netmaker/netclient/server/grpc.go

352 lines
9.5 KiB
Go
Raw Normal View History

2021-05-26 00:48:04 +08:00
package server
2021-05-20 01:59:10 +08:00
import (
2021-08-03 06:06:26 +08:00
"crypto/tls"
"encoding/json"
2021-05-26 00:48:04 +08:00
"log"
"net"
2021-08-03 06:06:26 +08:00
"strconv"
2021-08-07 02:22:21 +08:00
"strings"
2021-05-26 00:48:04 +08:00
"time"
2021-08-03 06:06:26 +08:00
nodepb "github.com/gravitl/netmaker/grpc"
"github.com/gravitl/netmaker/models"
"github.com/gravitl/netmaker/netclient/auth"
2021-05-26 00:48:04 +08:00
"github.com/gravitl/netmaker/netclient/config"
2021-08-03 06:06:26 +08:00
"github.com/gravitl/netmaker/netclient/local"
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"
2021-05-26 00:48:04 +08:00
"google.golang.org/grpc/metadata"
2021-05-20 01:59:10 +08:00
)
2021-08-03 06:06:26 +08:00
func getGrpcClient(cfg *config.ClientConfig) (nodepb.NodeServiceClient, error) {
servercfg := cfg.Server
var wcclient nodepb.NodeServiceClient
// == GRPC SETUP ==
var requestOpts grpc.DialOption
requestOpts = grpc.WithInsecure()
if cfg.Server.GRPCSSL == "on" {
h2creds := credentials.NewTLS(&tls.Config{NextProtos: []string{"h2"}})
requestOpts = grpc.WithTransportCredentials(h2creds)
}
conn, err := grpc.Dial(servercfg.GRPCAddress, requestOpts)
if err != nil {
return nil, err
2021-05-26 00:48:04 +08:00
}
2021-08-03 06:06:26 +08:00
wcclient = nodepb.NewNodeServiceClient(conn)
return wcclient, nil
2021-05-26 00:48:04 +08:00
}
2021-08-03 06:06:26 +08:00
func CheckIn(network string) (*models.Node, error) {
cfg, err := config.ReadConfig(network)
if err != nil {
return nil, err
}
node := cfg.Node
wcclient, err := getGrpcClient(cfg)
if err != nil {
return nil, err
}
// == run client action ==
var header metadata.MD
ctx, err := auth.SetJWT(wcclient, network)
nodeData, err := json.Marshal(&node)
if err != nil {
return nil, err
}
response, err := wcclient.ReadNode(
ctx,
&nodepb.Object{
Data: string(nodeData),
Type: nodepb.NODE_TYPE,
},
grpc.Header(&header),
)
if err != nil {
log.Printf("Encountered error checking in node: %v", err)
}
if err = json.Unmarshal([]byte(response.GetData()), &node); err != nil {
return nil, err
}
return &node, err
}
2021-05-26 00:48:04 +08:00
func RemoveNetwork(network string) error {
2021-08-03 06:06:26 +08:00
//need to implement checkin on server side
cfg, err := config.ReadConfig(network)
if err != nil {
return err
}
2021-05-26 00:48:04 +08:00
servercfg := cfg.Server
2021-08-03 06:06:26 +08:00
node := cfg.Node
2021-08-07 02:09:42 +08:00
log.Println("Deleting remote node with MAC: " + node.MacAddress)
2021-05-26 00:48:04 +08:00
2021-08-03 06:06:26 +08:00
var wcclient nodepb.NodeServiceClient
var requestOpts grpc.DialOption
requestOpts = grpc.WithInsecure()
if cfg.Server.GRPCSSL == "on" {
h2creds := credentials.NewTLS(&tls.Config{NextProtos: []string{"h2"}})
requestOpts = grpc.WithTransportCredentials(h2creds)
}
conn, err := grpc.Dial(servercfg.GRPCAddress, requestOpts)
2021-05-26 00:48:04 +08:00
