gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-09-06 05:04:27 +08:00
Code Issues Projects Releases Packages Wiki Activity

client mode enablement

Browse source
This commit is contained in:
afeiszli 2021-08-19 13:41:04 -04:00
parent f42f81243f
commit 8056f024e2
9 changed files with 513 additions and 82 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
config/config.go
View file

@ -53,6 +53,7 @@ type ServerConfig struct {
GRPCSSL string `yaml:"grpcssl"`
Version string `yaml:"version"`
SQLConn string `yaml:"sqlconn"`
Platform string `yaml:"platform"`
DefaultNodeLimit int32 `yaml:"defaultnodelimit"`
Verbosity int32 `yaml:"verbosity"`
}

29
controllers/networkHttpController.go
View file

@ -150,21 +150,6 @@ func getNetworks(w http.ResponseWriter, r *http.Request) {
json.NewEncoder(w).Encode(allnetworks)
}
func RemoveComms(networks []models.Network) []models.Network {
var index int = 100000001
for ind, net := range networks {
if net.NetID == "comms" {
index = ind
}
}
if index == 100000001 {
return networks
}
returnable := make([]models.Network, 0)
returnable = append(returnable, networks[:index]...)
return append(returnable, networks[index+1:]...)
}
func ValidateNetworkUpdate(network models.Network) error {
v := validator.New()
@ -379,13 +364,15 @@ func createNetwork(w http.ResponseWriter, r *http.Request) {
returnErrorResponse(w, r, formatError(err, "badrequest"))
return
}
success, err := serverctl.AddNetwork(network.NetID)
if err != nil || !success {
if err == nil {
err = errors.New("Failed to add server to network " + network.DisplayName)
if servercfg.IsClientMode() {
success, err := serverctl.AddNetwork(network.NetID)
if err != nil || !success {
if err == nil {
err = errors.New("Failed to add server to network " + network.DisplayName)
}
returnErrorResponse(w, r, formatError(err, "internal"))
return
}
returnErrorResponse(w, r, formatError(err, "internal"))
return
}
functions.PrintUserLog(r.Header.Get("user"), "created network "+network.NetID, 1)
w.WriteHeader(http.StatusOK)

1
database/database.go
View file

@ -3,7 +3,6 @@ package database
import (
"encoding/json"
"errors"
"log"
"github.com/gravitl/netmaker/servercfg"
"github.com/rqlite/gorqlite"
)

26
functions/helpers.go
View file

@ -92,11 +92,25 @@ func CreateServerToken(netID string) (string, error) {
}
var accessToken models.AccessToken
servervals := models.ServerConfig{
APIConnString: "127.0.0.1:" + servercfg.GetAPIPort(),
GRPCConnString: "127.0.0.1:" + servercfg.GetGRPCPort(),
GRPCSSL: "off",
servervals := models.ServerConfig{}
if servercfg.GetPlatform() == "Kubernetes" {
log.Println("server on kubernetes")
servervals = models.ServerConfig{
APIConnString: servercfg.GetPodIP() + ":" + servercfg.GetAPIPort(),
GRPCConnString: servercfg.GetPodIP() + ":" + servercfg.GetGRPCPort(),
GRPCSSL: "off",
}
} else {
log.Println("server on linux")
servervals = models.ServerConfig{
APIConnString: "127.0.0.1:" + servercfg.GetAPIPort(),
GRPCConnString: "127.0.0.1:" + servercfg.GetGRPCPort(),
GRPCSSL: "off",
}
}
log.Println("APIConnString:",servervals.APIConnString)
log.Println("GRPCConnString:",servervals.GRPCConnString)
log.Println("GRPCSSL:",servervals.GRPCSSL)
accessToken.ServerConfig = servervals
accessToken.ClientConfig.Network = netID
accessToken.ClientConfig.Key = GenKey()
@ -104,14 +118,12 @@ func CreateServerToken(netID string) (string, error) {
accesskey.Name = GenKeyName()
accesskey.Value = accessToken.ClientConfig.Key
accesskey.Uses = 1
tokenjson, err := json.Marshal(accessToken)
if err != nil {
return accesskey.AccessString, err
}
accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(tokenjson))
log.Println("accessstring:",accesskey.AccessString)
network.AccessKeys = append(network.AccessKeys, accesskey)
if data, err := json.Marshal(network); err != nil {
return "", err

