fixing netclient

2025-10-08 18:21:18 +08:00 · 2021-07-15 15:14:48 -04:00
parent 4cf5aad2e7
commit 68607ae8ca
15 changed files with 150 additions and 17 deletions
--- a/1
+++ b/1
@@ -34,4 +34,3 @@ EXPOSE 8081
 EXPOSE 50051
 CMD ["./app"]
--- a/26
+++ b/26
@@ -0,0 +1,26 @@
 #first stage - builder
 FROM golang:latest as builder
 COPY . /app
 WORKDIR /app/netclient
 ENV GO111MODULE=auto
 RUN CGO_ENABLED=0 GOOS=linux go build -o netclient main.go
 #second stage
 FROM debian:latest
 RUN apt-get update && apt-get -y install systemd procps
 WORKDIR /root/
 COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
 COPY --from=builder /app/netclient/netclient .
 CMD ["./netclient"]
--- a/config/config.go
+++ b/config/config.go
@@ -36,6 +36,7 @@ type EnvironmentConfig struct {
 // ServerConfig :
 type ServerConfig struct {
  CoreDNSAddr string `yaml:"corednsaddr"`
  APIConnString string `yaml:"apiconn"`
  APIHost   string  `yaml:"apihost"`
  APIPort   string `yaml:"apiport"`
--- a/controllers/networkHttpController.go
+++ b/controllers/networkHttpController.go
@@ -689,6 +689,7 @@ func CreateAccessKey(accesskey models.AccessKey, network models.Network) (models
        s := servercfg.GetServerConfig()
        w := servercfg.GetWGConfig()
 	servervals := models.ServerConfig{
 			CoreDNSAddr: s.CoreDNSAddr,
 			APIConnString: s.APIConnString,
 			APIHost: s.APIHost,
 			APIPort: s.APIPort,
--- a/kube/netclient-daemonset.yaml
+++ b/kube/netclient-daemonset.yaml
@@ -0,0 +1,58 @@
 apiVersion: apps/v1
 kind: DaemonSet
 metadata:
  name: netclient
  labels:
    app: netclient
 spec:
  selector:
    matchLabels:
      app: netclient
  replicas: 1
  template:
    metadata:
      labels:
        app: netclient
    spec:
      hostNetwork: true
      containers:
      - name: netclient
        image: gravitl/netclient:v0.5.5
        command: ['bash', '-c', "netclient checkin -n $NETWORK; sleep $SLEEP"]
        env:
        - name: ACCESS_TOKEN
          value: "XXXX"
        - name: NETWORK
          value: "default"
        - name: SLEEP
          value: 30
        volumeMounts:
        - mountPath: /etc/netclient
          name: etc-netclient
        - mountPath: /usr/bin/wg
          name: wg
        securityContext:
          privileged: true
      initContainers:
      - name: netclient-join
        image: gravitl/netclient:v0.5.5
        command: ['bash', '-c', "netclient join -t $ACCESS_TOKEN --daemon off"]
        env:
        - name: ACCESS_TOKEN
          value: "XXXX"
        volumeMounts:
        - mountPath: /etc/netclient
          name: etc-netclient
        - mountPath: /usr/bin/wg
          name: wg
        securityContext:
          privileged: true
  volumes:
  - hostPath:
      path: /etc/netclient
      type: DirectoryOrCreate
    name: etc-netclient
  - hostPath:
      path: /usr/bin/wg
      type: File
    name: wg
--- a/main.go
+++ b/main.go
@@ -87,7 +87,12 @@ func main() {
 		waitnetwork.Add(1)
 		go runGRPC(&waitnetwork, installserver)
 	}
-
+        if servercfg.IsDNSMode() {
 		err := controller.SetDNS()
                if err != nil {
                        log.Fatal(err)
                }
        }
 	//Run Rest Server
 	if servercfg.IsRestBackend() {
                if !servercfg.DisableRemoteIPCheck() && servercfg.GetAPIHost() == "127.0.0.1" {
--- a/models/accessToken.go
+++ b/models/accessToken.go
@@ -13,6 +13,7 @@ type ClientConfig struct {
 }
 type ServerConfig struct {
  CoreDNSAddr string `json:"corednsaddr"`
  APIConnString string `json:"apiconn"`
  APIHost   string  `json:"apihost"`
  APIPort   string `json:"apiport"`
--- a/netclient/Dockerfile
+++ b/netclient/Dockerfile
@@ -0,0 +1,9 @@
 FROM debian:latest
 RUN apt-get update && apt-get -y install systemd procps
 WORKDIR /root/
 COPY netclient .
