feat: implement integration with Discovery Service

This provides integration layer with discovery service to provide cluster discovery (and transitively KubeSpan peer discovery). Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
siderolabs · Sep 28, 2021 · 30ae714 · 30ae714
1 parent 353d632
commit 30ae714
Show file tree

Hide file tree

Showing 10 changed files with 745 additions and 3 deletions.
diff --git a/go.mod b/go.mod
@@ -73,6 +73,7 @@ require (
 	github.com/spf13/cobra v1.2.1
 	github.com/stretchr/testify v1.7.0
 	github.com/talos-systems/crypto v0.3.2
+	github.com/talos-systems/discovery-service v0.0.3-0.20210928170742-e9d5dfa15e92
 	github.com/talos-systems/go-blockdevice v0.2.4-0.20210925062844-70d28650b398
 	github.com/talos-systems/go-cmd v0.1.0
 	github.com/talos-systems/go-debug v0.2.1

diff --git a/go.sum b/go.sum
@@ -1042,6 +1042,8 @@ github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG
 github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=
 github.com/talos-systems/crypto v0.3.2 h1:I+MC9ql6K29EMlbPzdSeHZInSRWdze1FX1qGGrlom8Q=
 github.com/talos-systems/crypto v0.3.2/go.mod h1:xaNCB2/Bxaj+qrkdeodhRv5eKQVvKOGBBMj58MrIPY8=
+github.com/talos-systems/discovery-service v0.0.3-0.20210928170742-e9d5dfa15e92 h1:Z381kVGNLIZyvmCN6yhJSA0k5ArrTApVXwxB6u6gZXM=
+github.com/talos-systems/discovery-service v0.0.3-0.20210928170742-e9d5dfa15e92/go.mod h1:+9VWFbTcUChtlE0qc2fQ3Lyj1kj2AakFQ/ITnaB8Pd0=
 github.com/talos-systems/go-blockdevice v0.2.3/go.mod h1:qnn/zDc09I1DA2BUDDCOSA2D0P8pIDjN8pGiRoRaQig=
 github.com/talos-systems/go-blockdevice v0.2.4-0.20210925062844-70d28650b398 h1:4NH2IPnswmMfhU0Jb39vtik8xa7J3eObB1rbxhKzpO4=
 github.com/talos-systems/go-blockdevice v0.2.4-0.20210925062844-70d28650b398/go.mod h1:qnn/zDc09I1DA2BUDDCOSA2D0P8pIDjN8pGiRoRaQig=

diff --git a/internal/app/machined/pkg/controllers/cluster/config.go b/internal/app/machined/pkg/controllers/cluster/config.go
@@ -6,7 +6,10 @@ package cluster
 
 import (
 	"context"
+	"encoding/base64"
 	"fmt"
+	"net"
+	"net/url"
 
 	"github.com/AlekSi/pointer"
 	"github.com/cosi-project/runtime/pkg/controller"
@@ -74,6 +77,39 @@ func (ctrl *ConfigController) Run(ctx context.Context, r controller.Runtime, log
 
 					if c.Cluster().Discovery().Enabled() {
 						res.(*cluster.Config).TypedSpec().RegistryKubernetesEnabled = c.Cluster().Discovery().Registries().Kubernetes().Enabled()
+						res.(*cluster.Config).TypedSpec().RegistryServiceEnabled = c.Cluster().Discovery().Registries().Service().Enabled()
+
+						if c.Cluster().Discovery().Registries().Service().Enabled() {
+							var u *url.URL
+
+							u, err = url.ParseRequestURI(c.Cluster().Discovery().Registries().Service().Endpoint())
+							if err != nil {
+								return err
+							}
+
+							host := u.Hostname()
+							port := u.Port()
+
+							if port == "" {
+								port = "443" // use default https port
+							}
+
+							res.(*cluster.Config).TypedSpec().ServiceEndpoint = net.JoinHostPort(host, port)
+
+							res.(*cluster.Config).TypedSpec().ServiceEncryptionKey, err = base64.StdEncoding.DecodeString(c.Cluster().Secret())
+							if err != nil {
+								return err
+							}
+
+							res.(*cluster.Config).TypedSpec().ServiceClusterID = c.Cluster().ID()
+						} else {
+							res.(*cluster.Config).TypedSpec().ServiceEndpoint = ""
+							res.(*cluster.Config).TypedSpec().ServiceEncryptionKey = nil
+							res.(*cluster.Config).TypedSpec().ServiceClusterID = ""
+						}
+					} else {
+						res.(*cluster.Config).TypedSpec().RegistryKubernetesEnabled = false
+						res.(*cluster.Config).TypedSpec().RegistryServiceEnabled = false
 					}
 
