Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 69fec522d5db79d07bb1f227c2ab39c57fdf2831 / . / metropolis / cli / metroctl / rpc.go
blob: 164e2ee4fb8a15eb48800771b0422726dba844a4 [file] [log] [blame]
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]1package main
2
3import (
4 "context"
Serge Bazanski925ec3d2024-02-05 14:38:20 +0100[diff] [blame]5 "crypto/tls"
Serge Bazanskib91938f2023-03-29 14:31:22 +0200[diff] [blame]6 "crypto/x509"
Mateusz Zalegab2cac082022-07-14 14:55:43 +0200[diff] [blame]7 "log"
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]8
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]9 "google.golang.org/grpc"
10
Mateusz Zalega18a67b02022-08-02 13:37:50 +0200[diff] [blame]11 "source.monogon.dev/metropolis/cli/metroctl/core"
Serge Bazanski925ec3d2024-02-05 14:38:20 +0100[diff] [blame]12 "source.monogon.dev/metropolis/node/core/rpc"
13 "source.monogon.dev/metropolis/node/core/rpc/resolver"
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]14)
15
Mateusz Zalegadb75e212022-08-04 17:31:34 +0200[diff] [blame]16func dialAuthenticated(ctx context.Context) *grpc.ClientConn {
Mateusz Zalega18a67b02022-08-02 13:37:50 +0200[diff] [blame]17 // Collect credentials, validate command parameters, and try dialing the
18 // cluster.
Serge Bazanskicf23ebc2023-03-14 17:02:04 +0100[diff] [blame]19 ocert, opkey, err := core.GetOwnerCredentials(flags.configPath)
20 if err == core.NoCredentialsError {
Mateusz Zalega18a67b02022-08-02 13:37:50 +0200[diff] [blame]21 log.Fatalf("You have to take ownership of the cluster first: %v", err)
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]22 }
Mateusz Zalegadb75e212022-08-04 17:31:34 +0200[diff] [blame]23 if len(flags.clusterEndpoints) == 0 {
24 log.Fatal("Please provide at least one cluster endpoint using the --endpoint parameter.")
25 }
Serge Bazanski7eeef0f2024-02-05 14:40:15 +0100[diff] [blame]26
27 ca, err := core.GetClusterCAWithTOFU(ctx, connectOptions())
28 if err != nil {
29 log.Fatalf("Failed to get cluster CA: %v", err)
30 }
31
Serge Bazanski925ec3d2024-02-05 14:38:20 +0100[diff] [blame]32 tlsc := tls.Certificate{
33 Certificate: [][]byte{ocert.Raw},
34 PrivateKey: opkey,
35 }
Serge Bazanski7eeef0f2024-02-05 14:40:15 +0100[diff] [blame]36 creds := rpc.NewAuthenticatedCredentials(tlsc, rpc.WantRemoteCluster(ca))
Serge Bazanski925ec3d2024-02-05 14:38:20 +0100[diff] [blame]37 opts, err := core.DialOpts(ctx, connectOptions())
38 if err != nil {
39 log.Fatalf("While configuring dial options: %v", err)
40 }
41 opts = append(opts, grpc.WithTransportCredentials(creds))
42
43 cc, err := grpc.Dial(resolver.MetropolisControlAddress, opts...)
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]44 if err != nil {
Serge Bazanski7eeef0f2024-02-05 14:40:15 +0100[diff] [blame]45 log.Fatalf("While dialing cluster: %v", err)
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]46 }
Mateusz Zalega18a67b02022-08-02 13:37:50 +0200[diff] [blame]47 return cc
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]48}
Serge Bazanskib91938f2023-03-29 14:31:22 +0200[diff] [blame]49
50func dialAuthenticatedNode(ctx context.Context, id, address string, cacert *x509.Certificate) *grpc.ClientConn {
51 // Collect credentials, validate command parameters, and try dialing the
52 // cluster.
53 ocert, opkey, err := core.GetOwnerCredentials(flags.configPath)
54 if err == core.NoCredentialsError {
55 log.Fatalf("You have to take ownership of the cluster first: %v", err)
56 }
57 cc, err := core.DialNode(ctx, opkey, ocert, cacert, flags.proxyAddr, id, address)
58 if err != nil {
59 log.Fatalf("While dialing node: %v", err)
60 }
61 return cc
62}