gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-12-18 08:38:26 +08:00
Code Issues Projects Releases Packages Wiki Activity
6700 commits 1646 branches 86 tags 296 MiB
Commit graph

84 commits

Author SHA1 Message Date
abhishek9686
c318c939f4 sort the acl rules 2025-03-27 23:54:38 +04:00
Abhishek K
fb1052e6a5
change check to last checkin status (#3374) 2025-03-17 17:23:06 +04:00
Vishal Dalwadi
346f09ce39
NET-1986: Only report online hosts. (#3370) 
* feat(go): only report online hosts.

* feat(go): only report online external clients.
 2025-03-14 17:16:31 +04:00
abhishek9686
225bf37e02 resolve merge conflicts 2025-02-28 12:18:38 +04:00
abhishek9686
ce6ec25253 fix network ip allocation in HA 2025-02-27 16:26:15 +04:00
abhishek9686
46eea43397 add mutex for target nodes 2025-02-25 19:41:57 +04:00
Abhishek K
689b9b6b52
NET-1941: failover signaling optimized, new endpoint for metrics peer info (#3322) 
* optimise acl cache with network map

* fix mutex clash

* fix acl mutex

* add new endpoint for metrics peer info

* fix static check

* add new endpoint for metrics peer info

* fix host peer info api params

* cache failover data

* add json tag

* avoid duplicate calls to failover

* add failover check ctx

* add failover check ctx

* fix failover debug log

* optimise failover operations

* remove debug logs

* rm unused model

* rm unused model
 2025-02-14 16:06:26 +04:00
abhishek9686
bee1f4dda4 remove debug log, fix concurrent map write issue 2025-02-13 22:53:05 +04:00
abhishek9686
5177f5cbfd fix peer list on interface 2024-12-16 22:29:42 +04:00
Abhishek K
f124b10c35
NET-1784: Adv Acl Rules (#3239) 
* define direction on acl req

* define protocol types and rule model

* get rules for node

* fetch acl rule for a node

* redine acl firewall model

* add json tags

* update port,protocol, and direction

* add json tags to acl options

* convert protocol to string

* simplify acl map

* add json tags to acl rules

* add networks to fw update

* add acls rules

* NET-1784: add allow all field

* add allow all field on fw udpate

* remove debug logs

* fix port and protocol types

* migrate default acl policies

* define constants for service types

* add adv options for user rules on ingress gw

* debug log

* allow whole network

* add static nodes to acl rules

* replace peers on acl updates

* initiliase rule map

* add user acl rules on target node

* revert acl check on extclient

* handle static node rules on ingress gw

* update multiple policies for users

* check allowed direction

* remove debug logs
 2024-12-10 11:21:14 +04:00
Yabin Ma
5f21c8bb1d
NET-1778: scale test code changes (#3203) 
* comment ACL call and add debug message

* add cache for network nodes

* fix load node to network cache issue

* add peerUpdate call 1 min limit

* add debug log for scale test

* release maps

* avoid default policy for node

* 1 min limit for peerUpdate trigger

* mq options

* Revert "mq options"

This reverts commit 10b93d0118.

* set peerUpdate run in sequence

* update for emqx 5.8.2

* remove batch peer update

* change the sleep to 10 millisec to avoid timeout

* add compress and change encrypt for peerUpdate message

* add mem profiling and automaxprocs

* add failover ctx mutex

* ignore request to failover peer

* remove code without called

* remove debug logs

* update emqx to v5.8.2

* change broker keepalive

* add OLD_ACL_SUPPORT setting

* add host version check for message encrypt

* remove debug message

* remove peerUpdate call control

---------

Co-authored-by: abhishek9686 <abhi281342@gmail.com>
 2024-12-10 10:15:31 +04:00
abhishek9686
c8048da70c limit ext names to 15 2024-11-14 13:43:36 +04:00
abhishek9686
15bfcada65 sort extclients 2024-11-10 16:38:14 +04:00
abhishek9686
cd669774c0 fix node addr mask 2024-10-30 10:21:34 +04:00
abhishek9686
ea46ea5378 fix extclient allowed Ips 2024-10-29 22:57:58 +04:00
abhishek9686
2ee3cefc18 Revert "chnage egress range type to string" 
This reverts commit a0735e8203.
 2024-10-29 13:00:28 +04:00
abhishek9686
a0735e8203 chnage egress range type to string 2024-10-29 12:59:24 +04:00
abhishek9686
8e5a3d02c3 set egress6 ranges 2024-10-29 12:56:11 +04:00
abhishek9686
dc24e359cb fix return error 2024-10-29 12:42:45 +04:00
abhishek9686
ebc3e90301 add extclient egress ranges 2024-10-29 12:41:40 +04:00
abhishek9686
5e62e7e749 check default user policy 2024-10-28 10:53:12 +04:00
abhishek9686
20302f7701 fix default policy check on static node network 2024-10-28 09:41:09 +04:00
abhishek9686
502a15ea14 ignore setting up rules when default poliy is enabled 2024-10-27 23:00:36 +04:00
abhishek9686
f51f655f00 send peer updates on user updates and ingress gw 2024-10-23 22:30:36 +04:00
abhishek9686
d4da1774ff check default user policy 2024-10-23 15:29:47 +04:00
abhishek9686
c0f107b302 remove userips usage, add allow all to fwupdate 2024-10-23 14:15:13 +04:00
abhishek9686
ffb75fa6c1 add allow rules for nodes 2024-10-23 13:19:16 +04:00
abhishek9686
6c52b68214 fix ingress firewall updates 2024-10-22 19:54:23 +04:00
abhishek9686
1c9b986f0e add static node ips in the ingress update 2024-10-21 19:48:13 +04:00
abhishek9686
3994183fe8 implement extclient to extclient acls 2024-10-21 16:49:30 +04:00
abhishek9686
7fa6580103 add ingress rules to peer update 2024-10-21 12:35:10 +04:00
abhishek9686
aea26dfdf6 check acl policy on ext client 2024-10-18 11:21:32 +04:00
abhishek9686
de7cabacba update tags on extclient update call 2024-10-17 19:55:58 +04:00
abhishek9686
b41353b415 add static nodes to api resp 2024-10-14 16:36:25 +04:00
abhishek9686
287bcd8abc static node init 2024-10-02 15:43:01 +04:00
Max Ma
46b8fd21c8
NET-1440: scale test changes (#3014) 
* NET-1440 scale test changes

