)]}' { "log": [ { "commit": "786134dcac2737cb3ab62f1b54389946b1bc7fd4", "tree": "4e2e7ebfc8a74ca2264f73a8acc69c39d26243a0", "parents": [ "b6308cd63854e3ef48e6afcc4c1f51e0c6ac1203" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Nov 13 16:55:14 2023 +0100" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Nov 16 18:09:22 2023 +0000" }, "message": "m/n/c/n/dhcp4c/transport: replace mdlayher/raw with mdlayher/packet\n\nChange-Id: Iee27f977434d795fd16df6a16096fd8439f423ba\nReviewed-on: https://review.monogon.dev/c/monogon/+/2308\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "b4f5024731f2f61b0f5b377fe9bcbb4934a5e83b", "tree": "d71e84a77c0e77849390bacbde7554bc02fa48b6", "parents": [ "62f1d3680947e1d78bacf2a7277fb4b2007ebacb" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Nov 14 21:51:07 2023 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Nov 15 13:10:19 2023 +0000" }, "message": "treewide: use Pinner to resolve safety issues\n\nPrior to Go 1.21 the only way to pass Go-managed pointers to the kernel\nwas to convert them to a uintptr inside the syscall argument expression.\nThis pattern was special-cased in the compiler to prevent the referenced\nmemory from being moved by an eventual moving GC in Go while the syscall\nis running (thus corrupting the Go heap).\n\nBut this was very restrictive as there are syscalls which take inputs\ncontaining further pointers. According to the official rules this could\nnot be implemented safely.\n\nIn practice you could just do it anyways as the current Go GC does\nin general not move objects, but it was always kind of a hack.\nWith Go 1.21 there is a new Pinner API which can be used to pin the\nmemory which is going to be referenced in these structures, allowing\nthem to be constructed and used over multiple calls.\n\nruntime.KeepAlive is still required to prevent finalizers from running\nprematurely.\n\nUse this new API and remove the relevant comments.\n\nChange-Id: I26bce06e1c20a5fe0c41f9ae736a895f533674c1\nReviewed-on: https://review.monogon.dev/c/monogon/+/2316\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "62f1d3680947e1d78bacf2a7277fb4b2007ebacb", "tree": "38c2fe1d57b68788f79ae018075b246f228310cc", "parents": [ "60461b2b23eb57319525a3e00d7ae57e51598ebc" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Nov 14 16:18:24 2023 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Nov 14 16:44:03 2023 +0000" }, "message": "treewide: stop using LZ4 for initrd compression\n\nThere are two issues at play here: One is a bug in pierrec/lz4 when\nusing the legacy framing format [1]. This bit us when we hit a broken\nsize region with CL:2130, taking hours to debug.\n\nThe other is the fact that the Linux LZ4 frame format has significant\ndesign issues [2], especially with concatenanted initrds.\n\nThe first issue could be fixed by switching to a different LZ4\nimplementation (we do even have the reference impl in the monorepo) but\nthere is no API to generate the legacy frame format and things like [3],\na patch carried by Ubuntu to fix more edge cases just do not inspire\nconfidence in such a solution.\n\nThus, this CL switches over to using zstd for compressing initrds.\n\nZstd is slower than LZ4 for decompressing, but it still decompresses at\nmultiple GB/s per core while having a much better compression ratio.\nIt also doesn\u0027t have any Linux-specific bits and Linux uses the\nreference implementation for decoding, which should make it much more\nrobust. So overall I think this is a good tradeoff.\n\n[1] https://github.com/pierrec/lz4/issues/156\n[2] https://github.com/lz4/lz4/issues/956#issuecomment-736705712\n[3] https://launchpadlibrarian.net/507407918/0001-unlz4-Handle-0-size-chunks-discard-trailing-padding-.patch\n\nChange-Id: I69cf69f2f361de325f4b39f2d3644ee729643716\nReviewed-on: https://review.monogon.dev/c/monogon/+/2313\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "60461b2b23eb57319525a3e00d7ae57e51598ebc", "tree": "17f4eb857a29b08a6e2be059279b9d88691aff09", "parents": [ "3fd0977e92c3e86cdfde736debdda66af05d1015" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Oct 26 19:16:59 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Nov 13 21:05:16 2023 +0000" }, "message": "metropolis: move curator client watches to curator/watcher\n\nThis replaces all the ad-hoc code to watch Curator node(s) with calls\nthrough the new curator/watcher library.\n\nChange-Id: Ie2a82b330e4108b9b725515cb10595916c38b323\nReviewed-on: https://review.monogon.dev/c/monogon/+/2263\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "3fd0977e92c3e86cdfde736debdda66af05d1015", "tree": "879808d1406f1f1caeb5030a10779d25a6c05a07", "parents": [ "8ec6ef0931c7e3d3084bc3180a9d88c002a1618d" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Oct 26 19:13:32 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Nov 13 20:11:06 2023 +0000" }, "message": "m/n/c/curator/watcher: init\n\ncurator/watcher is a new library which simplifies access to the Curator\nfrom client code.\n\nIt implements common logic found in a bunch of Metropolis code, where a\nnode or multiple nodes are watched for updates. The single-node version\nof this RPC is not that complex, but the many-node version is and\ndefinitely deserves a client library to remove possible sources of\nimplementation bugs.\n\nThis doesn\u0027t yet switch over any of the existing code to use this\nlibrary - that will come up in another CR on the stack.\n\nChange-Id: Ia1df6f21473f86cb9af1e962d157350a5cfd7d07\nReviewed-on: https://review.monogon.dev/c/monogon/+/2262\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "ea762f621a91400569c3118bbaef395336d90979", "tree": "f2d09d28d42e91795c83e5b9b15e88e00a484bf6", "parents": [ "d0424439e5c6637afa5b8156464d14933d955404" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Nov 08 18:54:56 2023 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Nov 13 15:39:29 2023 +0000" }, "message": "m/n/c/n/hostsfile: do not log individual entries\n\nThis gets extremely spammy when spinning up large clusters as it\nemits all entries for every new hostsfile into the log.\nFor a fresh cluster of n nodes this is O(n^2) log lines, which is\nfar too many. The number of entries is already logged and should be\nsufficient for debugging purposes.\n\nChange-Id: I6bf4e489aea52bad3a32a8a0f900e832b6a4f197\nReviewed-on: https://review.monogon.dev/c/monogon/+/2298\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "d9f1f1ec67af21eba685505d7b3086fc222106e1", "tree": "9281d846ff2d20f66dc24d2231969deb7fd1348d", "parents": [ "8456ddf02aea2e1015805f18ef1871812c5cb7f6" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Oct 31 15:44:35 2023 +0100" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Oct 31 17:33:45 2023 +0000" }, "message": "node/core: add sysctls\n\nChange-Id: I47b0d639a62f73f134430c5164a35eef2b5622d7\nReviewed-on: https://review.monogon.dev/c/monogon/+/2273\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "8456ddf02aea2e1015805f18ef1871812c5cb7f6", "tree": "7ea30de34d2ed42e2da1c044fb62576464b4e2cc", "parents": [ "7acd92dae19109fff8e6036d0a7fcd64aa1851c1" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Oct 30 18:56:59 2023 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Oct 30 22:12:01 2023 +0000" }, "message": "metropolis: implement node Deletion and framework for Decommissioning\n\nThis implements the basic ability to remove nodes from a cluster.\n\nWe prepare for a more complex workflow involving multi-sage\ndecommissioning, but first implement the \u0027worst case\u0027 workflow, in which\na node needs to be deleted if it hasn\u0027t been gracefully decommissioned.\nThis is what we currently need most in practice, as we have node\nfailures we\u0027d like to deal with.\n\nThe Delete functionality is still not fully complete though, as we\u0027re\nstill accepting client certificates from decommissioned nodes. But we\u0027ll\nfix that in an upcoming CR.\n\nChange-Id: I7322cb1464a9e5bc924363321534033dcc8a6246\nReviewed-on: https://review.monogon.dev/c/monogon/+/2270\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "7acd92dae19109fff8e6036d0a7fcd64aa1851c1", "tree": "23f299c22f1b40014e9bf7bfca47b1788c1f7f28", "parents": [ "91c0397b2f8eab309e0958afa1746c2a2d02b433" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Oct 30 18:56:00 2023 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Oct 30 22:12:01 2023 +0000" }, "message": "metropolis: renamed DISOWNED to DECOMMISSIONED\n\nThis seems like a better name, and the old one was never actually used\nanywhere.\n\nChange-Id: I66b17a9145225828bb978c999bbecd5118188389\nReviewed-on: https://review.monogon.dev/c/monogon/+/2269\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "91c0397b2f8eab309e0958afa1746c2a2d02b433", "tree": "1be5ceff1a23a179d2bbcdf5ca744624112131b4", "parents": [ "da342a424ffbd981df2250ebed2aa845a18356eb" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Oct 30 18:54:32 2023 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Oct 30 22:12:01 2023 +0000" }, "message": "m/n/core/curator: add FsmState to Curator Node data\n\nThe node state from the point of view of the cluster is already exposed\nthrough the Management Node data. Add the same to the Curator Node data.\nWe\u0027ll use this in nodes to detect when a node is requested to be\ndecommissioned.\n\nChange-Id: I60408a5e3a22c21dae6f073e21528ccc309b3fbe\nReviewed-on: https://review.monogon.dev/c/monogon/+/2268\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "da342a424ffbd981df2250ebed2aa845a18356eb", "tree": "2eae1557414e3d3982206e267d2e8ee0bd219bc2", "parents": [ "c0f72dc5bd129a27d9a141a84f3602480a28400a" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Oct 24 15:47:54 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Oct 26 20:58:17 2023 +0000" }, "message": "m/n/b/fwprune: fix bug in firmware deduplication\n\nThe populatedPaths set was checked for the path relative to\n/lib/firmware, but the absolute path was added. This caused the\nbailout for duplicate firmware requests to be ineffective.