diff --git a/.github/ISSUE_TEMPLATE/bug-issue-report.md b/.github/ISSUE_TEMPLATE/bug-issue-report.md index 87f757f42..3633cca4f 100644 --- a/.github/ISSUE_TEMPLATE/bug-issue-report.md +++ b/.github/ISSUE_TEMPLATE/bug-issue-report.md @@ -31,14 +31,22 @@ Please specify whether you use NetBird Cloud or self-host NetBird's control plan `netbird version` -**NetBird status -dA output:** +**Is any other VPN software installed?** -If applicable, add the `netbird status -dA' command output. +If yes, which one? -**Do you face any (non-mobile) client issues?** +**Debug output** -Please provide the file created by `netbird debug for 1m -AS`. -We advise reviewing the anonymized files for any remaining PII. +To help us resolve the problem, please attach the following debug output + + netbird status -dA + +As well as the file created by + + netbird debug for 1m -AS + + +We advise reviewing the anonymized output for any remaining personal information. **Screenshots** @@ -47,3 +55,10 @@ If applicable, add screenshots to help explain your problem. **Additional context** Add any other context about the problem here. + +**Have you tried these troubleshooting steps?** +- [ ] Checked for newer NetBird versions +- [ ] Searched for similar issues on GitHub (including closed ones) +- [ ] Restarted the NetBird client +- [ ] Disabled other VPN software +- [ ] Checked firewall settings diff --git a/.github/workflows/golang-test-linux.yml b/.github/workflows/golang-test-linux.yml index 3be8bcff3..cf061f876 100644 --- a/.github/workflows/golang-test-linux.yml +++ b/.github/workflows/golang-test-linux.yml @@ -258,7 +258,7 @@ jobs: strategy: fail-fast: false matrix: - arch: [ '386','amd64' ] + arch: [ 'amd64' ] store: [ 'sqlite', 'postgres', 'mysql' ] runs-on: ubuntu-22.04 steps: @@ -325,8 +325,8 @@ jobs: strategy: fail-fast: false matrix: - arch: [ '386','amd64' ] - store: [ 'sqlite', 'postgres', 'mysql' ] + arch: [ 'amd64' ] + store: [ 'sqlite', 'postgres' ] runs-on: ubuntu-22.04 steps: - name: Install Go @@ -392,7 +392,7 @@ jobs: strategy: fail-fast: false matrix: - arch: [ '386','amd64' ] + arch: [ 'amd64' ] store: [ 'sqlite', 'postgres' ] runs-on: ubuntu-22.04 steps: @@ -461,7 +461,7 @@ jobs: strategy: fail-fast: false matrix: - arch: [ '386','amd64' ] + arch: [ 'amd64' ] store: [ 'sqlite', 'postgres'] runs-on: ubuntu-22.04 steps: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 04874bdf4..919351f18 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -71,7 +71,7 @@ jobs: - name: Install goversioninfo run: go install github.com/josephspurrier/goversioninfo/cmd/goversioninfo@233067e - name: Generate windows syso amd64 - run: goversioninfo -icon client/ui/netbird.ico -manifest client/manifest.xml -product-name ${{ env.PRODUCT_NAME }} -copyright "${{ env.COPYRIGHT }}" -ver-major ${{ steps.semver_parser.outputs.major }} -ver-minor ${{ steps.semver_parser.outputs.minor }} -ver-patch ${{ steps.semver_parser.outputs.patch }} -ver-build 0 -file-version ${{ steps.semver_parser.outputs.fullversion }}.0 -product-version ${{ steps.semver_parser.outputs.fullversion }}.0 -o client/resources_windows_amd64.syso + run: goversioninfo -icon client/ui/assets/netbird.ico -manifest client/manifest.xml -product-name ${{ env.PRODUCT_NAME }} -copyright "${{ env.COPYRIGHT }}" -ver-major ${{ steps.semver_parser.outputs.major }} -ver-minor ${{ steps.semver_parser.outputs.minor }} -ver-patch ${{ steps.semver_parser.outputs.patch }} -ver-build 0 -file-version ${{ steps.semver_parser.outputs.fullversion }}.0 -product-version ${{ steps.semver_parser.outputs.fullversion }}.0 -o client/resources_windows_amd64.syso - name: Run GoReleaser uses: goreleaser/goreleaser-action@v4 with: @@ -150,7 +150,7 @@ jobs: - name: Install goversioninfo run: go install github.com/josephspurrier/goversioninfo/cmd/goversioninfo@233067e - name: Generate windows syso amd64 - run: goversioninfo -64 -icon client/ui/netbird.ico -manifest client/ui/manifest.xml -product-name ${{ env.PRODUCT_NAME }}-"UI" -copyright "${{ env.COPYRIGHT }}" -ver-major ${{ steps.semver_parser.outputs.major }} -ver-minor ${{ steps.semver_parser.outputs.minor }} -ver-patch ${{ steps.semver_parser.outputs.patch }} -ver-build 0 -file-version ${{ steps.semver_parser.outputs.fullversion }}.0 -product-version ${{ steps.semver_parser.outputs.fullversion }}.0 -o client/ui/resources_windows_amd64.syso + run: goversioninfo -64 -icon client/ui/assets/netbird.ico -manifest client/ui/manifest.xml -product-name ${{ env.PRODUCT_NAME }}-"UI" -copyright "${{ env.COPYRIGHT }}" -ver-major ${{ steps.semver_parser.outputs.major }} -ver-minor ${{ steps.semver_parser.outputs.minor }} -ver-patch ${{ steps.semver_parser.outputs.patch }} -ver-build 0 -file-version ${{ steps.semver_parser.outputs.fullversion }}.0 -product-version ${{ steps.semver_parser.outputs.fullversion }}.0 -o client/ui/resources_windows_amd64.syso - name: Run GoReleaser uses: goreleaser/goreleaser-action@v4 diff --git a/.goreleaser_ui.yaml b/.goreleaser_ui.yaml index 1dd649d1b..459f204d3 100644 --- a/.goreleaser_ui.yaml +++ b/.goreleaser_ui.yaml @@ -53,9 +53,9 @@ nfpms: scripts: postinstall: "release_files/ui-post-install.sh" contents: - - src: client/ui/netbird.desktop + - src: client/ui/build/netbird.desktop dst: /usr/share/applications/netbird.desktop - - src: client/ui/netbird.png + - src: client/ui/assets/netbird.png dst: /usr/share/pixmaps/netbird.png dependencies: - netbird @@ -72,9 +72,9 @@ nfpms: scripts: postinstall: "release_files/ui-post-install.sh" contents: - - src: client/ui/netbird.desktop + - src: client/ui/build/netbird.desktop dst: /usr/share/applications/netbird.desktop - - src: client/ui/netbird.png + - src: client/ui/assets/netbird.png dst: /usr/share/pixmaps/netbird.png dependencies: - netbird diff --git a/client/embed/embed.go b/client/embed/embed.go index 9ded618c5..fe95b1942 100644 --- a/client/embed/embed.go +++ b/client/embed/embed.go @@ -134,10 +134,11 @@ func (c *Client) Start(startCtx context.Context) error { // either startup error (permanent backoff err) or nil err (successful engine up) // TODO: make after-startup backoff err available - run := make(chan error, 1) + run := make(chan struct{}, 1) + clientErr := make(chan error, 1) go func() { if err := client.Run(run); err != nil { - run <- err + clientErr <- err } }() @@ -147,13 +148,9 @@ func (c *Client) Start(startCtx context.Context) error { return fmt.Errorf("stop error after context done. Stop error: %w. Context done: %w", stopErr, startCtx.Err()) } return startCtx.Err() - case err := <-run: - if err != nil { - if stopErr := client.Stop(); stopErr != nil { - return fmt.Errorf("stop error after failed to startup. Stop error: %w. Start error: %w", stopErr, err) - } - return fmt.Errorf("startup: %w", err) - } + case err := <-clientErr: + return fmt.Errorf("startup: %w", err) + case <-run: } c.connect = client diff --git a/client/firewall/iface.go b/client/firewall/iface.go index d842abaa1..b83c5f912 100644 --- a/client/firewall/iface.go +++ b/client/firewall/iface.go @@ -4,12 +4,13 @@ import ( wgdevice "golang.zx2c4.com/wireguard/device" "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) // IFaceMapper defines subset methods of interface required for manager type IFaceMapper interface { Name() string - Address() device.WGAddress + Address() wgaddr.Address IsUserspaceBind() bool SetFilter(device.PacketFilter) error GetDevice() *device.FilteredDevice diff --git a/client/firewall/iptables/manager_linux.go b/client/firewall/iptables/manager_linux.go index f8c8945e6..652ab1b3e 100644 --- a/client/firewall/iptables/manager_linux.go +++ b/client/firewall/iptables/manager_linux.go @@ -13,7 +13,7 @@ import ( nberrors "github.com/netbirdio/netbird/client/errors" firewall "github.com/netbirdio/netbird/client/firewall/manager" - "github.com/netbirdio/netbird/client/iface" + "github.com/netbirdio/netbird/client/iface/wgaddr" "github.com/netbirdio/netbird/client/internal/statemanager" ) @@ -31,7 +31,7 @@ type Manager struct { // iFaceMapper defines subset methods of interface required for manager type iFaceMapper interface { Name() string - Address() iface.WGAddress + Address() wgaddr.Address IsUserspaceBind() bool } @@ -167,7 +167,7 @@ func (m *Manager) SetLegacyManagement(isLegacy bool) error { } // Reset firewall to the default state -func (m *Manager) Reset(stateManager *statemanager.Manager) error { +func (m *Manager) Close(stateManager *statemanager.Manager) error { m.mutex.Lock() defer m.mutex.Unlock() diff --git a/client/firewall/iptables/manager_linux_test.go b/client/firewall/iptables/manager_linux_test.go index 0dcbc8f5d..af9f5dd23 100644 --- a/client/firewall/iptables/manager_linux_test.go +++ b/client/firewall/iptables/manager_linux_test.go @@ -10,15 +10,15 @@ import ( "github.com/stretchr/testify/require" fw "github.com/netbirdio/netbird/client/firewall/manager" - "github.com/netbirdio/netbird/client/iface" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) var ifaceMock = &iFaceMock{ NameFunc: func() string { return "lo" }, - AddressFunc: func() iface.WGAddress { - return iface.WGAddress{ + AddressFunc: func() wgaddr.Address { + return wgaddr.Address{ IP: net.ParseIP("10.20.0.1"), Network: &net.IPNet{ IP: net.ParseIP("10.20.0.0"), @@ -31,7 +31,7 @@ var ifaceMock = &iFaceMock{ // iFaceMapper defines subset methods of interface required for manager type iFaceMock struct { NameFunc func() string - AddressFunc func() iface.WGAddress + AddressFunc func() wgaddr.Address } func (i *iFaceMock) Name() string { @@ -41,7 +41,7 @@ func (i *iFaceMock) Name() string { panic("NameFunc is not set") } -func (i *iFaceMock) Address() iface.WGAddress { +func (i *iFaceMock) Address() wgaddr.Address { if i.AddressFunc != nil { return i.AddressFunc() } @@ -62,7 +62,7 @@ func TestIptablesManager(t *testing.T) { time.Sleep(time.Second) defer func() { - err := manager.Reset(nil) + err := manager.Close(nil) require.NoError(t, err, "clear the manager state") time.Sleep(time.Second) @@ -100,14 +100,14 @@ func TestIptablesManager(t *testing.T) { _, err = manager.AddPeerFiltering(nil, ip, "udp", nil, port, fw.ActionAccept, "") require.NoError(t, err, "failed to add rule") - err = manager.Reset(nil) + err = manager.Close(nil) require.NoError(t, err, "failed to reset") ok, err := ipv4Client.ChainExists("filter", chainNameInputRules) require.NoError(t, err, "failed check chain exists") if ok { - require.NoErrorf(t, err, "chain '%v' still exists after Reset", chainNameInputRules) + require.NoErrorf(t, err, "chain '%v' still exists after Close", chainNameInputRules) } }) } @@ -117,8 +117,8 @@ func TestIptablesManagerIPSet(t *testing.T) { NameFunc: func() string { return "lo" }, - AddressFunc: func() iface.WGAddress { - return iface.WGAddress{ + AddressFunc: func() wgaddr.Address { + return wgaddr.Address{ IP: net.ParseIP("10.20.0.1"), Network: &net.IPNet{ IP: net.ParseIP("10.20.0.0"), @@ -136,7 +136,7 @@ func TestIptablesManagerIPSet(t *testing.T) { time.Sleep(time.Second) defer func() { - err := manager.Reset(nil) + err := manager.Close(nil) require.NoError(t, err, "clear the manager state") time.Sleep(time.Second) @@ -166,7 +166,7 @@ func TestIptablesManagerIPSet(t *testing.T) { }) t.Run("reset check", func(t *testing.T) { - err = manager.Reset(nil) + err = manager.Close(nil) require.NoError(t, err, "failed to reset") }) } @@ -184,8 +184,8 @@ func TestIptablesCreatePerformance(t *testing.T) { NameFunc: func() string { return "lo" }, - AddressFunc: func() iface.WGAddress { - return iface.WGAddress{ + AddressFunc: func() wgaddr.Address { + return wgaddr.Address{ IP: net.ParseIP("10.20.0.1"), Network: &net.IPNet{ IP: net.ParseIP("10.20.0.0"), @@ -204,7 +204,7 @@ func TestIptablesCreatePerformance(t *testing.T) { time.Sleep(time.Second) defer func() { - err := manager.Reset(nil) + err := manager.Close(nil) require.NoError(t, err, "clear the manager state") time.Sleep(time.Second) diff --git a/client/firewall/iptables/state_linux.go b/client/firewall/iptables/state_linux.go index 44b8340ba..6ef159e01 100644 --- a/client/firewall/iptables/state_linux.go +++ b/client/firewall/iptables/state_linux.go @@ -4,21 +4,20 @@ import ( "fmt" "sync" - "github.com/netbirdio/netbird/client/iface" - "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) type InterfaceState struct { - NameStr string `json:"name"` - WGAddress iface.WGAddress `json:"wg_address"` - UserspaceBind bool `json:"userspace_bind"` + NameStr string `json:"name"` + WGAddress wgaddr.Address `json:"wg_address"` + UserspaceBind bool `json:"userspace_bind"` } func (i *InterfaceState) Name() string { return i.NameStr } -func (i *InterfaceState) Address() device.WGAddress { +func (i *InterfaceState) Address() wgaddr.Address { return i.WGAddress } @@ -62,7 +61,7 @@ func (s *ShutdownState) Cleanup() error { ipt.aclMgr.ipsetStore = s.ACLIPsetStore } - if err := ipt.Reset(nil); err != nil { + if err := ipt.Close(nil); err != nil { return fmt.Errorf("reset iptables manager: %w", err) } diff --git a/client/firewall/manager/firewall.go b/client/firewall/manager/firewall.go index 6d369f649..1d71051ef 100644 --- a/client/firewall/manager/firewall.go +++ b/client/firewall/manager/firewall.go @@ -102,8 +102,8 @@ type Manager interface { // SetLegacyManagement sets the legacy management mode SetLegacyManagement(legacy bool) error - // Reset firewall to the default state - Reset(stateManager *statemanager.Manager) error + // Close closes the firewall manager + Close(stateManager *statemanager.Manager) error // Flush the changes to firewall controller Flush() error diff --git a/client/firewall/nftables/manager_linux.go b/client/firewall/nftables/manager_linux.go index 878ede2da..a5809471c 100644 --- a/client/firewall/nftables/manager_linux.go +++ b/client/firewall/nftables/manager_linux.go @@ -14,7 +14,7 @@ import ( log "github.com/sirupsen/logrus" firewall "github.com/netbirdio/netbird/client/firewall/manager" - "github.com/netbirdio/netbird/client/iface" + "github.com/netbirdio/netbird/client/iface/wgaddr" "github.com/netbirdio/netbird/client/internal/statemanager" ) @@ -29,7 +29,7 @@ const ( // iFaceMapper defines subset methods of interface required for manager type iFaceMapper interface { Name() string - Address() iface.WGAddress + Address() wgaddr.Address IsUserspaceBind() bool } @@ -87,7 +87,7 @@ func (m *Manager) Init(stateManager *statemanager.Manager) error { // We only need to record minimal interface state for potential recreation. // Unlike iptables, which requires tracking individual rules, nftables maintains // a known state (our netbird table plus a few static rules). This allows for easy - // cleanup using Reset() without needing to store specific rules. + // cleanup using Close() without needing to store specific rules. if err := stateManager.UpdateState(&ShutdownState{ InterfaceState: &InterfaceState{ NameStr: m.wgIface.Name(), @@ -243,7 +243,7 @@ func (m *Manager) SetLegacyManagement(isLegacy bool) error { } // Reset firewall to the default state -func (m *Manager) Reset(stateManager *statemanager.Manager) error { +func (m *Manager) Close(stateManager *statemanager.Manager) error { m.mutex.Lock() defer m.mutex.Unlock() diff --git a/client/firewall/nftables/manager_linux_test.go b/client/firewall/nftables/manager_linux_test.go index bfdffd9e3..373743a08 100644 --- a/client/firewall/nftables/manager_linux_test.go +++ b/client/firewall/nftables/manager_linux_test.go @@ -16,15 +16,15 @@ import ( "golang.org/x/sys/unix" fw "github.com/netbirdio/netbird/client/firewall/manager" - "github.com/netbirdio/netbird/client/iface" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) var ifaceMock = &iFaceMock{ NameFunc: func() string { return "lo" }, - AddressFunc: func() iface.WGAddress { - return iface.WGAddress{ + AddressFunc: func() wgaddr.Address { + return wgaddr.Address{ IP: net.ParseIP("100.96.0.1"), Network: &net.IPNet{ IP: net.ParseIP("100.96.0.0"), @@ -37,7 +37,7 @@ var ifaceMock = &iFaceMock{ // iFaceMapper defines subset methods of interface required for manager type iFaceMock struct { NameFunc func() string - AddressFunc func() iface.WGAddress + AddressFunc func() wgaddr.Address } func (i *iFaceMock) Name() string { @@ -47,7 +47,7 @@ func (i *iFaceMock) Name() string { panic("NameFunc is not set") } -func (i *iFaceMock) Address() iface.WGAddress { +func (i *iFaceMock) Address() wgaddr.Address { if i.AddressFunc != nil { return i.AddressFunc() } @@ -65,7 +65,7 @@ func TestNftablesManager(t *testing.T) { time.Sleep(time.Second * 3) defer func() { - err = manager.Reset(nil) + err = manager.Close(nil) require.NoError(t, err, "failed to reset") time.Sleep(time.Second) }() @@ -162,7 +162,7 @@ func TestNftablesManager(t *testing.T) { // established rule remains require.Len(t, rules, 1, "expected 1 rules after deletion") - err = manager.Reset(nil) + err = manager.Close(nil) require.NoError(t, err, "failed to reset") } @@ -171,8 +171,8 @@ func TestNFtablesCreatePerformance(t *testing.T) { NameFunc: func() string { return "lo" }, - AddressFunc: func() iface.WGAddress { - return iface.WGAddress{ + AddressFunc: func() wgaddr.Address { + return wgaddr.Address{ IP: net.ParseIP("100.96.0.1"), Network: &net.IPNet{ IP: net.ParseIP("100.96.0.0"), @@ -191,7 +191,7 @@ func TestNFtablesCreatePerformance(t *testing.T) { time.Sleep(time.Second * 3) defer func() { - if err := manager.Reset(nil); err != nil { + if err := manager.Close(nil); err != nil { t.Errorf("clear the manager state: %v", err) } time.Sleep(time.Second) @@ -274,7 +274,7 @@ func TestNftablesManagerCompatibilityWithIptables(t *testing.T) { require.NoError(t, manager.Init(nil)) t.Cleanup(func() { - err := manager.Reset(nil) + err := manager.Close(nil) require.NoError(t, err, "failed to reset manager state") // Verify iptables output after reset diff --git a/client/firewall/nftables/router_linux_test.go b/client/firewall/nftables/router_linux_test.go index 87a219a70..498fdf882 100644 --- a/client/firewall/nftables/router_linux_test.go +++ b/client/firewall/nftables/router_linux_test.go @@ -38,7 +38,7 @@ func TestNftablesManager_AddNatRule(t *testing.T) { // need fw manager to init both acl mgr and router for all chains to be present manager, err := Create(ifaceMock) t.Cleanup(func() { - require.NoError(t, manager.Reset(nil)) + require.NoError(t, manager.Close(nil)) }) require.NoError(t, err) require.NoError(t, manager.Init(nil)) @@ -127,7 +127,7 @@ func TestNftablesManager_RemoveNatRule(t *testing.T) { t.Run(testCase.Name, func(t *testing.T) { manager, err := Create(ifaceMock) t.Cleanup(func() { - require.NoError(t, manager.Reset(nil)) + require.NoError(t, manager.Close(nil)) }) require.NoError(t, err) require.NoError(t, manager.Init(nil)) diff --git a/client/firewall/nftables/state_linux.go b/client/firewall/nftables/state_linux.go index a68c8b8b8..f805623d6 100644 --- a/client/firewall/nftables/state_linux.go +++ b/client/firewall/nftables/state_linux.go @@ -3,21 +3,20 @@ package nftables import ( "fmt" - "github.com/netbirdio/netbird/client/iface" - "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) type InterfaceState struct { - NameStr string `json:"name"` - WGAddress iface.WGAddress `json:"wg_address"` - UserspaceBind bool `json:"userspace_bind"` + NameStr string `json:"name"` + WGAddress wgaddr.Address `json:"wg_address"` + UserspaceBind bool `json:"userspace_bind"` } func (i *InterfaceState) Name() string { return i.NameStr } -func (i *InterfaceState) Address() device.WGAddress { +func (i *InterfaceState) Address() wgaddr.Address { return i.WGAddress } @@ -39,7 +38,7 @@ func (s *ShutdownState) Cleanup() error { return fmt.Errorf("create nftables manager: %w", err) } - if err := nft.Reset(nil); err != nil { + if err := nft.Close(nil); err != nil { return fmt.Errorf("reset nftables manager: %w", err) } diff --git a/client/firewall/uspfilter/allow_netbird.go b/client/firewall/uspfilter/allow_netbird.go index 4808c3090..5fe698aa9 100644 --- a/client/firewall/uspfilter/allow_netbird.go +++ b/client/firewall/uspfilter/allow_netbird.go @@ -9,12 +9,11 @@ import ( log "github.com/sirupsen/logrus" - "github.com/netbirdio/netbird/client/firewall/uspfilter/conntrack" "github.com/netbirdio/netbird/client/internal/statemanager" ) // Reset firewall to the default state -func (m *Manager) Reset(stateManager *statemanager.Manager) error { +func (m *Manager) Close(stateManager *statemanager.Manager) error { m.mutex.Lock() defer m.mutex.Unlock() @@ -23,17 +22,14 @@ func (m *Manager) Reset(stateManager *statemanager.Manager) error { if m.udpTracker != nil { m.udpTracker.Close() - m.udpTracker = conntrack.NewUDPTracker(conntrack.DefaultUDPTimeout, m.logger, m.flowLogger) } if m.icmpTracker != nil { m.icmpTracker.Close() - m.icmpTracker = conntrack.NewICMPTracker(conntrack.DefaultICMPTimeout, m.logger, m.flowLogger) } if m.tcpTracker != nil { m.tcpTracker.Close() - m.tcpTracker = conntrack.NewTCPTracker(conntrack.DefaultTCPTimeout, m.logger, m.flowLogger) } if fwder := m.forwarder.Load(); fwder != nil { @@ -49,7 +45,7 @@ func (m *Manager) Reset(stateManager *statemanager.Manager) error { } if m.nativeFirewall != nil { - return m.nativeFirewall.Reset(stateManager) + return m.nativeFirewall.Close(stateManager) } return nil } diff --git a/client/firewall/uspfilter/allow_netbird_windows.go b/client/firewall/uspfilter/allow_netbird_windows.go index ff80fec41..f63792fec 100644 --- a/client/firewall/uspfilter/allow_netbird_windows.go +++ b/client/firewall/uspfilter/allow_netbird_windows.go @@ -23,7 +23,7 @@ const ( ) // Reset firewall to the default state -func (m *Manager) Reset(*statemanager.Manager) error { +func (m *Manager) Close(*statemanager.Manager) error { m.mutex.Lock() defer m.mutex.Unlock() diff --git a/client/firewall/uspfilter/common/iface.go b/client/firewall/uspfilter/common/iface.go index d44e79509..7296953db 100644 --- a/client/firewall/uspfilter/common/iface.go +++ b/client/firewall/uspfilter/common/iface.go @@ -3,14 +3,14 @@ package common import ( wgdevice "golang.zx2c4.com/wireguard/device" - "github.com/netbirdio/netbird/client/iface" "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) // IFaceMapper defines subset methods of interface required for manager type IFaceMapper interface { SetFilter(device.PacketFilter) error - Address() iface.WGAddress + Address() wgaddr.Address GetWGDevice() *wgdevice.Device GetDevice() *device.FilteredDevice } diff --git a/client/firewall/uspfilter/conntrack/icmp.go b/client/firewall/uspfilter/conntrack/icmp.go index 49cc832e6..1a6566fa8 100644 --- a/client/firewall/uspfilter/conntrack/icmp.go +++ b/client/firewall/uspfilter/conntrack/icmp.go @@ -1,6 +1,7 @@ package conntrack import ( + "context" "fmt" "net/netip" "sync" @@ -44,8 +45,8 @@ type ICMPTracker struct { connections map[ICMPConnKey]*ICMPConnTrack timeout time.Duration cleanupTicker *time.Ticker + tickerCancel context.CancelFunc mutex sync.RWMutex - done chan struct{} flowLogger nftypes.FlowLogger } @@ -55,16 +56,18 @@ func NewICMPTracker(timeout time.Duration, logger *nblog.Logger, flowLogger nfty timeout = DefaultICMPTimeout } + ctx, cancel := context.WithCancel(context.Background()) + tracker := &ICMPTracker{ logger: logger, connections: make(map[ICMPConnKey]*ICMPConnTrack), timeout: timeout, cleanupTicker: time.NewTicker(ICMPCleanupInterval), - done: make(chan struct{}), + tickerCancel: cancel, flowLogger: flowLogger, } - go tracker.cleanupRoutine() + go tracker.cleanupRoutine(ctx) return tracker } @@ -164,12 +167,14 @@ func (t *ICMPTracker) IsValidInbound(srcIP netip.Addr, dstIP netip.Addr, id uint return true } -func (t *ICMPTracker) cleanupRoutine() { +func (t *ICMPTracker) cleanupRoutine(ctx context.Context) { + defer t.tickerCancel() + for { select { case <-t.cleanupTicker.C: t.cleanup() - case <-t.done: + case <-ctx.Done(): return } } @@ -192,8 +197,7 @@ func (t *ICMPTracker) cleanup() { // Close stops the cleanup routine and releases resources func (t *ICMPTracker) Close() { - t.cleanupTicker.Stop() - close(t.done) + t.tickerCancel() t.mutex.Lock() t.connections = nil diff --git a/client/firewall/uspfilter/conntrack/tcp.go b/client/firewall/uspfilter/conntrack/tcp.go index b5e470bf9..a1f17966a 100644 --- a/client/firewall/uspfilter/conntrack/tcp.go +++ b/client/firewall/uspfilter/conntrack/tcp.go @@ -3,6 +3,7 @@ package conntrack // TODO: Send RST packets for invalid/timed-out connections import ( + "context" "net/netip" "sync" "sync/atomic" @@ -122,7 +123,7 @@ type TCPTracker struct { connections map[ConnKey]*TCPConnTrack mutex sync.RWMutex cleanupTicker *time.Ticker - done chan struct{} + tickerCancel context.CancelFunc timeout time.Duration flowLogger nftypes.FlowLogger } @@ -133,16 +134,18 @@ func NewTCPTracker(timeout time.Duration, logger *nblog.Logger, flowLogger nftyp timeout = DefaultTCPTimeout } + ctx, cancel := context.WithCancel(context.Background()) + tracker := &TCPTracker{ logger: logger, connections: make(map[ConnKey]*TCPConnTrack), cleanupTicker: time.NewTicker(TCPCleanupInterval), - done: make(chan struct{}), + tickerCancel: cancel, timeout: timeout, flowLogger: flowLogger, } - go tracker.cleanupRoutine() + go tracker.cleanupRoutine(ctx) return tracker } @@ -396,12 +399,14 @@ func (t *TCPTracker) isValidStateForFlags(state TCPState, flags uint8) bool { return false } -func (t *TCPTracker) cleanupRoutine() { +func (t *TCPTracker) cleanupRoutine(ctx context.Context) { + defer t.cleanupTicker.Stop() + for { select { case <-t.cleanupTicker.C: t.cleanup() - case <-t.done: + case <-ctx.Done(): return } } @@ -444,8 +449,7 @@ func (t *TCPTracker) cleanup() { // Close stops the cleanup routine and releases resources func (t *TCPTracker) Close() { - t.cleanupTicker.Stop() - close(t.done) + t.tickerCancel() // Clean up all remaining IPs t.mutex.Lock() diff --git a/client/firewall/uspfilter/conntrack/udp.go b/client/firewall/uspfilter/conntrack/udp.go index 94db24f5f..7ca493a9d 100644 --- a/client/firewall/uspfilter/conntrack/udp.go +++ b/client/firewall/uspfilter/conntrack/udp.go @@ -1,6 +1,7 @@ package conntrack import ( + "context" "net/netip" "sync" "time" @@ -31,8 +32,8 @@ type UDPTracker struct { connections map[ConnKey]*UDPConnTrack timeout time.Duration cleanupTicker *time.Ticker + tickerCancel context.CancelFunc mutex sync.RWMutex - done chan struct{} flowLogger nftypes.FlowLogger } @@ -42,16 +43,18 @@ func NewUDPTracker(timeout time.Duration, logger *nblog.Logger, flowLogger nftyp timeout = DefaultUDPTimeout } + ctx, cancel := context.WithCancel(context.Background()) + tracker := &UDPTracker{ logger: logger, connections: make(map[ConnKey]*UDPConnTrack), timeout: timeout, cleanupTicker: time.NewTicker(UDPCleanupInterval), - done: make(chan struct{}), + tickerCancel: cancel, flowLogger: flowLogger, } - go tracker.cleanupRoutine() + go tracker.cleanupRoutine(ctx) return tracker } @@ -140,12 +143,14 @@ func (t *UDPTracker) IsValidInbound(srcIP netip.Addr, dstIP netip.Addr, srcPort } // cleanupRoutine periodically removes stale connections -func (t *UDPTracker) cleanupRoutine() { +func (t *UDPTracker) cleanupRoutine(ctx context.Context) { + defer t.cleanupTicker.Stop() + for { select { case <-t.cleanupTicker.C: t.cleanup() - case <-t.done: + case <-ctx.Done(): return } } @@ -168,8 +173,7 @@ func (t *UDPTracker) cleanup() { // Close stops the cleanup routine and releases resources func (t *UDPTracker) Close() { - t.cleanupTicker.Stop() - close(t.done) + t.tickerCancel() t.mutex.Lock() t.connections = nil diff --git a/client/firewall/uspfilter/conntrack/udp_test.go b/client/firewall/uspfilter/conntrack/udp_test.go index 14b912908..7ad1e0e4b 100644 --- a/client/firewall/uspfilter/conntrack/udp_test.go +++ b/client/firewall/uspfilter/conntrack/udp_test.go @@ -1,6 +1,7 @@ package conntrack import ( + "context" "net/netip" "testing" "time" @@ -34,7 +35,7 @@ func TestNewUDPTracker(t *testing.T) { assert.Equal(t, tt.wantTimeout, tracker.timeout) assert.NotNil(t, tracker.connections) assert.NotNil(t, tracker.cleanupTicker) - assert.NotNil(t, tracker.done) + assert.NotNil(t, tracker.tickerCancel) }) } } @@ -159,18 +160,21 @@ func TestUDPTracker_Cleanup(t *testing.T) { timeout := 50 * time.Millisecond cleanupInterval := 25 * time.Millisecond + ctx, tickerCancel := context.WithCancel(context.Background()) + defer tickerCancel() + // Create tracker with custom cleanup interval tracker := &UDPTracker{ connections: make(map[ConnKey]*UDPConnTrack), timeout: timeout, cleanupTicker: time.NewTicker(cleanupInterval), - done: make(chan struct{}), + tickerCancel: tickerCancel, logger: logger, flowLogger: flowLogger, } // Start cleanup routine - go tracker.cleanupRoutine() + go tracker.cleanupRoutine(ctx) // Add some connections connections := []struct { diff --git a/client/firewall/uspfilter/forwarder/icmp.go b/client/firewall/uspfilter/forwarder/icmp.go index 833854a21..a21ec2c87 100644 --- a/client/firewall/uspfilter/forwarder/icmp.go +++ b/client/firewall/uspfilter/forwarder/icmp.go @@ -117,8 +117,8 @@ func (f *Forwarder) sendICMPEvent(typ nftypes.Type, flowID uuid.UUID, id stack.T Direction: nftypes.Ingress, Protocol: nftypes.ICMP, // TODO: handle ipv6 - SourceIP: netip.AddrFrom4(id.LocalAddress.As4()), - DestIP: netip.AddrFrom4(id.RemoteAddress.As4()), + SourceIP: netip.AddrFrom4(id.RemoteAddress.As4()), + DestIP: netip.AddrFrom4(id.LocalAddress.As4()), ICMPType: icmpType, ICMPCode: icmpCode, diff --git a/client/firewall/uspfilter/forwarder/tcp.go b/client/firewall/uspfilter/forwarder/tcp.go index c3e1eca80..71cd457ef 100644 --- a/client/firewall/uspfilter/forwarder/tcp.go +++ b/client/firewall/uspfilter/forwarder/tcp.go @@ -113,10 +113,10 @@ func (f *Forwarder) sendTCPEvent(typ nftypes.Type, flowID uuid.UUID, id stack.Tr Direction: nftypes.Ingress, Protocol: nftypes.TCP, // TODO: handle ipv6 - SourceIP: netip.AddrFrom4(id.LocalAddress.As4()), - DestIP: netip.AddrFrom4(id.RemoteAddress.As4()), - SourcePort: id.LocalPort, - DestPort: id.RemotePort, + SourceIP: netip.AddrFrom4(id.RemoteAddress.As4()), + DestIP: netip.AddrFrom4(id.LocalAddress.As4()), + SourcePort: id.RemotePort, + DestPort: id.LocalPort, } if ep != nil { diff --git a/client/firewall/uspfilter/forwarder/udp.go b/client/firewall/uspfilter/forwarder/udp.go index 20e1ee3a7..7ce85e2b6 100644 --- a/client/firewall/uspfilter/forwarder/udp.go +++ b/client/firewall/uspfilter/forwarder/udp.go @@ -89,21 +89,6 @@ func (f *udpForwarder) Stop() { } } -// sendUDPEvent stores flow events for UDP connections -func (f *udpForwarder) sendUDPEvent(typ nftypes.Type, flowID uuid.UUID, id stack.TransportEndpointID) { - f.flowLogger.StoreEvent(nftypes.EventFields{ - FlowID: flowID, - Type: typ, - Direction: nftypes.Ingress, - Protocol: 17, - // TODO: handle ipv6 - SourceIP: netip.AddrFrom4(id.LocalAddress.As4()), - DestIP: netip.AddrFrom4(id.RemoteAddress.As4()), - SourcePort: id.LocalPort, - DestPort: id.RemotePort, - }) -} - // cleanup periodically removes idle UDP connections func (f *udpForwarder) cleanup() { ticker := time.NewTicker(time.Minute) @@ -140,8 +125,6 @@ func (f *udpForwarder) cleanup() { f.Unlock() f.logger.Trace("forwarder: cleaned up idle UDP connection %v", epID(idle.id)) - - f.sendUDPEvent(nftypes.TypeEnd, idle.conn.flowID, idle.id) } } } @@ -270,18 +253,18 @@ func (f *Forwarder) proxyUDP(ctx context.Context, pConn *udpPacketConn, id stack } } -// sendUDPEvent stores flow events for UDP connections, mirrors the TCP version +// sendUDPEvent stores flow events for UDP connections func (f *Forwarder) sendUDPEvent(typ nftypes.Type, flowID uuid.UUID, id stack.TransportEndpointID, ep tcpip.Endpoint) { fields := nftypes.EventFields{ FlowID: flowID, Type: typ, Direction: nftypes.Ingress, - Protocol: 17, // UDP protocol number + Protocol: nftypes.UDP, // TODO: handle ipv6 - SourceIP: netip.AddrFrom4(id.LocalAddress.As4()), - DestIP: netip.AddrFrom4(id.RemoteAddress.As4()), - SourcePort: id.LocalPort, - DestPort: id.RemotePort, + SourceIP: netip.AddrFrom4(id.RemoteAddress.As4()), + DestIP: netip.AddrFrom4(id.LocalAddress.As4()), + SourcePort: id.RemotePort, + DestPort: id.LocalPort, } if ep != nil { diff --git a/client/firewall/uspfilter/localip_test.go b/client/firewall/uspfilter/localip_test.go index 890b7a30d..0715ddc41 100644 --- a/client/firewall/uspfilter/localip_test.go +++ b/client/firewall/uspfilter/localip_test.go @@ -7,19 +7,19 @@ import ( "github.com/stretchr/testify/require" - "github.com/netbirdio/netbird/client/iface" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) func TestLocalIPManager(t *testing.T) { tests := []struct { name string - setupAddr iface.WGAddress + setupAddr wgaddr.Address testIP netip.Addr expected bool }{ { name: "Localhost range", - setupAddr: iface.WGAddress{ + setupAddr: wgaddr.Address{ IP: net.ParseIP("192.168.1.1"), Network: &net.IPNet{ IP: net.ParseIP("192.168.1.0"), @@ -31,7 +31,7 @@ func TestLocalIPManager(t *testing.T) { }, { name: "Localhost standard address", - setupAddr: iface.WGAddress{ + setupAddr: wgaddr.Address{ IP: net.ParseIP("192.168.1.1"), Network: &net.IPNet{ IP: