Compare commits

..

2 Commits

Author SHA1 Message Date
Alejandro Mery 3a586ecaf2 cluster: change wg0.conf to allow ring0/32 and ring1/32 on each peer 5 months ago
Alejandro Mery 8db87c6102 cluster: further remove wg1 support 5 months ago
  1. 45
      pkg/cluster/rings.go

45
pkg/cluster/rings.go

@ -191,12 +191,20 @@ func (r *Ring) AddPeer(p *Machine) bool {
}, },
} }
r.setRingZeroAllowedIPs(rp) switch {
case r.ID == rings.RingZeroID:
r.setRingZeroAllowedIPs(rp)
case p.IsGateway():
r.setRingOneGatewayAllowedIPs(rp)
default:
r.setRingOneNodeAllowedIPs(rp)
}
r.Peers = append(r.Peers, rp) r.Peers = append(r.Peers, rp)
return true return true
} }
func (*Ring) setRingZeroAllowedIPs(rp *RingPeer) { func (r *Ring) setRingZeroAllowedIPs(rp *RingPeer) {
// ring0 peer // ring0 peer
rp.AllowCIDR(rp.Address, 32) rp.AllowCIDR(rp.Address, 32)
@ -204,6 +212,39 @@ func (*Ring) setRingZeroAllowedIPs(rp *RingPeer) {
rp.AllowCIDR(rp.Node.RingOneAddress(), 32) rp.AllowCIDR(rp.Node.RingOneAddress(), 32)
} }
func (r *Ring) setRingOneGatewayAllowedIPs(rp *RingPeer) {
regionID, zoneID, _, _ := r.Decode(rp.Address)
// peer
rp.AllowCIDR(rp.Address, 32)
// ring1 gateways connect to all other ring1 networks
r.ForEachZone(func(z *Zone) bool {
if !z.Is(regionID, zoneID) {
subnet := z.RingOnePrefix()
rp.AllowSubnet(subnet)
}
return false
})
// ring1 gateways also connect to all ring0 addresses
r.ForEachZone(func(z *Zone) bool {
z.ForEachMachine(func(p *Machine) bool {
if p.IsGateway() {
addr, _ := p.RingZeroAddress()
rp.AllowCIDR(addr, 32)
}
return false
})
return false
})
}
func (*Ring) setRingOneNodeAllowedIPs(rp *RingPeer) {
// only to the peer itself
rp.AllowCIDR(rp.Address, 32)
}
// ForEachMachine calls a function for each Machine in the ring // ForEachMachine calls a function for each Machine in the ring
// until instructed to terminate the loop // until instructed to terminate the loop
func (r *Ring) ForEachMachine(fn func(*Machine) bool) { func (r *Ring) ForEachMachine(fn func(*Machine) bool) {

Loading…
Cancel
Save