if err != nil {
2021-08-03 06:06:26 +08:00
log.Printf("Unable to establish client connection to "+servercfg.GRPCAddress+": %v", err)
2021-05-26 00:48:04 +08:00
//return err
2021-08-03 06:06:26 +08:00
} else {
wcclient = nodepb.NewNodeServiceClient(conn)
ctx, err := auth.SetJWT(wcclient, network)
if err != nil {
//return err
log.Printf("Failed to authenticate: %v", err)
} else {
2021-05-26 00:48:04 +08:00
2021-08-03 06:06:26 +08:00
var header metadata.MD
2021-05-26 00:48:04 +08:00
2021-08-03 06:06:26 +08:00
_, err = wcclient.DeleteNode(
ctx,
&nodepb.Object{
Data: node.MacAddress + "###" + node.Network,
Type: nodepb.STRING_TYPE,
},
grpc.Header(&header),
)
if err != nil {
log.Printf("Encountered error deleting node: %v", err)
2021-08-07 02:09:42 +08:00
log.Println(err)
2021-08-03 06:06:26 +08:00
} else {
2021-08-07 02:09:42 +08:00
log.Println("Deleted node " + node.MacAddress)
2021-08-03 06:06:26 +08:00
}
}
2021-05-26 00:48:04 +08:00
}
err = local.WipeLocal(network)
if err != nil {
2021-08-03 06:06:26 +08:00
log.Printf("Unable to wipe local config: %v", err)
2021-05-26 00:48:04 +08:00
}
2021-06-02 00:23:05 +08:00
if cfg.Daemon != "off" {
2021-08-03 06:06:26 +08:00
err = local.RemoveSystemDServices(network)
2021-06-02 00:23:05 +08:00
}
return err
2021-05-26 00:48:04 +08:00
}
func GetPeers(macaddress string, network string, server string, dualstack bool, isIngressGateway bool) ([]wgtypes.PeerConfig, bool, []string, error) {
2021-08-03 06:06:26 +08:00
//need to implement checkin on server side
hasGateway := false
var gateways []string
var peers []wgtypes.PeerConfig
var wcclient nodepb.NodeServiceClient
cfg, err := config.ReadConfig(network)
if err != nil {
log.Fatalf("Issue retrieving config for network: "+network+". Please investigate: %v", err)
}
nodecfg := cfg.Node
keepalive := nodecfg.PersistentKeepalive
keepalivedur, err := time.ParseDuration(strconv.FormatInt(int64(keepalive), 10) + "s")
keepaliveserver, err := time.ParseDuration(strconv.FormatInt(int64(5), 10) + "s")
if err != nil {
log.Fatalf("Issue with format of keepalive value. Please update netconfig: %v", err)
}
2021-05-20 01:59:10 +08:00
2021-08-03 06:06:26 +08:00
requestOpts := grpc.WithInsecure()
if cfg.Server.GRPCSSL == "on" {
h2creds := credentials.NewTLS(&tls.Config{NextProtos: []string{"h2"}})
requestOpts = grpc.WithTransportCredentials(h2creds)
}
2021-07-16 03:14:48 +08:00
conn, err := grpc.Dial(server, requestOpts)
2021-08-03 06:06:26 +08:00
if err != nil {
log.Fatalf("Unable to establish client connection to localhost:50051: %v", err)
}
// Instantiate the BlogServiceClient with our client connection to the server
wcclient = nodepb.NewNodeServiceClient(conn)
2021-05-20 01:59:10 +08:00
2021-08-03 06:06:26 +08:00
req := &nodepb.Object{
Data: macaddress + "###" + network,
Type: nodepb.STRING_TYPE,
}
2021-08-06 04:46:23 +08:00
ctx, err := auth.SetJWT(wcclient, network)
2021-08-03 06:06:26 +08:00
if err != nil {
log.Println("Failed to authenticate.")
