Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / ad4d9545ac74b43c3f442627b507d45f7eec3b3f / . / metropolis / node / core / cluster / cluster.go
blob: a009c33a8186affa75c6934457eba39718986380 [file] [log] [blame]
Tim Windelschmidt6d33a432025-02-04 14:34:25 +0100[diff] [blame]1// Copyright The Monogon Project Authors.
Serge Bazanski42e61c62021-03-18 15:07:18 +0100[diff] [blame]2// SPDX-License-Identifier: Apache-2.0
Serge Bazanski42e61c62021-03-18 15:07:18 +0100[diff] [blame]3
Serge Bazanski37110c32023-03-01 13:57:27 +0000[diff] [blame]4// Package cluster implements low-level clustering logic, especially logic
5// regarding to bootstrapping, registering into and joining a cluster. Its goal
6// is to provide the rest of the node code with the following:
7// - A mounted plaintext storage.
8// - Node credentials/identity.
9// - A locally running etcd server if the node is supposed to run one, and a
10// client connection to that etcd cluster if so.
11// - The state of the cluster as seen by the node, to enable code to respond to
12// node lifecycle changes.
Serge Bazanski42e61c62021-03-18 15:07:18 +0100[diff] [blame]13package cluster
14
15import (
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]16 "context"
17 "errors"
Serge Bazanski42e61c62021-03-18 15:07:18 +0100[diff] [blame]18 "fmt"
19
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]20 "source.monogon.dev/metropolis/node/core/localstorage"
21 "source.monogon.dev/metropolis/node/core/network"
Serge Bazanski6dff6d62022-01-28 18:15:14 +0100[diff] [blame]22 "source.monogon.dev/metropolis/node/core/roleserve"
Lorenz Brun35fcf032023-06-29 04:15:58 +0200[diff] [blame]23 "source.monogon.dev/metropolis/node/core/update"
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]24 apb "source.monogon.dev/metropolis/proto/api"
Mateusz Zalega2930e992022-04-25 12:52:35 +0200[diff] [blame]25 cpb "source.monogon.dev/metropolis/proto/common"
Tim Windelschmidt9f21f532024-05-07 15:14:20 +0200[diff] [blame]26 "source.monogon.dev/osbase/supervisor"
Serge Bazanski42e61c62021-03-18 15:07:18 +0100[diff] [blame]27)
28
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]29type Manager struct {
30 storageRoot *localstorage.Root
31 networkService *network.Service
Serge Bazanski6dff6d62022-01-28 18:15:14 +0100[diff] [blame]32 roleServer *roleserve.Service
Lorenz Brun35fcf032023-06-29 04:15:58 +0200[diff] [blame]33 updateService *update.Service
Lorenz Brun85ad26a2023-03-27 17:00:00 +0200[diff] [blame]34 nodeParams *apb.NodeParameters
Serge Bazanski5df62ba2023-03-22 17:56:46 +0100[diff] [blame]35 haveTPM bool
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]36
Serge Bazanskife5192d2023-03-16 11:33:56 +0100[diff] [blame]37 oneway chan struct{}
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]38}
39
40// NewManager creates a new cluster Manager. The given localstorage Root must
41// be places, but not yet started (and will be started as the Manager makes
42// progress). The given network Service must already be running.
Lorenz Brun35fcf032023-06-29 04:15:58 +0200[diff] [blame]43func NewManager(storageRoot *localstorage.Root, networkService *network.Service, rs *roleserve.Service, updateService *update.Service, nodeParams *apb.NodeParameters, haveTPM bool) *Manager {
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]44 return &Manager{
45 storageRoot: storageRoot,
46 networkService: networkService,
Serge Bazanski6dff6d62022-01-28 18:15:14 +0100[diff] [blame]47 roleServer: rs,
Lorenz Brun35fcf032023-06-29 04:15:58 +0200[diff] [blame]48 updateService: updateService,
Lorenz Brun85ad26a2023-03-27 17:00:00 +0200[diff] [blame]49 nodeParams: nodeParams,
Serge Bazanski5df62ba2023-03-22 17:56:46 +0100[diff] [blame]50 haveTPM: haveTPM,
Serge Bazanskife5192d2023-03-16 11:33:56 +0100[diff] [blame]51 oneway: make(chan struct{}),
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]52 }
53}
54
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]55// Run is the runnable of the Manager, to be started using the Supervisor. It
56// is one-shot, and should not be restarted.
