Blame - metropolis/cli/metroctl/cmd_install.go - monogon

blob: 9ad79536cc0908673c6a0d7dc684c9fc395432b2 [file] [log] [blame]

Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	1	package main
				2
				3	import (
Serge Bazanski	9778322	2021-12-14 16:04:26 +0100	[diff] [blame]	4	"bytes"
Mateusz Zalega	d5f2f7a	2022-07-05 18:48:56 +0200	[diff] [blame]	5	"context"
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	6	"crypto/ed25519"
Lorenz Brun	7a51019	2022-07-04 15:31:38 +0000	[diff] [blame]	7	_ "embed"
Lorenz Brun	7a51019	2022-07-04 15:31:38 +0000	[diff] [blame]	8	"io"
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	9	"log"
				10	"os"
Serge Bazanski	bdc803b	2023-03-27 10:55:09 +0200	[diff] [blame]	11	"strings"
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	12
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	13	"github.com/spf13/cobra"
				14
				15	"source.monogon.dev/metropolis/cli/metroctl/core"
Mateusz Zalega	d5f2f7a	2022-07-05 18:48:56 +0200	[diff] [blame]	16	clicontext "source.monogon.dev/metropolis/cli/pkg/context"
Serge Bazanski	9778322	2021-12-14 16:04:26 +0100	[diff] [blame]	17	"source.monogon.dev/metropolis/cli/pkg/datafile"
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	18	"source.monogon.dev/metropolis/proto/api"
Serge Bazanski	bdc803b	2023-03-27 10:55:09 +0200	[diff] [blame]	19	cpb "source.monogon.dev/metropolis/proto/common"
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	20	)
				21
				22	var installCmd = &cobra.Command{
Lorenz Brun	7a51019	2022-07-04 15:31:38 +0000	[diff] [blame]	23	Short: "Contains subcommands to install Metropolis via different media.",
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	24	Use: "install",
				25	}
				26
Lorenz Brun	7a51019	2022-07-04 15:31:38 +0000	[diff] [blame]	27	var bundlePath = installCmd.PersistentFlags().StringP("bundle", "b", "", "Path to the Metropolis bundle to be installed")
Serge Bazanski	46a45f9	2023-07-19 17:09:52 +0200	[diff] [blame^]	28	var installerPath = installCmd.PersistentFlags().StringP("installer", "i", "", "Path to the Metropolis installer to use when installing")
Lorenz Brun	7a51019	2022-07-04 15:31:38 +0000	[diff] [blame]	29
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	30	var genusbCmd = &cobra.Command{
Serge Bazanski	9778322	2021-12-14 16:04:26 +0100	[diff] [blame]	31	Use: "genusb target",
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	32	Short: "Generates a Metropolis installer disk or image.",
Lorenz Brun	7a51019	2022-07-04 15:31:38 +0000	[diff] [blame]	33	Example: "metroctl install --bundle=metropolis-v0.1.zip genusb /dev/sdx",
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	34	Args: cobra.ExactArgs(1), // One positional argument: the target
				35	Run: doGenUSB,
				36	}
				37
Mateusz Zalega	d5f2f7a	2022-07-05 18:48:56 +0200	[diff] [blame]	38	// bootstrap is a flag controlling node parameters included in the installer
				39	// image. If set, the installed node will bootstrap a new cluster. Otherwise,
				40	// it will try to connect to the cluster which endpoints were provided with
				41	// the --endpoints flag.
