Skip to content

feat: add agent acks to in-memory coordinator #12786

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 14 commits into from
Apr 10, 2024
Merged

feat: add agent acks to in-memory coordinator #12786

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
1c287b2
feat: add agent acks to in-memory coordinator
coadler Mar 27, 2024
4b14af0
spike comments
coadler Mar 29, 2024
7e2d1bb
fixup! spike comments
coadler Mar 29, 2024
3557c11
additional tests
coadler Mar 29, 2024
1347370
prevent clients from sending `ready_for_handshake`
coadler Mar 29, 2024
2896d6b
rename
coadler Mar 29, 2024
214d380
comments
coadler Apr 2, 2024
4aaa0e2
fixup! comments
coadler Apr 2, 2024
5660e03
add auth to in-memory coordinator
coadler Apr 2, 2024
298655b
fixup! add auth to in-memory coordinator
coadler Apr 2, 2024
88416d2
comments
coadler Apr 3, 2024
bfda37e
make gen
coadler Apr 3, 2024
2ee3c51
don't kill agent connection on invalid RFH
coadler Apr 3, 2024
cae734d
fix no permission test
coadler Apr 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
fix no permission test
  • Loading branch information
@coadler
coadler committed Apr 10, 2024
commit cae734d3a1b29bca23e75df0e35e45736751c628
10 changes: 3 additions & 7 deletions tailnet/configmaps.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -443,8 +443,9 @@ func (c *configMaps) updatePeerLocked(update *proto.CoordinateResponse_PeerUpdat
lc.readyForHandshakeTimer.Stop()
}
if lc.node != nil {
dirty = dirty || !lc.node.KeepAlive
lc.node.KeepAlive = true
old := lc.node.KeepAlive
lc.node.KeepAlive = c.nodeKeepalive(lc, status, lc.node)
dirty = dirty || (old != lc.node.KeepAlive)
}
logger.Debug(context.Background(), "peer ready for handshake")
// only force a reconfig if the node populated
Expand All @@ -457,7 +458,6 @@ func (c *configMaps) updatePeerLocked(update *proto.CoordinateResponse_PeerUpdat
logger.Debug(context.Background(), "got peer ready for handshake for unknown peer")
lc = &peerLifecycle{
peerID: id,
lost: true,
readyForHandshake: true,
}
c.peers[id] = lc
Expand Down Expand Up @@ -633,10 +633,6 @@ func (*configMaps) nodeKeepalive(lc *peerLifecycle, status *ipnstate.Status, nod
if lc != nil && lc.isDestination && lc.readyForHandshake {
return true
}
// If keepalives are already enabled on the node, keep them enabled.
if lc != nil && lc.node != nil && lc.node.KeepAlive {
return true
}

// If none of the above are true, keepalives should not be enabled.
return false
Expand Down
7 changes: 7 additions & 0 deletions tailnet/coordinator.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -722,6 +722,13 @@ func (c *core) handleReadyForHandshakeLocked(src *peer, rfhs []*proto.Coordinate
// subsequently disconnect before the agent has sent back the RFH.
// Since this could potentially happen to a non-malicious agent, we
// don't want to kill its connection.
select {
case src.resps <- &proto.CoordinateResponse{
Error: fmt.Sprintf("you do not share a tunnel with %q", dstID.String()),
}:
default:
return ErrWouldBlock
}
continue
}

Expand Down
24 changes: 3 additions & 21 deletions tailnet/coordinator_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -464,33 +464,15 @@ func TestCoordinator(t *testing.T) {
clientID := uuid.New()
agentID := uuid.New()

aReq, _ := coordinator.Coordinate(ctx, agentID, agentID.String(), tailnet.AgentCoordinateeAuth{ID: agentID})
aReq, aRes := coordinator.Coordinate(ctx, agentID, agentID.String(), tailnet.AgentCoordinateeAuth{ID: agentID})
_, _ = coordinator.Coordinate(ctx, clientID, clientID.String(), tailnet.ClientCoordinateeAuth{AgentID: agentID})

nk, err := key.NewNode().Public().MarshalBinary()
require.NoError(t, err)
dk, err := key.NewDisco().Public().MarshalText()
require.NoError(t, err)
aReq <- &proto.CoordinateRequest{UpdateSelf: &proto.CoordinateRequest_UpdateSelf{
Node: &proto.Node{
Id: 3,
Key: nk,
Disco: string(dk),
},
}}

require.Eventually(t, func() bool {
return coordinator.Node(agentID) != nil
}, testutil.WaitShort, testutil.IntervalFast)

aReq <- &proto.CoordinateRequest{ReadyForHandshake: []*proto.CoordinateRequest_ReadyForHandshake{{
Id: clientID[:],
}}}

// The agent node should disappear, indicating it was booted off.
require.Eventually(t, func() bool {
return coordinator.Node(agentID) == nil
}, testutil.WaitShort, testutil.IntervalFast)
rfhError := testutil.RequireRecvCtx(ctx, t, aRes)
require.NotEmpty(t, rfhError.Error)
})
}

Expand Down
77 changes: 43 additions & 34 deletions tailnet/proto/tailnet.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions tailnet/proto/tailnet.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,7 @@ message CoordinateResponse {
string reason = 4;
}
repeated PeerUpdate peer_updates = 1;
string error = 2;
}

service Tailnet {
Expand Down