net.ParseIP("192.168.1.0"), @@ -43,7 +43,7 @@ func TestLocalIPManager(t *testing.T) { }, { name: "Localhost range edge", - setupAddr: iface.WGAddress{ + setupAddr: wgaddr.Address{ IP: net.ParseIP("192.168.1.1"), Network: &net.IPNet{ IP: net.ParseIP("192.168.1.0"), @@ -55,7 +55,7 @@ func TestLocalIPManager(t *testing.T) { }, { name: "Local IP matches", - setupAddr: iface.WGAddress{ + setupAddr: wgaddr.Address{ IP: net.ParseIP("192.168.1.1"), Network: &net.IPNet{ IP: net.ParseIP("192.168.1.0"), @@ -67,7 +67,7 @@ func TestLocalIPManager(t *testing.T) { }, { name: "Local IP doesn't match", - setupAddr: iface.WGAddress{ + setupAddr: wgaddr.Address{ IP: net.ParseIP("192.168.1.1"), Network: &net.IPNet{ IP: net.ParseIP("192.168.1.0"), @@ -79,7 +79,7 @@ func TestLocalIPManager(t *testing.T) { }, { name: "IPv6 address", - setupAddr: iface.WGAddress{ + setupAddr: wgaddr.Address{ IP: net.ParseIP("fe80::1"), Network: &net.IPNet{ IP: net.ParseIP("fe80::"), @@ -96,7 +96,7 @@ func TestLocalIPManager(t *testing.T) { manager := newLocalIPManager() mock := &IFaceMock{ - AddressFunc: func() iface.WGAddress { + AddressFunc: func() wgaddr.Address { return tt.setupAddr }, } diff --git a/client/firewall/uspfilter/tracer_test.go b/client/firewall/uspfilter/tracer_test.go index d8269f254..48b0ec44d 100644 --- a/client/firewall/uspfilter/tracer_test.go +++ b/client/firewall/uspfilter/tracer_test.go @@ -10,8 +10,8 @@ import ( fw "github.com/netbirdio/netbird/client/firewall/manager" "github.com/netbirdio/netbird/client/firewall/uspfilter/conntrack" "github.com/netbirdio/netbird/client/firewall/uspfilter/forwarder" - "github.com/netbirdio/netbird/client/iface" "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) func verifyTraceStages(t *testing.T, trace *PacketTrace, expectedStages []PacketStage) { @@ -36,8 +36,8 @@ func TestTracePacket(t *testing.T) { setupTracerTest := func(statefulMode bool) *Manager { ifaceMock := &IFaceMock{ SetFilterFunc: func(device.PacketFilter) error { return nil }, - AddressFunc: func() iface.WGAddress { - return iface.WGAddress{ + AddressFunc: func() wgaddr.Address { + return wgaddr.Address{ IP: net.ParseIP("100.10.0.100"), Network: &net.IPNet{ IP: net.ParseIP("100.10.0.0"), diff --git a/client/firewall/uspfilter/uspfilter_bench_test.go b/client/firewall/uspfilter/uspfilter_bench_test.go index b43ac2b16..beb5b9336 100644 --- a/client/firewall/uspfilter/uspfilter_bench_test.go +++ b/client/firewall/uspfilter/uspfilter_bench_test.go @@ -171,7 +171,7 @@ func BenchmarkCoreFiltering(b *testing.B) { SetFilterFunc: func(device.PacketFilter) error { return nil }, }, false, flowLogger) defer b.Cleanup(func() { - require.NoError(b, manager.Reset(nil)) + require.NoError(b, manager.Close(nil)) }) manager.wgNetwork = &net.IPNet{ @@ -216,7 +216,7 @@ func BenchmarkStateScaling(b *testing.B) { SetFilterFunc: func(device.PacketFilter) error { return nil }, }, false, flowLogger) b.Cleanup(func() { - require.NoError(b, manager.Reset(nil)) + require.NoError(b, manager.Close(nil)) }) manager.wgNetwork = &net.IPNet{ @@ -264,7 +264,7 @@ func BenchmarkEstablishmentOverhead(b *testing.B) { SetFilterFunc: func(device.PacketFilter) error { return nil }, }, false, flowLogger) b.Cleanup(func() { - require.NoError(b, manager.Reset(nil)) + require.NoError(b, manager.Close(nil)) }) manager.wgNetwork = &net.IPNet{ @@ -463,7 +463,7 @@ func BenchmarkRoutedNetworkReturn(b *testing.B) { SetFilterFunc: func(device.PacketFilter) error { return nil }, }, false, flowLogger) b.Cleanup(func() { - require.NoError(b, manager.Reset(nil)) + require.NoError(b, manager.Close(nil)) }) // Setup scenario @@ -590,7 +590,7 @@ func BenchmarkLongLivedConnections(b *testing.B) { SetFilterFunc: func(device.PacketFilter) error { return nil }, }, false, flowLogger) defer b.Cleanup(func() { - require.NoError(b, manager.Reset(nil)) + require.NoError(b, manager.Close(nil)) }) manager.SetNetwork(&net.IPNet{ @@ -678,7 +678,7 @@ func BenchmarkShortLivedConnections(b *testing.B) { SetFilterFunc: func(device.PacketFilter) error { return nil }, }, false, flowLogger) defer b.Cleanup(func() { - require.NoError(b, manager.Reset(nil)) + require.NoError(b, manager.Close(nil)) }) manager.SetNetwork(&net.IPNet{ @@ -794,7 +794,7 @@ func BenchmarkParallelLongLivedConnections(b *testing.B) { SetFilterFunc: func(device.PacketFilter) error { return nil }, }, false, flowLogger) defer b.Cleanup(func() { - require.NoError(b, manager.Reset(nil)) + require.NoError(b, manager.Close(nil)) }) manager.SetNetwork(&net.IPNet{ @@ -879,7 +879,7 @@ func BenchmarkParallelShortLivedConnections(b *testing.B) { SetFilterFunc: func(device.PacketFilter) error { return nil }, }, false, flowLogger) defer b.Cleanup(func() { - require.NoError(b, manager.Reset(nil)) + require.NoError(b, manager.Close(nil)) }) manager.SetNetwork(&net.IPNet{ diff --git a/client/firewall/uspfilter/uspfilter_filter_test.go b/client/firewall/uspfilter/uspfilter_filter_test.go index 3a97506f1..ba97c2643 100644 --- a/client/firewall/uspfilter/uspfilter_filter_test.go +++ b/client/firewall/uspfilter/uspfilter_filter_test.go @@ -12,9 +12,9 @@ import ( wgdevice "golang.zx2c4.com/wireguard/device" fw "github.com/netbirdio/netbird/client/firewall/manager" - "github.com/netbirdio/netbird/client/iface" "github.com/netbirdio/netbird/client/iface/device" "github.com/netbirdio/netbird/client/iface/mocks" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) func TestPeerACLFiltering(t *testing.T) { @@ -26,8 +26,8 @@ func TestPeerACLFiltering(t *testing.T) { ifaceMock := &IFaceMock{ SetFilterFunc: func(device.PacketFilter) error { return nil }, - AddressFunc: func() iface.WGAddress { - return iface.WGAddress{ + AddressFunc: func() wgaddr.Address { + return wgaddr.Address{ IP: localIP, Network: wgNet, } @@ -39,7 +39,7 @@ func TestPeerACLFiltering(t *testing.T) { require.NotNil(t, manager) t.Cleanup(func() { - require.NoError(t, manager.Reset(nil)) + require.NoError(t, manager.Close(nil)) }) manager.wgNetwork = wgNet @@ -288,8 +288,8 @@ func setupRoutedManager(tb testing.TB, network string) *Manager { ifaceMock := &IFaceMock{ SetFilterFunc: func(device.PacketFilter) error { return nil }, - AddressFunc: func() iface.WGAddress { - return iface.WGAddress{ + AddressFunc: func() wgaddr.Address { + return wgaddr.Address{ IP: localIP, Network: wgNet, } @@ -310,7 +310,7 @@ func setupRoutedManager(tb testing.TB, network string) *Manager { require.False(tb, manager.nativeRouter.Load()) tb.Cleanup(func() { - require.NoError(tb, manager.Reset(nil)) + require.NoError(tb, manager.Close(nil)) }) return manager diff --git a/client/firewall/uspfilter/uspfilter_test.go b/client/firewall/uspfilter/uspfilter_test.go index 8408f8efc..a095a5e39 100644 --- a/client/firewall/uspfilter/uspfilter_test.go +++ b/client/firewall/uspfilter/uspfilter_test.go @@ -18,8 +18,8 @@ import ( fw "github.com/netbirdio/netbird/client/firewall/manager" "github.com/netbirdio/netbird/client/firewall/uspfilter/conntrack" "github.com/netbirdio/netbird/client/firewall/uspfilter/log" - "github.com/netbirdio/netbird/client/iface" "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" "github.com/netbirdio/netbird/client/internal/netflow" ) @@ -28,7 +28,7 @@ var flowLogger = netflow.NewManager(context.Background(), nil, []byte{}, nil).Ge type IFaceMock struct { SetFilterFunc func(device.PacketFilter) error - AddressFunc func() iface.WGAddress + AddressFunc func() wgaddr.Address GetWGDeviceFunc func() *wgdevice.Device GetDeviceFunc func() *device.FilteredDevice } @@ -54,9 +54,9 @@ func (i *IFaceMock) SetFilter(iface device.PacketFilter) error { return i.SetFilterFunc(iface) } -func (i *IFaceMock) Address() iface.WGAddress { +func (i *IFaceMock) Address() wgaddr.Address { if i.AddressFunc == nil { - return iface.WGAddress{} + return wgaddr.Address{} } return i.AddressFunc() } @@ -255,7 +255,7 @@ func TestManagerReset(t *testing.T) { return } - err = m.Reset(nil) + err = m.Close(nil) if err != nil { t.Errorf("failed to reset Manager: %v", err) return @@ -269,8 +269,8 @@ func TestManagerReset(t *testing.T) { func TestNotMatchByIP(t *testing.T) { ifaceMock := &IFaceMock{ SetFilterFunc: func(device.PacketFilter) error { return nil }, - AddressFunc: func() iface.WGAddress { - return iface.WGAddress{ + AddressFunc: func() wgaddr.Address { + return wgaddr.Address{ IP: net.ParseIP("100.10.0.100"), Network: &net.IPNet{ IP: net.ParseIP("100.10.0.0"), @@ -333,7 +333,7 @@ func TestNotMatchByIP(t *testing.T) { return } - if err = m.Reset(nil); err != nil { + if err = m.Close(nil); err != nil { t.Errorf("failed to reset Manager: %v", err) return } @@ -352,7 +352,7 @@ func TestRemovePacketHook(t *testing.T) { t.Fatalf("Failed to create Manager: %s", err) } defer func() { - require.NoError(t, manager.Reset(nil)) + require.NoError(t, manager.Close(nil)) }() // Add a UDP packet hook @@ -403,7 +403,7 @@ func TestProcessOutgoingHooks(t *testing.T) { manager.udpTracker.Close() manager.udpTracker = conntrack.NewUDPTracker(100*time.Millisecond, logger, flowLogger) defer func() { - require.NoError(t, manager.Reset(nil)) + require.NoError(t, manager.Close(nil)) }() manager.decoders = sync.Pool{ @@ -484,7 +484,7 @@ func TestUSPFilterCreatePerformance(t *testing.T) { time.Sleep(time.Second) defer func() { - if err := manager.Reset(nil); err != nil { + if err := manager.Close(nil); err != nil { t.Errorf("clear the manager state: %v", err) } time.Sleep(time.Second) @@ -530,7 +530,7 @@ func TestStatefulFirewall_UDPTracking(t *testing.T) { }, } defer func() { - require.NoError(t, manager.Reset(nil)) + require.NoError(t, manager.Close(nil)) }() // Set up packet parameters diff --git a/client/iface/bind/ice_bind.go b/client/iface/bind/ice_bind.go index 41f415af7..66ec6a00d 100644 --- a/client/iface/bind/ice_bind.go +++ b/client/iface/bind/ice_bind.go @@ -5,7 +5,6 @@ import ( "net" "net/netip" "runtime" - "strings" "sync" "github.com/pion/stun/v2" @@ -14,6 +13,8 @@ import ( "golang.org/x/net/ipv4" "golang.org/x/net/ipv6" wgConn "golang.zx2c4.com/wireguard/conn" + + "github.com/netbirdio/netbird/client/iface/wgaddr" ) type RecvMessage struct { @@ -52,9 +53,10 @@ type ICEBind struct { muUDPMux sync.Mutex udpMux *UniversalUDPMuxDefault + address wgaddr.Address } -func NewICEBind(transportNet transport.Net, filterFn FilterFn) *ICEBind { +func NewICEBind(transportNet transport.Net, filterFn FilterFn, address wgaddr.Address) *ICEBind { b, _ := wgConn.NewStdNetBind().(*wgConn.StdNetBind) ib := &ICEBind{ StdNetBind: b, @@ -64,6 +66,7 @@ func NewICEBind(transportNet transport.Net, filterFn FilterFn) *ICEBind { endpoints: make(map[netip.Addr]net.Conn), closedChan: make(chan struct{}), closed: true, + address: address, } rc := receiverCreator{ @@ -108,35 +111,17 @@ func (s *ICEBind) GetICEMux() (*UniversalUDPMuxDefault, error) { return s.udpMux, nil } -func (b *ICEBind) SetEndpoint(peerAddress *net.UDPAddr, conn net.Conn) (*net.UDPAddr, error) { - fakeUDPAddr, err := fakeAddress(peerAddress) - if err != nil { - return nil, err - } - - // force IPv4 - fakeAddr, ok := netip.AddrFromSlice(fakeUDPAddr.IP.To4()) - if !ok { - return nil, fmt.Errorf("failed to convert IP to netip.Addr") - } - +func (b *ICEBind) SetEndpoint(fakeIP netip.Addr, conn net.Conn) { b.endpointsMu.Lock() - b.endpoints[fakeAddr] = conn + b.endpoints[fakeIP] = conn b.endpointsMu.Unlock() - - return fakeUDPAddr, nil } -func (b *ICEBind) RemoveEndpoint(fakeUDPAddr *net.UDPAddr) { - fakeAddr, ok := netip.AddrFromSlice(fakeUDPAddr.IP.To4()) - if !ok { - log.Warnf("failed to convert IP to netip.Addr") - return - } - +func (b *ICEBind) RemoveEndpoint(fakeIP netip.Addr) { b.endpointsMu.Lock() defer b.endpointsMu.Unlock() - delete(b.endpoints, fakeAddr) + + delete(b.endpoints, fakeIP) } func (b *ICEBind) Send(bufs [][]byte, ep wgConn.Endpoint) error { @@ -161,9 +146,10 @@ func (s *ICEBind) createIPv4ReceiverFn(pc *ipv4.PacketConn, conn *net.UDPConn, r s.udpMux = NewUniversalUDPMuxDefault( UniversalUDPMuxParams{ - UDPConn: conn, - Net: s.transportNet, - FilterFn: s.filterFn, + UDPConn: conn, + Net: s.transportNet, + FilterFn: s.filterFn, + WGAddress: s.address, }, ) return func(bufs [][]byte, sizes []int, eps []wgConn.Endpoint) (n int, err error) { @@ -275,21 +261,6 @@ func (c *ICEBind) receiveRelayed(buffs [][]byte, sizes []int, eps []wgConn.Endpo } } -// fakeAddress returns a fake address that is used to as an identifier for the peer. -// The fake address is in the format of 127.1.x.x where x.x is the last two octets of the peer address. -func fakeAddress(peerAddress *net.UDPAddr) (*net.UDPAddr, error) { - octets := strings.Split(peerAddress.IP.String(), ".") - if len(octets) != 4 { - return nil, fmt.Errorf("invalid IP format") - } - - newAddr := &net.UDPAddr{ - IP: net.ParseIP(fmt.Sprintf("127.1.%s.%s", octets[2], octets[3])), - Port: peerAddress.Port, - } - return newAddr, nil -} - func getMessages(msgsPool *sync.Pool) *[]ipv6.Message { return msgsPool.Get().(*[]ipv6.Message) } diff --git a/client/iface/bind/udp_mux_universal.go b/client/iface/bind/udp_mux_universal.go index ebbefe035..6f851393e 100644 --- a/client/iface/bind/udp_mux_universal.go +++ b/client/iface/bind/udp_mux_universal.go @@ -17,6 +17,8 @@ import ( "github.com/pion/logging" "github.com/pion/stun/v2" "github.com/pion/transport/v3" + + "github.com/netbirdio/netbird/client/iface/wgaddr" ) // FilterFn is a function that filters out candidates based on the address. @@ -41,6 +43,7 @@ type UniversalUDPMuxParams struct { XORMappedAddrCacheTTL time.Duration Net transport.Net FilterFn FilterFn + WGAddress wgaddr.Address } // NewUniversalUDPMuxDefault creates an implementation of UniversalUDPMux embedding UDPMux @@ -64,6 +67,7 @@ func NewUniversalUDPMuxDefault(params UniversalUDPMuxParams) *UniversalUDPMuxDef mux: m, logger: params.Logger, filterFn: params.FilterFn, + address: params.WGAddress, } // embed UDPMux @@ -118,6 +122,7 @@ type udpConn struct { filterFn FilterFn // TODO: reset cache on route changes addrCache sync.Map + address wgaddr.Address } func (u *udpConn) WriteTo(b []byte, addr net.Addr) (int, error) { @@ -159,6 +164,11 @@ func (u *udpConn) performFilterCheck(addr net.Addr) error { return nil } + if u.address.Network.Contains(a.AsSlice()) { + log.Warnf("Address %s is part of the NetBird network %s, refusing to write", addr, u.address) + return fmt.Errorf("address %s is part of the NetBird network %s, refusing to write", addr, u.address) + } + if isRouted, prefix, err := u.filterFn(a); err != nil { log.Errorf("Failed to check if address %s is routed: %v", addr, err) } else { diff --git a/client/iface/device.go b/client/iface/device.go index 86e9dab4b..81f2e0f47 100644 --- a/client/iface/device.go +++ b/client/iface/device.go @@ -9,13 +9,14 @@ import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) type WGTunDevice interface { Create() (device.WGConfigurer, error) Up() (*bind.UniversalUDPMuxDefault, error) - UpdateAddr(address WGAddress) error - WgAddress() WGAddress + UpdateAddr(address wgaddr.Address) error + WgAddress() wgaddr.Address DeviceName() string Close() error FilteredDevice() *device.FilteredDevice diff --git a/client/iface/device/device_android.go b/client/iface/device/device_android.go index 55081e181..ab3e611e1 100644 --- a/client/iface/device/device_android.go +++ b/client/iface/device/device_android.go @@ -13,11 +13,12 @@ import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/configurer" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) // WGTunDevice ignore the WGTunDevice interface on Android because the creation of the tun device is different on this platform type WGTunDevice struct { - address WGAddress + address wgaddr.Address port int key string mtu int @@ -31,7 +32,7 @@ type WGTunDevice struct { configurer WGConfigurer } -func NewTunDevice(address WGAddress, port int, key string, mtu int, iceBind *bind.ICEBind, tunAdapter TunAdapter) *WGTunDevice { +func NewTunDevice(address wgaddr.Address, port int, key string, mtu int, iceBind *bind.ICEBind, tunAdapter TunAdapter) *WGTunDevice { return &WGTunDevice{ address: address, port: port, @@ -93,7 +94,7 @@ func (t *WGTunDevice) Up() (*bind.UniversalUDPMuxDefault, error) { return udpMux, nil } -func (t *WGTunDevice) UpdateAddr(addr WGAddress) error { +func (t *WGTunDevice) UpdateAddr(addr wgaddr.Address) error { // todo implement return nil } @@ -123,7 +124,7 @@ func (t *WGTunDevice) DeviceName() string { return t.name } -func (t *WGTunDevice) WgAddress() WGAddress { +func (t *WGTunDevice) WgAddress() wgaddr.Address { return t.address } diff --git a/client/iface/device/device_darwin.go b/client/iface/device/device_darwin.go index 1a5635ff2..01bfbf381 100644 --- a/client/iface/device/device_darwin.go +++ b/client/iface/device/device_darwin.go @@ -13,11 +13,12 @@ import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/configurer" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) type TunDevice struct { name string - address WGAddress + address wgaddr.Address port int key string mtu int @@ -29,7 +30,7 @@ type TunDevice struct { configurer WGConfigurer } -func NewTunDevice(name string, address WGAddress, port int, key string, mtu int, iceBind *bind.ICEBind) *TunDevice { +func NewTunDevice(name string, address wgaddr.Address, port int, key string, mtu int, iceBind *bind.ICEBind) *TunDevice { return &TunDevice{ name: name, address: address, @@ -85,7 +86,7 @@ func (t *TunDevice) Up() (*bind.UniversalUDPMuxDefault, error) { return udpMux, nil } -func (t *TunDevice) UpdateAddr(address WGAddress) error { +func (t *TunDevice) UpdateAddr(address wgaddr.Address) error { t.address = address return t.assignAddr() } @@ -106,7 +107,7 @@ func (t *TunDevice) Close() error { return nil } -func (t *TunDevice) WgAddress() WGAddress { +func (t *TunDevice) WgAddress() wgaddr.Address { return t.address } diff --git a/client/iface/device/device_ios.go b/client/iface/device/device_ios.go index b106d475c..56d44d68e 100644 --- a/client/iface/device/device_ios.go +++ b/client/iface/device/device_ios.go @@ -14,11 +14,12 @@ import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/configurer" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) type TunDevice struct { name string - address WGAddress + address wgaddr.Address port int key string iceBind *bind.ICEBind @@ -30,7 +31,7 @@ type TunDevice struct { configurer WGConfigurer } -func NewTunDevice(name string, address WGAddress, port int, key string, iceBind *bind.ICEBind, tunFd int) *TunDevice { +func NewTunDevice(name string, address wgaddr.Address, port int, key string, iceBind *bind.ICEBind, tunFd int) *TunDevice { return &TunDevice{ name: name, address: address, @@ -120,11 +121,11 @@ func (t *TunDevice) Close() error { return nil } -func (t *TunDevice) WgAddress() WGAddress { +func (t *TunDevice) WgAddress() wgaddr.Address { return t.address } -func (t *TunDevice) UpdateAddr(addr WGAddress) error { +func (t *TunDevice) UpdateAddr(_ wgaddr.Address) error { // todo implement return nil } diff --git a/client/iface/device/device_kernel_unix.go b/client/iface/device/device_kernel_unix.go index fe1d1147f..988ed1b39 100644 --- a/client/iface/device/device_kernel_unix.go +++ b/client/iface/device/device_kernel_unix.go @@ -14,12 +14,13 @@ import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/configurer" + "github.com/netbirdio/netbird/client/iface/wgaddr" "github.com/netbirdio/netbird/sharedsock" ) type TunKernelDevice struct { name string - address WGAddress + address wgaddr.Address wgPort int key string mtu int @@ -34,7 +35,7 @@ type TunKernelDevice struct { filterFn bind.FilterFn } -func NewKernelDevice(name string, address WGAddress, wgPort int, key string, mtu int, transportNet transport.Net) *TunKernelDevice { +func NewKernelDevice(name string, address wgaddr.Address, wgPort int, key string, mtu int, transportNet transport.Net) *TunKernelDevice { ctx, cancel := context.WithCancel(context.Background()) return &TunKernelDevice{ ctx: ctx, @@ -99,9 +100,10 @@ func (t *TunKernelDevice) Up() (*bind.UniversalUDPMuxDefault, error) { return nil, err } bindParams := bind.UniversalUDPMuxParams{ - UDPConn: rawSock, - Net: t.transportNet, - FilterFn: t.filterFn, + UDPConn: rawSock, + Net: t.transportNet, + FilterFn: t.filterFn, + WGAddress: t.address, } mux := bind.NewUniversalUDPMuxDefault(bindParams) go mux.ReadFromConn(t.ctx) @@ -112,7 +114,7 @@ func (t *TunKernelDevice) Up() (*bind.UniversalUDPMuxDefault, error) { return t.udpMux, nil } -func (t *TunKernelDevice) UpdateAddr(address WGAddress) error { +func (t *TunKernelDevice) UpdateAddr(address wgaddr.Address) error { t.address = address return t.assignAddr() } @@ -145,7 +147,7 @@ func (t *TunKernelDevice) Close() error { return closErr } -func (t *TunKernelDevice) WgAddress() WGAddress { +func (t *TunKernelDevice) WgAddress() wgaddr.Address { return t.address } diff --git a/client/iface/device/device_netstack.go b/client/iface/device/device_netstack.go index 0cb02fd19..d3c92235e 100644 --- a/client/iface/device/device_netstack.go +++ b/client/iface/device/device_netstack.go @@ -13,12 +13,13 @@ import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/configurer" nbnetstack "github.com/netbirdio/netbird/client/iface/netstack" + "github.com/netbirdio/netbird/client/iface/wgaddr" nbnet "github.com/netbirdio/netbird/util/net" ) type TunNetstackDevice struct { name string - address WGAddress + address wgaddr.Address port int key string mtu int @@ -34,7 +35,7 @@ type TunNetstackDevice struct { net *netstack.Net } -func NewNetstackDevice(name string, address WGAddress, wgPort int, key string, mtu int, iceBind *bind.ICEBind, listenAddress string) *TunNetstackDevice { +func NewNetstackDevice(name string, address wgaddr.Address, wgPort int, key string, mtu int, iceBind *bind.ICEBind, listenAddress string) *TunNetstackDevice { return &TunNetstackDevice{ name: name, address: address, @@ -97,7 +98,7 @@ func (t *TunNetstackDevice) Up() (*bind.UniversalUDPMuxDefault, error) { return udpMux, nil } -func (t *TunNetstackDevice) UpdateAddr(WGAddress) error { +func (t *TunNetstackDevice) UpdateAddr(wgaddr.Address) error { return nil } @@ -116,7 +117,7 @@ func (t *TunNetstackDevice) Close() error { return nil } -func (t *TunNetstackDevice) WgAddress() WGAddress { +func (t *TunNetstackDevice) WgAddress() wgaddr.Address { return t.address } diff --git a/client/iface/device/device_usp_unix.go b/client/iface/device/device_usp_unix.go index 07570617a..c45ae9676 100644 --- a/client/iface/device/device_usp_unix.go +++ b/client/iface/device/device_usp_unix.go @@ -12,11 +12,12 @@ import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/configurer" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) type USPDevice struct { name string - address WGAddress + address wgaddr.Address port int key string mtu int @@ -28,7 +29,7 @@ type USPDevice struct { configurer WGConfigurer } -func NewUSPDevice(name string, address WGAddress, port int, key string, mtu int, iceBind *bind.ICEBind) *USPDevice { +func NewUSPDevice(name string, address wgaddr.Address, port int, key string, mtu int, iceBind *bind.ICEBind) *USPDevice { log.Infof("using userspace bind mode") return &USPDevice{ @@ -93,7 +94,7 @@ func (t *USPDevice) Up() (*bind.UniversalUDPMuxDefault, error) { return udpMux, nil } -func (t *USPDevice) UpdateAddr(address WGAddress) error { +func (t *USPDevice) UpdateAddr(address wgaddr.Address) error { t.address = address return t.assignAddr() } @@ -113,7 +114,7 @@ func (t *USPDevice) Close() error { return nil } -func (t *USPDevice) WgAddress() WGAddress { +func (t *USPDevice) WgAddress() wgaddr.Address { return t.address } diff --git a/client/iface/device/device_windows.go b/client/iface/device/device_windows.go index 0fd1b3326..41e615bc2 100644 --- a/client/iface/device/device_windows.go +++ b/client/iface/device/device_windows.go @@ -13,13 +13,14 @@ import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/configurer" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) const defaultWindowsGUIDSTring = "{f2f29e61-d91f-4d76-8151-119b20c4bdeb}" type TunDevice struct { name string - address WGAddress + address wgaddr.Address port int key string mtu int @@ -32,7 +33,7 @@ type TunDevice struct { configurer WGConfigurer } -func NewTunDevice(name string, address WGAddress, port int, key string, mtu int, iceBind *bind.ICEBind) *TunDevice { +func NewTunDevice(name string, address wgaddr.Address, port int, key string, mtu int, iceBind *bind.ICEBind) *TunDevice { return &TunDevice{ name: name, address: address, @@ -118,7 +119,7 @@ func (t *TunDevice) Up() (*bind.UniversalUDPMuxDefault, error) { return udpMux, nil } -func (t *TunDevice) UpdateAddr(address WGAddress) error { +func (t *TunDevice) UpdateAddr(address wgaddr.Address) error { t.address = address return t.assignAddr() } @@ -139,7 +140,7 @@ func (t *TunDevice) Close() error { } return nil } -func (t *TunDevice) WgAddress() WGAddress { +func (t *TunDevice) WgAddress() wgaddr.Address { return t.address } diff --git a/client/iface/device/wg_link_freebsd.go b/client/iface/device/wg_link_freebsd.go index 104010f47..9067790e4 100644 --- a/client/iface/device/wg_link_freebsd.go +++ b/client/iface/device/wg_link_freebsd.go @@ -6,6 +6,7 @@ import ( log "github.com/sirupsen/logrus" "github.com/netbirdio/netbird/client/iface/freebsd" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) type wgLink struct { @@ -56,7 +57,7 @@ func (l *wgLink) up() error { return nil } -func (l *wgLink) assignAddr(address WGAddress) error { +func (l *wgLink) assignAddr(address wgaddr.Address) error { link, err := freebsd.LinkByName(l.name) if err != nil { return fmt.Errorf("link by name: %w", err) diff --git a/client/iface/device/wg_link_linux.go b/client/iface/device/wg_link_linux.go index a15cffe48..d941cd022 100644 --- a/client/iface/device/wg_link_linux.go +++ b/client/iface/device/wg_link_linux.go @@ -8,6 +8,8 @@ import ( log "github.com/sirupsen/logrus" "github.com/vishvananda/netlink" + + "github.com/netbirdio/netbird/client/iface/wgaddr" ) type wgLink struct { @@ -90,7 +92,7 @@ func (l *wgLink) up() error { return nil } -func (l *wgLink) assignAddr(address WGAddress) error { +func (l *wgLink) assignAddr(address wgaddr.Address) error { //delete existing addresses list, err := netlink.AddrList(l, 0) if err != nil { diff --git a/client/iface/device_android.go b/client/iface/device_android.go index 5cbeb70f8..a1e246fc5 100644 --- a/client/iface/device_android.go +++ b/client/iface/device_android.go @@ -7,13 +7,14 @@ import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) type WGTunDevice interface { Create(routes []string, dns string, searchDomains []string) (device.WGConfigurer, error) Up() (*bind.UniversalUDPMuxDefault, error) - UpdateAddr(address WGAddress) error - WgAddress() WGAddress + UpdateAddr(address wgaddr.Address) error + WgAddress() wgaddr.Address DeviceName() string Close() error FilteredDevice() *device.FilteredDevice diff --git a/client/iface/iface.go b/client/iface/iface.go index 40bd51fbb..9d5262aed 100644 --- a/client/iface/iface.go +++ b/client/iface/iface.go @@ -19,6 +19,7 @@ import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/configurer" "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" "github.com/netbirdio/netbird/client/iface/wgproxy" ) @@ -28,8 +29,6 @@ const ( WgInterfaceDefault = configurer.WgInterfaceDefault ) -type WGAddress = device.WGAddress - type wgProxyFactory interface { GetProxy() wgproxy.Proxy Free() error @@ -72,7 +71,7 @@ func (w *WGIface) Name() string { } // Address returns the interface address -func (w *WGIface) Address() device.WGAddress { +func (w *WGIface) Address() wgaddr.Address { return w.tun.WgAddress() } @@ -103,7 +102,7 @@ func (w *WGIface) UpdateAddr(newAddr string) error { w.mu.Lock() defer w.mu.Unlock() - addr, err := device.ParseWGAddress(newAddr) + addr, err := wgaddr.ParseWGAddress(newAddr) if err != nil { return err } diff --git a/client/iface/iface_new_android.go b/client/iface/iface_new_android.go index 69a8d1fd4..35046b887 100644 --- a/client/iface/iface_new_android.go +++ b/client/iface/iface_new_android.go @@ -3,17 +3,18 @@ package iface import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" "github.com/netbirdio/netbird/client/iface/wgproxy" ) // NewWGIFace Creates a new WireGuard interface instance func NewWGIFace(opts WGIFaceOpts) (*WGIface, error) { - wgAddress, err := device.ParseWGAddress(opts.Address) + wgAddress, err := wgaddr.ParseWGAddress(opts.Address) if err != nil { return nil, err } - iceBind := bind.NewICEBind(opts.TransportNet, opts.FilterFn) + iceBind := bind.NewICEBind(opts.TransportNet, opts.FilterFn, wgAddress) wgIFace := &WGIface{ userspaceBind: true, diff --git a/client/iface/iface_new_darwin.go b/client/iface/iface_new_darwin.go index a92d74e0f..93fd7fd5c 100644 --- a/client/iface/iface_new_darwin.go +++ b/client/iface/iface_new_darwin.go @@ -6,17 +6,18 @@ import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/device" "github.com/netbirdio/netbird/client/iface/netstack" + "github.com/netbirdio/netbird/client/iface/wgaddr" "github.com/netbirdio/netbird/client/iface/wgproxy" ) // NewWGIFace Creates a new WireGuard interface instance func NewWGIFace(opts WGIFaceOpts) (*WGIface, error) { - wgAddress, err := device.ParseWGAddress(opts.Address) + wgAddress, err := wgaddr.ParseWGAddress(opts.Address) if err != nil { return nil, err } - iceBind := bind.NewICEBind(opts.TransportNet, opts.FilterFn) + iceBind := bind.NewICEBind(opts.TransportNet, opts.FilterFn, wgAddress) var tun WGTunDevice if netstack.IsEnabled() { diff --git a/client/iface/iface_new_ios.go b/client/iface/iface_new_ios.go index 363f95e11..317ee0f46 100644 --- a/client/iface/iface_new_ios.go +++ b/client/iface/iface_new_ios.go @@ -5,17 +5,18 @@ package iface import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" "github.com/netbirdio/netbird/client/iface/wgproxy" ) // NewWGIFace Creates a new WireGuard interface instance func NewWGIFace(opts WGIFaceOpts) (*WGIface, error) { - wgAddress, err := device.ParseWGAddress(opts.Address) + wgAddress, err := wgaddr.ParseWGAddress(opts.Address) if err != nil { return nil, err } - iceBind := bind.NewICEBind(opts.TransportNet, opts.FilterFn) + iceBind := bind.NewICEBind(opts.TransportNet, opts.FilterFn, wgAddress) wgIFace := &WGIface{ tun: device.NewTunDevice(opts.IFaceName, wgAddress, opts.WGPort, opts.WGPrivKey, iceBind, opts.MobileArgs.TunFd), diff --git a/client/iface/iface_new_unix.go b/client/iface/iface_new_unix.go index f10b17c9a..23ee7236f 100644 --- a/client/iface/iface_new_unix.go +++ b/client/iface/iface_new_unix.go @@ -8,12 +8,13 @@ import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/device" "github.com/netbirdio/netbird/client/iface/netstack" + "github.com/netbirdio/netbird/client/iface/wgaddr" "github.com/netbirdio/netbird/client/iface/wgproxy" ) // NewWGIFace Creates a new WireGuard interface instance func NewWGIFace(opts WGIFaceOpts) (*WGIface, error) { - wgAddress, err := device.ParseWGAddress(opts.Address) + wgAddress, err := wgaddr.ParseWGAddress(opts.Address) if err != nil { return nil, err } @@ -21,7 +22,7 @@ func NewWGIFace(opts WGIFaceOpts) (*WGIface, error) { wgIFace := &WGIface{} if netstack.IsEnabled() { - iceBind := bind.NewICEBind(opts.TransportNet, opts.FilterFn) + iceBind := bind.NewICEBind(opts.TransportNet, opts.FilterFn, wgAddress) wgIFace.tun = device.NewNetstackDevice(opts.IFaceName, wgAddress, opts.WGPort, opts.WGPrivKey, opts.MTU, iceBind, netstack.ListenAddr()) wgIFace.userspaceBind = true wgIFace.wgProxyFactory = wgproxy.NewUSPFactory(iceBind) @@ -34,7 +35,7 @@ func NewWGIFace(opts WGIFaceOpts) (*WGIface, error) { return wgIFace, nil } if device.ModuleTunIsLoaded() { - iceBind := bind.NewICEBind(opts.TransportNet, opts.FilterFn) + iceBind := bind.NewICEBind(opts.TransportNet, opts.FilterFn, wgAddress) wgIFace.tun = device.NewUSPDevice(opts.IFaceName, wgAddress, opts.WGPort, opts.WGPrivKey, opts.MTU, iceBind) wgIFace.userspaceBind = true wgIFace.wgProxyFactory = wgproxy.NewUSPFactory(iceBind) diff --git a/client/iface/iface_new_windows.go b/client/iface/iface_new_windows.go index 2e6355496..413062940 100644 --- a/client/iface/iface_new_windows.go +++ b/client/iface/iface_new_windows.go @@ -4,16 +4,17 @@ import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/device" "github.com/netbirdio/netbird/client/iface/netstack" + wgaddr "github.com/netbirdio/netbird/client/iface/wgaddr" "github.com/netbirdio/netbird/client/iface/wgproxy" ) // NewWGIFace Creates a new WireGuard interface instance func NewWGIFace(opts WGIFaceOpts) (*WGIface, error) { - wgAddress, err := device.ParseWGAddress(opts.Address) + wgAddress, err := wgaddr.ParseWGAddress(opts.Address) if err != nil { return nil, err } - iceBind := bind.NewICEBind(opts.TransportNet, opts.FilterFn) + iceBind := bind.NewICEBind(opts.TransportNet, opts.FilterFn, wgAddress) var tun WGTunDevice if netstack.IsEnabled() { diff --git a/client/iface/netstack/tun.go b/client/iface/netstack/tun.go index 01f19875e..a271a1954 100644 --- a/client/iface/netstack/tun.go +++ b/client/iface/netstack/tun.go @@ -55,7 +55,7 @@ func (t *NetStackTun) Create() (tun.Device, *netstack.Net, error) { skipProxy, err := strconv.ParseBool(os.Getenv(EnvSkipProxy)) if err != nil { - log.Errorf("failed to parse NB_ETSTACK_SKIP_PROXY: %s", err) + log.Errorf("failed to parse %s: %s", EnvSkipProxy, err) } if skipProxy { return nsTunDev, tunNet, nil diff --git a/client/iface/device/address.go b/client/iface/wgaddr/address.go similarity index 61% rename from client/iface/device/address.go rename to client/iface/wgaddr/address.go index 15de301da..e5079258c 100644 --- a/client/iface/device/address.go +++ b/client/iface/wgaddr/address.go @@ -1,29 +1,29 @@ -package device +package wgaddr import ( "fmt" "net" ) -// WGAddress WireGuard parsed address -type WGAddress struct { +// Address WireGuard parsed address +type Address struct { IP net.IP Network *net.IPNet } // ParseWGAddress parse a string ("1.2.3.4/24") address to WG Address -func ParseWGAddress(address string) (WGAddress, error) { +func ParseWGAddress(address string) (Address, error) { ip, network, err := net.ParseCIDR(address) if err != nil { - return WGAddress{}, err + return Address{}, err } - return WGAddress{ + return Address{ IP: ip, Network: network, }, nil } -func (addr WGAddress) String() string { +func (addr Address) String() string { maskSize, _ := addr.Network.Mask.Size() return fmt.Sprintf("%s/%d", addr.IP.String(), maskSize) } diff --git a/client/iface/wgproxy/bind/proxy.go b/client/iface/wgproxy/bind/proxy.go index 8a2e65382..614787e17 100644 --- a/client/iface/wgproxy/bind/proxy.go +++ b/client/iface/wgproxy/bind/proxy.go @@ -6,6 +6,7 @@ import ( "fmt" "net" "net/netip" + "strings" "sync" log "github.com/sirupsen/logrus" @@ -16,13 +17,13 @@ import ( type ProxyBind struct { Bind *bind.ICEBind - wgAddr *net.UDPAddr - wgEndpoint *bind.Endpoint - remoteConn net.Conn - ctx context.Context - cancel context.CancelFunc - closeMu sync.Mutex - closed bool + fakeNetIP *netip.AddrPort + wgBindEndpoint *bind.Endpoint + remoteConn net.Conn + ctx context.Context + cancel context.CancelFunc + closeMu sync.Mutex + closed bool pausedMu sync.Mutex paused bool @@ -33,20 +34,24 @@ type ProxyBind struct { // endpoint is the NetBird address of the remote peer. The SetEndpoint return with the address what will be used in the // WireGuard configuration. func (p *ProxyBind) AddTurnConn(ctx context.Context, nbAddr *net.UDPAddr, remoteConn net.Conn) error { - addr, err := p.Bind.SetEndpoint(nbAddr, remoteConn) + fakeNetIP, err := fakeAddress(nbAddr) if err != nil { return err } - p.wgAddr = addr - p.wgEndpoint = addrToEndpoint(addr) + p.fakeNetIP = fakeNetIP + p.wgBindEndpoint = &bind.Endpoint{AddrPort: *fakeNetIP} p.remoteConn = remoteConn p.ctx, p.cancel = context.WithCancel(ctx) - return err + return nil } func (p *ProxyBind) EndpointAddr() *net.UDPAddr { - return p.wgAddr + return &net.UDPAddr{ + IP: p.fakeNetIP.Addr().AsSlice(), + Port: int(p.fakeNetIP.Port()), + Zone: p.fakeNetIP.Addr().Zone(), + } } func (p *ProxyBind) Work() { @@ -54,6 +59,8 @@ func (p *ProxyBind) Work() { return } + p.Bind.SetEndpoint(p.fakeNetIP.Addr(), p.remoteConn) + p.pausedMu.Lock() p.paused = false p.pausedMu.Unlock() @@ -93,7 +100,7 @@ func (p *ProxyBind) close() error { p.cancel() - p.Bind.RemoveEndpoint(p.wgAddr) + p.Bind.RemoveEndpoint(p.fakeNetIP.Addr()) if rErr := p.remoteConn.Close(); rErr != nil && !errors.Is(rErr, net.ErrClosed) { return rErr @@ -126,7 +133,7 @@ func (p *ProxyBind) proxyToLocal(ctx context.Context) { } msg := bind.RecvMessage{ - Endpoint: p.wgEndpoint, + Endpoint: p.wgBindEndpoint, Buffer: buf[:n], } p.Bind.RecvChan <- msg @@ -134,8 +141,19 @@ func (p *ProxyBind) proxyToLocal(ctx context.Context) { } } -func addrToEndpoint(addr *net.UDPAddr) *bind.Endpoint { - ip, _ := netip.AddrFromSlice(addr.IP.To4()) - addrPort := netip.AddrPortFrom(ip, uint16(addr.Port)) - return &bind.Endpoint{AddrPort: addrPort} +// fakeAddress returns a fake address that is used to as an identifier for the peer. +// The fake address is in the format of 127.1.x.x where x.x is the last two octets of the peer address. +func fakeAddress(peerAddress *net.UDPAddr) (*netip.AddrPort, error) { + octets := strings.Split(peerAddress.IP.String(), ".") + if len(octets) != 4 { + return nil, fmt.Errorf("invalid IP format") + } + + fakeIP, err := netip.ParseAddr(fmt.Sprintf("127.1.