config: add nodeGroups

This commit is contained in:
Malte Poll 2023-08-02 10:23:15 +02:00 committed by Malte Poll
parent 374f8c7dae
commit 15bb3b31fd
4 changed files with 287 additions and 204 deletions

View File

@ -409,6 +409,10 @@ func (c *awsIAMCreator) writeOutputValuesToConfig(conf *config.Config, flags iam
conf.Provider.AWS.Zone = flags.aws.zone
conf.Provider.AWS.IAMProfileControlPlane = iamFile.AWSOutput.ControlPlaneInstanceProfile
conf.Provider.AWS.IAMProfileWorkerNodes = iamFile.AWSOutput.WorkerNodeInstanceProfile
for groupName, group := range conf.NodeGroups {
group.Zone = flags.aws.zone
conf.NodeGroups[groupName] = group
}
}
func (c *awsIAMCreator) parseAndWriteIDFile(_ iamid.File, _ file.Handler) error {
@ -548,6 +552,10 @@ func (c *gcpIAMCreator) writeOutputValuesToConfig(conf *config.Config, flags iam
conf.Provider.GCP.ServiceAccountKeyPath = constants.GCPServiceAccountKeyFile
conf.Provider.GCP.Region = flags.gcp.region
conf.Provider.GCP.Zone = flags.gcp.zone
for groupName, group := range conf.NodeGroups {
group.Zone = flags.gcp.zone
conf.NodeGroups[groupName] = group
}
}
func (c *gcpIAMCreator) parseAndWriteIDFile(iamFile iamid.File, fileHandler file.Handler) error {

View File

@ -48,8 +48,8 @@ import (
)
const (
// Version3 is the third version number for Constellation config file.
Version3 = "v3"
// Version4 is the fourth version number for Constellation config file.
Version4 = "v4"
defaultName = "constell"
@ -60,7 +60,7 @@ const (
type Config struct {
// description: |
// Schema version of this configuration file.
Version string `yaml:"version" validate:"eq=v3"`
Version string `yaml:"version" validate:"eq=v4"`
// description: |
// Machine image version used to create Constellation nodes.
Image string `yaml:"image" validate:"required,image_compatibility"`
@ -68,9 +68,6 @@ type Config struct {
// Name of the cluster.
Name string `yaml:"name" validate:"valid_name,required"`
// description: |
// Size (in GB) of a node's disk to store the non-volatile state.
StateDiskSizeGB int `yaml:"stateDiskSizeGB" validate:"min=0"`
// description: |
// Kubernetes version to be installed into the cluster.
KubernetesVersion string `yaml:"kubernetesVersion" validate:"required,supported_k8s_version"`
// description: |
@ -89,6 +86,9 @@ type Config struct {
// Supported cloud providers and their specific configurations.
Provider ProviderConfig `yaml:"provider" validate:"dive"`
// description: |
// Node groups to be created in the cluster.
NodeGroups map[string]NodeGroup `yaml:"nodeGroups" validate:"required,dive"`
// description: |
// Configuration for attestation validation. This configuration provides sensible defaults for the Constellation version it was created for.\nSee the docs for an overview on attestation: https://docs.edgeless.systems/constellation/architecture/attestation
Attestation AttestationConfig `yaml:"attestation" validate:"dive"`
}
@ -123,12 +123,6 @@ type AWSConfig struct {
// AWS data center zone name in defined region. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones
Zone string `yaml:"zone" validate:"required,aws_zone"`
// description: |
// VM instance type to use for Constellation nodes. Needs to support NitroTPM. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enable-nitrotpm-prerequisites.html
InstanceType string `yaml:"instanceType" validate:"lowercase,aws_instance_type"`
// description: |
// Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html
StateDiskType string `yaml:"stateDiskType" validate:"oneof=standard gp2 gp3 st1 sc1 io1"`
// description: |
// Name of the IAM profile to use for the control-plane nodes.
IAMProfileControlPlane string `yaml:"iamProfileControlPlane" validate:"required"`
// description: |
@ -157,12 +151,6 @@ type AzureConfig struct {
// Authorize spawned VMs to access Azure API.
UserAssignedIdentity string `yaml:"userAssignedIdentity" validate:"required"`
// description: |
// VM instance type to use for Constellation nodes.
InstanceType string `yaml:"instanceType" validate:"azure_instance_type"`
// description: |
// Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.microsoft.com/en-us/azure/virtual-machines/disks-types#disk-type-comparison
StateDiskType string `yaml:"stateDiskType" validate:"oneof=Premium_LRS Premium_ZRS Standard_LRS StandardSSD_LRS StandardSSD_ZRS"`
// description: |
// Deploy Azure Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage
DeployCSIDriver *bool `yaml:"deployCSIDriver" validate:"required"`
// description: |
@ -185,12 +173,6 @@ type GCPConfig struct {
// Path of service account key file. For required service account roles, see https://docs.edgeless.systems/constellation/getting-started/install#authorization
ServiceAccountKeyPath string `yaml:"serviceAccountKeyPath" validate:"required"`
// description: |
// VM instance type to use for Constellation nodes.
InstanceType string `yaml:"instanceType" validate:"gcp_instance_type"`
// description: |
// Type of a node's state disk. The type influences boot time and I/O performance. See: https://cloud.google.com/compute/docs/disks#disk-types
StateDiskType string `yaml:"stateDiskType" validate:"oneof=pd-standard pd-balanced pd-ssd"`
// description: |
// Deploy Persistent Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage
DeployCSIDriver *bool `yaml:"deployCSIDriver" validate:"required"`
}
@ -204,15 +186,9 @@ type OpenStackConfig struct {
// Availability zone to place the VMs in. For details see: https://docs.openstack.org/nova/latest/admin/availability-zones.html
AvailabilityZone string `yaml:"availabilityZone" validate:"required"`
// description: |
// Flavor ID (machine type) to use for the VMs. For details see: https://docs.openstack.org/nova/latest/admin/flavors.html
FlavorID string `yaml:"flavorID" validate:"required"`
// description: |
// Floating IP pool to use for the VMs. For details see: https://docs.openstack.org/ocata/user-guide/cli-manage-ip-addresses.html
FloatingIPPoolID string `yaml:"floatingIPPoolID" validate:"required"`
// description: |
// Type of a node's state disk. The type influences boot time and I/O performance. Use `openstack volume type list` to get a list of available types.
StateDiskType string `yaml:"stateDiskType" validate:"required"`
// description: |
// AuthURL is the OpenStack Identity endpoint to use inside the cluster.
AuthURL string `yaml:"authURL" validate:"required"`
// description: |
@ -308,22 +284,42 @@ type AttestationConfig struct {
QEMUVTPM *QEMUVTPM `yaml:"qemuVTPM,omitempty" validate:"omitempty,dive"`
}
// NodeGroup defines a group of nodes with the same role and configuration.
