smalltown -> metropolis
This pass removes all mentions of Smalltown, both from code and comments,
and replaces them with appropriate new terminology.
Test Plan: Refactor, covered by CI.
X-Origin-Diff: phab/D674
GitOrigin-RevId: 04a94d44ef07d46f7821530da5614daefe16d7ea
diff --git a/BUILD b/BUILD
index f855af7..df5db5b 100644
--- a/BUILD
+++ b/BUILD
@@ -94,13 +94,13 @@
actual = "@com_github_go_delve_delve//cmd/dlv:dlv",
)
-# Shortcut for launching a single Smalltown instance
+# Shortcut for launching a single Metropolis node instance in a VM.
alias(
name = "launch",
actual = "//metropolis/test/launch/cli/launch",
)
-# Shortcut for launching a virtual network with two Smalltown instances
+# Shortcut for launching a virtual network a Metropolis cluster consisting of two nodes.
alias(
name = "launch-multi2",
actual = "//metropolis/test/launch/cli/launch-multi2",
diff --git a/WORKSPACE b/WORKSPACE
index 9ba620d..ab8aee2 100644
--- a/WORKSPACE
+++ b/WORKSPACE
@@ -215,6 +215,6 @@
urls = ["https://github.com/bonzini/qboot/archive/a5300c4949b8d4de2d34bedfaed66793f48ec948.tar.gz"],
)
-# Load musl toolchain Smalltown sysroot tarball into external repository.
+# Load musl toolchain Metropolis sysroot tarball into external repository.
load("//build/toolchain/musl-host-gcc:sysroot.bzl", "musl_sysroot_repositories")
musl_sysroot_repositories()
diff --git a/build/print-workspace-status.sh b/build/print-workspace-status.sh
index fb46a5f..57138a4 100755
--- a/build/print-workspace-status.sh
+++ b/build/print-workspace-status.sh
@@ -5,8 +5,8 @@
set -o nounset
set -o pipefail
-# TODO: Figure out how to version Smalltown
-SIGNOS_VERSION=1.0.0-dev
+# TODO: Figure out how to version Metropolis
+METROPOLIS_VERSION=1.0.0-dev
KUBERNETES_gitTreeState="clean"
if [ ! -z "$(git status --porcelain)" ]; then
@@ -27,5 +27,5 @@
KUBERNETES_buildDate $(date \
${SOURCE_DATE_EPOCH:+"--date=@${SOURCE_DATE_EPOCH}"} \
-u +'%Y-%m-%dT%H:%M:%SZ')
-STABLE_SIGNOS_version $SIGNOS_VERSION
+STABLE_METROPOLIS_version $METROPOLIS_VERSION
EOF
diff --git a/build/savestdout/README.md b/build/savestdout/README.md
index a233620..c6faada 100644
--- a/build/savestdout/README.md
+++ b/build/savestdout/README.md
@@ -5,7 +5,7 @@
a shell.
It was made to be used in Bazel rule definitions that want to run a command and save
-its output to stdout without going through ctx.actions.run_shell.
+its output to stdout without going through `ctx.actions.run\_shell`.
Once [bazelbuild/bazel/issues/5511](https://github.com/bazelbuild/bazel/issues/5511)
gets fixed, rules that need this behaviour can start using native Bazel functionality
@@ -19,4 +19,4 @@
bazel build //build/savestdout
bazel run bazel-bin/build/savestdout/*/savestdout /tmp/foo ps aux
-For an example of use in rules, see `smalltown_initramfs` in `//code/def.bzl`.
+For an example of use in rules, see `node_initramfs` in `//code/def.bzl`.
diff --git a/build/toolchain/BUILD b/build/toolchain/BUILD
index 78c4ae6..541f011 100644
--- a/build/toolchain/BUILD
+++ b/build/toolchain/BUILD
@@ -7,8 +7,9 @@
# - //build/toolchain:host_cc_suite , which is a fully unhermetic host toolchain,
# that can be used to build tools for the host.
# - //build/toolchain/musl-host-gcc:musl_host_cc_suite , which combines the host's
-# gcc compiler with a sysroot tarball that targets Smalltown. This can be used to
-# build C libraries/tools for Smalltown.
+# gcc compiler with a sysroot tarball that targets the Metropolis node
+# runtime. This can be used to build C libraries/tools running within the
+# Metropolis node image.
#
# This file defines //build/toolchain:host_cc_suite.
@@ -28,8 +29,8 @@
# toolchain that's built locally, or downloaded from the Internet - as
# github.com/bazelbuild/bazel-toolchains does it. As that's being built, we
# should then also have another toolchain definition for C binaries that
-# target Smalltown static binaries, so that mkfs.xfs can be built using native
-# cc_* rules, too.
+# target static binaries for Metropolis nodes, so that mkfs.xfs can be built
+# using native cc_* rules, too.
#
# This, and :cc_toolchain_config.bzl is based on the following tutorial:
# https://docs.bazel.build/versions/master/tutorial/cc-toolchain-config.html
diff --git a/build/toolchain/musl-host-gcc/BUILD b/build/toolchain/musl-host-gcc/BUILD
index 95a59f6..561e311 100644
--- a/build/toolchain/musl-host-gcc/BUILD
+++ b/build/toolchain/musl-host-gcc/BUILD
@@ -3,8 +3,8 @@
# This file defines //build/toolchain/musl-host-gcc:musl_host_cc_suite.
#
# This is a C++ toolchain that uses GCC from the host at hardcoded paths, with
-# a pre-built sysroot tarball that targets Smalltown with musl and Linux headers.
-# It's a superset of //build/toolchain:host_cc_suite.
+# a pre-built sysroot tarball that targets Metropolis nodes with musl and Linux
+# headers. It's a superset of //build/toolchain:host_cc_suite.
# For more information, see README.md.
cc_toolchain_suite(
diff --git a/build/toolchain/musl-host-gcc/README.md b/build/toolchain/musl-host-gcc/README.md
index 585bac2..5154107 100644
--- a/build/toolchain/musl-host-gcc/README.md
+++ b/build/toolchain/musl-host-gcc/README.md
@@ -3,7 +3,7 @@
musl-host-gcc is a Bazel C++ toolchain that uses the machine's host gcc in combination with a pre-built musl, musl headers, and Linux headers.
-It is currently used to build the few C binaries we need in Smalltown' runtime.
+It is currently used to build the few C binaries we need on Metropolis nodes.
At some point, this toolchain should be replaced by a fully hermetic toolchain that doesn't depend on the host environment.
@@ -19,7 +19,7 @@
Building Toolchain Sysroot Tarball
----------------------------------
-The toolchain's musl/linux components are currently built ahead of time and committed to this repository as `//build/toolchain/musl-host-gcc/toolchain.tar.xz`. This is the 'sysroot' tarball, that contains all headers and libraries required to build against Smalltown.
+The toolchain's musl/linux components are currently built ahead of time and committed to this repository as `//build/toolchain/musl-host-gcc/toolchain.tar.xz`. This is the 'sysroot' tarball, that contains all headers and libraries required to build for Metropolis nodes.
To build this tarball, run the following commands:
@@ -31,7 +31,7 @@
The toolchain is implemented in the following way:
-1. `//build/toolchain/musl-host-gcc/sysroot` is used to build `//build/toolchain/musl-host-gcc/sysroot.tar.xz` which is a tarball that contains all include and binary library files for building against musl for Smalltown (x86\_64 / k8) - thes are musl headers, musl libraries, and linux headers. This tarball is commited to source control.
+1. `//build/toolchain/musl-host-gcc/sysroot` is used to build `//build/toolchain/musl-host-gcc/sysroot.tar.xz` which is a tarball that contains all include and binary library files for building against musl for Metropolis nodes (x86\_64 / k8) - thes are musl headers, musl libraries, and linux headers. This tarball is commited to source control.
1. When building a target that uses the toolchain, the `sysroot.tar.xz` tarball is extracted into an external repository `@musl_sysroot`, via `sysroot.bzl` and `sysroot_repository.bzl`.
