gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-09-05 20:54:18 +08:00
Code Issues Projects Releases Packages Wiki Activity

fixing netclient

Browse source
This commit is contained in:
afeiszli 2021-07-15 15:14:48 -04:00
parent 4cf5aad2e7
commit 68607ae8ca
15 changed files with 150 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Dockerfile
View file

@ -34,4 +34,3 @@ EXPOSE 8081
EXPOSE 50051
CMD ["./app"]

26
Dockerfile-netclient Normal file
View file

@ -0,0 +1,26 @@
#first stage - builder
FROM golang:latest as builder
COPY . /app
WORKDIR /app/netclient
ENV GO111MODULE=auto
RUN CGO_ENABLED=0 GOOS=linux go build -o netclient main.go
#second stage
FROM debian:latest
RUN apt-get update && apt-get -y install systemd procps
WORKDIR /root/
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /app/netclient/netclient .
CMD ["./netclient"]

1
config/config.go
View file

@ -36,6 +36,7 @@ type EnvironmentConfig struct {
// ServerConfig :
type ServerConfig struct {
CoreDNSAddr string `yaml:"corednsaddr"`
APIConnString string `yaml:"apiconn"`
APIHost string `yaml:"apihost"`
APIPort string `yaml:"apiport"`

1
controllers/networkHttpController.go
View file

@ -689,6 +689,7 @@ func CreateAccessKey(accesskey models.AccessKey, network models.Network) (models
s := servercfg.GetServerConfig()
w := servercfg.GetWGConfig()
servervals := models.ServerConfig{
CoreDNSAddr: s.CoreDNSAddr,
APIConnString: s.APIConnString,
APIHost: s.APIHost,
APIPort: s.APIPort,

58
kube/netclient-daemonset.yaml Normal file
View file

@ -0,0 +1,58 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: netclient
labels:
app: netclient
spec:
selector:
matchLabels:
app: netclient
replicas: 1
template:
metadata:
labels:
app: netclient
spec:
hostNetwork: true
containers:
- name: netclient
image: gravitl/netclient:v0.5.5
command: ['bash', '-c', "netclient checkin -n $NETWORK; sleep $SLEEP"]
env:
- name: ACCESS_TOKEN
value: "XXXX"
- name: NETWORK
value: "default"
- name: SLEEP
value: 30
volumeMounts:
- mountPath: /etc/netclient
name: etc-netclient
- mountPath: /usr/bin/wg
name: wg
securityContext:
privileged: true
initContainers:
- name: netclient-join
image: gravitl/netclient:v0.5.5
command: ['bash', '-c', "netclient join -t $ACCESS_TOKEN --daemon off"]
env:
- name: ACCESS_TOKEN
value: "XXXX"
volumeMounts:
- mountPath: /etc/netclient
name: etc-netclient
- mountPath: /usr/bin/wg
name: wg
securityContext:
privileged: true
volumes:
- hostPath:
path: /etc/netclient
type: DirectoryOrCreate
name: etc-netclient
- hostPath:
path: /usr/bin/wg
type: File
name: wg

7
main.go
View file

@ -87,7 +87,12 @@ func main() {
waitnetwork.Add(1)
go runGRPC(&waitnetwork, installserver)
}
if servercfg.IsDNSMode() {
err := controller.SetDNS()
if err != nil {
log.Fatal(err)
}
}
//Run Rest Server
if servercfg.IsRestBackend() {
if !servercfg.DisableRemoteIPCheck() && servercfg.GetAPIHost() == "127.0.0.1" {

1
models/accessToken.go
View file

@ -13,6 +13,7 @@ type ClientConfig struct {
}
type ServerConfig struct {
CoreDNSAddr string `json:"corednsaddr"`
APIConnString string `json:"apiconn"`
APIHost string `json:"apihost"`
APIPort string `json:"apiport"`

9
netclient/Dockerfile Normal file
View file

@ -0,0 +1,9 @@
FROM debian:latest
RUN apt-get update && apt-get -y install systemd procps
WORKDIR /root/
COPY netclient .
CMD ["./netclient checkin"]

