Blame - metropolis/node/core/cluster/cluster.go - monogon

blob: 6049c17be04e0193b1ca0bae1b7c1861d74640bf [file] [log] [blame]

Serge Bazanski	42e61c6	2021-03-18 15:07:18 +0100	[diff] [blame]	1	// Copyright 2020 The Monogon Project Authors.
				2	//
				3	// SPDX-License-Identifier: Apache-2.0
				4	//
				5	// Licensed under the Apache License, Version 2.0 (the "License");
				6	// you may not use this file except in compliance with the License.
				7	// You may obtain a copy of the License at
				8	//
				9	// http://www.apache.org/licenses/LICENSE-2.0
				10	//
				11	// Unless required by applicable law or agreed to in writing, software
				12	// distributed under the License is distributed on an "AS IS" BASIS,
				13	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				14	// See the License for the specific language governing permissions and
				15	// limitations under the License.
				16
Serge Bazanski	37110c3	2023-03-01 13:57:27 +0000	[diff] [blame]	17	// Package cluster implements low-level clustering logic, especially logic
				18	// regarding to bootstrapping, registering into and joining a cluster. Its goal
				19	// is to provide the rest of the node code with the following:
				20	// - A mounted plaintext storage.
				21	// - Node credentials/identity.
				22	// - A locally running etcd server if the node is supposed to run one, and a
				23	// client connection to that etcd cluster if so.
				24	// - The state of the cluster as seen by the node, to enable code to respond to
				25	// node lifecycle changes.
Serge Bazanski	42e61c6	2021-03-18 15:07:18 +0100	[diff] [blame]	26	package cluster
				27
				28	import (
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	29	"context"
				30	"errors"
Serge Bazanski	42e61c6	2021-03-18 15:07:18 +0100	[diff] [blame]	31	"fmt"
				32
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	33	"source.monogon.dev/metropolis/node/core/localstorage"
				34	"source.monogon.dev/metropolis/node/core/network"
Serge Bazanski	6dff6d6	2022-01-28 18:15:14 +0100	[diff] [blame]	35	"source.monogon.dev/metropolis/node/core/roleserve"
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	36	"source.monogon.dev/metropolis/pkg/supervisor"
				37	apb "source.monogon.dev/metropolis/proto/api"
Mateusz Zalega	2930e99	2022-04-25 12:52:35 +0200	[diff] [blame]	38	cpb "source.monogon.dev/metropolis/proto/common"
Serge Bazanski	42e61c6	2021-03-18 15:07:18 +0100	[diff] [blame]	39	)
				40
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	41	type Manager struct {
				42	storageRoot *localstorage.Root
				43	networkService *network.Service
Serge Bazanski	6dff6d6	2022-01-28 18:15:14 +0100	[diff] [blame]	44	roleServer *roleserve.Service
Lorenz Brun	85ad26a	2023-03-27 17:00:00 +0200	[diff] [blame]	45	nodeParams *apb.NodeParameters
Serge Bazanski	5df62ba	2023-03-22 17:56:46 +0100	[diff] [blame]	46	haveTPM bool
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	47
Serge Bazanski	fe5192d	2023-03-16 11:33:56 +0100	[diff] [blame]	48	oneway chan struct{}
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	49	}
				50
				51	// NewManager creates a new cluster Manager. The given localstorage Root must
				52	// be places, but not yet started (and will be started as the Manager makes
				53	// progress). The given network Service must already be running.
Serge Bazanski	5df62ba	2023-03-22 17:56:46 +0100	[diff] [blame]	54	func NewManager(storageRoot localstorage.Root, networkService network.Service, rs roleserve.Service, nodeParams apb.NodeParameters, haveTPM bool) *Manager {
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	55	return &Manager{
				56	storageRoot: storageRoot,
				57	networkService: networkService,
Serge Bazanski	6dff6d6	2022-01-28 18:15:14 +0100	[diff] [blame]	58	roleServer: rs,
Lorenz Brun	85ad26a	2023-03-27 17:00:00 +0200	[diff] [blame]	59	nodeParams: nodeParams,
Serge Bazanski	5df62ba	2023-03-22 17:56:46 +0100	[diff] [blame]	60	haveTPM: haveTPM,
Serge Bazanski	fe5192d	2023-03-16 11:33:56 +0100	[diff] [blame]	61	oneway: make(chan struct{}),
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	62	}
				63	}
				64
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	65	// Run is the runnable of the Manager, to be started using the Supervisor. It
				66	// is one-shot, and should not be restarted.