361
kube/netmaker-template-udp.yaml Normal file
View file

@ -0,0 +1,361 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: rqlite-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: netmaker-backend
labels:
app: netmaker-backend
spec:
nodeSelector:
netmaker-server: true
selector:
matchLabels:
app: netmaker-backend
replicas: 1
strategy:
type: Recreate
template:
metadata:
labels:
app: netmaker-backend
spec:
containers:
- name: netmaker-backend
image: gravitl/netmaker:0.7.2
imagePullPolicy: Always
ports:
- containerPort: 8081
volumeMounts:
- name: nm-pvc
mountPath: /root/config/dnsconfig
- mountPath: /etc/netclient
name: etc-netclient
- mountPath: /usr/bin/wg
name: wg
- mountPath: /var/run/dbus/system_bus_socket
name: systemd-bus-socket
- mountPath: /sys/fs/cgroup
name: cgroup
- mountPath: /run/systemd/system
name: run-systemd
- mountPath: /etc/systemd/system
name: etc-systemd
securityContext:
privileged: true
env:
- name: SERVER_API_CONN_STRING
value: "api.netmaker.goallclouds.com:80"
- name: SERVER_GRPC_CONN_STRING
value: "grpc.netmaker.goallclouds.com:80"
- name: COREDNS_ADDR
value: "10.152.183.53"
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: GRPC_SSL
value: "on"
- name: SERVER_HTTP_HOST
value: "api.netmaker.goallclouds.com:443"
- name: SERVER_GRPC_HOST
value: "grpc.netmaker.goallclouds.com:443"
- name: API_PORT
value: "8081"
- name: GRPC_PORT
value: "443"
- name: CLIENT_MODE
value: "off"
- name: MASTER_KEY
value: "Unkn0wn!"
- name: PLATFORM
value: "Kubernetes"
- name: CORS_ALLOWED_ORIGIN
value: "*"
- name: rqlite
image: rqlite/rqlite
ports:
- containerPort: 4001
- containerPort: 4002
volumeMounts:
- name: rqlitevol
mountPath: /rqlite/file/data
volumes:
- name: rqlitevol
persistentVolumeClaim:
claimName: rqlite-pvc
- name: nm-pvc
persistentVolumeClaim:
claimName: nm-pvc
- hostPath:
path: /etc/netclient
type: DirectoryOrCreate
name: etc-netclient
- hostPath:
path: /usr/bin/wg
type: File
name: wg
- hostPath:
path: /usr/bin/resolvectl
type: File
name: resolvectl
- hostPath:
path: /var/run/dbus/system_bus_socket
type: ""
name: systemd-bus-socket
- hostPath:
path: /etc/systemd/system
type: ""
name: etc-systemd
- hostPath:
path: /run/systemd/system
type: ""
name: run-systemd
- hostPath:
path: /sys/fs/cgroup
type: ""
name: cgroup
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: nm-pvc
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 128Mi
---
apiVersion: v1
kind: Service
metadata:
labels:
app: netmaker-backend
name: netmaker-api
spec:
ports:
- port: 8081
protocol: TCP
targetPort: 8081
selector:
app: netmaker-backend
sessionAffinity: None
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
labels:
app: netmaker-backend
name: netmaker-grpc
spec:
ports:
- port: 443
protocol: TCP
targetPort: 443
selector:
app: netmaker-backend
sessionAffinity: None
type: ClusterIP
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: netmaker-dns
labels:
app: netmaker-dns
spec:
selector:
matchLabels:
app: netmaker-dns
replicas: 1
template:
metadata:
labels:
app: netmaker-dns
spec:
containers:
- args:
- -conf
- /root/dnsconfig/Corefile
image: coredns/coredns
imagePullPolicy: Always
name: netmaker-dns
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
volumeMounts:
- mountPath: /root/dnsconfig
name: nm-pvc
readOnly: true
securityContext:
allowPrivilegeEscalation: false
capabilities:
add:
- NET_BIND_SERVICE
drop:
- all
dnsPolicy: "None"
dnsConfig:
nameservers:
- 127.0.0.1
volumes:
- name: nm-pvc
persistentVolumeClaim:
claimName: nm-pvc
---
apiVersion: v1
kind: Service
metadata:
labels:
app: netmaker-dns
name: netmaker-dns
spec:
ports:
- port: 53
protocol: UDP
targetPort: 53
name: udp
- port: 53
protocol: TCP
targetPort: 53
name: tcp
selector:
app: netmaker-dns
sessionAffinity: None
type: ClusterIP
clusterIP: 10.152.183.53
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: netmaker-ui
labels:
app: netmaker-ui
spec:
selector:
matchLabels:
app: netmaker-ui
replicas: 1
template:
metadata:
labels:
app: netmaker-ui
spec:
containers:
- name: netmaker-ui
image: gravitl/netmaker-ui:v0.7
ports:
- containerPort: 80
env:
- name: BACKEND_URL
value: "https://api.NETMAKER_BASE_DOMAIN"
---
apiVersion: v1
kind: Service
metadata:
labels:
app: netmaker-ui
name: netmaker-ui
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
app: netmaker-ui
sessionAffinity: None
type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nm-api-ingress-nginx
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/ssl-redirect: 'true'
spec:
ingressClassName: nginx
tls:
- hosts:
- api.NETMAKER_BASE_DOMAIN
secretName: nm-api-tls
rules:
- host: api.NETMAKER_BASE_DOMAIN
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: netmaker-api
port:
number: 8081
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nm-grpc-ingress-nginx
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/ssl-redirect: 'true'
nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
spec:
ingressClassName: nginx
tls:
- hosts:
- grpc.NETMAKER_BASE_DOMAIN
secretName: nm-grpc-tls
rules:
- host: grpc.NETMAKER_BASE_DOMAIN
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: netmaker-grpc
port:
number: 443
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nm-ui-ingress-nginx
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/ssl-redirect: 'true'
spec:
ingressClassName: nginx
tls:
- hosts:
- dashboard.NETMAKER_BASE_DOMAIN
secretName: nm-ui-tls
rules:
- host: dashboard.NETMAKER_BASE_DOMAIN
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: netmaker-ui
port:
number: 80

