Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

chore: add derpserver to proxy, add proxies to derpmap#7311

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
deansheather merged 32 commits intomainfromdean/proxy-derp-map
Jul 26, 2023
Merged
Show file tree
Hide file tree
Changes from1 commit
Commits
Show all changes
32 commits
Select commitHold shift + click to select a range
eae4c3a
chore: add derpserver to proxy, add proxies to derpmap
deansheatherApr 27, 2023
ac99525
progress
deansheatherMay 1, 2023
4b68a0b
Merge branch 'main' into dean/proxy-derp-map
deansheatherMay 2, 2023
4ba7af6
progress
deansheatherMay 3, 2023
dcf072e
derp mesh probably working
deansheatherMay 4, 2023
2d2f1a3
deregister
deansheatherMay 4, 2023
28ae155
tests and various fixes
deansheatherMay 4, 2023
2baa362
Merge branch 'main' into dean/proxy-derp-map
deansheatherMay 4, 2023
5f5d4ff
more tests
deansheatherMay 5, 2023
5441dc8
merge main, remove proxy goingaway route
deansheatherMay 30, 2023
e4a3008
derp tests work
deansheatherMay 30, 2023
3caa692
Merge branch 'main' into dean/proxy-derp-map
deansheatherMay 30, 2023
404c3e4
update derp map on new connection
deansheatherMay 31, 2023
8544882
Merge branch 'main' into dean/proxy-derp-map
deansheatherJun 13, 2023
9b503fa
fixes
deansheatherJun 13, 2023
0e6d39a
tests for derp map changing
deansheatherJun 13, 2023
bb699fb
Merge branch 'main' into dean/proxy-derp-map
deansheatherJun 13, 2023
2943ac2
backwards compatible
deansheatherJun 20, 2023
f0fa578
other comments
deansheatherJun 20, 2023
9d90dc2
Merge branch 'main' into dean/proxy-derp-map
deansheatherJun 25, 2023
b405113
fixup! Merge branch 'main' into dean/proxy-derp-map
deansheatherJun 25, 2023
6a08a59
change derp map updates to be separate websocket
deansheatherJun 28, 2023
403eac5
Merge branch 'main' into dean/proxy-derp-map
deansheatherJul 17, 2023
d220266
Merge branch 'main' into dean/proxy-derp-map
deansheatherJul 24, 2023
9e658d6
fixup! Merge branch 'main' into dean/proxy-derp-map
deansheatherJul 24, 2023
67f2e5c
Working tests
deansheatherJul 25, 2023
3c96149
Merge branch 'main' into dean/proxy-derp-map
deansheatherJul 25, 2023
c26936a
fixup! Merge branch 'main' into dean/proxy-derp-map
deansheatherJul 25, 2023
e59de5a
fixup! Merge branch 'main' into dean/proxy-derp-map
deansheatherJul 25, 2023
2df067f
fixup! Merge branch 'main' into dean/proxy-derp-map
deansheatherJul 25, 2023
dfbfa96
Please
deansheatherJul 26, 2023
8223a35
fixup! Please
deansheatherJul 26, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
PrevPrevious commit
NextNext commit
Working tests
  • Loading branch information
@deansheather
deansheather committedJul 25, 2023
commit67f2e5cd831d18e3774db5999b28b454d91071ca
2 changes: 1 addition & 1 deletioncli/server.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -477,7 +477,7 @@ func (r *RootCmd) Server(newAPI func(context.Context, *coderd.Options) (*coderd.
AppHostnameRegex: appHostnameRegex,
Logger: logger.Named("coderd"),
Database: dbfake.New(),
DERPMap: derpMap,
BaseDERPMap: derpMap,
Pubsub: pubsub.NewInMemory(),
CacheDir: cacheDir,
GoogleTokenValidator: googleTokenValidator,
Expand Down
20 changes: 13 additions & 7 deletionscoderd/coderd.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -118,10 +118,13 @@ type Options struct {
RealIPConfig *httpmw.RealIPConfig
TrialGenerator func(ctx context.Context, email string) error
// TLSCertificates is used to mesh DERP servers securely.
TLSCertificates []tls.Certificate
TailnetCoordinator tailnet.Coordinator
DERPServer *derp.Server
DERPMap *tailcfg.DERPMap
TLSCertificates []tls.Certificate
TailnetCoordinator tailnet.Coordinator
DERPServer *derp.Server
// BaseDERPMap is used as the base DERP map for all clients and agents.
// Proxies are added to this list.
BaseDERPMap *tailcfg.DERPMap
DERPMapUpdateFrequency time.Duration
SwaggerEndpoint bool
SetUserGroups func(ctx context.Context, tx database.Store, userID uuid.UUID, groupNames []string) error
TemplateScheduleStore *atomic.Pointer[schedule.TemplateScheduleStore]
Expand DownExpand Up@@ -238,6 +241,9 @@ func New(options *Options) *API {
if options.DERPServer == nil {
options.DERPServer = derp.NewServer(key.NewNode(), tailnet.Logger(options.Logger.Named("derp")))
}
if options.DERPMapUpdateFrequency == 0 {
options.DERPMapUpdateFrequency = 5 * time.Second
}
if options.TailnetCoordinator == nil {
options.TailnetCoordinator = tailnet.NewCoordinator(options.Logger)
}
Expand DownExpand Up@@ -379,7 +385,7 @@ func New(options *Options) *API {
api.agentProvider, err = NewServerTailnet(api.ctx,
options.Logger,
options.DERPServer,
options.DERPMap,
options.BaseDERPMap,
func(context.Context) (tailnet.MultiAgentConn, error) {
return (*api.TailnetCoordinator.Load()).ServeMultiAgent(uuid.New()), nil
},
Expand DownExpand Up@@ -1107,10 +1113,10 @@ func (api *API) CreateInMemoryProvisionerDaemon(ctx context.Context, debounce ti
func (api *API) DERPMap() *tailcfg.DERPMap {
fn := api.DERPMapper.Load()
if fn != nil {
return (*fn)(api.Options.DERPMap)
return (*fn)(api.Options.BaseDERPMap)
}