\n\nFound while using this for a weekend project.\n\nChange-Id: I74f6cd0dd7e2da1fc189da8a4d01aba7ac29b837\nReviewed-on: https://review.monogon.dev/c/monogon/+/2264\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "f64f197c8039a72d82efaae6a21f725d3cd3ac7a", "tree": "302a5d9c6ee1d5cdf2b2c8e4abe7b0609c9a2ffa", "parents": [ "54a5a053f2250c03d8476293ecb98fdb458ee5fd" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Fri Jul 28 00:00:50 2023 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Oct 11 10:53:00 2023 +0000" }, "message": "metropolis/node/core/metrics: fixup metrics authentication\n\nChange-Id: I67643855ab61bfdea980211ffe01e50c2409882b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1979\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "54a5a053f2250c03d8476293ecb98fdb458ee5fd", "tree": "acfde3ff61c5181ca89998d725001071f86d9356", "parents": [ "4811e70b3cd8f237c1b57ac85cc4c02b57c82535" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Oct 02 16:40:11 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Oct 10 15:14:57 2023 +0000" }, "message": "metropolis: implement and use A/B preloader\n\nThis switches over from using the EFI built-in bootloader for A/B\nupdates to using our own EFI preloader due to significant issues with\nin-the-wild EFI implementations. It is a very minimal design relying\non a single Protobuf state file instead of EFI variables.\n\nChange-Id: Ieebd0a8172ebe3f44c69b3e8c278c53d3fe2eeb4\nReviewed-on: https://review.monogon.dev/c/monogon/+/2203\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "5a90d306602a5ccb7022fa8c80b7b1e4fb6c85d4", "tree": "b6e2bfe17aa8ccb532aeca405e17fc2eda99dc5f", "parents": [ "d141d182614f915ae44250b84c6be10276ca4840" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Oct 09 17:38:13 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Oct 09 15:47:05 2023 +0000" }, "message": "metropolis: fix handling GPT holes\n\nGPT tables can have \"holes\" i.e. unused partition slots. These are\nrepresented as nil values. Code walking these tables did not consider\nthat partition entries might be nil.\nFix the call sites and improve the gpt package documentation to\nexplicitly mention the need to check IsUnused.\n\nChange-Id: I27f5db31e14a4907a84d6069ddcc267b25871f72\nReviewed-on: https://review.monogon.dev/c/monogon/+/2208\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "1dc60af36a57d434689032234fdc9e9d00ed957e", "tree": "df6f6d4fef63fb3fa13b4f06b9a06e0339caaec2", "parents": [ "e0c0617e33e3b9c9a69b150189b1b13c010de9e0" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Oct 03 15:40:09 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Oct 05 13:46:24 2023 +0000" }, "message": "m/node: replace image genrule with proper rule\n\nThe genrule has issues with transitions so replace it with a proper\nrule.\n\nChange-Id: Ie5c38ae17da07a3694a6d0ea7a6580c588916175\nReviewed-on: https://review.monogon.dev/c/monogon/+/2205\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "e0c0617e33e3b9c9a69b150189b1b13c010de9e0", "tree": "9908902859bf7245a07e27cb0e6c621f65f15a1d", "parents": [ "48f22ce3a1558ad9994de3bde93f38e1aa997812" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Sep 19 12:28:16 2023 +0000" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Sep 26 10:01:57 2023 +0000" }, "message": "go/clitable: factor out from metroctl\n\nWe need the same functionality in bmcli, so factor it out from metroctl\ninto a generic library.\n\nChange-Id: I3fb3dfaae44a64d204e9220f117f379c382c5c4f\nReviewed-on: https://review.monogon.dev/c/monogon/+/2172\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "f0ae33180b59b25d236199e1b874f0dce7aa1e41", "tree": "0d3ffd008695edc1a4b9afde63ac8f149d7d6d94", "parents": [ "65b1c682edc6237dbb50efa7a08475d56a97a7ae" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Sep 12 13:40:30 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Sep 18 13:56:28 2023 +0000" }, "message": "m/p/watchdog: add watchdog package\n\nThis adds the watchdog package for interfacing with devices implementing\nthe Linux watchdog API. There is one alternative implementation at\ngithub.com/mdlayher/watchdog but it is too minimal for our use case.\n\nThe kernel API contains a bunch of weird status bits only relevant for\nphysical watchdog cards which are not made accessible through the\nGo package.\n\nSadly there are no integration tests for this package as ktest wouldn\u0027t\nwork for this because a) no watchdog HW and b) the test success depends\non a condition outside the kernel.\n\nChange-Id: If138a97bc655025da4426665f8cbf1f093cc3bb1\nReviewed-on: https://review.monogon.dev/c/monogon/+/2142\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "65b1c682edc6237dbb50efa7a08475d56a97a7ae", "tree": "98dc265e817dd56c29c03b0bcbfcdaacf52778df", "parents": [ "65702194ea264a0fd01fb470bacaf39264b4f637" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Sep 14 15:49:39 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Sep 14 16:05:16 2023 +0000" }, "message": "m/p/blockdev: use errors.ErrUnsupported in 1.21\n\nChange-Id: Ice8780b092c034cf755aa409ef5fce5a8aef9226\nReviewed-on: https://review.monogon.dev/c/monogon/+/2147\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "65702194ea264a0fd01fb470bacaf39264b4f637", "tree": "3469201097b30e638f1e446655e1d23b33d90f8d", "parents": [ "f551a7696824a9ddbac63191c489db8280aee0a4" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Aug 31 16:27:38 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Sep 14 13:43:45 2023 +0000" }, "message": "workspace: rules_go, gazelle, go, gVisor update\n\nThis commit not only updates rules_go and friends, but also updates\ngVisor, removes legacy protobuf usage and switches from using\nbuild_configuration to a config flag for bazel\n\nChange-Id: Idb383f35ca0fec4cb7329e9d991f08f28cf9b1fb\nReviewed-on: https://review.monogon.dev/c/monogon/+/2129\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "3781ddbfd7534f88317a44e6fee02670fe36a01e", "tree": "2c0247c43643cea03672b12d47247acfd4f6d320", "parents": [ "8b000b2217522891cace6ad3b98d805b1a262345" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Aug 21 20:59:01 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Aug 23 08:59:12 2023 +0000" }, "message": "metropolis/curator: report leader based on ledership election status\n\nThis makes GetCurrentLeader calls respond to cluster/leader changes\ninstead of relying on connections getting closed on time when a leader\nchanges, or when a node gets elected as a leader.\n\nThis leads to less churn when cluster leadership status changes (no need\nfor every RPC client to re-establish connectivity to get the new\nleader). It should also be faster to respond to cluster leader changes,\nas it doesn\u0027t rely on the the RPC client detecting that the node it\nconnected to has stopped responding / disconnected.\n\nChange-Id: I9de12286530226b3832d2ae07cb7d943ca537d3f\nReviewed-on: https://review.monogon.dev/c/monogon/+/2069\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "8b000b2217522891cace6ad3b98d805b1a262345", "tree": "2696cf2de6fe72f5e220e4db725a81c816de1bce", "parents": [ "0573d7d031e51af42cb482c3cd788a280ccaaf28" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Aug 08 16:11:26 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Aug 23 08:59:12 2023 +0000" }, "message": "metropolis/hostsfile: update our own node\u0027s roles correctly\n\nThis properly serializes the state of our own node\u0027s roles into startup\ndata (and the hosts file) if it is assigned during node runtime.\n\nWithout this, we could end up serializing out of date node role data and\nthus would not startup up with a cluster directory (and persisted node\nroles) which would allow for proper control plane startup.\n\nChange-Id: I45da5d73cc0eea0a7c32308bbecf512bb9699d55\nReviewed-on: https://review.monogon.dev/c/monogon/+/2068\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "0573d7d031e51af42cb482c3cd788a280ccaaf28", "tree": "8e7cb6f506bbba04985860830dae6f8de4ac4b4f", "parents": [ "67023fe466d35df7ff7e606e74f3bcf51ac8085c" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Aug 08 16:01:04 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Aug 23 08:59:12 2023 +0000" }, "message": "metropolis/resolver: more logging\n\nThis should let us figure out HA connectivity issues better in the\nfuture. We were mostly missing logging connection attempts to control\nplane nodes and leader information received from them.\n\nChange-Id: I88f3e4b289561e7b31fcbb59d26b674d8b6aea39\nReviewed-on: https://review.monogon.dev/c/monogon/+/2067\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "6eb3fb31f0d1385e96652b6bee043bd9c5f6a577", "tree": "33e2e6e6e17ae40519909d0927ce33bb9b0cf2c7", "parents": [ "c7108352bd9e03780e6f8836be6c5fffaa0f6501" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 17:19:24 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 21:01:28 2023 +0000" }, "message": "m/n/core: pipe kernel logs into logtree\n\nCurrently the kernel log is only available on the local console\n(serial/screen) and only if they are high-severity entries.\nThis log should be inspectable and collectable together with the\nother Metropolis logs, thus pipe it into logtree under the root.kernel\nnode..