%s.%s", octets[2], octets[3])) + if err != nil { + return nil, fmt.Errorf("failed to parse new IP: %w", err) + } + + netipAddr := netip.AddrPortFrom(fakeIP, uint16(peerAddress.Port)) + return &netipAddr, nil } diff --git a/client/installer.nsis b/client/installer.nsis index af942a868..5219058a8 100644 --- a/client/installer.nsis +++ b/client/installer.nsis @@ -6,8 +6,8 @@ !define DESCRIPTION "A WireGuard®-based mesh network that connects your devices into a single private network" !define INSTALLER_NAME "netbird-installer.exe" !define MAIN_APP_EXE "Netbird" -!define ICON "ui\\netbird.ico" -!define BANNER "ui\\banner.bmp" +!define ICON "ui\\assets\\netbird.ico" +!define BANNER "ui\\build\\banner.bmp" !define LICENSE_DATA "..\\LICENSE" !define INSTALL_DIR "$PROGRAMFILES64\${APP_NAME}" @@ -22,6 +22,8 @@ !define UI_REG_APP_PATH "Software\Microsoft\Windows\CurrentVersion\App Paths\${UI_APP_EXE}" !define UI_UNINSTALL_PATH "Software\Microsoft\Windows\CurrentVersion\Uninstall\${UI_APP_NAME}" +!define AUTOSTART_REG_KEY "Software\Microsoft\Windows\CurrentVersion\Run" + Unicode True ###################################################################### @@ -68,6 +70,9 @@ ShowInstDetails Show !insertmacro MUI_PAGE_DIRECTORY +; Custom page for autostart checkbox +Page custom AutostartPage AutostartPageLeave + !insertmacro MUI_PAGE_INSTFILES !insertmacro MUI_PAGE_FINISH @@ -80,8 +85,36 @@ ShowInstDetails Show !insertmacro MUI_LANGUAGE "English" +; Variables for autostart option +Var AutostartCheckbox +Var AutostartEnabled + ###################################################################### +; Function to create the autostart options page +Function AutostartPage + !insertmacro MUI_HEADER_TEXT "Startup Options" "Configure how ${APP_NAME} launches with Windows." + + nsDialogs::Create 1018 + Pop $0 + + ${If} $0 == error + Abort + ${EndIf} + + ${NSD_CreateCheckbox} 0 20u 100% 10u "Start ${APP_NAME} UI automatically when Windows starts" + Pop $AutostartCheckbox + ${NSD_Check} $AutostartCheckbox ; Default to checked + StrCpy $AutostartEnabled "1" ; Default to enabled + + nsDialogs::Show +FunctionEnd + +; Function to handle leaving the autostart page +Function AutostartPageLeave + ${NSD_GetState} $AutostartCheckbox $AutostartEnabled +FunctionEnd + Function GetAppFromCommand Exch $1 Push $2 @@ -163,6 +196,16 @@ WriteRegStr ${REG_ROOT} "${UNINSTALL_PATH}" "Publisher" "${COMP_NAME}" WriteRegStr ${REG_ROOT} "${UI_REG_APP_PATH}" "" "$INSTDIR\${UI_APP_EXE}" +; Create autostart registry entry based on checkbox +DetailPrint "Autostart enabled: $AutostartEnabled" +${If} $AutostartEnabled == "1" + WriteRegStr HKCU "${AUTOSTART_REG_KEY}" "${APP_NAME}" "$INSTDIR\${UI_APP_EXE}.exe" + DetailPrint "Added autostart registry entry: $INSTDIR\${UI_APP_EXE}.exe" +${Else} + DeleteRegValue HKCU "${AUTOSTART_REG_KEY}" "${APP_NAME}" + DetailPrint "Autostart not enabled by user" +${EndIf} + EnVar::SetHKLM EnVar::AddValueEx "path" "$INSTDIR" @@ -186,7 +229,10 @@ ExecWait '"$INSTDIR\${MAIN_APP_EXE}" service stop' ExecWait '"$INSTDIR\${MAIN_APP_EXE}" service uninstall' # kill ui client -ExecWait `taskkill /im ${UI_APP_EXE}.exe` +ExecWait `taskkill /im ${UI_APP_EXE}.exe /f` + +; Remove autostart registry entry +DeleteRegValue HKCU "${AUTOSTART_REG_KEY}" "${APP_NAME}" # wait the service uninstall take unblock the executable Sleep 3000 diff --git a/client/internal/acl/manager_test.go b/client/internal/acl/manager_test.go index 29a3df336..ca79111ef 100644 --- a/client/internal/acl/manager_test.go +++ b/client/internal/acl/manager_test.go @@ -9,7 +9,7 @@ import ( "github.com/netbirdio/netbird/client/firewall" "github.com/netbirdio/netbird/client/firewall/manager" - "github.com/netbirdio/netbird/client/iface" + "github.com/netbirdio/netbird/client/iface/wgaddr" "github.com/netbirdio/netbird/client/internal/acl/mocks" "github.com/netbirdio/netbird/client/internal/netflow" mgmProto "github.com/netbirdio/netbird/management/proto" @@ -49,7 +49,7 @@ func TestDefaultManager(t *testing.T) { } ifaceMock.EXPECT().Name().Return("lo").AnyTimes() - ifaceMock.EXPECT().Address().Return(iface.WGAddress{ + ifaceMock.EXPECT().Address().Return(wgaddr.Address{ IP: ip, Network: network, }).AnyTimes() @@ -62,7 +62,7 @@ func TestDefaultManager(t *testing.T) { return } defer func(fw manager.Manager) { - _ = fw.Reset(nil) + _ = fw.Close(nil) }(fw) acl := NewDefaultManager(fw) @@ -343,7 +343,7 @@ func TestDefaultManagerEnableSSHRules(t *testing.T) { } ifaceMock.EXPECT().Name().Return("lo").AnyTimes() - ifaceMock.EXPECT().Address().Return(iface.WGAddress{ + ifaceMock.EXPECT().Address().Return(wgaddr.Address{ IP: ip, Network: network, }).AnyTimes() @@ -356,7 +356,7 @@ func TestDefaultManagerEnableSSHRules(t *testing.T) { return } defer func(fw manager.Manager) { - _ = fw.Reset(nil) + _ = fw.Close(nil) }(fw) acl := NewDefaultManager(fw) diff --git a/client/internal/acl/mocks/iface_mapper.go b/client/internal/acl/mocks/iface_mapper.go index 08aa4fd5a..95d5a2c58 100644 --- a/client/internal/acl/mocks/iface_mapper.go +++ b/client/internal/acl/mocks/iface_mapper.go @@ -10,8 +10,8 @@ import ( gomock "github.com/golang/mock/gomock" wgdevice "golang.zx2c4.com/wireguard/device" - iface "github.com/netbirdio/netbird/client/iface" "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) // MockIFaceMapper is a mock of IFaceMapper interface. @@ -38,10 +38,10 @@ func (m *MockIFaceMapper) EXPECT() *MockIFaceMapperMockRecorder { } // Address mocks base method. -func (m *MockIFaceMapper) Address() iface.WGAddress { +func (m *MockIFaceMapper) Address() wgaddr.Address { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "Address") - ret0, _ := ret[0].(iface.WGAddress) + ret0, _ := ret[0].(wgaddr.Address) return ret0 } diff --git a/client/internal/connect.go b/client/internal/connect.go index bf513ed39..504c88c6f 100644 --- a/client/internal/connect.go +++ b/client/internal/connect.go @@ -61,7 +61,7 @@ func NewConnectClient( } // Run with main logic. -func (c *ConnectClient) Run(runningChan chan error) error { +func (c *ConnectClient) Run(runningChan chan struct{}) error { return c.run(MobileDependency{}, runningChan) } @@ -102,7 +102,7 @@ func (c *ConnectClient) RunOniOS( return c.run(mobileDependency, nil) } -func (c *ConnectClient) run(mobileDependency MobileDependency, runningChan chan error) error { +func (c *ConnectClient) run(mobileDependency MobileDependency, runningChan chan struct{}) error { defer func() { if r := recover(); r != nil { rec := c.statusRecorder @@ -159,10 +159,9 @@ func (c *ConnectClient) run(mobileDependency MobileDependency, runningChan chan } defer c.statusRecorder.ClientStop() - runningChanOpen := true operation := func() error { // if context cancelled we not start new backoff cycle - if c.isContextCancelled() { + if c.ctx.Err() != nil { return nil } @@ -282,10 +281,11 @@ func (c *ConnectClient) run(mobileDependency MobileDependency, runningChan chan log.Infof("Netbird engine started, the IP is: %s", peerConfig.GetAddress()) state.Set(StatusConnected) - if runningChan != nil && runningChanOpen { - runningChan <- nil - close(runningChan) - runningChanOpen = false + if runningChan != nil { + select { + case runningChan <- struct{}{}: + default: + } } <-engineCtx.Done() @@ -379,15 +379,6 @@ func (c *ConnectClient) Stop() error { return nil } -func (c *ConnectClient) isContextCancelled() bool { - select { - case <-c.ctx.Done(): - return true - default: - return false - } -} - // SetNetworkMapPersistence enables or disables network map persistence. // When enabled, the last received network map will be stored and can be retrieved // through the Engine's getLatestNetworkMap method. When disabled, any stored diff --git a/client/internal/dns/server_test.go b/client/internal/dns/server_test.go index ee12246c9..c7eeb7870 100644 --- a/client/internal/dns/server_test.go +++ b/client/internal/dns/server_test.go @@ -22,6 +22,7 @@ import ( "github.com/netbirdio/netbird/client/iface/configurer" "github.com/netbirdio/netbird/client/iface/device" pfmock "github.com/netbirdio/netbird/client/iface/mocks" + "github.com/netbirdio/netbird/client/iface/wgaddr" "github.com/netbirdio/netbird/client/internal/netflow" "github.com/netbirdio/netbird/client/internal/peer" "github.com/netbirdio/netbird/client/internal/statemanager" @@ -40,9 +41,9 @@ func (w *mocWGIface) Name() string { panic("implement me") } -func (w *mocWGIface) Address() iface.WGAddress { +func (w *mocWGIface) Address() wgaddr.Address { ip, network, _ := net.ParseCIDR("100.66.100.0/24") - return iface.WGAddress{ + return wgaddr.Address{ IP: ip, Network: network, } @@ -1018,7 +1019,7 @@ func TestHandlerChain_DomainPriorities(t *testing.T) { mh.AssertExpectations(t) } - // Reset mocks + // Close mocks if mh, ok := tc.expectedHandler.(*MockHandler); ok { mh.ExpectedCalls = nil mh.Calls = nil diff --git a/client/internal/dns/wgiface.go b/client/internal/dns/wgiface.go index 69bc83659..c6c1752e5 100644 --- a/client/internal/dns/wgiface.go +++ b/client/internal/dns/wgiface.go @@ -5,15 +5,15 @@ package dns import ( "net" - "github.com/netbirdio/netbird/client/iface" "github.com/netbirdio/netbird/client/iface/configurer" "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) // WGIface defines subset methods of interface required for manager type WGIface interface { Name() string - Address() iface.WGAddress + Address() wgaddr.Address ToInterface() *net.Interface IsUserspaceBind() bool GetFilter() device.PacketFilter diff --git a/client/internal/dns/wgiface_windows.go b/client/internal/dns/wgiface_windows.go index 765132fdb..74e5c75a5 100644 --- a/client/internal/dns/wgiface_windows.go +++ b/client/internal/dns/wgiface_windows.go @@ -1,15 +1,15 @@ package dns import ( - "github.com/netbirdio/netbird/client/iface" "github.com/netbirdio/netbird/client/iface/configurer" "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) // WGIface defines subset methods of interface required for manager type WGIface interface { Name() string - Address() iface.WGAddress + Address() wgaddr.Address IsUserspaceBind() bool GetFilter() device.PacketFilter GetDevice() *device.FilteredDevice diff --git a/client/internal/engine.go b/client/internal/engine.go index 76ce919a3..5fc93c52e 100644 --- a/client/internal/engine.go +++ b/client/internal/engine.go @@ -1428,7 +1428,7 @@ func (e *Engine) close() { } if e.firewall != nil { - err := e.firewall.Reset(e.stateManager) + err := e.firewall.Close(e.stateManager) if err != nil { log.Warnf("failed to reset firewall: %s", err) } @@ -1641,16 +1641,19 @@ func (e *Engine) probeTURNs() []relay.ProbeResult { return relay.ProbeAll(e.ctx, relay.ProbeTURN, turns) } +// restartEngine restarts the engine by cancelling the client context func (e *Engine) restartEngine() { - log.Info("restarting engine") - CtxGetState(e.ctx).Set(StatusConnecting) + e.syncMsgMux.Lock() + defer e.syncMsgMux.Unlock() - if err := e.Stop(); err != nil { - log.Errorf("Failed to stop engine: %v", err) + if e.ctx.Err() != nil { + return } + log.Info("restarting engine") + CtxGetState(e.ctx).Set(StatusConnecting) _ = CtxGetState(e.ctx).Wrap(ErrResetConnection) - log.Infof("cancelling client, engine will be recreated") + log.Infof("cancelling client context, engine will be recreated") e.clientCancel() } @@ -1662,34 +1665,17 @@ func (e *Engine) startNetworkMonitor() { e.networkMonitor = networkmonitor.New() go func() { - var mu sync.Mutex - var debounceTimer *time.Timer - - // Start the network monitor with a callback, Start will block until the monitor is stopped, - // a network change is detected, or an error occurs on start up - err := e.networkMonitor.Start(e.ctx, func() { - // This function is called when a network change is detected - mu.Lock() - defer mu.Unlock() - - if debounceTimer != nil { - log.Infof("Network monitor: detected network change, reset debounceTimer") - debounceTimer.Stop() + if err := e.networkMonitor.Listen(e.ctx); err != nil { + if errors.Is(err, context.Canceled) { + log.Infof("network monitor stopped") + return } - - // Set a new timer to debounce rapid network changes - debounceTimer = time.AfterFunc(2*time.Second, func() { - // This function is called after the debounce period - mu.Lock() - defer mu.Unlock() - - log.Infof("Network monitor: detected network change, restarting engine") - e.restartEngine() - }) - }) - if err != nil && !errors.Is(err, networkmonitor.ErrStopped) { - log.Errorf("Network monitor: %v", err) + log.Errorf("network monitor error: %v", err) + return } + + log.Infof("Network monitor: detected network change, restarting engine") + e.restartEngine() }() } diff --git a/client/internal/engine_test.go b/client/internal/engine_test.go index 60f07cbec..828823de8 100644 --- a/client/internal/engine_test.go +++ b/client/internal/engine_test.go @@ -31,6 +31,7 @@ import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/configurer" "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" "github.com/netbirdio/netbird/client/iface/wgproxy" "github.com/netbirdio/netbird/client/internal/dns" "github.com/netbirdio/netbird/client/internal/peer" @@ -75,7 +76,7 @@ type MockWGIface struct { CreateOnAndroidFunc func(routeRange []string, ip string, domains []string) error IsUserspaceBindFunc func() bool NameFunc func() string - AddressFunc func() device.WGAddress + AddressFunc func() wgaddr.Address ToInterfaceFunc func() *net.Interface UpFunc func() (*bind.UniversalUDPMuxDefault, error) UpdateAddrFunc func(newAddr string) error @@ -114,7 +115,7 @@ func (m *MockWGIface) Name() string { return m.NameFunc() } -func (m *MockWGIface) Address() device.WGAddress { +func (m *MockWGIface) Address() wgaddr.Address { return m.AddressFunc() } @@ -364,8 +365,8 @@ func TestEngine_UpdateNetworkMap(t *testing.T) { RemovePeerFunc: func(peerKey string) error { return nil }, - AddressFunc: func() iface.WGAddress { - return iface.WGAddress{ + AddressFunc: func() wgaddr.Address { + return wgaddr.Address{ IP: net.ParseIP("10.20.0.1"), Network: &net.IPNet{ IP: net.ParseIP("10.20.0.0"), diff --git a/client/internal/iface_common.go b/client/internal/iface_common.go index 65b425015..ffeffaf41 100644 --- a/client/internal/iface_common.go +++ b/client/internal/iface_common.go @@ -12,6 +12,7 @@ import ( "github.com/netbirdio/netbird/client/iface/bind" "github.com/netbirdio/netbird/client/iface/configurer" "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" "github.com/netbirdio/netbird/client/iface/wgproxy" ) @@ -20,7 +21,7 @@ type wgIfaceBase interface { CreateOnAndroid(routeRange []string, ip string, domains []string) error IsUserspaceBind() bool Name() string - Address() device.WGAddress + Address() wgaddr.Address ToInterface() *net.Interface Up() (*bind.UniversalUDPMuxDefault, error) UpdateAddr(newAddr string) error diff --git a/client/internal/netflow/types/types.go b/client/internal/netflow/types/types.go index f75de6b05..2787b6284 100644 --- a/client/internal/netflow/types/types.go +++ b/client/internal/netflow/types/types.go @@ -7,7 +7,7 @@ import ( "github.com/google/uuid" - "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) type Protocol uint8 @@ -147,5 +147,5 @@ type ConnTracker interface { type IFaceMapper interface { IsUserspaceBind() bool Name() string - Address() device.WGAddress + Address() wgaddr.Address } diff --git a/client/internal/networkmonitor/monitor_bsd.go b/client/internal/networkmonitor/check_change_bsd.go similarity index 90% rename from client/internal/networkmonitor/monitor_bsd.go rename to client/internal/networkmonitor/check_change_bsd.go index 4dc2c1aa3..bb327a877 100644 --- a/client/internal/networkmonitor/monitor_bsd.go +++ b/client/internal/networkmonitor/check_change_bsd.go @@ -16,7 +16,7 @@ import ( "github.com/netbirdio/netbird/client/internal/routemanager/systemops" ) -func checkChange(ctx context.Context, nexthopv4, nexthopv6 systemops.Nexthop, callback func()) error { +func checkChange(ctx context.Context, nexthopv4, nexthopv6 systemops.Nexthop) error { fd, err := unix.Socket(syscall.AF_ROUTE, syscall.SOCK_RAW, syscall.AF_UNSPEC) if err != nil { return fmt.Errorf("failed to open routing socket: %v", err) @@ -28,18 +28,10 @@ func checkChange(ctx context.Context, nexthopv4, nexthopv6 systemops.Nexthop, ca } }() - go func() { - <-ctx.Done() - err := unix.Close(fd) - if err != nil && !errors.Is(err, unix.EBADF) { - log.Debugf("Network monitor: closed routing socket: %v", err) - } - }() - for { select { case <-ctx.Done(): - return ErrStopped + return ctx.Err() default: buf := make([]byte, 2048) n, err := unix.Read(fd, buf) @@ -76,11 +68,11 @@ func checkChange(ctx context.Context, nexthopv4, nexthopv6 systemops.Nexthop, ca switch msg.Type { case unix.RTM_ADD: log.Infof("Network monitor: default route changed: via %s, interface %s", route.Gw, intf) - go callback() + return nil case unix.RTM_DELETE: if nexthopv4.Intf != nil && route.Gw.Compare(nexthopv4.IP) == 0 || nexthopv6.Intf != nil && route.Gw.Compare(nexthopv6.IP) == 0 { log.Infof("Network monitor: default route removed: via %s, interface %s", route.Gw, intf) - go callback() + return nil } } } diff --git a/client/internal/networkmonitor/monitor_linux.go b/client/internal/networkmonitor/check_change_linux.go similarity index 93% rename from client/internal/networkmonitor/monitor_linux.go rename to client/internal/networkmonitor/check_change_linux.go index 035be1f09..efd8b5884 100644 --- a/client/internal/networkmonitor/monitor_linux.go +++ b/client/internal/networkmonitor/check_change_linux.go @@ -14,7 +14,7 @@ import ( "github.com/netbirdio/netbird/client/internal/routemanager/systemops" ) -func checkChange(ctx context.Context, nexthopv4, nexthopv6 systemops.Nexthop, callback func()) error { +func checkChange(ctx context.Context, nexthopv4, nexthopv6 systemops.Nexthop) error { if nexthopv4.Intf == nil && nexthopv6.Intf == nil { return errors.New("no interfaces available") } @@ -31,8 +31,7 @@ func checkChange(ctx context.Context, nexthopv4, nexthopv6 systemops.Nexthop, ca for { select { case <-ctx.Done(): - return ErrStopped - + return ctx.Err() // handle route changes case route := <-routeChan: // default route and main table @@ -43,12 +42,10 @@ func checkChange(ctx context.Context, nexthopv4, nexthopv6 systemops.Nexthop, ca // triggered on added/replaced routes case syscall.RTM_NEWROUTE: log.Infof("Network monitor: default route changed: via %s, interface %d", route.Gw, route.LinkIndex) - go callback() return nil case syscall.RTM_DELROUTE: if nexthopv4.Intf != nil && route.Gw.Equal(nexthopv4.IP.AsSlice()) || nexthopv6.Intf != nil && route.Gw.Equal(nexthopv6.IP.AsSlice()) { log.Infof("Network monitor: default route removed: via %s, interface %d", route.Gw, route.LinkIndex) - go callback() return nil } } diff --git a/client/internal/networkmonitor/monitor_windows.go b/client/internal/networkmonitor/check_change_windows.go similarity index 89% rename from client/internal/networkmonitor/monitor_windows.go rename to client/internal/networkmonitor/check_change_windows.go index cd48c269d..582865738 100644 --- a/client/internal/networkmonitor/monitor_windows.go +++ b/client/internal/networkmonitor/check_change_windows.go @@ -10,7 +10,7 @@ import ( "github.com/netbirdio/netbird/client/internal/routemanager/systemops" ) -func checkChange(ctx context.Context, nexthopv4, nexthopv6 systemops.Nexthop, callback func()) error { +func checkChange(ctx context.Context, nexthopv4, nexthopv6 systemops.Nexthop) error { routeMonitor, err := systemops.NewRouteMonitor(ctx) if err != nil { return fmt.Errorf("failed to create route monitor: %w", err) @@ -24,20 +24,20 @@ func checkChange(ctx context.Context, nexthopv4, nexthopv6 systemops.Nexthop, ca for { select { case <-ctx.Done(): - return ErrStopped + return ctx.Err() case route := <-routeMonitor.RouteUpdates(): if route.Destination.Bits() != 0 { continue } - if routeChanged(route, nexthopv4, nexthopv6, callback) { - break + if routeChanged(route, nexthopv4, nexthopv6) { + return nil } } } } -func routeChanged(route systemops.RouteUpdate, nexthopv4, nexthopv6 systemops.Nexthop, callback func()) bool { +func routeChanged(route systemops.RouteUpdate, nexthopv4, nexthopv6 systemops.Nexthop) bool { intf := "" if route.Interface != nil { intf = route.Interface.Name @@ -51,18 +51,15 @@ func routeChanged(route systemops.RouteUpdate, nexthopv4, nexthopv6 systemops.Ne case systemops.RouteModified: // TODO: get routing table to figure out if our route is affected for modified routes log.Infof("Network monitor: default route changed: via %s, interface %s", route.NextHop, intf) - go callback() return true case systemops.RouteAdded: if route.NextHop.Is4() && route.NextHop != nexthopv4.IP || route.NextHop.Is6() && route.NextHop != nexthopv6.IP { log.Infof("Network monitor: default route added: via %s, interface %s", route.NextHop, intf) - go callback() return true } case systemops.RouteDeleted: if nexthopv4.Intf != nil && route.NextHop == nexthopv4.IP || nexthopv6.Intf != nil && route.NextHop == nexthopv6.IP { log.Infof("Network monitor: default route removed: via %s, interface %s", route.NextHop, intf) - go callback() return true } } diff --git a/client/internal/networkmonitor/monitor.go b/client/internal/networkmonitor/monitor.go index 5475455c6..5896b66b6 100644 --- a/client/internal/networkmonitor/monitor.go +++ b/client/internal/networkmonitor/monitor.go @@ -1,12 +1,27 @@ +//go:build !ios && !android + package networkmonitor import ( "context" "errors" + "fmt" + "net/netip" + "runtime/debug" "sync" + "time" + + "github.com/cenkalti/backoff/v4" + log "github.com/sirupsen/logrus" + + "github.com/netbirdio/netbird/client/internal/routemanager/systemops" ) -var ErrStopped = errors.New("monitor has been stopped") +const ( + debounceTime = 2 * time.Second +) + +var checkChangeFn = checkChange // NetworkMonitor watches for changes in network configuration. type NetworkMonitor struct { @@ -19,3 +34,99 @@ type NetworkMonitor struct { func New() *NetworkMonitor { return &NetworkMonitor{} } + +// Listen begins monitoring network changes. When a change is detected, this function will return without error. +func (nw *NetworkMonitor) Listen(ctx context.Context) (err error) { + nw.mu.Lock() + if nw.cancel != nil { + nw.mu.Unlock() + return errors.New("network monitor already started") + } + + ctx, nw.cancel = context.WithCancel(ctx) + defer nw.cancel() + nw.wg.Add(1) + nw.mu.Unlock() + + defer nw.wg.Done() + + var nexthop4, nexthop6 systemops.Nexthop + + operation := func() error { + var errv4, errv6 error + nexthop4, errv4 = systemops.GetNextHop(netip.IPv4Unspecified()) + nexthop6, errv6 = systemops.GetNextHop(netip.IPv6Unspecified()) + + if errv4 != nil && errv6 != nil { + return errors.New("failed to get default next hops") + } + + if errv4 == nil { + log.Debugf("Network monitor: IPv4 default route: %s, interface: %s", nexthop4.IP, nexthop4.Intf.Name) + } + if errv6 == nil { + log.Debugf("Network monitor: IPv6 default route: %s, interface: %s", nexthop6.IP, nexthop6.Intf.Name) + } + + // continue if either route was found + return nil + } + + expBackOff := backoff.WithContext(backoff.NewExponentialBackOff(), ctx) + + if err := backoff.Retry(operation, expBackOff); err != nil { + return fmt.Errorf("failed to get default next hops: %w", err) + } + + // recover in case sys ops panic + defer func() { + if r := recover(); r != nil { + err = fmt.Errorf("panic occurred: %v, stack trace: %s", r, debug.Stack()) + } + }() + + event := make(chan struct{}, 1) + go nw.checkChanges(ctx, event, nexthop4, nexthop6) + + // debounce changes + timer := time.NewTimer(0) + timer.Stop() + for { + select { + case <-event: + timer.Reset(debounceTime) + case <-timer.C: + return nil + case <-ctx.Done(): + timer.Stop() + return ctx.Err() + } + } +} + +// Stop stops the network monitor. +func (nw *NetworkMonitor) Stop() { + nw.mu.Lock() + defer nw.mu.Unlock() + + if nw.cancel == nil { + return + } + + nw.cancel() + nw.wg.Wait() +} + +func (nw *NetworkMonitor) checkChanges(ctx context.Context, event chan struct{}, nexthop4 systemops.Nexthop, nexthop6 systemops.Nexthop) { + for { + if err := checkChangeFn(ctx, nexthop4, nexthop6); err != nil { + close(event) + return + } + // prevent blocking + select { + case event <- struct{}{}: + default: + } + } +} diff --git a/client/internal/networkmonitor/monitor_generic.go b/client/internal/networkmonitor/monitor_generic.go deleted file mode 100644 index 19648edba..000000000 --- a/client/internal/networkmonitor/monitor_generic.go +++ /dev/null @@ -1,82 +0,0 @@ -//go:build !ios && !android - -package networkmonitor - -import ( - "context" - "errors" - "fmt" - "net/netip" - "runtime/debug" - - "github.com/cenkalti/backoff/v4" - log "github.com/sirupsen/logrus" - - "github.com/netbirdio/netbird/client/internal/routemanager/systemops" -) - -// Start begins monitoring network changes. When a change is detected, it calls the callback asynchronously and returns. -func (nw *NetworkMonitor) Start(ctx context.Context, callback func()) (err error) { - if ctx.Err() != nil { - return ctx.Err() - } - - nw.mu.Lock() - ctx, nw.cancel = context.WithCancel(ctx) - nw.mu.Unlock() - - nw.wg.Add(1) - defer nw.wg.Done() - - var nexthop4, nexthop6 systemops.Nexthop - - operation := func() error { - var errv4, errv6 error - nexthop4, errv4 = systemops.GetNextHop(netip.IPv4Unspecified()) - nexthop6, errv6 = systemops.GetNextHop(netip.IPv6Unspecified()) - - if errv4 != nil && errv6 != nil { - return errors.New("failed to get default next hops") - } - - if errv4 == nil { - log.Debugf("Network monitor: IPv4 default route: %s, interface: %s", nexthop4.IP, nexthop4.Intf.Name) - } - if errv6 == nil { - log.Debugf("Network monitor: IPv6 default route: %s, interface: %s", nexthop6.IP, nexthop6.Intf.Name) - } - - // continue if either route was found - return nil - } - - expBackOff := backoff.WithContext(backoff.NewExponentialBackOff(), ctx) - - if err := backoff.Retry(operation, expBackOff); err != nil { - return fmt.Errorf("failed to get default next hops: %w", err) - } - - // recover in case sys ops panic - defer func() { - if r := recover(); r != nil { - err = fmt.Errorf("panic occurred: %v, stack trace: %s", r, debug.Stack()) - } - }() - - if err := checkChange(ctx, nexthop4, nexthop6, callback); err != nil { - return fmt.Errorf("check change: %w", err) - } - - return nil -} - -// Stop stops the network monitor. -func (nw *NetworkMonitor) Stop() { - nw.mu.Lock() - defer nw.mu.Unlock() - - if nw.cancel != nil { - nw.cancel() - nw.wg.Wait() - } -} diff --git a/client/internal/networkmonitor/monitor_mobile.go b/client/internal/networkmonitor/monitor_mobile.go index c81fad16c..861dbbe3c 100644 --- a/client/internal/networkmonitor/monitor_mobile.go +++ b/client/internal/networkmonitor/monitor_mobile.go @@ -2,10 +2,21 @@ package networkmonitor -import "context" +import ( + "context" + "fmt" +) -func (nw *NetworkMonitor) Start(context.Context, func()) error { - return nil +type NetworkMonitor struct { +} + +// New creates a new network monitor. +func New() *NetworkMonitor { + return &NetworkMonitor{} +} + +func (nw *NetworkMonitor) Listen(_ context.Context) error { + return fmt.Errorf("network monitor not supported on mobile platforms") } func (nw *NetworkMonitor) Stop() { diff --git a/client/internal/networkmonitor/monitor_test.go b/client/internal/networkmonitor/monitor_test.go new file mode 100644 index 000000000..164686689 --- /dev/null +++ b/client/internal/networkmonitor/monitor_test.go @@ -0,0 +1,99 @@ +package networkmonitor + +import ( + "context" + "errors" + "testing" + "time" + + "github.com/netbirdio/netbird/client/internal/routemanager/systemops" +) + +type MocMultiEvent struct { + counter int +} + +func (m *MocMultiEvent) checkChange(ctx context.Context, nexthopv4, nexthopv6 systemops.Nexthop) error { + if m.counter == 0 { + <-ctx.Done() + return ctx.Err() + } + + time.Sleep(1 * time.Second) + m.counter-- + return nil +} + +func TestNetworkMonitor_Close(t *testing.T) { + checkChangeFn = func(ctx context.Context, nexthopv4, nexthopv6 systemops.Nexthop) error { + <-ctx.Done() + return ctx.Err() + } + nw := New() + + var resErr error + done := make(chan struct{}) + go func() { + resErr = nw.Listen(context.Background()) + close(done) + }() + + time.Sleep(1 * time.Second) // wait for the goroutine to start + nw.Stop() + + <-done + if !errors.Is(resErr, context.Canceled) { + t.Errorf("unexpected error: %v", resErr) + } +} + +func TestNetworkMonitor_Event(t *testing.T) { + checkChangeFn = func(ctx context.Context, nexthopv4, nexthopv6 systemops.Nexthop) error { + timeout, cancel := context.WithTimeout(ctx, 