return peers, hasGateway, gateways, err
}
var header metadata.MD
2021-05-20 01:59:10 +08:00
2021-08-03 06:06:26 +08:00
response, err := wcclient.GetPeers(ctx, req, grpc.Header(&header))
if err != nil {
log.Println("Error retrieving peers")
log.Println(err)
return nil, hasGateway, gateways, err
}
var nodes []models.Node
if err := json.Unmarshal([]byte(response.GetData()), &nodes); err != nil {
log.Println("Error unmarshaling data for peers")
return nil, hasGateway, gateways, err
}
for _, node := range nodes {
pubkey, err := wgtypes.ParseKey(node.PublicKey)
if err != nil {
2021-08-07 02:09:42 +08:00
log.Println("error parsing key")
2021-08-03 06:06:26 +08:00
return peers, hasGateway, gateways, err
}
2021-05-20 01:59:10 +08:00
2021-08-03 06:06:26 +08:00
if nodecfg.PublicKey == node.PublicKey {
continue
}
if nodecfg.Endpoint == node.Endpoint {
if nodecfg.LocalAddress != node.LocalAddress && node.LocalAddress != "" {
node.Endpoint = node.LocalAddress
2021-06-03 12:55:39 +08:00
} else {
continue
}
2021-08-03 06:06:26 +08:00
}
2021-05-20 01:59:10 +08:00
2021-08-03 06:06:26 +08:00
var peer wgtypes.PeerConfig
var peeraddr = net.IPNet{
IP: net.ParseIP(node.Address),
Mask: net.CIDRMask(32, 32),
}
var allowedips []net.IPNet
allowedips = append(allowedips, peeraddr)
if node.IsEgressGateway == "yes" {
hasGateway = true
ranges := node.EgressGatewayRanges
2021-07-27 22:48:58 +08:00
for _, iprange := range ranges {
2021-08-03 06:06:26 +08:00
_, ipnet, err := net.ParseCIDR(iprange)
2021-08-07 03:29:34 +08:00
nodeEndpointArr := strings.Split(node.Endpoint, ":")
if len(nodeEndpointArr) != 2 || ipnet.Contains(net.IP(nodeEndpointArr[0])) {
continue
}
gateways = append(gateways, iprange)
2021-08-03 06:06:26 +08:00
if err != nil {
2021-08-07 02:09:42 +08:00
log.Println("ERROR ENCOUNTERED SETTING GATEWAY")
2021-08-03 06:06:26 +08:00
} else {
2021-08-07 03:29:34 +08:00
allowedips = append(allowedips, *ipnet)
2021-08-03 06:06:26 +08:00
}
}
}
if node.Address6 != "" && dualstack {
var addr6 = net.IPNet{
IP: net.ParseIP(node.Address6),
Mask: net.CIDRMask(128, 128),
}
allowedips = append(allowedips, addr6)
}
2021-08-10 00:43:09 +08:00
if nodecfg.IsServer == "yes" {
2021-08-03 06:06:26 +08:00
peer = wgtypes.PeerConfig{
PublicKey: pubkey,
PersistentKeepaliveInterval: &keepaliveserver,
ReplaceAllowedIPs: true,
AllowedIPs: allowedips,
2021-07-27 22:48:58 +08:00
}
2021-07-27 01:57:50 +08:00
} else if keepalive != 0 {
2021-08-03 06:06:26 +08:00
peer = wgtypes.PeerConfig{
PublicKey: pubkey,
PersistentKeepaliveInterval: &keepalivedur,
Endpoint: &net.UDPAddr{
IP: net.ParseIP(node.Endpoint),
Port: int(node.ListenPort),
},
ReplaceAllowedIPs: true,
AllowedIPs: allowedips,
}
} else {
peer = wgtypes.PeerConfig{
PublicKey: pubkey,
Endpoint: &net.UDPAddr{
IP: net.ParseIP(node.Endpoint),
Port: int(node.ListenPort),
},
ReplaceAllowedIPs: true,
AllowedIPs: allowedips,
}
}
peers = append(peers, peer)
2021-05-20 01:59:10 +08:00
2021-08-03 06:06:26 +08:00
}
if isIngressGateway {
extPeers, err := GetExtPeers(macaddress, network, server, dualstack)
if err == nil {
peers = append(peers, extPeers...)
