extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-03-10 04:38:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

wip: add missing routers

Browse Source
This commit is contained in:
Maycon Santos 2024-12-18 16:31:01 +01:00
parent 57eac8824f
commit 400a138c76
1 changed files with 89 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

154
management/server/types/account.go
View File

@ -16,7 +16,6 @@ import (
nbdns "github.com/netbirdio/netbird/dns" nbdns "github.com/netbirdio/netbird/dns"
"github.com/netbirdio/netbird/management/domain" "github.com/netbirdio/netbird/management/domain"
resourceTypes "github.com/netbirdio/netbird/management/server/networks/resources/types" resourceTypes "github.com/netbirdio/netbird/management/server/networks/resources/types"
routerTypes "github.com/netbirdio/netbird/management/server/networks/routers/types" routerTypes "github.com/netbirdio/netbird/management/server/networks/routers/types"
networkTypes "github.com/netbirdio/netbird/management/server/networks/types" networkTypes "github.com/netbirdio/netbird/management/server/networks/types"
@ -256,8 +255,9 @@ func (a *Account) GetPeerNetworkMap(
routesUpdate := a.GetRoutesToSync(ctx, peerID, peersToConnect) routesUpdate := a.GetRoutesToSync(ctx, peerID, peersToConnect)
routesFirewallRules := a.GetPeerRoutesFirewallRules(ctx, peerID, validatedPeersMap) routesFirewallRules := a.GetPeerRoutesFirewallRules(ctx, peerID, validatedPeersMap)
networkResourcesRoutes := a.GetNetworkResourcesRoutesToSync(ctx, peerID, peersToConnect) networkResourcesRoutes := a.GetNetworkResourcesRoutesToSync(ctx, peerID)
networkResourcesFirewallRules := a.GetPeerNetworkResourceFirewallRules(ctx, peerID, validatedPeersMap) networkResourcesFirewallRules := a.GetPeerNetworkResourceFirewallRules(ctx, peer, validatedPeersMap, networkResourcesRoutes)
peersToConnectIncludingRouters := a.addNetworksRoutingPeers(networkResourcesRoutes, peer, peersToConnect, expiredPeers)
dnsManagementStatus := a.getPeerDNSManagementStatus(peerID) dnsManagementStatus := a.getPeerDNSManagementStatus(peerID)
dnsUpdate := nbdns.Config{ dnsUpdate := nbdns.Config{
@ -275,7 +275,7 @@ func (a *Account) GetPeerNetworkMap(
} }
nm := &NetworkMap{ nm := &NetworkMap{
Peers: peersToConnect, Peers: peersToConnectIncludingRouters,
Network: a.Network.Copy(), Network: a.Network.Copy(),
Routes: slices.Concat(networkResourcesRoutes, routesUpdate), Routes: slices.Concat(networkResourcesRoutes, routesUpdate),
DNSConfig: dnsUpdate, DNSConfig: dnsUpdate,
@ -299,6 +299,40 @@ func (a *Account) GetPeerNetworkMap(
return nm return nm
} }
func (a *Account) addNetworksRoutingPeers(networkResourcesRoutes []*route.Route, peer *nbpeer.Peer, peersToConnect []*nbpeer.Peer, expiredPeers []*nbpeer.Peer) []*nbpeer.Peer {
missingPeers := map[string]struct{}{}
for _, r := range networkResourcesRoutes {
if r.Peer == peer.Key {
continue
}
missing := true
for _, p := range peersToConnect {
if r.Peer == p.Key {
missing = false
break
}
}
if missing {
for _, p := range expiredPeers {
if r.Peer == p.Key {
missing = false
break
}
}
}
if missing {
missingPeers[r.Peer] = struct{}{}
}
}
for p := range missingPeers {
peersToConnect = append(peersToConnect, a.Peers[p])
}
return peersToConnect
}
func getPeerNSGroups(account *Account, peerID string) []*nbdns.NameServerGroup { func getPeerNSGroups(account *Account, peerID string) []*nbdns.NameServerGroup {
groupList := account.GetPeerGroups(peerID) groupList := account.GetPeerGroups(peerID)
@ -1246,15 +1280,17 @@ func (a *Account) getRoutingPeerNetworkResourcesRoutes(ctx context.Context, peer
} }
// GetPeerNetworkResourceFirewallRules gets the network resources firewall rules associated with a routing peer ID for the account. // GetPeerNetworkResourceFirewallRules gets the network resources firewall rules associated with a routing peer ID for the account.
func (a *Account) GetPeerNetworkResourceFirewallRules(ctx context.Context, peerID string, validatedPeersMap map[string]struct{}) []*RouteFirewallRule { func (a *Account) GetPeerNetworkResourceFirewallRules(ctx context.Context, peer *nbpeer.Peer, validatedPeersMap map[string]struct{}, routes []*route.Route) []*RouteFirewallRule {
routesFirewallRules := make([]*RouteFirewallRule, 0) routesFirewallRules := make([]*RouteFirewallRule, 0)
routes := a.getRoutingPeerNetworkResourcesRoutes(ctx, peerID)
for _, route := range routes { for _, route := range routes {
if route.Peer != peer.Key {
continue
}
resourceAppliedPolicies := a.GetPoliciesForNetworkResource(string(route.ID)) resourceAppliedPolicies := a.GetPoliciesForNetworkResource(string(route.ID))
distributionPeers := getPoliciesSourcePeers(resourceAppliedPolicies, a.Groups) distributionPeers := getPoliciesSourcePeers(resourceAppliedPolicies, a.Groups)
rules := a.getRouteFirewallRules(ctx, peerID, resourceAppliedPolicies, route, validatedPeersMap, distributionPeers) rules := a.getRouteFirewallRules(ctx, peer.ID, resourceAppliedPolicies, route, validatedPeersMap, distributionPeers)
