smalltown -> metropolis
This pass removes all mentions of Smalltown, both from code and comments,
and replaces them with appropriate new terminology.
Test Plan: Refactor, covered by CI.
X-Origin-Diff: phab/D674
GitOrigin-RevId: 04a94d44ef07d46f7821530da5614daefe16d7ea
diff --git a/metropolis/node/core/cluster/manager.go b/metropolis/node/core/cluster/manager.go
index 6bb87f4..5f072b8 100644
--- a/metropolis/node/core/cluster/manager.go
+++ b/metropolis/node/core/cluster/manager.go
@@ -40,10 +40,10 @@
apb "git.monogon.dev/source/nexantic.git/metropolis/proto/api"
)
-// Manager is a finite state machine that joins this node (ie., Smalltown instance running on a virtual/physical machine)
-// into a Smalltown cluster (ie. group of nodes that act as a single control plane for Smalltown services). It does that
-// by bringing up all required operating-system level components, including mounting the local filesystem, bringing up
-// a consensus (etcd) server/client, ...
+// Manager is a finite state machine that joins this node (ie., Metropolis node running on a virtual/physical machine)
+// into a Metropolis cluster (ie. group of nodes that act as a single control plane for Metropolis services). It does
+// this by bringing up all required operating-system level components, including mounting the local filesystem, bringing
+// up a consensus (etcd) server/client, ...
//
// The Manager runs as a single-shot Runnable. It will attempt to progress its state from the initial state (New) to
// either Running (meaning that the node is now part of a cluster), or Failed (meaning that the node couldn't become
@@ -99,7 +99,7 @@
// with no EnrolmentConfig.
StateCreatingCluster
// StateCharlie is when the Manager uses the Golden Ticket debug/stopgap system to join an already
- // existing cluster. This mechanism will be removed before the first Smalltown release.
+ // existing cluster. This mechanism will be removed before the first Metropolis release.
StateCharlie
// StateRunning is when the Manager successfully got the node to be part of a cluster. stateRunningNode is valid.
StateRunning
@@ -267,7 +267,7 @@
if err != nil && !os.IsNotExist(err) {
return fmt.Errorf("could not read local enrolment file: %w", err)
} else if err != nil {
- configRaw, err = ioutil.ReadFile("/sys/firmware/qemu_fw_cfg/by_name/com.nexantic.smalltown/enrolment.pb/raw")
+ configRaw, err = ioutil.ReadFile("/sys/firmware/qemu_fw_cfg/by_name/dev.monogon.metropolis/enrolment.pb/raw")
if err != nil && !os.IsNotExist(err) {
return fmt.Errorf("could not read firmware enrolment file: %w", err)
}
@@ -381,7 +381,7 @@
}
// stateCharlie is used to join an existing cluster via the GoldenTicket mechanism. This mechanism is temporarily
-// implemented in Smalltown in order to allow for testing multi-node clusters without a TPM attestation flow implemented.
+// implemented in Metropolis in order to allow for testing multi-node clusters without a TPM attestation flow implemented.
// The Golden Ticket contains a pregenerated node certificate, etcd certificate, and other data that any node can
// use to join the cluster.
// Since this flow is temporary, it has a slight impedance mismatch with methods exposed by localstorage, node, etc.,
@@ -394,8 +394,8 @@
// was generated (vs. being created now by an RPC call, via an promote-node-to-etcd-member flow)
// - the node is then promoted to a consensus member and kubernetes worker, its clusterunlock key is set, and then it
// is saved to etcd.
-// As such, in this flow, we first create an etcd member (on goldenticket generation), and then only create a new Smalltown
-// node (when the goldenticket is used).
+// As such, in this flow, we first create an etcd member (on goldenticket generation), and then only create a new
+// Metropolis node (when the goldenticket is used).
func (m *Manager) stateCharlie(ctx context.Context) error {
t := m.goldenTicket
nodeCert, err := x509.ParseCertificate(t.NodeCert)
diff --git a/metropolis/node/core/cluster/node.go b/metropolis/node/core/cluster/node.go
index 449c2ff..4240428 100644
--- a/metropolis/node/core/cluster/node.go
+++ b/metropolis/node/core/cluster/node.go
@@ -32,9 +32,9 @@
ipb "git.monogon.dev/source/nexantic.git/metropolis/proto/internal"
)
-// Node is a Smalltown cluster member. A node is a virtual or physical machine running Smalltown. This object represents a
-// node only as part of a Cluster - ie., this object will never be available outside of //metropolis/node/core/cluster
-// if the Node is not part of a Cluster.