// Cloud providers use scaling groups to manage nodes of a group.
type NodeGroup struct {
// description: |
// Role of the nodes in this group. Valid values are "control-plane" and "worker".
Role string `yaml:"role" validate:"required,oneof=control-plane worker"`
// description: |
// Availability zone to place the VMs in.
Zone string `yaml:"zone" validate:"valid_zone"`
// description: |
// VM instance type to use for the nodes.
InstanceType string `yaml:"instanceType" validate:"instance_type"`
// description: |
// Size (in GB) of a node's disk to store the non-volatile state.
StateDiskSizeGB int `yaml:"stateDiskSizeGB" validate:"min=0"`
// description: |
// Type of a node's state disk. The type influences boot time and I/O performance.
StateDiskType string `yaml:"stateDiskType" validate:"disk_type"`
// description: |
// Number of nodes to be initially created.
InitialCount int `yaml:"initialCount" validate:"min=0"`
}
// Default returns a struct with the default config.
// IMPORTANT: Ensure that any state mutation is followed by a call to Validate() to ensure that the config is always in a valid state. Avoid usage outside of tests.
func Default() *Config {
return &Config{
Version: Version3,
Version: Version4,
Image: defaultImage,
Name: defaultName,
MicroserviceVersion: constants.BinaryVersion(),
KubernetesVersion: string(versions.Default),
StateDiskSizeGB: 30,
DebugCluster: toPtr(false),
Provider: ProviderConfig{
AWS: &AWSConfig{
Region: "",
InstanceType: "m6a.xlarge",
StateDiskType: "gp3",
IAMProfileControlPlane: "",
IAMProfileWorkerNodes: "",
DeployCSIDriver: toPtr(true),
@ -334,8 +330,6 @@ func Default() *Config {
Location: "",
UserAssignedIdentity: "",
ResourceGroup: "",
InstanceType: "Standard_DC4as_v5",
StateDiskType: "Premium_LRS",
DeployCSIDriver: toPtr(true),
SecureBoot: toPtr(false),
},
@ -344,8 +338,6 @@ func Default() *Config {
Region: "",
Zone: "",
ServiceAccountKeyPath: "",
InstanceType: "n2d-standard-4",
StateDiskType: "pd-ssd",
DeployCSIDriver: toPtr(true),
},
OpenStack: &OpenStackConfig{
@ -363,6 +355,24 @@ func Default() *Config {
NVRAM: "production",
},
},
NodeGroups: map[string]NodeGroup{
constants.DefaultControlPlaneGroupName: {
Role: "control-plane",
Zone: "",
InstanceType: "",
StateDiskSizeGB: 30,
StateDiskType: "",
InitialCount: 3,
},
constants.DefaultWorkerGroupName: {
Role: "worker",
Zone: "",
InstanceType: "",
StateDiskSizeGB: 30,
StateDiskType: "",
InitialCount: 1,
},
},
// TODO(malt3): remove default attestation config as soon as one-to-one mapping is no longer possible.
// Some problematic pairings:
// OpenStack uses qemu-vtpm as attestation variant
@ -385,7 +395,11 @@ func MiniDefault() (*Config, error) {
config := Default()
config.Name = constants.MiniConstellationUID
config.RemoveProviderAndAttestationExcept(cloudprovider.QEMU)
config.StateDiskSizeGB = 8
for groupName, group := range config.NodeGroups {
group.StateDiskSizeGB = 8
group.InitialCount = 1
config.NodeGroups[groupName] = group
}
// only release images (e.g. v2.7.0) use the production NVRAM
if !config.IsReleaseImage() {
config.Provider.QEMU.NVRAM = "testing"
@ -537,25 +551,26 @@ func (c *Config) RemoveProviderExcept(provider cloudprovider.Provider) {
default:
c.Provider = currentProviderConfigs
}
c.setCSPNodeGroupDefaults(provider)
}
// SetAttestation sets the attestation config for the given attestation variant and removes all other attestation configs.
func (c *Config) SetAttestation(attestation variant.Variant) {
currentAttetationConfigs := c.Attestation
currentAttestationConfigs := c.Attestation
c.Attestation = AttestationConfig{}
switch attestation.(type) {
case variant.AzureSEVSNP:
c.Attestation = AttestationConfig{AzureSEVSNP: currentAttetationConfigs.AzureSEVSNP}
c.Attestation = AttestationConfig{AzureSEVSNP: currentAttestationConfigs.AzureSEVSNP}
case variant.AWSSEVSNP:
c.Attestation = AttestationConfig{AWSSEVSNP: currentAttetationConfigs.AWSSEVSNP}
c.Attestation = AttestationConfig{AWSSEVSNP: currentAttestationConfigs.AWSSEVSNP}
case variant.AWSNitroTPM:
c.Attestation = AttestationConfig{AWSNitroTPM: currentAttetationConfigs.AWSNitroTPM}
c.Attestation = AttestationConfig{AWSNitroTPM: currentAttestationConfigs.AWSNitroTPM}
case variant.AzureTrustedLaunch:
c.Attestation = AttestationConfig{AzureTrustedLaunch: currentAttetationConfigs.AzureTrustedLaunch}
c.Attestation = AttestationConfig{AzureTrustedLaunch: currentAttestationConfigs.AzureTrustedLaunch}
case variant.GCPSEVES:
c.Attestation = AttestationConfig{GCPSEVES: currentAttetationConfigs.GCPSEVES}
c.Attestation = AttestationConfig{GCPSEVES: currentAttestationConfigs.GCPSEVES}
case variant.QEMUVTPM:
c.Attestation = AttestationConfig{QEMUVTPM: currentAttetationConfigs.QEMUVTPM}
c.Attestation = AttestationConfig{QEMUVTPM: currentAttestationConfigs.QEMUVTPM}
}
}
@ -696,15 +711,7 @@ func (c *Config) Validate(force bool) error {
})
// Register AWS, Azure & GCP InstanceType validation error types
if err := validate.RegisterTranslation("aws_instance_type", trans, registerTranslateAWSInstanceTypeError, c.translateAWSInstanceTypeError); err != nil {
return err
}
if err := validate.RegisterTranslation("azure_instance_type", trans, registerTranslateAzureInstanceTypeError, c.translateAzureInstanceTypeError); err != nil {
return err
}
if err := validate.RegisterTranslation("gcp_instance_type", trans, registerTranslateGCPInstanceTypeError, translateGCPInstanceTypeError); err != nil {
if err := validate.RegisterTranslation("instance_type", trans, c.registerTranslateInstanceTypeError, c.translateInstanceTypeError); err != nil {
return err
}
@ -754,18 +761,14 @@ func (c *Config) Validate(force bool) error {
return err
}
// register custom validator with label aws_instance_type to validate the AWS instance type from config input.
