sendnrw/netbird
2
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2026-04-16 07:16:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

[managment] add flag to disable the old legacy grpc endpoint (#5372)

Browse Source
This commit is contained in:
Pascal Fischer
2026-02-17 19:53:14 +01:00
committed by GitHub
parent 2dbdb5c1a7
commit e9b2a6e808
4 changed files with 75 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
combined/cmd/root.go
View File

@@ -488,15 +488,17 @@ func createManagementServer(cfg *CombinedConfig, mgmtConfig *nbconfig.Config) (*
mgmtPort, _ := strconv.Atoi(portStr) mgmtPort, _ := strconv.Atoi(portStr)
mgmtSrv := mgmtServer.NewServer( mgmtSrv := mgmtServer.NewServer(
mgmtConfig, &mgmtServer.Config{
dnsDomain, NbConfig: mgmtConfig,
singleAccModeDomain, DNSDomain: dnsDomain,
mgmtPort, MgmtSingleAccModeDomain: singleAccModeDomain,
cfg.Server.MetricsPort, MgmtPort: mgmtPort,
mgmt.DisableAnonymousMetrics, MgmtMetricsPort: cfg.Server.MetricsPort,
mgmt.DisableGeoliteUpdate, DisableMetrics: mgmt.DisableAnonymousMetrics,
DisableGeoliteUpdate: mgmt.DisableGeoliteUpdate,
// Always enable user deletion from IDP in combined server (embedded IdP is always enabled) // Always enable user deletion from IDP in combined server (embedded IdP is always enabled)
true, UserDeleteFromIDPEnabled: true,
},
) )
return mgmtSrv, nil return mgmtSrv, nil

18
management/cmd/management.go
View File

@@ -29,11 +29,11 @@ import (
"github.com/netbirdio/netbird/util/crypt" "github.com/netbirdio/netbird/util/crypt"
) )
var newServer = func(config *nbconfig.Config, dnsDomain, mgmtSingleAccModeDomain string, mgmtPort int, mgmtMetricsPort int, disableMetrics, disableGeoliteUpdate, userDeleteFromIDPEnabled bool) server.Server { var newServer = func(cfg *server.Config) server.Server {
return server.NewServer(config, dnsDomain, mgmtSingleAccModeDomain, mgmtPort, mgmtMetricsPort, disableMetrics, disableGeoliteUpdate, userDeleteFromIDPEnabled) return server.NewServer(cfg)
} }
func SetNewServer(fn func(config *nbconfig.Config, dnsDomain, mgmtSingleAccModeDomain string, mgmtPort int, mgmtMetricsPort int, disableMetrics, disableGeoliteUpdate, userDeleteFromIDPEnabled bool) server.Server) { func SetNewServer(fn func(*server.Config) server.Server) {
newServer = fn newServer = fn
} }
@@ -110,7 +110,17 @@ var (
mgmtSingleAccModeDomain = "" mgmtSingleAccModeDomain = ""
} }
srv := newServer(config, dnsDomain, mgmtSingleAccModeDomain, mgmtPort, mgmtMetricsPort, disableMetrics, disableGeoliteUpdate, userDeleteFromIDPEnabled) srv := newServer(&server.Config{
NbConfig: config,
DNSDomain: dnsDomain,
MgmtSingleAccModeDomain: mgmtSingleAccModeDomain,
MgmtPort: mgmtPort,
MgmtMetricsPort: mgmtMetricsPort,
DisableLegacyManagementPort: disableLegacyManagementPort,
DisableMetrics: disableMetrics,
DisableGeoliteUpdate: disableGeoliteUpdate,
UserDeleteFromIDPEnabled: userDeleteFromIDPEnabled,
})
go func() { go func() {
if err := srv.Start(cmd.Context()); err != nil { if err := srv.Start(cmd.Context()); err != nil {
log.Fatalf("Server error: %v", err) log.Fatalf("Server error: %v", err)