				42	var bootstrap bool
				43
Serge Bazanski	bdc803b	2023-03-27 10:55:09 +0200	[diff] [blame]	44	var bootstrapTPMMode string
Tim Windelschmidt	c09327c	2023-06-14 17:48:56 +0200	[diff] [blame]	45	var bootstrapStorageSecurityPolicy string
Serge Bazanski	bdc803b	2023-03-27 10:55:09 +0200	[diff] [blame]	46
Serge Bazanski	46a45f9	2023-07-19 17:09:52 +0200	[diff] [blame^]	47	type externalFile struct {
				48	reader io.Reader
				49	size uint64
				50	}
				51
				52	func external(name, datafilePath string, flag string) externalFile {
				53	if flag == nil \|\| *flag == "" {
				54	df, err := datafile.Get(datafilePath)
				55	if err != nil {
				56	log.Fatalf("No %s specified", name)
				57	}
				58	return &externalFile{
				59	reader: bytes.NewReader(df),
				60	size: uint64(len(df)),
				61	}
				62	}
				63
				64	f, err := os.Open(*bundlePath)
				65	if err != nil {
				66	log.Fatalf("Failed to open specified %s: %v", name, err)
				67	}
				68	st, err := f.Stat()
				69	if err != nil {
				70	log.Fatalf("Failed to stat specified %s: %v", name, err)
				71	}
				72	return &externalFile{
				73	reader: f,
				74	size: uint64(st.Size()),
				75	}
				76	}
Lorenz Brun	7a51019	2022-07-04 15:31:38 +0000	[diff] [blame]	77
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	78	func doGenUSB(cmd *cobra.Command, args []string) {
Serge Bazanski	bdc803b	2023-03-27 10:55:09 +0200	[diff] [blame]	79	var tpmMode cpb.ClusterConfiguration_TPMMode
				80	switch strings.ToLower(bootstrapTPMMode) {
				81	case "required", "require":
				82	tpmMode = cpb.ClusterConfiguration_TPM_MODE_REQUIRED
				83	case "best-effort", "besteffort":
				84	tpmMode = cpb.ClusterConfiguration_TPM_MODE_BEST_EFFORT
				85	case "disabled", "disable":
				86	tpmMode = cpb.ClusterConfiguration_TPM_MODE_DISABLED
				87	default:
				88	log.Fatalf("Invalid --bootstrap-tpm-mode (must be one of: required, best-effort, disabled)")
				89	}
				90
Tim Windelschmidt	c09327c	2023-06-14 17:48:56 +0200	[diff] [blame]	91	var bootstrapStorageSecurity cpb.ClusterConfiguration_StorageSecurityPolicy
				92	switch strings.ToLower(bootstrapStorageSecurityPolicy) {
				93	case "permissive":
				94	bootstrapStorageSecurity = cpb.ClusterConfiguration_STORAGE_SECURITY_POLICY_PERMISSIVE
				95	case "needs-encryption":
				96	bootstrapStorageSecurity = cpb.ClusterConfiguration_STORAGE_SECURITY_POLICY_NEEDS_ENCRYPTION
				97	case "needs-encryption-and-authentication":
				98	bootstrapStorageSecurity = cpb.ClusterConfiguration_STORAGE_SECURITY_POLICY_NEEDS_ENCRYPTION_AND_AUTHENTICATION
				99	case "needs-insecure":
				100	bootstrapStorageSecurity = cpb.ClusterConfiguration_STORAGE_SECURITY_POLICY_NEEDS_INSECURE
				101	default:
				102
				103	log.Fatalf("Invalid --bootstrap-storage-security (must be one of: permissive, needs-encryption, needs-encryption-and-authentication, needs-insecure)")
				104	}
				105
Serge Bazanski	46a45f9	2023-07-19 17:09:52 +0200	[diff] [blame^]	106	bundle := external("bundle", "metropolis/node/bundle.zip", bundlePath)
				107	installer := external("installer", "metropolis/installer/kernel.efi", installerPath)
Mateusz Zalega	d5f2f7a	2022-07-05 18:48:56 +0200	[diff] [blame]	108	ctx := clicontext.WithInterrupt(context.Background())
				109
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	110	// TODO(lorenz): Have a key management story for this
Mateusz Zalega	8234c16	2022-07-08 17:05:50 +0200	[diff] [blame]	111	if err := os.MkdirAll(flags.configPath, 0700); err != nil && !os.IsExist(err) {
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	112	log.Fatalf("Failed to create config directory: %v", err)
				113	}
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	114
Mateusz Zalega	d5f2f7a	2022-07-05 18:48:56 +0200	[diff] [blame]	115	var params *api.NodeParameters
				116	if bootstrap {
Serge Bazanski	cf23ebc	2023-03-14 17:02:04 +0100	[diff] [blame]	117	priv, err := core.GetOrMakeOwnerKey(flags.configPath)
