From ec476d50720f2651d0a848359806da181d196558 Mon Sep 17 00:00:00 2001 From: pascal Date: Thu, 7 May 2026 16:55:45 +0200 Subject: [PATCH] extend logging --- .../network_map/controller/controller.go | 6 ++++- management/server/affected_peers_test.go | 22 ++++++++--------- management/server/dns.go | 3 +++ management/server/group.go | 24 +++++++++++++++++++ management/server/nameserver.go | 10 ++++++++ management/server/networks/manager.go | 7 ++++++ .../server/networks/resources/manager.go | 12 ++++++++++ management/server/networks/routers/manager.go | 12 ++++++++++ management/server/peer.go | 4 ++-- management/server/policy.go | 23 +++++++++++++----- management/server/posture_checks.go | 7 +++++- management/server/route.go | 21 ++++++++++++---- 12 files changed, 126 insertions(+), 25 deletions(-) diff --git a/management/internals/controllers/network_map/controller/controller.go b/management/internals/controllers/network_map/controller/controller.go index 9ee33692b..b17036c6b 100644 --- a/management/internals/controllers/network_map/controller/controller.go +++ b/management/internals/controllers/network_map/controller/controller.go @@ -285,7 +285,7 @@ func (c *Controller) UpdateAffectedPeers(ctx context.Context, accountID string, } func (c *Controller) sendUpdateForAffectedPeers(ctx context.Context, accountID string, peerIDs []string) error { - log.WithContext(ctx).Tracef("updating %d affected peers for account %s from %s", len(peerIDs), accountID, util.GetCallerName()) + log.WithContext(ctx).Tracef("sendUpdateForAffectedPeers: account %s, %d affected peers: %v (caller: %s)", accountID, len(peerIDs), peerIDs, util.GetCallerName()) affected := make(map[string]struct{}, len(peerIDs)) for _, id := range peerIDs { @@ -300,6 +300,7 @@ func (c *Controller) sendUpdateForAffectedPeers(ctx context.Context, accountID s } } if !hasConnected { + log.WithContext(ctx).Tracef("sendUpdateForAffectedPeers: no connected peers among %v, skipping", peerIDs) return nil } @@ -318,9 +319,12 @@ func (c *Controller) sendUpdateForAffectedPeers(ctx context.Context, accountID s } if len(peersToUpdate) == 0 { + log.WithContext(ctx).Tracef("sendUpdateForAffectedPeers: no peers to update (affected peers not found in account or no channels)") return nil } + log.WithContext(ctx).Tracef("sendUpdateForAffectedPeers: sending network map to %d connected peers", len(peersToUpdate)) + approvedPeersMap, err := c.integratedPeerValidator.GetValidatedPeers(ctx, account.Id, maps.Values(account.Groups), maps.Values(account.Peers), account.Settings.Extra) if err != nil { return fmt.Errorf("failed to get validate peers: %v", err) diff --git a/management/server/affected_peers_test.go b/management/server/affected_peers_test.go index 0004fe5c1..13bb990c8 100644 --- a/management/server/affected_peers_test.go +++ b/management/server/affected_peers_test.go @@ -437,7 +437,7 @@ func TestCollectPolicyAffectedGroups_Basic(t *testing.T) { }, }, } - groups, directPeers := collectPolicyAffectedGroupsAndPeers(policy) + groups, directPeers := collectPolicyAffectedGroupsAndPeers(context.Background(), policy) assert.ElementsMatch(t, []string{"g1", "g2", "g3"}, groups) assert.Empty(t, directPeers) } @@ -453,13 +453,13 @@ func TestCollectPolicyAffectedGroups_WithPeerResources(t *testing.T) { }, }, } - groups, directPeers := collectPolicyAffectedGroupsAndPeers(policy) + groups, directPeers := collectPolicyAffectedGroupsAndPeers(context.Background(), policy) assert.ElementsMatch(t, []string{"g1", "g2"}, groups) assert.ElementsMatch(t, []string{"p1", "p2"}, directPeers) } func TestCollectPolicyAffectedGroups_NilPolicy(t *testing.T) { - groups, directPeers := collectPolicyAffectedGroupsAndPeers(nil) + groups, directPeers := collectPolicyAffectedGroupsAndPeers(context.Background(), nil) assert.Nil(t, groups) assert.Nil(t, directPeers) } @@ -471,7 +471,7 @@ func TestCollectPolicyAffectedGroups_MultipleRules(t *testing.T) { {Sources: []string{"g3"}, Destinations: []string{"g4"}}, }, } - groups, _ := collectPolicyAffectedGroupsAndPeers(policy) + groups, _ := collectPolicyAffectedGroupsAndPeers(context.Background(), policy) assert.ElementsMatch(t, []string{"g1", "g2", "g3", "g4"}, groups) } @@ -486,13 +486,13 @@ func TestCollectPolicyAffectedGroups_MultiplePolicies(t *testing.T) { {Sources: []string{"g3"}, Destinations: []string{"g4"}}, }, } - groups, _ := collectPolicyAffectedGroupsAndPeers(new, old) + groups, _ := collectPolicyAffectedGroupsAndPeers(context.Background(), new, old) assert.ElementsMatch(t, []string{"g1", "g2", "g3", "g4"}, groups) } func TestCollectPolicyAffectedGroups_EmptyRules(t *testing.T) { policy := &types.Policy{Rules: []*types.PolicyRule{}} - groups, directPeers := collectPolicyAffectedGroupsAndPeers(policy) + groups, directPeers := collectPolicyAffectedGroupsAndPeers(context.Background(), policy) assert.Empty(t, groups) assert.Empty(t, directPeers) } @@ -507,7 +507,7 @@ func TestCollectPolicyAffectedGroups_NonPeerResource(t *testing.T) { }, }, } - groups, directPeers := collectPolicyAffectedGroupsAndPeers(policy) + groups, directPeers := collectPolicyAffectedGroupsAndPeers(context.Background(), policy) assert.ElementsMatch(t, []string{"g1", "g2"}, groups) assert.Empty(t, directPeers, "domain resource type should not produce direct peer IDs") } @@ -522,7 +522,7 @@ func TestCollectRouteAffectedGroups_Basic(t *testing.T) { PeerGroups: []string{"g2"}, AccessControlGroups: []string{"g3"}, } - groups, directPeers := collectRouteAffectedGroupsAndPeers(r) + groups, directPeers := collectRouteAffectedGroupsAndPeers(context.Background(), r) assert.ElementsMatch(t, []string{"g1", "g2", "g3"}, groups) assert.Empty(t, directPeers) } @@ -532,13 +532,13 @@ func TestCollectRouteAffectedGroups_WithDirectPeer(t *testing.T) { Groups: []string{"g1"}, Peer: "p1", } - groups, directPeers := collectRouteAffectedGroupsAndPeers(r) + groups, directPeers := collectRouteAffectedGroupsAndPeers(context.Background(), r) assert.ElementsMatch(t, []string{"g1"}, groups) assert.ElementsMatch(t, []string{"p1"}, directPeers) } func TestCollectRouteAffectedGroups_NilRoute(t *testing.T) { - groups, directPeers := collectRouteAffectedGroupsAndPeers(nil) + groups, directPeers := collectRouteAffectedGroupsAndPeers(context.Background(), nil) assert.Nil(t, groups) assert.Nil(t, directPeers) } @@ -552,7 +552,7 @@ func TestCollectRouteAffectedGroups_MultipleRoutes(t *testing.T) { Groups: []string{"g2"}, PeerGroups: []string{"g3"}, } - groups, directPeers := collectRouteAffectedGroupsAndPeers(new, old) + groups, directPeers := collectRouteAffectedGroupsAndPeers(context.Background(), new, old) assert.ElementsMatch(t, []string{"g1", "g2", "g3"}, groups) assert.ElementsMatch(t, []string{"p1"}, directPeers) } diff --git a/management/server/dns.go b/management/server/dns.go index 1e213ffbb..144aa5ca5 100644 --- a/management/server/dns.go +++ b/management/server/dns.go @@ -84,7 +84,10 @@ func (am *DefaultAccountManager) SaveDNSSettings(ctx context.Context, accountID } if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("SaveDNSSettings: updating %d affected peers: %v", len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("SaveDNSSettings: no affected peers") } return nil diff --git a/management/server/group.go b/management/server/group.go index df1b60156..5d15eed39 100644 --- a/management/server/group.go +++ b/management/server/group.go @@ -115,7 +115,10 @@ func (am *DefaultAccountManager) CreateGroup(ctx context.Context, accountID, use } if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("CreateGroup %s: updating %d