2
netclient/command/commands.go
View file

@ -58,7 +58,7 @@ func CheckIn(cfg config.ClientConfig) error {
log.Println("Required, '-n'. No network provided. Exiting.")
os.Exit(1)
}
err := functions.CheckIn(cfg.Network)
err := functions.CheckIn(cfg)
if err != nil {
log.Println("Error checking in: ", err)
os.Exit(1)

10
netclient/config/config.go
View file

@ -26,6 +26,7 @@ type ClientConfig struct {
OperatingSystem string `yaml:"operatingsystem"`
}
type ServerConfig struct {
CoreDNSAddr string `yaml:"corednsaddr"`
GRPCAddress string `yaml:"grpcaddress"`
APIAddress string `yaml:"apiaddress"`
AccessKey string `yaml:"accesskey"`
@ -55,7 +56,6 @@ type NodeConfig struct {
IsLocal string `yaml:"islocal"`
IsDualStack string `yaml:"isdualstack"`
IsIngressGateway string `yaml:"isingressgateway"`
AllowedIPs []string `yaml:"allowedips"`
LocalRange string `yaml:"localrange"`
PostUp string `yaml:"postup"`
PostDown string `yaml:"postdown"`
@ -85,9 +85,6 @@ func Write(config *ClientConfig, network string) error{
}
home := "/etc/netclient"
if err != nil {
log.Fatal(err)
}
file := fmt.Sprintf(home + "/netconfig-" + network)
f, err := os.OpenFile(file, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, os.ModePerm)
defer f.Close()
@ -408,6 +405,7 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){
cfg.Node.LocalRange = accesstoken.ClientConfig.LocalRange
cfg.Server.GRPCSSL = accesstoken.ServerConfig.GRPCSSL
cfg.Server.GRPCWireGuard = accesstoken.WG.GRPCWireGuard
cfg.Server.CoreDNSAddr = accesstoken.ServerConfig.CoreDNSAddr
if c.String("grpcserver") != "" {
cfg.Server.GRPCAddress = c.String("grpcserver")
}
@ -427,6 +425,9 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){
if c.String("grpcssl") != "" {
cfg.Server.GRPCSSL = c.String("grpcssl")
}
if c.String("corednsaddr") != "" {
cfg.Server.CoreDNSAddr = c.String("corednsaddr")
}
if c.String("grpcwg") != "" {
cfg.Server.GRPCWireGuard = c.String("grpcwg")
}
@ -440,6 +441,7 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){
cfg.Node.LocalRange = c.String("localrange")
cfg.Server.GRPCWireGuard = c.String("grpcwg")
cfg.Server.GRPCSSL = c.String("grpcssl")
cfg.Server.CoreDNSAddr = c.String("corednsaddr")
}
cfg.Node.Name = c.String("name")
cfg.Node.Interface = c.String("interface")

19
netclient/functions/checkin.go
View file

@ -10,6 +10,7 @@ import (
"net"
"os/exec"
"github.com/gravitl/netmaker/netclient/config"
"github.com/gravitl/netmaker/netclient/local"
"github.com/gravitl/netmaker/netclient/wireguard"
"github.com/gravitl/netmaker/netclient/server"
"github.com/gravitl/netmaker/netclient/auth"
@ -19,7 +20,8 @@ import (
//homedir "github.com/mitchellh/go-homedir"
)
func CheckIn(network string) error {
func CheckIn(cliconf config.ClientConfig) error {
network := cliconf.Network
node := server.GetNode(network)
cfg, err := config.ReadConfig(network)
if err != nil {
@ -32,6 +34,14 @@ func CheckIn(network string) error {
setupcheck := true
ipchange := false
if nodecfg.DNS == "on" || cliconf.Node.DNS == "on" {
fmt.Println("setting dns")
ifacename := node.Interface
nameserver := servercfg.CoreDNSAddr
network := node.Nodenetwork
_ = local.UpdateDNS(ifacename, network, nameserver)
}
if !(nodecfg.IPForwarding == "off") {
out, err := exec.Command("sysctl", "net.ipv4.ip_forward").Output()
if err != nil {
@ -125,10 +135,13 @@ func CheckIn(network string) error {
var wcclient nodepb.NodeServiceClient
var requestOpts grpc.DialOption
requestOpts = grpc.WithInsecure()
if cfg.Server.GRPCSSL == "on" {
if servercfg.GRPCSSL == "on" {
log.Println("using SSL")
h2creds := credentials.NewTLS(&tls.Config{NextProtos: []string{"h2"}})
requestOpts = grpc.WithTransportCredentials(h2creds)
}
} else {
log.Println("using insecure GRPC connection")
}
conn, err := grpc.Dial(servercfg.GRPCAddress, requestOpts)
if err != nil {
fmt.Printf("Cant dial GRPC server: %v", err)