1. A toolchain config is built using `//build/toolchain:cc_toolchain_config.bzl`, which points at `gcc-wrapper.sh` as its gcc entrypoint. `gcc-wrapper.sh` expects to be able to call the host gcc with `musl.spec`.
1. A toolchain is built in `//build/toolchain/musl-host-gcc:musl_host_cc_suite`, which uses the previously mentioned config, and builds it to contain `gcc-wrapper.sh`, `musl.spec`, and the sysroot tarball.
diff --git a/build/toolchain/musl-host-gcc/sysroot/tarball.bzl b/build/toolchain/musl-host-gcc/sysroot/tarball.bzl
index 4f12049..5466690 100644
--- a/build/toolchain/musl-host-gcc/sysroot/tarball.bzl
+++ b/build/toolchain/musl-host-gcc/sysroot/tarball.bzl
@@ -22,7 +22,7 @@
"""
Build a sysroot-style tarball containing musl/linux headers and libraries.
-This can then be used to build a C toolchain that builds for Smalltown.
+This can then be used to build a C toolchain that builds C/C++ binaries for Metropolis nodes.
"""
def _musl_gcc_tarball(ctx):
diff --git a/metropolis/node/BUILD.bazel b/metropolis/node/BUILD.bazel
index 48c9177..b730deb 100644
--- a/metropolis/node/BUILD.bazel
+++ b/metropolis/node/BUILD.bazel
@@ -1,5 +1,5 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library")
-load("//metropolis/node/build:def.bzl", "smalltown_initramfs")
+load("//metropolis/node/build:def.bzl", "node_initramfs")
go_library(
name = "go_default_library",
@@ -17,7 +17,7 @@
},
)
-smalltown_initramfs(
+node_initramfs(
name = "initramfs",
extra_dirs = [
"/kubernetes/conf/flexvolume-plugins",
@@ -77,7 +77,7 @@
":initramfs",
],
outs = [
- "smalltown.img",
+ "node.img",
],
cmd = """
$(location //metropolis/node/build/mkimage) \
@@ -135,7 +135,7 @@
os_release(
name = "os-release-info",
- os_id = "smalltown",
- os_name = "Smalltown",
- stamp_var = "STABLE_SIGNOS_version",
+ os_id = "metropolis-node",
+ os_name = "Metropolis Node",
+ stamp_var = "STABLE_METROPOLIS_version",
)
diff --git a/metropolis/node/build/def.bzl b/metropolis/node/build/def.bzl
index e2885e5..19074c2 100644
--- a/metropolis/node/build/def.bzl
+++ b/metropolis/node/build/def.bzl
@@ -50,7 +50,7 @@
],
)
-def _smalltown_initramfs_impl(ctx):
+def _node_initramfs_impl(ctx):
"""
Generate an lz4-compressed initramfs based on a label/file list.
"""
@@ -197,10 +197,10 @@
return [DefaultInfo(files = depset([initramfs]))]
-smalltown_initramfs = rule(
- implementation = _smalltown_initramfs_impl,
+node_initramfs = rule(
+ implementation = _node_initramfs_impl,
doc = """
- Build a Smalltown initramfs. The initramfs will contain a basic /dev directory and all the files specified by the
+ Build a node initramfs. The initramfs will contain a basic /dev directory and all the files specified by the
`files` attribute. Executable files will have their permissions set to 0755, non-executable files will have
their permissions set to 0444. All parent directories will be created with 0755 permissions.
""",
diff --git a/metropolis/node/build/genosrelease/main.go b/metropolis/node/build/genosrelease/main.go
index 2344f19..e19876e 100644
--- a/metropolis/node/build/genosrelease/main.go
+++ b/metropolis/node/build/genosrelease/main.go
@@ -53,7 +53,7 @@
statusVars[parts[0]] = parts[1]
}
- smalltownVersion, ok := statusVars[*flagStampVar]
+ version, ok := statusVars[*flagStampVar]
if !ok {
fmt.Printf("%v key not set in bazel workspace status file\n", *flagStampVar)
os.Exit(1)
@@ -62,9 +62,9 @@
osReleaseVars := map[string]string{
"NAME": *flagName,
"ID": *flagID,
- "VERSION": smalltownVersion,
- "VERSION_ID": smalltownVersion,
- "PRETTY_NAME": *flagName + " " + smalltownVersion,
+ "VERSION": version,
+ "VERSION_ID": version,
+ "PRETTY_NAME": *flagName + " " + version,
}
osReleaseContent, err := godotenv.Marshal(osReleaseVars)
if err != nil {
diff --git a/metropolis/node/build/mkimage/main.go b/metropolis/node/build/mkimage/main.go
index 9f49f0a..94b2ecb 100644
--- a/metropolis/node/build/mkimage/main.go
+++ b/metropolis/node/build/mkimage/main.go
@@ -16,8 +16,9 @@
package main
-// mkimage is a tool to generate a Smalltown disk image containing the given EFI payload, and optionally, a given external
-// initramfs image and enrolment credentials.
+// mkimage is a tool to generate a Metropolis node disk image containing the
+// given EFI payload, and optionally, a given external initramfs image and
+// enrolment credentials.
import (
"flag"
@@ -32,7 +33,7 @@
"github.com/diskfs/go-diskfs/partition/gpt"
)
-var SmalltownDataPartition gpt.Type = gpt.Type("9eeec464-6885-414a-b278-4305c51f7966")
+var NodeDataPartition gpt.Type = gpt.Type("9eeec464-6885-414a-b278-4305c51f7966")
var (
flagEFI string
@@ -79,8 +80,8 @@
End: mibToSectors(flagESPPartitionSize) - 1,
},
{
- Type: SmalltownDataPartition,
- Name: "SIGNOS-DATA",
+ Type: NodeDataPartition,
+ Name: "METROPOLIS-NODE-DATA",
Start: mibToSectors(flagESPPartitionSize),
End: mibToSectors(flagESPPartitionSize+flagDataPartitionSize) - 1,
},
@@ -96,7 +97,7 @@
}
// Create EFI partition structure.
- for _, dir := range []string{"/EFI", "/EFI/BOOT", "/EFI/smalltown"} {
+ for _, dir := range []string{"/EFI", "/EFI/BOOT", "/EFI/metropolis"} {
if err := fs.Mkdir(dir); err != nil {
log.Fatalf("Mkdir(%q): %v", dir, err)
}
@@ -105,11 +106,11 @@
put(fs, flagEFI, "/EFI/BOOT/BOOTX64.EFI")
if flagInitramfs != "" {
- put(fs, flagInitramfs, "/EFI/smalltown/initramfs.cpio.lz4")
+ put(fs, flagInitramfs, "/EFI/metropolis/initramfs.cpio.lz4")
}
if flagEnrolmentCredentials != "" {
- put(fs, flagEnrolmentCredentials, "/EFI/smalltown/enrolment.pb")
+ put(fs, flagEnrolmentCredentials, "/EFI/metropolis/enrolment.pb")
}
if err := diskImg.File.Close(); err != nil {
diff --git a/metropolis/node/common/supervisor/supervisor.go b/metropolis/node/common/supervisor/supervisor.go
index df7492c..41d208d 100644
--- a/metropolis/node/common/supervisor/supervisor.go
+++ b/metropolis/node/common/supervisor/supervisor.go
@@ -16,7 +16,7 @@
package supervisor
-// The service supervision library allows for writing of reliable, service-style software within Smalltown.
+// The service supervision library allows for writing of reliable, service-style software within a Metropolis node.
// It builds upon the Erlang/OTP supervision tree system, adapted to be more Go-ish.