affected peers: %v", newGroup.ID, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("CreateGroup %s: no affected peers", newGroup.ID) } return nil @@ -185,7 +188,10 @@ func (am *DefaultAccountManager) UpdateGroup(ctx context.Context, accountID, use } if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("UpdateGroup %s: updating %d affected peers: %v", newGroup.ID, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("UpdateGroup %s: no affected peers", newGroup.ID) } return nil @@ -249,7 +255,10 @@ func (am *DefaultAccountManager) CreateGroups(ctx context.Context, accountID, us allGroupIDs, directPeerIDs := collectGroupChangeAffectedGroups(ctx, am.Store, accountID, groupIDs) affectedPeerIDs := am.resolvePeerIDs(ctx, am.Store, accountID, allGroupIDs, directPeerIDs) if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("CreateGroups %v: updating %d affected peers: %v", groupIDs, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("CreateGroups %v: no affected peers", groupIDs) } return globalErr @@ -293,7 +302,10 @@ func (am *DefaultAccountManager) UpdateGroups(ctx context.Context, accountID, us allGroupIDs, directPeerIDs := collectGroupChangeAffectedGroups(ctx, am.Store, accountID, groupIDs) affectedPeerIDs := am.resolvePeerIDs(ctx, am.Store, accountID, allGroupIDs, directPeerIDs) if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("UpdateGroups %v: updating %d affected peers: %v", groupIDs, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("UpdateGroups %v: no affected peers", groupIDs) } return globalErr @@ -498,7 +510,10 @@ func (am *DefaultAccountManager) GroupAddPeer(ctx context.Context, accountID, gr } if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("GroupAddPeer group=%s peer=%s: updating %d affected peers: %v", groupID, peerID, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("GroupAddPeer group=%s peer=%s: no affected peers", groupID, peerID) } return nil @@ -534,7 +549,10 @@ func (am *DefaultAccountManager) GroupAddResource(ctx context.Context, accountID } if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("GroupAddResource group=%s resource=%s: updating %d affected peers: %v", groupID, resource.ID, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("GroupAddResource group=%s resource=%s: no affected peers", groupID, resource.ID) } return nil @@ -565,7 +583,10 @@ func (am *DefaultAccountManager) GroupDeletePeer(ctx context.Context, accountID, } if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("GroupDeletePeer group=%s peer=%s: updating %d affected peers: %v", groupID, peerID, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("GroupDeletePeer group=%s peer=%s: no affected peers", groupID, peerID) } return nil @@ -601,7 +622,10 @@ func (am *DefaultAccountManager) GroupDeleteResource(ctx context.Context, accoun } if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("GroupDeleteResource group=%s resource=%s: updating %d affected peers: %v", groupID, resource.ID, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("GroupDeleteResource group=%s resource=%s: no affected peers", groupID, resource.ID) } return nil diff --git a/management/server/nameserver.go b/management/server/nameserver.go index 823fc72d5..8ba1c2afc 100644 --- a/management/server/nameserver.go +++ b/management/server/nameserver.go @@ -9,6 +9,7 @@ import ( "unicode/utf8" "github.com/rs/xid" + log "github.com/sirupsen/logrus" nbdns "github.com/netbirdio/netbird/dns" "github.com/netbirdio/netbird/management/server/activity" @@ -80,7 +81,10 @@ func (am *DefaultAccountManager) CreateNameServerGroup(ctx context.Context, acco am.StoreEvent(ctx, userID, newNSGroup.ID, accountID, activity.NameserverGroupCreated, newNSGroup.EventMeta()) if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("CreateNameServerGroup %s: updating %d affected peers: %v", newNSGroup.ID, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("CreateNameServerGroup %s: no affected peers", newNSGroup.ID) } return newNSGroup.Copy(), nil @@ -129,7 +133,10 @@ func (am *DefaultAccountManager) SaveNameServerGroup(ctx context.Context, accoun am.StoreEvent(ctx, userID, nsGroupToSave.ID, accountID, activity.NameserverGroupUpdated, nsGroupToSave.EventMeta()) if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("SaveNameServerGroup %s: updating %d affected peers: %v", nsGroupToSave.ID, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("SaveNameServerGroup %s: no affected peers", nsGroupToSave.ID) } return nil @@ -169,7 +176,10 @@ func (am *DefaultAccountManager) DeleteNameServerGroup(ctx context.Context, acco am.StoreEvent(ctx, userID, nsGroup.ID, accountID, activity.NameserverGroupDeleted, nsGroup.EventMeta()) if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("DeleteNameServerGroup %s: updating %d affected peers: %v", nsGroupID, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("DeleteNameServerGroup %s: no affected peers", nsGroupID) } return nil diff --git a/management/server/networks/manager.go b/management/server/networks/manager.go index 17ea0ddaa..0f21ea9ba 100644 --- a/management/server/networks/manager.go +++ b/management/server/networks/manager.go @@ -224,7 +224,10 @@ func (m *managerImpl) DeleteNetwork(ctx context.Context, accountID, userID, netw if affectedData != nil { affectedPeerIDs := resolveNetworkAffectedPeers(ctx, m.store, accountID, affectedData) if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("DeleteNetwork %s: updating %d affected peers: %v", networkID, len(affectedPeerIDs), affectedPeerIDs) go m.accountManager.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("DeleteNetwork %s: no affected peers", networkID) } } @@ -233,6 +236,8 @@ func (m *managerImpl) DeleteNetwork(ctx context.Context, accountID, userID, netw // resolveNetworkAffectedPeers computes affected peer IDs from preloaded data outside the transaction. func resolveNetworkAffectedPeers(ctx context.Context, s store.Store, accountID string, data *networkAffectedPeersData) []string { + log.WithContext(ctx).Tracef("resolveNetworkAffectedPeers: routerPeerGroups=%v, resourceGroupIDs=%v, directPeerIDs=%v, policies=%d", + data.routerPeerGroups, data.resourceGroupIDs, data.directPeerIDs, len(data.policies)) groupSet := make(map[string]struct{}) for _, gID := range data.routerPeerGroups { @@ -275,6 +280,7 @@ func resolveNetworkAffectedPeers(ctx context.Context, s store.Store, accountID s groupIDs = append(groupIDs, gID) } + log.WithContext(ctx).Tracef("resolveNetworkAffectedPeers: resolved groupIDs=%v", groupIDs) peerIDs, err := s.GetPeerIDsByGroups(ctx, accountID, groupIDs) if err != nil { log.WithContext(ctx).Errorf("failed to resolve peer IDs: %v", err) @@ -294,6 +300,7 @@ func resolveNetworkAffectedPeers(ctx context.Context, s store.Store, accountID s } } + log.WithContext(ctx).Tracef("resolveNetworkAffectedPeers: result %d peers: %v", len(peerIDs), peerIDs) return peerIDs } diff --git a/management/server/networks/resources/manager.go b/management/server/networks/resources/manager.go index 4d016cdf6..23f4f98a4 100644 --- a/management/server/networks/resources/manager.go +++ b/management/server/networks/resources/manager.go @@ -169,7 +169,10 @@ func (m *managerImpl) CreateResource(ctx context.Context, userID string, resourc } if affectedPeerIDs := m.resolveResourceAffectedPeers(ctx, resource.AccountID, affectedData); len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("CreateResource %s: updating %d affected peers: %v", resource.ID, len(affectedPeerIDs), affectedPeerIDs) go m.accountManager.UpdateAffectedPeers(ctx, resource.AccountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("CreateResource %s: no affected peers", resource.ID) } return resource, nil @@ -294,7 +297,10 @@ func (m *managerImpl) UpdateResource(ctx context.Context, userID string, resourc }() if affectedPeerIDs := m.resolveResourceAffectedPeers(ctx, resource.AccountID, affectedData); len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("UpdateResource %s: updating %d affected peers: %v", resource.ID, len(affectedPeerIDs), affectedPeerIDs) go m.accountManager.UpdateAffectedPeers(ctx, resource.AccountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("UpdateResource %s: no affected peers", resource.ID) } return resource, nil @@ -393,7 +399,10 @@ func (m *managerImpl) DeleteResource(ctx context.Context, accountID, userID, net } if affectedPeerIDs := m.resolveResourceAffectedPeers(ctx, accountID, affectedData); len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("DeleteResource %s: updating %d affected peers: %v", resourceID, len(affectedPeerIDs), affectedPeerIDs) go m.accountManager.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("DeleteResource %s: no affected peers", resourceID) } return nil @@ -491,6 +500,8 @@ func (m *managerImpl) resolveResourceAffectedPeers(ctx context.Context, accountI return nil } + log.WithContext(ctx).Tracef("resolveResourceAffectedPeers: resourceGroupIDs=%v, routerPeerGroups=%v, routerDirectPeers=%v, policies=%d", + data.resourceGroupIDs, data.routerPeerGroups, data.routerDirectPeers, len(data.policies)) groupSet := make(map[string]struct{}) var directPeerIDs []string @@ -559,6 +570,7 @@ func (m *managerImpl) resolveResourceAffectedPeers(ctx context.Context, accountI } } + log.WithContext(ctx).Tracef("resolveResourceAffectedPeers: result %d peers: %v", len(peerIDs), peerIDs) return peerIDs } diff --git a/management/server/networks/routers/manager.go b/management/server/networks/routers/manager.go index 6b33f558e..dc15fe974 100644 --- a/management/server/networks/routers/manager.go +++ b/management/server/networks/routers/manager.go @@ -128,7 +128,10 @@ func (m *managerImpl) CreateRouter(ctx context.Context, userID string, router *t m.accountManager.StoreEvent(ctx, userID, router.ID, router.AccountID, activity.NetworkRouterCreated, router.EventMeta(network)) if affectedPeerIDs := m.resolveRouterAffectedPeers(ctx, router.AccountID, affectedData); len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("CreateRouter %s: updating %d affected peers: %v", router.ID, len(affectedPeerIDs), affectedPeerIDs) go m.accountManager.UpdateAffectedPeers(ctx, router.AccountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("CreateRouter %s: no affected peers", router.ID) } return router, nil @@ -213,7 +216,10 @@ func (m *managerImpl) UpdateRouter(ctx context.Context, userID string, router *t m.accountManager.StoreEvent(ctx, userID, router.ID, router.AccountID, activity.NetworkRouterUpdated, router.EventMeta(network)) if affectedPeerIDs := m.resolveRouterAffectedPeers(ctx, router.AccountID, affectedData); len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("UpdateRouter %s: updating %d affected peers: %v", router.ID, len(affectedPeerIDs), affectedPeerIDs) go m.accountManager.UpdateAffectedPeers(ctx, router.AccountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("UpdateRouter %s: no affected peers", router.ID) } return router, nil @@ -261,7 +267,10 @@ func (m *managerImpl) DeleteRouter(ctx context.Context, accountID, userID, netwo event() if affectedPeerIDs := m.resolveRouterAffectedPeers(ctx, accountID, affectedData); len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("DeleteRouter %s: updating %d affected peers: %v", routerID, len(affectedPeerIDs), affectedPeerIDs) go m.accountManager.