\n\nChange-Id: If5006db251eb8662ae9939a56e23bbb895304690\nReviewed-on: https://review.monogon.dev/c/monogon/+/2045\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c7108352bd9e03780e6f8836be6c5fffaa0f6501", "tree": "fa6b87a5cd44288921d18a3f4476c99717da318f", "parents": [ "efa381fa9e8a3850ca1332ce617778d330d5e3ba" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 17:09:40 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 18:46:57 2023 +0000" }, "message": "m/p/logtree: add kmsg pipe\n\nThis allows ingesting Linux kernel (kmsg) logs into logtree with\nthe original metadata (timestamp, severity) preserved.\n\nChange-Id: Ibb6e3a7a0ae4a008b8e9c98beccb3a95c067cb75\nReviewed-on: https://review.monogon.dev/c/monogon/+/2044\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "efa381fa9e8a3850ca1332ce617778d330d5e3ba", "tree": "6fd0db26eab500ba19d7dd6c92b3f9b2cffb6646", "parents": [ "431acaa53ad0914eaf8bc89366b693640acbde13" ], "author": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Wed Aug 09 17:43:06 2023 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Wed Aug 09 18:11:25 2023 +0000" }, "message": "Set flaky flag on all known flakes\n\nBazel will retry tests marked as flaky up to three times. This has\nthe obvious downside of making the flakes less visible, but popping\nup as unrelated build failures is not the best way to surface them.\n\nChange-Id: I0c97450b17f2e8a56275d3b738e7d34b89be44f6\nReviewed-on: https://review.monogon.dev/c/monogon/+/2047\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "431acaa53ad0914eaf8bc89366b693640acbde13", "tree": "5c6fedd3d4cd204c4b99b42afbc5eba83a167341", "parents": [ "009b12662712fd70670c0dc6015e1a135d4a3cd0" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 14:29:24 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 16:10:05 2023 +0000" }, "message": "m/n/c/consensus: fix flaky TestEtcdMetrics\n\nThe metrics endpoint comes up before the bootstrap process is complete.\nThe test context then gets cancelled as the test has succeeded,\nbut the consensus runnable is not done bootstrapping, causing it to\nreturn an error and TestHarness to\nfail the test.\n\nFix this by waiting for the etcd state to be populated, indicating that\nthe bootstrap machinery has done its job.\n\nFixes https://github.com/monogon-dev/monogon/issues/258\n\nChange-Id: Ied270191aaebb226822a1c9d7f8c6312bd0da1ed\nReviewed-on: https://review.monogon.dev/c/monogon/+/2043\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "9563673b5913420e143518b53d3134d4f29b404b", "tree": "f41aee88ab9e63b2a8f38203d3aa9a169663edc7", "parents": [ "32c5fb80970db711fc2f81ceef2b07c29b409e5b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 16:59:40 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 17:54:59 2023 +0000" }, "message": "m/n/c/update: work with invalid boot entries\n\nCurrently if any boot entry is unreadable or unparseable, we refuse to\nperform any updates. This is not desirable as any edge cases in our\nparser or the EFI firmware cause the update mechanism to be\nnon-functional, even preventing us from shipping an update to fix the\nissue. It makes more sense to just log occurrences where such an entry\ncould not be read/parsed.\n\nChange-Id: I8a1161bf35a4c8deb1d82156662b512bcc43ed59\nReviewed-on: https://review.monogon.dev/c/monogon/+/2038\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "32c5fb80970db711fc2f81ceef2b07c29b409e5b", "tree": "45b735a5f41722d0cc5fc6886e894d498830a132", "parents": [ "f025d1b20232385fa09459794dda9f9df0f5295a" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Aug 03 17:37:56 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 17:54:59 2023 +0000" }, "message": "m/n/c/update: fix matching boot entries\n\nThe matching code accidentally worked as long as there was only one boot\nentry for each loader path (boot-a.efi/boot-b.efi) as it type-asserted\na pointer which caused ok to always be false and thus all entries passed\nthrough the UUID check.\n\nThis fixes the type assertion and following logic.\n\nChange-Id: I83fdd2204028633dc274055f7d1ecb458747174e\nReviewed-on: https://review.monogon.dev/c/monogon/+/2031\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "f025d1b20232385fa09459794dda9f9df0f5295a", "tree": "e19ea5d8e3af4e2314b42602e60305db5d376051", "parents": [ "3b25cf7c486781e018795066c3337e73ac7e526b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 14:52:49 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 13:28:39 2023 +0000" }, "message": "m/p/efivarfs: allow multiple paths in LoadOption\n\nThe FilePathList in an EFI LOAD_OPTION technically allows multiple\ndevice paths separated by end of path markers. These additional paths\nbeyond the first one do not have any standardized function, but some\nEFI vendors use them to store data. Currently we fail to parse them\nbecause they contain more than one end of path marker. Fix this by\nadding an ExtraPaths field to LoadOption and implementing marshalling/\nunmarshalling for it. I chose to use a separate field in the Go\nstruct because these additional paths do not have the same functionality\nas the first one (they are not bootable).\n\nChange-Id: I96df17915966a973a7553fe9864a0b3e6f6b61e8\nReviewed-on: https://review.monogon.dev/c/monogon/+/2037\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "3b25cf7c486781e018795066c3337e73ac7e526b", "tree": "82e9b47b2ffb0614f811b57eb000c249942686d7", "parents": [ "45d6f1821bf047dbe2a71b8d21401dfb60583285" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 17 16:58:10 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Aug 07 13:27:50 2023 +0000" }, "message": "metropolis/cli/metroctl: add update command\n\nChange-Id: Iab7f930923f8009e0e14f96fc64d336614b1251e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1937\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "45d6f1821bf047dbe2a71b8d21401dfb60583285", "tree": "196dd81b11f57f665327e5e53f59a726c0488513", "parents": [ "b80b8449f4a62c797dd397d08fc0caf70776e5c0" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Aug 07 13:19:41 2023 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Aug 07 13:27:46 2023 +0000" }, "message": "metropolis/node/core/mgmt: add logging for update activation method\n\nChange-Id: Ief4ef6447ac132755df35c5742dedc5d15d71d74\nReviewed-on: https://review.monogon.dev/c/monogon/+/2029\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "b80b8449f4a62c797dd397d08fc0caf70776e5c0", "tree": "be4ca586c31d9abd9152a16d69c1839c28cf1070", "parents": [ "a4b88849c4691a1674d4427ee73a79ae8ea76460" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Aug 03 17:40:17 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 13:04:06 2023 +0000" }, "message": "m/n/c/mgmt: unmount ESP before restarting\n\nThis provides additional reliability for the FAT32 ESP partition.\nNothing should keep persistent handles for files on the ESP. Ignore\nerrors in case anything does.\n\nChange-Id: I04bfbb82fddfc740c5c234c028de89539e91a696\nReviewed-on: https://review.monogon.dev/c/monogon/+/2032\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "a4b88849c4691a1674d4427ee73a79ae8ea76460", "tree": "c7e187fc439da01546cf701d5501dab799a91ee9", "parents": [ "d14be0eb8bcffb6ba597f26e3ad57b311ca376fc" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Aug 03 17:34:56 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 11:37:10 2023 +0000" }, "message": "m/n/c/localstorage: fix logic error determining ESP\n\nThe OS integration of the A/B update engine has a logic error which\ncaused it to provide all partitions as ESP, of which the last one\n(the data partition) stuck.\n\nChange-Id: Ia721f9f515ca65f710f07ba25b3be68544158a7c\nReviewed-on: https://review.monogon.dev/c/monogon/+/2030\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "d14be0eb8bcffb6ba597f26e3ad57b311ca376fc", "tree": "3a1286f0eb3623db53c4cb2c880eb5a1059ae1f0", "parents": [ "c07d74efd282261c68d33d745d52a6703448c8fd" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Jul 31 16:46:14 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 11:37:10 2023 +0000" }, "message": "m/n/c/update: implement kexec-based activation\n\nAs we\u0027ve had some issues with EFI-based slot activation and enterprise\nserver firmware is extremely slow, this implements kexec-based\nactivation. This just kexecs into the freshly-installed slot instead of\nrebooting. It still updates the BootOrder on successful boot to allow\ncold-boots if the server crashes or loses power, but no longer uses the\nNextBoot mechanism to boot into the new slot once (this is taken care of\nby kexec).\n\nChange-Id: I6092c47d988634ba39fb6bdd7fd7ccd41ceb02ef\nReviewed-on: https://review.monogon.dev/c/monogon/+/2021\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c07d74efd282261c68d33d745d52a6703448c8fd", "tree": "d02247ddbe08318edc5e1ea5eb17c23f0a2c3435", "parents": [ "cf7bd147a0e8b61133472471eb7193566d8b1a4e" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Aug 03 17:41:23 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Aug 03 16:55:34 2023 +0000" }, "message": "m/i/t: replace loglevel\u003d0 with quiet\n\nWe should really not be using loglevel\u003d0 in tests, it hides even\ncritical errors like panics.