3*time.Second) + defer cancel() + select { + case <-ctx.Done(): + return ctx.Err() + case <-timeout.Done(): + return nil + } + } + nw := New() + defer nw.Stop() + + var resErr error + done := make(chan struct{}) + go func() { + resErr = nw.Listen(context.Background()) + close(done) + }() + + <-done + if !errors.Is(resErr, nil) { + t.Errorf("unexpected error: %v", nil) + } +} + +func TestNetworkMonitor_MultiEvent(t *testing.T) { + eventsRepeated := 3 + me := &MocMultiEvent{counter: eventsRepeated} + checkChangeFn = me.checkChange + + nw := New() + defer nw.Stop() + + done := make(chan struct{}) + started := time.Now() + go func() { + if resErr := nw.Listen(context.Background()); resErr != nil { + t.Errorf("unexpected error: %v", resErr) + } + close(done) + }() + + <-done + expectedResponseTime := time.Duration(eventsRepeated)*time.Second + debounceTime + if time.Since(started) < expectedResponseTime { + t.Errorf("unexpected duration: %v", time.Since(started)) + } +} diff --git a/client/internal/peer/conn.go b/client/internal/peer/conn.go index 9b4d1a554..b91cfe33c 100644 --- a/client/internal/peer/conn.go +++ b/client/internal/peer/conn.go @@ -442,8 +442,8 @@ func (conn *Conn) onRelayConnectionIsReady(rci RelayConnInfo) { conn.log.Infof("created new wgProxy for relay connection: %s", wgProxy.EndpointAddr().String()) - if conn.iceP2PIsActive() { - conn.log.Debugf("do not switch to relay because current priority is: %s", conn.currentConnPriority.String()) + if conn.isICEActive() { + conn.log.Infof("do not switch to relay because current priority is: %s", conn.currentConnPriority.String()) conn.setRelayedProxy(wgProxy) conn.statusRelay.Set(StatusConnected) conn.updateRelayStatus(rci.relayedConn.RemoteAddr().String(), rci.rosenpassPubKey) @@ -711,8 +711,8 @@ func (conn *Conn) isReadyToUpgrade() bool { return conn.wgProxyRelay != nil && conn.currentConnPriority != connPriorityRelay } -func (conn *Conn) iceP2PIsActive() bool { - return conn.currentConnPriority == connPriorityICEP2P && conn.statusICE.Get() == StatusConnected +func (conn *Conn) isICEActive() bool { + return (conn.currentConnPriority == connPriorityICEP2P || conn.currentConnPriority == connPriorityICETurn) && conn.statusICE.Get() == StatusConnected } func (conn *Conn) removeWgPeer() error { diff --git a/client/internal/peer/iface.go b/client/internal/peer/iface.go index c7b6de9ea..32ac5c7db 100644 --- a/client/internal/peer/iface.go +++ b/client/internal/peer/iface.go @@ -8,6 +8,7 @@ import ( "golang.zx2c4.com/wireguard/wgctrl/wgtypes" "github.com/netbirdio/netbird/client/iface/configurer" + "github.com/netbirdio/netbird/client/iface/wgaddr" "github.com/netbirdio/netbird/client/iface/wgproxy" ) @@ -16,4 +17,5 @@ type WGIface interface { RemovePeer(peerKey string) error GetStats(peerKey string) (configurer.WGStats, error) GetProxy() wgproxy.Proxy + Address() wgaddr.Address } diff --git a/client/internal/peer/worker_ice.go b/client/internal/peer/worker_ice.go index 7dd84a98e..5ceb3f453 100644 --- a/client/internal/peer/worker_ice.go +++ b/client/internal/peer/worker_ice.go @@ -358,6 +358,12 @@ func extraSrflxCandidate(candidate ice.Candidate) (*ice.CandidateServerReflexive } func candidateViaRoutes(candidate ice.Candidate, clientRoutes route.HAMap) bool { + addr, err := netip.ParseAddr(candidate.Address()) + if err != nil { + log.Errorf("Failed to parse IP address %s: %v", candidate.Address(), err) + return false + } + var routePrefixes []netip.Prefix for _, routes := range clientRoutes { if len(routes) > 0 && routes[0] != nil { @@ -365,14 +371,8 @@ func candidateViaRoutes(candidate ice.Candidate, clientRoutes route.HAMap) bool } } - addr, err := netip.ParseAddr(candidate.Address()) - if err != nil { - log.Errorf("Failed to parse IP address %s: %v", candidate.Address(), err) - return false - } - for _, prefix := range routePrefixes { - // default route is + // default route is handled by route exclusion / ip rules if prefix.Bits() == 0 { continue } diff --git a/client/internal/routemanager/dnsinterceptor/handler.go b/client/internal/routemanager/dnsinterceptor/handler.go index 0c0d964d0..2e6e4fede 100644 --- a/client/internal/routemanager/dnsinterceptor/handler.go +++ b/client/internal/routemanager/dnsinterceptor/handler.go @@ -160,6 +160,12 @@ func (d *DnsInterceptor) ServeDNS(w dns.ResponseWriter, r *dns.Msg) { return } + // set the AuthenticatedData flag and the EDNS0 buffer size to 4096 bytes to support larger dns records + if r.Extra == nil { + r.SetEdns0(4096, false) + r.MsgHdr.AuthenticatedData = true + } + client := &dns.Client{ Timeout: 5 * time.Second, Net: "udp", diff --git a/client/internal/routemanager/iface/iface_common.go b/client/internal/routemanager/iface/iface_common.go index 8b2dc9714..9e1f8058a 100644 --- a/client/internal/routemanager/iface/iface_common.go +++ b/client/internal/routemanager/iface/iface_common.go @@ -3,9 +3,9 @@ package iface import ( "net" - "github.com/netbirdio/netbird/client/iface" "github.com/netbirdio/netbird/client/iface/configurer" "github.com/netbirdio/netbird/client/iface/device" + "github.com/netbirdio/netbird/client/iface/wgaddr" ) type wgIfaceBase interface { @@ -13,7 +13,7 @@ type wgIfaceBase interface { RemoveAllowedIP(peerKey string, allowedIP string) error Name() string - Address() iface.WGAddress + Address() wgaddr.Address ToInterface() *net.Interface IsUserspaceBind() bool GetFilter() device.PacketFilter diff --git a/client/netbird.wxs b/client/netbird.wxs index ee9ab667f..5e03a014d 100644 --- a/client/netbird.wxs +++ b/client/netbird.wxs @@ -71,7 +71,7 @@ - + diff --git a/client/resources.rc b/client/resources.rc index ac411245e..696fd0dfa 100644 --- a/client/resources.rc +++ b/client/resources.rc @@ -5,5 +5,5 @@ #define STRINGIZE(x) #x #define EXPAND(x) STRINGIZE(x) CREATEPROCESS_MANIFEST_RESOURCE_ID RT_MANIFEST manifest.xml -7 ICON ui/netbird.ico +7 ICON ui/assets/netbird.ico wintun.dll RCDATA wintun.dll diff --git a/client/server/panic_windows.go b/client/server/panic_windows.go index 1d4ba4b75..c5e73be7c 100644 --- a/client/server/panic_windows.go +++ b/client/server/panic_windows.go @@ -3,7 +3,7 @@ package server import ( "fmt" "os" - "path/filepath" + "path" "syscall" log "github.com/sirupsen/logrus" @@ -12,7 +12,6 @@ import ( ) const ( - windowsPanicLogEnvVar = "NB_WINDOWS_PANIC_LOG" // STD_ERROR_HANDLE ((DWORD)-12) = 4294967284 stdErrorHandle = ^uintptr(11) ) @@ -25,13 +24,10 @@ var ( ) func handlePanicLog() error { - logPath := os.Getenv(windowsPanicLogEnvVar) - if logPath == "" { - return nil - } + // TODO: move this to a central location + logDir := path.Join(os.Getenv("PROGRAMDATA"), "Netbird") + logPath := path.Join(logDir, "netbird.err") - // Ensure the directory exists - logDir := filepath.Dir(logPath) if err := os.MkdirAll(logDir, 0750); err != nil { return fmt.Errorf("create panic log directory: %w", err) } @@ -39,13 +35,11 @@ func handlePanicLog() error { return fmt.Errorf("enforce permission on panic log file: %w", err) } - // Open log file with append mode f, err := os.OpenFile(logPath, os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0644) if err != nil { return fmt.Errorf("open panic log file: %w", err) } - // Redirect stderr to the file if err = redirectStderr(f); err != nil { if closeErr := f.Close(); closeErr != nil { log.Warnf("failed to close file after redirect error: %v", closeErr) @@ -59,7 +53,6 @@ func handlePanicLog() error { // redirectStderr redirects stderr to the provided file func redirectStderr(f *os.File) error { - // Get the current process's stderr handle if err := setStdHandle(f); err != nil { return fmt.Errorf("failed to set stderr handle: %w", err) } diff --git a/client/server/server.go b/client/server/server.go index 8907f541f..2d8f759cd 100644 --- a/client/server/server.go +++ b/client/server/server.go @@ -160,7 +160,7 @@ func (s *Server) Start() error { // mechanism to keep the client connected even when the connection is lost. // we cancel retry if the client receive a stop or down command, or if disable auto connect is configured. func (s *Server) connectWithRetryRuns(ctx context.Context, config *internal.Config, statusRecorder *peer.Status, - runningChan chan error, + runningChan chan struct{}, ) { backOff := getConnectWithBackoff(ctx) retryStarted := false @@ -628,20 +628,21 @@ func (s *Server) Up(callerCtx context.Context, _ *proto.UpRequest) (*proto.UpRes s.statusRecorder.UpdateManagementAddress(s.config.ManagementURL.String()) s.statusRecorder.UpdateRosenpass(s.config.RosenpassEnabled, s.config.RosenpassPermissive) - runningChan := make(chan error) - go s.connectWithRetryRuns(ctx, s.config, s.statusRecorder, runningChan) + timeoutCtx, cancel := context.WithTimeout(callerCtx, 50*time.Second) + defer cancel() + runningChan := make(chan struct{}, 1) // buffered channel to do not lose the signal + go s.connectWithRetryRuns(ctx, s.config, s.statusRecorder, runningChan) for { select { - case err := <-runningChan: - if err != nil { - log.Debugf("waiting for engine to become ready failed: %s", err) - } else { - return &proto.UpResponse{}, nil - } + case <-runningChan: + return &proto.UpResponse{}, nil case <-callerCtx.Done(): log.Debug("context done, stopping the wait for engine to become ready") return nil, callerCtx.Err() + case <-timeoutCtx.Done(): + log.Debug("up is timed out, stopping the wait for engine to become ready") + return nil, timeoutCtx.Err() } } } diff --git a/client/ui/netbird-systemtray-connected-dark.ico b/client/ui/assets/netbird-systemtray-connected-dark.ico similarity index 100% rename from client/ui/netbird-systemtray-connected-dark.ico rename to client/ui/assets/netbird-systemtray-connected-dark.ico diff --git a/client/ui/netbird-systemtray-connected-dark.png b/client/ui/assets/netbird-systemtray-connected-dark.png similarity index 100% rename from client/ui/netbird-systemtray-connected-dark.png rename to client/ui/assets/netbird-systemtray-connected-dark.png diff --git a/client/ui/netbird-systemtray-connected-macos.png b/client/ui/assets/netbird-systemtray-connected-macos.png similarity index 100% rename from client/ui/netbird-systemtray-connected-macos.png rename to client/ui/assets/netbird-systemtray-connected-macos.png diff --git a/client/ui/netbird-systemtray-connected.ico b/client/ui/assets/netbird-systemtray-connected.ico similarity index 100% rename from client/ui/netbird-systemtray-connected.ico rename to client/ui/assets/netbird-systemtray-connected.ico diff --git a/client/ui/netbird-systemtray-connected.png b/client/ui/assets/netbird-systemtray-connected.png similarity index 100% rename from client/ui/netbird-systemtray-connected.png rename to client/ui/assets/netbird-systemtray-connected.png diff --git a/client/ui/netbird-systemtray-connecting-dark.ico b/client/ui/assets/netbird-systemtray-connecting-dark.ico similarity index 100% rename from client/ui/netbird-systemtray-connecting-dark.ico rename to client/ui/assets/netbird-systemtray-connecting-dark.ico diff --git a/client/ui/netbird-systemtray-connecting-dark.png b/client/ui/assets/netbird-systemtray-connecting-dark.png similarity index 100% rename from client/ui/netbird-systemtray-connecting-dark.png rename to client/ui/assets/netbird-systemtray-connecting-dark.png diff --git a/client/ui/netbird-systemtray-connecting-macos.png b/client/ui/assets/netbird-systemtray-connecting-macos.png similarity index 100% rename from client/ui/netbird-systemtray-connecting-macos.png rename to client/ui/assets/netbird-systemtray-connecting-macos.png diff --git a/client/ui/netbird-systemtray-connecting.ico b/client/ui/assets/netbird-systemtray-connecting.ico similarity index 100% rename from client/ui/netbird-systemtray-connecting.ico rename to client/ui/assets/netbird-systemtray-connecting.ico diff --git a/client/ui/netbird-systemtray-connecting.png b/client/ui/assets/netbird-systemtray-connecting.png similarity index 100% rename from client/ui/netbird-systemtray-connecting.png rename to client/ui/assets/netbird-systemtray-connecting.png diff --git a/client/ui/netbird-systemtray-disconnected-macos.png b/client/ui/assets/netbird-systemtray-disconnected-macos.png similarity index 100% rename from client/ui/netbird-systemtray-disconnected-macos.png rename to client/ui/assets/netbird-systemtray-disconnected-macos.png diff --git a/client/ui/netbird-systemtray-disconnected.ico b/client/ui/assets/netbird-systemtray-disconnected.ico similarity index 100% rename from client/ui/netbird-systemtray-disconnected.ico rename to client/ui/assets/netbird-systemtray-disconnected.ico diff --git a/client/ui/netbird-systemtray-disconnected.png b/client/ui/assets/netbird-systemtray-disconnected.png similarity index 100% rename from client/ui/netbird-systemtray-disconnected.png rename to client/ui/assets/netbird-systemtray-disconnected.png diff --git a/client/ui/netbird-systemtray-error-dark.ico b/client/ui/assets/netbird-systemtray-error-dark.ico similarity index 100% rename from client/ui/netbird-systemtray-error-dark.ico rename to client/ui/assets/netbird-systemtray-error-dark.ico diff --git a/client/ui/netbird-systemtray-error-dark.png b/client/ui/assets/netbird-systemtray-error-dark.png similarity index 100% rename from client/ui/netbird-systemtray-error-dark.png rename to client/ui/assets/netbird-systemtray-error-dark.png diff --git a/client/ui/netbird-systemtray-error-macos.png b/client/ui/assets/netbird-systemtray-error-macos.png similarity index 100% rename from client/ui/netbird-systemtray-error-macos.png rename to client/ui/assets/netbird-systemtray-error-macos.png diff --git a/client/ui/netbird-systemtray-error.ico b/client/ui/assets/netbird-systemtray-error.ico similarity index 100% rename from client/ui/netbird-systemtray-error.ico rename to client/ui/assets/netbird-systemtray-error.ico diff --git a/client/ui/netbird-systemtray-error.png b/client/ui/assets/netbird-systemtray-error.png similarity index 100% rename from client/ui/netbird-systemtray-error.png rename to client/ui/assets/netbird-systemtray-error.png diff --git a/client/ui/netbird-systemtray-update-connected-dark.ico b/client/ui/assets/netbird-systemtray-update-connected-dark.ico similarity index 100% rename from client/ui/netbird-systemtray-update-connected-dark.ico rename to client/ui/assets/netbird-systemtray-update-connected-dark.ico diff --git a/client/ui/netbird-systemtray-update-connected-dark.png b/client/ui/assets/netbird-systemtray-update-connected-dark.png similarity index 100% rename from client/ui/netbird-systemtray-update-connected-dark.png rename to client/ui/assets/netbird-systemtray-update-connected-dark.png diff --git a/client/ui/netbird-systemtray-update-connected-macos.png b/client/ui/assets/netbird-systemtray-update-connected-macos.png similarity index 100% rename from client/ui/netbird-systemtray-update-connected-macos.png rename to client/ui/assets/netbird-systemtray-update-connected-macos.png diff --git a/client/ui/netbird-systemtray-update-connected.ico b/client/ui/assets/netbird-systemtray-update-connected.ico similarity index 100% rename from client/ui/netbird-systemtray-update-connected.ico rename to client/ui/assets/netbird-systemtray-update-connected.ico diff --git a/client/ui/netbird-systemtray-update-connected.png b/client/ui/assets/netbird-systemtray-update-connected.png similarity index 100% rename from client/ui/netbird-systemtray-update-connected.png rename to client/ui/assets/netbird-systemtray-update-connected.png diff --git a/client/ui/netbird-systemtray-update-disconnected-dark.ico b/client/ui/assets/netbird-systemtray-update-disconnected-dark.ico similarity index 100% rename from client/ui/netbird-systemtray-update-disconnected-dark.ico rename to client/ui/assets/netbird-systemtray-update-disconnected-dark.ico diff --git a/client/ui/netbird-systemtray-update-disconnected-dark.png b/client/ui/assets/netbird-systemtray-update-disconnected-dark.png similarity index 100% rename from client/ui/netbird-systemtray-update-disconnected-dark.png rename to client/ui/assets/netbird-systemtray-update-disconnected-dark.png diff --git a/client/ui/netbird-systemtray-update-disconnected-macos.png b/client/ui/assets/netbird-systemtray-update-disconnected-macos.png similarity index 100% rename from client/ui/netbird-systemtray-update-disconnected-macos.png rename to client/ui/assets/netbird-systemtray-update-disconnected-macos.png diff --git a/client/ui/netbird-systemtray-update-disconnected.ico b/client/ui/assets/netbird-systemtray-update-disconnected.ico similarity index 100% rename from client/ui/netbird-systemtray-update-disconnected.ico rename to client/ui/assets/netbird-systemtray-update-disconnected.ico diff --git a/client/ui/netbird-systemtray-update-disconnected.png b/client/ui/assets/netbird-systemtray-update-disconnected.png similarity index 100% rename from client/ui/netbird-systemtray-update-disconnected.png rename to client/ui/assets/netbird-systemtray-update-disconnected.png diff --git a/client/ui/netbird.ico b/client/ui/assets/netbird.ico similarity index 100% rename from client/ui/netbird.ico rename to client/ui/assets/netbird.ico diff --git a/client/ui/netbird.png b/client/ui/assets/netbird.png similarity index 100% rename from client/ui/netbird.png rename to client/ui/assets/netbird.png diff --git a/client/ui/banner.bmp b/client/ui/build/banner.bmp similarity index 100% rename from client/ui/banner.bmp rename to client/ui/build/banner.bmp diff --git a/client/ui/build-ui-linux.sh b/client/ui/build/build-ui-linux.sh similarity index 100% rename from client/ui/build-ui-linux.sh rename to client/ui/build/build-ui-linux.sh diff --git a/client/ui/netbird.desktop b/client/ui/build/netbird.desktop similarity index 100% rename from client/ui/netbird.desktop rename to client/ui/build/netbird.desktop diff --git a/client/ui/client_ui.go b/client/ui/client_ui.go index 51eec59a5..914d4f3b9 100644 --- a/client/ui/client_ui.go +++ b/client/ui/client_ui.go @@ -35,7 +35,9 @@ import ( "github.com/netbirdio/netbird/client/proto" "github.com/netbirdio/netbird/client/ui/desktop" "github.com/netbirdio/netbird/client/ui/event" + "github.com/netbirdio/netbird/client/ui/process" "github.com/netbirdio/netbird/util" + "github.com/netbirdio/netbird/version" ) @@ -44,94 +46,125 @@ const ( failFastTimeout = time.Second ) +const ( + censoredPreSharedKey = "**********" +) + func main() { - var daemonAddr string - - defaultDaemonAddr := "unix:///var/run/netbird.sock" - if runtime.GOOS == "windows" { - defaultDaemonAddr = "tcp://127.0.0.1:41731" - } - - flag.StringVar( - &daemonAddr, "daemon-addr", - defaultDaemonAddr, - "Daemon service address to serve CLI requests [unix|tcp]://[path|host:port]") - - var showSettings bool - flag.BoolVar(&showSettings, "settings", false, "run settings windows") - var showRoutes bool - flag.BoolVar(&showRoutes, "networks", false, "run networks windows") - var errorMSG string - flag.StringVar(&errorMSG, "error-msg", "", "displays a error message window") - - tmpDir := "/tmp" - if runtime.GOOS == "windows" { - tmpDir = os.TempDir() - } - - var saveLogsInFile bool - flag.BoolVar(&saveLogsInFile, "use-log-file", false, fmt.Sprintf("save logs in a file: %s/netbird-ui-PID.log", tmpDir)) - - flag.Parse() + daemonAddr, showSettings, showNetworks, errorMsg, saveLogsInFile := parseFlags() + // Initialize file logging if needed. if saveLogsInFile { - logFile := path.Join(tmpDir, fmt.Sprintf("netbird-ui-%d.log", os.Getpid())) - err := util.InitLog("trace", logFile) - if err != nil { + if err := initLogFile(); err != nil { log.Errorf("error while initializing log: %v", err) return } } + // Create the Fyne application. a := app.NewWithID("NetBird") a.SetIcon(fyne.NewStaticResource("netbird", iconDisconnected)) - if errorMSG != "" { - showErrorMSG(errorMSG) + // Show error message window if needed. + if errorMsg != "" { + showErrorMessage(errorMsg) return } - client := newServiceClient(daemonAddr, a, showSettings, showRoutes) + // Create the service client (this also builds the settings or networks UI if requested). + client := newServiceClient(daemonAddr, a, showSettings, showNetworks) + + // Watch for theme/settings changes to update the icon. + go watchSettingsChanges(a, client) + + // Run in window mode if any UI flag was set. + if showSettings || showNetworks { + a.Run() + return + } + + // Check for another running process. + running, err := process.IsAnotherProcessRunning() + if err != nil { + log.Errorf("error while checking process: %v", err) + return + } + if running { + log.Warn("another process is running") + return + } + + client.setDefaultFonts() + systray.Run(client.onTrayReady, client.onTrayExit) +} + +// parseFlags reads and returns all needed command-line flags. +func parseFlags() (daemonAddr string, showSettings, showNetworks bool, errorMsg string, saveLogsInFile bool) { + defaultDaemonAddr := "unix:///var/run/netbird.sock" + if runtime.GOOS == "windows" { + defaultDaemonAddr = "tcp://127.0.0.1:41731" + } + flag.StringVar(&daemonAddr, "daemon-addr", defaultDaemonAddr, "Daemon service address to serve CLI requests [unix|tcp]://[path|host:port]") + flag.BoolVar(&showSettings, "settings", false, "run settings window") + flag.BoolVar(&showNetworks, "networks", false, "run networks window") + flag.StringVar(&errorMsg, "error-msg", "", "displays an error message window") + + tmpDir := "/tmp" + if runtime.GOOS == "windows" { + tmpDir = os.TempDir() + } + flag.BoolVar(&saveLogsInFile, "use-log-file", false, fmt.Sprintf("save logs in a file: %s/netbird-ui-PID.log", tmpDir)) + flag.Parse() + return +} + +// initLogFile initializes logging into a file. +func initLogFile() error { + tmpDir := "/tmp" + if runtime.GOOS == "windows" { + tmpDir = os.TempDir() + } + logFile := path.Join(tmpDir, fmt.Sprintf("netbird-ui-%d.log", os.Getpid())) + return util.InitLog("trace", logFile) +} + +// watchSettingsChanges listens for Fyne theme/settings changes and updates the client icon. +func watchSettingsChanges(a fyne.App, client *serviceClient) { settingsChangeChan := make(chan fyne.Settings) a.Settings().AddChangeListener(settingsChangeChan) - go func() { - for range settingsChangeChan { - client.updateIcon() - } - }() - - if showSettings || showRoutes { - a.Run() - } else { - running, err := isAnotherProcessRunning() - if err != nil { - log.Errorf("error while checking process: %v", err) - } - if running { - log.Warn("another process is running") - return - } - client.setDefaultFonts() - systray.Run(client.onTrayReady, client.onTrayExit) + for range settingsChangeChan { + client.updateIcon() } } -//go:embed netbird-systemtray-connected-macos.png +// showErrorMessage displays an error message in a simple window. +func showErrorMessage(msg string) { + a := app.New() + w := a.NewWindow("NetBird Error") + label := widget.NewLabel(msg) + label.Wrapping = fyne.TextWrapWord + w.SetContent(label) + w.Resize(fyne.NewSize(400, 100)) + w.Show() + a.Run() +} + +//go:embed assets/netbird-systemtray-connected-macos.png var iconConnectedMacOS []byte -//go:embed netbird-systemtray-disconnected-macos.png +//go:embed assets/netbird-systemtray-disconnected-macos.png var iconDisconnectedMacOS []byte -//go:embed netbird-systemtray-update-disconnected-macos.png +//go:embed assets/netbird-systemtray-update-disconnected-macos.png var iconUpdateDisconnectedMacOS []byte -//go:embed netbird-systemtray-update-connected-macos.png +//go:embed assets/netbird-systemtray-update-connected-macos.png var iconUpdateConnectedMacOS []byte -//go:embed netbird-systemtray-connecting-macos.png +//go:embed assets/netbird-systemtray-connecting-macos.png var iconConnectingMacOS []byte -//go:embed netbird-systemtray-error-macos.png +//go:embed assets/netbird-systemtray-error-macos.png var iconErrorMacOS []byte type serviceClient struct { @@ -154,6 +187,7 @@ type serviceClient struct { mAdminPanel *systray.MenuItem mSettings *systray.MenuItem mAbout *systray.MenuItem + mGitHub *systray.MenuItem mVersionUI *systray.MenuItem mVersionDaemon *systray.MenuItem mUpdate *systray.MenuItem @@ -300,18 +334,6 @@ func (s *serviceClient) showSettingsUI() { s.wSettings.Show() } -// showErrorMSG opens a fyne app window to display the supplied message -func showErrorMSG(msg string) { - app := app.New() - w := app.NewWindow("NetBird Error") - content := widget.NewLabel(msg) - content.Wrapping = fyne.TextWrapWord - w.SetContent(content) - w.Resize(fyne.NewSize(400, 100)) - w.Show() - app.Run() -} - // getSettingsForm to embed it into settings window. func (s *serviceClient) getSettingsForm() *widget.Form { return &widget.Form{ @@ -327,7 +349,7 @@ func (s *serviceClient) getSettingsForm() *widget.Form { }, SubmitText: "Save", OnSubmit: func() { - if s.iPreSharedKey.Text != "" && s.iPreSharedKey.Text != "**********" { + if s.iPreSharedKey.Text != "" && s.iPreSharedKey.Text != censoredPreSharedKey { // validate preSharedKey if it added if _, err := wgtypes.ParseKey(s.iPreSharedKey.Text); err != nil { dialog.ShowError(fmt.Errorf("Invalid Pre-shared Key Value"), s.wSettings) @@ -365,7 +387,7 @@ func (s *serviceClient) getSettingsForm() *widget.Form { WireguardPort: &port, } - if s.iPreSharedKey.Text != "**********" { + if s.iPreSharedKey.Text != censoredPreSharedKey { loginRequest.OptionalPreSharedKey = &s.iPreSharedKey.Text } @@ -587,26 +609,29 @@ func (s *serviceClient) onTrayReady() { s.mAdminPanel = systray.AddMenuItem("Admin Panel", "Netbird Admin Panel") systray.AddSeparator() - s.mSettings = systray.AddMenuItem("Settings", "Settings of the application") - s.mAllowSSH = s.mSettings.AddSubMenuItemCheckbox("Allow SSH", "Allow SSH connections", false) - s.mAutoConnect = s.mSettings.AddSubMenuItemCheckbox("Connect on Startup", "Connect automatically when the service starts", false) - s.mEnableRosenpass = s.mSettings.AddSubMenuItemCheckbox("Enable Quantum-Resistance", "Enable post-quantum security via Rosenpass", false) - s.mNotifications = s.mSettings.AddSubMenuItemCheckbox("Notifications", "Enable notifications", false) - s.mAdvancedSettings = s.mSettings.AddSubMenuItem("Advanced Settings", "Advanced settings of the application") - s.mCreateDebugBundle = s.mSettings.AddSubMenuItem("Create Debug Bundle", "Create and open debug information bundle") + s.mSettings = systray.AddMenuItem("Settings", settingsMenuDescr) + s.mAllowSSH = s.mSettings.AddSubMenuItemCheckbox("Allow SSH", allowSSHMenuDescr, false) + s.mAutoConnect = s.mSettings.AddSubMenuItemCheckbox("Connect on Startup", autoConnectMenuDescr, false) + s.mEnableRosenpass = s.mSettings.AddSubMenuItemCheckbox("Enable Quantum-Resistance", quantumResistanceMenuDescr, false) + s.mNotifications = s.mSettings.AddSubMenuItemCheckbox("Notifications", notificationsMenuDescr, false) + s.mAdvancedSettings = s.mSettings.AddSubMenuItem("Advanced Settings", advancedSettingsMenuDescr) + s.mCreateDebugBundle = s.mSettings.AddSubMenuItem("Create Debug Bundle", debugBundleMenuDescr) s.loadSettings() s.exitNodeMu.Lock() - s.mExitNode = systray.AddMenuItem("Exit Node", "Select exit node for routing traffic") + s.mExitNode = systray.AddMenuItem("Exit Node", exitNodeMenuDescr) s.mExitNode.Disable() s.exitNodeMu.Unlock() - s.mNetworks = systray.AddMenuItem("Networks", "Open the networks management window") + s.mNetworks = systray.AddMenuItem("Networks", networksMenuDescr) s.mNetworks.Disable() systray.AddSeparator() s.mAbout = systray.AddMenuItem("About", "About") s.mAbout.SetIcon(s.icAbout) + + s.mGitHub = s.mAbout.AddSubMenuItem("GitHub", "GitHub") + versionString := normalizedVersion(version.NetbirdVersion()) s.mVersionUI = s.mAbout.AddSubMenuItem(fmt.Sprintf("GUI: %s", versionString), fmt.Sprintf("GUI Version: %s", versionString)) s.mVersionUI.Disable() @@ -615,11 +640,11 @@ func (s *serviceClient) onTrayReady() { s.mVersionDaemon.Disable() s.mVersionDaemon.Hide() - s.mUpdate = s.mAbout.AddSubMenuItem("Download latest version", "Download latest version") + s.mUpdate = s.mAbout.AddSubMenuItem("Download latest version", latestVersionMenuDescr) s.mUpdate.Hide() systray.AddSeparator() - s.mQuit = systray.AddMenuItem("Quit", "Quit the client app") + s.mQuit = systray.AddMenuItem("Quit", quitMenuDescr) // update exit node menu in case service is already connected go s.updateExitNodes() @@ -717,6 +742,11 @@ func (s *serviceClient) onTrayReady() { case <-s.mQuit.ClickedCh: systray.Quit() return + case <-s.mGitHub.ClickedCh: + err := openURL("https://github.com/netbirdio/netbird") + if err != nil { + log.Errorf("%s", err) + } case <-s.mUpdate.ClickedCh: err := openURL(version.DownloadUrl()) if err != nil { diff --git a/client/ui/const.go b/client/ui/const.go new file mode 100644 index 000000000..0253750d1 --- /dev/null +++ b/client/ui/const.go @@ -0,0 +1,15 @@ +package main + +const ( + settingsMenuDescr = "Settings of the application" + allowSSHMenuDescr = "Allow SSH connections" + autoConnectMenuDescr = "Connect automatically when the service starts" + quantumResistanceMenuDescr = "Enable post-quantum security via Rosenpass" + notificationsMenuDescr = "Enable notifications" + advancedSettingsMenuDescr = "Advanced settings of the application" + debugBundleMenuDescr = "Create and open debug information bundle" + exitNodeMenuDescr = "Select exit node for routing traffic" + networksMenuDescr = "Open the networks management window" + latestVersionMenuDescr = "Download latest version" + quitMenuDescr = "Quit the client app" +) diff --git a/client/ui/icons.go b/client/ui/icons.go index 6f3a9dbc9..e88fb9378 100644 --- a/client/ui/icons.go +++ b/client/ui/icons.go @@ -6,38 +6,38 @@ import ( _ "embed" ) -//go:embed netbird.png +//go:embed assets/netbird.png var iconAbout []byte -//go:embed netbird-systemtray-connected.png +//go:embed assets/netbird-systemtray-connected.png var iconConnected []byte -//go:embed netbird-systemtray-connected-dark.png +//go:embed assets/netbird-systemtray-connected-dark.png var iconConnectedDark []byte -//go:embed netbird-systemtray-disconnected.png +//go:embed assets/netbird-systemtray-disconnected.png var iconDisconnected []byte -//go:embed netbird-systemtray-update-disconnected.png +//go:embed assets/netbird-systemtray-update-disconnected.png var iconUpdateDisconnected []byte -//go:embed netbird-systemtray-update-disconnected-dark.png +//go:embed assets/netbird-systemtray-update-disconnected-dark.png var iconUpdateDisconnectedDark []byte -//go:embed netbird-systemtray-update-connected.png +//go:embed assets/netbird-systemtray-update-connected.png var iconUpdateConnected []byte -//go:embed netbird-systemtray-update-connected-dark.png +//go:embed assets/netbird-systemtray-update-connected-dark.png var iconUpdateConnectedDark []byte -//go:embed netbird-systemtray-connecting.png +//go:embed assets/netbird-systemtray-connecting.png var iconConnecting []byte -//go:embed netbird-systemtray-connecting-dark.png +//go:embed assets/netbird-systemtray-connecting-dark.png var iconConnectingDark []byte -//go:embed netbird-systemtray-error.png +//go:embed assets/netbird-systemtray-error.png var iconError []byte -//go:embed netbird-systemtray-error-dark.png +//go:embed assets/netbird-systemtray-error-dark.png var iconErrorDark []byte diff --git a/client/ui/icons_windows.go b/client/ui/icons_windows.go index a2a924763..2107d3852 100644 --- a/client/ui/icons_windows.go +++ b/client/ui/icons_windows.go @@ -1,41 +1,41 @@ package main import ( - _ "embed" + _ "embed" ) -//go:embed netbird.ico +//go:embed assets/netbird.ico var iconAbout []byte -//go:embed netbird-systemtray-connected.ico +//go:embed assets/netbird-systemtray-connected.ico var iconConnected []byte -//go:embed netbird-systemtray-connected-dark.ico +//go:embed assets/netbird-systemtray-connected-dark.ico var iconConnectedDark []byte -//go:embed netbird-systemtray-disconnected.ico +//go:embed assets/netbird-systemtray-disconnected.ico var iconDisconnected []byte -//go:embed netbird-systemtray-update-disconnected.ico +//go:embed assets/netbird-systemtray-update-disconnected.ico var iconUpdateDisconnected []byte -//go:embed netbird-systemtray-update-disconnected-dark.ico +//go:embed assets/netbird-systemtray-update-disconnected-dark.ico var iconUpdateDisconnectedDark []byte -//go:embed netbird-systemtray-update-connected.ico +//go:embed assets/netbird-systemtray-update-connected.ico var iconUpdateConnected []byte -//go:embed netbird-systemtray-update-connected-dark.ico +//go:embed assets/netbird-systemtray-update-connected-dark.ico var iconUpdateConnectedDark []byte -//go:embed netbird-systemtray-connecting.ico +//go:embed assets/netbird-systemtray-connecting.ico var iconConnecting []byte -//go:embed netbird-systemtray-connecting-dark.ico +//go:embed assets/netbird-systemtray-connecting-dark.ico var iconConnectingDark []byte -//go:embed netbird-systemtray-error.ico +//go:embed assets/netbird-systemtray-error.ico var iconError []byte -//go:embed netbird-systemtray-error-dark.ico +//go:embed assets/netbird-systemtray-error-dark.ico var iconErrorDark []byte diff --git a/client/ui/network.go b/client/ui/network.go index 750788cf3..b21554f09 100644 --- a/client/ui/network.go +++ b/client/ui/network.go @@ -363,7 +363,7 @@ func (s *serviceClient) recreateExitNodeMenu(exitNodes []*proto.Network) { if runtime.GOOS == "linux" || runtime.GOOS == "freebsd" { s.mExitNode.Remove() - s.mExitNode = systray.AddMenuItem("Exit Node", "Select exit node for routing traffic") + s.mExitNode = systray.AddMenuItem("Exit Node", exitNodeMenuDescr) } for _, node := range exitNodes { diff --git a/client/ui/process.go b/client/ui/process/process.go similarity index 90% rename from client/ui/process.go rename to client/ui/process/process.go index bcb3dd879..f9a8a4fe9 100644 --- a/client/ui/process.go +++ b/client/ui/process/process.go @@ -1,4 +1,4 @@ -package main +package process import ( "os" @@ -8,7 +8,7 @@ import ( "github.com/shirou/gopsutil/v3/process" ) -func isAnotherProcessRunning() (bool, error) { +func IsAnotherProcessRunning() (bool, error) { processes, err := process.Processes() if err != nil { return false, err diff --git a/client/ui/process_nonwindows.go b/client/ui/process/process_nonwindows.go similarity index 96% rename from client/ui/process_nonwindows.go rename to client/ui/process/process_nonwindows.go index 0d17be2be..cf9f6443d 100644 --- a/client/ui/process_nonwindows.go +++ b/client/ui/process/process_nonwindows.go @@ -1,6 +1,6 @@ //go:build !windows -package main +package process import ( "os" diff --git a/client/ui/process_windows.go b/client/ui/process/process_windows.go similarity index 96% rename from client/ui/process_windows.go rename to client/ui/process/process_windows.go index b15b0ed24..2d211d1a4 100644 --- a/client/ui/process_windows.go +++ b/client/ui/process/process_windows.go @@ -1,4 +1,4 @@ -package main +package process import ( "os/user" diff --git a/formatter/formatter.go b/formatter/formatter.go deleted file mode 100644 index 74de38603..000000000 --- a/formatter/formatter.go +++ /dev/null @@ -1,83 +0,0 @@ -package formatter - -import ( - "fmt" - "strings" - "time" - - "github.com/sirupsen/logrus" -) - -// TextFormatter formats logs into text with included source code's path -type TextFormatter struct { - timestampFormat string - levelDesc []string -} - -// SyslogFormatter formats logs into text -type SyslogFormatter struct { - levelDesc []string -} - -var validLevelDesc = []string{"PANC", "FATL", "ERRO", "WARN", "INFO", "DEBG", "TRAC"} - - -// NewTextFormatter create new MyTextFormatter instance -func NewTextFormatter() *TextFormatter { - return &TextFormatter{ - levelDesc: validLevelDesc, - timestampFormat: time.RFC3339, // or RFC3339 - } -} - -// NewSyslogFormatter create new MySyslogFormatter instance -func NewSyslogFormatter() *SyslogFormatter { - return &SyslogFormatter{ - levelDesc: validLevelDesc, - } -} - -// Format renders a single log entry -func (f *TextFormatter) Format(entry *logrus.Entry) ([]byte, error) { - var fields string - keys := make([]string, 0, len(entry.Data)) - for k, v := range entry.Data { - if k == "source" { - continue - } - keys = append(keys, fmt.Sprintf("%s: %v", k, v)) - } - - if len(keys) > 0 { - fields = fmt.Sprintf("[%s] ", strings.Join(keys, ", ")) - } - - level := f.parseLevel(entry.Level) - - return []byte(fmt.Sprintf("%s %s %s%s: %s\n", entry.Time.Format(f.timestampFormat), level, fields, entry.Data["source"], entry.Message)), nil -} - -func (f *TextFormatter) parseLevel(level logrus.Level) string { - if len(f.levelDesc) < int(level) { - return "" - } - - return f.levelDesc[level] -} - -// Format renders a single log entry -func (f *SyslogFormatter) Format(entry *logrus.Entry) ([]byte, error) { - var fields string - keys := make([]string, 0, len(entry.Data)) - for k, v := range entry.Data { - if k == "source" { - continue - } - keys = append(keys, fmt.Sprintf("%s: %v", k, v)) - } - - if len(keys) > 0 { - fields = fmt.Sprintf("[%s] ", strings.Join(keys, ", ")) - } - return []byte(fmt.Sprintf("%s%s\n", fields, entry.Message)), nil -} diff --git a/formatter/hook/additional_empty.go b/formatter/hook/additional_empty.go new file mode 100644 index 000000000..4f5069482 --- /dev/null +++ b/formatter/hook/additional_empty.go @@ -0,0 +1,9 @@ +//go:build !loggoroutine + +package hook + +import log "github.com/sirupsen/logrus" + +func additionalEntries(_ *log.Entry) { + // This function is empty and is used to demonstrate the use of additional hooks. +} diff --git a/formatter/hook/additional_goroutine.go b/formatter/hook/additional_goroutine.go new file mode 100644 index 000000000..fb4e09f47 --- /dev/null +++ b/formatter/hook/additional_goroutine.go @@ -0,0 +1,12 @@ +//go:build loggoroutine + +package hook + +import ( + "github.com/petermattis/goid" + log "github.com/sirupsen/logrus" +) + +func additionalEntries(entry *log.Entry) { + entry.Data[EntryKeyGoroutineID] = goid.Get() +} diff --git a/formatter/hook.go b/formatter/hook/hook.go similarity index 96% rename from formatter/hook.go rename to formatter/hook/hook.go index 12f27e67d..1b6ceccc9 100644 --- a/formatter/hook.go +++ b/formatter/hook/hook.go @@ -1,4 +1,4 @@ -package formatter +package hook import ( "fmt" @@ -41,7 +41,8 @@ func (hook ContextHook) Levels() []logrus.Level { // Fire extend with the source information the entry.Data func (hook ContextHook) Fire(entry *logrus.Entry) error { src := hook.parseSrc(entry.Caller.File) - entry.Data["source"] = fmt.Sprintf("%s:%v", src, entry.Caller.Line) + entry.Data[EntryKeySource] = fmt.Sprintf("%s:%v", src, entry.Caller.Line) + additionalEntries(entry) if entry.Context == nil { return nil diff --git a/formatter/hook_test.go b/formatter/hook/hook_test.go similarity index 98% rename from formatter/hook_test.go rename to formatter/hook/hook_test.go index a4bcb0284..802163244 100644 --- a/formatter/hook_test.go +++ b/formatter/hook/hook_test.go @@ -1,4 +1,4 @@ -package formatter +package hook import ( "testing" diff --git a/formatter/hook/keys.go b/formatter/hook/keys.go new file mode 100644 index 000000000..09781a88b --- /dev/null +++ b/formatter/hook/keys.go @@ -0,0 +1,6 @@ +package hook + +const ( + EntryKeySource = "source" + EntryKeyGoroutineID = "goroutine_id" +) diff --git a/formatter/levels/levels.go b/formatter/levels/levels.go new file mode 100644 index 000000000..41ae80db3 --- /dev/null +++ b/formatter/levels/levels.go @@ -0,0 +1,3 @@ +package levels + +var ValidLevelDesc = []string{"PANC", "FATL", "ERRO", "WARN", "INFO", "DEBG", "TRAC"} diff --git a/formatter/logcat.go b/formatter/logcat/logcat.go similarity index 63% rename from formatter/logcat.go rename to formatter/logcat/logcat.go index e8f606229..c561d3283 100644 --- a/formatter/logcat.go +++ b/formatter/logcat/logcat.go @@ -1,26 +1,28 @@ -package formatter +package logcat import ( "fmt" "strings" "github.com/sirupsen/logrus" + + "github.com/netbirdio/netbird/formatter/levels" ) -// LogcatFormatter formats logs into text what is fit for logcat -type LogcatFormatter struct { +// Formatter formats logs into text what is fit for logcat +type Formatter struct { levelDesc []string } // NewLogcatFormatter create new LogcatFormatter instance -func NewLogcatFormatter() *LogcatFormatter { - return &LogcatFormatter{ - levelDesc: []string{"PANC", "FATL", "ERRO", "WARN", "INFO", "DEBG", "TRAC"}, +func NewLogcatFormatter() *Formatter { + return &Formatter{ + levelDesc: levels.ValidLevelDesc, } } // Format renders a single log entry -func (f *LogcatFormatter) Format(entry *logrus.Entry) ([]byte, error) { +func (f *Formatter) Format(entry *logrus.Entry) ([]byte, error) { var fields string keys := make([]string, 0, len(entry.Data)) for k, v := range entry.Data { @@ -39,7 +41,7 @@ func (f *LogcatFormatter) Format(entry *logrus.Entry) ([]byte, error) { return []byte(fmt.Sprintf("[%s] %s%s %s\n", level, fields, entry.Data["source"], entry.Message)), nil } -func (f *LogcatFormatter) parseLevel(level logrus.Level) string { +func (f *Formatter) parseLevel(level logrus.Level) string { if len(f.levelDesc) < int(level) { return "" } diff --git a/formatter/logcat_test.go b/formatter/logcat/logcat_test.go similarity index 97% rename from formatter/logcat_test.go rename to formatter/logcat/logcat_test.go index 45ba5bc46..fd4d92881 100644 --- a/formatter/logcat_test.go +++ b/formatter/logcat/logcat_test.go @@ -1,4 +1,4 @@ -package formatter +package logcat import ( "testing" @@ -25,4 +25,5 @@ func TestLogcatMessageFormat(t *testing.T) { if parsedString != expectedString && parsedString != expectedStringVariant { t.Errorf("The log messages don't match. Expected: '%s', got: '%s'", expectedString, parsedString) } + } diff --git a/formatter/set.go b/formatter/set.go index 9dfea5a7f..a609e7b48 100644 --- a/formatter/set.go +++ b/formatter/set.go @@ -2,31 +2,37 @@ package formatter import ( "github.com/sirupsen/logrus" + + "github.com/netbirdio/netbird/formatter/hook" + "github.com/netbirdio/netbird/formatter/logcat" + "github.com/netbirdio/netbird/formatter/syslog" + "github.com/netbirdio/netbird/formatter/txt" ) // SetTextFormatter set the text formatter for given logger. func SetTextFormatter(logger *logrus.Logger) { - logger.Formatter = NewTextFormatter() + logger.Formatter = txt.NewTextFormatter() logger.ReportCaller = true - logger.AddHook(NewContextHook()) + logger.AddHook(hook.NewContextHook()) } + // SetSyslogFormatter set the text formatter for given logger. func SetSyslogFormatter(logger *logrus.Logger) { - logger.Formatter = NewSyslogFormatter() + logger.Formatter = syslog.NewSyslogFormatter() logger.ReportCaller = true - logger.AddHook(NewContextHook()) + logger.AddHook(hook.NewContextHook()) } // SetJSONFormatter set the JSON formatter for given logger. func SetJSONFormatter(logger *logrus.Logger) { logger.Formatter = &logrus.JSONFormatter{} logger.ReportCaller = true - logger.AddHook(NewContextHook()) + logger.AddHook(hook.NewContextHook()) } // SetLogcatFormatter set the logcat formatter for given logger. func SetLogcatFormatter(logger *logrus.Logger) { - logger.Formatter = NewLogcatFormatter() + logger.Formatter = logcat.NewLogcatFormatter() logger.ReportCaller = true - logger.AddHook(NewContextHook()) + logger.AddHook(hook.NewContextHook()) } diff --git a/formatter/syslog/formatter.go b/formatter/syslog/formatter.go new file mode 100644 index 000000000..e72c30347 --- /dev/null +++ b/formatter/syslog/formatter.go @@ -0,0 +1,39 @@ +package syslog + +import ( + "fmt" + "strings" + + "github.com/sirupsen/logrus" + + "github.com/netbirdio/netbird/formatter/levels" +) + +// Formatter formats logs into text +type Formatter struct { + levelDesc []string +} + +// NewSyslogFormatter create new MySyslogFormatter instance +func NewSyslogFormatter() *Formatter { + return &Formatter{ + levelDesc: levels.ValidLevelDesc, + } +} + +// Format renders a single log entry +func (f *Formatter) Format(entry *logrus.Entry) ([]byte, error) { + var fields string + keys := make([]string, 0, len(entry.Data)) + for k, v := range entry.Data { + if k == "source" { + continue + } + keys = append(keys, fmt.Sprintf("%s: %v", k, v)) + } + + if len(keys) > 0 { + fields = fmt.Sprintf("[%s] ", strings.Join(keys, ", ")) + } + return []byte(fmt.Sprintf("%s%s\n", fields, entry.Message)), nil +} diff --git a/formatter/syslog/formatter_test.go b/formatter/syslog/formatter_test.go new file mode 100644 index 000000000..110a3390b --- /dev/null +++ b/formatter/syslog/formatter_test.go @@ -0,0 +1,26 @@ +package syslog + +import ( + "testing" + "time" + + "github.com/sirupsen/logrus" + "github.com/stretchr/testify/assert" +) + +func TestLogSyslogFormat(t *testing.T) { + + someEntry := &logrus.Entry{ + Data: logrus.Fields{"att1": 1, "att2": 2, "source": "some/fancy/path.go:46"}, + Time: time.Date(2021, time.Month(2), 21, 1, 10, 30, 0, time.UTC), + Level: 3, + Message: "Some Message", + } + + formatter := NewSyslogFormatter() + result, _ := formatter.Format(someEntry) + + parsedString := string(result) + expectedString := "^\\[(att1: 1, att2: 2|att2: 2, att1: 1)\\] Some Message\\s+$" + assert.Regexp(t, expectedString, parsedString) +} diff --git a/formatter/txt/format.go b/formatter/txt/format.go new file mode 100644 index 000000000..a88c41044 --- /dev/null +++ b/formatter/txt/format.go @@ -0,0 +1,31 @@ +//go:build !loggoroutine + +package txt + +import ( + "fmt" + "strings" + + "github.com/sirupsen/logrus" + + "github.com/netbirdio/netbird/formatter/hook" +) + +func (f *TextFormatter) Format(entry *logrus.Entry) ([]byte, error) { + var fields string + keys := make([]string, 0, len(entry.Data)) + for k, v := range entry.Data { + if k == hook.EntryKeySource { + continue + } + keys = append(keys, fmt.Sprintf("%s: %v", k, v)) + } + + if len(keys) > 0 { + fields = fmt.Sprintf("[%s] ", strings.Join(keys, ", ")) + } + + level := f.parseLevel(entry.Level) + + return []byte(fmt.Sprintf("%s %s %s%s: %s\n", entry.Time.Format(f.timestampFormat), level, fields, entry.Data[hook.EntryKeySource], entry.Message)), nil +} diff --git a/formatter/txt/format_gorutines.go b/formatter/txt/format_gorutines.go new file mode 100644 index 000000000..a39aee633 --- /dev/null +++ b/formatter/txt/format_gorutines.go @@ -0,0 +1,35 @@ +//go:build loggoroutine + +package txt + +import ( + "fmt" + "strings" + + "github.com/sirupsen/logrus" + + "github.com/netbirdio/netbird/formatter/hook" +) + +func (f *TextFormatter) Format(entry *logrus.Entry) ([]byte, error) { + var fields string + keys := make([]string, 0, len(entry.Data)) + for k, v := range entry.Data { + if k == hook.EntryKeySource { + continue + } + + if k == hook.EntryKeyGoroutineID { + continue + } + keys = append(keys, fmt.Sprintf("%s: %v", k, v)) + } + + if len(keys) > 0 { + fields = fmt.Sprintf("[%s] ", strings.Join(keys, ", ")) + } + + level := f.parseLevel(entry.Level) + + return []byte(fmt.Sprintf("%s %s %d %s%s: %s\n", entry.Time.Format(f.timestampFormat), level, entry.Data[hook.EntryKeyGoroutineID], fields, entry.Data[hook.EntryKeySource], entry.Message)), nil +} diff --git a/formatter/txt/formatter.go b/formatter/txt/formatter.go new file mode 100644 index 000000000..3b2a3fb4d --- /dev/null +++ b/formatter/txt/formatter.go @@ -0,0 +1,31 @@ +package txt + +import ( + "time" + + "github.com/sirupsen/logrus" + + "github.com/netbirdio/netbird/formatter/levels" +) + +// TextFormatter formats logs into text with included source code's path +type TextFormatter struct { + timestampFormat string + levelDesc []string +} + +// NewTextFormatter create new MyTextFormatter instance +func NewTextFormatter() *TextFormatter { + return &TextFormatter{ + levelDesc: levels.ValidLevelDesc, + timestampFormat: time.RFC3339, // or RFC3339 + } +} + +func (f *TextFormatter) parseLevel(level logrus.Level) string { + if len(f.levelDesc) < int(level) { + return "" + } + + return f.levelDesc[level] +} diff --git a/formatter/formatter_test.go b/formatter/txt/formatter_test.go similarity index 55% rename from formatter/formatter_test.go rename to formatter/txt/formatter_test.go index 1ed207958..590af5d50 100644 --- a/formatter/formatter_test.go +++ b/formatter/txt/formatter_test.go @@ -1,4 +1,4 @@ -package formatter +package txt import ( "testing" @@ -24,20 +24,3 @@ func TestLogTextFormat(t *testing.T) { expectedString := "^2021-02-21T01:10:30Z WARN \\[(att1: 1, att2: 2|att2: 2, att1: 1)\\] some/fancy/path.go:46: Some Message\\s+$" assert.Regexp(t, expectedString, parsedString) } - -func TestLogSyslogFormat(t *testing.T) { - - someEntry := &logrus.Entry{ - Data: logrus.Fields{"att1": 1, "att2": 2, "source": "some/fancy/path.go:46"}, - Time: time.Date(2021, time.Month(2), 21, 1, 10, 30, 0, time.UTC), - Level: 3, - Message: "Some Message", - } - - formatter := NewSyslogFormatter() - result, _ := formatter.Format(someEntry) - - parsedString := string(result) - expectedString := "^\\[(att1: 1, att2: 2|att2: 2, att1: 1)\\] Some Message\\s+$" - assert.Regexp(t, expectedString, parsedString) -} diff --git a/go.mod b/go.mod index 62461adc9..9c7e808af 100644 --- a/go.mod +++ b/go.mod @@ -19,8 +19,8 @@ require ( github.com/spf13/cobra v1.7.0 github.com/spf13/pflag v1.0.5 github.com/vishvananda/netlink v1.2.1-beta.2 - golang.org/x/crypto v0.35.0 - golang.org/x/sys v0.30.0 + golang.org/x/crypto v0.36.0 + golang.org/x/sys v0.31.0 golang.zx2c4.com/wireguard v0.0.0-20230704135630-469159ecf7d1 golang.zx2c4.com/wireguard/wgctrl v0.0.0-20230429144221-925a1e7659e6 golang.zx2c4.com/wireguard/windows v0.5.3 @@ -60,11 +60,12 @@ require ( github.com/miekg/dns v1.1.59 github.com/mitchellh/hashstructure/v2 v2.0.2 github.com/nadoo/ipset v0.5.0 - github.com/netbirdio/management-integrations/integrations v0.0.0-20250226165736-0ac3dc443266 + github.com/netbirdio/management-integrations/integrations v0.0.0-20250310094048-24724cc8c9c3 github.com/netbirdio/signal-dispatcher/dispatcher v0.0.0-20241010133937-e0df50df217d github.com/okta/okta-sdk-golang/v2 v2.18.0 github.com/oschwald/maxminddb-golang v1.12.0 github.com/patrickmn/go-cache v2.1.0+incompatible + github.com/petermattis/goid v0.0.0-20250303134427-723919f7f203 github.com/pion/logging v0.2.2 github.com/pion/randutil v0.1.0 github.com/pion/stun/v2 v2.0.0 @@ -96,8 +97,8 @@ require ( golang.org/x/mobile v0.0.0-20231127183840-76ac6878050a golang.org/x/net v0.33.0 golang.org/x/oauth2 v0.19.0 - golang.org/x/sync v0.11.0 - golang.org/x/term v0.29.0 + golang.org/x/sync v0.12.0 + golang.org/x/term v0.30.0 google.golang.org/api v0.177.0 gopkg.in/yaml.v3 v3.0.1 gorm.io/driver/mysql v1.5.7 @@ -231,7 +232,7 @@ require ( go.uber.org/multierr v1.11.0 // indirect golang.org/x/image v0.18.0 // indirect golang.org/x/mod v0.17.0 // indirect - golang.org/x/text v0.22.0 // indirect + golang.org/x/text v0.23.0 // indirect golang.org/x/time v0.5.0 // indirect golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect diff --git a/go.sum b/go.sum index bd01a035a..75766027d 100644 --- a/go.sum +++ b/go.sum @@ -529,8 +529,8 @@ github.com/netbirdio/go-netroute v0.0.0-20240611143515-f59b0e1d3944 h1:TDtJKmM6S github.com/netbirdio/go-netroute v0.0.0-20240611143515-f59b0e1d3944/go.mod h1:sHA6TRxjQ6RLbnI+3R4DZo2Eseg/iKiPRfNmcuNySVQ= github.com/netbirdio/ice/v3 v3.0.0-20240315174635-e72a50fcb64e h1:PURA50S8u4mF6RrkYYCAvvPCixhqqEiEy3Ej6avh04c= github.com/netbirdio/ice/v3 v3.0.0-20240315174635-e72a50fcb64e/go.mod h1:YMLU7qbKfVjmEv7EoZPIVEI+kNYxWCdPK3VS0BU+U4Q= -github.com/netbirdio/management-integrations/integrations v0.0.0-20250226165736-0ac3dc443266 h1:z7yibtn9dqDpT/UhLYY5bF4ELK5H06d4iaUoteRCfwE= -github.com/netbirdio/management-integrations/integrations v0.0.0-20250226165736-0ac3dc443266/go.mod h1:smsjbLWt5BUYXRKFwbBvUvembwYYXxryY+EHXKnG5KQ= +github.com/netbirdio/management-integrations/integrations v0.0.0-20250310094048-24724cc8c9c3 h1:+DNgrPvpdNZR/UiyFQ7fb8weENmy7rB5S54zIoTPhYE= +github.com/netbirdio/management-integrations/integrations v0.0.0-20250310094048-24724cc8c9c3/go.mod h1:NZ63GQu65YcqarxJxY9p05ukZY16sEmcW9O3GX92T/A= github.com/netbirdio/service v0.0.0-20240911161631-f62744f42502 h1:3tHlFmhTdX9axERMVN63dqyFqnvuD+EMJHzM7mNGON8= github.com/netbirdio/service v0.0.0-20240911161631-f62744f42502/go.mod h1:CIMRFEJVL+0DS1a3Nx06NaMn4Dz63Ng6O7dl0qH0zVM= github.com/netbirdio/signal-dispatcher/dispatcher v0.0.0-20241010133937-e0df50df217d h1:bRq5TKgC7Iq20pDiuC54yXaWnAVeS5PdGpSokFTlR28= @@ -573,6 +573,8 @@ github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCko github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8= github.com/pelletier/go-toml/v2 v2.0.9 h1:uH2qQXheeefCCkuBBSLi7jCiSmj3VRh2+Goq2N7Xxu0= github.com/pelletier/go-toml/v2 v2.0.9/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc= +github.com/petermattis/goid v0.0.0-20250303134427-723919f7f203 h1:E7Kmf11E4K7B5hDti2K2NqPb1nlYlGYsu02S1JNd/Bs= +github.com/petermattis/goid v0.0.0-20250303134427-723919f7f203/go.mod h1:pxMtw7cyUw6B2bRH0ZBANSPg+AoSud1I1iyJHI69jH4= github.com/pion/dtls/v2 v2.2.7/go.mod h1:8WiMkebSHFD0T+dIU+UeBaoV7kDhOW5oDCzZ7WZ/F9s= github.com/pion/dtls/v2 v2.2.10 h1:u2Axk+FyIR1VFTPurktB+1zoEPGIW3bmyj3LEFrXjAA= github.com/pion/dtls/v2 v2.2.10/go.mod h1:d9SYc9fch0CqK90mRk1dC7AkzzpwJj6u2GU3u+9pqFE= @@ -792,8 +794,8 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE= golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw= golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= -golang.org/x/crypto v0.35.0 h1:b15kiHdrGCHrP6LvwaQ3c03kgNhhiMgvlhxHQhmg2Xs= -golang.org/x/crypto v0.35.0/go.mod h1:dy7dXNW32cAb/6/PRuTNsix8T+vJAqvuIy5Bli/x0YQ= +golang.org/x/crypto v0.36.0 h1:AnAEvhDddvBdpY+uR+MyHmuZzzNqXSe/GvuDeob5L34= +golang.org/x/crypto v0.36.0/go.mod h1:Y4J0ReaxCR1IMaabaSMugxJES1EpwhBHhv2bDHklZvc= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -919,8 +921,8 @@ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w= -golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.12.0 h1:MHc5BpPuC30uJk597Ri8TV3CNZcTLu6B6z4lJy+g6Jw= +golang.org/x/sync v0.12.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -993,8 +995,8 @@ golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= -golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik= +golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= @@ -1002,8 +1004,8 @@ golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU= golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY= -golang.org/x/term v0.29.0 h1:L6pJp37ocefwRRtYPKSWOWzOtWSxVajvz2ldH/xi3iU= -golang.org/x/term v0.29.0/go.mod h1:6bl4lRlvVuDgSf3179VpIxBF0o10JUpXWOnI7nErv7s= +golang.org/x/term v0.30.0 h1:PQ39fJZ+mfadBm0y5WlL4vlM7Sx1Hgf13sMIY2+QS9Y= +golang.org/x/term v0.30.0/go.mod h1:NYYFdzHoI5wRh/h5tDMdMqCqPJZEuNqVR5xJLd/n67g= golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1018,8 +1020,8 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM= -golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY= +golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY= +golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= diff --git a/infrastructure_files/docker-compose.yml.tmpl b/infrastructure_files/docker-compose.yml.tmpl index b7904fb5b..dc491ae23 100644 --- a/infrastructure_files/docker-compose.yml.tmpl +++ b/infrastructure_files/docker-compose.yml.tmpl @@ -1,6 +1,5 @@ -version: "3" services: - #UI dashboard + # UI dashboard dashboard: image: netbirdio/dashboard:$NETBIRD_DASHBOARD_TAG restart: unless-stopped @@ -33,6 +32,7 @@ services: options: max-size: "500m" max-file: "2" + # Signal signal: image: netbirdio/signal:$NETBIRD_SIGNAL_TAG @@ -49,6 +49,7 @@ services: options: max-size: "500m" max-file: "2" + # Relay relay: image: netbirdio/relay:$NETBIRD_RELAY_TAG @@ -115,6 +116,7 @@ services: options: max-size: "500m" max-file: "2" + volumes: $MGMT_VOLUMENAME: $SIGNAL_VOLUMENAME: diff --git a/infrastructure_files/docker-compose.yml.tmpl.traefik b/infrastructure_files/docker-compose.yml.tmpl.traefik index dcd3f955c..b62d15b7c 100644 --- a/infrastructure_files/docker-compose.yml.tmpl.traefik +++ b/infrastructure_files/docker-compose.yml.tmpl.traefik @@ -1,6 +1,5 @@ -version: "3" services: - #UI dashboard + # UI dashboard dashboard: image: netbirdio/dashboard:$NETBIRD_DASHBOARD_TAG restart: unless-stopped @@ -32,6 +31,11 @@ services: - traefik.enable=true - traefik.http.routers.netbird-dashboard.rule=Host(`$NETBIRD_DOMAIN`) - traefik.http.services.netbird-dashboard.loadbalancer.server.port=80 + logging: + driver: "json-file" + options: + max-size: "500m" + max-file: "2" # Signal signal: @@ -40,15 +44,20 @@ services: volumes: - $SIGNAL_VOLUMENAME:/var/lib/netbird #ports: - # - 10000:80 + # - $NETBIRD_SIGNAL_PORT:80 # # port and command for Let's Encrypt validation # - 443:443 # command: ["--letsencrypt-domain", "$NETBIRD_LETSENCRYPT_DOMAIN", "--log-file", "console"] labels: - traefik.enable=true - traefik.http.routers.netbird-signal.rule=Host(`$NETBIRD_DOMAIN`) && PathPrefix(`/signalexchange.SignalExchange/`) - - traefik.http.services.netbird-signal.loadbalancer.server.port=80 + - traefik.http.services.netbird-signal.loadbalancer.server.port=10000 - traefik.http.services.netbird-signal.loadbalancer.server.scheme=h2c + logging: + driver: "json-file" + options: + max-size: "500m" + max-file: "2" # Relay relay: @@ -60,8 +69,12 @@ services: - NB_EXPOSED_ADDRESS=$NETBIRD_RELAY_DOMAIN:$NETBIRD_RELAY_PORT # todo: change to a secure secret - NB_AUTH_SECRET=$NETBIRD_RELAY_AUTH_SECRET - ports: - - $NETBIRD_RELAY_PORT:$NETBIRD_RELAY_PORT + # ports: + # - $NETBIRD_RELAY_PORT:$NETBIRD_RELAY_PORT + labels: + - traefik.enable=true + - traefik.http.routers.netbird-relay.rule=Host(`$NETBIRD_DOMAIN`) && PathPrefix(`/relay`) + - traefik.http.services.netbird-relay.loadbalancer.server.port=33080 logging: driver: "json-file" options: @@ -87,8 +100,9 @@ services: # # command for Let's Encrypt validation without dashboard container # command: ["--letsencrypt-domain", "$NETBIRD_LETSENCRYPT_DOMAIN", "--log-file", "console"] command: [ - "--port", "443", + "--port", "33073", "--log-file", "console", + "--log-level", "info", "--disable-anonymous-metrics=$NETBIRD_DISABLE_ANONYMOUS_METRICS", "--single-account-mode-domain=$NETBIRD_MGMT_SINGLE_ACCOUNT_MODE_DOMAIN", "--dns-domain=$NETBIRD_MGMT_DNS_DOMAIN" @@ -97,12 +111,17 @@ services: - traefik.enable=true - traefik.http.routers.netbird-api.rule=Host(`$NETBIRD_DOMAIN`) && PathPrefix(`/api`) - traefik.http.routers.netbird-api.service=netbird-api - - traefik.http.services.netbird-api.loadbalancer.server.port=443 + - traefik.http.services.netbird-api.loadbalancer.server.port=33073 - traefik.http.routers.netbird-management.rule=Host(`$NETBIRD_DOMAIN`) && PathPrefix(`/management.ManagementService/`) - traefik.http.routers.netbird-management.service=netbird-management - - traefik.http.services.netbird-management.loadbalancer.server.port=443 + - traefik.http.services.netbird-management.loadbalancer.server.port=33073 - traefik.http.services.netbird-management.loadbalancer.server.scheme=h2c + logging: + driver: "json-file" + options: + max-size: "500m" + max-file: "2" environment: - NETBIRD_STORE_ENGINE_POSTGRES_DSN=$NETBIRD_STORE_ENGINE_POSTGRES_DSN - NETBIRD_STORE_ENGINE_MYSQL_DSN=$NETBIRD_STORE_ENGINE_MYSQL_DSN @@ -119,6 +138,11 @@ services: network_mode: host command: - -c /etc/turnserver.conf + logging: + driver: "json-file" + options: + max-size: "500m" + max-file: "2" volumes: $MGMT_VOLUMENAME: diff --git a/infrastructure_files/observability/grafana/dashboards/.gitignore b/infrastructure_files/observability/grafana/dashboards/.gitignore new file mode 100644 index 000000000..e89fdc9ac --- /dev/null +++ b/infrastructure_files/observability/grafana/dashboards/.gitignore @@ -0,0 +1,2 @@ +# Some files eg. management.json are being ignored by root .gitignore. Need to un-ignore all json dashboards here. +!*.json \ No newline at end of file diff --git a/infrastructure_files/observability/grafana/dashboards/management.json b/infrastructure_files/observability/grafana/dashboards/management.json new file mode 100644 index 000000000..95983603f --- /dev/null +++ b/infrastructure_files/observability/grafana/dashboards/management.json @@ -0,0 +1,3569 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 1, + "id": 82, + "links": [], + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Number of active peer streams connected to the gRPC server", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 2, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "blue", + "value": null + }, + { + "color": "red", + "value": 0 + }, + { + "color": "#EAB839", + "value": 8000 + }, + { + "color": "green", + "value": 11000 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 14, + "options": { + "colorMode": "background", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "percentChangeColorMode": "standard", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showPercentChange": true, + "textMode": "auto", + "wideLayout": true + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "exemplar": false, + "expr": "management_grpc_connected_streams_ratio{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}", + "format": "time_series", + "fullMetaSearch": false, + "includeNullMetadata": true, + "instant": false, + "legendFormat": "Connected grpc streams", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "Connected peers", + "type": "stat" + }, + { + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 4 + }, + "id": 59, + "title": "Core metrics / Peers", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Number of active peer streams connected to the gRPC server over time", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 5 + }, + "id": 60, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "management_grpc_connected_streams_ratio{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}", + "instant": false, + "legendFormat": "{{cluster}}/{{environment}}/{{job}}/{{host}}", + "range": true, + "refId": "A" + } + ], + "title": "Connected peers count", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Rate of updates with new meta data from the peer.\n\nConstant high numbers of meta updates indicate a version with an issue. This can generate an issue on larger deployments since it will trigger an account-wide network map update.", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 5 + }, + "id": 61, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "rate(management_account_peer_meta_update_counter_ratio_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])", + "instant": false, + "legendFormat": "{{cluster}}/{{environment}}/{{job}}", + "range": true, + "refId": "A" + } + ], + "title": "Peer metadata updates rate", + "type": "timeseries" + }, + { + "collapsed": true, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 13 + }, + "id": 34, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Duration of calculating the peer network map that is sent to the clients.", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 0, + "y": 14 + }, + "id": 18, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.5,sum(increase(management_account_get_peer_network_map_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "p50", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.9,sum(increase(management_account_get_peer_network_map_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": true, + "legendFormat": "p90", + "range": true, + "refId": "B", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.99,sum(increase(management_account_get_peer_network_map_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": true, + "legendFormat": "p99", + "range": true, + "refId": "C", + "useBackend": false + } + ], + "title": "GetPeerNetworkMap Latency", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Duration of triggering the account peers update and preparing the required data for the network map being sent to the clients.\n", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 12, + "y": 14 + }, + "id": 40, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.5,sum(increase(management_account_update_account_peers_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "p50", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.9,sum(increase(management_account_update_account_peers_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": true, + "legendFormat": "p90", + "range": true, + "refId": "B", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.99,sum(increase(management_account_update_account_peers_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": true, + "legendFormat": "p99", + "range": true, + "refId": "C", + "useBackend": false + } + ], + "title": "UpdateAccountPeers Latency", + "type": "timeseries" + } + ], + "title": "Core metrics / Network map", + "type": "row" + }, + { + "collapsed": true, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 14 + }, + "id": 39, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Number of update messages piling up in the update channel queue.