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("DeleteRouter %s: no affected peers", routerID) } return nil @@ -356,6 +365,8 @@ func (m *managerImpl) resolveRouterAffectedPeers(ctx context.Context, accountID return nil } + log.WithContext(ctx).Tracef("resolveRouterAffectedPeers: routerPeerGroups=%v, directPeerIDs=%v, resourceGroupIDs=%v, policies=%d", + data.routerPeerGroups, data.directPeerIDs, data.resourceGroupIDs, len(data.policies)) groupSet := make(map[string]struct{}) for _, gID := range data.routerPeerGroups { @@ -421,6 +432,7 @@ func (m *managerImpl) resolveRouterAffectedPeers(ctx context.Context, accountID } } + log.WithContext(ctx).Tracef("resolveRouterAffectedPeers: result %d peers: %v", len(peerIDs), peerIDs) return peerIDs } diff --git a/management/server/peer.go b/management/server/peer.go index 08d5b6deb..079a6389e 100644 --- a/management/server/peer.go +++ b/management/server/peer.go @@ -1308,7 +1308,7 @@ func (am *DefaultAccountManager) resolvePeerIDs(ctx context.Context, s store.Sto } if len(directPeerIDs) == 0 { - log.WithContext(ctx).Tracef("resolvePeerIDs: groups=%v -> %d peers", groupIDs, len(peerIDs)) + log.WithContext(ctx).Tracef("resolvePeerIDs: groups=%v -> %d peers: %v", groupIDs, len(peerIDs), peerIDs) return peerIDs } @@ -1323,7 +1323,7 @@ func (am *DefaultAccountManager) resolvePeerIDs(ctx context.Context, s store.Sto } } - log.WithContext(ctx).Tracef("resolvePeerIDs: groups=%v + directPeers=%v -> %d peers", groupIDs, directPeerIDs, len(peerIDs)) + log.WithContext(ctx).Tracef("resolvePeerIDs: groups=%v + directPeers=%v -> %d peers: %v", groupIDs, directPeerIDs, len(peerIDs), peerIDs) return peerIDs } diff --git a/management/server/policy.go b/management/server/policy.go index 0404a9208..6c053f5fb 100644 --- a/management/server/policy.go +++ b/management/server/policy.go @@ -5,7 +5,7 @@ import ( _ "embed" "github.com/rs/xid" - "github.com/sirupsen/logrus" + log "github.com/sirupsen/logrus" "github.com/netbirdio/netbird/management/server/permissions/modules" "github.com/netbirdio/netbird/management/server/permissions/operations" @@ -58,7 +58,7 @@ func (am *DefaultAccountManager) SavePolicy(ctx context.Context, accountID, user if isUpdate { if policy.Equal(existingPolicy) { - logrus.WithContext(ctx).Tracef("policy update skipped because equal to stored one - policy id %s", policy.ID) + log.WithContext(ctx).Tracef("policy update skipped because equal to stored one - policy id %s", policy.ID) unchanged = true return nil } @@ -74,7 +74,7 @@ func (am *DefaultAccountManager) SavePolicy(ctx context.Context, accountID, user } } - groupIDs, directPeerIDs := collectPolicyAffectedGroupsAndPeers(policy, existingPolicy) + groupIDs, directPeerIDs := collectPolicyAffectedGroupsAndPeers(ctx, policy, existingPolicy) affectedPeerIDs = am.resolvePeerIDs(ctx, transaction, accountID, groupIDs, directPeerIDs) return transaction.IncrementNetworkSerial(ctx, accountID) @@ -90,7 +90,10 @@ func (am *DefaultAccountManager) SavePolicy(ctx context.Context, accountID, user am.StoreEvent(ctx, userID, policy.ID, accountID, action, policy.EventMeta()) if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Tracef("SavePolicy %s: updating %d affected peers: %v", policy.ID, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("SavePolicy %s: no affected peers", policy.ID) } return policy, nil @@ -115,7 +118,7 @@ func (am *DefaultAccountManager) DeletePolicy(ctx context.Context, accountID, po return err } - groupIDs, directPeerIDs := collectPolicyAffectedGroupsAndPeers(policy) + groupIDs, directPeerIDs := collectPolicyAffectedGroupsAndPeers(ctx, policy) affectedPeerIDs = am.resolvePeerIDs(ctx, transaction, accountID, groupIDs, directPeerIDs) if err = transaction.DeletePolicy(ctx, accountID, policyID); err != nil { @@ -131,7 +134,10 @@ func (am *DefaultAccountManager) DeletePolicy(ctx