// For detailed design see go/supervision.
diff --git a/metropolis/node/core/cluster/manager.go b/metropolis/node/core/cluster/manager.go
index 6bb87f4..5f072b8 100644
--- a/metropolis/node/core/cluster/manager.go
+++ b/metropolis/node/core/cluster/manager.go
@@ -40,10 +40,10 @@
apb "git.monogon.dev/source/nexantic.git/metropolis/proto/api"
)
-// Manager is a finite state machine that joins this node (ie., Smalltown instance running on a virtual/physical machine)
-// into a Smalltown cluster (ie. group of nodes that act as a single control plane for Smalltown services). It does that
-// by bringing up all required operating-system level components, including mounting the local filesystem, bringing up
-// a consensus (etcd) server/client, ...
+// Manager is a finite state machine that joins this node (ie., Metropolis node running on a virtual/physical machine)
+// into a Metropolis cluster (ie. group of nodes that act as a single control plane for Metropolis services). It does
+// this by bringing up all required operating-system level components, including mounting the local filesystem, bringing
+// up a consensus (etcd) server/client, ...
//
// The Manager runs as a single-shot Runnable. It will attempt to progress its state from the initial state (New) to
// either Running (meaning that the node is now part of a cluster), or Failed (meaning that the node couldn't become
@@ -99,7 +99,7 @@
// with no EnrolmentConfig.
StateCreatingCluster
// StateCharlie is when the Manager uses the Golden Ticket debug/stopgap system to join an already
- // existing cluster. This mechanism will be removed before the first Smalltown release.
+ // existing cluster. This mechanism will be removed before the first Metropolis release.
StateCharlie
// StateRunning is when the Manager successfully got the node to be part of a cluster. stateRunningNode is valid.
StateRunning
@@ -267,7 +267,7 @@
if err != nil && !os.IsNotExist(err) {
return fmt.Errorf("could not read local enrolment file: %w", err)
} else if err != nil {
- configRaw, err = ioutil.ReadFile("/sys/firmware/qemu_fw_cfg/by_name/com.nexantic.smalltown/enrolment.pb/raw")
+ configRaw, err = ioutil.ReadFile("/sys/firmware/qemu_fw_cfg/by_name/dev.monogon.metropolis/enrolment.pb/raw")
if err != nil && !os.IsNotExist(err) {
return fmt.Errorf("could not read firmware enrolment file: %w", err)
}
@@ -381,7 +381,7 @@
}
// stateCharlie is used to join an existing cluster via the GoldenTicket mechanism. This mechanism is temporarily
-// implemented in Smalltown in order to allow for testing multi-node clusters without a TPM attestation flow implemented.
+// implemented in Metropolis in order to allow for testing multi-node clusters without a TPM attestation flow implemented.
// The Golden Ticket contains a pregenerated node certificate, etcd certificate, and other data that any node can
// use to join the cluster.
// Since this flow is temporary, it has a slight impedance mismatch with methods exposed by localstorage, node, etc.,
@@ -394,8 +394,8 @@
// was generated (vs. being created now by an RPC call, via an promote-node-to-etcd-member flow)
// - the node is then promoted to a consensus member and kubernetes worker, its clusterunlock key is set, and then it
// is saved to etcd.
-// As such, in this flow, we first create an etcd member (on goldenticket generation), and then only create a new Smalltown
-// node (when the goldenticket is used).
+// As such, in this flow, we first create an etcd member (on goldenticket generation), and then only create a new
+// Metropolis node (when the goldenticket is used).
func (m *Manager) stateCharlie(ctx context.Context) error {
t := m.goldenTicket
nodeCert, err := x509.ParseCertificate(t.NodeCert)
diff --git a/metropolis/node/core/cluster/node.go b/metropolis/node/core/cluster/node.go
index 449c2ff..4240428 100644
--- a/metropolis/node/core/cluster/node.go
+++ b/metropolis/node/core/cluster/node.go
@@ -32,9 +32,9 @@
ipb "git.monogon.dev/source/nexantic.git/metropolis/proto/internal"
)
-// Node is a Smalltown cluster member. A node is a virtual or physical machine running Smalltown. This object represents a
-// node only as part of a Cluster - ie., this object will never be available outside of //metropolis/node/core/cluster
-// if the Node is not part of a Cluster.
+// Node is a Metropolis cluster member. A node is a virtual or physical machine running Metropolis. This object
+// represents a node only as part of a cluster - ie., this object will never be available outside of
+// //metropolis/node/core/cluster if the Node is not part of a Cluster.
// Nodes are inherently tied to their long term storage, which is etcd. As such, methods on this object relate heavily
// to the Node's expected lifecycle on etcd.
type Node struct {
@@ -43,7 +43,7 @@
// the Node was just created (as the key is generated locally by localstorage on first format/mount).
// The other part of the unlock key is the LocalUnlockKey that's present on the node's ESP partition.
clusterUnlockKey []byte
- // certificate is the node's TLS certificate, used to authenticate Smalltown gRPC calls/services (but not
+ // certificate is the node's TLS certificate, used to authenticate Metropolis gRPC calls/services (but not
// consensus/etcd). The certificate for a node is permanent (and never expires). It's self-signed by the node on
// startup, and contains the node's IP address in its SAN. Callers/services should check directly against the
// expected certificate, and not against a CA.
@@ -83,10 +83,10 @@
nodeName string
}
-// ID returns the name of this node, which is `smalltown-{pubkeyHash}`. This name should be the primary way to refer to
-// Smalltown nodes within a cluster, and is guaranteed to be unique by relying on cryptographic randomness.
+// ID returns the name of this node, which is `metropolis-{pubkeyHash}`. This name should be the primary way to refer to
+// Metropoils nodes within a cluster, and is guaranteed to be unique by relying on cryptographic randomness.
func (n *Node) ID() string {
- return fmt.Sprintf("smalltown-%s", n.IDBare())
+ return fmt.Sprintf("metropolis-%s", n.IDBare())
}
// IDBare returns the `{pubkeyHash}` part of the node ID.
diff --git a/metropolis/node/core/consensus/consensus.go b/metropolis/node/core/consensus/consensus.go
index 8916164..b707a27 100644
--- a/metropolis/node/core/consensus/consensus.go
+++ b/metropolis/node/core/consensus/consensus.go
@@ -15,7 +15,7 @@
// limitations under the License.
// Package consensus implements a managed etcd cluster member service, with a self-hosted CA system for issuing peer
-// certificates. Currently each Smalltown node runs an etcd member, and connects to the etcd member locally over a unix
+// certificates. Currently each Metropolis node runs an etcd member, and connects to the etcd member locally over a
// domain socket.
//
// The service supports two modes of startup:
@@ -51,7 +51,7 @@
)
const (
- DefaultClusterToken = "SIGNOS"
+ DefaultClusterToken = "METROPOLIS"
DefaultLogger = "zap"
)
@@ -96,7 +96,7 @@
// ListenHost is the IP address or hostname at which this cluster member will listen.
ListenHost string
// Port is the port at which this cluster member will listen for other members. If zero, defaults to the global
- // Smalltown setting.
+ // Metropolis setting.
Port int
}
@@ -183,7 +183,7 @@
}
// Generate CA, keep in memory, write it down in etcd later.
- st.ca, err = ca.New("Smalltown etcd peer Root CA")
+ st.ca, err = ca.New("Metropolis etcd peer Root CA")
if err != nil {
return fmt.Errorf("when creating new cluster's peer CA: %w", err)
}
diff --git a/metropolis/node/core/consensus/consensus_test.go b/metropolis/node/core/consensus/consensus_test.go
index e08bd29..22bcf20 100644
--- a/metropolis/node/core/consensus/consensus_test.go
+++ b/metropolis/node/core/consensus/consensus_test.go
@@ -42,7 +42,7 @@
func prep(t *testing.T) *boilerplate {
ctx, ctxC := context.WithCancel(context.Background())
root := &localstorage.Root{}
- tmp, err := ioutil.TempDir("", "smalltown-test")
+ tmp, err := ioutil.TempDir("", "metropolis-consensus-test")
if err != nil {
t.Fatal(err)
}
diff --git a/metropolis/node/core/debug_service.go b/metropolis/node/core/debug_service.go
index 0155cc6..8e81d2d 100644
--- a/metropolis/node/core/debug_service.go
+++ b/metropolis/node/core/debug_service.go
@@ -37,7 +37,7 @@
logFilterMax = 1000
)
-// debugService implements the Smalltown node debug API.