return api.Options.DERPMap
return api.Options.BaseDERPMap
}

// nolint:revive
Expand Down
3 changes: 2 additions & 1 deletioncoderd/coderdtest/coderdtest.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -385,7 +385,8 @@ func NewOptions(t testing.TB, options *Options) (func(http.Handler), context.Can
TLSCertificates: options.TLSCertificates,
TrialGenerator: options.TrialGenerator,
TailnetCoordinator: options.Coordinator,
DERPMap: derpMap,
BaseDERPMap: derpMap,
DERPMapUpdateFrequency: 150 * time.Millisecond,
MetricsCacheRefreshInterval: options.MetricsCacheRefreshInterval,
AgentStatsRefreshInterval: options.AgentStatsRefreshInterval,
DeploymentValues: options.DeploymentValues,
Expand Down
16 changes: 6 additions & 10 deletionscoderd/httpapi/httpapi.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -151,11 +151,9 @@ func Write(ctx context.Context, rw http.ResponseWriter, status int, response int
enc := json.NewEncoder(rw)
enc.SetEscapeHTML(true)

err := enc.Encode(response)
if err != nil {
http.Error(rw, err.Error(), http.StatusInternalServerError)
return
}
// We can't really do much about these errors, it's probably due to a
// dropped connection.
_ = enc.Encode(response)
}

func WriteIndent(ctx context.Context, rw http.ResponseWriter, status int, response interface{}) {
Expand All@@ -169,11 +167,9 @@ func WriteIndent(ctx context.Context, rw http.ResponseWriter, status int, respon
enc.SetEscapeHTML(true)
enc.SetIndent("", "\t")

err := enc.Encode(response)
if err != nil {
http.Error(rw, err.Error(), http.StatusInternalServerError)
return
}
// We can't really do much about these errors, it's probably due to a
// dropped connection.
_ = enc.Encode(response)
}

// Read decodes JSON from the HTTP request into the value provided. It uses
Expand Down
5 changes: 4 additions & 1 deletioncoderd/workspaceagents.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -834,8 +834,9 @@ func (api *API) derpMapUpdates(rw http.ResponseWriter, r *http.Request) {
return
}
nconn := websocket.NetConn(ctx, ws, websocket.MessageBinary)
defer nconn.Close()

ticker := time.NewTicker(5 * time.Second)
ticker := time.NewTicker(api.Options.DERPMapUpdateFrequency)
defer ticker.Stop()

var lastDERPMap *tailcfg.DERPMap
Expand All@@ -857,6 +858,8 @@ func (api *API) derpMapUpdates(rw http.ResponseWriter, r *http.Request) {
return
case <-ticker.C:
}

ticker.Reset(api.Options.DERPMapUpdateFrequency)
}
}

Expand Down
101 changes: 101 additions & 0 deletionscoderd/workspaceagents_test.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -15,6 +15,7 @@ import (
"github.com/google/uuid"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"tailscale.com/tailcfg"

"cdr.dev/slog"
"cdr.dev/slog/sloggers/slogtest"
Expand All@@ -25,6 +26,7 @@ import (
"github.com/coder/coder/codersdk/agentsdk"
"github.com/coder/coder/provisioner/echo"
"github.com/coder/coder/provisionersdk/proto"
"github.com/coder/coder/tailnet/tailnettest"
"github.com/coder/coder/testutil"
)

Expand DownExpand Up@@ -1247,3 +1249,102 @@ func TestWorkspaceAgent_Startup(t *testing.T) {
require.Equal(t, http.StatusBadRequest, cerr.StatusCode())
})
}