if err := validate.RegisterValidation("aws_instance_type", c.validateAWSInstanceType); err != nil {
if err := validate.RegisterValidation("disk_type", c.validateStateDiskTypeField); err != nil {
return err
}
if err := validate.RegisterTranslation("disk_type", trans, registerTranslateDiskTypeError, c.translateDiskTypeError); err != nil {
return err
}
// register custom validator with label azure_instance_type to validate the Azure instance type from config input.
if err := validate.RegisterValidation("azure_instance_type", c.validateAzureInstanceType); err != nil {
return err
}
// register custom validator with label gcp_instance_type to validate the GCP instance type from config input.
if err := validate.RegisterValidation("gcp_instance_type", validateGCPInstanceType); err != nil {
if err := validate.RegisterValidation("instance_type", c.validateInstanceType); err != nil {
return err
}
@ -776,6 +779,26 @@ func (c *Config) Validate(force bool) error {
// Register provider validation
validate.RegisterStructValidation(validateProvider, ProviderConfig{})
// Register NodeGroup validation error types
if err := validate.RegisterTranslation("no_default_control_plane_group", trans, registerNoDefaultControlPlaneGroupError, translateNoDefaultControlPlaneGroupError); err != nil {
return err
}
if err := validate.RegisterTranslation("no_default_worker_group", trans, registerNoDefaultWorkerGroupError, translateNoDefaultWorkerGroupError); err != nil {
return err
}
if err := validate.RegisterTranslation("control_plane_group_initial_count", trans, registerControlPlaneGroupInitialCountError, translateControlPlaneGroupInitialCountError); err != nil {
return err
}
if err := validate.RegisterTranslation("control_plane_group_role_mismatch", trans, registerControlPlaneGroupRoleMismatchError, translateControlPlaneGroupRoleMismatchError); err != nil {
return err
}
if err := validate.RegisterTranslation("worker_group_role_mismatch", trans, registerWorkerGroupRoleMismatchError, translateWorkerGroupRoleMismatchError); err != nil {
return err
}
// Register NodeGroup validation
validate.RegisterStructValidation(validateNodeGroups, Config{})
// Register Attestation validation error types
if err := validate.RegisterTranslation("no_attestation", trans, registerNoAttestationError, translateNoAttestationError); err != nil {
return err
@ -784,12 +807,18 @@ func (c *Config) Validate(force bool) error {
return err
}
if err := validate.RegisterValidation("valid_zone", c.validateNodeGroupZoneField); err != nil {
return err
}
if err := validate.RegisterValidation("aws_region", validateAWSRegionField); err != nil {
return err
}
if err := validate.RegisterValidation("aws_zone", validateAWSZoneField); err != nil {
return err
}
if err := validate.RegisterTranslation("valid_zone", trans, registerValidZoneError, c.translateValidZoneError); err != nil {
return err
}
if err := validate.RegisterTranslation("aws_region", trans, registerAWSRegionError, translateAWSRegionError); err != nil {
return err
}
@ -836,9 +865,7 @@ func (c *Config) WithOpenStackProviderDefaults(openStackProvider string) *Config
switch openStackProvider {
case "stackit":
c.Provider.OpenStack.Cloud = "stackit"
c.Provider.OpenStack.FlavorID = "2715eabe-3ffc-4c36-b02a-efa8c141a96a"
c.Provider.OpenStack.FloatingIPPoolID = "970ace5c-458f-484a-a660-0903bcfd91ad"
c.Provider.OpenStack.StateDiskType = "storage_premium_perf6"
c.Provider.OpenStack.AuthURL = "https://keystone.api.iaas.eu01.stackit.cloud/v3"
c.Provider.OpenStack.UserDomainName = "portal_mvp"
c.Provider.OpenStack.ProjectDomainName = "portal_mvp"
@ -848,11 +875,48 @@ func (c *Config) WithOpenStackProviderDefaults(openStackProvider string) *Config
c.Provider.OpenStack.YawolFlavorID = "3b11b27e-6c73-470d-b595-1d85b95a8cdf"
c.Provider.OpenStack.DeployCSIDriver = toPtr(true)
c.Provider.OpenStack.DirectDownload = toPtr(true)
for groupName, group := range c.NodeGroups {
group.InstanceType = "2715eabe-3ffc-4c36-b02a-efa8c141a96a"
group.StateDiskType = "storage_premium_perf6"
c.NodeGroups[groupName] = group
}
return c
}
return c
}
func (c *Config) setCSPNodeGroupDefaults(csp cloudprovider.Provider) {
var instanceType, stateDiskType, zone string
switch csp {
case cloudprovider.AWS:
instanceType = "m6a.xlarge"
stateDiskType = "gp3"
zone = c.Provider.AWS.Zone
case cloudprovider.Azure:
instanceType = "Standard_DC4as_v5"
stateDiskType = "Premium_LRS"
case cloudprovider.GCP:
instanceType = "n2d-standard-4"
stateDiskType = "pd-ssd"
zone = c.Provider.GCP.Zone
case cloudprovider.QEMU, cloudprovider.OpenStack:
// empty. There are now defaults for this CSP
}
for groupName, group := range c.NodeGroups {
if len(group.InstanceType) == 0 && len(instanceType) != 0 {
group.InstanceType = instanceType
}
if len(group.StateDiskType) == 0 && len(stateDiskType) != 0 {
group.StateDiskType = stateDiskType
}
if len(group.Zone) == 0 && len(zone) != 0 {
group.Zone = zone
}
c.NodeGroups[groupName] = group
}
}
// AWSSEVSNP is the configuration for AWS SEV-SNP attestation.
type AWSSEVSNP struct {
// description: |

View File

@ -19,6 +19,7 @@ var (
OpenStackConfigDoc encoder.Doc
QEMUConfigDoc encoder.Doc
AttestationConfigDoc encoder.Doc
NodeGroupDoc encoder.Doc
UnsupportedAppRegistrationErrorDoc encoder.Doc
AWSSEVSNPDoc encoder.Doc
AWSNitroTPMDoc encoder.Doc
@ -50,36 +51,36 @@ func init() {
ConfigDoc.Fields[2].Note = ""
ConfigDoc.Fields[2].Description = "Name of the cluster."
ConfigDoc.Fields[2].Comments[encoder.LineComment] = "Name of the cluster."
ConfigDoc.Fields[3].Name = "stateDiskSizeGB"
ConfigDoc.Fields[3].Type = "int"
ConfigDoc.Fields[3].Name = "kubernetesVersion"
ConfigDoc.Fields[3].Type = "string"
ConfigDoc.Fields[3].Note = ""
ConfigDoc.Fields[3].Description = "Size (in GB) of a node's disk to store the non-volatile state."
