mirror of
https://github.com/gravitl/netmaker.git
synced 2025-10-06 01:07:41 +08:00
extclients internal ips
This commit is contained in:
Abhishek Kondur
@@ -284,9 +284,6 @@ Endpoint = %s
|
|||||||
w.WriteHeader(http.StatusOK)
|
w.WriteHeader(http.StatusOK)
|
||||||
json.NewEncoder(w).Encode(client)
|
json.NewEncoder(w).Encode(client)
|
||||||
}
|
}
|
||||||
func getFreeIpFromIngressExtCIDR() string {
|
|
||||||
return "10.235.166.20"
|
|
||||||
}
|
|
||||||
|
|
||||||
// swagger:route POST /api/extclients/{network}/{nodeid} ext_client createExtClient
|
// swagger:route POST /api/extclients/{network}/{nodeid} ext_client createExtClient
|
||||||
//
|
//
|
||||||
@@ -323,7 +320,6 @@ func createExtClient(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
extclient.Network = networkName
|
extclient.Network = networkName
|
||||||
extclient.IngressGatewayID = nodeid
|
extclient.IngressGatewayID = nodeid
|
||||||
extclient.InternalIP = getFreeIpFromIngressExtCIDR()
|
|
||||||
node, err := logic.GetNodeByID(nodeid)
|
node, err := logic.GetNodeByID(nodeid)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger.Log(0, r.Header.Get("user"),
|
logger.Log(0, r.Header.Get("user"),
|
||||||
|
|||||||
@@ -138,6 +138,12 @@ func CreateExtClient(extclient *models.ExtClient) error {
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
extclient.Address = newAddress
|
extclient.Address = newAddress
|
||||||
|
|
||||||
|
extclientInternalAddr, err := UniqueAddress(extclient.Network, true)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
extclient.InternalIPAddr = extclientInternalAddr
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -148,6 +154,11 @@ func CreateExtClient(extclient *models.ExtClient) error {
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
extclient.Address6 = addr6
|
extclient.Address6 = addr6
|
||||||
|
extclientInternalAddr6, err := UniqueAddress6(extclient.Network, true)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
extclient.InternalIPAddr6 = extclientInternalAddr6
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -185,12 +185,12 @@ func CreateIngressGateway(netid string, nodeid string, failover bool) (models.No
|
|||||||
|
|
||||||
var postUpCmd, postDownCmd string
|
var postUpCmd, postDownCmd string
|
||||||
node, err := GetNodeByID(nodeid)
|
node, err := GetNodeByID(nodeid)
|
||||||
if node.OS != "linux" { // add in darwin later
|
// if node.OS != "linux" { // add in darwin later
|
||||||
return models.Node{}, errors.New(node.OS + " is unsupported for ingress gateways")
|
// return models.Node{}, errors.New(node.OS + " is unsupported for ingress gateways")
|
||||||
}
|
// }
|
||||||
if node.OS == "linux" && node.FirewallInUse == models.FIREWALL_NONE {
|
// if node.OS == "linux" && node.FirewallInUse == models.FIREWALL_NONE {
|
||||||
return models.Node{}, errors.New("firewall is not supported for ingress gateways")
|
// return models.Node{}, errors.New("firewall is not supported for ingress gateways")
|
||||||
}
|
// }
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return models.Node{}, err
|
return models.Node{}, err
|
||||||
|
|||||||
@@ -84,10 +84,18 @@ func GetPeersForProxy(node *models.Node, onlyPeers bool) (manager.ProxyManagerPa
|
|||||||
logger.Log(1, "failed to parse node pub key: ", peer.ID)
|
logger.Log(1, "failed to parse node pub key: ", peer.ID)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