\n\nA high queue number indicates either a network issue or a high number of account updates.", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 0, + "y": 15 + }, + "id": 56, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.5,sum(increase(management_grpc_updatechannel_queue_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "p50", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.9,sum(increase(management_grpc_updatechannel_queue_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": true, + "legendFormat": "p90", + "range": true, + "refId": "B", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.99,sum(increase(management_grpc_updatechannel_queue_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": true, + "legendFormat": "p99", + "range": true, + "refId": "C", + "useBackend": false + } + ], + "title": "updatechannel queue length", + "type": "timeseries" + } + ], + "title": "Core metrics / updatechannel", + "type": "row" + }, + { + "collapsed": true, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 15 + }, + "id": 38, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Duration of how long it takes to save or delete an account in the store\n\nWill let you know if the DB is not keeping up with the requests coming from management", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 16 + }, + "id": 41, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.50, sum(rate(management_store_persistence_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le))", + "instant": false, + "legendFormat": "p50", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.90, sum(rate(management_store_persistence_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p90", + "range": true, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.99, sum(rate(management_store_persistence_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p99", + "range": true, + "refId": "C" + } + ], + "title": "Database persistence latency", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Duration of how long it takes to execute a transaction in the store\n\nWill let you know if the DB is not keeping up with the requests coming from management", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 16 + }, + "id": 42, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.50, sum(rate(management_store_transaction_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le))", + "instant": false, + "legendFormat": "p50", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.90, sum(rate(management_store_transaction_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p90", + "range": true, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.99, sum(rate(management_store_transaction_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p99", + "range": true, + "refId": "C" + } + ], + "title": "Database transaction latency", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Duration of how long a process holds the acquired global lock in the store", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 24 + }, + "id": 58, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.50, sum(rate(management_store_global_lock_acquisition_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le))", + "instant": false, + "legendFormat": "p50", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.90, sum(rate(management_store_global_lock_acquisition_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p90", + "range": true, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.99, sum(rate(management_store_global_lock_acquisition_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p99", + "range": true, + "refId": "C" + } + ], + "title": "Global lock duration", + "type": "timeseries" + } + ], + "title": "Core metrics / store persistence", + "type": "row" + }, + { + "collapsed": true, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 16 + }, + "id": 37, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "A high number for a long period might indicate an inconsistency between the number of local users and IdP", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "reqps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 17 + }, + "id": 47, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "rate(management_idp_authenticate_request_counter_ratio_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])", + "instant": false, + "legendFormat": "{{cluster}}/{{environment}}/{{job}}", + "range": true, + "refId": "A" + } + ], + "title": "IdP authenticate request rate ", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "A high number for a long period might indicate an inconsistency between the number of local users and IdP", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "reqps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 17 + }, + "id": 48, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "rate(management_idp_get_account_counter_ratio_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])", + "instant": false, + "legendFormat": "{{cluster}}/{{environment}}/{{job}}", + "range": true, + "refId": "A" + } + ], + "title": "IdP get_account request rate ", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "reqpm" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 25 + }, + "id": 49, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "rate(management_idp_update_user_meta_counter_ratio_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])", + "instant": false, + "legendFormat": "{{cluster}}/{{environment}}/{{job}}", + "range": true, + "refId": "A" + } + ], + "title": "IdP update_user_meta request rate ", + "type": "timeseries" + } + ], + "title": "Core metrics / IdP", + "type": "row" + }, + { + "collapsed": true, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 17 + }, + "id": 36, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "reqps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 18 + }, + "id": 50, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(rate(management_http_request_counter_ratio_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\",method=~\"GET|OPTIONS\"}[$__rate_interval])) by (job,method)", + "instant": false, + "legendFormat": "{{method}}", + "range": true, + "refId": "A" + } + ], + "title": "Read request rate (GET, OPTIONS)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "reqps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 18 + }, + "id": 51, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(rate(management_http_request_counter_ratio_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\",method=~\"POST|PUT|DELETE\"}[$__rate_interval])) by (job,method)", + "instant": false, + "legendFormat": "{{method}}", + "range": true, + "refId": "A" + } + ], + "title": "Write request rate (PUT, POST,DELETE)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Duration of incoming read HTTP requests (GET, OPTIONS)", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 26 + }, + "id": 52, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.50, sum(rate(management_http_request_duration_ms_total_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\",type=~\"read\"}[5m])) by (le))", + "instant": false, + "legendFormat": "p50", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.90, sum(rate(management_http_request_duration_ms_total_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\",type=~\"read\"}[5m])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p90", + "range": true, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.99, sum(rate(management_http_request_duration_ms_total_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\",type=~\"read\"}[5m])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p99", + "range": true, + "refId": "C" + } + ], + "title": "Read request latency (GET, OPTIONS)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Duration of incoming write HTTP requests (PUT, POST,DELETE)", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 26 + }, + "id": 53, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.50, sum(rate(management_http_request_duration_ms_total_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\",type=~\"write\"}[5m])) by (le))", + "instant": false, + "legendFormat": "p50", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.90, sum(rate(management_http_request_duration_ms_total_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\",type=~\"write\"}[5m])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p90", + "range": true, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.99, sum(rate(management_http_request_duration_ms_total_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\",type=~\"write\"}[5m])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p99", + "range": true, + "refId": "C" + } + ], + "title": "Write request latency (PUT, POST,DELETE)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "reqps" + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 24, + "x": 0, + "y": 34 + }, + "id": 54, + "options": { + "legend": { + "calcs": [ + "lastNotNull" + ], + "displayMode": "table", + "placement": "right", + "showLegend": true, + "sortBy": "Last *", + "sortDesc": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(rate(management_http_request_counter_ratio_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (job,exported_endpoint,method)", + "hide": false, + "instant": false, + "legendFormat": "{{method}}-{{exported_endpoint}}", + "range": true, + "refId": "A" + } + ], + "title": "Request rate by endpoint", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 41 + }, + "id": 55, + "options": { + "legend": { + "calcs": [ + "lastNotNull" + ], + "displayMode": "table", + "placement": "right", + "showLegend": true, + "sortBy": "Last *", + "sortDesc": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.90, sum(rate(management_http_request_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[5m])) by (exported_endpoint,method,le))", + "hide": false, + "instant": false, + "legendFormat": "{{method}}-{{exported_endpoint}}", + "range": true, + "refId": "B" + } + ], + "title": "p90 latency by endpoint", + "type": "timeseries" + } + ], + "title": "HTTP metrics", + "type": "row" + }, + { + "collapsed": true, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 18 + }, + "id": 35, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Rate of sync gRPC requests from the peers to establish a connection and receive network map updates (update channel)", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "reqps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 18 + }, + "id": 43, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(rate(management_grpc_sync_request_counter_ratio_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (job)", + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Sync request rate ", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Duration of the sync gRPC requests from the peers to establish a connection and receive network map updates (update channel)\n\nIf those are to high client will probably retry before management is able to respond\n", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 18 + }, + "id": 45, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.50, sum(rate(management_grpc_sync_request_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le))", + "instant": false, + "legendFormat": "p50", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.90, sum(rate(management_grpc_sync_request_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p90", + "range": true, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.99, sum(rate(management_grpc_sync_request_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p99", + "range": true, + "refId": "C" + } + ], + "title": "Sync request latency", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Rate of login gRPC requests from the peers to authenticate and receive initial configuration and relay credentials", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "reqps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 26 + }, + "id": 44, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(rate(management_grpc_login_request_counter_ratio_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (job)", + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Login request rate ", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Duration of the login gRPC requests from the peers to authenticate and receive initial configuration and relay credentials\n\nIf those are to high client will probably retry before management is able to respond\n", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 26 + }, + "id": 46, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.50, sum(rate(management_grpc_login_request_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le))", + "instant": false, + "legendFormat": "p50", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.90, sum(rate(management_grpc_login_request_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p90", + "range": true, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.99, sum(rate(management_grpc_login_request_duration_ms_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p99", + "range": true, + "refId": "C" + } + ], + "title": "Login request latency", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "GetKey gRPC request rate", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "reqps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 34 + }, + "id": 57, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(rate(management_grpc_key_request_counter_ratio_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (job)", + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "GetKey request rate ", + "type": "timeseries" + } + ], + "title": "RPC metrics", + "type": "row" + }, + { + "collapsed": true, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 19 + }, + "id": 21, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "fillOpacity": 69, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineWidth": 1, + "scaleDistribution": { + "type": "linear" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "fieldMinMax": false, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 51 + }, + "id": 11, + "options": { + "barRadius": 0, + "barWidth": 0.97, + "fullHighlight": false, + "groupWidth": 0.7, + "legend": { + "calcs": [ + "lastNotNull", + "min", + "mean", + "max" + ], + "displayMode": "table", + "placement": "bottom", + "showLegend": true, + "sortBy": "Mean", + "sortDesc": true + }, + "orientation": "auto", + "showValue": "auto", + "stacking": "normal", + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + }, + "xTickLabelRotation": 0, + "xTickLabelSpacing": 100 + }, + "pluginVersion": "11.5.0-81732", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "builder", + "expr": "delta(management_updatechannel_close_one_duration_micro_count{application=\"management\", environment=\"$environment\", host=~\"$host\"}[$interval])", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "CloseOne", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "sum(delta(management_updatechannel_send_duration_micro_count{host=\"$host\", environment=\"$environment\"}[$interval]))", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "Send", + "range": true, + "refId": "B", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "sum(delta(management_updatechannel_create_duration_micro_count{host=\"$host\", environment=\"$environment\"}[$interval]))", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "Create", + "range": true, + "refId": "C", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "delta(management_updatechannel_get_all_duration_micro_count{host=\"$host\", environment=\"$environment\"}[$interval])", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "GetAll", + "range": true, + "refId": "D", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "delta(management_updatechannel_haschannel_duration_micro_count{host=\"$host\", environment=\"$environment\"}[$interval])", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "HasChannel", + "range": true, + "refId": "E", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "delta(management_updatechannel_close_multiple_channels_count{host=\"$host\", environment=\"$environment\"}[$interval])", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "CloseMultiple", + "range": true, + "refId": "F", + "useBackend": false + } + ], + "title": "Update Channel operations", + "type": "barchart" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Duration of update channel operations by operation", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": true, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "fieldMinMax": false, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + } + ] + }, + "unit": "µs" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 51 + }, + "id": 13, + "options": { + "legend": { + "calcs": [ + "lastNotNull", + "min", + "mean", + "max" + ], + "displayMode": "table", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.5.0-81732", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "builder", + "expr": "histogram_quantile(0.95, sum by(le) (rate(management_updatechannel_close_one_duration_micro_bucket{application=\"management\", environment=\"$environment\", host=~\"$host\"}[$interval])))", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "CloseOne", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.95, sum by(le) (rate(management_updatechannel_send_duration_micro_bucket{host=\"$host\", environment=\"$environment\"}[$interval])))", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "Send", + "range": true, + "refId": "B", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.95, sum by(le) (rate(management_updatechannel_create_duration_micro_bucket{host=\"$host\", environment=\"$environment\"}[$interval])))", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "Create", + "range": true, + "refId": "C", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.95, sum by(le) (rate(management_updatechannel_get_all_duration_micro_bucket{host=\"$host\", environment=\"$environment\"}[$interval])))", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "GetAll", + "range": true, + "refId": "D", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.95, sum by(le) (rate(management_updatechannel_haschannel_duration_micro_bucket{host=\"$host\", environment=\"$environment\"}[$interval])))", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "CloseMultiple", + "range": true, + "refId": "E", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.95, sum by(le) (rate(management_updatechannel_close_multiple_channels_bucket{host=\"$host\", environment=\"$environment\"}[$interval])))", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "HasChannel", + "range": true, + "refId": "F", + "useBackend": false + } + ], + "title": "Update Channel methods p95 Duration", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Ratio between closed and created update channels", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "axisSoftMax": 100, + "axisSoftMin": 0, + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 32, + "gradientMode": "hue", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": true, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "line" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + } + ] + }, + "unit": "percent" + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "C {__name__=\"management_updatechannel_create_duration_micro_sum\", closed=\"true\", environment=\"production\", host=\"management\", instance=\"localhost:8081\", job=\"prometheus.scrape.local\"}" + }, + "properties": [ + { + "id": "displayName", + "value": "Recreation" + } + ] + } + ] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 59 + }, + "id": 12, + "options": { + "legend": { + "calcs": [ + "lastNotNull", + "min", + "mean", + "max" + ], + "displayMode": "table", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.5.0-81732", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "builder", + "expr": "delta(management_updatechannel_create_duration_micro_count{environment=\"$environment\", closed=\"true\", application=\"management\", host=~\"$host\"}[$interval])", + "fullMetaSearch": false, + "hide": true, + "includeNullMetadata": true, + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "builder", + "expr": "sum by(environment) (delta(management_updatechannel_create_duration_micro_count{environment=\"$environment\", application=\"management\"}[$interval]))", + "fullMetaSearch": false, + "hide": true, + "includeNullMetadata": true, + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "B", + "useBackend": false + }, + { + "datasource": { + "type": "__expr__", + "uid": "${DS_EXPRESSION}" + }, + "expression": "100-$A/$B*100", + "hide": false, + "refId": "Rate", + "type": "math" + } + ], + "title": "Percentage of Recreated channels", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Number of update messages piling up in the update channel queue.\n\nA high queue number indicates either a network issue or a high number of account updates.", + "fieldConfig": { + "defaults": { + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "scaleDistribution": { + "type": "linear" + } + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 59 + }, + "id": 27, + "options": { + "calculate": false, + "cellGap": 1, + "color": { + "exponent": 0.5, + "fill": "dark-orange", + "mode": "scheme", + "reverse": false, + "scale": "exponential", + "scheme": "Greens", + "steps": 73 + }, + "exemplars": { + "color": "rgba(255,0,255,0.7)" + }, + "filterValues": { + "le": 1e-9 + }, + "legend": { + "show": true + }, + "rowsFrame": { + "layout": "auto" + }, + "tooltip": { + "mode": "single", + "showColorScale": false, + "yHistogram": false + }, + "yAxis": { + "axisPlacement": "left", + "axisWidth": 60, + "decimals": 1, + "reverse": false, + "unit": "none" + } + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "builder", + "expr": "sum by(le) (increase(management_grpc_updatechannel_queue_bucket{application=\"management\", environment=\"$environment\", host=~\"$host\"}[$__rate_interval]))", + "format": "heatmap", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "Update Channel heat map", + "type": "heatmap" + } + ], + "title": "General", + "type": "row" + }, + { + "collapsed": true, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 20 + }, + "id": 22, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Duration of triggering the account peers update and preparing the required data for the network map being sent to the clients.\n\nWhen you see a lighter color on a higher timing bucket, your users may experience issues.", + "fieldConfig": { + "defaults": { + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "scaleDistribution": { + "type": "linear" + } + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 23, + "x": 0, + "y": 83 + }, + "id": 20, + "options": { + "calculate": false, + "cellGap": 1, + "color": { + "exponent": 0.5, + "fill": "dark-orange", + "mode": "scheme", + "reverse": false, + "scale": "exponential", + "scheme": "Oranges", + "steps": 64 + }, + "exemplars": { + "color": "rgba(255,0,255,0.7)" + }, + "filterValues": { + "le": 1e-9 + }, + "legend": { + "show": true + }, + "rowsFrame": { + "layout": "auto" + }, + "tooltip": { + "mode": "single", + "showColorScale": false, + "yHistogram": false + }, + "yAxis": { + "axisPlacement": "left", + "axisWidth": 60, + "decimals": 1, + "reverse": false, + "unit": "ms" + } + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "builder", + "expr": "sum by(le) (increase(management_account_update_account_peers_duration_ms_bucket{application=\"management\", environment=\"$environment\", host=~\"$host\"}[$__rate_interval]))", + "format": "heatmap", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "UpdateAccountPeers Latency", + "type": "heatmap" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Number of objects in the network map like peers, routes, firewall rules, etc. that are sent to the clients", + "fieldConfig": { + "defaults": { + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "scaleDistribution": { + "type": "linear" + } + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 23, + "x": 0, + "y": 91 + }, + "id": 19, + "options": { + "calculate": false, + "cellGap": 1, + "color": { + "exponent": 0.5, + "fill": "dark-orange", + "mode": "scheme", + "reverse": false, + "scale": "exponential", + "scheme": "Oranges", + "steps": 64 + }, + "exemplars": { + "color": "rgba(255,0,255,0.7)" + }, + "filterValues": { + "le": 1e-9 + }, + "legend": { + "show": true + }, + "rowsFrame": { + "layout": "auto" + }, + "tooltip": { + "mode": "single", + "showColorScale": false, + "yHistogram": false + }, + "yAxis": { + "axisPlacement": "left", + "axisWidth": 60, + "decimals": 0, + "reverse": false, + "unit": "none" + } + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "builder", + "exemplar": false, + "expr": "sum by(le) (increase(management_account_network_map_object_count_bucket{application=\"management\", environment=\"$environment\", host=~\"$host\"}[$__rate_interval]))", + "format": "heatmap", + "fullMetaSearch": false, + "includeNullMetadata": true, + "instant": false, + "interval": "", + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "NetworkMap Objects", + "type": "heatmap" + } + ], + "title": "Network Map", + "type": "row" + } + ], + "refresh": "", + "schemaVersion": 39, + "tags": [], + "templating": { + "list": [ + { + "current": { + "selected": false, + "text": "Prometheus", + "value": "73c8e14b-5699-4876-b887-4299930521a5" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "queryValue": "", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "current": {}, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(management_grpc_connected_streams_ratio,cluster)", + "hide": 0, + "includeAll": false, + "multi": false, + "name": "cluster", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(management_grpc_connected_streams_ratio,cluster)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "type": "query" + }, + { + "current": { + "selected": false, + "text": "None", + "value": "" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(management_grpc_connected_streams_ratio{cluster=\"$cluster\"},environment)", + "hide": 0, + "includeAll": false, + "multi": false, + "name": "environment", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(management_grpc_connected_streams_ratio{cluster=\"$cluster\"},environment)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "type": "query" + }, + { + "current": { + "selected": false, + "text": "netbird-management", + "value": "netbird-management" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(management_grpc_connected_streams_ratio{cluster=\"$cluster\", environment=\"$environment\"},job)", + "hide": 0, + "includeAll": false, + "multi": false, + "name": "job", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(management_grpc_connected_streams_ratio{cluster=\"$cluster\", environment=\"$environment\"},job)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "type": "query" + }, + { + "current": {}, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(management_grpc_connected_streams_ratio{cluster=\"$cluster\", environment=\"$environment\", job=\"$job\"},host)", + "hide": 0, + "includeAll": false, + "multi": false, + "name": "host", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(management_grpc_connected_streams_ratio{cluster=\"$cluster\", environment=\"$environment\", job=\"$job\"},host)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "type": "query" + } + ] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "browser", + "title": "Netbird / Management", + "uid": "bebypwoziton4b-v4", + "version": 38, + "weekStart": "" +} \ No newline at end of file diff --git a/infrastructure_files/observability/grafana/dashboards/readme.md b/infrastructure_files/observability/grafana/dashboards/readme.md new file mode 100644 index 000000000..3160921a6 --- /dev/null +++ b/infrastructure_files/observability/grafana/dashboards/readme.md @@ -0,0 +1,12 @@ +## Dashboard variables + +1. **datasource**: Select Prometheus server +2. **cluster**: Filter NetBird instances by cluster +3. **environment**: Filter by environment (dev, staging, UAT, prod) +4. **job**: Select target NetBird instance if multiple are running +5. **host**: Filter metrics by host + + +NOTE: +- Your installation may have a subset of these variables. +- The dashboard expects `exported_endpoint` instead of `endpoint` in HTTP request metrics. \ No newline at end of file diff --git a/infrastructure_files/observability/grafana/dashboards/relay.json b/infrastructure_files/observability/grafana/dashboards/relay.json new file mode 100644 index 000000000..b80c59743 --- /dev/null +++ b/infrastructure_files/observability/grafana/dashboards/relay.json @@ -0,0 +1,926 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 1, + "id": 97, + "links": [], + "panels": [ + { + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 24, + "title": "Core metrics", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Number of connected peers by host", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 2, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 5, + "w": 8, + "x": 0, + "y": 1 + }, + "id": 14, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "exemplar": false, + "expr": "relay_peers{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\"}", + "format": "time_series", + "fullMetaSearch": false, + "includeNullMetadata": true, + "instant": false, + "legendFormat": "{{cluster}}/{{environment}}/{{job}}", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "Connected peers", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Number of active connected peers by host\n\nIdeally, this number would stay around 20% of the total connections, indicating that most of the connections are P2P", + "fieldConfig": { + "defaults": { + "color": { + "mode": "continuous-GrYlRd" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 2, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "blue", + "value": null + }, + { + "color": "red", + "value": 0 + }, + { + "color": "#EAB839", + "value": 8000 + }, + { + "color": "green", + "value": 11000 + } + ] + }, + "unit": "short" + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "Idle peers" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "#727374", + "mode": "fixed" + } + } + ] + } + ] + }, + "gridPos": { + "h": 5, + "w": 8, + "x": 8, + "y": 1 + }, + "id": 16, + "options": { + "legend": { + "calcs": [ + "lastNotNull", + "min", + "mean", + "max" + ], + "displayMode": "table", + "placement": "bottom", + "showLegend": true, + "sortBy": "Last *", + "sortDesc": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.5.0-81732", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "relay_peers_active{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\"}", + "format": "time_series", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": true, + "instant": false, + "legendFormat": "{{cluster}}/{{environment}}/{{job}}", + "range": true, + "refId": "B", + "useBackend": false + } + ], + "title": "Active peers", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Number of idle connected peers by host", + "fieldConfig": { + "defaults": { + "color": { + "mode": "continuous-RdYlGr" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 2, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "blue", + "value": null + }, + { + "color": "red", + "value": 0 + }, + { + "color": "#EAB839", + "value": 8000 + }, + { + "color": "green", + "value": 11000 + } + ] + }, + "unit": "short" + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "Idle peers" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "#727374", + "mode": "fixed" + } + } + ] + } + ] + }, + "gridPos": { + "h": 5, + "w": 8, + "x": 16, + "y": 1 + }, + "id": 19, + "options": { + "legend": { + "calcs": [ + "lastNotNull", + "min", + "mean", + "max" + ], + "displayMode": "table", + "placement": "bottom", + "showLegend": true, + "sortBy": "Last *", + "sortDesc": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.5.0-81732", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "relay_peers_idle{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\"}", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": true, + "instant": false, + "legendFormat": "{{cluster}}/{{environment}}/{{job}}", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "Idle peers", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Authentication latency faced by each relay peer", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 6 + }, + "id": 25, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.5,sum(rate(relay_peer_authentication_time_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\"}[$__rate_interval])) by (le))", + "instant": false, + "legendFormat": "p50", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.9,sum(rate(relay_peer_authentication_time_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\"}[$__rate_interval])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p90", + "range": true, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.99,sum(rate(relay_peer_authentication_time_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\"}[$__rate_interval])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p99", + "range": true, + "refId": "C" + } + ], + "title": "Relay peer authentication latency ", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Time taken for storing each peer connection and metadata into in-memory database", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 6 + }, + "id": 26, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.5,sum(rate(relay_peer_store_time_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\"}[$__rate_interval])) by (le))", + "instant": false, + "legendFormat": "p50", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.9,sum(rate(relay_peer_store_time_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\"}[$__rate_interval])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p90", + "range": true, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.99,sum(rate(relay_peer_store_time_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\"}[$__rate_interval])) by (le))", + "hide": false, + "instant": false, + "legendFormat": "p99", + "range": true, + "refId": "C" + } + ], + "title": "Relay