				118	if err != nil {
				119	log.Fatalf("Failed to generate or get owner key: %v", err)
Mateusz Zalega	d5f2f7a	2022-07-05 18:48:56 +0200	[diff] [blame]	120	}
Serge Bazanski	cf23ebc	2023-03-14 17:02:04 +0100	[diff] [blame]	121	pub := priv.Public().(ed25519.PublicKey)
Mateusz Zalega	d5f2f7a	2022-07-05 18:48:56 +0200	[diff] [blame]	122	params = &api.NodeParameters{
				123	Cluster: &api.NodeParameters_ClusterBootstrap_{
				124	ClusterBootstrap: &api.NodeParameters_ClusterBootstrap{
Serge Bazanski	cf23ebc	2023-03-14 17:02:04 +0100	[diff] [blame]	125	OwnerPublicKey: pub,
Serge Bazanski	bdc803b	2023-03-27 10:55:09 +0200	[diff] [blame]	126	InitialClusterConfiguration: &cpb.ClusterConfiguration{
Tim Windelschmidt	c09327c	2023-06-14 17:48:56 +0200	[diff] [blame]	127	StorageSecurityPolicy: bootstrapStorageSecurity,
				128	TpmMode: tpmMode,
Serge Bazanski	bdc803b	2023-03-27 10:55:09 +0200	[diff] [blame]	129	},
Mateusz Zalega	d5f2f7a	2022-07-05 18:48:56 +0200	[diff] [blame]	130	},
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	131	},
Mateusz Zalega	d5f2f7a	2022-07-05 18:48:56 +0200	[diff] [blame]	132	}
				133	} else {
Mateusz Zalega	db75e21	2022-08-04 17:31:34 +0200	[diff] [blame]	134	cc := dialAuthenticated(ctx)
Mateusz Zalega	d5f2f7a	2022-07-05 18:48:56 +0200	[diff] [blame]	135	mgmt := api.NewManagementClient(cc)
				136	resT, err := mgmt.GetRegisterTicket(ctx, &api.GetRegisterTicketRequest{})
				137	if err != nil {
				138	log.Fatalf("While receiving register ticket: %v", err)
				139	}
				140	resI, err := mgmt.GetClusterInfo(ctx, &api.GetClusterInfoRequest{})
				141	if err != nil {
				142	log.Fatalf("While receiving cluster directory: %v", err)
				143	}
				144
				145	params = &api.NodeParameters{
				146	Cluster: &api.NodeParameters_ClusterRegister_{
				147	ClusterRegister: &api.NodeParameters_ClusterRegister{
				148	RegisterTicket: resT.Ticket,
				149	ClusterDirectory: resI.ClusterDirectory,
				150	CaCertificate: resI.CaCertificate,
				151	},
				152	},
				153	}
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	154	}
				155
				156	installerImageArgs := core.MakeInstallerImageArgs{
				157	TargetPath: args[0],
Serge Bazanski	46a45f9	2023-07-19 17:09:52 +0200	[diff] [blame^]	158	Installer: installer.reader,
				159	InstallerSize: installer.size,
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	160	NodeParams: params,
Serge Bazanski	46a45f9	2023-07-19 17:09:52 +0200	[diff] [blame^]	161	Bundle: bundle.reader,
				162	BundleSize: bundle.size,
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	163	}
				164
Serge Bazanski	9778322	2021-12-14 16:04:26 +0100	[diff] [blame]	165	log.Printf("Generating installer image (this can take a while, see issues/92).")
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	166	if err := core.MakeInstallerImage(installerImageArgs); err != nil {
				167	log.Fatalf("Failed to create installer: %v", err)
				168	}
				169	}
				170
				171	func init() {
				172	rootCmd.AddCommand(installCmd)
Mateusz Zalega	d5f2f7a	2022-07-05 18:48:56 +0200	[diff] [blame]	173
				174	genusbCmd.Flags().BoolVar(&bootstrap, "bootstrap", false, "Create a bootstrap installer image.")
Serge Bazanski	bdc803b	2023-03-27 10:55:09 +0200	[diff] [blame]	175	genusbCmd.Flags().StringVar(&bootstrapTPMMode, "bootstrap-tpm-mode", "required", "TPM mode to set on cluster (required, best-effort, disabled)")
Tim Windelschmidt	c09327c	2023-06-14 17:48:56 +0200	[diff] [blame]	176	genusbCmd.Flags().StringVar(&bootstrapStorageSecurityPolicy, "bootstrap-storage-security", "needs-encryption-and-authentication", "Storage security policy to set on cluster (permissive, needs-encryption, needs-encryption-and-authentication, needs-insecure)")
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	177	installCmd.AddCommand(genusbCmd)
Lorenz Brun	e657310	2021-11-02 14:15:37 +0100	[diff] [blame]	178	}