				67	func (m *Manager) Run(ctx context.Context) error {
Serge Bazanski	fe5192d	2023-03-16 11:33:56 +0100	[diff] [blame]	68	select {
				69	case <-m.oneway:
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	70	return fmt.Errorf("cannot restart cluster manager")
Serge Bazanski	fe5192d	2023-03-16 11:33:56 +0100	[diff] [blame]	71	default:
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	72	}
Serge Bazanski	fe5192d	2023-03-16 11:33:56 +0100	[diff] [blame]	73	close(m.oneway)
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	74
Serge Bazanski	e4a4ce1	2023-03-22 18:29:54 +0100	[diff] [blame]	75	// Try sealed configuration first.
Serge Bazanski	98054a1	2023-06-14 18:16:21 +0200	[diff] [blame]	76	configuration, err := m.storageRoot.ESP.Metropolis.SealedConfiguration.Unseal(cpb.NodeTPMUsage_NODE_TPM_PRESENT_AND_USED)
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	77	if err == nil {
				78	supervisor.Logger(ctx).Info("Sealed configuration present. attempting to join cluster")
Mateusz Zalega	2930e99	2022-04-25 12:52:35 +0200	[diff] [blame]	79
				80	// Read Cluster Directory and unmarshal it. Since the node is already
				81	// registered with the cluster, the directory won't be bootstrapped from
				82	// Node Parameters.
				83	cd, err := m.storageRoot.ESP.Metropolis.ClusterDirectory.Unmarshal()
				84	if err != nil {
				85	return fmt.Errorf("while reading cluster directory: %w", err)
				86	}
Serge Bazanski	e4a4ce1	2023-03-22 18:29:54 +0100	[diff] [blame]	87	return m.join(ctx, configuration, cd, true)
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	88	}
				89
Serge Bazanski	98054a1	2023-06-14 18:16:21 +0200	[diff] [blame]	90	if !errors.Is(err, localstorage.ErrNoSealed) && !errors.Is(err, localstorage.ErrSealedCorrupted) {
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	91	return fmt.Errorf("unexpected sealed config error: %w", err)
				92	}
				93
Serge Bazanski	98054a1	2023-06-14 18:16:21 +0200	[diff] [blame]	94	configuration, err = m.storageRoot.ESP.Metropolis.SealedConfiguration.Unseal(cpb.NodeTPMUsage_NODE_TPM_NOT_PRESENT)
Serge Bazanski	e4a4ce1	2023-03-22 18:29:54 +0100	[diff] [blame]	95	if err == nil {
				96	supervisor.Logger(ctx).Info("Non-sealed configuration present. attempting to join cluster")
				97
				98	// Read Cluster Directory and unmarshal it. Since the node is already
				99	// registered with the cluster, the directory won't be bootstrapped from
				100	// Node Parameters.
				101	cd, err := m.storageRoot.ESP.Metropolis.ClusterDirectory.Unmarshal()
				102	if err != nil {
				103	return fmt.Errorf("while reading cluster directory: %w", err)
				104	}
				105	return m.join(ctx, configuration, cd, false)
				106	}
				107
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	108	supervisor.Logger(ctx).Info("No sealed configuration, looking for node parameters")
				109
Lorenz Brun	85ad26a	2023-03-27 17:00:00 +0200	[diff] [blame]	110	switch inner := m.nodeParams.Cluster.(type) {
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	111	case *apb.NodeParameters_ClusterBootstrap_:
Serge Bazanski	5839e97	2021-11-16 15:46:19 +0100	[diff] [blame]	112	err = m.bootstrap(ctx, inner.ClusterBootstrap)
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	113	case *apb.NodeParameters_ClusterRegister_:
Serge Bazanski	5839e97	2021-11-16 15:46:19 +0100	[diff] [blame]	114	err = m.register(ctx, inner.ClusterRegister)
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	115	default:
Serge Bazanski	5839e97	2021-11-16 15:46:19 +0100	[diff] [blame]	116	err = fmt.Errorf("node parameters misconfigured: neither cluster_bootstrap nor cluster_register set")
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	117	}
Serge Bazanski	5839e97	2021-11-16 15:46:19 +0100	[diff] [blame]	118
				119	if err == nil {
				120	supervisor.Logger(ctx).Info("Cluster enrolment done.")
Serge Bazanski	fe5192d	2023-03-16 11:33:56 +0100	[diff] [blame]	121	return nil
Serge Bazanski	5839e97	2021-11-16 15:46:19 +0100	[diff] [blame]	122	}
				123	return err
Serge Bazanski	a959cbd	2021-06-17 15:56:51 +0200	[diff] [blame]	124	}