Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / a3e38cf9a4fcc0940402c4f18172662a84e28151^! / . / metropolis / node / core
commita3e38cf9a4fcc0940402c4f18172662a84e28151[log] [tgz]
authorSerge Bazanski <serge@monogon.tech>Wed Jul 31 14:40:04 2024 +0000
committerSerge Bazanski <serge@monogon.tech>Thu Aug 01 10:11:03 2024 +0000
treeadd9e62b0d9598619e0000353999729fc7b376b2
parent58079040557df838ec418d96155df0b273331dab [diff]
metroctl: add metrics command

This is a little helper command to access Node metrics easily for people
(eg. developers!) who don't have a metrics collection infrastructure set
up.

Change-Id: Ibe3b4356db88e31c3156289ab8d8ca2985266b4b
Reviewed-on: https://review.monogon.dev/c/monogon/+/3288
Tested-by: Jenkins CI
Reviewed-by: Tim Windelschmidt <tim@monogon.tech>

diff --git a/metropolis/node/core/rpc/client.go b/metropolis/node/core/rpc/client.go
index 4b64654..5fc76e3 100644
--- a/metropolis/node/core/rpc/client.go
+++ b/metropolis/node/core/rpc/client.go

@@ -147,9 +147,8 @@
 	}
 }
 
-// NewAuthenticatedCredentials returns gRPC TransportCredentials that can be used
-// to dial a cluster with a given TLS certificate (from node or manager
-// credentials).
+// NewAuthenticatedTLSConfig returns a tls.Config that can be used to dial a
+// cluster with a given TLS certificate (from node or manager credentials).
 //
 // The provided CredentialsOpt specify the verification of the remote side of the
 // connection. When connecting to a cluster (any node), use WantRemoteCluster. If
@@ -158,7 +157,7 @@
 // WantInsecure.
 //
 // The given options are parsed on a first-wins basis.
-func NewAuthenticatedCredentials(cert tls.Certificate, opts ...CredentialsOpt) credentials.TransportCredentials {
+func NewAuthenticatedTLSConfig(cert tls.Certificate, opts ...CredentialsOpt) *tls.Config {
 	config := &tls.Config{
 		Certificates:       []tls.Certificate{cert},
 		InsecureSkipVerify: true,
@@ -188,7 +187,22 @@
 		}
 	}
 
-	return credentials.NewTLS(config)
+	return config
+}
+
+// NewAuthenticatedCredentials returns gRPC TransportCredentials that can be used
+// to dial a cluster with a given TLS certificate (from node or manager
+// credentials).
+//
+// The provided CredentialsOpt specify the verification of the remote side of the
+// connection. When connecting to a cluster (any node), use WantRemoteCluster. If
+// you also want to verify the connection to a particular node, specify
+// WantRemoteNode alongside it. If no verification should be performed use
+// WantInsecure.
+//
+// The given options are parsed on a first-wins basis.
+func NewAuthenticatedCredentials(cert tls.Certificate, opts ...CredentialsOpt) credentials.TransportCredentials {
+	return credentials.NewTLS(NewAuthenticatedTLSConfig(cert, opts...))
 }
 
 // RetrieveOwnerCertificate uses AAA.Escrow to retrieve a cluster manager