Skip to content

fix: update conn derpmap every 5s in single tailnet #9176

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Aug 23, 2023
Merged

fix: update conn derpmap every 5s in single tailnet #9176

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b37ed33
fix: update conn derpmap every 5s in single tailnet
deansheather Aug 18, 2023
82299ca
Merge branch 'main' into dean/update-derp-map-single-tailnet
deansheather Aug 23, 2023
b5385cc
fixup! Merge branch 'main' into dean/update-derp-map-single-tailnet
deansheather Aug 23, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion coderd/coderd.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -404,7 +404,7 @@ func New(options *Options) *API {
api.agentProvider, err = NewServerTailnet(api.ctx,
options.Logger,
options.DERPServer,
options.BaseDERPMap,
api.DERPMap,
func(context.Context) (tailnet.MultiAgentConn, error) {
return (*api.TailnetCoordinator.Load()).ServeMultiAgent(uuid.New()), nil
},
Expand Down
4 changes: 2 additions & 2 deletions coderd/oauthpki/oidcpki.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -243,7 +243,7 @@ func (src *jwtTokenSource) Token() (*oauth2.Token, error) {
}

if unmarshalError != nil {
return nil, fmt.Errorf("oauth2: cannot unmarshal token: %w", err)
return nil, xerrors.Errorf("oauth2: cannot unmarshal token: %w", err)
}

newToken := &oauth2.Token{
Expand All @@ -264,7 +264,7 @@ func (src *jwtTokenSource) Token() (*oauth2.Token, error) {
// decode returned id token to get expiry
claimSet, err := jws.Decode(v)
if err != nil {
return nil, fmt.Errorf("oauth2: error decoding JWT token: %w", err)
return nil, xerrors.Errorf("oauth2: error decoding JWT token: %w", err)
}
newToken.Expiry = time.Unix(claimSet.Exp, 0)
}
Expand Down
34 changes: 30 additions & 4 deletions coderd/tailnet.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,25 +44,49 @@ func NewServerTailnet(
ctx context.Context,
logger slog.Logger,
derpServer *derp.Server,
derpMap *tailcfg.DERPMap,
derpMapFn func() *tailcfg.DERPMap,
getMultiAgent func(context.Context) (tailnet.MultiAgentConn, error),
cache *wsconncache.Cache,
traceProvider trace.TracerProvider,
) (*ServerTailnet, error) {
logger = logger.Named("servertailnet")
originalDerpMap := derpMapFn()
conn, err := tailnet.NewConn(&tailnet.Options{
Addresses: []netip.Prefix{netip.PrefixFrom(tailnet.IP(), 128)},
DERPMap: derpMap,
DERPMap: originalDerpMap,
Logger: logger,
})
if err != nil {
return nil, xerrors.Errorf("create tailnet conn: %w", err)
}

serverCtx, cancel := context.WithCancel(ctx)
derpMapUpdaterClosed := make(chan struct{})
go func() {
defer close(derpMapUpdaterClosed)

ticker := time.NewTicker(5 * time.Second)
defer ticker.Stop()

for {
select {
case <-serverCtx.Done():
return
case <-ticker.C:
}

newDerpMap := derpMapFn()
if !tailnet.CompareDERPMaps(originalDerpMap, newDerpMap) {
conn.SetDERPMap(newDerpMap)
originalDerpMap = newDerpMap
}
}
}()

tn := &ServerTailnet{
ctx: serverCtx,
cancel: cancel,
derpMapUpdaterClosed: derpMapUpdaterClosed,
logger: logger,
tracer: traceProvider.Tracer(tracing.TracerName),
conn: conn,
Expand Down Expand Up @@ -237,8 +261,9 @@ func (s *ServerTailnet) reinitCoordinator() {
}

type ServerTailnet struct {
ctx context.Context
cancel func()
ctx context.Context
cancel func()
derpMapUpdaterClosed chan struct{}

logger slog.Logger
tracer trace.Tracer
Expand Down Expand Up @@ -403,5 +428,6 @@ func (s *ServerTailnet) Close() error {
_ = s.cache.Close()
_ = s.conn.Close()
s.transport.CloseIdleConnections()
<-s.derpMapUpdaterClosed
return nil
}
3 changes: 2 additions & 1 deletion coderd/tailnet_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ import (
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"go.opentelemetry.io/otel/trace"
"tailscale.com/tailcfg"