+// debugService implements the Metropolis node debug API.
type debugService struct {
cluster *cluster.Manager
kubernetes *kubernetes.Service
diff --git a/metropolis/node/core/localstorage/crypt/blockdev.go b/metropolis/node/core/localstorage/crypt/blockdev.go
index df5f590..5abe60b 100644
--- a/metropolis/node/core/localstorage/crypt/blockdev.go
+++ b/metropolis/node/core/localstorage/crypt/blockdev.go
@@ -34,17 +34,17 @@
// EFIPartitionType is the standardized partition type value for the EFI ESP partition. The human readable GUID is C12A7328-F81F-11D2-BA4B-00A0C93EC93B.
EFIPartitionType = gpt.PartType{0x28, 0x73, 0x2a, 0xc1, 0x1f, 0xf8, 0xd2, 0x11, 0xba, 0x4b, 0x00, 0xa0, 0xc9, 0x3e, 0xc9, 0x3b}
- // SmalltownDataPartitionType is the partition type value for a Smalltown data partition. The human-readable GUID is 9eeec464-6885-414a-b278-4305c51f7966.
- SmalltownDataPartitionType = gpt.PartType{0x64, 0xc4, 0xee, 0x9e, 0x85, 0x68, 0x4a, 0x41, 0xb2, 0x78, 0x43, 0x05, 0xc5, 0x1f, 0x79, 0x66}
+ // NodeDataPartitionType is the partition type value for a Metropolis Node data partition. The human-readable GUID is 9eeec464-6885-414a-b278-4305c51f7966.
+ NodeDataPartitionType = gpt.PartType{0x64, 0xc4, 0xee, 0x9e, 0x85, 0x68, 0x4a, 0x41, 0xb2, 0x78, 0x43, 0x05, 0xc5, 0x1f, 0x79, 0x66}
)
const (
- ESPDevicePath = "/dev/esp"
- SmalltownDataCryptPath = "/dev/data-crypt"
+ ESPDevicePath = "/dev/esp"
+ NodeDataCryptPath = "/dev/data-crypt"
)
-// MakeBlockDevices looks for the ESP and the Smalltown data partition and maps them to ESPDevicePath and
-// SmalltownDataCryptPath respectively. This doesn't fail if it doesn't find the partitions, only if
+// MakeBlockDevices looks for the ESP and the node data partition and maps them to ESPDevicePath and
+// NodeDataCryptPath respectively. This doesn't fail if it doesn't find the partitions, only if
// something goes catastrophically wrong.
func MakeBlockDevices(ctx context.Context) error {
blockdevNames, err := ioutil.ReadDir("/sys/class/block")
@@ -83,9 +83,9 @@
return fmt.Errorf("failed to create device node for ESP partition: %w", err)
}
}
- if part.Type == SmalltownDataPartitionType {
- if err := unix.Mknod(SmalltownDataCryptPath, 0600|unix.S_IFBLK, int(unix.Mkdev(uint32(majorDev), uint32(partNumber+1)))); err != nil {
- return fmt.Errorf("failed to create device node for Smalltown encrypted data partition: %w", err)
+ if part.Type == NodeDataPartitionType {
+ if err := unix.Mknod(NodeDataCryptPath, 0600|unix.S_IFBLK, int(unix.Mkdev(uint32(majorDev), uint32(partNumber+1)))); err != nil {
+ return fmt.Errorf("failed to create device node for Metropolis node encrypted data partition: %w", err)
}
}
}
diff --git a/metropolis/node/core/localstorage/declarative/placement_local.go b/metropolis/node/core/localstorage/declarative/placement_local.go
index 82b6a71..3f7b1dd 100644
--- a/metropolis/node/core/localstorage/declarative/placement_local.go
+++ b/metropolis/node/core/localstorage/declarative/placement_local.go
@@ -66,7 +66,7 @@
defer f.writeLock.Unlock()
// TODO(q3k): ensure that these do not collide with an existing sibling file, or generate this suffix randomly.
- tmp := f.FullPath() + ".__smalltown_tmp"
+ tmp := f.FullPath() + ".__metropolis_tmp"
defer os.Remove(tmp)
if err := ioutil.WriteFile(tmp, d, mode); err != nil {
return fmt.Errorf("temporary file write failed: %w", err)
diff --git a/metropolis/node/core/localstorage/directory_data.go b/metropolis/node/core/localstorage/directory_data.go
index e90dc48..52abbea 100644
--- a/metropolis/node/core/localstorage/directory_data.go
+++ b/metropolis/node/core/localstorage/directory_data.go
@@ -30,7 +30,7 @@
var keySize uint16 = 256 / 8
-// MountData mounts the Smalltown data partition with the given global unlock key. It automatically
+// MountData mounts the node data partition with the given global unlock key. It automatically
// unseals the local unlock key from the TPM.
func (d *DataDirectory) MountExisting(unlock *ESPLocalUnlockFile, globalUnlockKey []byte) error {
d.flagLock.Lock()
@@ -58,7 +58,7 @@
key[i] = localUnlockKey[i] ^ globalUnlockKey[i]
}
- if err := crypt.CryptMap("data", crypt.SmalltownDataCryptPath, key); err != nil {
+ if err := crypt.CryptMap("data", crypt.NodeDataCryptPath, key); err != nil {
return err
}
if err := d.mount(); err != nil {
@@ -67,7 +67,7 @@
return nil
}
-// InitializeData initializes the Smalltown data partition and returns the global unlock key. It seals
+// InitializeData initializes the node data partition and returns the global unlock key. It seals
// the local portion into the TPM and stores the blob on the ESP. This is a potentially slow
// operation since it touches the whole partition.
func (d *DataDirectory) MountNew(unlock *ESPLocalUnlockFile) ([]byte, error) {
@@ -103,7 +103,7 @@
key[i] = localUnlockKey[i] ^ globalUnlockKey[i]
}
- if err := crypt.CryptInit("data", crypt.SmalltownDataCryptPath, key); err != nil {
+ if err := crypt.CryptInit("data", crypt.NodeDataCryptPath, key); err != nil {
return nil, fmt.Errorf("initializing encrypted block device: %w", err)
}
mkfsCmd := exec.Command("/bin/mkfs.xfs", "-qf", "/dev/data")
diff --git a/metropolis/node/core/localstorage/directory_pki.go b/metropolis/node/core/localstorage/directory_pki.go
index 6bdebff..610cfef 100644
--- a/metropolis/node/core/localstorage/directory_pki.go
+++ b/metropolis/node/core/localstorage/directory_pki.go
@@ -38,7 +38,8 @@
type CertificateTemplateNamer func(pubkey []byte) x509.Certificate
func CertificateForNode(pubkey []byte) x509.Certificate {
- name := "smalltown-" + hex.EncodeToString([]byte(pubkey[:16]))
+ // TODO(q3k): this should be unified with metroopolis/node/cluster:node.ID()
+ name := "metropolis-" + hex.EncodeToString([]byte(pubkey[:16]))
// This has no SANs because it authenticates by public key, not by name
return x509.Certificate{
diff --git a/metropolis/node/core/localstorage/storage.go b/metropolis/node/core/localstorage/storage.go
index 8cc291f..1b1946a 100644
--- a/metropolis/node/core/localstorage/storage.go
+++ b/metropolis/node/core/localstorage/storage.go
@@ -116,12 +116,12 @@
Plugins struct {
declarative.Directory
- VFS declarative.File `file:"com.smalltown.vfs.sock"`
+ VFS declarative.File `file:"dev.monogon.metropolis.vfs.sock"`
} `dir:"plugins"`
PluginsRegistry struct {
declarative.Directory
- VFSReg declarative.File `file:"com.smalltown.vfs-reg.sock"`
+ VFSReg declarative.File `file:"dev.monogon.metropolis.vfs-reg.sock"`
} `dir:"plugins_registry"`
}
diff --git a/metropolis/node/core/main.go b/metropolis/node/core/main.go
index 54d09a4..806cfef 100644
--- a/metropolis/node/core/main.go
+++ b/metropolis/node/core/main.go
@@ -76,7 +76,7 @@
}
}()
- // Set up logger for Smalltown. Currently logs everything to stderr.