57func (m *Manager) Run(ctx context.Context) error {
Serge Bazanskife5192d2023-03-16 11:33:56 +0100[diff] [blame]58 select {
59 case <-m.oneway:
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]60 return fmt.Errorf("cannot restart cluster manager")
Serge Bazanskife5192d2023-03-16 11:33:56 +0100[diff] [blame]61 default:
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]62 }
Serge Bazanskife5192d2023-03-16 11:33:56 +0100[diff] [blame]63 close(m.oneway)
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]64
Serge Bazanskie4a4ce12023-03-22 18:29:54 +0100[diff] [blame]65 // Try sealed configuration first.
Tim Windelschmidta10d0cb2025-01-13 14:44:15 +0100[diff] [blame]66 configuration, err := m.storageRoot.ESP.Metropolis.SealedConfiguration.Unseal(cpb.NodeTPMUsage_NODE_TPM_USAGE_PRESENT_AND_USED)
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]67 if err == nil {
68 supervisor.Logger(ctx).Info("Sealed configuration present. attempting to join cluster")
Mateusz Zalega2930e992022-04-25 12:52:35 +0200[diff] [blame]69
70 // Read Cluster Directory and unmarshal it. Since the node is already
71 // registered with the cluster, the directory won't be bootstrapped from
72 // Node Parameters.
73 cd, err := m.storageRoot.ESP.Metropolis.ClusterDirectory.Unmarshal()
74 if err != nil {
75 return fmt.Errorf("while reading cluster directory: %w", err)
76 }
Serge Bazanskie4a4ce12023-03-22 18:29:54 +0100[diff] [blame]77 return m.join(ctx, configuration, cd, true)
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]78 }
79
Serge Bazanski98054a12023-06-14 18:16:21 +0200[diff] [blame]80 if !errors.Is(err, localstorage.ErrNoSealed) && !errors.Is(err, localstorage.ErrSealedCorrupted) {
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]81 return fmt.Errorf("unexpected sealed config error: %w", err)
82 }
83
Tim Windelschmidta10d0cb2025-01-13 14:44:15 +0100[diff] [blame]84 configuration, err = m.storageRoot.ESP.Metropolis.SealedConfiguration.Unseal(cpb.NodeTPMUsage_NODE_TPM_USAGE_NOT_PRESENT)
Serge Bazanskie4a4ce12023-03-22 18:29:54 +0100[diff] [blame]85 if err == nil {
86 supervisor.Logger(ctx).Info("Non-sealed configuration present. attempting to join cluster")
87
88 // Read Cluster Directory and unmarshal it. Since the node is already
89 // registered with the cluster, the directory won't be bootstrapped from
90 // Node Parameters.
91 cd, err := m.storageRoot.ESP.Metropolis.ClusterDirectory.Unmarshal()
92 if err != nil {
93 return fmt.Errorf("while reading cluster directory: %w", err)
94 }
95 return m.join(ctx, configuration, cd, false)
96 }
97
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]98 supervisor.Logger(ctx).Info("No sealed configuration, looking for node parameters")
99
Lorenz Brun85ad26a2023-03-27 17:00:00 +0200[diff] [blame]100 switch inner := m.nodeParams.Cluster.(type) {
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]101 case *apb.NodeParameters_ClusterBootstrap_:
Serge Bazanski5839e972021-11-16 15:46:19 +0100[diff] [blame]102 err = m.bootstrap(ctx, inner.ClusterBootstrap)
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]103 case *apb.NodeParameters_ClusterRegister_:
Serge Bazanski5839e972021-11-16 15:46:19 +0100[diff] [blame]104 err = m.register(ctx, inner.ClusterRegister)
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]105 default:
Serge Bazanski5839e972021-11-16 15:46:19 +0100[diff] [blame]106 err = fmt.Errorf("node parameters misconfigured: neither cluster_bootstrap nor cluster_register set")
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]107 }
Serge Bazanski5839e972021-11-16 15:46:19 +0100[diff] [blame]108
109 if err == nil {
110 supervisor.Logger(ctx).Info("Cluster enrolment done.")
Serge Bazanskife5192d2023-03-16 11:33:56 +0100[diff] [blame]111 return nil
Serge Bazanski5839e972021-11-16 15:46:19 +0100[diff] [blame]112 }
113 return err
Serge Bazanskia959cbd2021-06-17 15:56:51 +0200[diff] [blame]114}