\n\nChange-Id: I6e8dc0f2352efe7f9328faeb0c5e736a75eacb0e\nReviewed-on: https://review.monogon.dev/c/monogon/+/2033\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "cf7bd147a0e8b61133472471eb7193566d8b1a4e", "tree": "3521de5e73c456870dbbce86d907e3557593b452", "parents": [ "d07489b551c242df6ed73d07d17b47feb3827b48" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Aug 03 15:20:09 2023 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Aug 03 15:42:45 2023 +0000" }, "message": "metropolis/node: remove genrule image_gcp\n\nThis is currently very flaky and we dont use it anyway\n\nChange-Id: Idf91cdc3f45da11635a8ee78617d209665a5bbc7\nReviewed-on: https://review.monogon.dev/c/monogon/+/2028\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "d07489b551c242df6ed73d07d17b47feb3827b48", "tree": "2684f906758105cb9108c19069091a9d86ad7786", "parents": [ "8e87a062badeb7f6b93c6486925aa99c616cd8a6" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Aug 03 13:09:02 2023 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Aug 03 15:33:41 2023 +0000" }, "message": "metropolis/pkg/efivarfs: write variables with 0644 perms\n\nThe kernel creates all files with these permissions, so having different ones\nis useless.\n\nChange-Id: Iaafb6080de349f95e566bb2e4faf821864cf75e6\nReviewed-on: https://review.monogon.dev/c/monogon/+/2025\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "8e87a062badeb7f6b93c6486925aa99c616cd8a6", "tree": "73226d80fb80580c02c092d41aac59da1d94d1f9", "parents": [ "3961acd37445d5139040b910e093e759828552ad" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 31 01:33:10 2023 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Aug 03 15:33:25 2023 +0000" }, "message": "metropolis/node/core/update: set partition start and size in efi\n\nChange-Id: I1dc6b6738a375c6fc581d51494d13fbeda7b724d\nReviewed-on: https://review.monogon.dev/c/monogon/+/2026\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "3961acd37445d5139040b910e093e759828552ad", "tree": "3ed82aa3adca72268431acd88135e2afa2397468", "parents": [ "a622379880cd043e0a12ab25129801e2c63d82bb" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 02 17:55:06 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 02 16:33:55 2023 +0000" }, "message": "m/p/gpt: fix protective MBR off-by-one\n\nSince the protective MBR partition starts at block 1 (the first is the\nthe protective MBR itself) that first block needs to be subtracted from\nits size.\n\nChange-Id: I99bbb449c27596efd2dd260ffb388a9a69a09589\nReviewed-on: https://review.monogon.dev/c/monogon/+/2024\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "a622379880cd043e0a12ab25129801e2c63d82bb", "tree": "2b624fc68521ec72a3d018b2b71cfe755939795a", "parents": [ "0b84a9f5e2caef3f66e4d912b6ac18429dff2c2d" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Jul 31 17:13:11 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 02 10:12:22 2023 +0000" }, "message": "m/n/c/consensus: fix format directive error\n\nThat %w points to err which is not actually populated in this code path.\n\nChange-Id: I025eafbd4733cb584c67af2479992c9368d414e9\nReviewed-on: https://review.monogon.dev/c/monogon/+/2022\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "0b84a9f5e2caef3f66e4d912b6ac18429dff2c2d", "tree": "e44c00c20213a01877783405929f27edc3357d79", "parents": [ "35fcf0397be02883ace364e650b3e8d9a2281e24" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jul 27 14:20:31 2023 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Aug 01 13:30:41 2023 +0000" }, "message": "metropolis/node: show build commit on startup\n\nPreviously it was not possible to identify the running version,\nwith this change the build commit and tree state gets stamped into the binary\nand printed on boot.\n\nChange-Id: I3916e3d40dc87f28a58eb74c6450218550fb3214\nReviewed-on: https://review.monogon.dev/c/monogon/+/1978\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "35fcf0397be02883ace364e650b3e8d9a2281e24", "tree": "cb1297a2e4a34eeebb9faf09b44c3b95cf603f7f", "parents": [ "ad131883747f73e51526dd6f163df23b913f69ed" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 29 04:15:58 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 27 13:58:35 2023 +0000" }, "message": "metropolis: implement A/B updates\n\nThis implements an A/B update mechanism using two slots, A and B.\nThis is realized with two system partitions as well as two EFI\nloaders/kernels.\n\nThe A/B system relies on two EFI loader entries. This has the advantage\nthat there is no preloader required, which makes the system more\nreliable as well as avoiding the complexity of having an un-updatable\npreloader (CoreOS has this issue where their GRUB2 crashed booting newer\nkernels, sadly the issue seems lost with the migration to Fedora\nCoreOS). It also means that the operator can easily override the slot\nbeing booted via the boot loader entries. Primary disadvantage is that\nit relies on EFI working somewhat to spec.\n\nNew versions are booted into only once by setting NextBoot, if the\nbootup doesn\u0027t succeed, i.e. if the boot doesn\u0027t get to a cluster rejoin\nthe next boot will be the old slot. Once it gets to this stage the\npermanent BootOrder is changed.\n\nThe EFI loaders don\u0027t know if they are slot A or B because they are\nidentical and relying on OptionalData in the boot entry to indicate the\nslot means that if the EFI boot entries go away, recovering is very hard.\nThus the loaders look at their own file name to determine what slot they\nare in. If no slot could be determined, they default to booting slot A.\nIt is planned to eventually use Authenticode Stamping (passing data in\nfake certificates) to stamp the slot into the loader without affecting\nthe TPM hash logged.\n\nChange-Id: I40de2df8ff7ff660c17d2c97f3d9eb1bd4ddf5bc\nReviewed-on: https://review.monogon.dev/c/monogon/+/1874\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "ad131883747f73e51526dd6f163df23b913f69ed", "tree": "e5dee1d605cf4df4c507529185a82b49dbb841b3", "parents": [ "cb9f3d3d495b12e26772271e368340a38244d586" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 28 16:42:20 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 27 13:58:35 2023 +0000" }, "message": "treewide: port everything to blockdev\n\nThis gets rid of most ad-hoc block device code, using blockdev for\neverything. It also gets rid of diskfs for everything but tests. This\nenables Metropolis to be installed on non-512-byte block sizes.\n\nChange-Id: I644b5b68bb7bed8106585df3179674789031687a\nReviewed-on: https://review.monogon.dev/c/monogon/+/1873\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "cb9f3d3d495b12e26772271e368340a38244d586", "tree": "ba362d7665cf7c48f246b9040ce65a506ea5b93b", "parents": [ "1e0e3a47f72a8fb251bec9a98cb3d6acffe79989" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 27 15:21:49 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 27 13:58:35 2023 +0000" }, "message": "m/p/blockdev: add darwin implementation\n\nThis adds a minimal blockdev implementation for Darwin/macOS.\nProperly implementing Discard() is left for later as it would require\nextending x/sys/unix and it is allowed to just return ErrUnsupported\nfor all calls.\n\nChange-Id: I5f3c85935301857c1f25edd8b8f9acdbe4abf4ad\nReviewed-on: https://review.monogon.dev/c/monogon/+/1977\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "1e0e3a47f72a8fb251bec9a98cb3d6acffe79989", "tree": "64f18c66ac03870d1cbbae02b91e6f14a4ebc090", "parents": [ "fd49f22e3a98d42ffe4d508a1e49ef2549fa8ecf" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 28 16:40:18 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 27 13:58:35 2023 +0000" }, "message": "m/p/blockdev: init\n\nAdds blockdev, a package providing a Go interface for generic block\ndevices as well as an implementation of it for Linux and auxiliary\ntypes.\n\nThis will replace most ad-hoc block device handling in the monorepo.\n\nChange-Id: I3a4e3b7c31a8344f7859210bbb4942977d1ad1d2\nReviewed-on: https://review.monogon.dev/c/monogon/+/1871\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "fd49f22e3a98d42ffe4d508a1e49ef2549fa8ecf", "tree": "cbca6bd43f671088aaac950a996055d1a3536b09", "parents": [ "4c6720da59d460d74487fb9bf42f42334cf191d3" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jul 20 14:27:50 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 26 16:49:54 2023 +0000" }, "message": "metropolis/node/core/metrics: export (controller-manager|scheduler) metrics\n\nChange-Id: Ie61551655cbf1130bb5f5beb2923dac1aa52f868\nReviewed-on: https://review.monogon.dev/c/monogon/+/1952\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "4c6720da59d460d74487fb9bf42f42334cf191d3", "tree": "b10de2997c7c711bc579e7cb38c04ffa5d86cd0d", "parents": [ "c37a886044f368ef7b0de61fc77daae8c52e74e8" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 25 14:44:19 2023 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 26 16:41:04 2023 +0000" }, "message": "metropolis/node/core/metrics: migrate labels to sd-meta naming scheme\n\nChange-Id: Ie5ad32d5383abbe13ff9c347d47ecc10f090bccb\nReviewed-on: https://review.monogon.dev/c/monogon/+/1971\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c37a886044f368ef7b0de61fc77daae8c52e74e8", "tree": "5ed030955e1f57d7fb5df9fa49597e62a808e071", "parents": [ "78a538df4c1112bad6bee08509385af8d0ecc77a" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 19 16:33:21 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 26 16:39:41 2023 +0000" }, "message": "metropolis/node/core/metrics: expose etcd metrics\n\nChange-Id: Ie916d497b44c05ab51b13d0bb14f4e850291a77e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1950\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "90613afdf11f7831fc0a673f2fe502c28ab93729", "tree": "1f524cdd0e25a3dd28ff350803d2bc296c3d6fda", "parents": [ "88a76b7a89b3fc81b9135b1197e1ea6fd3698121" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jul 20 14:26:18 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 26 12:04:58 2023 +0000" }, "message": "metropolis/node/kubernetes: fix mtls authentication to (controller-manager|scheduler)\n\nPreviously it wasn\u0027t possible to authenticate against the services\nas they had no CA they trusted for the sent client certificate.