2
management/cmd/root.go
View File

@@ -27,6 +27,7 @@ var (
userDeleteFromIDPEnabled bool userDeleteFromIDPEnabled bool
mgmtPort int mgmtPort int
mgmtMetricsPort int mgmtMetricsPort int
disableLegacyManagementPort bool
mgmtLetsencryptDomain string mgmtLetsencryptDomain string
mgmtSingleAccModeDomain string mgmtSingleAccModeDomain string
certFile string certFile string
@@ -55,6 +56,7 @@ func Execute() error {
func init() { func init() {
mgmtCmd.Flags().IntVar(&mgmtPort, "port", 80, "server port to listen on (defaults to 443 if TLS is enabled, 80 otherwise") mgmtCmd.Flags().IntVar(&mgmtPort, "port", 80, "server port to listen on (defaults to 443 if TLS is enabled, 80 otherwise")
mgmtCmd.Flags().BoolVar(&disableLegacyManagementPort, "disable-legacy-port", false, "disabling the old legacy port (33073)")
mgmtCmd.Flags().IntVar(&mgmtMetricsPort, "metrics-port", 9090, "metrics endpoint http port. Metrics are accessible under host:metrics-port/metrics") mgmtCmd.Flags().IntVar(&mgmtMetricsPort, "metrics-port", 9090, "metrics endpoint http port. Metrics are accessible under host:metrics-port/metrics")
mgmtCmd.Flags().StringVar(&mgmtDataDir, "datadir", defaultMgmtDataDir, "server data directory location") mgmtCmd.Flags().StringVar(&mgmtDataDir, "datadir", defaultMgmtDataDir, "server data directory location")
mgmtCmd.Flags().StringVar(&nbconfig.MgmtConfigPath, "config", defaultMgmtConfig, "Netbird config file location. Config params specified via command line (e.g. datadir) have a precedence over configuration from this file") mgmtCmd.Flags().StringVar(&nbconfig.MgmtConfigPath, "config", defaultMgmtConfig, "Netbird config file location. Config params specified via command line (e.g. datadir) have a precedence over configuration from this file")

35
management/internals/server/server.go
View File

@@ -57,6 +57,7 @@ type BaseServer struct {
mgmtSingleAccModeDomain string mgmtSingleAccModeDomain string
mgmtMetricsPort int mgmtMetricsPort int
mgmtPort int mgmtPort int
disableLegacyManagementPort bool
proxyAuthClose func() proxyAuthClose func()
@@ -69,18 +70,32 @@ type BaseServer struct {
cancel context.CancelFunc cancel context.CancelFunc
} }
// Config holds the configuration parameters for creating a new server
type Config struct {
NbConfig *nbconfig.Config
DNSDomain string
MgmtSingleAccModeDomain string
MgmtPort int
MgmtMetricsPort int
DisableLegacyManagementPort bool
DisableMetrics bool
DisableGeoliteUpdate bool
UserDeleteFromIDPEnabled bool
}
// NewServer initializes and configures a new Server instance // NewServer initializes and configures a new Server instance
func NewServer(config *nbconfig.Config, dnsDomain, mgmtSingleAccModeDomain string, mgmtPort, mgmtMetricsPort int, disableMetrics, disableGeoliteUpdate, userDeleteFromIDPEnabled bool) *BaseServer { func NewServer(cfg *Config) *BaseServer {
return &BaseServer{ return &BaseServer{
Config: config, Config: cfg.NbConfig,
container: make(map[string]any), container: make(map[string]any),
dnsDomain: dnsDomain, dnsDomain: cfg.DNSDomain,
mgmtSingleAccModeDomain: mgmtSingleAccModeDomain, mgmtSingleAccModeDomain: cfg.MgmtSingleAccModeDomain,
disableMetrics: disableMetrics, disableMetrics: cfg.DisableMetrics,
disableGeoliteUpdate: disableGeoliteUpdate, disableGeoliteUpdate: cfg.DisableGeoliteUpdate,
userDeleteFromIDPEnabled: userDeleteFromIDPEnabled, userDeleteFromIDPEnabled: cfg.UserDeleteFromIDPEnabled,
mgmtPort: mgmtPort, mgmtPort: cfg.MgmtPort,
mgmtMetricsPort: mgmtMetricsPort, disableLegacyManagementPort: cfg.DisableLegacyManagementPort,
mgmtMetricsPort: cfg.MgmtMetricsPort,
} }
} }
@@ -152,7 +167,7 @@ func (s *BaseServer) Start(ctx context.Context) error {
} }
var compatListener net.Listener var compatListener net.Listener
if s.mgmtPort != ManagementLegacyPort { if s.mgmtPort != ManagementLegacyPort && !s.disableLegacyManagementPort {
// The Management gRPC server was running on port 33073 previously. Old agents that are already connected to it // The Management gRPC server was running on port 33073 previously. Old agents that are already connected to it
// are using port 33073. For compatibility purposes we keep running a 2nd gRPC server on port 33073. // are using port 33073. For compatibility purposes we keep running a 2nd gRPC server on port 33073.
compatListener, err = s.serveGRPC(srvCtx, s.GRPCServer(), ManagementLegacyPort) compatListener, err = s.serveGRPC(srvCtx, s.GRPCServer(), ManagementLegacyPort)