24af06b02f
* deps: update Go dependencies * bazel: force Gazelle generation for xDS xDS has an upstream set of build files that makes Gazelle consider their project a whole new Bazel project, which makes Gazelle not generate any build files, even though the upstream ones aren't valid. See https://github.com/cncf/xds/issues/104. * go: update cel.dev/expr for Bazel fixes cel.dev/expr had some upstream Bazel fixes in v0.16.2 without which Gazelle doesn't work. * chore: generate * e2e: remove references to kubeProxyVersion kubeProxyVersion is deprecated as of KEP-4004. It was never being set to an accurate value before, and we only used it in the e2e test, so removing the additional check should not hurt here. See https://github.com/kubernetes/enhancements/tree/master/keps/sig-network/4004-deprecate-kube-proxy-version * constellation-node-operator: use typed rate-limiter The untyped rate-limiter was deprecated in favor of a generic one that can just be instantiated to `any` to achieve the previous behaviour. * Advertise ALPN settings in NextProtos required by gRPC Signed-off-by: Daniel Weiße <dw@edgeless.systems> * atls: add nextProtos nextProtos (for ALPN) is now required by gRPC, so add it. * go: add cri-client replace * deps: tidy all modules --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Daniel Weiße <dw@edgeless.systems> Co-authored-by: edgelessci <edgelessci@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| cmd | ||
| filebeat | ||
| internal | ||
| logstash | ||
| metricbeat | ||
| service | ||
| README.md | ||
debug daemon (debugd)
Debugd is a tool we built to allow for shorter iteration cycles during development.
The debugd gets embedded into OS images at the place where the bootstrapper normally sits.
Therefore, when a debug image is started, the debugd starts executing instead of the bootstrapper.
The debugd will then wait for a request from the cdbg tool to upload a bootstrapper binary.
Once the upload is finished debugd will start the bootstrapper.
Subsequently you can initialize your cluster with constellation apply as usual.
Build cdbg
The cdbg tool is part of the //:devbuild target, if you follow the generic build instructions at build-develop-deploy.
If you need to build cdbg standalone for your current platform, you can run
bazel build //debugd/cmd/cdbg:cdbg_host
debugd & cdbg usage
Follow the debug-cluster workflow to deploy a bootstrapper with cdbg and debugd.
Logcollection to Opensearch
You can enable the logcollection of debugd to send logs to Opensearch.
On Azure, ensure your user assigned identity has the Key Vault Secrets User role assigned on the key vault opensearch-creds.
On AWS, attach the SecretManagerE2E policy to your control-plane and worker node role.
When deploying with cdbg, enable by setting the logcollect=true and your name logcollect.admin=yourname.
./cdbg deploy --info logcollect=true,logcollect.admin=yourname
# OR
./cdbg deploy --info logcollect=true --info logcollect.admin=yourname
Other available fields can be found in the filed list
For QEMU, the credentials for Opensearch must be parsed via the info flag as well:
./cdbg deploy \
--info logcollect=true \
--info logcollect.admin=yourname \
--info qemu.opensearch-pw='xxxxxxx'
Remember to use single quotes for the password.
You will also need to increase the memory size of QEMU to 4GB.