+ // Set up logger for Metropolis. Currently logs everything to stderr.
lt := logtree.New()
reader, err := lt.Read("", logtree.WithChildren(), logtree.WithStream())
if err != nil {
@@ -103,7 +103,7 @@
logger.Fatalf("Failed to raise rlimits: %v", err)
}
- logger.Info("Starting Smalltown Init")
+ logger.Info("Starting Metropolis node init")
signalChannel := make(chan os.Signal, 2)
signal.Notify(signalChannel)
@@ -252,7 +252,9 @@
log.Printf(" # GURU MEDIATION ERROR #")
log.Printf(" ########################")
log.Printf("")
- log.Printf("Smalltown encountered an uncorrectable error and must be restarted.")
+ log.Printf("Metropolis encountered an uncorrectable error and this node must be")
+ log.Printf("restarted.")
+ log.Printf("")
log.Printf("(Error condition: init trapdoor closed)")
log.Printf("")
select {}
diff --git a/metropolis/node/core/network/main.go b/metropolis/node/core/network/main.go
index 29e757d..94bb4d4 100644
--- a/metropolis/node/core/network/main.go
+++ b/metropolis/node/core/network/main.go
@@ -130,7 +130,7 @@
if err != nil {
return fmt.Errorf("failed to create DHCP client on interface %v: %w", iface.Attrs().Name, err)
}
- s.dhcp.VendorClassIdentifier = "com.nexantic.smalltown.v1"
+ s.dhcp.VendorClassIdentifier = "dev.monogon.metropolis.node.v1"
s.dhcp.RequestedOptions = []dhcpv4.OptionCode{dhcpv4.OptionRouter, dhcpv4.OptionNameServer}
s.dhcp.LeaseCallback = dhcpcb.Compose(dhcpcb.ManageIP(iface), dhcpcb.ManageDefaultRoute(iface), s.dhcpDNSCallback, s.getIPCallbackHack)
err = supervisor.Run(ctx, "dhcp", s.dhcp.Run)
diff --git a/metropolis/node/core/switchroot.go b/metropolis/node/core/switchroot.go
index 5865225..c980a3a 100644
--- a/metropolis/node/core/switchroot.go
+++ b/metropolis/node/core/switchroot.go
@@ -37,20 +37,20 @@
// We detect the need to remount to tmpfs over env vars.
// The first run of /init (from initramfs) will not have this var, and will be re-exec'd from a new tmpfs root with
// that variable set.
- witness := "SIGNOS_REMOUNTED"
+ witness := "METROPOLIS_REMOUNTED"
// If the witness env var is found in the environment, it means we are ready to go.
environ := os.Environ()
for _, env := range environ {
if strings.HasPrefix(env, witness+"=") {
- log.Info("Smalltown running in tmpfs root")
+ log.Info("Metropolis node running in tmpfs root")
return nil
}
}
// Otherwise, we need to remount to a tmpfs.
environ = append(environ, witness+"=yes")
- log.Info("Smalltown running in initramfs, remounting to tmpfs...")
+ log.Info("Metropolis node running in initramfs, remounting to tmpfs...")
// Make note of all directories we have to make and files that we have to copy.
paths := []string{}
diff --git a/metropolis/node/core/tpm/tpm.go b/metropolis/node/core/tpm/tpm.go
index 76f4f92..4106a66 100644
--- a/metropolis/node/core/tpm/tpm.go
+++ b/metropolis/node/core/tpm/tpm.go
@@ -390,7 +390,7 @@
// store secrets on the OS side pre-global unlock and b) it makes no sense in this security model
// since an uncompromised host OS will not let an untrusted entity attest as itself and a
// compromised OS can either not pass PCR policy checks or the game's already over (you
- // successfully runtime-exploited a production Smalltown Core)
+ // successfully runtime-exploited a production Metropolis node)
endorsementSession, _, err := tpm2.StartAuthSession(
tpm.device,
tpm2.HandleNull,
diff --git a/metropolis/node/kubernetes/clusternet/clusternet.go b/metropolis/node/kubernetes/clusternet/clusternet.go
index d8dc7ad..cd78434 100644
--- a/metropolis/node/kubernetes/clusternet/clusternet.go
+++ b/metropolis/node/kubernetes/clusternet/clusternet.go
@@ -52,7 +52,7 @@
const (
clusterNetDeviceName = "clusternet"
- publicKeyAnnotation = "node.smalltown.nexantic.com/wg-pubkey"
+ publicKeyAnnotation = "node.metropolis.monogon.dev/wg-pubkey"
)
type Service struct {
diff --git a/metropolis/node/kubernetes/csi.go b/metropolis/node/kubernetes/csi.go
index 4b44a1a..81a94fc 100644
--- a/metropolis/node/kubernetes/csi.go
+++ b/metropolis/node/kubernetes/csi.go
@@ -205,7 +205,7 @@
// CSI Identity endpoints
func (*csiPluginServer) GetPluginInfo(ctx context.Context, req *csi.GetPluginInfoRequest) (*csi.GetPluginInfoResponse, error) {
return &csi.GetPluginInfoResponse{
- Name: "com.smalltown.vfs",
+ Name: "dev.monogon.metropolis.vfs",
VendorVersion: "0.0.1", // TODO(lorenz): Maybe stamp?
}, nil
}
@@ -232,7 +232,7 @@
func (s *csiPluginServer) GetInfo(ctx context.Context, req *pluginregistration.InfoRequest) (*pluginregistration.PluginInfo, error) {
return &pluginregistration.PluginInfo{
Type: "CSIPlugin",
- Name: "com.smalltown.vfs",
+ Name: "dev.monogon.metropolis.vfs",
Endpoint: s.KubeletDirectory.Plugins.VFS.FullPath(),
SupportedVersions: []string{"1.2"}, // Keep in sync with container-storage-interface/spec package version
}, nil
diff --git a/metropolis/node/kubernetes/pki/certificate.go b/metropolis/node/kubernetes/pki/certificate.go
index 6bd50f9..da7d301 100644
--- a/metropolis/node/kubernetes/pki/certificate.go
+++ b/metropolis/node/kubernetes/pki/certificate.go
@@ -108,7 +108,7 @@
// in memory (if volatile), loading it from etcd, or creating and saving it on etcd if needed.
// This function is safe to call in parallel from multiple etcd clients (including across machines), but it will error
// in case a concurrent certificate generation happens. These errors are, however, safe to retry - as long as all the
-// certificate creators (ie., Smalltown nodes) run the same version of this code.
+// certificate creators (ie., Metropolis nodes) run the same version of this code.
// TODO(q3k): in the future, this should be handled better - especially as we introduce new certificates, or worse,
// change the issuance chain. As a stopgap measure, an explicit per-certificate or even global lock can be implemented.
// And, even before that, we can handle concurrency errors in a smarter way.
diff --git a/metropolis/node/kubernetes/pki/kubernetes.go b/metropolis/node/kubernetes/pki/kubernetes.go
index c4827a9..979fec6 100644
--- a/metropolis/node/kubernetes/pki/kubernetes.go
+++ b/metropolis/node/kubernetes/pki/kubernetes.go
@@ -57,7 +57,7 @@
// Kubernetes scheduler server certificate, used to run its HTTP server.
Scheduler KubeCertificateName = "scheduler"
- // Root-on-kube (system:masters) client certificate. Used to control the apiserver (and resources) by Smalltown
+ // Root-on-kube (system:masters) client certificate. Used to control the apiserver (and resources) by Metropolis
// internally.
