diff --git a/management/server/networkmap.go b/management/server/networkmap.go index b436c2d18..bf502d24a 100644 --- a/management/server/networkmap.go +++ b/management/server/networkmap.go @@ -9,6 +9,11 @@ import ( "github.com/netbirdio/netbird/management/server/types" ) +func (am *DefaultAccountManager) initNetworkMapBuilderIfNeeded(account *types.Account, validatedPeers map[string]struct{}) { + am.enrichAccountFromHolder(account) + account.InitNetworkMapBuilderIfNeeded(validatedPeers) +} + func (am *DefaultAccountManager) getPeerNetworkMapExp( ctx context.Context, account *types.Account, @@ -21,14 +26,14 @@ func (am *DefaultAccountManager) getPeerNetworkMapExp( return account.GetPeerNetworkMapExp(ctx, peerId, customZone, validatedPeers, account.GetResourcePoliciesMap(), account.GetResourceRoutersMap(), metrics) } -func (am *DefaultAccountManager) onPeerAddedUpdNetworkMapCache(account *types.Account, peerId string, validatedPeers map[string]struct{}) { +func (am *DefaultAccountManager) onPeerAddedUpdNetworkMapCache(account *types.Account, peerId string, validatedPeers map[string]struct{}) error { am.enrichAccountFromHolder(account) - account.OnPeerAddedUpdNetworkMapCache(peerId, validatedPeers) + return account.OnPeerAddedUpdNetworkMapCache(peerId, validatedPeers) } -func (am *DefaultAccountManager) onPeerDeletedUpdNetworkMapCache(account *types.Account, peerId string, validatedPeers map[string]struct{}) { +func (am *DefaultAccountManager) onPeerDeletedUpdNetworkMapCache(account *types.Account, peerId string, validatedPeers map[string]struct{}) error { am.enrichAccountFromHolder(account) - account.OnPeerDeletedUpdNetworkMapCache(peerId, validatedPeers) + return account.OnPeerDeletedUpdNetworkMapCache(peerId, validatedPeers) } func (am *DefaultAccountManager) updatePeerInNetworkMapCache(account *types.Account, peer *nbpeer.Peer) { diff --git a/management/server/peer.go b/management/server/peer.go index f3202eb55..aa990b97b 100644 --- a/management/server/peer.go +++ b/management/server/peer.go @@ -397,7 +397,9 @@ func (am *DefaultAccountManager) DeletePeer(ctx context.Context, accountID, peer if err != nil { return err } - am.onPeerDeletedUpdNetworkMapCache(account, peerID, validatedPeers) + if err := am.onPeerDeletedUpdNetworkMapCache(account, peerID, validatedPeers); err != nil { + log.WithContext(ctx).Errorf("failed to update network map cache for peer %s: %v", peerID, err) + } } @@ -714,7 +716,9 @@ func (am *DefaultAccountManager) AddPeer(ctx context.Context, setupKey, userID s if err != nil { return nil, nil, nil, err } - am.onPeerAddedUpdNetworkMapCache(account, newPeer.ID, validatedPeers) + if err := am.onPeerAddedUpdNetworkMapCache(account, newPeer.ID, validatedPeers); err != nil { + log.WithContext(ctx).Errorf("failed to update network map cache for peer %s: %v", newPeer.ID, err) + } } if updateAccountPeers { @@ -1243,6 +1247,10 @@ func (am *DefaultAccountManager) UpdateAccountPeers(ctx context.Context, account resourcePolicies := account.GetResourcePoliciesMap() routers := account.GetResourceRoutersMap() + if am.expNewNetworkMap { + am.initNetworkMapBuilderIfNeeded(account, approvedPeersMap) + } + proxyNetworkMaps, err := am.proxyController.GetProxyNetworkMapsAll(ctx, accountID, account.Peers) if err != nil { log.WithContext(ctx).Errorf("failed to get proxy network maps: %v", err) diff --git a/management/server/peer_test.go b/management/server/peer_test.go index 3a0d32130..5f9c14c13 100644 --- a/management/server/peer_test.go +++ b/management/server/peer_test.go @@ -172,7 +172,7 @@ func TestAccountManager_GetNetworkMap(t *testing.T) { } func TestAccountManager_GetNetworkMap_Experimental(t *testing.T) { - os.Setenv(envNewNetworkMapBuilder, "true") + t.Setenv(envNewNetworkMapBuilder, "true") testGetNetworkMapGeneral(t) } @@ -1012,7 +1012,16 @@ func BenchmarkUpdateAccountPeers(b *testing.B) { } } +func TestUpdateAccountPeers_Experimental(t *testing.T) { + t.Setenv(envNewNetworkMapBuilder, "true") + testUpdateAccountPeers(t) +} + func TestUpdateAccountPeers(t *testing.T) { + testUpdateAccountPeers(t) +} + +func testUpdateAccountPeers(t *testing.T) { testCases := []struct { name string peers int @@ -1556,7 +1565,7 @@ func Test_RegisterPeerRollbackOnFailure(t *testing.T) { } func Test_LoginPeer(t *testing.T) { - os.Setenv(envNewNetworkMapBuilder, "true") + t.Setenv(envNewNetworkMapBuilder, "true") if runtime.GOOS == "windows" { t.Skip("The SQLite store is not properly supported by Windows yet") } diff --git a/management/server/types/networkmap.go b/management/server/types/networkmap.go index e03a8c98e..0d667243e 100644 --- a/management/server/types/networkmap.go +++ b/management/server/types/networkmap.go @@ -849,6 +849,10 @@ func (a *Account) initNetworkMapBuilder(validatedPeers map[string]struct{}) { a.NetworkMapCache = NewNetworkMapBuilder(a, validatedPeers) } +func (a *Account) InitNetworkMapBuilderIfNeeded(validatedPeers map[string]struct{}) { + a.initNetworkMapBuilder(validatedPeers) +} + func (a *Account) GetPeerNetworkMapExp( ctx context.Context, peerID string, diff --git a/management/server/types/networkmap_golden_test.go b/management/server/types/networkmap_golden_test.go index ffd219e19..12a2d488f 100644 --- a/management/server/types/networkmap_golden_test.go +++ b/management/server/types/networkmap_golden_test.go @@ -3,7 +3,6 @@ package types_test import ( "context" "encoding/json" - "flag" "fmt" "net" "net/netip" @@ -28,7 +27,7 @@ import ( // update flag is used to update the golden file. // example: go test ./... -v -update -var update = flag.Bool("update", false, "update golden files") +// var update = flag.Bool("update", false, "update golden files") const ( numPeers = 100 @@ -943,8 +942,8 @@ func createTestAccountWithEntities() *types.Account { if peerID == expiredPeerID { p.LoginExpirationEnabled = true - pastTime := time.Now().Add(-2 * time.Hour) - p.LastLogin = &pastTime + pastime = time.Now().Add(-2 * time.Hour) + p.LastLogin = &pastime } peers[peerID] = p diff --git a/management/server/types/networkmapbuilder.go b/management/server/types/networkmapbuilder.go index 47e8ed2fc..ee24d1705 100644 --- a/management/server/types/networkmapbuilder.go +++ b/management/server/types/networkmapbuilder.go @@ -301,9 +301,9 @@ func (b *NetworkMapBuilder) GetPeerNetworkMap( return &NetworkMap{Network: account.Network.Copy()} } - if !maps.Equal(b.validatedPeers, validatedPeers) { - // b.updateValidatedPeers(validatedPeers) - } + // if !maps.Equal(b.validatedPeers, validatedPeers) { + // b.updateValidatedPeers(validatedPeers) + // } b.cache.mu.RLock() defer