mirror of
https://github.com/gravitl/netmaker.git
synced 2025-09-09 22:55:02 +08:00
Abhishek K
GitHub
commit
376a3b911b
3 changed files with 50 additions and 65 deletions
|
|
@ -26,10 +26,6 @@ func getNodeStatusOld(node *models.Node) {
|
||||||
|
|
||||||
func GetNodeStatus(node *models.Node, defaultEnabledPolicy bool) {
|
func GetNodeStatus(node *models.Node, defaultEnabledPolicy bool) {
|
||||||
|
|
||||||
if time.Since(node.LastCheckIn) > models.LastCheckInThreshold {
|
|
||||||
node.Status = models.OfflineSt
|
|
||||||
return
|
|
||||||
}
|
|
||||||
if node.IsStatic {
|
if node.IsStatic {
|
||||||
if !node.StaticNode.Enabled {
|
if !node.StaticNode.Enabled {
|
||||||
node.Status = models.OfflineSt
|
node.Status = models.OfflineSt
|
||||||
|
|
@ -53,6 +49,10 @@ func GetNodeStatus(node *models.Node, defaultEnabledPolicy bool) {
|
||||||
node.Status = models.UnKnown
|
node.Status = models.UnKnown
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
if time.Since(node.LastCheckIn) > models.LastCheckInThreshold {
|
||||||
|
node.Status = models.OfflineSt
|
||||||
|
return
|
||||||
|
}
|
||||||
host, err := logic.GetHost(node.HostID.String())
|
host, err := logic.GetHost(node.HostID.String())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
node.Status = models.UnKnown
|
node.Status = models.UnKnown
|
||||||
|
|
@ -71,11 +71,15 @@ func GetNodeStatus(node *models.Node, defaultEnabledPolicy bool) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if metrics == nil || metrics.Connectivity == nil {
|
if metrics == nil || metrics.Connectivity == nil || len(metrics.Connectivity) == 0 {
|
||||||
if time.Since(node.LastCheckIn) < models.LastCheckInThreshold {
|
if time.Since(node.LastCheckIn) < models.LastCheckInThreshold {
|
||||||
node.Status = models.OnlineSt
|
node.Status = models.OnlineSt
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
if node.LastCheckIn.IsZero() {
|
||||||
|
node.Status = models.OfflineSt
|
||||||
|
return
|
||||||
|
}
|
||||||
}
|
}
|
||||||
// if node.IsFailOver {
|
// if node.IsFailOver {
|
||||||
// if time.Since(node.LastCheckIn) < models.LastCheckInThreshold {
|
// if time.Since(node.LastCheckIn) < models.LastCheckInThreshold {
|
||||||
|
|
@ -133,9 +137,12 @@ func checkPeerStatus(node *models.Node, defaultAclPolicy bool) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
allowed, _ := logic.IsNodeAllowedToCommunicate(*node, peer, false)
|
|
||||||
if !defaultAclPolicy && !allowed {
|
if !defaultAclPolicy {
|
||||||
continue
|
allowed, _ := logic.IsNodeAllowedToCommunicate(*node, peer, false)
|
||||||
|
if !allowed {
|
||||||
|
continue
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if time.Since(peer.LastCheckIn) > models.LastCheckInThreshold {
|
if time.Since(peer.LastCheckIn) > models.LastCheckInThreshold {
|
||||||
|
|
@ -154,7 +161,7 @@ func checkPeerStatus(node *models.Node, defaultAclPolicy bool) {
|
||||||
node.Status = models.OnlineSt
|
node.Status = models.OnlineSt
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if peerNotConnectedCnt == len(metrics.Connectivity) {
|
if len(metrics.Connectivity) > 0 && peerNotConnectedCnt == len(metrics.Connectivity) {
|
||||||
node.Status = models.ErrorSt
|
node.Status = models.ErrorSt
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -168,9 +175,12 @@ func checkPeerConnectivity(node *models.Node, metrics *models.Metrics, defaultAc
|
||||||
if err != nil {
|
if err != nil {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
allowed, _ := logic.IsNodeAllowedToCommunicate(*node, peer, false)
|
|
||||||
