Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / a9b060b0bf7d965c7f04f1d005d7f3767715d5bc / . / metropolis / cli / metroctl / cmd_install.go
blob: cf43747f6348f956e5da17916e35352cc2f35d28 [file] [log] [blame]
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]1package main
2
3import (
Serge Bazanski97783222021-12-14 16:04:26 +0100[diff] [blame]4 "bytes"
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]5 "context"
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]6 "crypto/ed25519"
Lorenz Brun7a510192022-07-04 15:31:38 +0000[diff] [blame]7 _ "embed"
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]8 "log"
9 "os"
Tim Windelschmidtb765f242024-05-08 01:40:02 +0200[diff] [blame]10 "os/signal"
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]11
Tim Windelschmidt2a1d1b22024-02-06 07:07:42 +0100[diff] [blame]12 "github.com/bazelbuild/rules_go/go/runfiles"
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]13 "github.com/spf13/cobra"
14
Tim Windelschmidt2a1d1b22024-02-06 07:07:42 +0100[diff] [blame]15 "source.monogon.dev/metropolis/proto/api"
16 cpb "source.monogon.dev/metropolis/proto/common"
17
Jan Schära9b060b2024-08-07 10:42:29 +0200[diff] [blame^]18 "source.monogon.dev/metropolis/cli/flagdefs"
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]19 "source.monogon.dev/metropolis/cli/metroctl/core"
Tim Windelschmidt9f21f532024-05-07 15:14:20 +0200[diff] [blame]20 "source.monogon.dev/osbase/blkio"
21 "source.monogon.dev/osbase/fat32"
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]22)
23
24var installCmd = &cobra.Command{
Lorenz Brun7a510192022-07-04 15:31:38 +0000[diff] [blame]25 Short: "Contains subcommands to install Metropolis via different media.",
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]26 Use: "install",
27}
28
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]29// bootstrap is a flag controlling node parameters included in the installer
30// image. If set, the installed node will bootstrap a new cluster. Otherwise,
31// it will try to connect to the cluster which endpoints were provided with
32// the --endpoints flag.
Tim Windelschmidt7006caf2024-02-27 16:49:39 +0100[diff] [blame]33var bootstrap = installCmd.PersistentFlags().Bool("bootstrap", false, "Create a bootstrap installer image.")
Jan Schära9b060b2024-08-07 10:42:29 +0200[diff] [blame^]34var bootstrapTPMMode = flagdefs.TPMModePflag(installCmd.PersistentFlags(), "bootstrap-tpm-mode", cpb.ClusterConfiguration_TPM_MODE_REQUIRED, "TPM mode to set on cluster")
35var bootstrapStorageSecurityPolicy = flagdefs.StorageSecurityPolicyPflag(installCmd.PersistentFlags(), "bootstrap-storage-security", cpb.ClusterConfiguration_STORAGE_SECURITY_POLICY_NEEDS_ENCRYPTION_AND_AUTHENTICATION, "Storage security policy to set on cluster")
Tim Windelschmidt7006caf2024-02-27 16:49:39 +0100[diff] [blame]36var bundlePath = installCmd.PersistentFlags().StringP("bundle", "b", "", "Path to the Metropolis bundle to be installed")
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]37
Tim Windelschmidt7006caf2024-02-27 16:49:39 +0100[diff] [blame]38func makeNodeParams() *api.NodeParameters {
Tim Windelschmidtb765f242024-05-08 01:40:02 +0200[diff] [blame]39 ctx, _ := signal.NotifyContext(context.Background(), os.Interrupt)
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]40
Mateusz Zalega8234c162022-07-08 17:05:50 +0200[diff] [blame]41 if err := os.MkdirAll(flags.configPath, 0700); err != nil && !os.IsExist(err) {
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]42 log.Fatalf("Failed to create config directory: %v", err)