Master KubeCertificateName = "master"
@@ -73,7 +73,7 @@
serviceAccountKeyName = "service-account-privkey"
)
-// KubernetesPKI manages all PKI resources required to run Kubernetes on Smalltown. It contains all static certificates,
+// KubernetesPKI manages all PKI resources required to run Kubernetes on Metropolis. It contains all static certificates,
// which can be retrieved, or be used to generate Kubeconfigs from.
type KubernetesPKI struct {
logger logtree.LeveledLogger
@@ -92,7 +92,7 @@
pki.Certificates[name] = New(pki.Certificates[i], string(name), template)
}
- pki.Certificates[IdCA] = New(SelfSigned, string(IdCA), CA("Smalltown Kubernetes ID CA"))
+ pki.Certificates[IdCA] = New(SelfSigned, string(IdCA), CA("Metropolis Kubernetes ID CA"))
make(IdCA, APIServer, Server(
[]string{
"kubernetes",
@@ -104,14 +104,14 @@
},
[]net.IP{{10, 0, 255, 1}, {127, 0, 0, 1}}, // TODO(q3k): add service network internal apiserver address
))
- make(IdCA, KubeletClient, Client("smalltown:apiserver-kubelet-client", nil))
+ make(IdCA, KubeletClient, Client("metropolis:apiserver-kubelet-client", nil))
make(IdCA, ControllerManagerClient, Client("system:kube-controller-manager", nil))
make(IdCA, ControllerManager, Server([]string{"kube-controller-manager.local"}, nil))
make(IdCA, SchedulerClient, Client("system:kube-scheduler", nil))
make(IdCA, Scheduler, Server([]string{"kube-scheduler.local"}, nil))
- make(IdCA, Master, Client("smalltown:master", []string{"system:masters"}))
+ make(IdCA, Master, Client("metropolis:master", []string{"system:masters"}))
- pki.Certificates[AggregationCA] = New(SelfSigned, string(AggregationCA), CA("Smalltown OpenAPI Aggregation CA"))
+ pki.Certificates[AggregationCA] = New(SelfSigned, string(AggregationCA), CA("Metropolis OpenAPI Aggregation CA"))
make(AggregationCA, FrontProxyClient, Client("front-proxy-client", nil))
return &pki
diff --git a/metropolis/node/kubernetes/provisioner.go b/metropolis/node/kubernetes/provisioner.go
index b671125..a9dfa72 100644
--- a/metropolis/node/kubernetes/provisioner.go
+++ b/metropolis/node/kubernetes/provisioner.go
@@ -46,7 +46,7 @@
)
// ONCHANGE(//metropolis/node/kubernetes/reconciler:resources_csi.go): needs to match csiProvisionerServerName declared.
-const csiProvisionerServerName = "com.nexantic.smalltown.vfs"
+const csiProvisionerServerName = "dev.monogon.metropolis.vfs"
// csiProvisionerServer is responsible for the provisioning and deprovisioning of CSI-based container volumes. It runs on all
// nodes and watches PVCs for ones assigned to the node it's running on and fulfills the provisioning request by
@@ -256,7 +256,7 @@
}
if *pvc.Spec.VolumeMode == v1.PersistentVolumeBlock {
- return fmt.Errorf("Block PVCs are not supported by Smalltown")
+ return fmt.Errorf("Block PVCs are currently not supported by Metropolis")
}
volumeID := "pvc-" + string(pvc.ObjectMeta.UID)
diff --git a/metropolis/node/kubernetes/reconciler/reconciler.go b/metropolis/node/kubernetes/reconciler/reconciler.go
index 9c5ba4e..0ce84d7 100644
--- a/metropolis/node/kubernetes/reconciler/reconciler.go
+++ b/metropolis/node/kubernetes/reconciler/reconciler.go
@@ -14,12 +14,16 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-// The reconciler ensures that a base set of K8s resources is always available in the cluster. These are necessary to
-// ensure correct out-of-the-box functionality. All resources containing the smalltown.com/builtin=true label are assumed
-// to be managed by the reconciler.
-// It currently does not revert modifications made by admins, it is planned to create an admission plugin prohibiting
-// such modifications to resources with the smalltown.com/builtin label to deal with that problem. This would also solve a
-// potential issue where you could delete resources just by adding the smalltown.com/builtin=true label.
+// The reconciler ensures that a base set of K8s resources is always available
+// in the cluster. These are necessary to ensure correct out-of-the-box
+// functionality. All resources containing the
+// metropolis.monogon.dev/builtin=true label are assumed to be managed by the
+// reconciler.
+// It currently does not revert modifications made by admins, it is planned to
+// create an admission plugin prohibiting such modifications to resources with
+// the metropolis.monogon.dev/builtin label to deal with that problem. This
+// would also solve a potential issue where you could delete resources just by
+// adding the metropolis.monogon.dev/builtin=true label.
package reconciler
import (
@@ -45,17 +49,17 @@
const (
// BuiltinLabelKey is used as a k8s label to mark built-in objects (ie., managed by the reconciler)
- BuiltinLabelKey = "smalltown.com/builtin"
+ BuiltinLabelKey = "metropolis.monogon.dev/builtin"
// BuiltinLabelValue is used as a k8s label value, under the BuiltinLabelKey key.
BuiltinLabelValue = "true"
// BuiltinRBACPrefix is used to prefix all built-in objects that are part of the rbac/v1 API (eg.
// {Cluster,}Role{Binding,} objects). This corresponds to the colon-separated 'namespaces' notation used by
// Kubernetes system (system:) objects.
- BuiltinRBACPrefix = "smalltown:"
+ BuiltinRBACPrefix = "metropolis:"
)
// builtinLabels makes a kubernetes-compatible label dictionary (key->value) that is used to mark objects that are
-// built-in into Smalltown (ie., managed by the reconciler). These are then subsequently retrieved by listBuiltins.
+// built-in into Metropolis (ie., managed by the reconciler). These are then subsequently retrieved by listBuiltins.
// The extra argument specifies what other labels are to be merged into the the labels dictionary, for convenience. If
// nil or empty, no extra labels will be applied.
func builtinLabels(extra map[string]string) map[string]string {
@@ -71,8 +75,8 @@
}
// listBuiltins returns a k8s client ListOptions structure that allows to retrieve all objects that are built-in into
-// Smalltown currently present in the API server (ie., ones that are to be managed by the reconciler). These are created
-// by applying builtinLabels to their metadata labels.
+// Metropolis currently present in the API server (ie., ones that are to be managed by the reconciler). These are
+// created by applying builtinLabels to their metadata labels.
var listBuiltins = meta.ListOptions{
LabelSelector: fmt.Sprintf("%s=%s", BuiltinLabelKey, BuiltinLabelValue),
}
diff --git a/metropolis/node/kubernetes/reconciler/resources_csi.go b/metropolis/node/kubernetes/reconciler/resources_csi.go
index ecbcb4b..c7f7b2b 100644
--- a/metropolis/node/kubernetes/reconciler/resources_csi.go
+++ b/metropolis/node/kubernetes/reconciler/resources_csi.go
@@ -27,7 +27,7 @@
// TODO(q3k): this is duplicated with //metropolis/node/kubernetes:provisioner.go; integrate this once provisioner.go
// gets moved into a subpackage.
// ONCHANGE(//metropolis/node/kubernetes:provisioner.go): needs to match csiProvisionerName declared.
-const csiProvisionerName = "com.nexantic.smalltown.vfs"
+const csiProvisionerName = "dev.monogon.metropolis.vfs"
type resourceCSIDrivers struct {
kubernetes.Interface
diff --git a/metropolis/node/kubernetes/reconciler/resources_rbac.go b/metropolis/node/kubernetes/reconciler/resources_rbac.go
index 40ca879..15386a6 100644
--- a/metropolis/node/kubernetes/reconciler/resources_rbac.go
+++ b/metropolis/node/kubernetes/reconciler/resources_rbac.go
@@ -146,7 +146,7 @@
APIGroup: rbac.GroupName,
Kind: "User",
// TODO(q3k): describe this name's contract, or unify with whatever creates this.