if !defaultAclPolicy && !allowed {
|
if !defaultAclPolicy {
|
||||||
continue
|
allowed, _ := logic.IsNodeAllowedToCommunicate(*node, peer, false)
|
||||||
|
if !allowed {
|
||||||
|
continue
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if time.Since(peer.LastCheckIn) > models.LastCheckInThreshold {
|
if time.Since(peer.LastCheckIn) > models.LastCheckInThreshold {
|
||||||
|
|
@ -181,19 +191,22 @@ func checkPeerConnectivity(node *models.Node, metrics *models.Metrics, defaultAc
|
||||||
}
|
}
|
||||||
// check if peer is in error state
|
// check if peer is in error state
|
||||||
checkPeerStatus(&peer, defaultAclPolicy)
|
checkPeerStatus(&peer, defaultAclPolicy)
|
||||||
if peer.Status == models.ErrorSt {
|
if peer.Status == models.ErrorSt || peer.Status == models.WarningSt {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
peerNotConnectedCnt++
|
peerNotConnectedCnt++
|
||||||
|
|
||||||
}
|
}
|
||||||
if peerNotConnectedCnt == 0 {
|
if peerNotConnectedCnt > len(metrics.Connectivity)/2 {
|
||||||
node.Status = models.OnlineSt
|
node.Status = models.WarningSt
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if peerNotConnectedCnt == len(metrics.Connectivity) {
|
|
||||||
|
if len(metrics.Connectivity) > 0 && peerNotConnectedCnt == len(metrics.Connectivity) {
|
||||||
node.Status = models.ErrorSt
|
node.Status = models.ErrorSt
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
node.Status = models.WarningSt
|
|
||||||
|
node.Status = models.OnlineSt
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -167,19 +167,11 @@ configure_netclient() {
|
||||||
nmctl host update $HOST_ID --default
|
nmctl host update $HOST_ID --default
|
||||||
sleep 5
|
sleep 5
|
||||||
nmctl node create_remote_access_gateway netmaker $NODE_ID
|
nmctl node create_remote_access_gateway netmaker $NODE_ID
|
||||||
|
|
||||||
sleep 2
|
sleep 2
|
||||||
# create network for internet access vpn
|
# set failover
|
||||||
if [ "$INSTALL_TYPE" = "pro" ]; then
|
if [ "$INSTALL_TYPE" = "pro" ]; then
|
||||||
#setup failOver
|
#setup failOver
|
||||||
curl --location --request POST "https://api.${NETMAKER_BASE_DOMAIN}/api/v1/node/${NODE_ID}/failover" --header "Authorization: Bearer ${MASTER_KEY}"
|
curl --location --request POST "https://api.${NETMAKER_BASE_DOMAIN}/api/v1/node/${NODE_ID}/failover" --header "Authorization: Bearer ${MASTER_KEY}"
|
||||||
INET_NODE_ID=$(sudo cat /etc/netclient/nodes.json | jq -r '."internet-access-vpn".id')
|
|
||||||
nmctl node create_remote_access_gateway internet-access-vpn $INET_NODE_ID
|
|
||||||
out=$(nmctl node list -o json | jq -r '.[] | select(.id=='\"$INET_NODE_ID\"') | .ingressdns = "8.8.8.8"')
|
|
||||||
curl --location --request PUT "https://api.${NETMAKER_BASE_DOMAIN}/api/nodes/internet-access-vpn/${INET_NODE_ID}" --data "$out" --header "Authorization: Bearer ${MASTER_KEY}"
|
|
||||||
out=$(nmctl node list -o json | jq -r '.[] | select(.id=='\"$INET_NODE_ID\"') | .metadata = "This host can be used for secure internet access"')
|
|
||||||
curl --location --request PUT "https://api.${NETMAKER_BASE_DOMAIN}/api/nodes/internet-access-vpn/${INET_NODE_ID}" --data "$out" --header "Authorization: Bearer ${MASTER_KEY}"
|
|
||||||
curl --location --request POST "https://api.${NETMAKER_BASE_DOMAIN}/api/nodes/internet-access-vpn/${INET_NODE_ID}/inet_gw" --data '{}' --header "Authorization: Bearer ${MASTER_KEY}"
|
|
||||||
fi
|
fi
|
||||||
set -e
|
set -e
|
||||||
}
|
}
|
||||||
|
|
@ -625,8 +617,7 @@ install_netmaker() {
|
||||||
|
|
||||||
echo "Pulling config files..."
|
echo "Pulling config files..."