 CMD ["./netclient checkin"]
--- a/netclient/command/commands.go
+++ b/netclient/command/commands.go
@@ -58,7 +58,7 @@ func CheckIn(cfg config.ClientConfig) error {
 		log.Println("Required, '-n'. No network provided. Exiting.")
                os.Exit(1)
        }
-	err := functions.CheckIn(cfg.Network)
+	err := functions.CheckIn(cfg)
 	if err != nil {
 		log.Println("Error checking in: ", err)
 		os.Exit(1)
--- a/netclient/config/config.go
+++ b/netclient/config/config.go
@@ -26,6 +26,7 @@ type ClientConfig struct {
 	OperatingSystem string `yaml:"operatingsystem"`
 }
 type ServerConfig struct {
        CoreDNSAddr string `yaml:"corednsaddr"`
        GRPCAddress string `yaml:"grpcaddress"`
        APIAddress string `yaml:"apiaddress"`
        AccessKey string `yaml:"accesskey"`
@@ -55,7 +56,6 @@ type NodeConfig struct {
        IsLocal string `yaml:"islocal"`
        IsDualStack string `yaml:"isdualstack"`
        IsIngressGateway string `yaml:"isingressgateway"`
        AllowedIPs []string `yaml:"allowedips"`
        LocalRange string `yaml:"localrange"`
        PostUp string `yaml:"postup"`
        PostDown string `yaml:"postdown"`
@@ -85,9 +85,6 @@ func Write(config *ClientConfig, network string) error{
        }
 	home := "/etc/netclient"
        if err != nil {
                log.Fatal(err)
        }
        file := fmt.Sprintf(home + "/netconfig-" + network)
        f, err := os.OpenFile(file, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, os.ModePerm)
        defer f.Close()
@@ -408,6 +405,7 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){
 		cfg.Node.LocalRange = accesstoken.ClientConfig.LocalRange
 		cfg.Server.GRPCSSL = accesstoken.ServerConfig.GRPCSSL
 		cfg.Server.GRPCWireGuard = accesstoken.WG.GRPCWireGuard
 		cfg.Server.CoreDNSAddr = accesstoken.ServerConfig.CoreDNSAddr
 		if c.String("grpcserver") != "" {
 			cfg.Server.GRPCAddress = c.String("grpcserver")
 		}
@@ -427,6 +425,9 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){
                if c.String("grpcssl") != "" {
                        cfg.Server.GRPCSSL = c.String("grpcssl")
                }
                if c.String("corednsaddr") != "" {
                        cfg.Server.CoreDNSAddr = c.String("corednsaddr")
                }
                if c.String("grpcwg") != "" {
                        cfg.Server.GRPCWireGuard = c.String("grpcwg")
                }
@@ -440,6 +441,7 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){
                cfg.Node.LocalRange = c.String("localrange")
                cfg.Server.GRPCWireGuard = c.String("grpcwg")
                cfg.Server.GRPCSSL = c.String("grpcssl")
                cfg.Server.CoreDNSAddr = c.String("corednsaddr")
 	}
 	cfg.Node.Name = c.String("name")
 	cfg.Node.Interface = c.String("interface")
--- a/netclient/functions/checkin.go
+++ b/netclient/functions/checkin.go
@@ -10,6 +10,7 @@ import (
 	"net"
 	"os/exec"
        "github.com/gravitl/netmaker/netclient/config"
        "github.com/gravitl/netmaker/netclient/local"
        "github.com/gravitl/netmaker/netclient/wireguard"
        "github.com/gravitl/netmaker/netclient/server"
        "github.com/gravitl/netmaker/netclient/auth"
@@ -19,7 +20,8 @@ import (
 	//homedir "github.com/mitchellh/go-homedir"
 )
-func CheckIn(network string) error {
+func CheckIn(cliconf config.ClientConfig) error {
 	network := cliconf.Network
 	node := server.GetNode(network)
        cfg, err := config.ReadConfig(network)
        if err != nil {
@@ -32,6 +34,14 @@ func CheckIn(network string) error {
 	setupcheck := true
 	ipchange := false
        if nodecfg.DNS == "on" || cliconf.Node.DNS == "on" {
 		fmt.Println("setting dns")
 		ifacename := node.Interface
 		nameserver := servercfg.CoreDNSAddr
 		network := node.Nodenetwork
                _ = local.UpdateDNS(ifacename, network, nameserver)
        }
 	if !(nodecfg.IPForwarding == "off") {
 		out, err := exec.Command("sysctl", "net.ipv4.ip_forward").Output()
                 if err != nil {
@@ -125,9 +135,12 @@ func CheckIn(network string) error {
        var wcclient nodepb.NodeServiceClient
        var requestOpts grpc.DialOption
        requestOpts = grpc.WithInsecure()
