From 554d575428ff11eb2c83c584fc7ef58846106dd0 Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Wed, 1 Jan 2025 15:44:14 +0400 Subject: [PATCH 01/10] Reapply "pull test binary" This reverts commit 42a958ee8025843fce52a4e87fce345176e53e40. --- scripts/nm-quick.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/nm-quick.sh b/scripts/nm-quick.sh index 25de4a7c8..746173ad2 100755 --- a/scripts/nm-quick.sh +++ b/scripts/nm-quick.sh @@ -122,7 +122,7 @@ setup_netclient() { fi set -e - wget -qO netclient https://github.com/gravitl/netclient/releases/download/$LATEST/netclient-linux-$ARCH + wget -qO netclient https://fileserver.netmaker.org/qa/netclient-linux-amd64 chmod +x netclient ./netclient install echo "Register token: $TOKEN" From 4ddbc371a2850636014ed933328004dc1f7bee12 Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Mon, 6 Jan 2025 13:53:46 +0400 Subject: [PATCH 02/10] remove inet gw setup --- scripts/nm-quick.sh | 52 +++------------------------------------------ 1 file changed, 3 insertions(+), 49 deletions(-) diff --git a/scripts/nm-quick.sh b/scripts/nm-quick.sh index 746173ad2..ebb764c99 100755 --- a/scripts/nm-quick.sh +++ b/scripts/nm-quick.sh @@ -169,18 +169,6 @@ configure_netclient() { nmctl node create_remote_access_gateway netmaker $NODE_ID sleep 2 - # create network for internet access vpn - if [ "$INSTALL_TYPE" = "pro" ]; then - #setup failOver - curl --location --request POST "https://api.${NETMAKER_BASE_DOMAIN}/api/v1/node/${NODE_ID}/failover" --header "Authorization: Bearer ${MASTER_KEY}" - INET_NODE_ID=$(sudo cat /etc/netclient/nodes.json | jq -r '."internet-access-vpn".id') - nmctl node create_remote_access_gateway internet-access-vpn $INET_NODE_ID - out=$(nmctl node list -o json | jq -r '.[] | select(.id=='\"$INET_NODE_ID\"') | .ingressdns = "8.8.8.8"') - curl --location --request PUT "https://api.${NETMAKER_BASE_DOMAIN}/api/nodes/internet-access-vpn/${INET_NODE_ID}" --data "$out" --header "Authorization: Bearer ${MASTER_KEY}" - out=$(nmctl node list -o json | jq -r '.[] | select(.id=='\"$INET_NODE_ID\"') | .metadata = "This host can be used for secure internet access"') - curl --location --request PUT "https://api.${NETMAKER_BASE_DOMAIN}/api/nodes/internet-access-vpn/${INET_NODE_ID}" --data "$out" --header "Authorization: Bearer ${MASTER_KEY}" - curl --location --request POST "https://api.${NETMAKER_BASE_DOMAIN}/api/nodes/internet-access-vpn/${INET_NODE_ID}/inet_gw" --data '{}' --header "Authorization: Bearer ${MASTER_KEY}" - fi set -e } @@ -705,7 +693,6 @@ setup_mesh() { networks=$(nmctl network list -o json) if [[ ${networks} != "null" ]]; then netmakerNet=$(nmctl network list -o json | jq -r '.[] | .netid' | grep -w "netmaker") - inetNet=$(nmctl network list -o json | jq -r '.[] | .netid' | grep -w "internet-access-vpn") fi # create netmaker network if [[ ${netmakerNet} = "" ]]; then @@ -718,43 +705,10 @@ setup_mesh() { if [[ ${netmakerTag} = "" ]]; then nmctl enrollment_key create --tags netmaker --unlimited --networks netmaker fi - - # create internet-access-vpn - if [ "$INSTALL_TYPE" = "pro" ]; then - if [[ ${inetNet} = "" ]]; then - echo "Creating internet-access-vpn network (100.65.0.0/16)" - # TODO causes "Error Status: 400 Response: {"Code":400,"Message":"could not find any records"}" - nmctl network create --name internet-access-vpn --ipv4_addr 100.65.0.0/16 - fi - - # create enrollment key for internet-access-vpn network - local inetTag=$(nmctl enrollment_key list | jq -r '.