proxyStatus := peer.Proxy
|
||||||
listenPort := peer.LocalListenPort
|
listenPort := peer.LocalListenPort
|
||||||
|
if proxyStatus {
|
||||||
|
listenPort = peer.ProxyListenPort
|
||||||
if listenPort == 0 {
|
if listenPort == 0 {
|
||||||
listenPort = peer.ListenPort
|
listenPort = proxy_models.NmProxyPort
|
||||||
}
|
}
|
||||||
|
} else if listenPort == 0 {
|
||||||
|
listenPort = peer.ListenPort
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
endpoint, err := net.ResolveUDPAddr("udp", fmt.Sprintf("%s:%d", peer.Endpoint, listenPort))
|
endpoint, err := net.ResolveUDPAddr("udp", fmt.Sprintf("%s:%d", peer.Endpoint, listenPort))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger.Log(1, "failed to resolve udp addr for node: ", peer.ID, peer.Endpoint, err.Error())
|
logger.Log(1, "failed to resolve udp addr for node: ", peer.ID, peer.Endpoint, err.Error())
|
||||||
@@ -99,7 +107,6 @@ func GetPeersForProxy(node *models.Node, onlyPeers bool) (manager.ProxyManagerPa
|
|||||||
// set_keepalive
|
// set_keepalive
|
||||||
keepalive, _ = time.ParseDuration(strconv.FormatInt(int64(node.PersistentKeepalive), 10) + "s")
|
keepalive, _ = time.ParseDuration(strconv.FormatInt(int64(node.PersistentKeepalive), 10) + "s")
|
||||||
}
|
}
|
||||||
proxyStatus := peer.Proxy
|
|
||||||
if peer.IsServer == "yes" {
|
if peer.IsServer == "yes" {
|
||||||
proxyStatus = servercfg.IsProxyEnabled()
|
proxyStatus = servercfg.IsProxyEnabled()
|
||||||
}
|
}
|
||||||
@@ -113,7 +120,7 @@ func GetPeersForProxy(node *models.Node, onlyPeers bool) (manager.ProxyManagerPa
|
|||||||
peerConfMap[peer.PublicKey] = proxy_models.PeerConf{
|
peerConfMap[peer.PublicKey] = proxy_models.PeerConf{
|
||||||
Address: net.ParseIP(peer.PrimaryAddress()),
|
Address: net.ParseIP(peer.PrimaryAddress()),
|
||||||
Proxy: proxyStatus,
|
Proxy: proxyStatus,
|
||||||
ProxyListenPort: peer.ProxyListenPort,
|
PublicListenPort: listenPort,
|
||||||
}
|
}
|
||||||
|
|
||||||
if !onlyPeers && peer.IsRelayed == "yes" {
|
if !onlyPeers && peer.IsRelayed == "yes" {
|
||||||
@@ -127,7 +134,7 @@ func GetPeersForProxy(node *models.Node, onlyPeers bool) (manager.ProxyManagerPa
|
|||||||
RelayedTo: relayTo,
|
RelayedTo: relayTo,
|
||||||
Address: net.ParseIP(peer.PrimaryAddress()),
|
Address: net.ParseIP(peer.PrimaryAddress()),
|
||||||
Proxy: proxyStatus,
|
Proxy: proxyStatus,
|
||||||
ProxyListenPort: peer.ProxyListenPort,
|
PublicListenPort: listenPort,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -362,7 +369,7 @@ func getExtPeers(node *models.Node, forIngressNode bool) ([]wgtypes.PeerConfig,
|
|||||||
|
|
||||||
var allowedips []net.IPNet
|
var allowedips []net.IPNet
|
||||||
var peer wgtypes.PeerConfig
|
var peer wgtypes.PeerConfig
|
||||||
if extPeer.Address != "" {
|
if forIngressNode && extPeer.Address != "" {
|
||||||
var peeraddr = net.IPNet{
|
var peeraddr = net.IPNet{
|
||||||
IP: net.ParseIP(extPeer.Address),
|
IP: net.ParseIP(extPeer.Address),
|
||||||
Mask: net.CIDRMask(32, 32),
|
Mask: net.CIDRMask(32, 32),
|
||||||
@@ -372,7 +379,7 @@ func getExtPeers(node *models.Node, forIngressNode bool) ([]wgtypes.PeerConfig,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if extPeer.Address6 != "" {
|
if forIngressNode && extPeer.Address6 != "" {
|
||||||
var addr6 = net.IPNet{
|
var addr6 = net.IPNet{
|
||||||
