mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-09-23 09:46:05 +00:00
68 lines
2.1 KiB
Go
68 lines
2.1 KiB
Go
|
package core
|
||
|
|
||
|
import (
|
||
|
"context"
|
||
|
"errors"
|
||
|
"fmt"
|
||
|
|
||
|
"github.com/edgelesssys/constellation/coordinator/role"
|
||
|
"github.com/edgelesssys/constellation/coordinator/state"
|
||
|
kubeadm "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta3"
|
||
|
)
|
||
|
|
||
|
// SetNodeActive activates as node and joins the cluster.
|
||
|
func (c *Core) SetNodeActive(diskKey, ownerID, clusterID []byte, kubeAPIendpoint, token, discoveryCACertHash string) (reterr error) {
|
||
|
c.mut.Lock()
|
||
|
defer c.mut.Unlock()
|
||
|
|
||
|
if err := c.RequireState(state.AcceptingInit); err != nil {
|
||
|
return fmt.Errorf("node is not in required state for activation: %w", err)
|
||
|
}
|
||
|
|
||
|
if len(ownerID) == 0 || len(clusterID) == 0 {
|
||
|
c.zaplogger.Error("Missing data to taint worker node as initialized")
|
||
|
return errors.New("missing data to taint worker node as initialized")
|
||
|
}
|
||
|
|
||
|
// If any of the following actions fail, we cannot revert.
|
||
|
// Thus, mark this peer as failed.
|
||
|
defer func() {
|
||
|
if reterr != nil {
|
||
|
_ = c.AdvanceState(state.Failed, nil, nil)
|
||
|
}
|
||
|
}()
|
||
|
|
||
|
// AdvanceState MUST be called before any other functions that are not sanity checks or otherwise required
|
||
|
// This ensures the node is marked as initialzed before the node is in a state that allows code execution
|
||
|
// Any new additions to ActivateAsNode MUST come after
|
||
|
if err := c.AdvanceState(state.IsNode, ownerID, clusterID); err != nil {
|
||
|
return fmt.Errorf("advancing node state: %w", err)
|
||
|
}
|
||
|
|
||
|
// TODO: SSH keys are currently not available from the Aaas, so we can't create user SSH keys here.
|
||
|
|
||
|
if err := c.PersistNodeState(role.Node, "", ownerID, clusterID); err != nil {
|
||
|
return fmt.Errorf("persisting node state: %w", err)
|
||
|
}
|
||
|
|
||
|
if err := c.UpdateDiskPassphrase(string(diskKey)); err != nil {
|
||
|
return fmt.Errorf("updateing disk passphrase: %w", err)
|
||
|
}
|
||
|
|
||
|
btd := &kubeadm.BootstrapTokenDiscovery{
|
||
|
APIServerEndpoint: kubeAPIendpoint,
|
||
|
Token: token,
|
||
|
CACertHashes: []string{discoveryCACertHash},
|
||
|
}
|
||
|
if err := c.JoinCluster(context.TODO(), btd, "", role.Node); err != nil {
|
||
|
return fmt.Errorf("joining Kubernetes cluster: %w", err)
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// SetCoordinatorActive activates as coordinator.
|
||
|
func (c *Core) SetCoordinatorActive() error {
|
||
|
panic("not implemented")
|
||
|
}
|