ConfigDoc.Fields[3].Comments[encoder.LineComment] = "Size (in GB) of a node's disk to store the non-volatile state."
ConfigDoc.Fields[4].Name = "kubernetesVersion"
ConfigDoc.Fields[4].Type = "string"
ConfigDoc.Fields[3].Description = "Kubernetes version to be installed into the cluster."
ConfigDoc.Fields[3].Comments[encoder.LineComment] = "Kubernetes version to be installed into the cluster."
ConfigDoc.Fields[4].Name = "microserviceVersion"
ConfigDoc.Fields[4].Type = "Semver"
ConfigDoc.Fields[4].Note = ""
ConfigDoc.Fields[4].Description = "Kubernetes version to be installed into the cluster."
ConfigDoc.Fields[4].Comments[encoder.LineComment] = "Kubernetes version to be installed into the cluster."
ConfigDoc.Fields[5].Name = "microserviceVersion"
ConfigDoc.Fields[5].Type = "Semver"
ConfigDoc.Fields[4].Description = "Microservice version to be installed into the cluster. Defaults to the version of the CLI."
ConfigDoc.Fields[4].Comments[encoder.LineComment] = "Microservice version to be installed into the cluster. Defaults to the version of the CLI."
ConfigDoc.Fields[5].Name = "debugCluster"
ConfigDoc.Fields[5].Type = "bool"
ConfigDoc.Fields[5].Note = ""
ConfigDoc.Fields[5].Description = "Microservice version to be installed into the cluster. Defaults to the version of the CLI."
ConfigDoc.Fields[5].Comments[encoder.LineComment] = "Microservice version to be installed into the cluster. Defaults to the version of the CLI."
ConfigDoc.Fields[6].Name = "debugCluster"
ConfigDoc.Fields[6].Type = "bool"
ConfigDoc.Fields[5].Description = "DON'T USE IN PRODUCTION: enable debug mode and use debug images."
ConfigDoc.Fields[5].Comments[encoder.LineComment] = "DON'T USE IN PRODUCTION: enable debug mode and use debug images."
ConfigDoc.Fields[6].Name = "customEndpoint"
ConfigDoc.Fields[6].Type = "string"
ConfigDoc.Fields[6].Note = ""
ConfigDoc.Fields[6].Description = "DON'T USE IN PRODUCTION: enable debug mode and use debug images."
ConfigDoc.Fields[6].Comments[encoder.LineComment] = "DON'T USE IN PRODUCTION: enable debug mode and use debug images."
ConfigDoc.Fields[7].Name = "customEndpoint"
ConfigDoc.Fields[7].Type = "string"
ConfigDoc.Fields[6].Description = "Optional custom endpoint (DNS name) for the Constellation API server.\nThis can be used to point a custom dns name at the Constellation API server\nand is added to the Subject Alternative Name (SAN) field of the TLS certificate used by the API server.\nA fallback to DNS name is always available."
ConfigDoc.Fields[6].Comments[encoder.LineComment] = "Optional custom endpoint (DNS name) for the Constellation API server."
ConfigDoc.Fields[7].Name = "provider"
ConfigDoc.Fields[7].Type = "ProviderConfig"
ConfigDoc.Fields[7].Note = ""
ConfigDoc.Fields[7].Description = "Optional custom endpoint (DNS name) for the Constellation API server.\nThis can be used to point a custom dns name at the Constellation API server\nand is added to the Subject Alternative Name (SAN) field of the TLS certificate used by the API server.\nA fallback to DNS name is always available."
ConfigDoc.Fields[7].Comments[encoder.LineComment] = "Optional custom endpoint (DNS name) for the Constellation API server."
ConfigDoc.Fields[8].Name = "provider"
ConfigDoc.Fields[8].Type = "ProviderConfig"
ConfigDoc.Fields[7].Description = "Supported cloud providers and their specific configurations."
ConfigDoc.Fields[7].Comments[encoder.LineComment] = "Supported cloud providers and their specific configurations."
ConfigDoc.Fields[8].Name = "nodeGroups"
ConfigDoc.Fields[8].Type = "map[string]NodeGroup"
ConfigDoc.Fields[8].Note = ""
ConfigDoc.Fields[8].Description = "Supported cloud providers and their specific configurations."
ConfigDoc.Fields[8].Comments[encoder.LineComment] = "Supported cloud providers and their specific configurations."
ConfigDoc.Fields[8].Description = "Node groups to be created in the cluster."
ConfigDoc.Fields[8].Comments[encoder.LineComment] = "Node groups to be created in the cluster."
ConfigDoc.Fields[9].Name = "attestation"
ConfigDoc.Fields[9].Type = "AttestationConfig"
ConfigDoc.Fields[9].Note = ""
@ -131,7 +132,7 @@ func init() {
FieldName: "aws",
},
}
AWSConfigDoc.Fields = make([]encoder.Doc, 7)
AWSConfigDoc.Fields = make([]encoder.Doc, 5)
AWSConfigDoc.Fields[0].Name = "region"
AWSConfigDoc.Fields[0].Type = "string"
AWSConfigDoc.Fields[0].Note = ""
@ -142,31 +143,21 @@ func init() {
AWSConfigDoc.Fields[1].Note = ""
AWSConfigDoc.Fields[1].Description = "AWS data center zone name in defined region. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones"
AWSConfigDoc.Fields[1].Comments[encoder.LineComment] = "AWS data center zone name in defined region. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones"
AWSConfigDoc.Fields[2].Name = "instanceType"
AWSConfigDoc.Fields[2].Name = "iamProfileControlPlane"
AWSConfigDoc.Fields[2].Type = "string"
AWSConfigDoc.Fields[2].Note = ""
AWSConfigDoc.Fields[2].Description = "VM instance type to use for Constellation nodes. Needs to support NitroTPM. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enable-nitrotpm-prerequisites.html"
AWSConfigDoc.Fields[2].Comments[encoder.LineComment] = "VM instance type to use for Constellation nodes. Needs to support NitroTPM. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enable-nitrotpm-prerequisites.html"
AWSConfigDoc.Fields[3].Name = "stateDiskType"
AWSConfigDoc.Fields[2].Description = "Name of the IAM profile to use for the control-plane nodes."
AWSConfigDoc.Fields[2].Comments[encoder.LineComment] = "Name of the IAM profile to use for the control-plane nodes."
AWSConfigDoc.Fields[3].Name = "iamProfileWorkerNodes"
AWSConfigDoc.Fields[3].Type = "string"
AWSConfigDoc.Fields[3].Note = ""
AWSConfigDoc.Fields[3].Description = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html"
AWSConfigDoc.Fields[3].Comments[encoder.LineComment] = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html"
AWSConfigDoc.Fields[4].Name = "iamProfileControlPlane"
AWSConfigDoc.Fields[4].Type = "string"
AWSConfigDoc.Fields[4].Note = ""
AWSConfigDoc.Fields[4].Description = "Name of the IAM profile to use for the control-plane nodes."
