Commit Graph

118 Commits

Author SHA1 Message Date
cm
3177b2fdb7 AB#2032 Write IDs to disk and read when verifying (#212)
* AB#2032 Write IDs to disk and read when verifying

* Update CHANGELOG.md

* update changelog

* update changelog

* cli verify: prefer flag values

* Rename fid file

Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
2022-07-01 10:57:29 +02:00
Daniel Weiße
f9a581f329 Add aTLS endpoint to KMS (#236)
* Move file watcher and validator to internal

* Add aTLS endpoint to KMS for Kubernetes external requests

* Update Go version in Dockerfiles

* Move most KMS packages to internal

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-29 16:13:01 +02:00
Daniel Weiße
042f668d20 AB#2190 Verification service (#232)
* Add verification service

* Update verify command to use new Constellation verification service

* Deploy verification service on cluster init

* Update pcr-reader to use verification service

* Add verification service build workflow

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-28 17:03:28 +02:00
Daniel Weiße
e6b1156849 AB#2169 Implement control-plane activation in activation service (#217)
* Implement Control Plane activation flow

* Rename Activation RPCs

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-21 11:10:32 +02:00
Daniel Weiße
4842d29aff AB#2111 Deploy activation service on cluster init (#205)
* Deploy activation service on cluster init

* Use base image with CA certificates for activation service

* Improve KMS server 

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-15 16:00:48 +02:00
Daniel Weiße
691ab84326 Update version variable
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-08 17:17:06 +02:00
Daniel Weiße
b461c40c3a Implement activation service
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-08 17:17:06 +02:00
Leonard Cohnen
791d5564ba replace flannel with cilium 2022-06-02 13:08:25 +02:00
Christoph Meyer
db5468a886 Deploy KMS server image in Constellation
Add image pull secret for ghcr.io
2022-05-31 11:13:26 +02:00
Malte Poll
baa7dbc1ef Move debugd config to separate file
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-05-16 15:20:23 +02:00
Fabian Kammel
094a8b7659 Feat/config/generate (#136)
Implement config command & generate verb to write default configuration to file or stdout.
2022-05-12 15:14:52 +02:00
cm
c63d7126e7 AB#1943 Extract KMS package (#56)
* Extract kmsapi from coordinator

* Add kmsapi cmd server
2022-05-10 12:35:17 +02:00
Malte Poll
c9226de9ab Create kubernetes join token on demand
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-05-06 12:12:44 +02:00
Malte Poll
ddcb4dc95f Pin kubernetes version deployed by kubeadm init
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-05-05 09:15:41 +02:00
katexochen
1189078c5a Replace mutiple args with flags
AB#1955
2022-05-04 17:14:03 +02:00
Malte Poll
e13ec3f914 "constellation recover" CLI command
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-05-04 08:41:32 +02:00
datosh
2a766a3ab5 Feat/conformity test (#79)
* Added files required to request conformance with kubernetes
* Extended firewall implementation to allow port ranges
* Added default nodeport range to vpc network config
2022-04-26 17:09:03 +02:00
katexochen
1a9b33d738 Restructure config and constants 2022-04-21 09:06:35 +02:00