From cbb0ee520c4ce0558e753802ec75afac332a4791 Mon Sep 17 00:00:00 2001 From: Moritz Sanft <58110325+msanft@users.noreply.github.com> Date: Thu, 12 Dec 2024 10:26:35 +0100 Subject: [PATCH] rfc: add platform support RFC This adds an RFC for platform support and representation in Contrast. This is in very much of a bare-bones stage now, so reviews and critique are welcome. --- rfc/008-platform-support.md | 102 ++++++++++++++++++ .../config/vocabularies/edgeless/accept.txt | 10 +- 2 files changed, 108 insertions(+), 4 deletions(-) create mode 100644 rfc/008-platform-support.md diff --git a/rfc/008-platform-support.md b/rfc/008-platform-support.md new file mode 100644 index 0000000000..4edde49884 --- /dev/null +++ b/rfc/008-platform-support.md @@ -0,0 +1,102 @@ +# RFC 008: Platform Support + +## Objective + +Find an in-code representation for Contrast platforms that enables conditionals based on platform features, +rather than full platform definitions. + +## Problem statement + +Contrast currently distinguishes between platforms based on their distinct features. +Taking the `AKS-CLH-SNP` platform as an example, this serialized platform string conveys +the following information: + +- Kubernetes engine: `AKS` + - (Implicit: Kata upstream / Microsoft fork) +- Hypervisor: `CLH` +- Hardware platform: `SNP` + +The user picks such a platform through its serialized string (for example `AKS-CLH-SNP`), and the +code then implements actions based upon that, such as when writing platform-specific Kata +configuration values in the [node-installer]. + +To perform these actions in the code, conditionals based on the platform are necessary. + +Currently, platforms are represented as an int alias type: + +```go +type Platform int +``` + +The individual platforms thus are represented by instantiations of said type: + +```go +AKSCloudHypervisorSNP Platform = 1 +``` + +Conditionals thus need to work on full platforms, making them look like: + +```go +// TDX platforms only +if platform == platforms.K3sQEMUTDX || platform == platforms.RKE2QEMUTDX { + // .. +} +``` + +This isn't only cumbersome to write, but also easy to make errors in. For example when forgetting to +match against a certain platform. + +[node-installer]: https://github.com/edgelesssys/contrast/blob/3f39682ea9a383b2557923e257bd065e461b8ee6/nodeinstaller/internal/constants/constants.go#L48 + +## Proposal + +### Structured Representation + +Throughout the implementation code, platforms shouldn't be represented as _individual combinations_, +but rather through a generic, structured type that contains information about their _features_. + +So `AKS-CLH-SNP` could become something like this: + +```go +type Platform struct { + ContainerdConfigPath string + UnitsToRestart []string + Snapshotter Snapshotter + GPUSupport bool + Debug bool + Hypervisor Hypervisor + HardwarePlatform HardwarePlatform +} + +// AKS-CLH-SNP +foo := Platform{ + ContainerdConfigPath: "/etc/containerd/config.tomL", + UnitsToRestart: []string{"containerd.service"}, + GPUSupport: false, + Debug: false, + Hypervisor: CloudHypervisor, + HardwarePlatform: SNP, +} +``` + +This would allow the implementation code (for example the aforementioned switch for [Kata configuration]) +to be reduced to only depend on the information bits it requires. + +For example, this: + +```go +case platforms.MetalQEMUTDX, platforms.K3sQEMUTDX, platforms.RKE2QEMUTDX: +``` + +Could become this: + +```go +case TDX +``` + +This would also enable easy validation of user error, as the individual types can be checked for +validity at parsing time, making invalid states unrepresentable [^1]. + +[Kata configuration]: https://github.com/edgelesssys/contrast/blob/3f39682ea9a383b2557923e257bd065e461b8ee6/nodeinstaller/internal/constants/constants.go#L48 + +[^1]: https://geeklaunch.io/blog/make-invalid-states-unrepresentable/ diff --git a/tools/vale/styles/config/vocabularies/edgeless/accept.txt b/tools/vale/styles/config/vocabularies/edgeless/accept.txt index 30ad9b0082..117b6b3795 100644 --- a/tools/vale/styles/config/vocabularies/edgeless/accept.txt +++ b/tools/vale/styles/config/vocabularies/edgeless/accept.txt @@ -33,6 +33,7 @@ cyber datacenter Datadog deallocate +deduplicate DEK Dockerfile Dynatrace @@ -57,6 +58,7 @@ hyperv IAM Initializer initramfs +initrd Inkscape iodepth IPSec @@ -85,6 +87,7 @@ paravisor PCR plaintext podman +precalculator protobuf proxied QEMU @@ -94,9 +97,11 @@ Rekor resizable resourceGroup rollout +RTMR runtime safeguardable SBOM +serializable sigstore snapshotter SSD @@ -115,6 +120,7 @@ tmpfs TPM underspecified unencrypted +unrepresentable unspoofable untrusted updatable @@ -133,7 +139,3 @@ Xeon xsltproc Zipkin # keep-sorted end -RTMR -RTMRs -precalculator -initrd