cluster: drop wg1.conf #58

Merged
karasz merged 5 commits from pr-amery-vxlan into main 4 months ago
  1. 2
      cmd/jpictl/list.go
  2. 2
      pkg/cluster/errors.go
  3. 64
      pkg/cluster/rings.go
  4. 22
      pkg/cluster/wireguard.go

2
cmd/jpictl/list.go

@ -108,7 +108,7 @@ func (*inventory) renderRingOneZone(out *tools.LazyBuffer, r *cluster.Region, z
z.ForEachMachine(func(m *cluster.Machine) bool { z.ForEachMachine(func(m *cluster.Machine) bool {
addr := m.RingOneAddress() addr := m.RingOneAddress()
cidr := netip.PrefixFrom(addr, 32) cidr := netip.PrefixFrom(addr, 32)
_ = out.Printf("%s\t\t%s-%v\n", cidr, m.Name, 1) _ = out.Printf("%s\t\t%s\n", cidr, m.Name)
return false return false
}) })
return nil return nil

2
pkg/cluster/errors.go

@ -25,5 +25,5 @@ var (
// ErrInvalidRing returns an error indicating the [rings.RingID] // ErrInvalidRing returns an error indicating the [rings.RingID]
// can't be used for the intended purpose // can't be used for the intended purpose
func ErrInvalidRing(ringID rings.RingID) error { func ErrInvalidRing(ringID rings.RingID) error {
return core.QuietWrap(fs.ErrInvalid, "invalid ring %v", ringID) return core.QuietWrap(fs.ErrInvalid, "invalid ring %v", ringID-1)
} }

64
pkg/cluster/rings.go

@ -27,8 +27,6 @@ func AsWireguardInterfaceID(ring rings.RingID) (WireguardInterfaceID, error) {
switch ring { switch ring {
case rings.RingZeroID: case rings.RingZeroID:
return 0, nil return 0, nil
case rings.RingOneID:
return 1, nil
default: default:
return 0, ErrInvalidRing(ring) return 0, ErrInvalidRing(ring)
} }
@ -148,17 +146,9 @@ var (
Decode: rings.DecodeRingZeroAddress, Decode: rings.DecodeRingZeroAddress,
Encode: rings.RingZeroAddress, Encode: rings.RingZeroAddress,
} }
// RingOne is a wg1 address encoder/decoder
RingOne = RingAddressEncoder{
ID: rings.RingOneID,
Port: RingOnePort,
Decode: rings.DecodeRingOneAddress,
Encode: rings.RingOneAddress,
}
// Rings provides indexed access to the ring address encoders // Rings provides indexed access to the ring address encoders
Rings = []RingAddressEncoder{ Rings = []RingAddressEncoder{
RingZero, RingZero,
RingOne,
} }
) )
@ -201,61 +191,17 @@ func (r *Ring) AddPeer(p *Machine) bool {
}, },
} }
switch { r.setRingZeroAllowedIPs(rp)
case r.ID == rings.RingZeroID:
r.setRingZeroAllowedIPs(rp)
case p.IsGateway():
r.setRingOneGatewayAllowedIPs(rp)
default:
r.setRingOneNodeAllowedIPs(rp)
}
r.Peers = append(r.Peers, rp) r.Peers = append(r.Peers, rp)
return true return true
} }
func (r *Ring) setRingZeroAllowedIPs(rp *RingPeer) { func (*Ring) setRingZeroAllowedIPs(rp *RingPeer) {
regionID, zoneID, _, _ := r.Decode(rp.Address) // ring0 peer
// everyone on ring0 is a gateway to ring1
subnet, _ := rings.RingOnePrefix(regionID, zoneID)
rp.AllowSubnet(subnet)
// peer
rp.AllowCIDR(rp.Address, 32)
}
func (r *Ring) setRingOneGatewayAllowedIPs(rp *RingPeer) {
regionID, zoneID, _, _ := r.Decode(rp.Address)
// peer
rp.AllowCIDR(rp.Address, 32) rp.AllowCIDR(rp.Address, 32)
// ring1 gateways connect to all other ring1 networks // everyone on ring0 has a leg on ring1
r.ForEachZone(func(z *Zone) bool { rp.AllowCIDR(rp.Node.RingOneAddress(), 32)
if !z.Is(regionID, zoneID) {
subnet := z.RingOnePrefix()
rp.AllowSubnet(subnet)
}
return false
})
// ring1 gateways also connect to all ring0 addresses
r.ForEachZone(func(z *Zone) bool {
z.ForEachMachine(func(p *Machine) bool {
if p.IsGateway() {
addr, _ := p.RingZeroAddress()
rp.AllowCIDR(addr, 32)
}
return false
})
return false
})
}
func (*Ring) setRingOneNodeAllowedIPs(rp *RingPeer) {
// only to the peer itself
rp.AllowCIDR(rp.Address, 32)
} }
// ForEachMachine calls a function for each Machine in the ring // ForEachMachine calls a function for each Machine in the ring

22
pkg/cluster/wireguard.go

@ -82,13 +82,6 @@ func (m *Cluster) WriteWireguardConfig(ring rings.RingID) error {
switch ring { switch ring {
case rings.RingZeroID: case rings.RingZeroID:
return writeWireguardConfig(m, m, ring) return writeWireguardConfig(m, m, ring)
case rings.RingOneID:
var err error
m.ForEachZone(func(z *Zone) bool {
err = writeWireguardConfig(m, z, ring)
return err != nil
})
return err
default: default:
return ErrInvalidRing(ring) return ErrInvalidRing(ring)
} }
@ -97,10 +90,12 @@ func (m *Cluster) WriteWireguardConfig(ring rings.RingID) error {
// WriteWireguardConfig rewrites all wgN.conf on all machines // WriteWireguardConfig rewrites all wgN.conf on all machines
// on the Zone attached to that ring // on the Zone attached to that ring
func (z *Zone) WriteWireguardConfig(ring rings.RingID) error { func (z *Zone) WriteWireguardConfig(ring rings.RingID) error {
if ring == rings.RingZeroID || ring == rings.RingOneID { switch ring {
case rings.RingZeroID:
return writeWireguardConfig(z.zones, z.zones, ring) return writeWireguardConfig(z.zones, z.zones, ring)
default:
return ErrInvalidRing(ring)
} }
return ErrInvalidRing(ring)
} }
func writeWireguardConfig(z ZoneIterator, m MachineIterator, ring rings.RingID) error { func writeWireguardConfig(z ZoneIterator, m MachineIterator, ring rings.RingID) error {
@ -161,13 +156,6 @@ func (m *Cluster) SyncWireguardConfig(ring rings.RingID) error {
switch ring { switch ring {
case rings.RingZeroID: case rings.RingZeroID:
return syncWireguardConfig(m, m, ring) return syncWireguardConfig(m, m, ring)
case rings.RingOneID:
var err error
m.ForEachZone(func(z *Zone) bool {
err = syncWireguardConfig(m, z, ring)
return err != nil
})
return err
default: default:
return ErrInvalidRing(ring) return ErrInvalidRing(ring)
} }
@ -179,8 +167,6 @@ func (z *Zone) SyncWireguardConfig(ring rings.RingID) error {
switch ring { switch ring {
case rings.RingZeroID: case rings.RingZeroID:
return syncWireguardConfig(z.zones, z.zones, ring) return syncWireguardConfig(z.zones, z.zones, ring)
case rings.RingOneID:
return syncWireguardConfig(z.zones, z, ring)
default: default:
return ErrInvalidRing(ring) return ErrInvalidRing(ring)
} }

Loading…
Cancel
Save