commit 5839e97231f31fac6730a1d553fe7114d37a1521
author Serge Bazanski <serge@monogon.tech> Tue Nov 16 15:46:19 2021 +0100
committer Sergiusz Bazanski <serge@monogon.tech> Wed Feb 23 16:15:54 2022 +0000
tree 9a3da7bf6f6546c527750bd8e5c101ecb3824740
parent 54c4f181c3195f4cc4e53aa5f8311ee161c75bbd

m/n/core/{curator,cluster}: refactor against new Consensus API

This updates the Curator and the Cluster Manager to use the new
Consensus API, notably to use JoinParameters and ServiceHandle.Watch.

Using JoinParameters end-to-end requires piping them through a node's
roles. For this we create a new ConsensusMember role and replicate all
the data from JoinParameters there.

We also move a whole bunch of logic that used to live in the Cluster
Manager's Status object away from it. Instead, now the Consensus
ServiceHandle is exposed directly to downstream users, providing the
same functionality.

Change-Id: I8cfa247011554553836019f60ea172dd6069f49c
Reviewed-on: https://review.monogon.dev/c/monogon/+/522
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>

metropolis/node/core/main.go

diff --git a/metropolis/node/core/main.go b/metropolis/node/core/main.go
index f14b589..34fa05e 100644
--- a/metropolis/node/core/main.go
+++ b/metropolis/node/core/main.go
@@ -161,16 +161,15 @@
 		// this.
 
 		var rs *roleserve.Service
-		if status.HasLocalConsensus {
-			// Retrieve namespaced etcd KV clients for the two main direct etcd users:
-			// - Curator
-			// - Kubernetes PKI
-			ckv, err := status.ConsensusClient(cluster.ConsensusUserCurator)
+		if status.Consensus != nil {
+			w := status.Consensus.Watch()
+			supervisor.Logger(ctx).Infof("Waiting for consensus before continuing control plane startup...")
+			st, err := w.GetRunning(ctx)
 			if err != nil {
-				close(trapdoor)
-				return fmt.Errorf("failed to retrieve consensus curator client: %w", err)
+				return fmt.Errorf("while waiting for running consensus: %w", err)
 			}
-			kkv, err := status.ConsensusClient(cluster.ConsensusUserKubernetesPKI)
+			supervisor.Logger(ctx).Infof("Got consensus, continuing control plane startup...")
+			kkv, err := st.KubernetesClient()
 			if err != nil {
 				close(trapdoor)
 				return fmt.Errorf("failed to retrieve consensus kubernetes PKI client: %w", err)
@@ -182,7 +181,7 @@
 			// management of the cluster.
 			// In the future, this will only be started on nodes that run etcd.
 			c := curator.New(curator.Config{
-				Etcd:            ckv,
+				Consensus:       status.Consensus,
 				NodeCredentials: status.Credentials,
 				// TODO(q3k): make this configurable?
 				LeaderTTL: time.Second * 5,
@@ -195,7 +194,7 @@
 
 			// We are now in a cluster. We can thus access our 'node' object and
 			// start all services that we should be running.
-			logger.Info("Enrolment success, continuing startup.")
+			logger.Info("Control plane running, starting roleserver....")
 
 			// Ensure Kubernetes PKI objects exist in etcd. In the future, this logic will
 			// be implemented in the curator.