+// Node is a Metropolis cluster member. A node is a virtual or physical machine running Metropolis. This object
+// represents a node only as part of a cluster - ie., this object will never be available outside of
+// //metropolis/node/core/cluster if the Node is not part of a Cluster.
// Nodes are inherently tied to their long term storage, which is etcd. As such, methods on this object relate heavily
// to the Node's expected lifecycle on etcd.
type Node struct {
@@ -43,7 +43,7 @@
// the Node was just created (as the key is generated locally by localstorage on first format/mount).
// The other part of the unlock key is the LocalUnlockKey that's present on the node's ESP partition.
clusterUnlockKey []byte
- // certificate is the node's TLS certificate, used to authenticate Smalltown gRPC calls/services (but not
+ // certificate is the node's TLS certificate, used to authenticate Metropolis gRPC calls/services (but not
// consensus/etcd). The certificate for a node is permanent (and never expires). It's self-signed by the node on
// startup, and contains the node's IP address in its SAN. Callers/services should check directly against the
// expected certificate, and not against a CA.
@@ -83,10 +83,10 @@
nodeName string
}
-// ID returns the name of this node, which is `smalltown-{pubkeyHash}`. This name should be the primary way to refer to
-// Smalltown nodes within a cluster, and is guaranteed to be unique by relying on cryptographic randomness.
+// ID returns the name of this node, which is `metropolis-{pubkeyHash}`. This name should be the primary way to refer to
+// Metropoils nodes within a cluster, and is guaranteed to be unique by relying on cryptographic randomness.
func (n *Node) ID() string {
- return fmt.Sprintf("smalltown-%s", n.IDBare())
+ return fmt.Sprintf("metropolis-%s", n.IDBare())
}
// IDBare returns the `{pubkeyHash}` part of the node ID.
diff --git a/metropolis/node/core/consensus/consensus.go b/metropolis/node/core/consensus/consensus.go
index 8916164..b707a27 100644
--- a/metropolis/node/core/consensus/consensus.go
+++ b/metropolis/node/core/consensus/consensus.go
@@ -15,7 +15,7 @@
// limitations under the License.
// Package consensus implements a managed etcd cluster member service, with a self-hosted CA system for issuing peer
-// certificates. Currently each Smalltown node runs an etcd member, and connects to the etcd member locally over a unix
+// certificates. Currently each Metropolis node runs an etcd member, and connects to the etcd member locally over a
// domain socket.
//
// The service supports two modes of startup:
@@ -51,7 +51,7 @@
)
const (
- DefaultClusterToken = "SIGNOS"
+ DefaultClusterToken = "METROPOLIS"
DefaultLogger = "zap"
)
@@ -96,7 +96,7 @@
// ListenHost is the IP address or hostname at which this cluster member will listen.
ListenHost string
// Port is the port at which this cluster member will listen for other members. If zero, defaults to the global
- // Smalltown setting.
+ // Metropolis setting.
Port int
}
@@ -183,7 +183,7 @@
}
// Generate CA, keep in memory, write it down in etcd later.
- st.ca, err = ca.New("Smalltown etcd peer Root CA")
+ st.ca, err = ca.New("Metropolis etcd peer Root CA")
if err != nil {
return fmt.Errorf("when creating new cluster's peer CA: %w", err)
}
diff --git a/metropolis/node/core/consensus/consensus_test.go b/metropolis/node/core/consensus/consensus_test.go
index e08bd29..22bcf20 100644
--- a/metropolis/node/core/consensus/consensus_test.go
+++ b/metropolis/node/core/consensus/consensus_test.go
@@ -42,7 +42,7 @@
func prep(t *testing.T) *boilerplate {
ctx, ctxC := context.WithCancel(context.Background())
root := &localstorage.Root{}
- tmp, err := ioutil.TempDir("", "smalltown-test")
+ tmp, err := ioutil.TempDir("", "metropolis-consensus-test")
if err != nil {
t.Fatal(err)
}
diff --git a/metropolis/node/core/debug_service.go b/metropolis/node/core/debug_service.go
index 0155cc6..8e81d2d 100644
--- a/metropolis/node/core/debug_service.go
+++ b/metropolis/node/core/debug_service.go
@@ -37,7 +37,7 @@
logFilterMax = 1000
)
-// debugService implements the Smalltown node debug API.