AWSConfigDoc.Fields[4].Comments[encoder.LineComment] = "Name of the IAM profile to use for the control-plane nodes."
AWSConfigDoc.Fields[5].Name = "iamProfileWorkerNodes"
AWSConfigDoc.Fields[5].Type = "string"
AWSConfigDoc.Fields[5].Note = ""
AWSConfigDoc.Fields[5].Description = "Name of the IAM profile to use for the worker nodes."
AWSConfigDoc.Fields[5].Comments[encoder.LineComment] = "Name of the IAM profile to use for the worker nodes."
AWSConfigDoc.Fields[6].Name = "deployCSIDriver"
AWSConfigDoc.Fields[6].Type = "bool"
AWSConfigDoc.Fields[6].Note = "TODO (msanft): after v2.9 release re-enable \"required\" validation\n"
AWSConfigDoc.Fields[6].Description = "Deploy Persistent Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
AWSConfigDoc.Fields[6].Comments[encoder.LineComment] = "Deploy Persistent Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
AWSConfigDoc.Fields[3].Description = "Name of the IAM profile to use for the worker nodes."
AWSConfigDoc.Fields[3].Comments[encoder.LineComment] = "Name of the IAM profile to use for the worker nodes."
AWSConfigDoc.Fields[4].Name = "deployCSIDriver"
AWSConfigDoc.Fields[4].Type = "bool"
AWSConfigDoc.Fields[4].Note = "TODO (msanft): after v2.9 release re-enable \"required\" validation\n"
AWSConfigDoc.Fields[4].Description = "Deploy Persistent Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
AWSConfigDoc.Fields[4].Comments[encoder.LineComment] = "Deploy Persistent Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
AzureConfigDoc.Type = "AzureConfig"
AzureConfigDoc.Comments[encoder.LineComment] = "AzureConfig are Azure specific configuration values used by the CLI."
@ -177,7 +168,7 @@ func init() {
FieldName: "azure",
},
}
AzureConfigDoc.Fields = make([]encoder.Doc, 9)
AzureConfigDoc.Fields = make([]encoder.Doc, 7)
AzureConfigDoc.Fields[0].Name = "subscription"
AzureConfigDoc.Fields[0].Type = "string"
AzureConfigDoc.Fields[0].Note = ""
@ -203,26 +194,16 @@ func init() {
AzureConfigDoc.Fields[4].Note = ""
AzureConfigDoc.Fields[4].Description = "Authorize spawned VMs to access Azure API."
AzureConfigDoc.Fields[4].Comments[encoder.LineComment] = "Authorize spawned VMs to access Azure API."
AzureConfigDoc.Fields[5].Name = "instanceType"
AzureConfigDoc.Fields[5].Type = "string"
AzureConfigDoc.Fields[5].Name = "deployCSIDriver"
AzureConfigDoc.Fields[5].Type = "bool"
AzureConfigDoc.Fields[5].Note = ""
AzureConfigDoc.Fields[5].Description = "VM instance type to use for Constellation nodes."
AzureConfigDoc.Fields[5].Comments[encoder.LineComment] = "VM instance type to use for Constellation nodes."
AzureConfigDoc.Fields[6].Name = "stateDiskType"
AzureConfigDoc.Fields[6].Type = "string"
AzureConfigDoc.Fields[5].Description = "Deploy Azure Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
AzureConfigDoc.Fields[5].Comments[encoder.LineComment] = "Deploy Azure Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
AzureConfigDoc.Fields[6].Name = "secureBoot"
AzureConfigDoc.Fields[6].Type = "bool"
AzureConfigDoc.Fields[6].Note = ""
AzureConfigDoc.Fields[6].Description = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.microsoft.com/en-us/azure/virtual-machines/disks-types#disk-type-comparison"
AzureConfigDoc.Fields[6].Comments[encoder.LineComment] = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.microsoft.com/en-us/azure/virtual-machines/disks-types#disk-type-comparison"
AzureConfigDoc.Fields[7].Name = "deployCSIDriver"
AzureConfigDoc.Fields[7].Type = "bool"
AzureConfigDoc.Fields[7].Note = ""
AzureConfigDoc.Fields[7].Description = "Deploy Azure Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
AzureConfigDoc.Fields[7].Comments[encoder.LineComment] = "Deploy Azure Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
AzureConfigDoc.Fields[8].Name = "secureBoot"
AzureConfigDoc.Fields[8].Type = "bool"
AzureConfigDoc.Fields[8].Note = ""
AzureConfigDoc.Fields[8].Description = "Enable secure boot for VMs. If enabled, the OS image has to include a virtual machine guest state (VMGS) blob."
AzureConfigDoc.Fields[8].Comments[encoder.LineComment] = "Enable secure boot for VMs. If enabled, the OS image has to include a virtual machine guest state (VMGS) blob."
AzureConfigDoc.Fields[6].Description = "Enable secure boot for VMs. If enabled, the OS image has to include a virtual machine guest state (VMGS) blob."
AzureConfigDoc.Fields[6].Comments[encoder.LineComment] = "Enable secure boot for VMs. If enabled, the OS image has to include a virtual machine guest state (VMGS) blob."
GCPConfigDoc.Type = "GCPConfig"
GCPConfigDoc.Comments[encoder.LineComment] = "GCPConfig are GCP specific configuration values used by the CLI."
@ -233,7 +214,7 @@ func init() {
FieldName: "gcp",
},
}
GCPConfigDoc.Fields = make([]encoder.Doc, 7)
GCPConfigDoc.Fields = make([]encoder.Doc, 5)
GCPConfigDoc.Fields[0].Name = "project"
GCPConfigDoc.Fields[0].Type = "string"
GCPConfigDoc.Fields[0].Note = ""
@ -254,21 +235,11 @@ func init() {
GCPConfigDoc.Fields[3].Note = ""
GCPConfigDoc.Fields[3].Description = "Path of service account key file. For required service account roles, see https://docs.edgeless.systems/constellation/getting-started/install#authorization"
GCPConfigDoc.Fields[3].Comments[encoder.LineComment] = "Path of service account key file. For required service account roles, see https://docs.edgeless.systems/constellation/getting-started/install#authorization"
GCPConfigDoc.Fields[4].Name = "instanceType"
GCPConfigDoc.Fields[4].Type = "string"
GCPConfigDoc.Fields[4].Name = "deployCSIDriver"
GCPConfigDoc.Fields[4].Type = "bool"
GCPConfigDoc.Fields[4].Note = ""
GCPConfigDoc.Fields[4].Description = "VM instance type to use for Constellation nodes."
GCPConfigDoc.Fields[4].Comments[encoder.LineComment] = "VM instance type to use for Constellation nodes."