context.Context, accountID, po am.StoreEvent(ctx, userID, policyID, accountID, activity.PolicyRemoved, policy.EventMeta()) if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("DeletePolicy %s: updating %d affected peers: %v", policyID, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("DeletePolicy %s: no affected peers", policyID) } return nil @@ -151,21 +157,26 @@ func (am *DefaultAccountManager) ListPolicies(ctx context.Context, accountID, us } // collectPolicyAffectedGroupsAndPeers returns group IDs and direct peer IDs from the given policies. -func collectPolicyAffectedGroupsAndPeers(policies ...*types.Policy) (groupIDs []string, directPeerIDs []string) { +func collectPolicyAffectedGroupsAndPeers(ctx context.Context, policies ...*types.Policy) (groupIDs []string, directPeerIDs []string) { for _, policy := range policies { if policy == nil { continue } - groupIDs = append(groupIDs, policy.RuleGroups()...) + ruleGroups := policy.RuleGroups() + log.WithContext(ctx).Tracef("collectPolicyAffectedGroupsAndPeers: policy %s (%s) ruleGroups=%v", policy.ID, policy.Name, ruleGroups) + groupIDs = append(groupIDs, ruleGroups...) for _, rule := range policy.Rules { if rule.SourceResource.Type == types.ResourceTypePeer && rule.SourceResource.ID != "" { + log.WithContext(ctx).Tracef("collectPolicyAffectedGroupsAndPeers: policy %s rule %s direct source peer %s", policy.ID, rule.ID, rule.SourceResource.ID) directPeerIDs = append(directPeerIDs, rule.SourceResource.ID) } if rule.DestinationResource.Type == types.ResourceTypePeer && rule.DestinationResource.ID != "" { + log.WithContext(ctx).Tracef("collectPolicyAffectedGroupsAndPeers: policy %s rule %s direct destination peer %s", policy.ID, rule.ID, rule.DestinationResource.ID) directPeerIDs = append(directPeerIDs, rule.DestinationResource.ID) } } } + log.WithContext(ctx).Tracef("collectPolicyAffectedGroupsAndPeers: result groupIDs=%v, directPeerIDs=%v", groupIDs, directPeerIDs) return } diff --git a/management/server/posture_checks.go b/management/server/posture_checks.go index f22bc8d14..8377ce58b 100644 --- a/management/server/posture_checks.go +++ b/management/server/posture_checks.go @@ -75,7 +75,10 @@ func (am *DefaultAccountManager) SavePostureChecks(ctx context.Context, accountI am.StoreEvent(ctx, userID, postureChecks.ID, accountID, action, postureChecks.EventMeta()) if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("SavePostureChecks %s: updating %d affected peers: %v", postureChecks.ID, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("SavePostureChecks %s: no affected peers", postureChecks.ID) } return postureChecks, nil @@ -141,12 +144,14 @@ func collectPostureCheckAffectedGroupsAndPeers(ctx context.Context, transaction for _, policy := range policies { if slices.Contains(policy.SourcePostureChecks, postureCheckID) { - gIDs, pIDs := collectPolicyAffectedGroupsAndPeers(policy) + log.WithContext(ctx).Tracef("collectPostureCheckAffectedGroupsAndPeers: posture check %s referenced by policy %s (%s)", postureCheckID, policy.ID, policy.Name) + gIDs, pIDs := collectPolicyAffectedGroupsAndPeers(ctx, policy) groupIDs = append(groupIDs, gIDs...) directPeerIDs = append(directPeerIDs, pIDs...) } } + log.WithContext(ctx).Tracef("collectPostureCheckAffectedGroupsAndPeers: postureCheck=%s -> groupIDs=%v, directPeerIDs=%v", postureCheckID, groupIDs, directPeerIDs) return groupIDs, directPeerIDs } diff --git a/management/server/route.go b/management/server/route.go index 30297f851..3a39518f2 100644 --- a/management/server/route.go +++ b/management/server/route.go @@ -8,6 +8,7 @@ import ( "unicode/utf8" "github.com/rs/xid" + log "github.com/sirupsen/logrus" "github.com/netbirdio/netbird/management/server/activity" "github.com/netbirdio/netbird/management/server/permissions/modules" @@ -177,7 +178,7 @@ func (am *DefaultAccountManager) CreateRoute(ctx context.Context, accountID stri return err } - groupIDs, directPeerIDs := collectRouteAffectedGroupsAndPeers(newRoute) + groupIDs, directPeerIDs := collectRouteAffectedGroupsAndPeers(ctx, newRoute) affectedPeerIDs = am.resolvePeerIDs(ctx, transaction, accountID, groupIDs, directPeerIDs) return transaction.IncrementNetworkSerial(ctx, accountID) @@ -189,7 +190,10 @@ func (am *DefaultAccountManager) CreateRoute(ctx context.Context, accountID stri am.StoreEvent(ctx, userID, string(newRoute.ID), accountID, activity.RouteCreated, newRoute.EventMeta()) if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("CreateRoute %s: updating %d affected peers: %v", newRoute.ID, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("CreateRoute %s: no affected peers", newRoute.ID) } return newRoute, nil @@ -224,7 +228,7 @@ func (am *DefaultAccountManager) SaveRoute(ctx context.Context, accountID, userI return err } - groupIDs, directPeerIDs := collectRouteAffectedGroupsAndPeers(routeToSave, oldRoute) + groupIDs, directPeerIDs := collectRouteAffectedGroupsAndPeers(ctx, routeToSave, oldRoute) affectedPeerIDs = am.resolvePeerIDs(ctx, transaction, accountID, groupIDs, directPeerIDs) return transaction.IncrementNetworkSerial(ctx, accountID) @@ -236,7 +240,10 @@ func (am *DefaultAccountManager) SaveRoute(ctx context.Context, accountID, userI am.StoreEvent(ctx, userID, string(routeToSave.ID), accountID, activity.RouteUpdated, routeToSave.EventMeta()) if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("SaveRoute %s: updating %d affected peers: %v", routeToSave.ID, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("SaveRoute %s: no affected peers", routeToSave.ID) } return nil @@ -261,7 +268,7 @@ func (am *DefaultAccountManager) DeleteRoute(ctx context.Context, accountID stri return err } - groupIDs, directPeerIDs := collectRouteAffectedGroupsAndPeers(rt) + groupIDs, directPeerIDs := collectRouteAffectedGroupsAndPeers(ctx, rt) affectedPeerIDs = am.resolvePeerIDs(ctx, transaction, accountID, groupIDs, directPeerIDs) if err = transaction.DeleteRoute(ctx, accountID, string(routeID)); err != nil { @@ -277,7 +284,10 @@ func (am *DefaultAccountManager) DeleteRoute(ctx context.Context, accountID stri am.StoreEvent(ctx, userID, string(rt.ID), accountID, activity.RouteRemoved, rt.EventMeta()) if len(affectedPeerIDs) > 0 { + log.WithContext(ctx).Debugf("DeleteRoute %s: updating %d affected peers: %v", routeID, len(affectedPeerIDs), affectedPeerIDs) am.UpdateAffectedPeers(ctx, accountID, affectedPeerIDs) + } else { + log.WithContext(ctx).Tracef("DeleteRoute %s: no affected peers", routeID) } return nil @@ -367,11 +377,13 @@ func getPlaceholderIP() netip.Prefix { } // collectRouteAffectedGroupsAndPeers returns group IDs and direct peer IDs from the given routes. -func collectRouteAffectedGroupsAndPeers(routes ...*route.Route) (groupIDs []string, directPeerIDs []string) { +func collectRouteAffectedGroupsAndPeers(ctx context.Context, routes ...*route.Route) (groupIDs []string, directPeerIDs []string) { for _, r := range routes { if r == nil { continue } + log.WithContext(ctx).Tracef("collectRouteAffectedGroupsAndPeers: route %s groups=%v peerGroups=%v accessControlGroups=%v peer=%q", + r.ID, r.Groups, r.PeerGroups, r.AccessControlGroups, r.Peer) groupIDs = append(groupIDs, r.Groups...) groupIDs = append(groupIDs, r.PeerGroups...) groupIDs = append(groupIDs, r.AccessControlGroups...) @@ -379,6 +391,7 @@ func collectRouteAffectedGroupsAndPeers(routes ...*route.Route) (groupIDs []stri directPeerIDs = append(directPeerIDs, r.Peer) } } + log.WithContext(ctx).Tracef("collectRouteAffectedGroupsAndPeers: result groupIDs=%v, directPeerIDs=%v", groupIDs, directPeerIDs) return }