
- // NodeID is the node ID on which the roleserver is running.
- NodeID string
+ // Node is the node identity on which the roleserver is running.
+ Node *identity.Node
}
// Service is the roleserver/“Role Server” service. See the package-level
@@ -158,7 +159,7 @@
func (s *Service) runUpdater(ctx context.Context) error {
srv, err := s.curator.Watch(ctx, &cpb.WatchRequest{Kind: &cpb.WatchRequest_NodeInCluster_{
NodeInCluster: &cpb.WatchRequest_NodeInCluster{
- NodeId: s.NodeID,
+ NodeId: s.Node.ID(),
},
}})
if err != nil {
@@ -174,7 +175,7 @@
}
supervisor.Logger(ctx).Infof("Received node event: %+v", ev)
for _, node := range ev.Nodes {
- if node.Id != s.NodeID {
+ if node.Id != s.Node.ID() {
continue
}
s.kwC <- node