peer store latency ", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Total number of bytes sent/received to peers ", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 36, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + }, + "unit": "binBps" + }, + "overrides": [] + }, + "gridPos": { + "h": 6, + "w": 24, + "x": 0, + "y": 14 + }, + "id": 21, + "options": { + "legend": { + "calcs": [ + "lastNotNull", + "min", + "mean", + "max" + ], + "displayMode": "table", + "placement": "bottom", + "showLegend": true, + "sortBy": "Last *", + "sortDesc": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.5.0-81732", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "rate(relay_transfer_sent_bytes_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\"}[$__rate_interval])", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "sent", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "rate(relay_transfer_received_bytes_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\"}[$__rate_interval]) *-1", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": true, + "legendFormat": "received", + "range": true, + "refId": "B", + "useBackend": false + } + ], + "title": "Relay traffic bandwidth", + "type": "timeseries" + } + ], + "refresh": "", + "schemaVersion": 39, + "tags": [], + "templating": { + "list": [ + { + "current": { + "selected": true, + "text": "Prometheus", + "value": "73c8e14b-5699-4876-b887-4299930521a5" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "queryValue": "", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "current": { + "isNone": true, + "selected": false, + "text": "None", + "value": "" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(relay_peers,cluster)", + "hide": 0, + "includeAll": false, + "multi": false, + "name": "cluster", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(relay_peers,cluster)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "type": "query" + }, + { + "current": { + "isNone": true, + "selected": false, + "text": "None", + "value": "" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(relay_peers{cluster=\"$cluster\"},environment)", + "description": "", + "hide": 0, + "includeAll": false, + "label": "environment", + "multi": false, + "name": "environment", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(relay_peers{cluster=\"$cluster\"},environment)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "type": "query" + }, + { + "current": { + "selected": false, + "text": "netbird-relay", + "value": "netbird-relay" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(relay_peers{cluster=\"$cluster\", environment=\"$environment\"},job)", + "hide": 0, + "includeAll": false, + "multi": false, + "name": "job", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(relay_peers{cluster=\"$cluster\", environment=\"$environment\"},job)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "type": "query" + }, + { + "allValue": "", + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(relay_peers{cluster=\"$cluster\", environment=\"$environment\", job=\"$job\"},instance)", + "hide": 0, + "includeAll": true, + "label": "host", + "multi": true, + "name": "host", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(relay_peers{cluster=\"$cluster\", environment=\"$environment\", job=\"$job\"},instance)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 1, + "type": "query" + } + ] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "browser", + "title": "Netbird / Relay", + "uid": "febyq2pgq2u-v003", + "version": 1, + "weekStart": "" +} \ No newline at end of file diff --git a/infrastructure_files/observability/grafana/dashboards/signal.json b/infrastructure_files/observability/grafana/dashboards/signal.json new file mode 100644 index 000000000..0dc1b7aa6 --- /dev/null +++ b/infrastructure_files/observability/grafana/dashboards/signal.json @@ -0,0 +1,1877 @@ +{ + "__inputs": [ + { + "name": "DS_PROMETHEUS", + "label": "Prometheus", + "description": "", + "type": "datasource", + "pluginId": "prometheus", + "pluginName": "Prometheus" + } + ], + "__elements": {}, + "__requires": [ + { + "type": "grafana", + "id": "grafana", + "name": "Grafana", + "version": "11.1.1" + }, + { + "type": "datasource", + "id": "prometheus", + "name": "Prometheus", + "version": "1.0.0" + }, + { + "type": "panel", + "id": "stat", + "name": "Stat", + "version": "" + }, + { + "type": "panel", + "id": "timeseries", + "name": "Time series", + "version": "" + } + ], + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 1, + "id": null, + "links": [], + "panels": [ + { + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 13, + "title": "Core metrics / peers", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Number of active connected peers", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "decimals": 2, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 12, + "x": 0, + "y": 1 + }, + "id": 2, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "percentChangeColorMode": "standard", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showPercentChange": true, + "textMode": "auto", + "wideLayout": true + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "sum(active_peers{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\"}) by (cluster,environment,job)", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "{{cluster}}/{{environment}}/{{job}}/", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "Total active peers", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Duration of how long a peer was connected\n\nThis is mostly informational, but if most of the connections are short lived, you may need to check any reverse proxy or connectivity issues", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "s" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 1 + }, + "id": 1, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.5,sum(increase(peer_connection_duration_seconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p50", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.90,sum(increase(peer_connection_duration_seconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p90", + "range": true, + "refId": "B", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.99,sum(increase(peer_connection_duration_seconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p99", + "range": true, + "refId": "C", + "useBackend": false + } + ], + "title": "Peer connection duration", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Number of active connected peers by host", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "max": 25000, + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "#EAB839", + "value": 15000 + }, + { + "color": "red", + "value": 20000 + } + ] + }, + "unit": "none" + }, + "overrides": [ + { + "__systemRef": "hideSeriesFrom", + "matcher": { + "id": "byNames", + "options": { + "mode": "exclude", + "names": [ + "{__name__=\"active_peers\", application=\"signal\", environment=\"prod\", host=\"signal-1-prod\", instance=\"localhost:9090\", job=\"prometheus.scrape.local\"}" + ], + "prefix": "All except:", + "readOnly": true + } + }, + "properties": [] + } + ] + }, + "gridPos": { + "h": 4, + "w": 12, + "x": 0, + "y": 5 + }, + "id": 10, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "exemplar": false, + "expr": "active_peers{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}", + "format": "time_series", + "fullMetaSearch": false, + "includeNullMetadata": true, + "instant": false, + "legendFormat": "{{cluster}}/{{environment}}/{{job}}/{{host}}", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "Active Peer-Connections per Host", + "type": "timeseries" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 9 + }, + "id": 14, + "panels": [], + "title": "Core metrics / messages", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "No. of messages forwarded per seconds. \nThis doesn't include the failed message count. They are tracked separately.", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "mps" + }, + "overrides": [] + }, + "gridPos": { + "h": 5, + "w": 12, + "x": 0, + "y": 10 + }, + "id": 15, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "rate(messages_forwarded_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])", + "instant": false, + "legendFormat": "{{cluster}}/{{environment}}/{{job}}", + "range": true, + "refId": "A" + } + ], + "title": "Forwarded messages rate", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "mps" + }, + "overrides": [] + }, + "gridPos": { + "h": 5, + "w": 12, + "x": 12, + "y": 10 + }, + "id": 16, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(rate(message_forward_failures_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (cluster,environment,job,type)", + "instant": false, + "legendFormat": "{{type}}", + "range": true, + "refId": "A" + } + ], + "title": "Forwarded messages failure rate", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "s" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 15 + }, + "id": 17, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.5,sum(increase(message_forward_latency_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p50", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.90,sum(increase(message_forward_latency_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p90", + "range": true, + "refId": "B", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.99,sum(increase(message_forward_latency_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p99", + "range": true, + "refId": "C", + "useBackend": false + } + ], + "title": "Forwarded messages latency", + "type": "timeseries" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 23 + }, + "id": 18, + "panels": [], + "title": "Core metrics / registrations", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "rate of peer Registration and deregistration", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + }, + "unit": "cps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 24 + }, + "id": 5, + "options": { + "legend": { + "calcs": [ + "lastNotNull", + "min", + "mean", + "max" + ], + "displayMode": "table", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.5.0-81732", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "rate(registrations_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "registration", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "rate(deregistrations_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": true, + "legendFormat": "deregistration", + "range": true, + "refId": "B", + "useBackend": false + } + ], + "title": "Registration and deregistration rate", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "mps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 24 + }, + "id": 19, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(rate(registration_failures_total{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (cluster,environment,job,error)", + "instant": false, + "legendFormat": "{{error}}", + "range": true, + "refId": "A" + } + ], + "title": "Registration failure rate", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "time needed to register new peers", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "s" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 32 + }, + "id": 20, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.5,sum(increase(registration_delay_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p50", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.90,sum(increase(registration_delay_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p90", + "range": true, + "refId": "B", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.99,sum(increase(registration_delay_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p99", + "range": true, + "refId": "C", + "useBackend": false + } + ], + "title": "Peer registration latency", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Duration of how long it takes to load a connection from the registry.\n\nNOTE: It should be below 1 ms", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "s" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 32 + }, + "id": 21, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.5,sum(increase(get_registration_delay_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p50", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.90,sum(increase(get_registration_delay_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p90", + "range": true, + "refId": "B", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.99,sum(increase(get_registration_delay_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\"}[$__rate_interval])) by (le,cluster,environment,job))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p99", + "range": true, + "refId": "C", + "useBackend": false + } + ], + "title": "get_registration request latency", + "type": "timeseries" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 40 + }, + "id": 12, + "panels": [], + "title": "RPC metrics", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Send method is used by peers intending to send a message to another peer. The send covers the RPC call of sending the message from the initiator to signal.", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "reqps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 41 + }, + "id": 9, + "options": { + "legend": { + "calcs": [ + "lastNotNull", + "min", + "mean", + "max" + ], + "displayMode": "table", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.5.0-81732", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(rate(rpc_server_requests_per_rpc_count{rpc_method=~\"Send\"}[$__rate_interval])) by (rpc_method,rpc_grpc_status_code)", + "hide": false, + "instant": false, + "legendFormat": "code: {{rpc_grpc_status_code}}", + "range": true, + "refId": "B" + } + ], + "title": "RPC requests rate (method: Send)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "reqps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 41 + }, + "id": 23, + "options": { + "legend": { + "calcs": [ + "lastNotNull", + "min", + "mean", + "max" + ], + "displayMode": "table", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.5.0-81732", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(rate(rpc_server_requests_per_rpc_count{rpc_method=~\"ConnectStream\"}[$__rate_interval])) by (rpc_method,rpc_grpc_status_code)", + "hide": false, + "instant": false, + "legendFormat": "code: {{rpc_grpc_status_code}}", + "range": true, + "refId": "B" + } + ], + "title": "RPC requests rate (method: ConnectStream)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 49 + }, + "id": 22, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.5,sum(increase(rpc_server_duration_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\",rpc_method=~\"Send\"}[$__rate_interval])) by (le,cluster,environment,job,rpc_method))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p50", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.90,sum(increase(rpc_server_duration_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\",rpc_method=~\"Send\"}[$__rate_interval])) by (le,cluster,environment,job,rpc_method))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p90", + "range": true, + "refId": "B", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.99,sum(increase(rpc_server_duration_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\",rpc_method=~\"Send\"}[$__rate_interval])) by (le,cluster,environment,job,rpc_method))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p99", + "range": true, + "refId": "C", + "useBackend": false + } + ], + "title": "RPC request latency (method: Send)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Shows estimated time of how long a peer was connected", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 49 + }, + "id": 25, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.5,sum(increase(rpc_server_duration_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\",rpc_method=~\"ConnectStream\"}[$__rate_interval])) by (le,cluster,environment,job,rpc_method))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p50", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.90,sum(increase(rpc_server_duration_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\",rpc_method=~\"ConnectStream\"}[$__rate_interval])) by (le,cluster,environment,job,rpc_method))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p90", + "range": true, + "refId": "B", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "histogram_quantile(0.99,sum(increase(rpc_server_duration_milliseconds_bucket{cluster=~\"$cluster\",environment=~\"$environment\",job=~\"$job\",host=~\"$host\",rpc_method=~\"ConnectStream\"}[$__rate_interval])) by (le,cluster,environment,job,rpc_method))", + "format": "heatmap", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "p99", + "range": true, + "refId": "C", + "useBackend": false + } + ], + "title": "RPC request latency (method: ConnectStream)", + "type": "timeseries" + } + ], + "refresh": "", + "schemaVersion": 39, + "tags": [], + "templating": { + "list": [ + { + "current": {}, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "queryValue": "", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "current": {}, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(active_peers,cluster)", + "hide": 0, + "includeAll": false, + "multi": false, + "name": "cluster", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(active_peers,cluster)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "type": "query" + }, + { + "current": {}, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(active_peers{cluster=\"$cluster\"},environment)", + "description": "", + "hide": 0, + "includeAll": false, + "label": "environment", + "multi": false, + "name": "environment", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(active_peers{cluster=\"$cluster\"},environment)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "type": "query" + }, + { + "current": {}, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(active_peers{cluster=\"$cluster\", environment=\"$environment\"},job)", + "hide": 0, + "includeAll": false, + "multi": false, + "name": "job", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(active_peers{cluster=\"$cluster\", environment=\"$environment\"},job)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "type": "query" + }, + { + "allValue": "", + "current": {}, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(active_peers{cluster=\"$cluster\", environment=\"$environment\", job=\"$job\"},host)", + "hide": 0, + "includeAll": true, + "label": "", + "multi": true, + "name": "host", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(active_peers{cluster=\"$cluster\", environment=\"$environment\", job=\"$job\"},host)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 1, + "type": "query" + } + ] + }, + "time": { + "from": "now-24h", + "to": "now" + }, + "timepicker": {}, + "timezone": "browser", + "title": "Netbird / Signal", + "uid": "cebyq0fs0m-v001", + "version": 15, + "weekStart": "" + } diff --git a/management/cmd/management.go b/management/cmd/management.go index 9f8fa2fcb..75d4179cb 100644 --- a/management/cmd/management.go +++ b/management/cmd/management.go @@ -37,7 +37,7 @@ import ( "github.com/netbirdio/netbird/management/server/peers" "github.com/netbirdio/netbird/encryption" - "github.com/netbirdio/netbird/formatter" + "github.com/netbirdio/netbird/formatter/hook" mgmtProto "github.com/netbirdio/netbird/management/proto" "github.com/netbirdio/netbird/management/server" "github.com/netbirdio/netbird/management/server/auth" @@ -91,7 +91,7 @@ var ( flag.Parse() //nolint - ctx := context.WithValue(cmd.Context(), formatter.ExecutionContextKey, formatter.SystemSource) + ctx := context.WithValue(cmd.Context(), hook.ExecutionContextKey, hook.SystemSource) err := util.InitLog(logLevel, logFile) if err != nil { @@ -137,7 +137,7 @@ var ( ctx, cancel := context.WithCancel(cmd.Context()) defer cancel() //nolint - ctx = context.WithValue(ctx, formatter.ExecutionContextKey, formatter.SystemSource) + ctx = context.WithValue(ctx, hook.ExecutionContextKey, hook.SystemSource) err := handleRebrand(cmd) if err != nil { @@ -382,7 +382,7 @@ func unaryInterceptor( ) (interface{}, error) { reqID := uuid.New().String() //nolint - ctx = context.WithValue(ctx, formatter.ExecutionContextKey, formatter.GRPCSource) + ctx = context.WithValue(ctx, hook.ExecutionContextKey, hook.GRPCSource) //nolint ctx = context.WithValue(ctx, nbContext.RequestIDKey, reqID) return handler(ctx, req) @@ -397,7 +397,7 @@ func streamInterceptor( reqID := uuid.New().String() wrapped := grpcMiddleware.WrapServerStream(ss) //nolint - ctx := context.WithValue(ss.Context(), formatter.ExecutionContextKey, formatter.GRPCSource) + ctx := context.WithValue(ss.Context(), hook.ExecutionContextKey, hook.GRPCSource) //nolint wrapped.WrappedContext = context.WithValue(ctx, nbContext.RequestIDKey, reqID) return handler(srv, wrapped) diff --git a/management/cmd/migration_up.go b/management/cmd/migration_up.go index 183fc554d..de061dca2 100644 --- a/management/cmd/migration_up.go +++ b/management/cmd/migration_up.go @@ -8,7 +8,7 @@ import ( log "github.com/sirupsen/logrus" "github.com/spf13/cobra" - "github.com/netbirdio/netbird/formatter" + "github.com/netbirdio/netbird/formatter/hook" "github.com/netbirdio/netbird/management/server/store" "github.com/netbirdio/netbird/util" ) @@ -30,7 +30,7 @@ var upCmd = &cobra.Command{ } //nolint - ctx := context.WithValue(cmd.Context(), formatter.ExecutionContextKey, formatter.SystemSource) + ctx := context.WithValue(cmd.Context(), hook.ExecutionContextKey, hook.SystemSource) if err := store.MigrateFileStoreToSqlite(ctx, mgmtDataDir); err != nil { return err diff --git a/management/proto/management.pb.go b/management/proto/management.pb.go index 63722ac51..e7b72548b 100644 --- a/management/proto/management.pb.go +++ b/management/proto/management.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.26.0 -// protoc v4.24.3 +// protoc v3.21.9 // source: management.proto package proto diff --git a/management/server/account.go b/management/server/account.go index eb4f0cf38..b7574f7c1 100644 --- a/management/server/account.go +++ b/management/server/account.go @@ -1391,7 +1391,7 @@ func (am *DefaultAccountManager) SyncAndMarkPeer(ctx context.Context, accountID peerUnlock := am.Store.AcquireWriteLockByUID(ctx, peerPubKey) defer peerUnlock() - peer, netMap, postureChecks, err := am.SyncPeer(ctx, account.PeerSync{WireGuardPubKey: peerPubKey, Meta: meta}, accountID) + peer, netMap, postureChecks, err := am.SyncPeer(ctx, types.PeerSync{WireGuardPubKey: peerPubKey, Meta: meta}, accountID) if err != nil { return nil, nil, nil, fmt.Errorf("error syncing peer: %w", err) } @@ -1431,7 +1431,7 @@ func (am *DefaultAccountManager) SyncPeerMeta(ctx context.Context, peerPubKey st unlockPeer := am.Store.AcquireWriteLockByUID(ctx, peerPubKey) defer unlockPeer() - _, _, _, err = am.SyncPeer(ctx, account.PeerSync{WireGuardPubKey: peerPubKey, Meta: meta, UpdateAccountPeers: true}, accountID) + _, _, _, err = am.SyncPeer(ctx, types.PeerSync{WireGuardPubKey: peerPubKey, Meta: meta, UpdateAccountPeers: true}, accountID) if err != nil { return mapError(ctx, err) } diff --git a/management/server/account/account_manager_interface.go b/management/server/account/manager.go similarity index 85% rename from management/server/account/account_manager_interface.go rename to management/server/account/manager.go index f0e20a9d8..9da85473c 100644 --- a/management/server/account/account_manager_interface.go +++ b/management/server/account/manager.go @@ -22,8 +22,7 @@ import ( type ExternalCacheManager cache.CacheInterface[*idp.UserData] -// nolint -type AccountManager interface { +type Manager interface { GetOrCreateAccountByUser(ctx context.Context, userId, domain string) (*types.Account, error) GetAccount(ctx context.Context, accountID string) (*types.Account, error) CreateSetupKey(ctx context.Context, accountID string, keyName string, keyType types.SetupKeyType, expiresIn time.Duration, @@ -89,8 +88,8 @@ type AccountManager interface { SaveDNSSettings(ctx context.Context, accountID string, userID string, dnsSettingsToSave *types.DNSSettings) error GetPeer(ctx context.Context, accountID, peerID, userID string) (*nbpeer.Peer, error) UpdateAccountSettings(ctx context.Context, accountID, userID string, newSettings *types.Settings) (*types.Account, error) - LoginPeer(ctx context.Context, login PeerLogin) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) // used by peer gRPC API - SyncPeer(ctx context.Context, sync PeerSync, accountID string) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) // used by peer gRPC API + LoginPeer(ctx context.Context, login types.PeerLogin) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) // used by peer gRPC API + SyncPeer(ctx context.Context, sync types.PeerSync, accountID string) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) // used by peer gRPC API GetAllConnectedPeers() (map[string]struct{}, error) HasConnectedChannel(peerID string) bool GetExternalCacheManager() ExternalCacheManager @@ -114,33 +113,3 @@ type AccountManager interface { SyncUserJWTGroups(ctx context.Context, userAuth nbcontext.UserAuth) error GetStore() store.Store } - -// PeerSync used as a data object between the gRPC API and AccountManager on Sync request. -type PeerSync struct { - // WireGuardPubKey is a peers WireGuard public key - WireGuardPubKey string - // Meta is the system information passed by peer, must be always present - Meta nbpeer.PeerSystemMeta - // UpdateAccountPeers indicate updating account peers, - // which occurs when the peer's metadata is updated - UpdateAccountPeers bool -} - -// PeerLogin used as a data object between the gRPC API and AccountManager on Login request. -type PeerLogin struct { - // WireGuardPubKey is a peers WireGuard public key - WireGuardPubKey string - // SSHKey is a peer's ssh key. Can be empty (e.g., old version do not provide it, or this feature is disabled) - SSHKey string - // Meta is the system information passed by peer, must be always present. - Meta nbpeer.PeerSystemMeta - // UserID indicates that JWT was used to log in, and it was valid. Can be empty when SetupKey is used or auth is not required. - UserID string - // SetupKey references to a server.SetupKey to log in. Can be empty when UserID is used or auth is not required. - SetupKey string - // ConnectionIP is the real IP of the peer - ConnectionIP net.IP - - // ExtraDNSLabels is a list of extra DNS labels that the peer wants to use - ExtraDNSLabels []string -} diff --git a/management/server/account_test.go b/management/server/account_test.go index 7c11048a4..4e47ccc60 100644 --- a/management/server/account_test.go +++ b/management/server/account_test.go @@ -38,7 +38,7 @@ import ( "github.com/netbirdio/netbird/route" ) -func verifyCanAddPeerToAccount(t *testing.T, manager nbAccount.AccountManager, account *types.Account, userID string) { +func verifyCanAddPeerToAccount(t *testing.T, manager nbAccount.Manager, account *types.Account, userID string) { t.Helper() peer := &nbpeer.Peer{ Key: "BhRPtynAAYRDy08+q4HTMsos8fs4plTP4NOSh7C1ry8=", @@ -1405,7 +1405,7 @@ func TestAccountManager_DeletePeer(t *testing.T) { assert.Equal(t, peer.IP.String(), fmt.Sprint(ev.Meta["ip"])) } -func getEvent(t *testing.T, accountID string, manager nbAccount.AccountManager, eventType activity.Activity) *activity.Event { +func getEvent(t *testing.T, accountID string, manager nbAccount.Manager, eventType activity.Activity) *activity.Event { t.Helper() for { select { @@ -3026,7 +3026,7 @@ func BenchmarkLoginPeer_ExistingPeer(b *testing.B) { b.ResetTimer() start := time.Now() for i := 0; i < b.N; i++ { - _, _, _, err := manager.LoginPeer(context.Background(), nbAccount.PeerLogin{ + _, _, _, err := manager.LoginPeer(context.Background(), types.PeerLogin{ WireGuardPubKey: account.Peers["peer-1"].Key, SSHKey: "someKey", Meta: nbpeer.PeerSystemMeta{Hostname: strconv.Itoa(i)}, @@ -3101,7 +3101,7 @@ func BenchmarkLoginPeer_NewPeer(b *testing.B) { b.ResetTimer() start := time.Now() for i := 0; i < b.N; i++ { - _, _, _, err := manager.LoginPeer(context.Background(), nbAccount.PeerLogin{ + _, _, _, err := manager.LoginPeer(context.Background(), types.PeerLogin{ WireGuardPubKey: "some-new-key" + strconv.Itoa(i), SSHKey: "someKey", Meta: nbpeer.PeerSystemMeta{Hostname: strconv.Itoa(i)}, diff --git a/management/server/ephemeral.go b/management/server/ephemeral.go index 52ab450d7..3cb9b7536 100644 --- a/management/server/ephemeral.go +++ b/management/server/ephemeral.go @@ -35,7 +35,7 @@ type ephemeralPeer struct { // automatically. Inactivity means the peer disconnected from the Management server. type EphemeralManager struct { store store.Store - accountManager nbAccount.AccountManager + accountManager nbAccount.Manager headPeer *ephemeralPeer tailPeer *ephemeralPeer @@ -44,7 +44,7 @@ type EphemeralManager struct { } // NewEphemeralManager instantiate new EphemeralManager -func NewEphemeralManager(store store.Store, accountManager nbAccount.AccountManager) *EphemeralManager { +func NewEphemeralManager(store store.Store, accountManager nbAccount.Manager) *EphemeralManager { return &EphemeralManager{ store: store, accountManager: accountManager, diff --git a/management/server/ephemeral_test.go b/management/server/ephemeral_test.go index 76e60f2c6..38477f7a8 100644 --- a/management/server/ephemeral_test.go +++ b/management/server/ephemeral_test.go @@ -28,7 +28,7 @@ func (s *MockStore) GetAllEphemeralPeers(_ context.Context, _ store.LockingStren } type MocAccountManager struct { - nbAccount.AccountManager + nbAccount.Manager store *MockStore } diff --git a/management/server/groups/manager.go b/management/server/groups/manager.go index d5431be7b..27698a085 100644 --- a/management/server/groups/manager.go +++ b/management/server/groups/manager.go @@ -24,13 +24,13 @@ type Manager interface { type managerImpl struct { store store.Store permissionsManager permissions.Manager - accountManager account.AccountManager + accountManager account.Manager } type mockManager struct { } -func NewManager(store store.Store, permissionsManager permissions.Manager, accountManager account.AccountManager) Manager { +func NewManager(store store.Store, permissionsManager permissions.Manager, accountManager account.Manager) Manager { return &managerImpl{ store: store, permissionsManager: permissionsManager, diff --git a/management/server/grpcserver.go b/management/server/grpcserver.go index 4e72bd96f..97dd7e0b6 100644 --- a/management/server/grpcserver.go +++ b/management/server/grpcserver.go @@ -12,13 +12,13 @@ import ( pb "github.com/golang/protobuf/proto" // nolint "github.com/golang/protobuf/ptypes/timestamp" "github.com/grpc-ecosystem/go-grpc-middleware/v2/interceptors/realip" - "github.com/netbirdio/management-integrations/integrations" log "github.com/sirupsen/logrus" "golang.zx2c4.com/wireguard/wgctrl/wgtypes" "google.golang.org/grpc/codes" "google.golang.org/grpc/peer" "google.golang.org/grpc/status" + integrationsConfig "github.com/netbirdio/management-integrations/integrations/config" "github.com/netbirdio/netbird/encryption" "github.com/netbirdio/netbird/management/proto" "github.com/netbirdio/netbird/management/server/account" @@ -35,7 +35,7 @@ import ( // GRPCServer an instance of a Management gRPC API server type GRPCServer struct { - accountManager account.AccountManager + accountManager account.Manager settingsManager settings.Manager wgKey wgtypes.Key proto.UnimplementedManagementServiceServer @@ -52,7 +52,7 @@ type GRPCServer struct { func NewServer( ctx context.Context, config *Config, - accountManager account.AccountManager, + accountManager account.Manager, settingsManager settings.Manager, peersUpdateManager *PeersUpdateManager, secretsManager SecretsManager, @@ -460,7 +460,7 @@ func (s *GRPCServer) Login(ctx context.Context, req *proto.EncryptedMessage) (*p sshKey = loginReq.GetPeerKeys().GetSshPubKey() } - peer, netMap, postureChecks, err := s.accountManager.LoginPeer(ctx, account.PeerLogin{ + peer, netMap, postureChecks, err := s.accountManager.LoginPeer(ctx, types.PeerLogin{ WireGuardPubKey: peerKey.String(), SSHKey: string(sshKey), Meta: extractPeerMeta(ctx, loginReq.GetMeta()), @@ -605,7 +605,7 @@ func toNetbirdConfig(config *Config, turnCredentials *Token, relayToken *Token, Relay: relayCfg, } - integrations.ExtendNetBirdConfig(nbConfig, extraSettings) + integrationsConfig.ExtendNetBirdConfig(nbConfig, extraSettings) return nbConfig } diff --git a/management/server/http/handler.go b/management/server/http/handler.go index 6a3cfae70..e4cc8585a 100644 --- a/management/server/http/handler.go +++ b/management/server/http/handler.go @@ -43,7 +43,7 @@ const apiPrefix = "/api" // NewAPIHandler creates the Management service HTTP API handler registering all the available endpoints. func NewAPIHandler( ctx context.Context, - accountManager account.AccountManager, + accountManager