5
netclient/functions/join.go
View file

@ -183,6 +183,7 @@ func JoinNetwork(cfg config.ClientConfig) error {
if err != nil {
return err
}
log.Println("node created on remote server...updating configs")
node := res.Node
if err != nil {
return err
@ -211,16 +212,18 @@ func JoinNetwork(cfg config.ClientConfig) error {
return err
}
}
log.Println("retrieving remote peers")
peers, hasGateway, gateways, err := server.GetPeers(node.Macaddress, cfg.Network, cfg.Server.GRPCAddress, node.Isdualstack, node.Isingressgateway)
if err != nil {
log.Println("failed to retrieve peers")
return err
}
err = wireguard.StorePrivKey(cfg.Node.PrivateKey, cfg.Network)
if err != nil {
return err
}
log.Println("starting wireguard")
err = wireguard.InitWireguard(node, cfg.Node.PrivateKey, peers, hasGateway, gateways)
if err != nil {
return err

13
netclient/server/grpc.go
View file

@ -143,7 +143,12 @@ func GetPeers(macaddress string, network string, server string, dualstack bool,
requestOpts := grpc.WithInsecure()
conn, err := grpc.Dial(server, requestOpts)
if cfg.Server.GRPCSSL == "on" {
h2creds := credentials.NewTLS(&tls.Config{NextProtos: []string{"h2"}})
requestOpts = grpc.WithTransportCredentials(h2creds)
}
conn, err := grpc.Dial(server, requestOpts)
if err != nil {
log.Fatalf("Unable to establish client connection to localhost:50051: %v", err)
}
@ -157,15 +162,15 @@ func GetPeers(macaddress string, network string, server string, dualstack bool,
ctx := context.Background()
ctx, err = auth.SetJWT(wcclient, network)
if err != nil {
fmt.Println("Failed to authenticate.")
log.Println("Failed to authenticate.")
return peers, hasGateway, gateways, err
}
var header metadata.MD
stream, err := wcclient.GetPeers(ctx, req, grpc.Header(&header))
if err != nil {
fmt.Println("Error retrieving peers")
fmt.Println(err)
log.Println("Error retrieving peers")
log.Println(err)
return nil, hasGateway, gateways, err
}
for {

3
netclient/wireguard/kernel.go
View file

@ -186,8 +186,7 @@ func InitWireguard(node *nodepb.Node, privkey string, peers []wgtypes.PeerConfig
if node.Address == "" {
log.Fatal("no address to configure")
}
nameserver := servercfg.GRPCAddress
nameserver = strings.Split(nameserver, ":")[0]
nameserver := servercfg.CoreDNSAddr
network := node.Nodenetwork
if nodecfg.Network != "" {
network = nodecfg.Network

11
servercfg/serverconf.go
View file

@ -20,6 +20,7 @@ func SetHost() error {
func GetServerConfig() config.ServerConfig {
var cfg config.ServerConfig
cfg.APIConnString = GetAPIConnString()
cfg.CoreDNSAddr = GetCoreDNSAddr()
cfg.APIHost = GetAPIHost()
cfg.APIPort = GetAPIPort()
cfg.GRPCConnString = GetGRPCConnString()
@ -129,6 +130,16 @@ func GetGRPCConnString() string {
return conn
}
func GetCoreDNSAddr() string {
addr, _ := GetPublicIP()
if os.Getenv("COREDNS_ADDR") != "" {
addr = os.Getenv("COREDNS_ADDR")
} else if config.Config.Server.CoreDNSAddr != "" {
addr = config.Config.Server.GRPCConnString
}
return addr
}
func GetGRPCHost() string {
serverhost := "127.0.0.1"
if IsGRPCWireGuard() {