GCPConfigDoc.Fields[5].Name = "stateDiskType"
GCPConfigDoc.Fields[5].Type = "string"
GCPConfigDoc.Fields[5].Note = ""
GCPConfigDoc.Fields[5].Description = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://cloud.google.com/compute/docs/disks#disk-types"
GCPConfigDoc.Fields[5].Comments[encoder.LineComment] = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://cloud.google.com/compute/docs/disks#disk-types"
GCPConfigDoc.Fields[6].Name = "deployCSIDriver"
GCPConfigDoc.Fields[6].Type = "bool"
GCPConfigDoc.Fields[6].Note = ""
GCPConfigDoc.Fields[6].Description = "Deploy Persistent Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
GCPConfigDoc.Fields[6].Comments[encoder.LineComment] = "Deploy Persistent Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
GCPConfigDoc.Fields[4].Description = "Deploy Persistent Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
GCPConfigDoc.Fields[4].Comments[encoder.LineComment] = "Deploy Persistent Disk CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
OpenStackConfigDoc.Type = "OpenStackConfig"
OpenStackConfigDoc.Comments[encoder.LineComment] = "OpenStackConfig holds config information for OpenStack based Constellation deployments."
@ -279,7 +250,7 @@ func init() {
FieldName: "openstack",
},
}
OpenStackConfigDoc.Fields = make([]encoder.Doc, 18)
OpenStackConfigDoc.Fields = make([]encoder.Doc, 16)
OpenStackConfigDoc.Fields[0].Name = "cloud"
OpenStackConfigDoc.Fields[0].Type = "string"
OpenStackConfigDoc.Fields[0].Note = ""
@ -290,86 +261,76 @@ func init() {
OpenStackConfigDoc.Fields[1].Note = ""
OpenStackConfigDoc.Fields[1].Description = "Availability zone to place the VMs in. For details see: https://docs.openstack.org/nova/latest/admin/availability-zones.html"
OpenStackConfigDoc.Fields[1].Comments[encoder.LineComment] = "Availability zone to place the VMs in. For details see: https://docs.openstack.org/nova/latest/admin/availability-zones.html"
OpenStackConfigDoc.Fields[2].Name = "flavorID"
OpenStackConfigDoc.Fields[2].Name = "floatingIPPoolID"
OpenStackConfigDoc.Fields[2].Type = "string"
OpenStackConfigDoc.Fields[2].Note = ""
OpenStackConfigDoc.Fields[2].Description = "Flavor ID (machine type) to use for the VMs. For details see: https://docs.openstack.org/nova/latest/admin/flavors.html"
OpenStackConfigDoc.Fields[2].Comments[encoder.LineComment] = "Flavor ID (machine type) to use for the VMs. For details see: https://docs.openstack.org/nova/latest/admin/flavors.html"
OpenStackConfigDoc.Fields[3].Name = "floatingIPPoolID"
OpenStackConfigDoc.Fields[2].Description = "Floating IP pool to use for the VMs. For details see: https://docs.openstack.org/ocata/user-guide/cli-manage-ip-addresses.html"
OpenStackConfigDoc.Fields[2].Comments[encoder.LineComment] = "Floating IP pool to use for the VMs. For details see: https://docs.openstack.org/ocata/user-guide/cli-manage-ip-addresses.html"
OpenStackConfigDoc.Fields[3].Name = "authURL"
OpenStackConfigDoc.Fields[3].Type = "string"
OpenStackConfigDoc.Fields[3].Note = ""
OpenStackConfigDoc.Fields[3].Description = "Floating IP pool to use for the VMs. For details see: https://docs.openstack.org/ocata/user-guide/cli-manage-ip-addresses.html"
OpenStackConfigDoc.Fields[3].Comments[encoder.LineComment] = "Floating IP pool to use for the VMs. For details see: https://docs.openstack.org/ocata/user-guide/cli-manage-ip-addresses.html"
OpenStackConfigDoc.Fields[4].Name = "stateDiskType"
OpenStackConfigDoc.Fields[3].Description = "description: |\nAuthURL is the OpenStack Identity endpoint to use inside the cluster.\n"
OpenStackConfigDoc.Fields[3].Comments[encoder.LineComment] = "description: |"
OpenStackConfigDoc.Fields[4].Name = "projectID"
OpenStackConfigDoc.Fields[4].Type = "string"
OpenStackConfigDoc.Fields[4].Note = ""
OpenStackConfigDoc.Fields[4].Description = "Type of a node's state disk. The type influences boot time and I/O performance. Use `openstack volume type list` to get a list of available types."
OpenStackConfigDoc.Fields[4].Comments[encoder.LineComment] = "Type of a node's state disk. The type influences boot time and I/O performance. Use `openstack volume type list` to get a list of available types."
OpenStackConfigDoc.Fields[5].Name = "authURL"
OpenStackConfigDoc.Fields[4].Description = "ProjectID is the ID of the project where a user resides."
OpenStackConfigDoc.Fields[4].Comments[encoder.LineComment] = "ProjectID is the ID of the project where a user resides."
OpenStackConfigDoc.Fields[5].Name = "projectName"
OpenStackConfigDoc.Fields[5].Type = "string"
OpenStackConfigDoc.Fields[5].Note = ""
OpenStackConfigDoc.Fields[5].Description = "description: |\nAuthURL is the OpenStack Identity endpoint to use inside the cluster.\n"
OpenStackConfigDoc.Fields[5].Comments[encoder.LineComment] = "description: |"
OpenStackConfigDoc.Fields[6].Name = "projectID"
OpenStackConfigDoc.Fields[5].Description = "ProjectName is the name of the project where a user resides."
OpenStackConfigDoc.Fields[5].Comments[encoder.LineComment] = "ProjectName is the name of the project where a user resides."
OpenStackConfigDoc.Fields[6].Name = "userDomainName"
OpenStackConfigDoc.Fields[6].Type = "string"
OpenStackConfigDoc.Fields[6].Note = ""
OpenStackConfigDoc.Fields[6].Description = "ProjectID is the ID of the project where a user resides."
OpenStackConfigDoc.Fields[6].Comments[encoder.LineComment] = "ProjectID is the ID of the project where a user resides."
OpenStackConfigDoc.Fields[7].Name = "projectName"
OpenStackConfigDoc.Fields[6].Description = "UserDomainName is the name of the domain where a user resides."
OpenStackConfigDoc.Fields[6].Comments[encoder.LineComment] = "UserDomainName is the name of the domain where a user resides."
OpenStackConfigDoc.Fields[7].Name = "projectDomainName"
OpenStackConfigDoc.Fields[7].Type = "string"
OpenStackConfigDoc.Fields[7].Note = ""
OpenStackConfigDoc.Fields[7].Description = "ProjectName is the name of the project where a user resides."