\n\nChange-Id: Ic7cd2419a9e3496680a9393424c7ca1780c4d38c\nReviewed-on: https://review.monogon.dev/c/monogon/+/1951\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "4ac7112b135518b610a84a3a6db535dbb41f1fcf", "tree": "19bcc8dd598928d6413d6721ef52ee211406a8d9", "parents": [ "e5abee60401840f9af83d9181f9ce36f886b10ce" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 24 13:08:34 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 26 10:47:46 2023 +0000" }, "message": "metropolis/node/core/rpc: decouple from pki\n\nChange-Id: I15d3e7d1142f0f95081e73c985d96f8d103df55e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1961\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "e5abee60401840f9af83d9181f9ce36f886b10ce", "tree": "9887e5c3f28cd295ec19f35a01469286530fe8b3", "parents": [ "be25a3b839debc10817670fac0c20660a87bea12" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 19 16:33:36 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 24 14:52:41 2023 +0000" }, "message": "metropolis/node/core/metrics: allow exporters without executables\n\nChange-Id: I8f05c5a2a59018e8979c48a0253f2c068a71e5cd\nReviewed-on: https://review.monogon.dev/c/monogon/+/1949\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "be25a3b839debc10817670fac0c20660a87bea12", "tree": "df5c6ef648ad41fb5037a53976835709737454bd", "parents": [ "b551b65225b7398ed4eb8b3361f50c7998f56ce1" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 19 16:31:56 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 24 14:52:41 2023 +0000" }, "message": "metropolis/test/launch/cluster: expose metrics port\n\nChange-Id: I2ef17374db665c5491f9594de2ae4474be5163a4\nReviewed-on: https://review.monogon.dev/c/monogon/+/1948\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "b551b65225b7398ed4eb8b3361f50c7998f56ce1", "tree": "3ae89cf74847693ae13f2c18063a48d4fb8563ba", "parents": [ "5d0906e1db869ddeac081567b469671a5ff25f7c" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 17 16:01:42 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 24 14:45:04 2023 +0000" }, "message": "metropolis/node/core/metrics: implement http_sd discovery endpoint\n\nWe provide prometheus metrics but dont have a way to discover all nodes,\nthis change implements a new http endpoint: /discovery. It implements the\nhttp_sd api and returns all current cluster nodes including their roles as\nlabel.\n\nChange-Id: I931a88e2afb285482d122dd059c96f9ebfab4052\nReviewed-on: https://review.monogon.dev/c/monogon/+/1934\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "5d0906e1db869ddeac081567b469671a5ff25f7c", "tree": "c12afd970111219040b457fc739823513fcb2957", "parents": [ "ffbf393575c52f7444f66d4bef86ecd81e3fdb98" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jul 20 20:23:57 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 24 14:45:04 2023 +0000" }, "message": "metropolis/test/util: move TestCurator to utils package\n\nTo use it inside other tests this change moves the TestCurator\nto allow usage inside other tests\n\nChange-Id: I75be31f490eb84e5c9bc56b65317ea5483415dcf\nReviewed-on: https://review.monogon.dev/c/monogon/+/1954\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "ffbf393575c52f7444f66d4bef86ecd81e3fdb98", "tree": "05d223a1d481de0e9725997174d45e5874fad785", "parents": [ "a004576acfd826bf8a2a3371a3fde787afb9629b" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 24 13:02:42 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 24 12:36:21 2023 +0000" }, "message": "metropolis/test/util: move in NewEphemeralClusterCredentials from rpc\n\nChange-Id: I41603b19a76ea91c2191b0118183957973fc9ccd\nReviewed-on: https://review.monogon.dev/c/monogon/+/1960\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "a004576acfd826bf8a2a3371a3fde787afb9629b", "tree": "09a029faa89414ea4e7ceaaaa4a424e2ea20f3ae", "parents": [ "9933ef0d18cf42a604fc7ed25cec3e05f8ab6368" ], "author": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Thu Jul 20 19:27:41 2023 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Fri Jul 21 12:04:38 2023 +0000" }, "message": "Set flaky\u003dTrue on roleserve_test and memory_test\n\nThese are frequent CI failures.\n\nChange-Id: Ic45f4dcd22bb608bc96da84c9de74faae1f8daab\nReviewed-on: https://review.monogon.dev/c/monogon/+/1953\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "9933ef0d18cf42a604fc7ed25cec3e05f8ab6368", "tree": "484c711598ccef01f2218564a79a8352c657958b", "parents": [ "394b67e4208e1b2f06e61ab7e69ae58f444a56d8" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 06 18:28:29 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 20 11:48:17 2023 +0000" }, "message": "m/p/efivarfs: BootOrder fixes\n\nThis doesn\u0027t need to be a pointer as it\u0027s a slice.\nThere was also a bug left in here because it previously skipped over\nthe attributes field which we now treat separately.\n\nChange-Id: Icc80496e9bc826ae11201f96a703fb80f97c478a\nReviewed-on: https://review.monogon.dev/c/monogon/+/1913\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "394b67e4208e1b2f06e61ab7e69ae58f444a56d8", "tree": "76280f2c02e4afe2f9ace484f7fd61040326df47", "parents": [ "4f28b9ed6387dc22225f5e60a78f91ab8e3d65bd" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 19 17:34:34 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jul 20 10:54:36 2023 +0000" }, "message": "m/cli/metroctl: implement buildkind\u003dlite\n\nUsers can now build metroctl with:\n\n bazel build //metropolis/cli/metroctl --//metropolis/cli/metrocli:buildkind\u003dlite\n\nTo request a metroctl built without a direct dependency on the rest of\nMetropolis. Such a metroctl tool will not be able to run `genusb`\nwithout manually specifying a metropolis bundle and metropolis installer\nkernel.\n\nChange-Id: Ic8c135392a7d0ec3120e5dbed8fd6636de578633\nReviewed-on: https://review.monogon.dev/c/monogon/+/1947\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "4f28b9ed6387dc22225f5e60a78f91ab8e3d65bd", "tree": "6b0e7b9014a99a92e23e0a5d2d7c25a8a4e566ba", "parents": [ "46a45f941632de6ef0085eee373a6c3dad5e9f53" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 19 17:11:05 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jul 20 10:54:36 2023 +0000" }, "message": "m/n/core/identity: decouple from localstorage\n\nChange-Id: I825bc7d71f9866b0052e550f0d113bd8bc726fdc\nReviewed-on: https://review.monogon.dev/c/monogon/+/1946\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "46a45f941632de6ef0085eee373a6c3dad5e9f53", "tree": "07f2b51255011347175505c94c2a99ebdb0832c4", "parents": [ "9508b12bba50625eaccadc4aacf908ba538e3dd6" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 19 17:09:52 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jul 20 10:54:36 2023 +0000" }, "message": "m/c/metroctl: move installer dependency to runfiles\n\nThis is the first step in not requiring a full Metropolis build to build\nmetroctl.\n\nThings are still actively coupled at build time, but the resulting\nbinary can now run without any embedded installer.\n\nChange-Id: I55fc53c57ac6d1d3e75a225e7d7c79bae5759b67\nReviewed-on: https://review.monogon.dev/c/monogon/+/1945\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "150f24a5421dc1449d79a801524a7c98754f7bca", "tree": "c4f69b7e6260a241f3d946b36eda309e2539ccba", "parents": [ "901c7326fe067707812757e4e9409f756edf0e37" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 13 20:11:06 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jul 19 12:17:34 2023 +0000" }, "message": "metropolis/test: use localregistry\n\nThis removes everything but the preseed test image from the preseed\nimage pool, instead opting to serve all test image via localregistry.\n\nThe registry API is served from a dedicated IP inside the virtual\nnetwork and forwarded to an ephemeral listener on the host. The relevant\ninfrastructure is added to the launch package.\n\nAs it is required to add configuration to containerd for this registry\nanyways as it does not and should not have TLS we take that opportunity\nto give it a descriptive name (test.monogon.internal).\n\nVisibilities of images are also adjusted as they are now referenced much\ncloser to their point of use.\n\nAgainst main this saves 51MiB in bundle size (289MiB -\u003e 238MiB).\n\nChange-Id: I31f732eb8c4ccec486204f35e3635b588fd9c85b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1927\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "901c7326fe067707812757e4e9409f756edf0e37", "tree": "f07f9dc363f0448076024ec4217858dcf47bcb88", "parents": [ "3df66ebf2ae75de9e62302332412655e8fb45d04" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 13 20:10:37 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jul 19 11:54:30 2023 +0000" }, "message": "m/p/localregistry: init\n\nAdds the localregistry package, which serves Bazel-built container\nimages via the Docker/OCI V2 registry API.\n\nThis will be used to serve test images instead of preseeding them.\n\nChange-Id: I0c2ceb9a83f807c9c87ab03bc1141ca67cc64268\nReviewed-on: https://review.monogon.dev/c/monogon/+/1926\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "3df66ebf2ae75de9e62302332412655e8fb45d04", "tree": "afe917d9fa6eba01dbc9aac0b59a7a189c3c64ce", "parents": [ "f0ec0f670512f82b8e1428acd577ffe1693d1f8f" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 17 15:58:07 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 18 14:52:36 2023 +0000" }, "message": "metropolis/node/core/metrics: configure node-exporter collectors\n\nTo have a better overview over the nodes we enable additional collectors\nand tell the filesystem collector to not report high cardinality mountpoints.