+// debugService implements the Metropolis node debug API.
type debugService struct {
cluster *cluster.Manager
kubernetes *kubernetes.Service
diff --git a/metropolis/node/core/localstorage/crypt/blockdev.go b/metropolis/node/core/localstorage/crypt/blockdev.go
index df5f590..5abe60b 100644
--- a/metropolis/node/core/localstorage/crypt/blockdev.go
+++ b/metropolis/node/core/localstorage/crypt/blockdev.go
@@ -34,17 +34,17 @@
// EFIPartitionType is the standardized partition type value for the EFI ESP partition. The human readable GUID is C12A7328-F81F-11D2-BA4B-00A0C93EC93B.
EFIPartitionType = gpt.PartType{0x28, 0x73, 0x2a, 0xc1, 0x1f, 0xf8, 0xd2, 0x11, 0xba, 0x4b, 0x00, 0xa0, 0xc9, 0x3e, 0xc9, 0x3b}
- // SmalltownDataPartitionType is the partition type value for a Smalltown data partition. The human-readable GUID is 9eeec464-6885-414a-b278-4305c51f7966.
- SmalltownDataPartitionType = gpt.PartType{0x64, 0xc4, 0xee, 0x9e, 0x85, 0x68, 0x4a, 0x41, 0xb2, 0x78, 0x43, 0x05, 0xc5, 0x1f, 0x79, 0x66}
+ // NodeDataPartitionType is the partition type value for a Metropolis Node data partition. The human-readable GUID is 9eeec464-6885-414a-b278-4305c51f7966.
+ NodeDataPartitionType = gpt.PartType{0x64, 0xc4, 0xee, 0x9e, 0x85, 0x68, 0x4a, 0x41, 0xb2, 0x78, 0x43, 0x05, 0xc5, 0x1f, 0x79, 0x66}
)
const (
- ESPDevicePath = "/dev/esp"
- SmalltownDataCryptPath = "/dev/data-crypt"
+ ESPDevicePath = "/dev/esp"
+ NodeDataCryptPath = "/dev/data-crypt"
)
-// MakeBlockDevices looks for the ESP and the Smalltown data partition and maps them to ESPDevicePath and
-// SmalltownDataCryptPath respectively. This doesn't fail if it doesn't find the partitions, only if
+// MakeBlockDevices looks for the ESP and the node data partition and maps them to ESPDevicePath and
+// NodeDataCryptPath respectively. This doesn't fail if it doesn't find the partitions, only if
// something goes catastrophically wrong.
func MakeBlockDevices(ctx context.Context) error {
blockdevNames, err := ioutil.ReadDir("/sys/class/block")
@@ -83,9 +83,9 @@
return fmt.Errorf("failed to create device node for ESP partition: %w", err)
}
}
- if part.Type == SmalltownDataPartitionType {
- if err := unix.Mknod(SmalltownDataCryptPath, 0600|unix.S_IFBLK, int(unix.Mkdev(uint32(majorDev), uint32(partNumber+1)))); err != nil {
- return fmt.Errorf("failed to create device node for Smalltown encrypted data partition: %w", err)
+ if part.Type == NodeDataPartitionType {
+ if err := unix.Mknod(NodeDataCryptPath, 0600|unix.S_IFBLK, int(unix.Mkdev(uint32(majorDev), uint32(partNumber+1)))); err != nil {
+ return fmt.Errorf("failed to create device node for Metropolis node encrypted data partition: %w", err)
}
}
}
diff --git a/metropolis/node/core/localstorage/declarative/placement_local.go b/metropolis/node/core/localstorage/declarative/placement_local.go
index 82b6a71..3f7b1dd 100644
--- a/metropolis/node/core/localstorage/declarative/placement_local.go
+++ b/metropolis/node/core/localstorage/declarative/placement_local.go
@@ -66,7 +66,7 @@
defer f.writeLock.Unlock()
// TODO(q3k): ensure that these do not collide with an existing sibling file, or generate this suffix randomly.