IP: net.ParseIP(extPeer.Address6),
|
IP: net.ParseIP(extPeer.Address6),
|
||||||
Mask: net.CIDRMask(128, 128),
|
Mask: net.CIDRMask(128, 128),
|
||||||
@@ -381,19 +388,31 @@ func getExtPeers(node *models.Node, forIngressNode bool) ([]wgtypes.PeerConfig,
|
|||||||
allowedips = append(allowedips, addr6)
|
allowedips = append(allowedips, addr6)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if !forIngressNode && extPeer.InternalIP != "" {
|
if !forIngressNode {
|
||||||
|
if extPeer.InternalIPAddr != "" {
|
||||||
peerInternalAddr := net.IPNet{
|
peerInternalAddr := net.IPNet{
|
||||||
IP: net.ParseIP(extPeer.InternalIP),
|
IP: net.ParseIP(extPeer.InternalIPAddr),
|
||||||
Mask: net.CIDRMask(32, 32),
|
Mask: net.CIDRMask(32, 32),
|
||||||
}
|
}
|
||||||
|
if peerInternalAddr.IP != nil && peerInternalAddr.Mask != nil {
|
||||||
allowedips = append(allowedips, peerInternalAddr)
|
allowedips = append(allowedips, peerInternalAddr)
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
if extPeer.InternalIPAddr6 != "" {
|
||||||
|
peerInternalAddr6 := net.IPNet{
|
||||||
|
IP: net.ParseIP(extPeer.InternalIPAddr6),
|
||||||
|
Mask: net.CIDRMask(32, 32),
|
||||||
|
}
|
||||||
|
if peerInternalAddr6.IP != nil && peerInternalAddr6.Mask != nil {
|
||||||
|
allowedips = append(allowedips, peerInternalAddr6)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
primaryAddr := extPeer.Address
|
primaryAddr := extPeer.Address
|
||||||
if primaryAddr == "" {
|
if primaryAddr == "" {
|
||||||
primaryAddr = extPeer.Address6
|
primaryAddr = extPeer.Address6
|
||||||
}
|
}
|
||||||
|
|
||||||
peer = wgtypes.PeerConfig{
|
peer = wgtypes.PeerConfig{
|
||||||
PublicKey: pubkey,
|
PublicKey: pubkey,
|
||||||
ReplaceAllowedIPs: true,
|
ReplaceAllowedIPs: true,
|
||||||
@@ -454,11 +473,14 @@ func getExtPeersForProxy(node *models.Node, proxyPeerConf map[string]proxy_model
|
|||||||
ReplaceAllowedIPs: true,
|
ReplaceAllowedIPs: true,
|
||||||
AllowedIPs: allowedips,
|
AllowedIPs: allowedips,
|
||||||
}
|
}
|
||||||
|
extInternalPrimaryAddr := extPeer.InternalIPAddr
|
||||||
|
if extInternalPrimaryAddr == "" {
|
||||||
|
extInternalPrimaryAddr = extPeer.InternalIPAddr6
|
||||||
|
}
|
||||||
extConf := proxy_models.PeerConf{
|
extConf := proxy_models.PeerConf{
|
||||||
IsExtClient: true,
|
IsExtClient: true,
|
||||||
Address: net.ParseIP(extPeer.Address),
|
Address: net.ParseIP(extPeer.Address),
|
||||||
ExtInternalIp: net.ParseIP(extPeer.InternalIP),
|
ExtInternalIp: net.ParseIP(extInternalPrimaryAddr),
|
||||||
}
|
}
|
||||||
if extPeer.IngressGatewayID == node.ID {
|
if extPeer.IngressGatewayID == node.ID {
|
||||||
extConf.IsAttachedExtClient = true
|
extConf.IsAttachedExtClient = true
|
||||||
|
|||||||
@@ -14,5 +14,6 @@ type ExtClient struct {
|
|||||||
LastModified int64 `json:"lastmodified" bson:"lastmodified"`
|
LastModified int64 `json:"lastmodified" bson:"lastmodified"`
|
||||||
Enabled bool `json:"enabled" bson:"enabled"`
|
Enabled bool `json:"enabled" bson:"enabled"`
|
||||||
OwnerID string `json:"ownerid" bson:"ownerid"`
|
OwnerID string `json:"ownerid" bson:"ownerid"`
|
||||||
InternalIP string `json:"internal_ip" bson:"internal_ip"`
|
InternalIPAddr string `json:"internal_ip_addr" bson:"internal_ip_addr"`
|
||||||
|
InternalIPAddr6 string `json:"internal_ip_addr6" bson:"internal_ip_addr6"`
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user