\n\nChange-Id: I267c7c82d671f03c037aabcb067a06fdf29aef65\nReviewed-on: https://review.monogon.dev/c/monogon/+/1933\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "f0ec0f670512f82b8e1428acd577ffe1693d1f8f", "tree": "690b280b94ed797149986fbbbd697ca216386235", "parents": [ "e95007b7090921e2aa4fdc24fea3d23f1bda048e" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 17 13:43:38 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 18 13:58:24 2023 +0000" }, "message": "metropolis/cli/metroctl: add cert export command\n\nTo scrape metrics we currently need the owner certificate in a usable format.\n\nChange-Id: Ic6695b14a764d71d9c7b698c113fe0109d5820bf\nReviewed-on: https://review.monogon.dev/c/monogon/+/1932\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "800e7c9514c1ea5aa9267a19217086363d6d8c4d", "tree": "3543adb39b0f1ba5d84f651a2840edc885b7dce4", "parents": [ "d1c392a788043f2bd82d936a334bd01e1be97421" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jul 12 22:37:39 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 13 10:23:27 2023 +0000" }, "message": "m/p/tpm: fix garbage when logging PCRs\n\nCasting an int to a string causes it to be interpreted as a byte of an\nUTF-8 string, not converted to the respective UTF-8 character(s).\nUse strconv instead to actually convert the integers to valid UTF-8\ntext.\n\nChange-Id: I4878d9312f2fd2f2401e7fc3ba0e7a69cbca4d9e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1925\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "d1c392a788043f2bd82d936a334bd01e1be97421", "tree": "1bdf2d7a4d7a54b2d8bda0c3c729eb2c9eef90a4", "parents": [ "0553f885b84ca97384ffdb942b30c67d23166a16" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 06 19:10:56 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jul 11 10:48:05 2023 +0000" }, "message": "m/n/kubernetes: fix CSI local PV publishing\n\nExperimentally confirmed to fix pods stuck in creating because the\nmount syscall failed with ENOENT because the target directory did not\nexist. The current CSI spec now explicitly says that creation of\ntarget_path is the responsibility of the storage plugin, so let\u0027s\nactually create that directory.\n\nChange-Id: I57d8086f2e70040095206c36e4302b352d06bb84\nReviewed-on: https://review.monogon.dev/c/monogon/+/1914\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "93910e666218954def8e1e3b304909f7dbb7a1b5", "tree": "bc584ab34d4c5e0caa094d94bcee99ccf01f50a7", "parents": [ "7d1a0dee36f43f232481eb7ca4ec5d520a526907" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jul 06 16:15:06 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jul 06 23:09:14 2023 +0000" }, "message": "m/n/core/curator: fix clusternet sync issues\n\nClusternet sync was broken whenever a node just started a curator\nwatcher, as the curator\u0027s codepath to serve the backlog wasn\u0027t copying\nover clusternet data.\n\nThis shouldn\u0027t have happened, especially as we implemented a unified\nfunction to convert node data into node update data, we just forgot to\nuse it during the initial backlog generation code on the curator.\n\nI\u0027ve spent some time trying to come up with a testcase that would\nautomatically catch any further bug of this type, but that\u0027s not really\ndoable without having more formalized type casts between all the\ndifferent types a node can be encoded in (curator in-memory, curator\nproto state, api node object). But we do still update one of the curator\ntests to catch this particular regression.\n\nChange-Id: I203d9a41b735db63d076c7e68a9fc6fe2f795ab4\nReviewed-on: https://review.monogon.dev/c/monogon/+/1912\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "7d1a0dee36f43f232481eb7ca4ec5d520a526907", "tree": "f63118614604040cdea0edfbfd7b644a124e8cda", "parents": [ "0300077941db0edfdcac0ae42e4a5dad3e8d3fd7" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 05 01:17:15 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 05 09:31:04 2023 +0000" }, "message": "m/cli/metroctl: implement `k8s configure` command\n\nChange-Id: I3da7a627b1ada462e62b739bde2073743262e23e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1905\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "0300077941db0edfdcac0ae42e4a5dad3e8d3fd7", "tree": "979cfc5f4269d3428b725acd79b9a216db8a6f82", "parents": [ "a2ee88d585b9b8603f47544c95f09b380b92b5e2" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 03 02:19:28 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 04 18:58:49 2023 +0000" }, "message": "metropolis/node: allow all ports as NodePorts except special ones\n\nAs we dont have hostPort implemented we can only provide NodePorts to\napplications. To allow apps to use all ports we have to increase the range\nbut have to prevent them from using reserved metropolis ones. This is\ncurrently prevented by patching the allocator and hardcode all of them.\n\nChange-Id: I7c0e8b17643d1ec03e1a1b678bc6276881b1c5e5\nReviewed-on: https://review.monogon.dev/c/monogon/+/1884\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "521a83591361c7c0353944a1e742eb70e013cf9b", "tree": "63f4d9499151fb7416318f0f2bdc12f3c1f37523", "parents": [ "a0bc6d3f0ce4f3a73eb0019e4f18f508ee36ce21" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 29 12:38:17 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 03 13:40:32 2023 +0000" }, "message": "m/n/core/clusternet: avoid spurious updates, log more\n\nThis should make debugging\nhttps://github.com/monogon-dev/monogon/issues/235 easier, as I haven\u0027t\nbeen able to replicate it locally.\n\nChange-Id: I23f1a1d3d22841558e0db3e32b76b8bb8319fd3d\nReviewed-on: https://review.monogon.dev/c/monogon/+/1876\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "a0bc6d3f0ce4f3a73eb0019e4f18f508ee36ce21", "tree": "6f77b3184d1cd558dfd8f29437fb61c2e74df431", "parents": [ "3722025f8ed0b46eb7f48c7c0fbfc53de9e84340" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 28 18:57:40 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 03 08:03:11 2023 +0000" }, "message": "m/test/e2e: split core/kubernetes tests, clean up\n\nThis splits the large TestE2E function into two separate functions and\ntests: one which exercises the core functionality of Kubernetes, the\nother which exercises just the Kubernetes bits.\n\nThis allows for easier testing during development, and generally trades\noff higher resources usage for faster execution time in CI.\n\nAt the same time we do some small cleanups of the E2E functionality:\n\n 1. Node startup is now parallelized.\n 2. Non-bootstrap nodes can now be left in NEW (this was used in\n diagnosing issue #234, but it currently unused in the main code).\n 3. Kubernetes access now goes over SOCKS.\n 4. Some Cluster helper functions have been added.\n\nAll in all this should allow us writing more E2E tests in the future,\nand at some point also maybe turn Cluster into an interface that is\nimplemented both by the current framework but also some persistent tests\nrunning against long-term VMs/physical machines.\n\nChange-Id: Ia4586b2aaa5fc8c979d35f4b49513638481e4c10\nReviewed-on: https://review.monogon.dev/c/monogon/+/1870\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "3722025f8ed0b46eb7f48c7c0fbfc53de9e84340", "tree": "34c8a1fbe2a6996ace1fe1b9e893b550bffd9ba3", "parents": [ "ca1cff0f214a1ed5ee967d421f5fe1fd5afa756d" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 29 12:39:08 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 29 10:46:39 2023 +0000" }, "message": "m/n/core/devmgr: load modules in separate goroutines\n\nIf we spend too much time processing kobject uevents, we get an ENOBUFS\nerror:\n\n root.devmgr: error receiving kobject uevent: no buffer space available\n\nThis is a hot-fix for this issue. A better solution would be to have a\nsingle goroutine that handles all loading in order to avoid goroutine\nleaks. But this will do for now.\n\nChange-Id: Id085e1e489760c33b1f278dd7c17bf58c01bdad8\nReviewed-on: https://review.monogon.dev/c/monogon/+/1877\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "ca1cff0f214a1ed5ee967d421f5fe1fd5afa756d", "tree": "7ea16e63681ad4695f7d7cd1115c0168fc553d4b", "parents": [ "4599aa2dfa42a7b694ad295bc700db03de96d7f5" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Jun 26 17:52:44 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 29 10:41:38 2023 +0000" }, "message": "m/p/efivarfs: refactor\n\nThis accomplishes three things:\n\nFirst, split out the variable access layer from the rest of the code.\nThis cleans up the attribute handling, which is now done centrally as\nwell as making the high-level functions very short and clean. They now\nalso return better errors.\n\nSecond this introduces proper types for LoadOption, which can now also\nbe unmarshaled which was a requirement for A/B updates. This required\nimplementation of EFI\u0027s DevicePath structure.\nWhile refactoring the higher-level functions for this, this also\nfixes a bug where the variable index (the 4 hex nibbles at the end) were\nimproperly generated as lowercase hex.\n\nThird, this adds new high-level functions for interacting with more\nboot-related variables needed for the A/B effort.\n\nChange-Id: I53490fa4898a5e7a5498ecc05a9078bd2d66c26e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1855\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "4599aa2dfa42a7b694ad295bc700db03de96d7f5", "tree": "411035d2b647dcb1adc68db8f22c4384befa8294", "parents": [ "6f5995153827f2b191cc2faebe21ca58764af33b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 28 13:09:32 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 28 12:20:57 2023 +0000" }, "message": "m/n/k8s: fix start after unclean shutdown\n\nBoth the kvmdevice as well as the CSI runnables listen on Unix sockets.