Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-05-22 16:01:17 -04:00
Code Issues Projects Releases Packages Wiki Activity

bootstrapper: wipe disk and reboot on non-recoverable error (#2971)

Browse source 
* Let JoinClient return fatal errors
* Mark disk for wiping if JoinClient or InitServer return errors
* Reboot system if bootstrapper detects an error
* Refactor joinClient start/stop implementation
* Fix joining nodes retrying kubeadm 3 times in all cases
* Write non-recoverable failures to syslog before rebooting

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
Daniel Weiße 2024-03-12 11:43:38 +01:00 committed by GitHub
parent 1b973bf23f
commit 1077b7a48e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
10 changed files with 199 additions and 220 deletions
Download patch file Download diff file Expand all files Collapse all files

5
bootstrapper/internal/diskencryption/diskencryption.go
View file

@ -60,6 +60,11 @@ func (c *DiskEncryption) UpdatePassphrase(passphrase string) error {
return c.device.SetConstellationStateDiskToken(cryptsetup.SetDiskInitialized)
}
// MarkDiskForReset marks the state disk as not initialized so it may be wiped (reset) on reboot.
func (c *DiskEncryption) MarkDiskForReset() error {
return c.device.SetConstellationStateDiskToken(cryptsetup.SetDiskNotInitialized)
}
// getInitialPassphrase retrieves the initial passphrase used on first boot.
func (c *DiskEncryption) getInitialPassphrase() (string, error) {
passphrase, err := afero.ReadFile(c.fs, initialKeyPath)