metropolis/node/core/curator/proto/private/storage.proto - monogon - Gitiles

 syntax = "proto3";
 option go_package = "source.monogon.dev/metropolis/node/core/curator/proto/private";
 package metropolis.node.core.curator.proto.private;

 import "metropolis/proto/common/common.proto";

 // Node describes a single node's state in etcd. This is only ever visible to
 // the curator, and fully managed by the curator.
 //
 // Serialized nodes are stored in /nodes/$id, where $id is the node's ID as
 // calculated from its public key.
 message Node {
     // The node's public key.
     bytes public_key = 1;
     // Node's individual cluster part of the data partition encryption key. It
     // is combined with the Node Unlock Key (NUK) kept within
     // SealedConfiguration.
     bytes cluster_unlock_key = 2;

     // The node's state, as seen by the cluster. This state is persisted and
     // represents the progress the node is making through registering into the
     // cluster or joining the cluster.
     metropolis.proto.common.NodeState fsm_state = 3;

     // The node's intended roles when running.
     metropolis.proto.common.NodeRoles roles = 4;

     metropolis.proto.common.NodeStatus status = 5;
 }

 // Information about the cluster owner, currently the only Metropolis management
 // entity, named 'owner' in public APIs.
 //
 // This is populated from NodeParameters.cluster_bootstrap.owner_public_key on
 // cluster bootstrap.
 //
 // MVP: In the future, once we have implemented a manager/user entity system,
 // this will be replaced by a proper per-user entry.
 //
 // Stored under /global/initial_owner (see curator.initialOwnerEtcdPath).
 message InitialOwner {
     // ED25519 public key of cluster owner.
     bytes public_key = 1;
 }

 // A blob which needs to be provided by nodes registering into the cluster.
 // Presenting this ticket on registration does not automatically grant access
 // to arbitrary node registration. Instead it is used to guard the API surface
 // of the Register RPC from potential denial of service attacks, and can be
 // regenerated at any time in case it leaks.
 //
 // Stored under /global/register_ticket (see curator.registerTicketEtcdPath).
 message RegisterTicket {
     bytes opaque = 1;
 }
	syntax = "proto3";
	option go_package = "source.monogon.dev/metropolis/node/core/curator/proto/private";
	package metropolis.node.core.curator.proto.private;

	import "metropolis/proto/common/common.proto";

	// Node describes a single node's state in etcd. This is only ever visible to
	// the curator, and fully managed by the curator.
	//
	// Serialized nodes are stored in /nodes/$id, where $id is the node's ID as
	// calculated from its public key.
	message Node {
	// The node's public key.
	bytes public_key = 1;
	// Node's individual cluster part of the data partition encryption key. It
	// is combined with the Node Unlock Key (NUK) kept within
	// SealedConfiguration.
	bytes cluster_unlock_key = 2;

	// The node's state, as seen by the cluster. This state is persisted and
	// represents the progress the node is making through registering into the
	// cluster or joining the cluster.
	metropolis.proto.common.NodeState fsm_state = 3;

	// The node's intended roles when running.
	metropolis.proto.common.NodeRoles roles = 4;

	metropolis.proto.common.NodeStatus status = 5;
	}

	// Information about the cluster owner, currently the only Metropolis management
	// entity, named 'owner' in public APIs.
	//
	// This is populated from NodeParameters.cluster_bootstrap.owner_public_key on
	// cluster bootstrap.
	//
	// MVP: In the future, once we have implemented a manager/user entity system,
	// this will be replaced by a proper per-user entry.
	//
	// Stored under /global/initial_owner (see curator.initialOwnerEtcdPath).
	message InitialOwner {
	// ED25519 public key of cluster owner.
	bytes public_key = 1;
	}

	// A blob which needs to be provided by nodes registering into the cluster.
	// Presenting this ticket on registration does not automatically grant access
	// to arbitrary node registration. Instead it is used to guard the API surface
	// of the Register RPC from potential denial of service attacks, and can be
	// regenerated at any time in case it leaks.
	//
	// Stored under /global/register_ticket (see curator.registerTicketEtcdPath).
	message RegisterTicket {
	bytes opaque = 1;
	}