- tmp := f.FullPath() + ".__smalltown_tmp"
+ tmp := f.FullPath() + ".__metropolis_tmp"
defer os.Remove(tmp)
if err := ioutil.WriteFile(tmp, d, mode); err != nil {
return fmt.Errorf("temporary file write failed: %w", err)
diff --git a/metropolis/node/core/localstorage/directory_data.go b/metropolis/node/core/localstorage/directory_data.go
index e90dc48..52abbea 100644
--- a/metropolis/node/core/localstorage/directory_data.go
+++ b/metropolis/node/core/localstorage/directory_data.go
@@ -30,7 +30,7 @@
var keySize uint16 = 256 / 8
-// MountData mounts the Smalltown data partition with the given global unlock key. It automatically
+// MountData mounts the node data partition with the given global unlock key. It automatically
// unseals the local unlock key from the TPM.
func (d *DataDirectory) MountExisting(unlock *ESPLocalUnlockFile, globalUnlockKey []byte) error {
d.flagLock.Lock()
@@ -58,7 +58,7 @@
key[i] = localUnlockKey[i] ^ globalUnlockKey[i]
}
- if err := crypt.CryptMap("data", crypt.SmalltownDataCryptPath, key); err != nil {
+ if err := crypt.CryptMap("data", crypt.NodeDataCryptPath, key); err != nil {
return err
}
if err := d.mount(); err != nil {
@@ -67,7 +67,7 @@
return nil
}
-// InitializeData initializes the Smalltown data partition and returns the global unlock key. It seals
+// InitializeData initializes the node data partition and returns the global unlock key. It seals
// the local portion into the TPM and stores the blob on the ESP. This is a potentially slow
// operation since it touches the whole partition.
func (d *DataDirectory) MountNew(unlock *ESPLocalUnlockFile) ([]byte, error) {
@@ -103,7 +103,7 @@
key[i] = localUnlockKey[i] ^ globalUnlockKey[i]
}
- if err := crypt.CryptInit("data", crypt.SmalltownDataCryptPath, key); err != nil {
+ if err := crypt.CryptInit("data", crypt.NodeDataCryptPath, key); err != nil {
return nil, fmt.Errorf("initializing encrypted block device: %w", err)
}
mkfsCmd := exec.Command("/bin/mkfs.xfs", "-qf", "/dev/data")
diff --git a/metropolis/node/core/localstorage/directory_pki.go b/metropolis/node/core/localstorage/directory_pki.go
index 6bdebff..610cfef 100644
--- a/metropolis/node/core/localstorage/directory_pki.go
+++ b/metropolis/node/core/localstorage/directory_pki.go
@@ -38,7 +38,8 @@
type CertificateTemplateNamer func(pubkey []byte) x509.Certificate
func CertificateForNode(pubkey []byte) x509.Certificate {
- name := "smalltown-" + hex.EncodeToString([]byte(pubkey[:16]))
+ // TODO(q3k): this should be unified with metroopolis/node/cluster:node.ID()
+ name := "metropolis-" + hex.EncodeToString([]byte(pubkey[:16]))
// This has no SANs because it authenticates by public key, not by name
return x509.Certificate{
diff --git a/metropolis/node/core/localstorage/storage.go b/metropolis/node/core/localstorage/storage.go
index 8cc291f..1b1946a 100644
--- a/metropolis/node/core/localstorage/storage.go
+++ b/metropolis/node/core/localstorage/storage.go
@@ -116,12 +116,12 @@
Plugins struct {
declarative.Directory
- VFS declarative.File `file:"com.smalltown.vfs.sock"`
+ VFS declarative.File `file:"dev.monogon.metropolis.vfs.sock"`
} `dir:"plugins"`
PluginsRegistry struct {
declarative.Directory
- VFSReg declarative.File `file:"com.smalltown.vfs-reg.sock"`
+ VFSReg declarative.File `file:"dev.monogon.metropolis.vfs-reg.sock"`
} `dir:"plugins_registry"`
}
diff --git a/metropolis/node/core/main.go b/metropolis/node/core/main.go
index 54d09a4..806cfef 100644
--- a/metropolis/node/core/main.go
+++ b/metropolis/node/core/main.go
@@ -76,7 +76,7 @@
}
}()
- // Set up logger for Smalltown. Currently logs everything to stderr.