routesFirewallRules = append(routesFirewallRules, rules...) routesFirewallRules = append(routesFirewallRules, rules...)
} }
@ -1277,45 +1313,47 @@ func (a *Account) getNetworkResourceGroups(resourceID string) []*Group {
} }
// GetNetworkResourcesRoutesToSync returns network routes for syncing with a specific peer and its ACL peers. // GetNetworkResourcesRoutesToSync returns network routes for syncing with a specific peer and its ACL peers.
func (a *Account) GetNetworkResourcesRoutesToSync(ctx context.Context, peerID string, aclPeers []*nbpeer.Peer) []*route.Route { func (a *Account) GetNetworkResourcesRoutesToSync(ctx context.Context, peerID string) []*route.Route {
//routes := a.getRoutingPeerNetworkResourcesRoutes(ctx, peerID)
//peerRoutesMembership := make(LookupMap)
//for _, r := range routes {
// peerRoutesMembership[string(r.GetHAUniqueID())] = struct{}{}
//}
//
////peersToConnect := make(map[string]struct{})
//
resources := make([]*resourceTypes.NetworkResource, 0) resources := make([]*resourceTypes.NetworkResource, 0)
routers := make(map[string][]*routerTypes.NetworkRouter)
for _, router := range a.NetworkRouters {
routers[router.NetworkID] = append(routers[router.NetworkID], router)
}
for _, resource := range a.NetworkResources { for _, resource := range a.NetworkResources {
for _, router := range a.NetworkRouters { resourceAppliedPolicies := a.GetPoliciesForNetworkResource(resource.ID)
if router.NetworkID == resource.NetworkID {
if router.Peer == peerID {
resources = append(resources, resource)
}
for _, peerGroup := range router.PeerGroups { resourceRouters := routers[resource.NetworkID]
g := a.Groups[peerGroup]
if g != nil { if resourceRouters == nil || len(resourceRouters) == 0 {
if slices.Contains(router.PeerGroups, peerID) { continue
resources = append(resources, resource) }
}
for _, router := range resourceRouters {
if router.Peer == peerID {
resources = append(resources, resource)
}
for _, peerGroup := range router.PeerGroups {
g := a.Groups[peerGroup]
if g != nil {
if slices.Contains(router.PeerGroups, peerID) {
resources = append(resources, resource)
} }
} }
} }
} }
resourceAppliedPolicies := a.GetPoliciesForNetworkResource(resource.ID)
for _, policy := range resourceAppliedPolicies { for _, policy := range resourceAppliedPolicies {
sourceGroups := policy.SourceGroups() sourceGroups := policy.SourceGroups()
for _, sourceGroup := range sourceGroups { for _, sourceGroup := range sourceGroups {
group := a.GetGroup(sourceGroup) group := a.GetGroup(sourceGroup)
if group == nil { if group == nil {
log.WithContext(ctx).Warnf("policy %s has source group %s that doesn't exist under account %s, will continue map generation without it", policy.ID, sourceGroup, a.Id)
continue continue
} }
@ -1323,53 +1361,39 @@ func (a *Account) GetNetworkResourcesRoutesToSync(ctx context.Context, peerID st
// peerID should be able to connect with routing peers // peerID should be able to connect with routing peers
if slices.Contains(group.Peers, peerID) { if slices.Contains(group.Peers, peerID) {
resources = append(resources, resource) resources = append(resources, resource)
// for _, groupID := range router.PeerGroups {
// g := a.GetGroup(groupID)
// if g != nil {
// for _, id := range g.Peers {
// peersToConnect[id] = struct{}{}
// }
// }
// }
//
// if router.Peer != "" {
// peersToConnect[router.Peer] = struct{}{}
// }
} }
} }
} }
} }
//
////for _, peer := range aclPeers {
//// peerRoutes := a.getRoutingPeerNetworkResourcesRoutes(ctx, peer.ID)
//// filteredRoutes := a.filterRoutesFromPeersOfSameHAGroup(peerRoutes, peerRoutesMembership)
//// routes = append(routes, filteredRoutes...)
////}
//
routes := make([]*route.Route, 0) routes := make([]*route.Route, 0)
for _, resource := range resources { for _, resource := range resources {
for _, router := range a.NetworkRouters { resourceRouters := routers[resource.NetworkID]
if router.NetworkID == resource.NetworkID {
resourceRoutingPeers := make([]string, 0) if resourceRouters == nil {
for _, groupID := range router.PeerGroups { continue
group := a.GetGroup(groupID) }
if group == nil {
continue
}
resourceRoutingPeers = append(resourceRoutingPeers, group.Peers...) for _, router := range resourceRouters {
resourceRoutingPeers := make([]string, 0)
for _, groupID := range router.PeerGroups {
group := a.GetGroup(groupID)
if group == nil {
log.WithContext(ctx).Warnf("router %s has peers group %s that doesn't exist under account %s, will continue map generation without it", router.ID, groupID, a.Id)
continue
} }
if router.Peer != "" { resourceRoutingPeers = append(resourceRoutingPeers, group.Peers...)
resourceRoutingPeers = append(resourceRoutingPeers, router.Peer) }
}
for _, peerId := range resourceRoutingPeers { if router.Peer != "" {
routes = append(routes, a.getNetworkResourcesRoutesG(resources, router, peerId)...) resourceRoutingPeers = append(resourceRoutingPeers, router.Peer)
} }
for _, peerId := range resourceRoutingPeers {
routes = append(routes, a.getNetworkResourcesRoutesG(resources, router, peerId)...)
} }
} }
} }