|
||||||
|
|
||||||
|
local BASE_URL="https://raw.githubusercontent.com/gravitl/netmaker/master"
|
||||||
local BASE_URL="https://raw.githubusercontent.com/gravitl/netmaker/$BUILD_TAG"
|
|
||||||
local COMPOSE_URL="$BASE_URL/compose/docker-compose.yml"
|
local COMPOSE_URL="$BASE_URL/compose/docker-compose.yml"
|
||||||
local CADDY_URL="$BASE_URL/docker/Caddyfile"
|
local CADDY_URL="$BASE_URL/docker/Caddyfile"
|
||||||
if [ "$INSTALL_TYPE" = "pro" ]; then
|
if [ "$INSTALL_TYPE" = "pro" ]; then
|
||||||
|
|
@ -705,7 +696,6 @@ setup_mesh() {
|
||||||
networks=$(nmctl network list -o json)
|
networks=$(nmctl network list -o json)
|
||||||
if [[ ${networks} != "null" ]]; then
|
if [[ ${networks} != "null" ]]; then
|
||||||
netmakerNet=$(nmctl network list -o json | jq -r '.[] | .netid' | grep -w "netmaker")
|
netmakerNet=$(nmctl network list -o json | jq -r '.[] | .netid' | grep -w "netmaker")
|
||||||
inetNet=$(nmctl network list -o json | jq -r '.[] | .netid' | grep -w "internet-access-vpn")
|
|
||||||
fi
|
fi
|
||||||
# create netmaker network
|
# create netmaker network
|
||||||
if [[ ${netmakerNet} = "" ]]; then
|
if [[ ${netmakerNet} = "" ]]; then
|
||||||
|
|
@ -718,43 +708,10 @@ setup_mesh() {
|
||||||
if [[ ${netmakerTag} = "" ]]; then
|
if [[ ${netmakerTag} = "" ]]; then
|
||||||
nmctl enrollment_key create --tags netmaker --unlimited --networks netmaker
|
nmctl enrollment_key create --tags netmaker --unlimited --networks netmaker
|
||||||
fi
|
fi
|
||||||
|
echo "Obtaining enrollment key..."
|
||||||
# create internet-access-vpn
|
# key exists already, fetch token
|
||||||
if [ "$INSTALL_TYPE" = "pro" ]; then
|
TOKEN=$(nmctl enrollment_key list | jq -r '.[] | select(.tags[0]=="netmaker") | .token')
|
||||||
if [[ ${inetNet} = "" ]]; then
|
|
||||||
echo "Creating internet-access-vpn network (100.65.0.0/16)"
|
|
||||||
# TODO causes "Error Status: 400 Response: {"Code":400,"Message":"could not find any records"}"
|
|
||||||
nmctl network create --name internet-access-vpn --ipv4_addr 100.65.0.0/16
|
|
||||||
fi
|
|
||||||
|
|
||||||
# create enrollment key for internet-access-vpn network
|
|
||||||
local inetTag=$(nmctl enrollment_key list | jq -r '.[] | .tags[0]' | grep -w "internet-access-vpn")
|
|
||||||
if [[ ${inetTag} = "" ]]; then
|
|
||||||
nmctl enrollment_key create --tags internet-access-vpn --unlimited --networks internet-access-vpn
|
|
||||||
fi
|
|
||||||
|
|
||||||
# create enrollment key for both networks
|
|
||||||
local netInetTag=$(nmctl enrollment_key list | jq -r '.[] | .tags[0]' | grep -w "netmaker-inet")
|
|
||||||
if [[ ${netInetTag} = "" ]]; then
|
|
||||||
nmctl enrollment_key create --tags netmaker-inet --unlimited --networks netmaker,internet-access-vpn
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ "$INSTALL_TYPE" = "pro" ]; then
|
|
||||||
# create enrollment key for both setup networks
|
|
||||||
echo "Obtaining enrollment key..."
|
|
||||||
# key exists already, fetch token
|
|
||||||
TOKEN=$(nmctl enrollment_key list | jq -r '.[] | select(.tags[0]=="netmaker-inet") | .token')
|
|
||||||
|
|
||||||
else
|
|
||||||
|
|
||||||
echo "Obtaining enrollment key..."
|
|
||||||
# key exists already, fetch token
|
|
||||||
TOKEN=$(nmctl enrollment_key list | jq -r '.[] | select(.tags[0]=="netmaker") | .token')
|
|
||||||
fi
|
|
||||||
|
|
||||||
wait_seconds 3
|
wait_seconds 3
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# print_success - prints a success message upon completion
|
# print_success - prints a success message upon completion
|
||||||
|
|
|
||||||
|
|
@ -654,6 +654,21 @@ func GetMqUserName() string {
|
||||||
return password
|
return password
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// GetMetricInterval - get the publish metric interval
|
||||||
|
func GetMetricIntervalInMinutes() time.Duration {
|
||||||
|
//default 15 minutes
|
||||||
|
mi := "15"
|
||||||
|
if os.Getenv("PUBLISH_METRIC_INTERVAL") != "" {
|
||||||
|
mi = os.Getenv("PUBLISH_METRIC_INTERVAL")
|
||||||
|
}
|
||||||
|
interval, err := strconv.Atoi(mi)
|
||||||
|
if err != nil {
|
||||||
|
interval = 15
|
||||||
|
}
|
||||||
|
|
||||||
|
return time.Duration(interval) * time.Minute
|
||||||
|
}
|
||||||
|
|
||||||
// GetMetricInterval - get the publish metric interval
|
// GetMetricInterval - get the publish metric interval
|
||||||
func GetMetricInterval() string {
|
func GetMetricInterval() string {
|
||||||
//default 15 minutes
|
//default 15 minutes
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue