metropolis/proto/api/management.proto - monogon - Gitiles

 syntax = "proto3";
 package metropolis.proto.api;
 option go_package = "source.monogon.dev/metropolis/proto/api";

 import "metropolis/proto/common/common.proto";
 import "metropolis/proto/ext/authorization.proto";

 // Management service available to Cluster Managers.
 service Management {
     // GetRegisterTicket retrieves the current RegisterTicket which is required
     // for new nodes to register into the cluster. Presenting this ticket on
     // registration does not automatically grant access to arbitrary node
     // registration. Instead, it is used to guard the API surface of the
     // Register RPC from potential denial of service attacks, and can be
     // regenerated at any time in case it leaks.
     rpc GetRegisterTicket(GetRegisterTicketRequest) returns (GetRegisterTicketResponse) {
         option (metropolis.proto.ext.authorization) = {
             need: PERMISSION_GET_REGISTER_TICKET
         };
     }
     // GetClusterInfo retrieves publicly available summary information about
     // this cluster, notably data required for nodes to register into a cluster
     // or join it (other than the Register Ticket, which is gated by an
     // additional permission).
     rpc GetClusterInfo(GetClusterInfoRequest) returns (GetClusterInfoResponse) {
         option (metropolis.proto.ext.authorization) = {
             need: PERMISSION_READ_CLUSTER_STATUS
         };
     }
 }

 message GetRegisterTicketRequest {
 }

 message GetRegisterTicketResponse {
     // Opaque bytes that comprise the RegisterTicket.
     bytes ticket = 1;
 }

 message GetClusterInfoRequest {
 }

 message GetClusterInfoResponse {
     // cluster_directory contains information about individual nodes in the
     // cluster that can be used to dial the cluster's services.
     metropolis.proto.common.ClusterDirectory cluster_directory = 1;

     // ca_certificate is the x509 DER encoded CA certificate of the cluster.
     bytes ca_certificate = 2;
 }
	syntax = "proto3";
	package metropolis.proto.api;
	option go_package = "source.monogon.dev/metropolis/proto/api";

	import "metropolis/proto/common/common.proto";
	import "metropolis/proto/ext/authorization.proto";

	// Management service available to Cluster Managers.
	service Management {
	// GetRegisterTicket retrieves the current RegisterTicket which is required
	// for new nodes to register into the cluster. Presenting this ticket on
	// registration does not automatically grant access to arbitrary node
	// registration. Instead, it is used to guard the API surface of the
	// Register RPC from potential denial of service attacks, and can be
	// regenerated at any time in case it leaks.
	rpc GetRegisterTicket(GetRegisterTicketRequest) returns (GetRegisterTicketResponse) {
	option (metropolis.proto.ext.authorization) = {
	need: PERMISSION_GET_REGISTER_TICKET
	};
	}
	// GetClusterInfo retrieves publicly available summary information about
	// this cluster, notably data required for nodes to register into a cluster
	// or join it (other than the Register Ticket, which is gated by an
	// additional permission).
	rpc GetClusterInfo(GetClusterInfoRequest) returns (GetClusterInfoResponse) {
	option (metropolis.proto.ext.authorization) = {
	need: PERMISSION_READ_CLUSTER_STATUS
	};
	}
	}

	message GetRegisterTicketRequest {
	}

	message GetRegisterTicketResponse {
	// Opaque bytes that comprise the RegisterTicket.
	bytes ticket = 1;
	}

	message GetClusterInfoRequest {
	}

	message GetClusterInfoResponse {
	// cluster_directory contains information about individual nodes in the
	// cluster that can be used to dial the cluster's services.
	metropolis.proto.common.ClusterDirectory cluster_directory = 1;

	// ca_certificate is the x509 DER encoded CA certificate of the cluster.
	bytes ca_certificate = 2;
	}