// TestWorkspaceAgent_UpdatedDERP runs a real coderd server, with a real agent
// and a real client, and updates the DERP map live to ensure connections still
// work.
func TestWorkspaceAgent_UpdatedDERP(t *testing.T) {
t.Parallel()

logger := slogtest.Make(t, nil).Leveled(slog.LevelDebug)

dv := coderdtest.DeploymentValues(t)
err := dv.DERP.Config.BlockDirect.Set("true")
require.NoError(t, err)

client, closer, api := coderdtest.NewWithAPI(t, &coderdtest.Options{
IncludeProvisionerDaemon: true,
DeploymentValues: dv,
})
defer closer.Close()
user := coderdtest.CreateFirstUser(t, client)

originalDerpMap := api.DERPMap()
require.NotNil(t, originalDerpMap)

// Change the DERP mapper to our custom one.
currentDerpMap := originalDerpMap
derpMapFn := func(_ *tailcfg.DERPMap) *tailcfg.DERPMap {
return currentDerpMap
}
api.DERPMapper.Store(&derpMapFn)

// Start workspace a workspace agent.
agentToken := uuid.NewString()
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, &echo.Responses{
Parse: echo.ParseComplete,
ProvisionPlan: echo.ProvisionComplete,
ProvisionApply: echo.ProvisionApplyWithAgent(agentToken),
})
template := coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID)
coderdtest.AwaitTemplateVersionJob(t, client, version.ID)
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
agentClient := agentsdk.New(client.URL)
agentClient.SetSessionToken(agentToken)
agentCloser := agent.New(agent.Options{
Client: agentClient,
Logger: logger.Named("agent"),
})
defer func() {
_ = agentCloser.Close()
}()
resources := coderdtest.AwaitWorkspaceAgents(t, client, workspace.ID)
agentID := resources[0].Agents[0].ID

ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
defer cancel()

// Connect from a client.
conn1, err := client.DialWorkspaceAgent(ctx, agentID, &codersdk.DialWorkspaceAgentOptions{
Logger: logger.Named("client1"),
})
require.NoError(t, err)
defer conn1.Close()
ok := conn1.AwaitReachable(ctx)
require.True(t, ok)

// Change the DERP map and change the region ID.
newDerpMap, _ := tailnettest.RunDERPAndSTUN(t)
require.NotNil(t, newDerpMap)
newDerpMap.Regions[2] = newDerpMap.Regions[1]
delete(newDerpMap.Regions, 1)
newDerpMap.Regions[2].RegionID = 2
for _, node := range newDerpMap.Regions[2].Nodes {
node.RegionID = 2
}
currentDerpMap = newDerpMap

// Wait for the agent's DERP map to be updated.
// TODO: this

// Wait for the DERP map to be updated on the existing client.
require.Eventually(t, func() bool {
regionIDs := conn1.Conn.DERPMap().RegionIDs()
return len(regionIDs) == 1 && regionIDs[0] == 2
}, testutil.WaitLong, testutil.IntervalFast)

// The first client should still be able to reach the agent.
ok = conn1.AwaitReachable(ctx)
require.True(t, ok)

// Connect from a second client.
conn2, err := client.DialWorkspaceAgent(ctx, agentID, &codersdk.DialWorkspaceAgentOptions{
Logger: logger.Named("client2"),
})
require.NoError(t, err)
defer conn2.Close()
ok = conn2.AwaitReachable(ctx)
require.True(t, ok)
require.Equal(t, []int{2}, conn2.DERPMap().RegionIDs())
}
5 changes: 3 additions & 2 deletionscoderd/workspacebuilds_test.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -645,7 +645,8 @@ func TestWorkspaceBuildDebugMode(t *testing.T) {

// Create user
deploymentValues := coderdtest.DeploymentValues(t)
deploymentValues.EnableTerraformDebugMode = false
err := deploymentValues.EnableTerraformDebugMode.Set("false")
require.NoError(t, err)

adminClient := coderdtest.New(t, &coderdtest.Options{IncludeProvisionerDaemon: true, DeploymentValues: deploymentValues})
owner := coderdtest.CreateFirstUser(t, adminClient)
Expand All@@ -663,7 +664,7 @@ func TestWorkspaceBuildDebugMode(t *testing.T) {
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
defer cancel()

_, err:= adminClient.CreateWorkspaceBuild(ctx, workspace.ID, codersdk.CreateWorkspaceBuildRequest{
_, err = adminClient.CreateWorkspaceBuild(ctx, workspace.ID, codersdk.CreateWorkspaceBuildRequest{
TemplateVersionID: workspace.LatestBuild.TemplateVersionID,
Transition: codersdk.WorkspaceTransitionStart,
LogLevel: "debug",
Expand Down
44 changes: 32 additions & 12 deletionscodersdk/agentsdk/agentsdk.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -115,6 +115,20 @@ func (c *Client) Manifest(ctx context.Context) (Manifest, error) {
if err != nil {
return Manifest{}, err
}
err = c.rewriteDerpMap(agentMeta.DERPMap)
if err != nil {
return Manifest{}, err
}
return agentMeta, nil
}