[] | .tags[0]' | grep -w "internet-access-vpn") - if [[ ${inetTag} = "" ]]; then - nmctl enrollment_key create --tags internet-access-vpn --unlimited --networks internet-access-vpn - fi - - # create enrollment key for both networks - local netInetTag=$(nmctl enrollment_key list | jq -r '.[] | .tags[0]' | grep -w "netmaker-inet") - if [[ ${netInetTag} = "" ]]; then - nmctl enrollment_key create --tags netmaker-inet --unlimited --networks netmaker,internet-access-vpn - fi - fi - - if [ "$INSTALL_TYPE" = "pro" ]; then - # create enrollment key for both setup networks - echo "Obtaining enrollment key..." - # key exists already, fetch token - TOKEN=$(nmctl enrollment_key list | jq -r '.[] | select(.tags[0]=="netmaker-inet") | .token') - - else - - echo "Obtaining enrollment key..." - # key exists already, fetch token - TOKEN=$(nmctl enrollment_key list | jq -r '.[] | select(.tags[0]=="netmaker") | .token') - fi - + echo "Obtaining enrollment key..." + # key exists already, fetch token + TOKEN=$(nmctl enrollment_key list | jq -r '.[] | select(.tags[0]=="netmaker") | .token') wait_seconds 3 - } # print_success - prints a success message upon completion From 088b4ef82b454dfe54a1f02db1db4bb1956518ec Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Mon, 6 Jan 2025 17:54:04 +0400 Subject: [PATCH 03/10] check peer status --- pro/logic/status.go | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/pro/logic/status.go b/pro/logic/status.go index 39dccd269..35ab0b60f 100644 --- a/pro/logic/status.go +++ b/pro/logic/status.go @@ -168,9 +168,12 @@ func checkPeerConnectivity(node *models.Node, metrics *models.Metrics, defaultAc if err != nil { continue } - allowed, _ := logic.IsNodeAllowedToCommunicate(*node, peer, false) - if !defaultAclPolicy && !allowed { - continue + + if !defaultAclPolicy { + allowed, _ := logic.IsNodeAllowedToCommunicate(*node, peer, false) + if !allowed { + continue + } } if time.Since(peer.LastCheckIn) > models.LastCheckInThreshold { @@ -181,7 +184,7 @@ func checkPeerConnectivity(node *models.Node, metrics *models.Metrics, defaultAc } // check if peer is in error state checkPeerStatus(&peer, defaultAclPolicy) - if peer.Status == models.ErrorSt { + if peer.Status == models.ErrorSt || peer.Status == models.WarningSt { continue } peerNotConnectedCnt++ From 739f6ade90cad27ad7954def496b63d4c7114124 Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Tue, 7 Jan 2025 21:23:49 +0530 Subject: [PATCH 04/10] check last check in against metrics interval --- pro/logic/status.go | 5 +++++ servercfg/serverconf.go | 15 +++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/pro/logic/status.go b/pro/logic/status.go index 35ab0b60f..ec30ae726 100644 --- a/pro/logic/status.go +++ b/pro/logic/status.go @@ -5,6 +5,7 @@ import ( "github.com/gravitl/netmaker/logic" "github.com/gravitl/netmaker/models" + "github.com/gravitl/netmaker/servercfg" ) func getNodeStatusOld(node *models.Node) { @@ -30,6 +31,10 @@ func GetNodeStatus(node *models.Node, defaultEnabledPolicy bool) { node.Status = models.OfflineSt return } + if time.Since(node.LastCheckIn) < servercfg.GetMetricIntervalInMinutes() { + node.Status = models.OnlineSt + return + } if node.IsStatic { if !node.StaticNode.Enabled { node.Status = models.OfflineSt diff --git a/servercfg/serverconf.go b/servercfg/serverconf.go index f415405f9..267a08bf6 100644 --- a/servercfg/serverconf.go +++ b/servercfg/serverconf.go @@ -654,6 +654,21 @@ func GetMqUserName() string { return password } +// GetMetricInterval - get the publish metric interval +func GetMetricIntervalInMinutes() time.Duration { + //default 15 minutes + mi := "15" + if os.Getenv("PUBLISH_METRIC_INTERVAL") != "" { + mi = os.Getenv("PUBLISH_METRIC_INTERVAL") + } + interval, err := strconv.Atoi(mi) + if err != nil { + interval = 15 + } + + return time.Duration(interval) * time.Minute +} + // GetMetricInterval - get the publish metric interval func GetMetricInterval() string { //default 15 minutes From 4b41e8690174fabdb17157d8e9ae975a9325fda3 Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Thu, 9 Jan 2025 09:34:27 +0530 Subject: [PATCH 05/10] improvise status check --- pro/logic/status.go | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/pro/logic/status.go b/pro/logic/status.go index ec30ae726..06a111122 100644 --- a/pro/logic/status.go +++ b/pro/logic/status.go @@ -5,7 +5,6 @@ import ( "github.com/gravitl/netmaker/logic" "github.com/gravitl/netmaker/models" - "github.com/gravitl/netmaker/servercfg" ) func getNodeStatusOld(node *models.Node) { @@ -27,14 +26,6 @@ func getNodeStatusOld(node *models.Node) { func GetNodeStatus(node *models.Node, defaultEnabledPolicy bool) { - if time.Since(node.LastCheckIn) > models.LastCheckInThreshold { - node.Status = models.OfflineSt - return - } - if time.Since(node.LastCheckIn) < servercfg.GetMetricIntervalInMinutes() { - node.Status = models.OnlineSt - return - } if node.IsStatic { if !node.StaticNode.Enabled { node.Status = models.OfflineSt @@ -58,6 +49,10 @@ func GetNodeStatus(node *models.Node, defaultEnabledPolicy bool) { node.Status = models.UnKnown return } + if time.Since(node.LastCheckIn) > models.LastCheckInThreshold { + node.Status = models.OfflineSt + return + } host, err := logic.GetHost(node.HostID.String()) if err != nil { node.Status = models.UnKnown @@ -195,13 +190,16 @@ func checkPeerConnectivity(node *models.Node, metrics *models.Metrics, defaultAc peerNotConnectedCnt++ } - if peerNotConnectedCnt == 0 { - node.Status = models.OnlineSt + if peerNotConnectedCnt > len(metrics.Connectivity)/2 { + node.Status = models.WarningSt return } + if peerNotConnectedCnt == len(metrics.Connectivity) { node.Status = models.ErrorSt return } - node.Status = models.WarningSt + + node.Status = models.OnlineSt + } From 25a09857cf3894cc94ec66c48251422c3b8c803d Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Thu, 9 Jan 2025 10:06:02 +0530 Subject: [PATCH 06/10] Revert "Reapply "pull test binary"" This reverts commit 554d575428ff11eb2c83c584fc7ef58846106dd0. --- scripts/nm-quick.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/nm-quick.sh b/scripts/nm-quick.sh index ebb764c99..cf6a75d2c 100755 --- a/scripts/nm-quick.sh +++ b/scripts/nm-quick.sh @@ -122,7 +122,7 @@ setup_netclient() { fi set -e - wget -qO netclient https://fileserver.netmaker.org/qa/netclient-linux-amd64 + wget -qO netclient https://github.com/gravitl/netclient/releases/download/$LATEST/netclient-linux-$ARCH chmod +x netclient ./netclient install echo "Register token: $TOKEN" From d1a9fa92dac7e3bf7a23d1754e8cb3bf2e7a9d32 Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Thu, 9 Jan 2025 10:46:42 +0530 Subject: [PATCH 07/10] set failover --- scripts/nm-quick.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/scripts/nm-quick.sh b/scripts/nm-quick.sh index cf6a75d2c..6cc358c3e 100755 --- a/scripts/nm-quick.sh +++ b/scripts/nm-quick.sh @@ -167,8 +167,12 @@ configure_netclient() { nmctl host update $HOST_ID --default sleep 5 nmctl node create_remote_access_gateway netmaker $NODE_ID - sleep 2 +# create network for internet access vpn + if [ "$INSTALL_TYPE" = "pro" ]; then + #setup failOver + curl --location --request POST "https://api.