Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-09-23 01:35:52 +00:00
Code Issues Packages Projects Releases Wiki Activity
e534c6a338
constellation/coordinator/core/activate.go
katexochen e534c6a338 Self activation of nodes
2022-07-14 17:25:18 +02:00

68 lines
2.1 KiB
Go
Raw Blame History

package core
import (
"context"
"errors"
"fmt"
"github.com/edgelesssys/constellation/coordinator/role"
"github.com/edgelesssys/constellation/coordinator/state"
kubeadm "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta3"
)
// SetNodeActive activates as node and joins the cluster.
func (c *Core) SetNodeActive(diskKey, ownerID, clusterID []byte, kubeAPIendpoint, token, discoveryCACertHash string) (reterr error) {
c.mut.Lock()
defer c.mut.Unlock()
if err := c.RequireState(state.AcceptingInit); err != nil {
return fmt.Errorf("node is not in required state for activation: %w", err)
}
if len(ownerID) == 0 || len(clusterID) == 0 {
c.zaplogger.Error("Missing data to taint worker node as initialized")
return errors.New("missing data to taint worker node as initialized")
}
// If any of the following actions fail, we cannot revert.
// Thus, mark this peer as failed.
defer func() {
if reterr != nil {
_ = c.AdvanceState(state.Failed, nil, nil)
}
}()
// AdvanceState MUST be called before any other functions that are not sanity checks or otherwise required
// This ensures the node is marked as initialzed before the node is in a state that allows code execution
// Any new additions to ActivateAsNode MUST come after
if err := c.AdvanceState(state.IsNode, ownerID, clusterID); err != nil {
return fmt.Errorf("advancing node state: %w", err)
}
// TODO: SSH keys are currently not available from the Aaas, so we can't create user SSH keys here.
if err := c.PersistNodeState(role.Node, "", ownerID, clusterID); err != nil {
return fmt.Errorf("persisting node state: %w", err)
}
if err := c.UpdateDiskPassphrase(string(diskKey)); err != nil {
return fmt.Errorf("updateing disk passphrase: %w", err)
}
btd := &kubeadm.BootstrapTokenDiscovery{
APIServerEndpoint: kubeAPIendpoint,
Token: token,
CACertHashes: []string{discoveryCACertHash},
}
if err := c.JoinCluster(context.TODO(), btd, "", role.Node); err != nil {
return fmt.Errorf("joining Kubernetes cluster: %w", err)
}
return nil
}
// SetCoordinatorActive activates as coordinator.
func (c *Core) SetCoordinatorActive() error {
panic("not implemented")
}
Reference in New Issue View Git Blame Copy Permalink