- Name: "smalltown:apiserver-kubelet-client",
+ Name: "metropolis:apiserver-kubelet-client",
},
},
},
diff --git a/metropolis/proto/api/debug.proto b/metropolis/proto/api/debug.proto
index 2483360..5648ae7 100644
--- a/metropolis/proto/api/debug.proto
+++ b/metropolis/proto/api/debug.proto
@@ -15,12 +15,12 @@
// limitations under the License.
syntax = "proto3";
-package smalltown.core.proto.api;
+package metropolis.proto.api;
option go_package = "git.monogon.dev/source/nexantic.git/metropolis/proto/api";
import "metropolis/proto/api/enrolment.proto";
-// NodeDebugService exposes debug and testing endpoints that allow introspection into a running Smalltown instance.
+// NodeDebugService exposes debug and testing endpoints that allow introspection into a running Metropolis node.
// It is not authenticated and will be disabled in production. It is currently consumed by metropolis/cli/dbg and
// by tests.
service NodeDebugService {
@@ -33,11 +33,11 @@
// For more information about this API, see //metropolis/node/core/logtree. But, in summary:
// - All logging is performed to a DN (distinguished name), which is a dot-delimited string like foo.bar.baz.
// - Log entries can be either raw (coming from unstructured logging from an external service, like a running
- // process) or leveled (emitted by Smalltown code with a source line, timestamp, and severity).
+ // process) or leveled (emitted by Metropolis code with a source line, timestamp, and severity).
// - The DNs form a tree of logging nodes - and when requesting logs, a given subtree of DNs can be requested,
// instead of just a given DN.
// - All supervised processes live at `root.<supervisor DN>`. For more example paths, see the console logs of
- // a running Smalltown instance, or request all logs (at DN "").
+ // a running Metropolis node, or request all logs (at DN "").
//
// TODO(q3k): move method and its related messages to the non-debug node endpoint once we have one.
rpc GetLogs(GetLogsRequest) returns (stream GetLogsResponse);
diff --git a/metropolis/proto/api/enrolment.proto b/metropolis/proto/api/enrolment.proto
index c07e4ea..3c9b862 100644
--- a/metropolis/proto/api/enrolment.proto
+++ b/metropolis/proto/api/enrolment.proto
@@ -15,11 +15,12 @@
// limitations under the License.
syntax = "proto3";
-package smalltown.core.proto.api;
+package metropolis.proto.api;
option go_package = "git.monogon.dev/source/nexantic.git/metropolis/proto/api";
-// EnrolmentConfig is the single boot configuration file contained in the Smalltown ESP. It configures
-// the way the node will start up (what cluster it will join/enroll into/create).
+// EnrolmentConfig is the single Metropolis node boot configuration file
+// contained in the ESP. It configures the way the node will start up (what
+// cluster it will join/enroll into/create).
message EnrolmentConfig {
// Debug/temporary cluster enrolment method. If set, the node will attempt to enroll into the
// cluster that this ticket was generated for. Otherwise, a new cluster will be created.
diff --git a/metropolis/proto/common/common.proto b/metropolis/proto/common/common.proto
index def91e8..4defcbe 100644
--- a/metropolis/proto/common/common.proto
+++ b/metropolis/proto/common/common.proto
@@ -15,7 +15,7 @@
// limitations under the License.
syntax = "proto3";
-package smalltown.core.proto.common;
+package metropolis.proto.common;
option go_package = "git.monogon.dev/source/nexantic.git/metropolis/proto/common";
enum TrustBackend {
diff --git a/metropolis/proto/internal/internal.proto b/metropolis/proto/internal/internal.proto
index c5aa259..e82fe96 100644
--- a/metropolis/proto/internal/internal.proto
+++ b/metropolis/proto/internal/internal.proto
@@ -16,7 +16,7 @@
syntax = "proto3";
option go_package = "git.monogon.dev/source/nexantic.git/metropolis/proto/internal";
-package smalltown.core.proto.internal;
+package metropolis.proto.internal;
// Node describes a single node's state in etcd
message Node {
diff --git a/metropolis/test/e2e/k8s_cts/main.go b/metropolis/test/e2e/k8s_cts/main.go
index 728a890..8ee63be 100644
--- a/metropolis/test/e2e/k8s_cts/main.go
+++ b/metropolis/test/e2e/k8s_cts/main.go
@@ -14,7 +14,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-// This package launches a Smalltown Cluster with two nodes and spawns in the CTS container. Then it streams its output
+// This package launches a Metropolis cluster with two nodes and spawns in the CTS container. Then it streams its output
// to the console. When the CTS has finished it exits with the appropriate error code.
package main
diff --git a/metropolis/test/e2e/main_test.go b/metropolis/test/e2e/main_test.go
index 46e862c..75b96b7 100644
--- a/metropolis/test/e2e/main_test.go
+++ b/metropolis/test/e2e/main_test.go
@@ -52,7 +52,7 @@
largeTestTimeout = 120 * time.Second
)
-// TestE2E is the main E2E test entrypoint for single-node freshly-bootstrapped E2E tests. It starts a full Smalltown node
+// TestE2E is the main E2E test entrypoint for single-node freshly-bootstrapped E2E tests. It starts a full Metropolis node
// in bootstrap mode and then runs tests against it. The actual tests it performs are located in the RunGroup subtest.
func TestE2E(t *testing.T) {
// Run pprof server for debugging
diff --git a/metropolis/test/ktest/ktest.bzl b/metropolis/test/ktest/ktest.bzl
index fdbff20..de8dc1e 100644
--- a/metropolis/test/ktest/ktest.bzl
+++ b/metropolis/test/ktest/ktest.bzl
@@ -15,7 +15,7 @@
# limitations under the License.
"""
-Ktest provides a simple macro to run tests inside the normal Smalltown kernel
+Ktest provides a macro to run tests under a normal Metropolis node kernel
"""
def ktest(deps, tester, initramfs_extra, cmdline):
diff --git a/metropolis/test/launch/launch.go b/metropolis/test/launch/launch.go
index 5fcfe5e..0cf11bd 100644
--- a/metropolis/test/launch/launch.go
+++ b/metropolis/test/launch/launch.go
@@ -117,11 +117,11 @@
// and ConflictFreePortMap(). Ignored when ConnectToSocket is set.
Ports PortMap
- // If set to true, reboots are honored. Otherwise all reboots exit the Launch() command. Smalltown generally restarts
- // on almost all errors, so unless you want to test reboot behavior this should be false.
+ // If set to true, reboots are honored. Otherwise all reboots exit the Launch() command. Metropolis nodes
+ // generally restarts on almost all errors, so unless you want to test reboot behavior this should be false.
AllowReboot bool
- // By default the Smalltown VM is connected to the Host via SLIRP. If ConnectToSocket is set, it is instead connected
+ // By default the VM is connected to the Host via SLIRP. If ConnectToSocket is set, it is instead connected
// to the given file descriptor/socket. If this is set, all port maps from the Ports option are ignored.
// Intended for networking this instance together with others for running more complex network configurations.
ConnectToSocket *os.File
@@ -134,12 +134,12 @@
EnrolmentConfig *apb.EnrolmentConfig
}
-// NodePorts is the list of ports a fully operational Smalltown node listens on
+// NodePorts is the list of ports a fully operational Metropolis node listens on
var NodePorts = []uint16{common.ConsensusPort, common.NodeServicePort, common.MasterServicePort,
common.ExternalServicePort, common.DebugServicePort, common.KubernetesAPIPort, common.DebuggerPort}
// IdentityPortMap returns a port map where each given port is mapped onto itself on the host. This is mainly useful
-// for development against Smalltown. The dbg command requires this mapping.
+// for development against Metropolis. The dbg command requires this mapping.
func IdentityPortMap(ports []uint16) PortMap {
portMap := make(PortMap)
for _, port := range ports {
@@ -149,9 +149,9 @@
}
// ConflictFreePortMap returns a port map where each given port is mapped onto a random free port on the host. This is
-// intended for automated testing where multiple instances of Smalltown might be running. Please call this function for
-// each Launch command separately and as close to it as possible since it cannot guarantee that the ports will remain
-// free.
