diff --git a/management/server/account.go b/management/server/account.go index 5a945968a..0aecbd586 100644 --- a/management/server/account.go +++ b/management/server/account.go @@ -54,7 +54,8 @@ const ( emptyUserID = "empty user ID in claims" errorGettingDomainAccIDFmt = "error getting account ID by private domain: %v" - envNewNetworkMapBuilder = "NB_EXPERIMENT_NETWORK_MAP" + envNewNetworkMapBuilder = "NB_EXPERIMENT_NETWORK_MAP" + envNewNetworkMapAccounts = "NB_EXPERIMENT_NETWORK_MAP_ACCOUNTS" ) type userLoggedInOnce bool @@ -114,7 +115,8 @@ type DefaultAccountManager struct { holder *types.Holder - expNewNetworkMap bool + expNewNetworkMap bool + expNewNetworkMapAIDs map[string]struct{} } func isUniqueConstraintError(err error) bool { @@ -208,6 +210,12 @@ func BuildManager( newNetworkMapBuilder = false } + ids := strings.Split(os.Getenv(envNewNetworkMapAccounts), ",") + expIDs := make(map[string]struct{}, len(ids)) + for _, id := range ids { + expIDs[id] = struct{}{} + } + am := &DefaultAccountManager{ Store: store, geo: geo, @@ -231,7 +239,8 @@ func BuildManager( disableDefaultPolicy: disableDefaultPolicy, holder: types.NewHolder(), - expNewNetworkMap: newNetworkMapBuilder, + expNewNetworkMap: newNetworkMapBuilder, + expNewNetworkMapAIDs: expIDs, } am.startWarmup(ctx) diff --git a/management/server/networkmap.go b/management/server/networkmap.go index e0271964c..2270d16cc 100644 --- a/management/server/networkmap.go +++ b/management/server/networkmap.go @@ -50,7 +50,7 @@ func (am *DefaultAccountManager) recalculateNetworkMapCache(account *types.Accou } func (am *DefaultAccountManager) RecalculateNetworkMapCache(ctx context.Context, accountId string) error { - if am.expNewNetworkMap { + if am.experimentalNetworkMap(accountId) { account, err := am.requestBuffer.GetAccountWithBackpressure(ctx, accountId) if err != nil { return err @@ -64,3 +64,8 @@ func (am *DefaultAccountManager) RecalculateNetworkMapCache(ctx context.Context, } return nil } + +func (am *DefaultAccountManager) experimentalNetworkMap(accountId string) bool { + _, ok := am.expNewNetworkMapAIDs[accountId] + return am.expNewNetworkMap || ok +} diff --git a/management/server/peer.go b/management/server/peer.go index da4371f55..ba9b71f26 100644 --- a/management/server/peer.go +++ b/management/server/peer.go @@ -145,7 +145,7 @@ func (am *DefaultAccountManager) MarkPeerConnected(ctx context.Context, peerPubK } if expired { - if am.expNewNetworkMap { + if am.experimentalNetworkMap(accountID) { am.updatePeerInNetworkMapCache(peer.AccountID, peer) } // we need to update other peers because when peer login expires all other peers are notified to disconnect from @@ -324,7 +324,7 @@ func (am *DefaultAccountManager) UpdatePeer(ctx context.Context, accountID, user } } - if am.expNewNetworkMap { + if am.experimentalNetworkMap(accountID) { am.updatePeerInNetworkMapCache(peer.AccountID, peer) } @@ -394,7 +394,7 @@ func (am *DefaultAccountManager) DeletePeer(ctx context.Context, accountID, peer storeEvent() } - if updateAccountPeers && am.expNewNetworkMap { + if updateAccountPeers && am.experimentalNetworkMap(accountID) { account, err := am.requestBuffer.GetAccountWithBackpressure(ctx, accountID) if err != nil { return err @@ -444,7 +444,7 @@ func (am *DefaultAccountManager) GetNetworkMap(ctx context.Context, peerID strin var networkMap *types.NetworkMap - if am.expNewNetworkMap { + if am.experimentalNetworkMap(peer.AccountID) { networkMap = am.getPeerNetworkMapExp(ctx, peer.AccountID, peerID, validatedPeers, customZone, nil) } else { networkMap = account.GetPeerNetworkMap(ctx, peer.ID, customZone, validatedPeers, account.GetResourcePoliciesMap(), account.GetResourceRoutersMap(), nil) @@ -726,7 +726,7 @@ func (am *DefaultAccountManager) AddPeer(ctx context.Context, accountID, setupKe am.StoreEvent(ctx, opEvent.InitiatorID, opEvent.TargetID, opEvent.AccountID, opEvent.Activity, opEvent.Meta) - if am.expNewNetworkMap { + if am.experimentalNetworkMap(accountID) { account, err := am.requestBuffer.GetAccountWithBackpressure(ctx, accountID) if err != nil { return nil, nil, nil, err @@ -825,7 +825,7 @@ func (am *DefaultAccountManager) SyncPeer(ctx