From d8075e69c6969bbbbfe833e4ab6a302769379765 Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Thu, 8 Dec 2022 19:48:47 +0530 Subject: [PATCH] add alias internal ip to ext clients --- controllers/ext_client.go | 77 +++++++++++++++----------------- go.mod | 25 +++++++++-- go.sum | 4 ++ logic/gateway.go | 5 +++ logic/peers.go | 22 ++++++--- models/extclient.go | 1 + models/node.go | 1 + netclient/functions/mqpublish.go | 2 +- 8 files changed, 86 insertions(+), 51 deletions(-) diff --git a/controllers/ext_client.go b/controllers/ext_client.go index c13e7722..6a234080 100644 --- a/controllers/ext_client.go +++ b/controllers/ext_client.go @@ -43,14 +43,13 @@ func checkIngressExists(nodeID string) bool { // Get all extclients associated with network. // Gets all extclients associated with network, including pending extclients. // -// Schemes: https +// Schemes: https // -// Security: -// oauth -// -// Responses: -// 200: extClientSliceResponse +// Security: +// oauth // +// Responses: +// 200: extClientSliceResponse func getNetworkExtClients(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -75,14 +74,13 @@ func getNetworkExtClients(w http.ResponseWriter, r *http.Request) { // // A separate function to get all extclients, not just extclients for a particular network. // +// Schemes: https // -// Schemes: https +// Security: +// oauth // -// Security: -// oauth -// -// Responses: -// 200: extClientSliceResponse +// Responses: +// 200: extClientSliceResponse // // Not quite sure if this is necessary. Probably necessary based on front end but may // want to review after iteration 1 if it's being used or not @@ -126,14 +124,13 @@ func getAllExtClients(w http.ResponseWriter, r *http.Request) { // // Get an individual extclient. // -// Schemes: https +// Schemes: https // -// Security: -// oauth -// -// Responses: -// 200: extClientResponse +// Security: +// oauth // +// Responses: +// 200: extClientResponse func getExtClient(w http.ResponseWriter, r *http.Request) { // set header. w.Header().Set("Content-Type", "application/json") @@ -158,14 +155,13 @@ func getExtClient(w http.ResponseWriter, r *http.Request) { // // Get an individual extclient. // -// Schemes: https +// Schemes: https // -// Security: -// oauth -// -// Responses: -// 200: extClientResponse +// Security: +// oauth // +// Responses: +// 200: extClientResponse func getExtClientConf(w http.ResponseWriter, r *http.Request) { // set header. w.Header().Set("Content-Type", "application/json") @@ -288,16 +284,18 @@ Endpoint = %s w.WriteHeader(http.StatusOK) json.NewEncoder(w).Encode(client) } +func getFreeIpFromIngressExtCIDR() string { + return "10.235.166.20" +} // swagger:route POST /api/extclients/{network}/{nodeid} ext_client createExtClient // // Create an individual extclient. Must have valid key and be unique. // -// Schemes: https -// -// Security: -// oauth +// Schemes: https // +// Security: +// oauth func createExtClient(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -325,6 +323,7 @@ func createExtClient(w http.ResponseWriter, r *http.Request) { extclient.Network = networkName extclient.IngressGatewayID = nodeid + extclient.InternalIP = getFreeIpFromIngressExtCIDR() node, err := logic.GetNodeByID(nodeid) if err != nil { logger.Log(0, r.Header.Get("user"), @@ -385,14 +384,13 @@ func createExtClient(w http.ResponseWriter, r *http.Request) { // // Update an individual extclient. // -// Schemes: https +// Schemes: https // -// Security: -// oauth -// -// Responses: -// 200: extClientResponse +// Security: +// oauth // +// Responses: +// 200: extClientResponse func updateExtClient(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -480,14 +478,13 @@ func updateExtClient(w http.ResponseWriter, r *http.Request) { // // Delete an individual extclient. // -// Schemes: https +// Schemes: https // -// Security: -// oauth -// -// Responses: -// 200: successResponse +// Security: +// oauth // +// Responses: +// 200: successResponse func deleteExtClient(w http.ResponseWriter, r *http.Request) { // Set header w.Header().Set("Content-Type", "application/json") diff --git a/go.mod b/go.mod index b88e1099..5ce7cbc0 100644 --- a/go.mod +++ b/go.mod @@ -2,8 +2,6 @@ module github.com/gravitl/netmaker go 1.19 -replace github.com/gravitl/netclient => /Users/abhishekk/go/src/github.com/gravitl/netclient - require ( github.com/eclipse/paho.mqtt.golang v1.4.2 github.com/go-playground/validator/v10 v10.11.1 @@ -53,10 +51,31 @@ require ( ) require ( - github.com/gravitl/netclient v0.0.0-20221205113827-847146e217b3 + github.com/gravitl/netclient v0.0.0-20221208100750-2713b3d80abf github.com/matryer/is v1.4.0 ) +require ( + github.com/devilcove/httpclient v0.6.0 // indirect + github.com/google/gopacket v1.1.19 // indirect + github.com/hashicorp/hcl v1.0.0 // indirect + github.com/inconshreveable/mousetrap v1.0.1 // indirect + github.com/magiconair/properties v1.8.6 // indirect + github.com/mitchellh/mapstructure v1.5.0 // indirect + github.com/pelletier/go-toml v1.9.5 // indirect + github.com/pelletier/go-toml/v2 v2.0.5 // indirect + github.com/spf13/cast v1.5.0 // indirect + github.com/spf13/cobra v1.6.0 // indirect + github.com/spf13/jwalterweatherman v1.1.0 // indirect + github.com/spf13/pflag v1.0.5 // indirect + github.com/spf13/viper v1.13.0 // indirect + github.com/subosito/gotenv v1.4.1 // indirect + github.com/vishvananda/netlink v1.1.0 // indirect + github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df // indirect + golang.zx2c4.com/wintun v0.0.0-20211104114900-415007cec224 // indirect + golang.zx2c4.com/wireguard/windows v0.5.3 // indirect +) + require ( cloud.google.com/go/compute v1.7.0 // indirect fyne.io/systray v1.10.1-0.20220621085403-9a2652634e93 // indirect diff --git a/go.sum b/go.sum index cea5be64..a9c870c1 100644 --- a/go.sum +++ b/go.sum @@ -240,6 +240,8 @@ github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8 github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gopacket v1.1.19 h1:ves8RnFZPGiFnTS0uPQStjwru6uO6h+nlr9j6fL7kF8= +github.com/google/gopacket v1.1.19/go.mod h1:iJ8V8n6KS+z2U1A8pUwu8bW5SyEMkXJB8Yo/Vo+TKTo= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= @@ -287,6 +289,8 @@ github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWm github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/goxjs/gl v0.0.0-20210104184919-e3fafc6f8f2a/go.mod h1:dy/f2gjY09hwVfIyATps4G2ai7/hLwLkc5TrPqONuXY= github.com/goxjs/glfw v0.0.0-20191126052801-d2efb5f20838/go.mod h1:oS8P8gVOT4ywTcjV6wZlOU4GuVFQ8F5328KY3MJ79CY= +github.com/gravitl/netclient v0.0.0-20221208100750-2713b3d80abf h1:pvoZ6VN210+EyaPBFOdP9dNLadKr+kCt4pwRaEfE6YM= +github.com/gravitl/netclient v0.0.0-20221208100750-2713b3d80abf/go.mod h1:K/gbw9ArTN0rcSqig/npWoa2gsFagHYoK1lFHG/pChA= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= github.com/guumaster/hostctl v1.1.3 h1:b/yR3svkYsbr5VBdvfdyLXUl2xaKopSzgE/Xi7+1WRo= github.com/guumaster/hostctl v1.1.3/go.mod h1:h5rDx5Z8Hj2bYZfDt/eX4BNS2RSq7iRcGVQqfROJyH8= diff --git a/logic/gateway.go b/logic/gateway.go index e8427a3b..d15c6af6 100644 --- a/logic/gateway.go +++ b/logic/gateway.go @@ -176,6 +176,10 @@ func DeleteEgressGateway(network, nodeid string) (models.Node, error) { return node, nil } +func getCidrforExtClients() string { + return "10.10.10.0/24" +} + // CreateIngressGateway - creates an ingress gateway func CreateIngressGateway(netid string, nodeid string, failover bool) (models.Node, error) { @@ -197,6 +201,7 @@ func CreateIngressGateway(netid string, nodeid string, failover bool) (models.No return models.Node{}, err } node.IsIngressGateway = "yes" + node.ExtClientsCidr = getCidrforExtClients() cidrs := []string{} cidrs = append(cidrs, network.AddressRange) cidrs = append(cidrs, network.AddressRange6) diff --git a/logic/peers.go b/logic/peers.go index 218bf0d3..d96b4695 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -329,7 +329,7 @@ func GetPeerUpdate(node *models.Node) (models.PeerUpdate, error) { } } if node.IsIngressGateway == "yes" { - extPeers, idsAndAddr, err := getExtPeers(node) + extPeers, idsAndAddr, err := getExtPeers(node, true) if err == nil { peers = append(peers, extPeers...) for