"cdr.dev/slog"
"cdr.dev/slog/sloggers/slogtest"
Expand Down Expand Up @@ -230,7 +231,7 @@ func setupAgent(t *testing.T, agentAddresses []netip.Prefix) (uuid.UUID, agent.A
context.Background(),
logger,
derpServer,
manifest.DERPMap,
func() *tailcfg.DERPMap { return manifest.DERPMap },
func(context.Context) (tailnet.MultiAgentConn, error) { return coord.ServeMultiAgent(uuid.New()), nil },
cache,
trace.NewNoopTracerProvider(),
Expand Down
1 change: 1 addition & 0 deletions enterprise/coderd/workspaceproxy.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -720,6 +720,7 @@ func (api *API) workspaceProxyRegister(rw http.ResponseWriter, r *http.Request)
AppSecurityKey: api.AppSecurityKey.String(),
DERPMeshKey: api.DERPServer.MeshKey(),
DERPRegionID: regionID,
DERPMap: api.AGPL.DERPMap(),
SiblingReplicas: siblingsRes,
})

Expand Down
15 changes: 8 additions & 7 deletions enterprise/wsproxy/wsproxy.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ import (
"golang.org/x/xerrors"
"tailscale.com/derp"
"tailscale.com/derp/derphttp"
"tailscale.com/tailcfg"
"tailscale.com/types/key"

"cdr.dev/slog"
Expand Down Expand Up @@ -119,7 +120,8 @@ type Server struct {
SDKClient *wsproxysdk.Client

// DERP
derpMesh *derpmesh.Mesh
derpMesh *derpmesh.Mesh
latestDERPMap *tailcfg.DERPMap

// Used for graceful shutdown. Required for the dialer.
ctx context.Context
Expand Down Expand Up @@ -239,17 +241,14 @@ func New(ctx context.Context, opts *Options) (*Server, error) {
return nil, xerrors.Errorf("parse app security key: %w", err)
}

connInfo, err := client.SDKClient.WorkspaceAgentConnectionInfoGeneric(ctx)
if err != nil {
return nil, xerrors.Errorf("get derpmap: %w", err)
}

var agentProvider workspaceapps.AgentProvider
if opts.Experiments.Enabled(codersdk.ExperimentSingleTailnet) {
stn, err := coderd.NewServerTailnet(ctx,
s.Logger,
nil,
connInfo.DERPMap,
func() *tailcfg.DERPMap {
return s.latestDERPMap
},
s.DialCoordinator,
wsconncache.New(s.DialWorkspaceAgent, 0),
s.TracerProvider,
Expand Down Expand Up @@ -456,6 +455,8 @@ func (s *Server) handleRegister(_ context.Context, res wsproxysdk.RegisterWorksp
}
s.derpMesh.SetAddresses(addresses, false)

s.latestDERPMap = res.DERPMap

return nil
}

Expand Down
8 changes: 5 additions & 3 deletions enterprise/wsproxy/wsproxysdk/wsproxysdk.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import (
"github.com/google/uuid"
"golang.org/x/xerrors"
"nhooyr.io/websocket"
"tailscale.com/tailcfg"
"tailscale.com/util/singleflight"

"cdr.dev/slog"
Expand Down Expand Up @@ -206,9 +207,10 @@ type RegisterWorkspaceProxyRequest struct {
}

type RegisterWorkspaceProxyResponse struct {
AppSecurityKey string `json:"app_security_key"`
DERPMeshKey string `json:"derp_mesh_key"`
DERPRegionID int32 `json:"derp_region_id"`
AppSecurityKey string `json:"app_security_key"`
DERPMeshKey string `json:"derp_mesh_key"`
DERPRegionID int32 `json:"derp_region_id"`
DERPMap *tailcfg.DERPMap `json:"derp_map"`
// SiblingReplicas is a list of all other replicas of the proxy that have
// not timed out.
SiblingReplicas []codersdk.Replica `json:"sibling_replicas"`
Expand Down