120
kube/netmaker-template.yaml
View file

@ -1,45 +1,3 @@
apiVersion: v1
kind: Service
metadata:
name: rqlite
labels:
name: rqlite
spec:
ports:
- port: 4001
targetPort: 4001
clusterIP: None
selector:
role: rqlite
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: rqlite
spec:
serviceName: "rqlite"
replicas: 1
selector:
matchLabels:
role: rqlite
template:
metadata:
labels:
app: rqlite
role: rqlite
spec:
containers:
- name: rqlite
image: rqlite/rqlite
ports:
- containerPort: 4001
volumeMounts:
- name: rqlitevol
mountPath: /rqlite/file/data
volumes:
- name: rqlitevol
persistentVolumeClaim:
claimName: rqlite-pvc
---
apiVersion: v1
kind: PersistentVolumeClaim
@ -59,10 +17,14 @@ metadata:
labels:
app: netmaker-backend
spec:
nodeSelector:
netmaker-server: true
selector:
matchLabels:
app: netmaker-backend
replicas: 1
strategy:
type: Recreate
template:
metadata:
labels:
@ -70,27 +32,44 @@ spec:
spec:
containers:
- name: netmaker-backend
image: gravitl/netmaker:v0.7
image: gravitl/netmaker:0.7.2
imagePullPolicy: Always
ports:
- containerPort: 8081
volumeMounts:
- name: nm-pvc
mountPath: /root/config/dnsconfig
- mountPath: /etc/netclient
name: etc-netclient
- mountPath: /usr/bin/wg
name: wg
- mountPath: /var/run/dbus/system_bus_socket
name: systemd-bus-socket
- mountPath: /sys/fs/cgroup
name: cgroup
- mountPath: /run/systemd/system
name: run-systemd
- mountPath: /etc/systemd/system
name: etc-systemd
securityContext:
privileged: true
env:
- name: SERVER_API_CONN_STRING
value: "api.NETMAKER_BASE_DOMAIN:443"
value: "api.netmaker.goallclouds.com:80"
- name: SERVER_GRPC_CONN_STRING
value: "grpc.NETMAKER_BASE_DOMAIN:443"
value: "grpc.netmaker.goallclouds.com:80"
- name: COREDNS_ADDR
value: "10.152.183.53"
- name: SQL_CONN
value: "http://rqlite-0:4001"
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: GRPC_SSL
value: "on"
- name: SERVER_HTTP_HOST
value: "api.NETMAKER_BASE_DOMAIN"
value: "api.netmaker.goallclouds.com:443"
- name: SERVER_GRPC_HOST
value: "grpc.NETMAKER_BASE_DOMAIN"
value: "grpc.netmaker.goallclouds.com:443"
- name: API_PORT
value: "8081"
- name: GRPC_PORT
@ -99,14 +78,53 @@ spec:
value: "off"
- name: MASTER_KEY
value: "Unkn0wn!"
- name: MASTER_KEY
value: "secretkey"
- name: PLATFORM
value: "Kubernetes"
- name: CORS_ALLOWED_ORIGIN
value: "*"
- name: rqlite
image: rqlite/rqlite
ports:
- containerPort: 4001
- containerPort: 4002
volumeMounts:
- name: rqlitevol
mountPath: /rqlite/file/data
volumes:
- name: rqlitevol
persistentVolumeClaim:
claimName: rqlite-pvc
- name: nm-pvc
persistentVolumeClaim:
claimName: nm-pvc
- hostPath:
path: /etc/netclient
type: DirectoryOrCreate
name: etc-netclient
- hostPath:
path: /usr/bin/wg
type: File
name: wg
- hostPath:
path: /usr/bin/resolvectl
type: File
name: resolvectl
- hostPath:
path: /var/run/dbus/system_bus_socket
type: ""
name: systemd-bus-socket
- hostPath:
path: /etc/systemd/system
type: ""
name: etc-systemd
- hostPath:
path: /run/systemd/system
type: ""
name: run-systemd
- hostPath:
path: /sys/fs/cgroup
type: ""
name: cgroup
---
apiVersion: v1
kind: PersistentVolumeClaim