\nThese are normally removed on close (this is actually the default for\nsockets opened wiht ListenUnix, thus drop setting this), but when an\nunclean shutdown occurs they persist. Since one cannot listen on an\nalready-existing socket, opportunistically remove them before listening.\n\nChange-Id: I11d986a2816fde3d7ffef0817ae3bbf39bba4faf\nReviewed-on: https://review.monogon.dev/c/monogon/+/1867\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "a551c58f3ceb3af37e5e596c3b5fc84609d6e429", "tree": "90f380e1401e6da73762c027c5fb4df9dd357774", "parents": [ "8481f7506b4c67de54fa96b5510007dc2c66a348" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 27 01:09:09 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 27 10:07:47 2023 +0000" }, "message": "m/t/e2e: adapt runtime test\n\nSince we\u0027re now defaulting to runc, test gVisor separately instead of\nrunc.\n\nChange-Id: Idbf9c961526ea82e20113286fd801553ad785aa9\nReviewed-on: https://review.monogon.dev/c/monogon/+/1858\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "8481f7506b4c67de54fa96b5510007dc2c66a348", "tree": "591d0e285c1d36aeb813b75c0f8d76e62b688a2d", "parents": [ "a380d67c4f648aaf576adba0ea22d40d3782bf44" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 27 00:51:28 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 27 10:07:32 2023 +0000" }, "message": "m/n/c/network: fix SNAT\n\nThe previous change to this broke clusternet as it tried to masquerade\ntraffic destined to that interface, but that is an unnumbered interface,\ncausing the masquerade to fail and all inter-node traffic to be\nrejected. Fix this by including the clusternet interface in the list of\ninterfaces not to NAT for.\n\nChange-Id: I4a79a1978b1aa449fca1dd2d0a2b0a5decc63ea8\nReviewed-on: https://review.monogon.dev/c/monogon/+/1857\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "a380d67c4f648aaf576adba0ea22d40d3782bf44", "tree": "eead98807b56e6ab66eca83102119c5a5477209c", "parents": [ "7053598586ab00378938c245b7ad748f671a991d" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jun 26 13:17:42 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jun 26 13:48:52 2023 +0000" }, "message": "m/n/core/rpc/resolver: log current processor state on watcher error\n\nWe seem to be having some resolvers getting stuck in production like so:\n\nI0626 09:52:39.708844 resolver.go:275] CURUPDATE: error in loop: when receiving node: rpc error: code \u003d Unimplemented desc \u003d unknown service metropolis.node.core.curator.proto.api.Curator\nI0626 09:52:39.708850 resolver.go:276] CURUPDATE: retrying in 10.040771699s...\n\nThis introduces extra logging that should help us figure out what\nexactly broke, or at least bring us a bit closer to figuring it out.\n\nChange-Id: I658cff6ae86e9124141b5d2c36dceafa377842e9\nReviewed-on: https://review.monogon.dev/c/monogon/+/1852\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "7053598586ab00378938c245b7ad748f671a991d", "tree": "fd52caf5360282ca315e98e407a4d42f906a2800", "parents": [ "60d6b902d66a4c5c0a2a926c85936935106b9180" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 22 19:37:38 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jun 26 11:44:11 2023 +0000" }, "message": "m/n/c/rpc/resolver: dampen curator updates\n\nThis makes the resolver only process node updates if some curator data\nwas actually changed.\n\nFixes https://github.com/monogon-dev/monogon/issues/233\n\nChange-Id: I790adfc4aa3562864faf807d32ac00d9e3bd0bea\nReviewed-on: https://review.monogon.dev/c/monogon/+/1851\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "60d6b902d66a4c5c0a2a926c85936935106b9180", "tree": "d0d690bb830ebd611318626110db510015b5ce58", "parents": [ "62a1edd234557c46facfd23661ff08c37c8e911f" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 20 16:02:40 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Jun 26 11:34:08 2023 +0000" }, "message": "m/p/gpt: switch to msguid\n\nReplaces the old UUID mangling code with the newly-introduced msguid.\n\nChange-Id: I667e41c28959b4b95265c1ffdcf7f5bfcad4083d\nReviewed-on: https://review.monogon.dev/c/monogon/+/1850\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "62a1edd234557c46facfd23661ff08c37c8e911f", "tree": "7555b7996b1761d6eef4777a2ea482520b2c1db2", "parents": [ "b390d715897e29064102257f4837959e694f9bf9" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 20 16:01:44 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Jun 26 11:34:03 2023 +0000" }, "message": "m/p/msguid: init\n\nAdds a new msguid package which contains functions for encoding and\ndecoding Microsoft\u0027s mixed-endian GUID/UUID format. This format is\nused by Microsoft as well as a bunch of UEFI-related standards.\n\nChange-Id: Icca8ef7ad7f7359808ea7f19e3824639f7b1e2eb\nReviewed-on: https://review.monogon.dev/c/monogon/+/1849\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "b390d715897e29064102257f4837959e694f9bf9", "tree": "4d705eb9b84b87f3be6c3da31d24bf959da1f768", "parents": [ "3546615448c39dff683bb1723344ed283b279d46" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 21:47:59 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jun 26 09:32:41 2023 +0000" }, "message": "m/n/c/curator: clean up stale leader election after reboot\n\nThis is useful if we reboot a leader and it comes back while its\u0027 old\nstale leader election key/value is present.\n\nWithout this, other nodes would continue to connect to the newly\nrebooted leader even though it is not a leader anymore, confusing\nthemselves and cluster operators in the process.\n\nChange-Id: I306e7040550084ef39ab20c3c289a3137145a2d9\nReviewed-on: https://review.monogon.dev/c/monogon/+/1845\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "3546615448c39dff683bb1723344ed283b279d46", "tree": "ed3285dfa7a0adcc76f64766707a28e24d0373e4", "parents": [ "2f7e0a281e72ae45fff6c4d79934442367475b81" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 14 20:01:11 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jun 22 17:12:03 2023 +0000" }, "message": "m/n/core/localstorage/crypt: read partition data from uevent\n\nPreviously we only checked the blockdevices itself,\nbut in the real-world the minor-id is not always the partition offset.\nThis scans all blockdevs that are partitions and creates them correctly\n\nChange-Id: I8f3d99761e9e883783b398496ec8b35f28f3557d\nReviewed-on: https://review.monogon.dev/c/monogon/+/1813\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "2f7e0a281e72ae45fff6c4d79934442367475b81", "tree": "4dcd2233a274bef4645c4bfbbbd62f072d11481a", "parents": [ "c49b207a66a994ccda382d685022d08cbd9ee582" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 22 16:56:13 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 22 16:36:33 2023 +0000" }, "message": "m/node: enlarge K8s networks\n\nFor bigger clusters, the current 10.0.0.0/16 subnet is far too small.\nSwitch to 10.192.0.0/11 which should be out of the way of most of our\ntest infra and is large enough for 8192 nodes with 253 pods which is\nbig enough for the time being. Also migrate the service network\nto 10.224.0.0/16 and make it much bigger. It does not need to be in the\npod CIDR, so move it out of there.\nBut for large clusters this will continue to be a problem until we have\na better allocation algorithm or switch to IPv6 with 464xlat (which\nis not supported on Linux currently however).\n\nChange-Id: Ib3a019fffacec2172721f04c01133b44bffba73b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1848\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c49b207a66a994ccda382d685022d08cbd9ee582", "tree": "b0eed5a22bdb110ea4c115a2bea403e1e00e5dc2", "parents": [ "51a3ed59a1408fe5d8103dca5b6a04dbaa4e5b6a" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 23:12:01 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 22 12:38:25 2023 +0000" }, "message": "m/n/core/net/hostsfile: do not stomp over cluster directory\n\nIf we join a cluster after reboot, we already have a cluster directory\non the ESP. We should not write over it with an empty one, but instead\nwait until we\u0027ve received a recent copy of it from the cluster.\n\nFixes https://github.com/monogon-dev/monogon/issues/228\n\nChange-Id: Ibbfa23009eaa9feb99a332ac0c5e17dd89aea7bf\nReviewed-on: https://review.monogon.dev/c/monogon/+/1846\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "51a3ed59a1408fe5d8103dca5b6a04dbaa4e5b6a", "tree": "b17dd748b088b4c7899c4aee0a1ab862a59509b4", "parents": [ "186109c55db3121749311fc2e954be0eaccdf249" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 21 16:45:15 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 22 12:33:31 2023 +0000" }, "message": "m/n/k/containerd: change default runtime to runc\n\nFor high-security usecases it might still make sense to force gVisor,\nbut generally people expect runc as the default runtime. gVisor can\nstill be used by specifying a runtimeclass in the pod.\n\nChange-Id: Idc02275fd00c2a7dff3ce6949268294afa5644eb\nReviewed-on: https://review.monogon.dev/c/monogon/+/1839\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "186109c55db3121749311fc2e954be0eaccdf249", "tree": "d65cd1416c480bf517bede017f5688ad4352e0ab", "parents": [ "d2fc01fb49e7f1decb534a9ae8da7ba8814406d9" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 16:57:36 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 21:52:37 2023 +0000" }, "message": "m/n/core/roleserve: persist node roles across reboots\n\nThis allows us nodes to attempt to bring up some services before they\nget fully connectivity to the cluster.\n\nThis is especially useful if a node cannot establish connectivity to the\ncluster, eg. because it\u0027s the only control plane node that just started\nup.