-        if cfg.Server.GRPCSSL == "on" {
+        if servercfg.GRPCSSL == "on" {
 		log.Println("using SSL")
                h2creds := credentials.NewTLS(&tls.Config{NextProtos: []string{"h2"}})
                requestOpts = grpc.WithTransportCredentials(h2creds)
        } else {
                log.Println("using insecure GRPC connection")
 	}
        conn, err := grpc.Dial(servercfg.GRPCAddress, requestOpts)
        if err != nil {
--- a/netclient/functions/join.go
+++ b/netclient/functions/join.go
@@ -183,6 +183,7 @@ func JoinNetwork(cfg config.ClientConfig) error {
        if err != nil {
                return err
        }
 	log.Println("node created on remote server...updating configs")
        node := res.Node
        if err != nil {
                return err
@@ -211,16 +212,18 @@ func JoinNetwork(cfg config.ClientConfig) error {
 			return err
 		}
 	}
-
+	log.Println("retrieving remote peers")
 	peers, hasGateway, gateways, err := server.GetPeers(node.Macaddress, cfg.Network, cfg.Server.GRPCAddress, node.Isdualstack, node.Isingressgateway)
 	if err != nil {
 		log.Println("failed to retrieve peers")
                return err
        }
 	err = wireguard.StorePrivKey(cfg.Node.PrivateKey, cfg.Network)
        if err != nil {
                return err
        }
        log.Println("starting wireguard")
 	err = wireguard.InitWireguard(node, cfg.Node.PrivateKey, peers, hasGateway, gateways)
        if err != nil {
                return err
--- a/netclient/server/grpc.go
+++ b/netclient/server/grpc.go
@@ -143,6 +143,11 @@ func GetPeers(macaddress string, network string, server string, dualstack bool,
        requestOpts := grpc.WithInsecure()
        if cfg.Server.GRPCSSL == "on" {
                h2creds := credentials.NewTLS(&tls.Config{NextProtos: []string{"h2"}})
                requestOpts = grpc.WithTransportCredentials(h2creds)
        }
 	conn, err := grpc.Dial(server, requestOpts)
        if err != nil {
                log.Fatalf("Unable to establish client connection to localhost:50051: %v", err)
@@ -157,15 +162,15 @@ func GetPeers(macaddress string, network string, server string, dualstack bool,
        ctx := context.Background()
        ctx, err = auth.SetJWT(wcclient, network)
        if err != nil {
-                fmt.Println("Failed to authenticate.")
+                log.Println("Failed to authenticate.")
                return peers, hasGateway, gateways, err
        }
        var header metadata.MD
        stream, err := wcclient.GetPeers(ctx, req, grpc.Header(&header))
        if err != nil {
-                fmt.Println("Error retrieving peers")
+                log.Println("Error retrieving peers")
-                fmt.Println(err)
+                log.Println(err)
                return nil, hasGateway, gateways, err
        }
        for {
--- a/netclient/wireguard/kernel.go
+++ b/netclient/wireguard/kernel.go
@@ -186,8 +186,7 @@ func InitWireguard(node *nodepb.Node, privkey string, peers []wgtypes.PeerConfig
 	if node.Address == "" {
 		log.Fatal("no address to configure")
 	}
-	nameserver := servercfg.GRPCAddress
+	nameserver := servercfg.CoreDNSAddr
 	nameserver = strings.Split(nameserver, ":")[0]
 	network := node.Nodenetwork
        if nodecfg.Network != "" {
                network = nodecfg.Network
--- a/servercfg/serverconf.go
+++ b/servercfg/serverconf.go
@@ -20,6 +20,7 @@ func SetHost() error {
 func GetServerConfig() config.ServerConfig {
 	var cfg config.ServerConfig
 	cfg.APIConnString = GetAPIConnString()
 	cfg.CoreDNSAddr = GetCoreDNSAddr()
 	cfg.APIHost = GetAPIHost()
 	cfg.APIPort = GetAPIPort()
 	cfg.GRPCConnString = GetGRPCConnString()
@@ -129,6 +130,16 @@ func GetGRPCConnString() string {
        return conn
 }
 func GetCoreDNSAddr() string {
        addr, _ := GetPublicIP()
        if os.Getenv("COREDNS_ADDR") != ""  {
                addr = os.Getenv("COREDNS_ADDR")
        } else if config.Config.Server.CoreDNSAddr != "" {
                addr = config.Config.Server.GRPCConnString
        }
        return addr
 }
 func GetGRPCHost() string {
 	serverhost := "127.0.0.1"
 	if IsGRPCWireGuard() {
`@@ -34,4 +34,3 @@ EXPOSE 8081`
	`EXPOSE 50051`	`EXPOSE 50051`

	`CMD ["./app"]`	`CMD ["./app"]`