+// intended for automated testing where multiple instances of Metropolis nodes might be running. Please call this
+// function for each Launch command separately and as close to it as possible since it cannot guarantee that the ports
+// will remain free.
func ConflictFreePortMap(ports []uint16) (PortMap, error) {
portMap := make(PortMap)
for _, port := range ports {
@@ -181,9 +181,9 @@
return &mac, nil
}
-// Launch launches a Smalltown instance with the given options. The instance runs mostly paravirtualized but with some
-// emulated hardware similar to how a cloud provider might set up its VMs. The disk is fully writable but is run
-// in snapshot mode meaning that changes are not kept beyond a single invocation.
+// Launch launches a Metropolis node instance with the given options. The instance runs mostly paravirtualized but
+// with some emulated hardware similar to how a cloud provider might set up its VMs. The disk is fully writable but
+// is run in snapshot mode meaning that changes are not kept beyond a single invocation.
func Launch(ctx context.Context, options Options) error {
// Pin temp directory to /tmp until we can use abstract socket namespace in QEMU (next release after 5.0,
// https://github.com/qemu/qemu/commit/776b97d3605ed0fc94443048fdf988c7725e38a9). swtpm accepts already-open FDs
@@ -241,7 +241,7 @@
"-cpu", "host", "-smp", "sockets=1,cpus=1,cores=2,threads=2,maxcpus=4",
"-drive", "if=pflash,format=raw,readonly,file=external/edk2/OVMF_CODE.fd",
"-drive", "if=pflash,format=raw,snapshot=on,file=external/edk2/OVMF_VARS.fd",
- "-drive", "if=virtio,format=raw,snapshot=on,cache=unsafe,file=metropolis/node/smalltown.img",
+ "-drive", "if=virtio,format=raw,snapshot=on,cache=unsafe,file=metropolis/node/node.img",
"-netdev", qemuNetConfig.toOption(qemuNetType),
"-device", "virtio-net-pci,netdev=net0,mac=" + mac.String(),
"-chardev", "socket,id=chrtpm,path=" + tpmSocketPath,
@@ -263,7 +263,7 @@
if err := ioutil.WriteFile(enrolmentConfigPath, enrolmentConfigRaw, 0644); err != nil {
return fmt.Errorf("failed to write enrolment config: %w", err)
}
- qemuArgs = append(qemuArgs, "-fw_cfg", "name=com.nexantic.smalltown/enrolment.pb,file="+enrolmentConfigPath)
+ qemuArgs = append(qemuArgs, "-fw_cfg", "name=dev.monogon.metropolis/enrolment.pb,file="+enrolmentConfigPath)
}
// Start TPM emulator as a subprocess
@@ -470,13 +470,13 @@
common.KubernetesAPIPort,
}
-// ClusterOptions contains all options for launching a Smalltown cluster
+// ClusterOptions contains all options for launching a Metropolis cluster
type ClusterOptions struct {
// The number of nodes this cluster should be started with initially
NumNodes int
}
-// LaunchCluster launches a cluster of Smalltown VMs together with a Nanoswitch instance to network them all together.
+// LaunchCluster launches a cluster of Metropolis node VMs together with a Nanoswitch instance to network them all together.
func LaunchCluster(ctx context.Context, opts ClusterOptions) (apb.NodeDebugServiceClient, PortMap, error) {
var switchPorts []*os.File
var vmPorts []*os.File
diff --git a/metropolis/test/nanoswitch/BUILD b/metropolis/test/nanoswitch/BUILD
index fc4f932..7b088f1 100644
--- a/metropolis/test/nanoswitch/BUILD
+++ b/metropolis/test/nanoswitch/BUILD
@@ -1,5 +1,5 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
-load("//metropolis/node/build:def.bzl", "smalltown_initramfs")
+load("//metropolis/node/build:def.bzl", "node_initramfs")
go_library(
name = "go_default_library",
@@ -28,7 +28,7 @@
visibility = ["//visibility:public"],
)
-smalltown_initramfs(
+node_initramfs(
name = "initramfs",
files = {
":nanoswitch": "/init",
diff --git a/third_party/go/patches/k8s-kubernetes.patch b/third_party/go/patches/k8s-kubernetes.patch
index 8b766a6..411e009 100644
--- a/third_party/go/patches/k8s-kubernetes.patch
+++ b/third_party/go/patches/k8s-kubernetes.patch
@@ -13,7 +13,7 @@
limitations under the License.
-This fixes OpenAPI codegen for when included from the Smalltown workspace. It basically undoes vendorification.
+This fixes OpenAPI codegen for when included from the Monogon workspace. It basically undoes vendorification.
diff -ur io_k8s_kubernetes.orig/build/code_generation.bzl io_k8s_kubernetes/build/code_generation.bzl
--- io_k8s_kubernetes.orig/build/code_generation.bzl 2020-04-15 13:43:57.785669620 +0200
@@ -402,4 +402,4 @@
+ package = "generated",
)
- filegroup(
\ No newline at end of file
+ filegroup(
diff --git a/third_party/linux/BUILD.bazel b/third_party/linux/BUILD.bazel
index 48f811b..2a52fe3 100644
--- a/third_party/linux/BUILD.bazel
+++ b/third_party/linux/BUILD.bazel
@@ -2,7 +2,7 @@
name = "bzImage",
srcs = [
"@linux//:all",
- "linux-smalltown.config",
+ "linux-metropolis.config",
],
outs = [
"bzImage",
@@ -12,7 +12,7 @@
mkdir $$DIR/.bin
- cp $(location linux-smalltown.config) $$DIR/.config
+ cp $(location linux-metropolis.config) $$DIR/.config
(cd $$DIR && make -j $$(nproc) >/dev/null)
@@ -23,6 +23,6 @@
filegroup(
name = "kernel-config",
- srcs = ["linux-smalltown.config"],
+ srcs = ["linux-metropolis.config"],
visibility = ["//visibility:public"],
)
diff --git a/third_party/linux/linux-smalltown.config b/third_party/linux/linux-metropolis.config
similarity index 99%
rename from third_party/linux/linux-smalltown.config
rename to third_party/linux/linux-metropolis.config
index df38412..b2f7e7a 100644
--- a/third_party/linux/linux-smalltown.config
+++ b/third_party/linux/linux-metropolis.config
@@ -22,7 +22,7 @@
#
CONFIG_INIT_ENV_ARG_LIMIT=32
# CONFIG_COMPILE_TEST is not set
-CONFIG_LOCALVERSION="-smalltown"
+CONFIG_LOCALVERSION="-metropolis"
CONFIG_LOCALVERSION_AUTO=y
CONFIG_BUILD_SALT=""
CONFIG_HAVE_KERNEL_GZIP=y
@@ -37,7 +37,7 @@
# CONFIG_KERNEL_XZ is not set
# CONFIG_KERNEL_LZO is not set
CONFIG_KERNEL_LZ4=y
-CONFIG_DEFAULT_HOSTNAME="smalltown-uninitialized"
+CONFIG_DEFAULT_HOSTNAME="metropolis-node-uninitialized"
# CONFIG_SWAP is not set
CONFIG_SYSVIPC=y
CONFIG_SYSVIPC_SYSCTL=y
@@ -434,7 +434,7 @@
# CONFIG_LEGACY_VSYSCALL_XONLY is not set
CONFIG_LEGACY_VSYSCALL_NONE=y
CONFIG_CMDLINE_BOOL=y
-CONFIG_CMDLINE="console=ttyS0 initrd=\\EFI\\smalltown\\initramfs.cpio.lz4"
+CONFIG_CMDLINE="console=ttyS0 initrd=\\EFI\\metropolis\\initramfs.cpio.lz4"
CONFIG_CMDLINE_OVERRIDE=y
CONFIG_MODIFY_LDT_SYSCALL=y
CONFIG_HAVE_LIVEPATCH=y