+ // Set up logger for Metropolis. Currently logs everything to stderr.
lt := logtree.New()
reader, err := lt.Read("", logtree.WithChildren(), logtree.WithStream())
if err != nil {
@@ -103,7 +103,7 @@
logger.Fatalf("Failed to raise rlimits: %v", err)
}
- logger.Info("Starting Smalltown Init")
+ logger.Info("Starting Metropolis node init")
signalChannel := make(chan os.Signal, 2)
signal.Notify(signalChannel)
@@ -252,7 +252,9 @@
log.Printf(" # GURU MEDIATION ERROR #")
log.Printf(" ########################")
log.Printf("")
- log.Printf("Smalltown encountered an uncorrectable error and must be restarted.")
+ log.Printf("Metropolis encountered an uncorrectable error and this node must be")
+ log.Printf("restarted.")
+ log.Printf("")
log.Printf("(Error condition: init trapdoor closed)")
log.Printf("")
select {}
diff --git a/metropolis/node/core/network/main.go b/metropolis/node/core/network/main.go
index 29e757d..94bb4d4 100644
--- a/metropolis/node/core/network/main.go
+++ b/metropolis/node/core/network/main.go
@@ -130,7 +130,7 @@
if err != nil {
return fmt.Errorf("failed to create DHCP client on interface %v: %w", iface.Attrs().Name, err)
}
- s.dhcp.VendorClassIdentifier = "com.nexantic.smalltown.v1"
+ s.dhcp.VendorClassIdentifier = "dev.monogon.metropolis.node.v1"
s.dhcp.RequestedOptions = []dhcpv4.OptionCode{dhcpv4.OptionRouter, dhcpv4.OptionNameServer}
s.dhcp.LeaseCallback = dhcpcb.Compose(dhcpcb.ManageIP(iface), dhcpcb.ManageDefaultRoute(iface), s.dhcpDNSCallback, s.getIPCallbackHack)
err = supervisor.Run(ctx, "dhcp", s.dhcp.Run)
diff --git a/metropolis/node/core/switchroot.go b/metropolis/node/core/switchroot.go
index 5865225..c980a3a 100644
--- a/metropolis/node/core/switchroot.go
+++ b/metropolis/node/core/switchroot.go
@@ -37,20 +37,20 @@
// We detect the need to remount to tmpfs over env vars.
// The first run of /init (from initramfs) will not have this var, and will be re-exec'd from a new tmpfs root with
// that variable set.
- witness := "SIGNOS_REMOUNTED"
+ witness := "METROPOLIS_REMOUNTED"
// If the witness env var is found in the environment, it means we are ready to go.
environ := os.Environ()
for _, env := range environ {
if strings.HasPrefix(env, witness+"=") {
- log.Info("Smalltown running in tmpfs root")
+ log.Info("Metropolis node running in tmpfs root")
return nil
}
}
// Otherwise, we need to remount to a tmpfs.
environ = append(environ, witness+"=yes")
- log.Info("Smalltown running in initramfs, remounting to tmpfs...")
+ log.Info("Metropolis node running in initramfs, remounting to tmpfs...")
// Make note of all directories we have to make and files that we have to copy.
paths := []string{}
diff --git a/metropolis/node/core/tpm/tpm.go b/metropolis/node/core/tpm/tpm.go
index 76f4f92..4106a66 100644
--- a/metropolis/node/core/tpm/tpm.go
+++ b/metropolis/node/core/tpm/tpm.go
@@ -390,7 +390,7 @@
// store secrets on the OS side pre-global unlock and b) it makes no sense in this security model
// since an uncompromised host OS will not let an untrusted entity attest as itself and a
// compromised OS can either not pass PCR policy checks or the game's already over (you
- // successfully runtime-exploited a production Smalltown Core)
+ // successfully runtime-exploited a production Metropolis node)
endorsementSession, _, err := tpm2.StartAuthSession(
tpm.device,
tpm2.HandleNull,