m/node: introduce node storage setting and cluster policy
This adds NodeStorageSecurity and a corresponding
ClusterConfiguration.StorageSecurityPolicy, and pipes it into the
Metropolis node bootstrap and registration flow.
All the various settings have so far only been tested manually. For now
the default behaviour (which is exercised by tests) is the same as
previously: require encryption and authentication.
In the future, we will have to expand our end-to-end testing to properly
exercise all the various settings and verify their enforcement and
effect. But that has to come in a follow-up CR as this one is already
large enough as is.
Change-Id: I76f3e37639ef02f4fc708af47ae5014408dc7c21
Reviewed-on: https://review.monogon.dev/c/monogon/+/1747
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>
Tested-by: Jenkins CI
diff --git a/metropolis/proto/private/private.proto b/metropolis/proto/private/private.proto
index c682311..4cdbef2 100644
--- a/metropolis/proto/private/private.proto
+++ b/metropolis/proto/private/private.proto
@@ -18,6 +18,8 @@
option go_package = "source.monogon.dev/metropolis/proto/private";
package metropolis.proto.private;
+import "metropolis/proto/common/common.proto";
+
// Node describes a single node's state in etcd
// DEPRECATED: this will be moved to //metropolis/node/curator.
message Node {
@@ -73,4 +75,9 @@
// cluster_ca is the X509 CA certificate of the cluster set during
// registration and used by nodes joining the cluster.
bytes cluster_ca = 3;
+ // storage_security is the node storage security that this node has been
+ // created with, and is used to determine the way the local storage (ie.
+ // Metropolis data partition) will be attempted to be mounted on subsequent
+ // node startups.
+ metropolis.proto.common.NodeStorageSecurity storage_security = 4;
}