b.cache.mu.RUnlock() @@ -312,10 +312,10 @@ func (b *NetworkMapBuilder) GetPeerNetworkMap( routesView := b.cache.peerRoutes[peerID] dnsConfig := b.cache.peerDNS[peerID] - if aclView == nil || routesView == nil || dnsConfig == nil { - // log.Warnf("NetworkMapBuilder: Cache miss for peer %s, falling back to original method", peerID) - // return account.GetPeerNetworkMap(ctx, peerID, peersCustomZone, validatedPeers, resourcePolicies, routers, metrics) - } + // if aclView == nil || routesView == nil || dnsConfig == nil { + // // log.Warnf("NetworkMapBuilder: Cache miss for peer %s, falling back to original method", peerID) + // // return account.GetPeerNetworkMap(ctx, peerID, peersCustomZone, validatedPeers, resourcePolicies, routers, metrics) + // } nm := b.assembleNetworkMap(account, aclView, routesView, dnsConfig, peersCustomZone, validatedPeers) @@ -403,8 +403,7 @@ func (b *NetworkMapBuilder) assembleNetworkMap( } func (b *NetworkMapBuilder) generateFirewallRuleID(rule *FirewallRule) string { - portRange := "" - portRange = fmt.Sprintf("%d-%d", rule.PortRange.Start, rule.PortRange.End) + portRange := fmt.Sprintf("%d-%d", rule.PortRange.Start, rule.PortRange.End) return fmt.Sprintf("fw:%s:%s:%d:%s:%s:%s:%s", rule.PolicyID, rule.PeerIP, rule.Direction, rule.Protocol, rule.Action, rule.Port, portRange) } @@ -414,45 +413,6 @@ func (b *NetworkMapBuilder) generateRouteFirewallRuleID(rule *RouteFirewallRule) rule.RouteID, rule.Destination, rule.Action, strings.Join(rule.SourceRanges, ","), rule.Protocol, rule.Port) } -// func (b *NetworkMapBuilder) estimateMemoryUsage() int64 { -// b.cache.mu.RLock() -// defer b.cache.mu.RUnlock() - -// var estimate int64 - -// const ( -// peerSize = 1000 -// routeSize = 500 -// firewallRuleSize = 200 -// routeRuleSize = 300 -// stringSize = 50 -// viewOverhead = 100 -// ) - -// estimate += int64(len(b.cache.globalPeers)) * peerSize -// estimate += int64(len(b.cache.globalRoutes)) * routeSize -// estimate += int64(len(b.cache.globalRules)) * firewallRuleSize -// estimate += int64(len(b.cache.globalRouteRules)) * routeRuleSize - -// for _, view := range b.cache.peerACLs { -// estimate += viewOverhead -// estimate += int64(len(view.ConnectedPeerIDs)) * stringSize -// estimate += int64(len(view.FirewallRuleIDs)) * stringSize -// } - -// for _, view := range b.cache.peerRoutes { -// estimate += viewOverhead -// estimate += int64(len(view.OwnRouteIDs)) * stringSize -// estimate += int64(len(view.InheritedRouteIDs)) * stringSize -// estimate += int64(len(view.NetworkResourceIDs)) * stringSize -// estimate += int64(len(view.RouteFirewallRuleIDs)) * stringSize -// } - -// estimate += int64(len(b.cache.peerDNS)) * 200 - -// return estimate -// } - func (b *NetworkMapBuilder) isPeerInGroups(groupIDs []string, peerGroups []string) bool { for _, groupID := range groupIDs { for _, peerGroupID := range peerGroups { @@ -937,9 +897,9 @@ func (b *NetworkMapBuilder) updateRouteFirewallRules( sourceIP := update.AddSourceIP if strings.Contains(sourceIP, ":") { - sourceIP = sourceIP + "/128" // IPv6 + sourceIP += "/128" // IPv6 } else { - sourceIP = sourceIP + "/32" // IPv4 + sourceIP += "/32" // IPv4 } if !slices.Contains(rule.SourceRanges, sourceIP) {