43 }
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]44
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]45 var params *api.NodeParameters
Tim Windelschmidt7006caf2024-02-27 16:49:39 +0100[diff] [blame]46 if *bootstrap {
47 // TODO(lorenz): Have a key management story for this
Serge Bazanskicf23ebc2023-03-14 17:02:04 +0100[diff] [blame]48 priv, err := core.GetOrMakeOwnerKey(flags.configPath)
49 if err != nil {
50 log.Fatalf("Failed to generate or get owner key: %v", err)
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]51 }
Serge Bazanskicf23ebc2023-03-14 17:02:04 +0100[diff] [blame]52 pub := priv.Public().(ed25519.PublicKey)
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]53 params = &api.NodeParameters{
54 Cluster: &api.NodeParameters_ClusterBootstrap_{
55 ClusterBootstrap: &api.NodeParameters_ClusterBootstrap{
Serge Bazanskicf23ebc2023-03-14 17:02:04 +0100[diff] [blame]56 OwnerPublicKey: pub,
Serge Bazanskibdc803b2023-03-27 10:55:09 +0200[diff] [blame]57 InitialClusterConfiguration: &cpb.ClusterConfiguration{
Jan Schära9b060b2024-08-07 10:42:29 +0200[diff] [blame^]58 StorageSecurityPolicy: *bootstrapStorageSecurityPolicy,
59 TpmMode: *bootstrapTPMMode,
Serge Bazanskibdc803b2023-03-27 10:55:09 +0200[diff] [blame]60 },
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]61 },
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]62 },
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]63 }
64 } else {
Mateusz Zalegadb75e212022-08-04 17:31:34 +0200[diff] [blame]65 cc := dialAuthenticated(ctx)
Mateusz Zalegad5f2f7a2022-07-05 18:48:56 +0200[diff] [blame]66 mgmt := api.NewManagementClient(cc)
67 resT, err := mgmt.GetRegisterTicket(ctx, &api.GetRegisterTicketRequest{})
68 if err != nil {
69 log.Fatalf("While receiving register ticket: %v", err)
70 }
71 resI, err := mgmt.GetClusterInfo(ctx, &api.GetClusterInfoRequest{})
72 if err != nil {
73 log.Fatalf("While receiving cluster directory: %v", err)
74 }
75
76 params = &api.NodeParameters{
77 Cluster: &api.NodeParameters_ClusterRegister_{
78 ClusterRegister: &api.NodeParameters_ClusterRegister{
79 RegisterTicket: resT.Ticket,
80 ClusterDirectory: resI.ClusterDirectory,
81 CaCertificate: resI.CaCertificate,
82 },
83 },
84 }
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]85 }
Tim Windelschmidt7006caf2024-02-27 16:49:39 +0100[diff] [blame]86 return params
87}
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]88
Tim Windelschmidt7006caf2024-02-27 16:49:39 +0100[diff] [blame]89func external(name, datafilePath string, flag *string) fat32.SizedReader {
90 if flag == nil || *flag == "" {
91 rPath, err := runfiles.Rlocation(datafilePath)
92 if err != nil {
93 log.Fatalf("No %s specified", name)
94 }
95 df, err := os.ReadFile(rPath)
96 if err != nil {
97 log.Fatalf("Cant read file: %v", err)
98 }
99 return bytes.NewReader(df)
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]100 }
101
Tim Windelschmidt9ded9942024-04-08 21:30:17 +0200[diff] [blame]102 f, err := blkio.NewFileReader(*flag)
Tim Windelschmidt7006caf2024-02-27 16:49:39 +0100[diff] [blame]103 if err != nil {
104 log.Fatalf("Failed to open specified %s: %v", name, err)
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]105 }
Tim Windelschmidt7006caf2024-02-27 16:49:39 +0100[diff] [blame]106
107 return f
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]108}
109
110func init() {
111 rootCmd.AddCommand(installCmd)
Lorenz Brune6573102021-11-02 14:15:37 +0100[diff] [blame]112}