From 9545f77cceae465c37cca1542efda55adea40839 Mon Sep 17 00:00:00 2001 From: Brian Picciano Date: Tue, 19 Nov 2024 12:50:58 +0100 Subject: [PATCH] Auto-configure device tunnel name, remove from daemon.yml --- go/daemon/children/nebula.go | 3 ++- go/daemon/daecommon/config.go | 11 ----------- go/daemon/daecommon/daemon.yml | 4 ---- go/daemon/daemon_test.go | 6 +++--- go/daemon/network/network_it_util_test.go | 7 ------- go/nebula/device.go | 18 ++++++++++++++++++ 6 files changed, 23 insertions(+), 26 deletions(-) create mode 100644 go/nebula/device.go diff --git a/go/daemon/children/nebula.go b/go/daemon/children/nebula.go index 687751d..d8dff6a 100644 --- a/go/daemon/children/nebula.go +++ b/go/daemon/children/nebula.go @@ -6,6 +6,7 @@ import ( "io" "isle/bootstrap" "isle/daemon/daecommon" + "isle/nebula" "isle/toolkit" "net" "path/filepath" @@ -116,7 +117,7 @@ func nebulaConfig( "respond": true, }, "tun": map[string]any{ - "dev": networkConfig.VPN.Tun.Device, + "dev": nebula.GetDeviceName(hostBootstrap.NetworkCreationParams.ID), }, "firewall": firewall, } diff --git a/go/daemon/daecommon/config.go b/go/daemon/daecommon/config.go index 8d0b567..b8de556 100644 --- a/go/daemon/daecommon/config.go +++ b/go/daemon/daecommon/config.go @@ -24,10 +24,6 @@ const ( //go:embed daemon.yml var defaultConfigB []byte -type ConfigTun struct { - Device string `yaml:"device"` -} - type ConfigFirewall struct { Outbound []ConfigFirewallRule `yaml:"outbound"` Inbound []ConfigFirewallRule `yaml:"inbound"` @@ -74,7 +70,6 @@ type NetworkConfig struct { VPN struct { PublicAddr string `yaml:"public_addr"` Firewall ConfigFirewall `yaml:"firewall"` - Tun ConfigTun `yaml:"tun"` } `yaml:"vpn"` Storage struct { Allocations []ConfigStorageAllocation `yaml:"allocations"` @@ -121,12 +116,6 @@ func (c *NetworkConfig) fillDefaults() { } } - if c.VPN.Tun.Device == "" { - // TODO if there are multiple Networks then each one needs a unique - // device name. - c.VPN.Tun.Device = "isle-tun" - } - nextRPCPort := 3900 for i := range c.Storage.Allocations { diff --git a/go/daemon/daecommon/daemon.yml b/go/daemon/daecommon/daemon.yml index 38c00fb..590df08 100644 --- a/go/daemon/daecommon/daemon.yml +++ b/go/daemon/daecommon/daemon.yml @@ -47,10 +47,6 @@ # # If any storage allocations are declared below, the ports used will be # # allowed here automatically. - #tun: - # Name of the tun network device which will route VPN traffic. - #device: isle-tun - #storage: # Allocations defined here are used to store data in the distributed storage diff --git a/go/daemon/daemon_test.go b/go/daemon/daemon_test.go index ee430a5..c7c0645 100644 --- a/go/daemon/daemon_test.go +++ b/go/daemon/daemon_test.go @@ -127,7 +127,7 @@ func TestNew(t *testing.T) { }) networkConfigB = daecommon.NewNetworkConfig(func(c *daecommon.NetworkConfig) { - c.VPN.Tun.Device = "bar" + c.VPN.PublicAddr = "1.2.3.4:5" }) networkConfigC = daecommon.NewNetworkConfig(func(c *daecommon.NetworkConfig) { @@ -189,7 +189,7 @@ func TestDaemon_SetConfig(t *testing.T) { }) networkConfig = daecommon.NewNetworkConfig(func(c *daecommon.NetworkConfig) { - c.VPN.Tun.Device = "foo" + c.VPN.PublicAddr = "1.2.3.4:5" }) ) @@ -220,7 +220,7 @@ func TestDaemon_SetConfig(t *testing.T) { }) ) - networkConfig.VPN.Tun.Device = "foo" + networkConfig.VPN.PublicAddr = "1.2.3.4:5" err := h.daemon.SetConfig(h.ctx, networkConfig) assert.ErrorIs(t, err, ErrManagedNetworkConfig) }) diff --git a/go/daemon/network/network_it_util_test.go b/go/daemon/network/network_it_util_test.go index 5a45f7e..9fe9a70 100644 --- a/go/daemon/network/network_it_util_test.go +++ b/go/daemon/network/network_it_util_test.go @@ -32,7 +32,6 @@ var ( ipNetCounter uint64 = 0 publicAddrPortCounter uint64 = 1024 - tunDeviceCounter uint64 = 0 ) func newIPNet() nebula.IPNet { @@ -56,10 +55,6 @@ func newPublicAddr() string { ) } -func newTunDevice() string { - return fmt.Sprintf("isle-test-%d", atomic.AddUint64(&tunDeviceCounter, 1)) -} - type integrationHarness struct { ctx context.Context logger *mlog.Logger @@ -129,8 +124,6 @@ func (h *integrationHarness) mkNetworkConfig( c.VPN.PublicAddr = newPublicAddr() } - c.VPN.Tun.Device = newTunDevice() - c.Storage.Allocations = make( []daecommon.ConfigStorageAllocation, opts.numStorageAllocs, ) diff --git a/go/nebula/device.go b/go/nebula/device.go new file mode 100644 index 0000000..a9100f1 --- /dev/null +++ b/go/nebula/device.go @@ -0,0 +1,18 @@ +package nebula + +import ( + "fmt" + "sync/atomic" +) + +var deviceCounter = new(atomic.Uint64) + +// GetDeviceName returns the network device name to use for a particular +// network. Each returns name is gauranteed to be unique for the lifetime of the +// process. +func GetDeviceName(networkID string) string { + i := deviceCounter.Add(1) - 1 + // the returned string will be too long for linux, but it will get + // automatically truncated. + return fmt.Sprintf("isle%d-%s", i, networkID) +}