30
kube/ubuntu.yaml Normal file
View file

@ -0,0 +1,30 @@
apiVersion: v1
kind: Pod
metadata:
name: ubuntu
labels:
app: ubuntu
spec:
# Uncomment and specify a specific node you want to debug
# nodeName: <insert-node-name-here>
containers:
- image: ubuntu
command:
- "sleep"
- "3600"
imagePullPolicy: IfNotPresent
name: ubuntu
securityContext:
privileged: true
volumeMounts:
- name: rootfolder
mountPath: /
restartPolicy: Never
hostIPC: true
hostNetwork: true
hostPID: true
volumes:
- hostPath:
path: /
type: ""
name: rootfolder

8
models/network.go
View file

@ -7,7 +7,7 @@ import (
"reflect"
"strings"
"time"
"github.com/gravitl/netmaker/servercfg"
"github.com/go-playground/validator/v10"
"github.com/gravitl/netmaker/database"
)
@ -215,7 +215,11 @@ func (network *Network) SetNetworkLastModified() {
func (network *Network) SetDefaults() {
if network.DefaultUDPHolePunch == "" {
network.DefaultUDPHolePunch = "yes"
if servercfg.IsClientMode() {
network.DefaultUDPHolePunch = "yes"
} else {
network.DefaultUDPHolePunch = "no"
}
}
if network.IsLocal == "" {
network.IsLocal = "no"

19
servercfg/serverconf.go
View file

@ -59,6 +59,7 @@ func GetServerConfig() config.ServerConfig {
if DisableDefaultNet() {
cfg.DisableRemoteIPCheck = "on"
}
cfg.Platform = GetPlatform()
cfg.Version = GetVersion()
return cfg
}
@ -94,6 +95,14 @@ func GetAPIHost() string {
}
return serverhost
}
func GetPodIP() string {
podip := "127.0.0.1"
if os.Getenv("POD_IP") != "" {
podip = os.Getenv("POD_IP")
}
return podip
}
func GetAPIPort() string {
apiport := "8081"
if os.Getenv("API_PORT") != "" {
@ -309,6 +318,16 @@ func GetVerbose() int32 {
return int32(level)
}
func GetPlatform() string {
platform := "linux"
if os.Getenv("PLATFORM") != "" {
platform = os.Getenv("PLATFORM")
} else if config.Config.Server.Platform != "" {
platform = config.Config.Server.SQLConn
}
return platform
}
func GetSQLConn() string {
sqlconn := "http://"
if os.Getenv("SQL_CONN") != "" {