mirror of https://github.com/status-im/consul.git
Add sequence diagram for leader boot sequence
This commit is contained in:
parent
fa833ac0f8
commit
b843a98890
|
@ -94,6 +94,9 @@ Periodic (or background) opeartions are started automatically by the Consul lead
|
||||||
3. called by Auto-Config to sign a leaf cert for a client agent
|
3. called by Auto-Config to sign a leaf cert for a client agent
|
||||||
|
|
||||||
### detailed call flow
|
### detailed call flow
|
||||||
- sequence diagram for leader election
|
![CA Leader Sequence](./ca-leader-sequence.svg)
|
||||||
|
|
||||||
|
<sup>[source](./ca-leader-sequence.mmd)</sup>
|
||||||
|
|
||||||
- sequence diagram for leaf signing
|
- sequence diagram for leaf signing
|
||||||
- sequence diagram for CA cert rotation
|
- sequence diagram for CA cert rotation
|
||||||
|
|
|
@ -0,0 +1,19 @@
|
||||||
|
sequenceDiagram
|
||||||
|
Participant Provider
|
||||||
|
Participant PL As Primary Leader
|
||||||
|
Participant SL As Secondary Leader
|
||||||
|
Alt Primary don't have a valid CA
|
||||||
|
PL->>Provider:initializeRootCA (fetch root and sign intermediate)
|
||||||
|
Provider->>PL:root + intermediate
|
||||||
|
PL->>PL:RPC ConnectCA.Roots (fetch primary root and store it)
|
||||||
|
end
|
||||||
|
SL->>PL: RPC ConnectCA.Roots (fetch primary root and store it)
|
||||||
|
PL->>SL: Root + intermediate
|
||||||
|
Alt Secondary needs a new intermediate (check if current intermediate is signed by primary root)
|
||||||
|
SL->>Provider: Generate CSR
|
||||||
|
Provider->>SL: CSR
|
||||||
|
SL->>PL: ConnectCA.SignIntermediate (CSR)
|
||||||
|
PL->>SL: Intermediate CA (secondary)
|
||||||
|
SL->>Provider: Set Intermediate (secondary CA) + root (primary CA)
|
||||||
|
SL->>SL: Store certs in RAFT (primary root + secondary intermediate)
|
||||||
|
end
|
File diff suppressed because one or more lines are too long
After Width: | Height: | Size: 12 KiB |
Loading…
Reference in New Issue