* fix UT error and add error info

* load metric data into cacha in startup

* remove debug info for metric

* add server telemetry and hasSuperAdmin to cache

* fix user UT case

* update sqlite connection string for performance

* update check-in TS in cache only if cache enabled

* update metric data in cache only if cache enabled and write to DB once in stop

* update server status in mq topic

* add failover existed to server status update

* only send mq messsage when there is server status change

* batch peerUpdate

* code changes for scale for review

* update UT case

* update mq client check

* mq connection code change

* revert server status update changes

* revert batch peerUpdate

* remove server status update info

* code changes based on review and setupmqtt in keepalive

* set the mq message order to false for PIN

* remove setupmqtt in keepalive

* recycle ip in node deletion

* update ip allocation logic

* remove ip addr cap

* remove ippool file

* update get extClient func

* remove ip from cache map when extClient is removed
 2024-08-15 11:59:00 +05:30
Max Ma
0180481ddb fix egressing exclient set route issue 2024-06-03 19:41:13 +02:00
Abhishek K
7ff30599ed
NET-1252: Restrict inetGws, Relays from getting failedOver (#2937) 
* add additional checks to avoid failovers

* add failover defence check on signal handler

* only add check for victim node

* avoid failover reset on pull

* add relayed for failoverme

* misc changes for failover

* remove resetfailoverpeers for InetNode

* add egress route back to allowedip list if relayed is egressGW

* add extclient back to allowedip list if peer is ingressGW

* reset failover on pull

---------

Co-authored-by: Max Ma <mayabin@gmail.com>
 2024-06-03 10:49:02 +04:00
Max Ma
6dc881260f
NET-1224:add egressGW ip for setroutes (#2933) 
* add egressGW ip for setroutes

* fix peer endpoint selection

---------

Co-authored-by: abhishek9686 <abhi281342@gmail.com>
 2024-05-14 19:56:24 +05:30
Max Ma
1ad837ad72
NET-1164:PublishDeletedClientPeerUpdate when deleting user from RAGW (#2912) 
* PublishDeletedClientPeerUpdate when deleting user from RAGW

* update ACLs after extClient is removed
 2024-05-03 12:25:38 +05:30
Aceix
39fbb45cfe
feat(NET-817): add postup/down scripts for clients (#2810) 2024-02-08 23:29:43 +05:30
abhishek9686
2e5519c388 add extra allowed ips of other extclients 2024-01-17 22:18:43 +05:30
Abhishek K
9f1b722c19
NET-822: Add extra data for RAC gws resp (#2732) 
* add extclient allowed ips to rac resp

* add gw peer public key

* fix static check
 2023-12-13 17:30:43 +04:00
Abhishek K
2c4a27c53b
NET-735: HA Support (#2701) 
* cache enabled option, cache hosts data if only enabled

* cache nodes only when enabled

* cache extclients only when enabled

* cache acls only when enabled
 2023-12-05 12:01:35 +04:00
Abhishek Kondur
a41fcb5faa initalize extraallowed ips field 2023-11-27 12:24:31 +04:00
Abhishek Kondur
b3ec58a929 add extraclient egress routes 2023-11-27 10:16:18 +04:00
Abhishek Kondur
fceae8f93a move code to extpeers 2023-11-24 19:29:43 +04:00
Abhishek Kondur
9a58c1237e extraAllowedIps fix for ext clients 2023-11-24 15:17:27 +04:00
Abhishek K
7169db78ea
NET-717: DNS Fixes (#2654) 
* send dns with complete entry name

* publish dns records on adding host to network from UI

* publish node dns updates when host is removed
 2023-11-08 17:43:41 +04:00
Abhishek K
800f6e2222
fix extclient caching (#2653) 2023-11-01 23:36:46 +04:00