\n\nFixes https://github.com/monogon-dev/monogon/issues/226\n\nChange-Id: I030ccc02851e74ceb8dc043203083aa5b6854b55\nReviewed-on: https://review.monogon.dev/c/monogon/+/1842\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "d2fc01fb49e7f1decb534a9ae8da7ba8814406d9", "tree": "3b4991d6c8cd45e40066dbc1ebe9c66b508d10ce", "parents": [ "6a09bd5dbf49c438dc9c5743c8724ddc6efbe505" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 16:49:23 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 21:52:37 2023 +0000" }, "message": "m/n/core/n/hostsfile: only persist control plane nodes in ClusterDirectory\n\nThis fixes some ugly startup issues where a node attempts to communicate\nvia control plane protocols to nodes that have no chance of running the\ncontrol plane.\n\nIn general, the Cluster Directory predates the split between control\nplane and worker nodes, and its definition should likely be formally\nupdated to only contain control plane nodes.\n\nChange-Id: Ie290829a010aef0c3a587326e864fe93bf991220\nReviewed-on: https://review.monogon.dev/c/monogon/+/1840\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "6a09bd5dbf49c438dc9c5743c8724ddc6efbe505", "tree": "d4829766a1844f761187c70a44b5101363d8637c", "parents": [ "eca5af965b6d95d953066a298ee896791ee00796" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 21 17:40:32 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 21 16:04:12 2023 +0000" }, "message": "m/n/c/network: make SNAT generic\n\nThis changes the SNAT/Masquerade rule from being a thing set up per\ninterface which was only implemented by the dynamic network runnable to\na generic rule set up by the general network service part shared between\nthe static and dynamic implementations. It also tries to avoid NATing\nhost-originated traffic. Matching on interface names is argubly ugly but\nthe alternative is patching CNI plugins, which is also ugly.\n\nChange-Id: I7ec40fc244ae4689b6f96ab87dbebe9a6c43dd70\nReviewed-on: https://review.monogon.dev/c/monogon/+/1844\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "83b2a3612d375d60f97500352c1f8a2197c99645", "tree": "aba96d8a6503d92983f365dd27fa7e81f511c53c", "parents": [ "9fd3c3de3d48f328c5771f3659235774aa7df984" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 14 22:15:25 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 20 16:36:17 2023 +0000" }, "message": "m/n/core/cluster: dont print cluster directory\n\nIf a cluster has hundreds of nodes, the bootup will print all of them.\nWhen you have a particularly slow serial connection,\nit can hide crash reports and other more important messages.\n\nChange-Id: I50b75795ec3ebadefe364bf94c3b907c257ffa71\nReviewed-on: https://review.monogon.dev/c/monogon/+/1821\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "30021af6eaf9f2963d83314c283ebdd23fff2674", "tree": "b8be79d10a869ebb1e2aac4a5a89ce187206bb60", "parents": [ "ea6353fd49b3978cfef7f99ada99a99f8bc10715" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:30:11 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:19:43 2023 +0000" }, "message": "metropolis/node/build: allow impure code in root if race checking is enabled\n\nThis allows us to build the root filesystem with race detection enabled.\n\nChange-Id: I370ce2114090f828f0d9843fd4a7dc87c47bd153\nReviewed-on: https://review.monogon.dev/c/monogon/+/1835\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "ea6353fd49b3978cfef7f99ada99a99f8bc10715", "tree": "b854dec6f99a7555abc32b1ca27b74b2af815294", "parents": [ "98a6cccb052c5d17f4f2429edf41d57bd74b7ffd" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:08:55 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:18:34 2023 +0000" }, "message": "metropolis/clusternet: fix race condition\n\nThis gives the wireguard backend a copy of the peer data instead of a\npointer into mutable memory.\n\nChange-Id: I47ee83f3d484cc809c35d2e1779b519ec60c7c78\nReviewed-on: https://review.monogon.dev/c/monogon/+/1825\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "98a6cccb052c5d17f4f2429edf41d57bd74b7ffd", "tree": "da656463788abd785a884743e5c5f75e0da7f7c7", "parents": [ "c1ce95f7e86c74a76ae2b29986905cb34cb19e56" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:09:12 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:18:27 2023 +0000" }, "message": "metropolis/consensus: fix race condition\n\nThis returns a copy of each status, instead of the same status, possibly\nmutated.\n\nChange-Id: Ic4ed425a38b001b0139a81c46c61af551b966166\nReviewed-on: https://review.monogon.dev/c/monogon/+/1826\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "c1ce95f7e86c74a76ae2b29986905cb34cb19e56", "tree": "aef29ffa1227fe5e8e07b610838489290be2c7a5", "parents": [ "2e9898d28213ec4e3fc48d962c2e2afbc0c6595c" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:09:25 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:18:21 2023 +0000" }, "message": "metropolis/rpc: fix race condition\n\nThis hands off a copy of the curator map across a channel instead of the\nmutable map itself.\n\nChange-Id: Ib7f4ed795648517ae19938c52a6cb193f293ac8b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1827\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "2e9898d28213ec4e3fc48d962c2e2afbc0c6595c", "tree": "e0c778089bb8a3c67d24dd2db3cbbd302ce823b6", "parents": [ "5b13d8112a63282d12690ce05dbfa245f910d5a9" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:09:41 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:18:11 2023 +0000" }, "message": "metropolis/curator: fix race condition in tests\n\ngrpclog cannot be accessed concurrently with gRPC requests possibly\nalready running. Let\u0027s just remove this integration in tests.\n\nChange-Id: I074c583baf3a7f87e76e7dde6080e3efdb19d5c8\nReviewed-on: https://review.monogon.dev/c/monogon/+/1828\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "d20af4f15347651efa7b90490f8e657d35281883", "tree": "49f01ce9ba6d73e06cf7ff3b7184c5db1d9c7b25", "parents": [ "e1a4ac5eaec848a8b1d883c3963cfe399c71cb7d" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:08:24 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:06:46 2023 +0000" }, "message": "metropolis/pkg/cmd: fix race condition\n\ncmd.Wait should not be accessed concurrently.\n\nChange-Id: Icaaa1a22b1d23211dc1259af6cf97463228944ae\nReviewed-on: https://review.monogon.dev/c/monogon/+/1824\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "54e212a9914ad8003fc4e353f96651340d287c2d", "tree": "df3b1624d9679e30aefac9b98b2f9b91523eca0b", "parents": [ "d34299ebe13211802739d698e526be78161eac6f" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 14 13:45:11 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 11:37:55 2023 +0000" }, "message": "metropolis: implement Metrics Service\n\nThis is the first pass at a Metrics Service. It currently consists of an\nHTTP reverse proxy which authenticates incoming connections using the\nCluster CA and certificates, and passes these connections over to a\nlocally running node_exporter.\n\nIn the future more exporters will be added, and we will likely also run\nour own exporter for Metropolis-specific metrics.\n\nChange-Id: Ibab52aa303965dd7d975f5035f411d1c56ad73e6\nReviewed-on: https://review.monogon.dev/c/monogon/+/1816\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "d34299ebe13211802739d698e526be78161eac6f", "tree": "2016915e8cb17311904638c13f934b2150b25aa4", "parents": [ "89974c6f9e4f81d6d819d041a7f5286772df7124" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 15 11:07:47 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jun 15 11:47:12 2023 +0000" }, "message": "m/n/core/network/hostsfile: fix nodeMap data race\n\nChange-Id: I7c052691712ebd39e2a23a9497d4d6d0c0ab1e0c\nReviewed-on: https://review.monogon.dev/c/monogon/+/1817\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "89974c6f9e4f81d6d819d041a7f5286772df7124", "tree": "db0e768e42262a04ddb11fa3c1a85420e54b4796", "parents": [ "6d563cac226b327d41d95bf0219b3ff972ab6952" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 14 22:15:10 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 15 10:02:31 2023 +0000" }, "message": "m/n/c/cluster: set StorageSecurity in bootstrap path\n\nCurrently this is only set properly in the register path, causing the\nconfiguration of the bootstrap node to be inconsistent. This causes\nbootup to fail with `Node startup failed: sealed configuration has\ninvalid node unlock key (wanted 32 bytes, got 0)`.\nFix this by also persisting the chosen storage security option in the\nnode configuration when bootstrapping.\n\nChange-Id: I93bf75d412c9aa7c09b5a739ce65b6873d947fd5\nReviewed-on: https://review.monogon.dev/c/monogon/+/1815\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "6d563cac226b327d41d95bf0219b3ff972ab6952", "tree": "02c80c9ad94b0302ffed71fb3b4763104574c394", "parents": [ "634a3cf16ecf4cd551847185e7b539d16ad52d2d" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 14 13:44:20 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 15 09:31:47 2023 +0000" }, "message": "third_party/go: pull in node_exporter, add to metropolis rootfs\n\nChange-Id: I5efe5257e7740bf1721f3dd6f130a3c618e33381\nReviewed-on: https://review.monogon.dev/c/monogon/+/1806\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "634a3cf16ecf4cd551847185e7b539d16ad52d2d", "tree": "7653202205bd238b3d9d02c2bf87ae66e277d933", "parents": [ "b37d7d8ef4e318c9d35d34eff79fa0a304ff35aa" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 14 20:01:33 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 14 19:19:16 2023 +0000" }, "message": "metropolis/cli/metroctl: dont segfault on missing status\n\nChange-Id: Ib1a594e0ccca0f6a993e651b62e8adcfb9dc1ea4\nReviewed-on: https://review.monogon.dev/c/monogon/+/1814\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" } ], "next": "b37d7d8ef4e318c9d35d34eff79fa0a304ff35aa" }