// rewriteDerpMap rewrites the DERP map to use the access URL of the SDK as the
// "embedded relay" access URL. The passed derp map is modified in place.
//
// Agents can provide an arbitrary access URL that may be different that the
// globally configured one. This breaks the built-in DERP, which would continue
// to reference the global access URL.
func (c *Client) rewriteDerpMap(derpMap *tailcfg.DERPMap) error {
accessingPort := c.SDK.URL.Port()
if accessingPort == "" {
accessingPort = "80"
Expand All@@ -124,15 +138,9 @@ func (c *Client) Manifest(ctx context.Context) (Manifest, error) {
}
accessPort, err := strconv.Atoi(accessingPort)
if err != nil {
returnManifest{},xerrors.Errorf("convert accessing port %q: %w", accessingPort, err)
return xerrors.Errorf("convert accessing port %q: %w", accessingPort, err)
}
// Agents can provide an arbitrary access URL that may be different
// that the globally configured one. This breaks the built-in DERP,
// which would continue to reference the global access URL.
//
// This converts all built-in DERPs to use the access URL that the
// manifest request was performed with.
for _, region := range agentMeta.DERPMap.Regions {
for _, region := range derpMap.Regions {
if !region.EmbeddedRelay {
continue
}
Expand All@@ -146,7 +154,7 @@ func (c *Client) Manifest(ctx context.Context) (Manifest, error) {
node.ForceHTTP = c.SDK.URL.Scheme == "http"
}
}
returnagentMeta,nil
return nil
}

type DERPMapUpdate struct {
Expand DownExpand Up@@ -187,10 +195,14 @@ func (c *Client) DERPMapUpdates(ctx context.Context) (<-chan DERPMapUpdate, io.C
ctx, wsNetConn := websocketNetConn(ctx, conn, websocket.MessageBinary)
pingClosed := pingWebSocket(ctx, c.SDK.Logger(), conn, "derp map")

updates := make(chan DERPMapUpdate)
dec := json.NewDecoder(wsNetConn)
var (
updates = make(chan DERPMapUpdate)
updatesClosed = make(chan struct{})
dec = json.NewDecoder(wsNetConn)
)
go func() {
defer close(updates)
defer close(updatesClosed)
defer cancelFunc()
defer conn.Close(websocket.StatusGoingAway, "Listen closed")
for {
Expand All@@ -201,6 +213,13 @@ func (c *Client) DERPMapUpdates(ctx context.Context) (<-chan DERPMapUpdate, io.C
update.DERPMap = nil
return
}
err = c.rewriteDerpMap(update.DERPMap)
if err != nil {
update.Err = err
update.DERPMap = nil
return
}

select {
case updates <- update:
case <-ctx.Done():
Expand All@@ -212,8 +231,9 @@ func (c *Client) DERPMapUpdates(ctx context.Context) (<-chan DERPMapUpdate, io.C
return updates, &closer{
closeFunc: func() error {
cancelFunc()
_ =conn.Close(websocket.StatusGoingAway, "Listen closed")
_ =wsNetConn.Close()
<-pingClosed
<-updatesClosed
return nil
},
}, nil
Expand Down
2 changes: 1 addition & 1 deletionenterprise/coderd/coderdenttest/coderdenttest.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -86,7 +86,7 @@ func NewWithAPI(t *testing.T, options *Options) (
BrowserOnly: options.BrowserOnly,
SCIMAPIKey: options.SCIMAPIKey,
DERPServerRelayAddress: oop.AccessURL.String(),
DERPServerRegionID: oop.DERPMap.RegionIDs()[0],
DERPServerRegionID: oop.BaseDERPMap.RegionIDs()[0],
Options: oop,
EntitlementsUpdateInterval: options.EntitlementsUpdateInterval,
Keys: Keys,
Expand Down
2 changes: 1 addition & 1 deletionenterprise/coderd/workspaceproxy.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -569,7 +569,7 @@ func (api *API) workspaceProxyRegister(rw http.ResponseWriter, r *http.Request)
return
}

startingRegionID, _ := getProxyDERPStartingRegionID(api.Options.DERPMap)
startingRegionID, _ := getProxyDERPStartingRegionID(api.Options.BaseDERPMap)
regionID := int32(startingRegionID) + proxy.RegionID

err := api.Database.InTx(func(db database.Store) error {
Expand Down
[8]ページ先頭
©2009-2025 Movatter.jp