OpenStackConfigDoc.Fields[7].Comments[encoder.LineComment] = "ProjectName is the name of the project where a user resides."
OpenStackConfigDoc.Fields[8].Name = "userDomainName"
OpenStackConfigDoc.Fields[7].Description = "ProjectDomainName is the name of the domain where a project resides."
OpenStackConfigDoc.Fields[7].Comments[encoder.LineComment] = "ProjectDomainName is the name of the domain where a project resides."
OpenStackConfigDoc.Fields[8].Name = "regionName"
OpenStackConfigDoc.Fields[8].Type = "string"
OpenStackConfigDoc.Fields[8].Note = ""
OpenStackConfigDoc.Fields[8].Description = "UserDomainName is the name of the domain where a user resides."
OpenStackConfigDoc.Fields[8].Comments[encoder.LineComment] = "UserDomainName is the name of the domain where a user resides."
OpenStackConfigDoc.Fields[9].Name = "projectDomainName"
OpenStackConfigDoc.Fields[8].Description = "description: |\nRegionName is the name of the region to use inside the cluster.\n"
OpenStackConfigDoc.Fields[8].Comments[encoder.LineComment] = "description: |"
OpenStackConfigDoc.Fields[9].Name = "username"
OpenStackConfigDoc.Fields[9].Type = "string"
OpenStackConfigDoc.Fields[9].Note = ""
OpenStackConfigDoc.Fields[9].Description = "ProjectDomainName is the name of the domain where a project resides."
OpenStackConfigDoc.Fields[9].Comments[encoder.LineComment] = "ProjectDomainName is the name of the domain where a project resides."
OpenStackConfigDoc.Fields[10].Name = "regionName"
OpenStackConfigDoc.Fields[9].Description = "Username to use inside the cluster."
OpenStackConfigDoc.Fields[9].Comments[encoder.LineComment] = "Username to use inside the cluster."
OpenStackConfigDoc.Fields[10].Name = "password"
OpenStackConfigDoc.Fields[10].Type = "string"
OpenStackConfigDoc.Fields[10].Note = ""
OpenStackConfigDoc.Fields[10].Description = "description: |\nRegionName is the name of the region to use inside the cluster.\n"
OpenStackConfigDoc.Fields[10].Comments[encoder.LineComment] = "description: |"
OpenStackConfigDoc.Fields[11].Name = "username"
OpenStackConfigDoc.Fields[11].Type = "string"
OpenStackConfigDoc.Fields[10].Description = "Password to use inside the cluster. You can instead use the environment variable \"CONSTELL_OS_PASSWORD\"."
OpenStackConfigDoc.Fields[10].Comments[encoder.LineComment] = "Password to use inside the cluster. You can instead use the environment variable \"CONSTELL_OS_PASSWORD\"."
OpenStackConfigDoc.Fields[11].Name = "directDownload"
OpenStackConfigDoc.Fields[11].Type = "bool"
OpenStackConfigDoc.Fields[11].Note = ""
OpenStackConfigDoc.Fields[11].Description = "Username to use inside the cluster."
OpenStackConfigDoc.Fields[11].Comments[encoder.LineComment] = "Username to use inside the cluster."
OpenStackConfigDoc.Fields[12].Name = "password"
OpenStackConfigDoc.Fields[12].Type = "string"
OpenStackConfigDoc.Fields[11].Description = "If enabled, downloads OS image directly from source URL to OpenStack. Otherwise, downloads image to local machine and uploads to OpenStack."
OpenStackConfigDoc.Fields[11].Comments[encoder.LineComment] = "If enabled, downloads OS image directly from source URL to OpenStack. Otherwise, downloads image to local machine and uploads to OpenStack."
OpenStackConfigDoc.Fields[12].Name = "deployYawolLoadBalancer"
OpenStackConfigDoc.Fields[12].Type = "bool"
OpenStackConfigDoc.Fields[12].Note = ""
OpenStackConfigDoc.Fields[12].Description = "Password to use inside the cluster. You can instead use the environment variable \"CONSTELL_OS_PASSWORD\"."
OpenStackConfigDoc.Fields[12].Comments[encoder.LineComment] = "Password to use inside the cluster. You can instead use the environment variable \"CONSTELL_OS_PASSWORD\"."
OpenStackConfigDoc.Fields[13].Name = "directDownload"
OpenStackConfigDoc.Fields[13].Type = "bool"
OpenStackConfigDoc.Fields[12].Description = "Deploy Yawol loadbalancer. For details see: https://github.com/stackitcloud/yawol"
OpenStackConfigDoc.Fields[12].Comments[encoder.LineComment] = "Deploy Yawol loadbalancer. For details see: https://github.com/stackitcloud/yawol"
OpenStackConfigDoc.Fields[13].Name = "yawolImageID"
OpenStackConfigDoc.Fields[13].Type = "string"
OpenStackConfigDoc.Fields[13].Note = ""
OpenStackConfigDoc.Fields[13].Description = "If enabled, downloads OS image directly from source URL to OpenStack. Otherwise, downloads image to local machine and uploads to OpenStack."
OpenStackConfigDoc.Fields[13].Comments[encoder.LineComment] = "If enabled, downloads OS image directly from source URL to OpenStack. Otherwise, downloads image to local machine and uploads to OpenStack."