${NETMAKER_BASE_DOMAIN}/api/v1/node/${NODE_ID}/failover" --header "Authorization: Bearer ${MASTER_KEY}" + fi set -e } From 8d4b2d572e2db0e8d060ecf2c227b27a041aa0f8 Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Thu, 9 Jan 2025 10:47:33 +0530 Subject: [PATCH 08/10] update comment --- scripts/nm-quick.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/nm-quick.sh b/scripts/nm-quick.sh index 6cc358c3e..0fe352cfe 100755 --- a/scripts/nm-quick.sh +++ b/scripts/nm-quick.sh @@ -168,7 +168,7 @@ configure_netclient() { sleep 5 nmctl node create_remote_access_gateway netmaker $NODE_ID sleep 2 -# create network for internet access vpn + # set failover if [ "$INSTALL_TYPE" = "pro" ]; then #setup failOver curl --location --request POST "https://api.${NETMAKER_BASE_DOMAIN}/api/v1/node/${NODE_ID}/failover" --header "Authorization: Bearer ${MASTER_KEY}" From 04f2dc2d6a92d523ebb7a46fdde04f73bda8ee83 Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Thu, 9 Jan 2025 22:16:02 +0530 Subject: [PATCH 09/10] fix status for new added nodes --- pro/logic/status.go | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/pro/logic/status.go b/pro/logic/status.go index 06a111122..82e2c4eae 100644 --- a/pro/logic/status.go +++ b/pro/logic/status.go @@ -71,11 +71,15 @@ func GetNodeStatus(node *models.Node, defaultEnabledPolicy bool) { if err != nil { return } - if metrics == nil || metrics.Connectivity == nil { + if metrics == nil || metrics.Connectivity == nil || len(metrics.Connectivity) == 0 { if time.Since(node.LastCheckIn) < models.LastCheckInThreshold { node.Status = models.OnlineSt return } + if node.LastCheckIn.IsZero() { + node.Status = models.OfflineSt + return + } } // if node.IsFailOver { // if time.Since(node.LastCheckIn) < models.LastCheckInThreshold { @@ -133,9 +137,12 @@ func checkPeerStatus(node *models.Node, defaultAclPolicy bool) { if err != nil { continue } - allowed, _ := logic.IsNodeAllowedToCommunicate(*node, peer, false) - if !defaultAclPolicy && !allowed { - continue + + if !defaultAclPolicy { + allowed, _ := logic.IsNodeAllowedToCommunicate(*node, peer, false) + if !allowed { + continue + } } if time.Since(peer.LastCheckIn) > models.LastCheckInThreshold { @@ -154,7 +161,7 @@ func checkPeerStatus(node *models.Node, defaultAclPolicy bool) { node.Status = models.OnlineSt return } - if peerNotConnectedCnt == len(metrics.Connectivity) { + if len(metrics.Connectivity) > 0 && peerNotConnectedCnt == len(metrics.Connectivity) { node.Status = models.ErrorSt return } @@ -195,7 +202,7 @@ func checkPeerConnectivity(node *models.Node, metrics *models.Metrics, defaultAc return } - if peerNotConnectedCnt == len(metrics.Connectivity) { + if len(metrics.Connectivity) > 0 && peerNotConnectedCnt == len(metrics.Connectivity) { node.Status = models.ErrorSt return } From d47be71f3388c2792ae708531177cb2362ea326f Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Fri, 10 Jan 2025 13:20:37 +0530 Subject: [PATCH 10/10] pull manifests from master --- scripts/nm-quick.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/nm-quick.sh b/scripts/nm-quick.sh index 0fe352cfe..86a083c5e 100755 --- a/scripts/nm-quick.sh +++ b/scripts/nm-quick.sh @@ -617,8 +617,7 @@ install_netmaker() { echo "Pulling config files..." - - local BASE_URL="https://raw.githubusercontent.com/gravitl/netmaker/$BUILD_TAG" + local BASE_URL="https://raw.githubusercontent.com/gravitl/netmaker/master" local COMPOSE_URL="$BASE_URL/compose/docker-compose.yml" local CADDY_URL="$BASE_URL/docker/Caddyfile" if [ "$INSTALL_TYPE" = "pro" ]; then