context.Context, sync types.PeerSy } if isStatusChanged || sync.UpdateAccountPeers || (updated && (len(postureChecks) > 0 || versionChanged)) { - if am.expNewNetworkMap { + if am.experimentalNetworkMap(accountID) { am.updatePeerInNetworkMapCache(peer.AccountID, peer) } am.BufferUpdateAccountPeers(ctx, accountID) @@ -953,7 +953,7 @@ func (am *DefaultAccountManager) LoginPeer(ctx context.Context, login types.Peer } if updateRemotePeers || isStatusChanged || (isPeerUpdated && len(postureChecks) > 0) { - if am.expNewNetworkMap { + if am.experimentalNetworkMap(accountID) { am.updatePeerInNetworkMapCache(peer.AccountID, peer) } am.BufferUpdateAccountPeers(ctx, accountID) @@ -1094,7 +1094,7 @@ func (am *DefaultAccountManager) getValidatedPeerWithMap(ctx context.Context, is var networkMap *types.NetworkMap - if am.expNewNetworkMap { + if am.experimentalNetworkMap(accountID) { networkMap = am.getPeerNetworkMapExp(ctx, peer.AccountID, peer.ID, approvedPeersMap, customZone, am.metrics.AccountManagerMetrics()) } else { networkMap = account.GetPeerNetworkMap(ctx, peer.ID, customZone, approvedPeersMap, account.GetResourcePoliciesMap(), account.GetResourceRoutersMap(), am.metrics.AccountManagerMetrics()) @@ -1232,7 +1232,7 @@ func (am *DefaultAccountManager) UpdateAccountPeers(ctx context.Context, account account *types.Account err error ) - if am.expNewNetworkMap { + if am.experimentalNetworkMap(accountID) { account = am.getAccountFromHolder(accountID) } else { account, err = am.requestBuffer.GetAccountWithBackpressure(ctx, accountID) @@ -1272,7 +1272,7 @@ func (am *DefaultAccountManager) UpdateAccountPeers(ctx context.Context, account resourcePolicies := account.GetResourcePoliciesMap() routers := account.GetResourceRoutersMap() - if am.expNewNetworkMap { + if am.experimentalNetworkMap(accountID) { am.initNetworkMapBuilderIfNeeded(account, approvedPeersMap) } @@ -1315,7 +1315,7 @@ func (am *DefaultAccountManager) UpdateAccountPeers(ctx context.Context, account var remotePeerNetworkMap *types.NetworkMap - if am.expNewNetworkMap { + if am.experimentalNetworkMap(accountID) { remotePeerNetworkMap = am.getPeerNetworkMapExp(ctx, p.AccountID, p.ID, approvedPeersMap, customZone, am.metrics.AccountManagerMetrics()) } else { remotePeerNetworkMap = account.GetPeerNetworkMap(ctx, p.ID, customZone, approvedPeersMap, resourcePolicies, routers, am.metrics.AccountManagerMetrics()) @@ -1431,7 +1431,7 @@ func (am *DefaultAccountManager) UpdateAccountPeer(ctx context.Context, accountI var remotePeerNetworkMap *types.NetworkMap - if am.expNewNetworkMap { + if am.experimentalNetworkMap(accountId) { remotePeerNetworkMap = am.getPeerNetworkMapExp(ctx, peer.AccountID, peer.ID, approvedPeersMap, customZone, am.metrics.AccountManagerMetrics()) } else { remotePeerNetworkMap = account.GetPeerNetworkMap(ctx, peerId, customZone, approvedPeersMap, resourcePolicies, routers, am.metrics.AccountManagerMetrics()) diff --git a/management/server/types/networkmapbuilder.go b/management/server/types/networkmapbuilder.go index 849ae928b..85eac7e23 100644 --- a/management/server/types/networkmapbuilder.go +++ b/management/server/types/networkmapbuilder.go @@ -991,6 +991,8 @@ func (b *NetworkMapBuilder) OnPeerAddedIncremental(peerID string) error { b.cache.mu.Lock() defer b.cache.mu.Unlock() + log.Debugf("NetworkMapBuilder: Adding peer %s (IP: %s) to cache", peerID, peer.IP.String()) + b.validatedPeers[peerID] = struct{}{} b.cache.globalPeers[peerID] = peer @@ -1003,6 +1005,8 @@ func (b *NetworkMapBuilder) OnPeerAddedIncremental(peerID string) error { b.incrementalUpdateAffectedPeers(account, peerID, peerGroups) + log.Debugf("NetworkMapBuilder: Added peer %s to cache", peerID) + return nil } diff --git a/management/server/user.go b/management/server/user.go index e29432f4b..b49bd38cc 100644 --- a/management/server/user.go +++ b/management/server/user.go @@ -962,7 +962,7 @@ func (am *DefaultAccountManager) expireAndUpdatePeers(ctx context.Context, accou activity.PeerLoginExpired, peer.EventMeta(dnsDomain), ) - if am.expNewNetworkMap { + if am.experimentalNetworkMap(accountID) { am.updatePeerInNetworkMapCache(peer.AccountID, peer) } }