Commit Graph

654 Commits

Author SHA1 Message Date
Daniel Weiße
c6ff34f4d2 Use Certificate Requests to issue Kubelet Certificates and set CA (#261)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-15 09:33:11 +02:00
Malte Poll
49e98286a9 bump coreos 1657814939
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-07-15 09:15:55 +02:00
Daniel Weiße
edf424d415 Refactor bootstrapper logging
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-15 09:09:56 +02:00
Malte Poll
50188d1d93 pseudo-version: always use tag name instead of message
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-07-15 09:04:37 +02:00
Malte Poll
ea9450dcfd Update CHANGELOG 2022-07-14 18:03:49 +02:00
Malte Poll
f63c99a1bd Use go pseudo versions for container images
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-07-14 17:34:33 +02:00
Malte Poll
d1d24ca587 pseudo-version: allow tags that are only references 2022-07-14 17:25:18 +02:00
Malte Poll
cce2611e2a Simplify node lock and various small changes
Co-authored-by: Fabian Kammel <fabian@kammel.dev>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2022-07-14 17:25:18 +02:00
Daniel Weiße
2bcf001d52 Distribute k8s CA certificates and key over join-service
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-14 17:25:18 +02:00
Malte Poll
260d2571c1 Only upload kubeadm certs if key is rotated
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
Co-authored-by: 3u13r <lc@edgeless.systems>
2022-07-14 17:25:18 +02:00
daniel-weisse
586b65f089 Cache kubeadm certificate keys to avoid race conditions
Signed-off-by: daniel-weisse <daniel.weisse@gmx.net>
2022-07-14 17:25:18 +02:00
Malte Poll
5d54ce689b Print kubeadm init/join output on success 2022-07-14 17:25:18 +02:00
katexochen
66b573ea5d Bootstrapper 2022-07-14 17:25:18 +02:00
katexochen
1af18e990d Rename all activation 2022-07-14 17:25:18 +02:00
katexochen
2083d37b11 Create internal package for joinservice 2022-07-14 17:25:18 +02:00
katexochen
43eb94b6dc Bootstrapper 2022-07-14 17:25:18 +02:00
katexochen
15adba9235 Simplify joinproto 2022-07-14 17:25:18 +02:00
katexochen
dc9e8e75df Rename activation to joinservice 2022-07-14 17:25:18 +02:00
katexochen
dea23604fb Bootstrapper 2022-07-14 17:25:18 +02:00
katexochen
916e5d6b55 Rename coordinator to bootstrapper and rename roles 2022-07-14 17:25:18 +02:00
Malte Poll
3280ed200c Test IntervalRetrier 2022-07-14 17:25:18 +02:00
katexochen
f79674cbb8 Bootstrapper 2022-07-14 17:25:18 +02:00
katexochen
4f93f8f45c Move discencryption package into internal 2022-07-14 17:25:18 +02:00
katexochen
d8c8b12307 Move logging package into internal 2022-07-14 17:25:18 +02:00
katexochen
fc35084379 Move kubernetes package into internal 2022-07-14 17:25:18 +02:00
katexochen
09e86e6c5d Refactor provider metadata 2022-07-14 17:25:18 +02:00
katexochen
32f1f5fd3e Delete Coordinator core and apis 2022-07-14 17:25:18 +02:00
katexochen
e534c6a338 Self activation of nodes 2022-07-14 17:25:18 +02:00
Fabian Kammel
00dfff6840 AB#2158 publish measurements (#268)
* cleaned up actions and new measure action to generate, sign and upload measurements
* improve constellation ip fetching to support multiple control nodes
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-07-13 14:04:46 +02:00
Fabian Kammel
66eef5bc70 fix version typo (#267)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-07-12 17:37:36 +02:00
Fabian Kammel
9d3ab0042c Ref/prepare changelog for v1.3.1 (#263)
* prepare changelog.
* document lb fix
* set release version for cli
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: 3u13r <lc@edgeless.systems>
2022-07-11 15:19:56 +02:00
Fabian Kammel
be989851d7 Use supported image and start pipeline one hour earlier for less waiting in gcp e2e (#264) 2022-07-11 12:52:10 +02:00
Nils Hanke
14a15e131a Modify accepted list of Azure VM types (#250)
* Add more instances types for Azure (with commented out entries)

* Remove commented out entries

* Only AMD VMs

* Comment out CVMs (not supported yet)

* Adjust comments
2022-07-10 13:27:05 +02:00
Fabian Kammel
8a299b54a3 Temporarily ignore failing e2e tests (#260)
* ignore failing e2e tests on gcp
Co-authored-by: Fabian Kammel <fk@edgelss.systems>
2022-07-08 18:18:48 +02:00
Fabian Kammel
b4fd4fbacd Fix/add verify grpc port to lb (#262)
* Add verify port to lb
* Use correct health probe
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-07-08 18:18:23 +02:00
Malte Poll
7e6ad541c6 Bump coreos images to 1657199013
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-07-08 14:28:04 +02:00
Malte Poll
c4646191e2 Allow downgrade of azure cli package 2022-07-07 16:16:48 +02:00
Malte Poll
7411d04bcf Pin azure cli to version 2.37.0 2022-07-07 16:16:48 +02:00
Malte Poll
adcd00c8e2 Install azure CLI from apt repo (bug was fixed) 2022-07-07 16:16:48 +02:00
Fabian Kammel
c279bb7a38 make signing keys optional in build step, since e2e test does not require signing (#254)
* make signing keys optional in build step, since e2e test does not require signing
2022-07-07 12:18:41 +02:00
Daniel Weiße
9bab6dbc64 [RFC] Proof of Ownership (#240)
Signed-off-by: daniel-weisse <daniel.weisse@gmx.net>
2022-07-07 11:44:12 +02:00
Daniel Weiße
67c45f3d5b CoreOS build pipeline fix (#256)
* Remove invalid build step

* Only upload Coordinator on main branch

Signed-off-by: daniel-weisse <dw@edgeless.systems>
2022-07-07 11:28:12 +02:00
Malte Poll
4f536c083d remove duplicate coordinator name (#255)
* remove duplicate coordinator name
* Adjust if condition
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
2022-07-06 16:41:48 +02:00
Fabian Kammel
c2359fa6c8 Fix/release process (#253)
* fix path to artifacts.
* add release step to docs
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-07-05 16:55:14 +02:00
Fabian Kammel
95e2c91821 Prepare for v1.3.0 (#242)
Update CHANGELOG.md & versions.
2022-07-05 16:07:15 +02:00
Daniel Weiße
3b94a6b620 Fix service naming (#252)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-05 15:31:06 +02:00
Nils Hanke
bc5471e9b3 Delete cluster IDs file on terminate 2022-07-05 14:41:58 +02:00
Nils Hanke
259c88fa1a IDsFilename -> ClusterIDsFilename 2022-07-05 14:41:58 +02:00
Daniel Weiße
24cba8d91a Use Constellation KMS instead of deprecated vpn API for requesting keys (#248)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-05 09:48:47 +02:00
Daniel Weiße
4be29b04dc AB#1915 Local PCR calculation (#243)
* Add QEMU cloud-logging

* Add QEMU metadata endpoints to collect logs during cluster boot

* Send PCRs to QEMU metadata if boot fails on Azure or GCP

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-07-04 12:59:43 +02:00