Commit Graph

99 Commits

Author SHA1 Message Date
Leonard Cohnen
2fb4c15753 remove aws nitro attestation 2022-04-21 14:50:22 +02:00
Daniel Weiße
37aff14cab AB#1903 Push keys to restarting nodes on trigger RPC
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-04-21 13:08:02 +02:00
Malte Poll
3ce3978063 update state disk passphrase on activation
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-04-21 11:45:54 +02:00
Malte Poll
1b6ecf27ee add cryptsetup wrapper to core
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-04-21 11:45:54 +02:00
Malte Poll
bb56b46e21 implement cryptsetup wrapper to change disk passphrase of constellation state disk
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-04-21 11:45:54 +02:00
Malte Poll
98aced1b36 remove AWS nitro dependencies & add libcryptsetup
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-04-21 11:45:54 +02:00
Benedict Schlüter
938beec2ef add KMS to multi-coordinator (#68) 2022-04-20 15:22:39 +02:00
Benedict Schlüter
990ca20469 increase gRPC error message verbosity (#62) 2022-04-16 20:57:33 +02:00
Benedict
8d5c50014d coordinator: add new multi-coord gRPC functions 2022-04-13 14:05:20 +02:00
Benedict
f0e35a43d4 peer: save PublicIP instead of publicEndpoint / add multi-coord gRPCs 2022-04-13 14:05:20 +02:00
Malte Poll
55a1aa783f Persist Node State to disk after node activation
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-04-13 13:07:10 +02:00
Malte Poll
0501d07f4a VPN: Add method to retrieve wireguard private key
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-04-13 13:07:10 +02:00
Malte Poll
e10a47f255 file handler: Add "mkdirAll" flag
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-04-13 13:07:10 +02:00
Daniel Weiße
49a1a07049 AB#1902 Ping Coordinator from initramfs for key (#53)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-04-12 14:24:36 +02:00
Malte Poll
4c73c5076e Integration tests: use simulated TPM in debug coordinator
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-04-12 14:11:07 +02:00
Malte Poll
bcd8c36777 Coordinator start: add skeleton to check for pre-existing node state
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-04-12 14:11:07 +02:00
Malte Poll
462052427f Add constellation node state
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-04-12 14:11:07 +02:00
Malte Poll
be004c971d Coordinator vTPM: add method to check for previous node initialization
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-04-12 14:11:07 +02:00
Malte Poll
af1aca4b34 Coordinator Role: json marshaling as string 2022-04-12 14:11:07 +02:00
datosh
4abb483902 Ref/store ectd (#45)
Improved unit & integration tests for store, by making them independent and test a single thing.
2022-04-12 09:38:10 +02:00
Thomas Tendyck
ea4b9d2d85 coordinator: send additional status log messages to cli in ActivateAsCoordinator 2022-04-05 16:23:48 +02:00
Malte Poll
f77536b38b Use containerd CRI socket in kubernetes 2022-04-04 10:57:54 +02:00
Daniel Weiße
f1299a40f4 Update GCP KMS tests and implementation
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-04-01 09:41:15 +02:00
Benedict
8a6825c429 refactor storewrapper IP handling / add coordinator IP-Block 2022-03-30 14:37:43 +02:00
Benedict
04be09d5d3 store: new error type (noElementsLeft) 2022-03-30 14:37:43 +02:00
Benedict
0718452bf9 etcdstore: fix missing errorcheck 2022-03-30 14:37:43 +02:00
Daniel Weiße
3282995bda AB#1877 Set location in azure cloud config
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-03-30 09:04:59 +02:00
Benedict Schlüter
719b6d5f6f separate addPeer into VPN- and store-add (#18) 2022-03-29 16:49:11 +02:00
Malte Poll
cf738bb973 Cloud provider Azure: add Secrets / Volumes / VolumeMounts / Env to cluster-autoscaler deployment 2022-03-29 15:13:30 +02:00
Malte Poll
97685648a4 Cloud provider GCP: add Secrets / Volumes / VolumeMounts / Env to cluster-autoscaler deployment 2022-03-29 15:13:30 +02:00
Malte Poll
203ae6df96 Cloud provider AWS: add Secrets / Volumes / VolumeMounts / Env to cluster-autoscaler deployment 2022-03-29 15:13:30 +02:00
Malte Poll
1e7794b4c2 Add Secrets / Volumes / VolumeMounts / Env to cluster-autoscaler deployment 2022-03-29 15:13:30 +02:00
Malte Poll
efdd88459b fix cloud-node-manager stub 2022-03-29 15:13:30 +02:00
Daniel Weiße
71b5a0c6c0 Set vmType in azure cloud config
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-03-29 13:40:40 +02:00
Malte Poll
391e36c0ac create and use kubeadm join token with no expiry 2022-03-28 13:58:09 +02:00
Malte Poll
037569cd85 Cloud provider fake: adopt changes to CCM / CNM for debug_coordinator 2022-03-28 13:35:21 +02:00
Malte Poll
20811794c2 Cloud provider Azure: adopt changes to CCM / CNM for Azure 2022-03-28 13:35:21 +02:00
Malte Poll
3c1ddfb94e Cloud provider GCP: adopt changes to CCM / CNM for GCP 2022-03-28 13:35:21 +02:00
Malte Poll
a59ce30e7b Cloud provider AWS: adopt changes to CCM / CNM for AWS 2022-03-28 13:35:21 +02:00
Malte Poll
78d2358b9c k8s: Use cloud provider ip as kubelet node-ip (if available) 2022-03-28 13:35:21 +02:00
Malte Poll
f5eddf8af0 Cloud providers: Add CloudNodeManager 2022-03-28 13:35:21 +02:00
Malte Poll
2158377f9f Cloud providers: Extend CCM with ExtraArgs / ConfigMaps / Secrets / Volumes / VolumeMounts and provide CloudServiceAccountURI 2022-03-28 13:35:21 +02:00
Malte Poll
bf726ebd87 k8s resource marshaler tests 2022-03-28 13:35:21 +02:00
Malte Poll
2ab846dd1a Extend k8s resource marshaling to slices 2022-03-28 13:35:21 +02:00
Benedict Schlüter
6f695892bf move updatePeers directly to the VPN and omit the store layer (#4) 2022-03-25 16:05:17 +01:00
Thomas Tendyck
2503d6e132 remove unused helpers in storewrapper 2022-03-25 13:35:08 +01:00
Thomas Tendyck
b1818ba089 fix stuttering StoreValueUnsetError 2022-03-25 13:35:08 +01:00
Daniel Weiße
f8e9c70337 Rework kms folder structure
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-03-25 09:38:16 +01:00
Leonard Cohnen
2d8fcd9bf4 monorepo
Co-authored-by: Malte Poll <mp@edgeless.systems>
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
Co-authored-by: Benedict Schlueter <bs@edgeless.systems>
Co-authored-by: leongross <leon.gross@rub.de>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
2022-03-22 16:09:39 +01:00