OpenStackConfigDoc.Fields[14].Name = "deployYawolLoadBalancer"
OpenStackConfigDoc.Fields[14].Type = "bool"
OpenStackConfigDoc.Fields[13].Description = "OpenStack OS image used by the yawollet. For details see: https://github.com/stackitcloud/yawol"
OpenStackConfigDoc.Fields[13].Comments[encoder.LineComment] = "OpenStack OS image used by the yawollet. For details see: https://github.com/stackitcloud/yawol"
OpenStackConfigDoc.Fields[14].Name = "yawolFlavorID"
OpenStackConfigDoc.Fields[14].Type = "string"
OpenStackConfigDoc.Fields[14].Note = ""
OpenStackConfigDoc.Fields[14].Description = "Deploy Yawol loadbalancer. For details see: https://github.com/stackitcloud/yawol"
OpenStackConfigDoc.Fields[14].Comments[encoder.LineComment] = "Deploy Yawol loadbalancer. For details see: https://github.com/stackitcloud/yawol"
OpenStackConfigDoc.Fields[15].Name = "yawolImageID"
OpenStackConfigDoc.Fields[15].Type = "string"
OpenStackConfigDoc.Fields[14].Description = "OpenStack flavor id used for yawollets. For details see: https://github.com/stackitcloud/yawol"
OpenStackConfigDoc.Fields[14].Comments[encoder.LineComment] = "OpenStack flavor id used for yawollets. For details see: https://github.com/stackitcloud/yawol"
OpenStackConfigDoc.Fields[15].Name = "deployCSIDriver"
OpenStackConfigDoc.Fields[15].Type = "bool"
OpenStackConfigDoc.Fields[15].Note = ""
OpenStackConfigDoc.Fields[15].Description = "OpenStack OS image used by the yawollet. For details see: https://github.com/stackitcloud/yawol"
OpenStackConfigDoc.Fields[15].Comments[encoder.LineComment] = "OpenStack OS image used by the yawollet. For details see: https://github.com/stackitcloud/yawol"
OpenStackConfigDoc.Fields[16].Name = "yawolFlavorID"
OpenStackConfigDoc.Fields[16].Type = "string"
OpenStackConfigDoc.Fields[16].Note = ""
OpenStackConfigDoc.Fields[16].Description = "OpenStack flavor id used for yawollets. For details see: https://github.com/stackitcloud/yawol"
OpenStackConfigDoc.Fields[16].Comments[encoder.LineComment] = "OpenStack flavor id used for yawollets. For details see: https://github.com/stackitcloud/yawol"
OpenStackConfigDoc.Fields[17].Name = "deployCSIDriver"
OpenStackConfigDoc.Fields[17].Type = "bool"
OpenStackConfigDoc.Fields[17].Note = ""
OpenStackConfigDoc.Fields[17].Description = "Deploy Cinder CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
OpenStackConfigDoc.Fields[17].Comments[encoder.LineComment] = "Deploy Cinder CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
OpenStackConfigDoc.Fields[15].Description = "Deploy Cinder CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
OpenStackConfigDoc.Fields[15].Comments[encoder.LineComment] = "Deploy Cinder CSI driver with on-node encryption. For details see: https://docs.edgeless.systems/constellation/architecture/encrypted-storage"
QEMUConfigDoc.Type = "QEMUConfig"
QEMUConfigDoc.Comments[encoder.LineComment] = "QEMUConfig holds config information for QEMU based Constellation deployments."
@ -468,6 +429,47 @@ func init() {
AttestationConfigDoc.Fields[6].Description = "QEMU vTPM attestation."
AttestationConfigDoc.Fields[6].Comments[encoder.LineComment] = "QEMU vTPM attestation."
NodeGroupDoc.Type = "NodeGroup"
NodeGroupDoc.Comments[encoder.LineComment] = "NodeGroup defines a group of nodes with the same role and configuration."
NodeGroupDoc.Description = "NodeGroup defines a group of nodes with the same role and configuration.\nCloud providers use scaling groups to manage nodes of a group.\n"
NodeGroupDoc.AppearsIn = []encoder.Appearance{
{
TypeName: "Config",
FieldName: "nodeGroups",
},
}
NodeGroupDoc.Fields = make([]encoder.Doc, 6)
NodeGroupDoc.Fields[0].Name = "role"
NodeGroupDoc.Fields[0].Type = "string"
NodeGroupDoc.Fields[0].Note = ""
NodeGroupDoc.Fields[0].Description = "Role of the nodes in this group. Valid values are \"control-plane\" and \"worker\"."
NodeGroupDoc.Fields[0].Comments[encoder.LineComment] = "Role of the nodes in this group. Valid values are \"control-plane\" and \"worker\"."
NodeGroupDoc.Fields[1].Name = "zone"
NodeGroupDoc.Fields[1].Type = "string"
NodeGroupDoc.Fields[1].Note = ""
NodeGroupDoc.Fields[1].Description = "Availability zone to place the VMs in."
NodeGroupDoc.Fields[1].Comments[encoder.LineComment] = "Availability zone to place the VMs in."
NodeGroupDoc.Fields[2].Name = "instanceType"
NodeGroupDoc.Fields[2].Type = "string"
NodeGroupDoc.Fields[2].Note = ""
NodeGroupDoc.Fields[2].Description = "VM instance type to use for the nodes."
NodeGroupDoc.Fields[2].Comments[encoder.LineComment] = "VM instance type to use for the nodes."
NodeGroupDoc.Fields[3].Name = "stateDiskSizeGB"
NodeGroupDoc.Fields[3].Type = "int"
NodeGroupDoc.Fields[3].Note = ""
NodeGroupDoc.Fields[3].Description = "Size (in GB) of a node's disk to store the non-volatile state."
NodeGroupDoc.Fields[3].Comments[encoder.LineComment] = "Size (in GB) of a node's disk to store the non-volatile state."
NodeGroupDoc.Fields[4].Name = "stateDiskType"
NodeGroupDoc.Fields[4].Type = "string"
NodeGroupDoc.Fields[4].Note = ""
NodeGroupDoc.Fields[4].Description = "Type of a node's state disk. The type influences boot time and I/O performance."
NodeGroupDoc.Fields[4].Comments[encoder.LineComment] = "Type of a node's state disk. The type influences boot time and I/O performance."
NodeGroupDoc.Fields[5].Name = "initialCount"
NodeGroupDoc.Fields[5].Type = "int"
NodeGroupDoc.Fields[5].Note = ""
NodeGroupDoc.Fields[5].Description = "Number of nodes to be initially created."
NodeGroupDoc.Fields[5].Comments[encoder.LineComment] = "Number of nodes to be initially created."
UnsupportedAppRegistrationErrorDoc.Type = "UnsupportedAppRegistrationError"
UnsupportedAppRegistrationErrorDoc.Comments[encoder.LineComment] = "UnsupportedAppRegistrationError is returned when the config contains configuration related to now unsupported app registrations."
UnsupportedAppRegistrationErrorDoc.Description = "UnsupportedAppRegistrationError is returned when the config contains configuration related to now unsupported app registrations."
@ -674,6 +676,10 @@ func (_ AttestationConfig) Doc() *encoder.Doc {
return &AttestationConfigDoc
}
func (_ NodeGroup) Doc() *encoder.Doc {
return &NodeGroupDoc
}
func (_ UnsupportedAppRegistrationError) Doc() *encoder.Doc {
return &UnsupportedAppRegistrationErrorDoc
}
@ -724,6 +730,7 @@ func GetConfigurationDoc() *encoder.FileDoc {
&OpenStackConfigDoc,
&QEMUConfigDoc,
&AttestationConfigDoc,
&NodeGroupDoc,
&UnsupportedAppRegistrationErrorDoc,
&AWSSEVSNPDoc,
&AWSNitroTPMDoc,

View File

@ -36,6 +36,10 @@ const (
ConstellationVerifyServiceUserData = "VerifyService"
// AttestationVariant is the name of the environment variable that contains the attestation variant.
AttestationVariant = "CONSTEL_ATTESTATION_VARIANT"
// DefaultControlPlaneGroupName is the name of the default control plane node group.
DefaultControlPlaneGroupName = "control_plane_default"
// DefaultWorkerGroupName is the name of the default worker node group.
DefaultWorkerGroupName = "worker_default"
//
// Ports.