metropolis: use new OS image format for updates
This switches the node update implementation to the new OS image format
based on OCI artifacts. Updates are now fetched from an OCI registry.
To update existing clusters, build //metropolis/node:bundle in the new
version, then run the update command of the old version of metroctl with
this bundle. Once a node is updated, it only accepts updates in the
new format. It is possible to rollback if needed by building
//metropolis/node:oci_image in the old version and using the new version
of metroctl.
The node bundle target is no longer referenced anywhere, and will be
removed soon.
Change-Id: I00ac6d0d88e379259cea52c8a106204c5eb73fe7
Reviewed-on: https://review.monogon.dev/c/monogon/+/4123
Tested-by: Jenkins CI
Reviewed-by: Tim Windelschmidt <tim@monogon.tech>
diff --git a/metropolis/proto/api/management.proto b/metropolis/proto/api/management.proto
index 81d4ca0..4146c51 100644
--- a/metropolis/proto/api/management.proto
+++ b/metropolis/proto/api/management.proto
@@ -401,7 +401,7 @@
// UpdateNode updates the node operating system to a new version.
//
// Metropolis uses a side-by-side (A/B) update process. This method installs
- // the OS from the given bundle into the inactive slot, activates that slot
+ // the OS from the given image into the inactive slot, activates that slot
// and then (optionally) reboots to activate it.
rpc UpdateNode(UpdateNodeRequest) returns (UpdateNodeResponse) {
option (metropolis.proto.ext.authorization) = {
@@ -459,28 +459,6 @@
repeated osbase.logtree.proto.LogEntry stream_entries = 2;
}
-enum ActivationMode {
- ACTIVATION_MODE_INVALID = 0;
- // The new bundle is not activated immediately. It gets activated on the next
- // reboot/reset.
- ACTIVATION_MODE_NONE = 1;
- // The node is rebooted immediately to activate the new image.
- ACTIVATION_MODE_REBOOT = 2;
- // The node uses kexec to activate the new image immediately without fully
- // rebooting.
- ACTIVATION_MODE_KEXEC = 3;
-}
-
-message UpdateNodeRequest {
- // An HTTPS URL to a Metropolis bundle containing the new OS to install.
- string bundle_url = 1;
-
- reserved 2;
-
- // Specifies how the updated image should be activated.
- ActivationMode activation_mode = 3;
-}
-
// OSImageRef contains the parameters for fetching an OS image from an OCI
// registry.
message OSImageRef {
@@ -496,6 +474,28 @@
string digest = 5;
}
+enum ActivationMode {
+ ACTIVATION_MODE_INVALID = 0;
+ // The new image is not activated immediately. It gets activated on the next
+ // reboot/reset.
+ ACTIVATION_MODE_NONE = 1;
+ // The node is rebooted immediately to activate the new image.
+ ACTIVATION_MODE_REBOOT = 2;
+ // The node uses kexec to activate the new image immediately without fully
+ // rebooting.
+ ACTIVATION_MODE_KEXEC = 3;
+}
+
+message UpdateNodeRequest {
+ reserved 1, 2;
+
+ // Parameters for fetching the new OS image to install.
+ metropolis.proto.api.OSImageRef os_image = 4;
+
+ // Specifies how the updated image should be activated.
+ ActivationMode activation_mode = 3;
+}
+
message UpdateNodeResponse {}
message UpdateNodeLabelsRequest {