i := range idsAndAddr { @@ -349,7 +349,7 @@ func GetPeerUpdate(node *models.Node) (models.PeerUpdate, error) { return peerUpdate, nil } -func getExtPeers(node *models.Node) ([]wgtypes.PeerConfig, []models.IDandAddr, error) { +func getExtPeers(node *models.Node, forIngressNode bool) ([]wgtypes.PeerConfig, []models.IDandAddr, error) { var peers []wgtypes.PeerConfig var idsAndAddr []models.IDandAddr extPeers, err := GetNetworkExtClients(node.Network) @@ -388,6 +388,13 @@ func getExtPeers(node *models.Node) ([]wgtypes.PeerConfig, []models.IDandAddr, e allowedips = append(allowedips, addr6) } } + if !forIngressNode && extPeer.InternalIP != "" { + peerInternalAddr := net.IPNet{ + IP: net.ParseIP(extPeer.InternalIP), + Mask: net.CIDRMask(32, 32), + } + allowedips = append(allowedips, peerInternalAddr) + } primaryAddr := extPeer.Address if primaryAddr == "" { @@ -456,8 +463,9 @@ func getExtPeersForProxy(node *models.Node, proxyPeerConf map[string]manager.Pee } extConf := manager.PeerConf{ - IsExtClient: true, - Address: extPeer.Address, + IsExtClient: true, + Address: extPeer.Address, + ExtInternalIp: extPeer.InternalIP, } if extPeer.IngressGatewayID == node.ID { extConf.IsAttachedExtClient = true @@ -482,7 +490,7 @@ func GetAllowedIPs(node, peer *models.Node, metrics *models.Metrics, fetchRelaye // handle ingress gateway peers if peer.IsIngressGateway == "yes" { - extPeers, _, err := getExtPeers(peer) + extPeers, _, err := getExtPeers(peer, false) if err != nil { logger.Log(2, "could not retrieve ext peers for ", peer.Name, err.Error()) } @@ -555,7 +563,7 @@ func GetAllowedIPs(node, peer *models.Node, metrics *models.Metrics, fetchRelaye allowedips = append(allowedips, extAllowedIPs...) } if relayedNode.IsIngressGateway == "yes" { - extPeers, _, err := getExtPeers(relayedNode) + extPeers, _, err := getExtPeers(relayedNode, false) if err == nil { for _, extPeer := range extPeers { allowedips = append(allowedips, extPeer.AllowedIPs...) @@ -719,7 +727,7 @@ func GetPeerUpdateForRelayedNode(node *models.Node, udppeers map[string]string) } //if ingress add extclients if node.IsIngressGateway == "yes" { - extPeers, _, err := getExtPeers(node) + extPeers, _, err := getExtPeers(node, true) if err == nil { peers = append(peers, extPeers...) } else { diff --git a/models/extclient.go b/models/extclient.go index c984a538..6734c76f 100644 --- a/models/extclient.go +++ b/models/extclient.go @@ -14,4 +14,5 @@ type ExtClient struct { LastModified int64 `json:"lastmodified" bson:"lastmodified"` Enabled bool `json:"enabled" bson:"enabled"` OwnerID string `json:"ownerid" bson:"ownerid"` + InternalIP string `json:"internal_ip" bson:"internal_ip"` } diff --git a/models/node.go b/models/node.go index f2b3d25c..5fdbb2c3 100644 --- a/models/node.go +++ b/models/node.go @@ -94,6 +94,7 @@ type Node struct { FailoverNode string `json:"failovernode" bson:"failovernode" yaml:"failovernode"` IngressGatewayRange string `json:"ingressgatewayrange" bson:"ingressgatewayrange" yaml:"ingressgatewayrange"` IngressGatewayRange6 string `json:"ingressgatewayrange6" bson:"ingressgatewayrange6" yaml:"ingressgatewayrange6"` + ExtClientsCidr string `json:"extclients_cidr" bson:"extclients_cidr" yaml:"extclients_cidr"` // IsStatic - refers to if the Endpoint is set manually or dynamically IsStatic string `json:"isstatic" bson:"isstatic" yaml:"isstatic" validate:"checkyesorno"` UDPHolePunch string `json:"udpholepunch" bson:"udpholepunch" yaml:"udpholepunch" validate:"checkyesorno"` diff --git a/netclient/functions/mqpublish.go b/netclient/functions/mqpublish.go index 70551d89..fa7a574b 100644 --- a/netclient/functions/mqpublish.go +++ b/netclient/functions/mqpublish.go @@ -193,7 +193,7 @@ func publishMetrics(nodeCfg *config.ClientConfig) { return } - metrics, err := metrics.Collect(nodeCfg.Node.Interface, nodeGET.PeerIDs) + metrics, err := metrics.Collect(nodeCfg.Node.Interface, nodeGET.Node.Network, nodeGET.Node.Proxy, nodeGET.PeerIDs) if err != nil { logger.Log(0, "failed metric collection for node", nodeCfg.Node.Name, err.Error()) }