} else {
2021-08-07 02:09:42 +08:00
log.Println("ERROR RETRIEVING EXTERNAL PEERS")
2021-08-03 06:06:26 +08:00
}
}
return peers, hasGateway, gateways, err
2021-05-20 01:59:10 +08:00
}
2021-05-26 00:48:04 +08:00
func GetExtPeers(macaddress string, network string, server string, dualstack bool) ([]wgtypes.PeerConfig, error) {
2021-08-03 06:06:26 +08:00
var peers []wgtypes.PeerConfig
var wcclient nodepb.NodeServiceClient
cfg, err := config.ReadConfig(network)
if err != nil {
log.Fatalf("Issue retrieving config for network: "+network+". Please investigate: %v", err)
}
nodecfg := cfg.Node
2021-05-20 01:59:10 +08:00
2021-08-03 06:06:26 +08:00
requestOpts := grpc.WithInsecure()
conn, err := grpc.Dial(server, requestOpts)
if err != nil {
log.Fatalf("Unable to establish client connection to localhost:50051: %v", err)
}
// Instantiate the BlogServiceClient with our client connection to the server
wcclient = nodepb.NewNodeServiceClient(conn)
2021-05-20 01:59:10 +08:00
2021-08-03 06:06:26 +08:00
req := &nodepb.Object{
Data: macaddress + "###" + network,
Type: nodepb.STRING_TYPE,
}
ctx, err := auth.SetJWT(wcclient, network)
2021-08-03 06:06:26 +08:00
if err != nil {
2021-08-07 02:09:42 +08:00
log.Println("Failed to authenticate.")
2021-08-03 06:06:26 +08:00
return peers, err
}
var header metadata.MD
2021-05-20 01:59:10 +08:00
2021-08-03 06:06:26 +08:00
responseObject, err := wcclient.GetExtPeers(ctx, req, grpc.Header(&header))
if err != nil {
2021-08-07 02:09:42 +08:00
log.Println("Error retrieving peers")
log.Println(err)
2021-08-03 06:06:26 +08:00
return nil, err
}
var extPeers []models.Node
2021-08-06 03:29:38 +08:00
if err = json.Unmarshal([]byte(responseObject.Data), &extPeers); err != nil {
2021-08-03 06:06:26 +08:00
return nil, err
}
for _, extPeer := range extPeers {
pubkey, err := wgtypes.ParseKey(extPeer.PublicKey)
if err != nil {
2021-08-07 02:09:42 +08:00
log.Println("error parsing key")
2021-08-03 06:06:26 +08:00
return peers, err
}
2021-05-20 01:59:10 +08:00
2021-08-03 06:06:26 +08:00
if nodecfg.PublicKey == extPeer.PublicKey {
continue
}
2021-05-20 01:59:10 +08:00
2021-08-03 06:06:26 +08:00
var peer wgtypes.PeerConfig
var peeraddr = net.IPNet{
IP: net.ParseIP(extPeer.Address),
Mask: net.CIDRMask(32, 32),
}
var allowedips []net.IPNet
allowedips = append(allowedips, peeraddr)
2021-05-20 01:59:10 +08:00
2021-08-03 06:06:26 +08:00
if extPeer.Address6 != "" && dualstack {
var addr6 = net.IPNet{
IP: net.ParseIP(extPeer.Address6),
Mask: net.CIDRMask(128, 128),
}
allowedips = append(allowedips, addr6)
}
peer = wgtypes.PeerConfig{
PublicKey: pubkey,
ReplaceAllowedIPs: true,
AllowedIPs: allowedips,
}
peers = append(peers, peer)
}
return peers, err
2021-05-20 01:59:10 +08:00
}