NotificationsYou must be signed in to change notification settings
Fork928
Star10.1k

Commitb87fd81

committed

fix(wsconncache): only allow one peer per connection

If an agent went away and reconnected, the wsconncache connection wouldbe polluted for about 10m because there would be two peers with thesame IP. The old peer always had priority, which caused the dashboard totry and always dial the old peer until it was removed.Fixes:#5292

1 parentb0a1615 commitb87fd81Copy full SHA for b87fd81

File tree

2 files changed

+39

-6

lines changed

coderd
- workspaceagents.go
tailnet
- conn.go

2 files changed

+39

-6

lines changed

`‎coderd/workspaceagents.go`

Lines changed: 14 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -402,11 +402,6 @@ func (api API) workspaceAgentListeningPorts(rw http.ResponseWriter, r http.Req`
`402`	`402`
`403`	`403`	`func (apiAPI)dialWorkspaceAgentTailnet(rhttp.Request,agentID uuid.UUID) (*codersdk.AgentConn,error) {`
`404`	`404`	`clientConn,serverConn:=net.Pipe()`
`405`		`-gofunc() {`
`406`		`-<-r.Context().Done()`
`407`		`-_=clientConn.Close()`
`408`		`-_=serverConn.Close()`
`409`		`-}()`
`410`	`405`
`411`	`406`	`derpMap:=api.DERPMap.Clone()`
`412`	`407`	`for_,region:=rangederpMap.Regions {`
`@@ -453,7 +448,16 @@ func (api API) dialWorkspaceAgentTailnet(r http.Request, agentID uuid.UUID) (*`
`453`	`448`	`}`
`454`	`449`
`455`	`450`	`sendNodes,_:=tailnet.ServeCoordinator(clientConn,func(node []*tailnet.Node)error {`
`456`		`-returnconn.UpdateNodes(node)`
	`451`	`+err:=conn.RemoveAllPeers()`
	`452`	`+iferr!=nil {`
	`453`	`+returnxerrors.Errorf("remove all peers: %w",err)`
	`454`	`+}`
	`455`	`+`
	`456`	`+err=conn.UpdateNodes(node)`
	`457`	`+iferr!=nil {`
	`458`	`+returnxerrors.Errorf("update nodes: %w",err)`
	`459`	`+}`
	`460`	`+returnnil`
`457`	`461`	`})`
`458`	`462`	`conn.SetNodeCallback(sendNodes)`
`459`	`463`	`gofunc() {`
`@@ -465,6 +469,10 @@ func (api API) dialWorkspaceAgentTailnet(r http.Request, agentID uuid.UUID) (*`
`465`	`469`	`}()`
`466`	`470`	`return&codersdk.AgentConn{`
`467`	`471`	`Conn:conn,`
	`472`	`+CloseFunc:func() {`
	`473`	`+_=clientConn.Close()`
	`474`	`+_=serverConn.Close()`
	`475`	`+},`
`468`	`476`	`},nil`
`469`	`477`	`}`
`470`	`478`

`‎tailnet/conn.go`

Lines changed: 25 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -325,6 +325,31 @@ func (c Conn) SetDERPMap(derpMap tailcfg.DERPMap) {`
`325`	`325`	`c.wireguardEngine.SetDERPMap(derpMap)`
`326`	`326`	`}`
`327`	`327`
	`328`	`+func (c*Conn)RemoveAllPeers()error {`
	`329`	`+c.mutex.Lock()`
	`330`	`+deferc.mutex.Unlock()`
	`331`	`+`
	`332`	`+c.netMap.Peers= []*tailcfg.Node{}`
	`333`	`+c.peerMap=map[tailcfg.NodeID]*tailcfg.Node{}`
	`334`	`+netMapCopy:=*c.netMap`
	`335`	`+c.wireguardEngine.SetNetworkMap(&netMapCopy)`
	`336`	`+cfg,err:=nmcfg.WGCfg(c.netMap,Logger(c.logger.Named("wgconfig")),netmap.AllowSingleHosts,"")`
	`337`	`+iferr!=nil {`
	`338`	`+returnxerrors.Errorf("update wireguard config: %w",err)`
	`339`	`+}`
	`340`	`+err=c.wireguardEngine.Reconfig(cfg,c.wireguardRouter,&dns.Config{},&tailcfg.Debug{})`
	`341`	`+iferr!=nil {`
	`342`	`+ifc.isClosed() {`
	`343`	`+returnnil`
	`344`	`+}`
	`345`	`+iferrors.Is(err,wgengine.ErrNoChanges) {`
	`346`	`+returnnil`
	`347`	`+}`
	`348`	`+returnxerrors.Errorf("reconfig: %w",err)`
	`349`	`+}`
	`350`	`+returnnil`
	`351`	`+}`
	`352`	`+`
`328`	`353`	`// UpdateNodes connects with a set of peers. This can be constantly updated,`
`329`	`354`	`// and peers will continually be reconnected as necessary.`
`330`	`355`	`func (cConn)UpdateNodes(nodes []Node)error {`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitb87fd81

File tree

2 files changed

2 files changed

`‎coderd/workspaceagents.go`

`‎tailnet/conn.go`

0 commit comments