 					return nil

diff --git a/internal/app/machined/pkg/controllers/cluster/config_test.go b/internal/app/machined/pkg/controllers/cluster/config_test.go
@@ -1,6 +1,7 @@
 // This Source Code Form is subject to the terms of the Mozilla Public
 // License, v. 2.0. If a copy of the MPL was not distributed with this
 // file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
 package cluster_test
 
 import (
@@ -29,6 +30,8 @@ func (suite *ConfigSuite) TestReconcileConfig() {
 	cfg := config.NewMachineConfig(&v1alpha1.Config{
 		ConfigVersion: "v1alpha1",
 		ClusterConfig: &v1alpha1.ClusterConfig{
+			ClusterID:     "cluster1",
+			ClusterSecret: "kCQsKr4B28VUl7qw1sVkTDNF9fFH++ViIuKsss+C6kc=",
 			ClusterDiscoveryConfig: v1alpha1.ClusterDiscoveryConfig{
 				DiscoveryEnabled: true,
 			},
@@ -47,6 +50,57 @@ func (suite *ConfigSuite) TestReconcileConfig() {
 
 				suite.Assert().True(spec.DiscoveryEnabled)
 				suite.Assert().True(spec.RegistryKubernetesEnabled)
+				suite.Assert().True(spec.RegistryServiceEnabled)
+				suite.Assert().Equal("discovery.talos.dev:443", spec.ServiceEndpoint)
+				suite.Assert().Equal("cluster1", spec.ServiceClusterID)
+				suite.Assert().Equal(
+					[]byte("\x90\x24\x2c\x2a\xbe\x01\xdb\xc5\x54\x97\xba\xb0\xd6\xc5\x64\x4c\x33\x45\xf5\xf1\x47\xfb\xe5\x62\x22\xe2\xac\xb2\xcf\x82\xea\x47"),
+					spec.ServiceEncryptionKey)
+
+				return nil
+			},
+		),
+	))
+}
+
+func (suite *ConfigSuite) TestReconcileConfigCustom() {
+	suite.Require().NoError(suite.runtime.RegisterController(&clusterctrl.ConfigController{}))
+
+	suite.startRuntime()
+
+	cfg := config.NewMachineConfig(&v1alpha1.Config{
+		ConfigVersion: "v1alpha1",
+		ClusterConfig: &v1alpha1.ClusterConfig{
+			ClusterID:     "cluster1",
+			ClusterSecret: "kCQsKr4B28VUl7qw1sVkTDNF9fFH++ViIuKsss+C6kc=",
+			ClusterDiscoveryConfig: v1alpha1.ClusterDiscoveryConfig{
+				DiscoveryEnabled: true,
+				DiscoveryRegistries: v1alpha1.DiscoveryRegistriesConfig{
+					RegistryKubernetes: v1alpha1.RegistryKubernetesConfig{
+						RegistryDisabled: true,
+					},
+					RegistryService: v1alpha1.RegistryServiceConfig{
+						RegistryEndpoint: "https://[2001:470:6d:30e:565d:e162:e2a0:cf5a]:3456/",
+					},
+				},
+			},
+		},
+	})
+
+	suite.Require().NoError(suite.state.Create(suite.ctx, cfg))
+
+	specMD := resource.NewMetadata(config.NamespaceName, cluster.ConfigType, cluster.ConfigID, resource.VersionUndefined)
+
+	suite.Assert().NoError(retry.Constant(3*time.Second, retry.WithUnits(100*time.Millisecond)).Retry(
+		suite.assertResource(
+			specMD,
+			func(res resource.Resource) error {
+				spec := res.(*cluster.Config).TypedSpec()
+
+				suite.Assert().True(spec.DiscoveryEnabled)
+				suite.Assert().False(spec.RegistryKubernetesEnabled)
+				suite.Assert().True(spec.RegistryServiceEnabled)
+				suite.Assert().Equal("[2001:470:6d:30e:565d:e162:e2a0:cf5a]:3456", spec.ServiceEndpoint)
 
 				return nil
 			},