account.Manager, networksManager nbnetworks.Manager, resourceManager resources.Manager, routerManager routers.Manager, diff --git a/management/server/http/handlers/accounts/accounts_handler.go b/management/server/http/handlers/accounts/accounts_handler.go index b76d28094..054a9e77a 100644 --- a/management/server/http/handlers/accounts/accounts_handler.go +++ b/management/server/http/handlers/accounts/accounts_handler.go @@ -18,11 +18,11 @@ import ( // handler is a handler that handles the server.Account HTTP endpoints type handler struct { - accountManager account.AccountManager + accountManager account.Manager settingsManager settings.Manager } -func AddEndpoints(accountManager account.AccountManager, settingsManager settings.Manager, router *mux.Router) { +func AddEndpoints(accountManager account.Manager, settingsManager settings.Manager, router *mux.Router) { accountsHandler := newHandler(accountManager, settingsManager) router.HandleFunc("/accounts/{accountId}", accountsHandler.updateAccount).Methods("PUT", "OPTIONS") router.HandleFunc("/accounts/{accountId}", accountsHandler.deleteAccount).Methods("DELETE", "OPTIONS") @@ -30,7 +30,7 @@ func AddEndpoints(accountManager account.AccountManager, settingsManager setting } // newHandler creates a new handler HTTP handler -func newHandler(accountManager account.AccountManager, settingsManager settings.Manager) *handler { +func newHandler(accountManager account.Manager, settingsManager settings.Manager) *handler { return &handler{ accountManager: accountManager, settingsManager: settingsManager, diff --git a/management/server/http/handlers/dns/dns_settings_handler.go b/management/server/http/handlers/dns/dns_settings_handler.go index 85be8e707..60822c883 100644 --- a/management/server/http/handlers/dns/dns_settings_handler.go +++ b/management/server/http/handlers/dns/dns_settings_handler.go @@ -16,22 +16,22 @@ import ( // dnsSettingsHandler is a handler that returns the DNS settings of the account type dnsSettingsHandler struct { - accountManager account.AccountManager + accountManager account.Manager } -func AddEndpoints(accountManager account.AccountManager, router *mux.Router) { +func AddEndpoints(accountManager account.Manager, router *mux.Router) { addDNSSettingEndpoint(accountManager, router) addDNSNameserversEndpoint(accountManager, router) } -func addDNSSettingEndpoint(accountManager account.AccountManager, router *mux.Router) { +func addDNSSettingEndpoint(accountManager account.Manager, router *mux.Router) { dnsSettingsHandler := newDNSSettingsHandler(accountManager) router.HandleFunc("/dns/settings", dnsSettingsHandler.getDNSSettings).Methods("GET", "OPTIONS") router.HandleFunc("/dns/settings", dnsSettingsHandler.updateDNSSettings).Methods("PUT", "OPTIONS") } // newDNSSettingsHandler returns a new instance of dnsSettingsHandler handler -func newDNSSettingsHandler(accountManager account.AccountManager) *dnsSettingsHandler { +func newDNSSettingsHandler(accountManager account.Manager) *dnsSettingsHandler { return &dnsSettingsHandler{accountManager: accountManager} } diff --git a/management/server/http/handlers/dns/nameservers_handler.go b/management/server/http/handlers/dns/nameservers_handler.go index 0bba95988..970be6d8a 100644 --- a/management/server/http/handlers/dns/nameservers_handler.go +++ b/management/server/http/handlers/dns/nameservers_handler.go @@ -18,10 +18,10 @@ import ( // nameserversHandler is the nameserver group handler of the account type nameserversHandler struct { - accountManager account.AccountManager + accountManager account.Manager } -func addDNSNameserversEndpoint(accountManager account.AccountManager, router *mux.Router) { +func addDNSNameserversEndpoint(accountManager account.Manager, router *mux.Router) { nameserversHandler := newNameserversHandler(accountManager) router.HandleFunc("/dns/nameservers", nameserversHandler.getAllNameservers).Methods("GET", "OPTIONS") router.HandleFunc("/dns/nameservers", nameserversHandler.createNameserverGroup).Methods("POST", "OPTIONS") @@ -31,7 +31,7 @@ func addDNSNameserversEndpoint(accountManager account.AccountManager, router *mu } // newNameserversHandler returns a new instance of nameserversHandler handler -func newNameserversHandler(accountManager account.AccountManager) *nameserversHandler { +func newNameserversHandler(accountManager account.Manager) *nameserversHandler { return &nameserversHandler{accountManager: accountManager} } diff --git a/management/server/http/handlers/events/events_handler.go b/management/server/http/handlers/events/events_handler.go index 984201ac0..7497b0fef 100644 --- a/management/server/http/handlers/events/events_handler.go +++ b/management/server/http/handlers/events/events_handler.go @@ -17,16 +17,16 @@ import ( // handler HTTP handler type handler struct { - accountManager account.AccountManager + accountManager account.Manager } -func AddEndpoints(accountManager account.AccountManager, router *mux.Router) { +func AddEndpoints(accountManager account.Manager, router *mux.Router) { eventsHandler := newHandler(accountManager) router.HandleFunc("/events", eventsHandler.getAllEvents).Methods("GET", "OPTIONS") } // newHandler creates a new events handler -func newHandler(accountManager account.AccountManager) *handler { +func newHandler(accountManager account.Manager) *handler { return &handler{accountManager: accountManager} } diff --git a/management/server/http/handlers/groups/groups_handler.go b/management/server/http/handlers/groups/groups_handler.go index 012987994..667095018 100644 --- a/management/server/http/handlers/groups/groups_handler.go +++ b/management/server/http/handlers/groups/groups_handler.go @@ -19,10 +19,10 @@ import ( // handler is a handler that returns groups of the account type handler struct { - accountManager account.AccountManager + accountManager account.Manager } -func AddEndpoints(accountManager account.AccountManager, router *mux.Router) { +func AddEndpoints(accountManager account.Manager, router *mux.Router) { groupsHandler := newHandler(accountManager) router.HandleFunc("/groups", groupsHandler.getAllGroups).Methods("GET", "OPTIONS") router.HandleFunc("/groups", groupsHandler.createGroup).Methods("POST", "OPTIONS") @@ -32,7 +32,7 @@ func AddEndpoints(accountManager account.AccountManager, router *mux.Router) { } // newHandler creates a new groups handler -func newHandler(accountManager account.AccountManager) *handler { +func newHandler(accountManager account.Manager) *handler { return &handler{ accountManager: accountManager, } diff --git a/management/server/http/handlers/networks/handler.go b/management/server/http/handlers/networks/handler.go index 319b8ca45..1c06512f6 100644 --- a/management/server/http/handlers/networks/handler.go +++ b/management/server/http/handlers/networks/handler.go @@ -28,12 +28,12 @@ type handler struct { networksManager networks.Manager resourceManager resources.Manager routerManager routers.Manager - accountManager account.AccountManager + accountManager account.Manager groupsManager groups.Manager } -func AddEndpoints(networksManager networks.Manager, resourceManager resources.Manager, routerManager routers.Manager, groupsManager groups.Manager, accountManager account.AccountManager, router *mux.Router) { +func AddEndpoints(networksManager networks.Manager, resourceManager resources.Manager, routerManager routers.Manager, groupsManager groups.Manager, accountManager account.Manager, router *mux.Router) { addRouterEndpoints(routerManager, router) addResourceEndpoints(resourceManager, groupsManager, router) @@ -45,7 +45,7 @@ func AddEndpoints(networksManager networks.Manager, resourceManager resources.Ma router.HandleFunc("/networks/{networkId}", networksHandler.deleteNetwork).Methods("DELETE", "OPTIONS") } -func newHandler(networksManager networks.Manager, resourceManager resources.Manager, routerManager routers.Manager, groupsManager groups.Manager, accountManager account.AccountManager) *handler { +func newHandler(networksManager networks.Manager, resourceManager resources.Manager, routerManager routers.Manager, groupsManager groups.Manager, accountManager account.Manager) *handler { return &handler{ networksManager: networksManager, resourceManager: resourceManager, diff --git a/management/server/http/handlers/peers/peers_handler.go b/management/server/http/handlers/peers/peers_handler.go index 4bf6e4830..9342d84a3 100644 --- a/management/server/http/handlers/peers/peers_handler.go +++ b/management/server/http/handlers/peers/peers_handler.go @@ -21,10 +21,10 @@ import ( // Handler is a handler that returns peers of the account type Handler struct { - accountManager account.AccountManager + accountManager account.Manager } -func AddEndpoints(accountManager account.AccountManager, router *mux.Router) { +func AddEndpoints(accountManager account.Manager, router *mux.Router) { peersHandler := NewHandler(accountManager) router.HandleFunc("/peers", peersHandler.GetAllPeers).Methods("GET", "OPTIONS") router.HandleFunc("/peers/{peerId}", peersHandler.HandlePeer). @@ -33,7 +33,7 @@ func AddEndpoints(accountManager account.AccountManager, router *mux.Router) { } // NewHandler creates a new peers Handler -func NewHandler(accountManager account.AccountManager) *Handler { +func NewHandler(accountManager account.Manager) *Handler { return &Handler{ accountManager: accountManager, } diff --git a/management/server/http/handlers/policies/geolocations_handler.go b/management/server/http/handlers/policies/geolocations_handler.go index 818230e44..fb19887dc 100644 --- a/management/server/http/handlers/policies/geolocations_handler.go +++ b/management/server/http/handlers/policies/geolocations_handler.go @@ -20,18 +20,18 @@ var ( // geolocationsHandler is a handler that returns locations. type geolocationsHandler struct { - accountManager account.AccountManager + accountManager account.Manager geolocationManager geolocation.Geolocation } -func addLocationsEndpoint(accountManager account.AccountManager, locationManager geolocation.Geolocation, router *mux.Router) { +func addLocationsEndpoint(accountManager account.Manager, locationManager geolocation.Geolocation, router *mux.Router) { locationHandler := newGeolocationsHandlerHandler(accountManager, locationManager) router.HandleFunc("/locations/countries", locationHandler.getAllCountries).Methods("GET", "OPTIONS") router.HandleFunc("/locations/countries/{country}/cities", locationHandler.getCitiesByCountry).Methods("GET", "OPTIONS") } // newGeolocationsHandlerHandler creates a new Geolocations handler -func newGeolocationsHandlerHandler(accountManager account.AccountManager, geolocationManager geolocation.Geolocation) *geolocationsHandler { +func newGeolocationsHandlerHandler(accountManager account.Manager, geolocationManager geolocation.Geolocation) *geolocationsHandler { return &geolocationsHandler{ accountManager: accountManager, geolocationManager: geolocationManager, diff --git a/management/server/http/handlers/policies/policies_handler.go b/management/server/http/handlers/policies/policies_handler.go index b76f5b1bd..01a09842a 100644 --- a/management/server/http/handlers/policies/policies_handler.go +++ b/management/server/http/handlers/policies/policies_handler.go @@ -18,10 +18,10 @@ import ( // handler is a handler that returns policy of the account type handler struct { - accountManager account.AccountManager + accountManager account.Manager } -func AddEndpoints(accountManager account.AccountManager, locationManager geolocation.Geolocation, router *mux.Router) { +func AddEndpoints(accountManager account.Manager, locationManager geolocation.Geolocation, router *mux.Router) { policiesHandler := newHandler(accountManager) router.HandleFunc("/policies", policiesHandler.getAllPolicies).Methods("GET", "OPTIONS") router.HandleFunc("/policies", policiesHandler.createPolicy).Methods("POST", "OPTIONS") @@ -32,7 +32,7 @@ func AddEndpoints(accountManager account.AccountManager, locationManager geoloca } // newHandler creates a new policies handler -func newHandler(accountManager account.AccountManager) *handler { +func newHandler(accountManager account.Manager) *handler { return &handler{ accountManager: accountManager, } diff --git a/management/server/http/handlers/policies/posture_checks_handler.go b/management/server/http/handlers/policies/posture_checks_handler.go index be099d7f2..b99649dbc 100644 --- a/management/server/http/handlers/policies/posture_checks_handler.go +++ b/management/server/http/handlers/policies/posture_checks_handler.go @@ -17,11 +17,11 @@ import ( // postureChecksHandler is a handler that returns posture checks of the account. type postureChecksHandler struct { - accountManager account.AccountManager + accountManager account.Manager geolocationManager geolocation.Geolocation } -func addPostureCheckEndpoint(accountManager account.AccountManager, locationManager geolocation.Geolocation, router *mux.Router) { +func addPostureCheckEndpoint(accountManager account.Manager, locationManager geolocation.Geolocation, router *mux.Router) { postureCheckHandler := newPostureChecksHandler(accountManager, locationManager) router.HandleFunc("/posture-checks", postureCheckHandler.getAllPostureChecks).Methods("GET", "OPTIONS") router.HandleFunc("/posture-checks", postureCheckHandler.createPostureCheck).Methods("POST", "OPTIONS") @@ -32,7 +32,7 @@ func addPostureCheckEndpoint(accountManager account.AccountManager, locationMana } // newPostureChecksHandler creates a new PostureChecks handler -func newPostureChecksHandler(accountManager account.AccountManager, geolocationManager geolocation.Geolocation) *postureChecksHandler { +func newPostureChecksHandler(accountManager account.Manager, geolocationManager geolocation.Geolocation) *postureChecksHandler { return &postureChecksHandler{ accountManager: accountManager, geolocationManager: geolocationManager, diff --git a/management/server/http/handlers/routes/routes_handler.go b/management/server/http/handlers/routes/routes_handler.go index d6aa52c5e..0f1c37eb7 100644 --- a/management/server/http/handlers/routes/routes_handler.go +++ b/management/server/http/handlers/routes/routes_handler.go @@ -21,10 +21,10 @@ const failedToConvertRoute = "failed to convert route to response: %v" // handler is the routes handler of the account type handler struct { - accountManager account.AccountManager + accountManager account.Manager } -func AddEndpoints(accountManager account.AccountManager, router *mux.Router) { +func AddEndpoints(accountManager account.Manager, router *mux.Router) { routesHandler := newHandler(accountManager) router.HandleFunc("/routes", routesHandler.getAllRoutes).Methods("GET", "OPTIONS") router.HandleFunc("/routes", routesHandler.createRoute).Methods("POST", "OPTIONS") @@ -34,7 +34,7 @@ func AddEndpoints(accountManager account.AccountManager, router *mux.Router) { } // newHandler returns a new instance of routes handler -func newHandler(accountManager account.AccountManager) *handler { +func newHandler(accountManager account.Manager) *handler { return &handler{ accountManager: accountManager, } diff --git a/management/server/http/handlers/setup_keys/setupkeys_handler.go b/management/server/http/handlers/setup_keys/setupkeys_handler.go index bebbe1f16..38ba86fb1 100644 --- a/management/server/http/handlers/setup_keys/setupkeys_handler.go +++ b/management/server/http/handlers/setup_keys/setupkeys_handler.go @@ -18,10 +18,10 @@ import ( // handler is a handler that returns a list of setup keys of the account type handler struct { - accountManager account.AccountManager + accountManager account.Manager } -func AddEndpoints(accountManager account.AccountManager, router *mux.Router) { +func AddEndpoints(accountManager account.Manager, router *mux.Router) { keysHandler := newHandler(accountManager) router.HandleFunc("/setup-keys", keysHandler.getAllSetupKeys).Methods("GET", "OPTIONS") router.HandleFunc("/setup-keys", keysHandler.createSetupKey).Methods("POST", "OPTIONS") @@ -31,7 +31,7 @@ func AddEndpoints(accountManager account.AccountManager, router *mux.Router) { } // newHandler creates a new setup key handler -func newHandler(accountManager account.AccountManager) *handler { +func newHandler(accountManager account.Manager) *handler { return &handler{ accountManager: accountManager, } diff --git a/management/server/http/handlers/users/pat_handler.go b/management/server/http/handlers/users/pat_handler.go index ba8fcd3ed..90913eac1 100644 --- a/management/server/http/handlers/users/pat_handler.go +++ b/management/server/http/handlers/users/pat_handler.go @@ -16,10 +16,10 @@ import ( // patHandler is the nameserver group handler of the account type patHandler struct { - accountManager account.AccountManager + accountManager account.Manager } -func addUsersTokensEndpoint(accountManager account.AccountManager, router *mux.Router) { +func addUsersTokensEndpoint(accountManager account.Manager, router *mux.Router) { tokenHandler := newPATsHandler(accountManager) router.HandleFunc("/users/{userId}/tokens", tokenHandler.getAllTokens).Methods("GET", "OPTIONS") router.HandleFunc("/users/{userId}/tokens", tokenHandler.createToken).Methods("POST", "OPTIONS") @@ -28,7 +28,7 @@ func addUsersTokensEndpoint(accountManager account.AccountManager, router *mux.R } // newPATsHandler creates a new patHandler HTTP handler -func newPATsHandler(accountManager account.AccountManager) *patHandler { +func newPATsHandler(accountManager account.Manager) *patHandler { return &patHandler{ accountManager: accountManager, } diff --git a/management/server/http/handlers/users/users_handler.go b/management/server/http/handlers/users/users_handler.go index 6dcd4ea69..19f56c464 100644 --- a/management/server/http/handlers/users/users_handler.go +++ b/management/server/http/handlers/users/users_handler.go @@ -19,10 +19,10 @@ import ( // handler is a handler that returns users of the account type handler struct { - accountManager account.AccountManager + accountManager account.Manager } -func AddEndpoints(accountManager account.AccountManager, router *mux.Router) { +func AddEndpoints(accountManager account.Manager, router *mux.Router) { userHandler := newHandler(accountManager) router.HandleFunc("/users", userHandler.getAllUsers).Methods("GET", "OPTIONS") router.HandleFunc("/users/{userId}", userHandler.updateUser).Methods("PUT", "OPTIONS") @@ -33,7 +33,7 @@ func AddEndpoints(accountManager account.AccountManager, router *mux.Router) { } // newHandler creates a new UsersHandler HTTP handler -func newHandler(accountManager account.AccountManager) *handler { +func newHandler(accountManager account.Manager) *handler { return &handler{ accountManager: accountManager, } diff --git a/management/server/http/testing/testing_tools/tools.go b/management/server/http/testing/testing_tools/tools.go index 37b9a3023..5d1498c33 100644 --- a/management/server/http/testing/testing_tools/tools.go +++ b/management/server/http/testing/testing_tools/tools.go @@ -94,7 +94,7 @@ type PerformanceMetrics struct { MaxMsPerOpCICD float64 } -func BuildApiBlackBoxWithDBState(t TB, sqlFile string, expectedPeerUpdate *server.UpdateMessage, validateUpdate bool) (http.Handler, account.AccountManager, chan struct{}) { +func BuildApiBlackBoxWithDBState(t TB, sqlFile string, expectedPeerUpdate *server.UpdateMessage, validateUpdate bool) (http.Handler, account.Manager, chan struct{}) { store, cleanup, err := store.NewTestStoreFromSQL(context.Background(), sqlFile, t.TempDir()) if err != nil { t.Fatalf("Failed to create test store: %v", err) diff --git a/management/server/integrations/port_forwarding/controller.go b/management/server/integrations/port_forwarding/controller.go index 6390868fe..6f062bb12 100644 --- a/management/server/integrations/port_forwarding/controller.go +++ b/management/server/integrations/port_forwarding/controller.go @@ -9,6 +9,7 @@ import ( type Controller interface { SendUpdate(ctx context.Context, accountID string, affectedProxyID string, affectedPeerIDs []string) GetProxyNetworkMaps(ctx context.Context, accountID string) (map[string]*nbtypes.NetworkMap, error) + IsPeerInIngressPorts(ctx context.Context, accountID, peerID string) (bool, error) } type ControllerMock struct { @@ -25,3 +26,7 @@ func (c *ControllerMock) SendUpdate(ctx context.Context, accountID string, affec func (c *ControllerMock) GetProxyNetworkMaps(ctx context.Context, accountID string) (map[string]*nbtypes.NetworkMap, error) { return make(map[string]*nbtypes.NetworkMap), nil } + +func (c *ControllerMock) IsPeerInIngressPorts(ctx context.Context, accountID, peerID string) (bool, error) { + return false, nil +} diff --git a/management/server/management_proto_test.go b/management/server/management_proto_test.go index 529a3b57f..9bbc9d7a6 100644 --- a/management/server/management_proto_test.go +++ b/management/server/management_proto_test.go @@ -20,9 +20,8 @@ import ( "google.golang.org/grpc/keepalive" "github.com/netbirdio/netbird/encryption" - "github.com/netbirdio/netbird/formatter" + "github.com/netbirdio/netbird/formatter/hook" mgmtProto "github.com/netbirdio/netbird/management/proto" - nbAccount "github.com/netbirdio/netbird/management/server/account" "github.com/netbirdio/netbird/management/server/activity" "github.com/netbirdio/netbird/management/server/integrations/port_forwarding" "github.com/netbirdio/netbird/management/server/settings" @@ -426,7 +425,7 @@ func startManagementForTest(t *testing.T, testFile string, config *Config) (*grp peersUpdateManager := NewPeersUpdateManager(nil) eventStore := &activity.InMemoryEventStore{} - ctx := context.WithValue(context.Background(), formatter.ExecutionContextKey, formatter.SystemSource) //nolint:staticcheck + ctx := context.WithValue(context.Background(), hook.ExecutionContextKey, hook.SystemSource) //nolint:staticcheck metrics, err := telemetry.NewDefaultAppMetrics(context.Background()) require.NoError(t, err) @@ -741,7 +740,7 @@ func Test_LoginPerformance(t *testing.T) { NetbirdVersion: "", } - peerLogin := nbAccount.PeerLogin{ + peerLogin := types.PeerLogin{ WireGuardPubKey: key.String(), SSHKey: "random", Meta: extractPeerMeta(context.Background(), meta), @@ -766,7 +765,7 @@ func Test_LoginPerformance(t *testing.T) { messageCalls = append(messageCalls, login) mu.Unlock() - go func(peerLogin nbAccount.PeerLogin, counterStart *int32) { + go func(peerLogin types.PeerLogin, counterStart *int32) { defer wgPeer.Done() _, _, _, err = am.LoginPeer(context.Background(), peerLogin) if err != nil { diff --git a/management/server/mock_server/account_mock.go b/management/server/mock_server/account_mock.go index e23d198b6..cb8d598f8 100644 --- a/management/server/mock_server/account_mock.go +++ b/management/server/mock_server/account_mock.go @@ -22,7 +22,7 @@ import ( "github.com/netbirdio/netbird/route" ) -var _ account.AccountManager = (*MockAccountManager)(nil) +var _ account.Manager = (*MockAccountManager)(nil) type MockAccountManager struct { GetOrCreateAccountByUserFunc func(ctx context.Context, userId, domain string) (*types.Account, error) @@ -90,8 +90,8 @@ type MockAccountManager struct { SaveDNSSettingsFunc func(ctx context.Context, accountID, userID string, dnsSettingsToSave *types.DNSSettings) error GetPeerFunc func(ctx context.Context, accountID, peerID, userID string) (*nbpeer.Peer, error) UpdateAccountSettingsFunc func(ctx context.Context, accountID, userID string, newSettings *types.Settings) (*types.Account, error) - LoginPeerFunc func(ctx context.Context, login account.PeerLogin) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) - SyncPeerFunc func(ctx context.Context, sync account.PeerSync, accountID string) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) + LoginPeerFunc func(ctx context.Context, login types.PeerLogin) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) + SyncPeerFunc func(ctx context.Context, sync types.PeerSync, accountID string) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) InviteUserFunc func(ctx context.Context, accountID string, initiatorUserID string, targetUserEmail string) error GetAllConnectedPeersFunc func() (map[string]struct{}, error) HasConnectedChannelFunc func(peerID string) bool @@ -663,7 +663,7 @@ func (am *MockAccountManager) UpdateAccountSettings(ctx context.Context, account } // LoginPeer mocks LoginPeer of the AccountManager interface -func (am *MockAccountManager) LoginPeer(ctx context.Context, login account.PeerLogin) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) { +func (am *MockAccountManager) LoginPeer(ctx context.Context, login types.PeerLogin) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) { if am.LoginPeerFunc != nil { return am.LoginPeerFunc(ctx, login) } @@ -671,7 +671,7 @@ func (am *MockAccountManager) LoginPeer(ctx context.Context, login account.PeerL } // SyncPeer mocks SyncPeer of the AccountManager interface -func (am *MockAccountManager) SyncPeer(ctx context.Context, sync account.PeerSync, accountID string) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) { +func (am *MockAccountManager) SyncPeer(ctx context.Context, sync types.PeerSync, accountID string) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) { if am.SyncPeerFunc != nil { return am.SyncPeerFunc(ctx, sync, accountID) } diff --git a/management/server/networks/manager.go b/management/server/networks/manager.go index 43f0ed0f8..609b68918 100644 --- a/management/server/networks/manager.go +++ b/management/server/networks/manager.go @@ -26,7 +26,7 @@ type Manager interface { type managerImpl struct { store store.Store - accountManager account.AccountManager + accountManager account.Manager permissionsManager permissions.Manager resourcesManager resources.Manager routersManager routers.Manager @@ -35,7 +35,7 @@ type managerImpl struct { type mockManager struct { } -func NewManager(store store.Store, permissionsManager permissions.Manager, resourceManager resources.Manager, routersManager routers.Manager, accountManager account.AccountManager) Manager { +func NewManager(store store.Store, permissionsManager permissions.Manager, resourceManager resources.Manager, routersManager routers.Manager, accountManager account.Manager) Manager { return &managerImpl{ store: store, permissionsManager: permissionsManager, diff --git a/management/server/networks/resources/manager.go b/management/server/networks/resources/manager.go index 8cf09e561..acaacbfb9 100644 --- a/management/server/networks/resources/manager.go +++ b/management/server/networks/resources/manager.go @@ -31,13 +31,13 @@ type managerImpl struct { store store.Store permissionsManager permissions.Manager groupsManager groups.Manager - accountManager account.AccountManager + accountManager account.Manager } type mockManager struct { } -func NewManager(store store.Store, permissionsManager permissions.Manager, groupsManager groups.Manager, accountManager account.AccountManager) Manager { +func NewManager(store store.Store, permissionsManager permissions.Manager, groupsManager groups.Manager, accountManager account.Manager) Manager { return &managerImpl{ store: store, permissionsManager: permissionsManager, diff --git a/management/server/networks/routers/manager.go b/management/server/networks/routers/manager.go index 793efcf4f..595fffd97 100644 --- a/management/server/networks/routers/manager.go +++ b/management/server/networks/routers/manager.go @@ -29,13 +29,13 @@ type Manager interface { type managerImpl struct { store store.Store permissionsManager permissions.Manager - accountManager account.AccountManager + accountManager account.Manager } type mockManager struct { } -func NewManager(store store.Store, permissionsManager permissions.Manager, accountManager account.AccountManager) Manager { +func NewManager(store store.Store, permissionsManager permissions.Manager, accountManager account.Manager) Manager { return &managerImpl{ store: store, permissionsManager: permissionsManager, diff --git a/management/server/peer.go b/management/server/peer.go index 0554032ad..4e70fe6e3 100644 --- a/management/server/peer.go +++ b/management/server/peer.go @@ -16,7 +16,6 @@ import ( "golang.org/x/exp/maps" "github.com/netbirdio/netbird/management/domain" - "github.com/netbirdio/netbird/management/server/account" "github.com/netbirdio/netbird/management/server/geolocation" "github.com/netbirdio/netbird/management/server/idp" @@ -346,6 +345,10 @@ func (am *DefaultAccountManager) DeletePeer(ctx context.Context, accountID, peer return err } + if err = am.validatePeerDelete(ctx, accountID, peerID); err != nil { + return err + } + updateAccountPeers, err = isPeerInActiveGroup(ctx, transaction, accountID, peerID) if err != nil { return err @@ -371,6 +374,9 @@ func (am *DefaultAccountManager) DeletePeer(ctx context.Context, accountID, peer eventsToStore, err = deletePeers(ctx, am, transaction, accountID, userID, []*nbpeer.Peer{peer}) return err }) + if err != nil { + return err + } for _, storeEvent := range eventsToStore { storeEvent() @@ -673,7 +679,7 @@ func getFreeIP(ctx context.Context, transaction store.Store, accountID string) ( } // SyncPeer checks whether peer is eligible for receiving NetworkMap (authenticated) and returns its NetworkMap if eligible -func (am *DefaultAccountManager) SyncPeer(ctx context.Context, sync account.PeerSync, accountID string) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) { +func (am *DefaultAccountManager) SyncPeer(ctx context.Context, sync types.PeerSync, accountID string) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) { start := time.Now() defer func() { log.WithContext(ctx).Debugf("SyncPeer: took %v", time.Since(start)) @@ -748,7 +754,7 @@ func (am *DefaultAccountManager) SyncPeer(ctx context.Context, sync account.Peer return am.getValidatedPeerWithMap(ctx, peerNotValid, accountID, peer) } -func (am *DefaultAccountManager) handlePeerLoginNotFound(ctx context.Context, login account.PeerLogin, err error) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) { +func (am *DefaultAccountManager) handlePeerLoginNotFound(ctx context.Context, login types.PeerLogin, err error) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) { if errStatus, ok := status.FromError(err); ok && errStatus.Type() == status.NotFound { // we couldn't find this peer by its public key which can mean that peer hasn't been registered yet. // Try registering it. @@ -768,7 +774,7 @@ func (am *DefaultAccountManager) handlePeerLoginNotFound(ctx context.Context, lo // LoginPeer logs in or registers a peer. // If peer doesn't exist the function checks whether a setup key or a user is present and registers a new peer if so. -func (am *DefaultAccountManager) LoginPeer(ctx context.Context, login account.PeerLogin) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) { +func (am *DefaultAccountManager) LoginPeer(ctx context.Context, login types.PeerLogin) (*nbpeer.Peer, *types.NetworkMap, []*posture.Checks, error) { accountID, err := am.Store.GetAccountIDByPeerPubKey(ctx, login.WireGuardPubKey) if err != nil { return am.handlePeerLoginNotFound(ctx, login, err) @@ -958,7 +964,7 @@ func processPeerPostureChecks(ctx context.Context, transaction store.Store, poli // The NetBird client doesn't have a way to check if the peer needs login besides sending a login request // with no JWT token and usually no setup-key. As the client can send up to two login request to check if it is expired // and before starting the engine, we do the checks without an account lock to avoid piling up requests. -func (am *DefaultAccountManager) checkIFPeerNeedsLoginWithoutLock(ctx context.Context, accountID string, login account.PeerLogin) error { +func (am *DefaultAccountManager) checkIFPeerNeedsLoginWithoutLock(ctx context.Context, accountID string, login types.PeerLogin) error { peer, err := am.Store.GetPeerByPeerPubKey(ctx, store.LockingStrengthShare, login.WireGuardPubKey) if err != nil { return err @@ -1505,3 +1511,17 @@ func ConvertSliceToMap(existingLabels []string) map[string]struct{} { } return labelMap } + +// validatePeerDelete checks if the peer can be deleted. +func (am *DefaultAccountManager) validatePeerDelete(ctx context.Context, accountId, peerId string) error { + linkedInIngressPorts, err := am.proxyController.IsPeerInIngressPorts(ctx, accountId, peerId) + if err != nil { + return err + } + + if linkedInIngressPorts { + return status.Errorf(status.PreconditionFailed, "peer is linked to ingress ports: %s", peerId) + } + + return nil +} diff --git a/management/server/settings/manager.go b/management/server/settings/manager.go index 0bf0f63b3..9cc5a0b32 100644 --- a/management/server/settings/manager.go +++ b/management/server/settings/manager.go @@ -26,7 +26,8 @@ type managerImpl struct { } type ManagerMock struct { - GetSettingsFunc func(ctx context.Context, accountID, userID string) (*types.Settings, error) + GetSettingsFunc func(ctx context.Context, accountID, userID string) (*types.Settings, error) + GetExtraSettingsFunc func(ctx context.Context, accountID string) (*types.ExtraSettings, error) } func NewManager(store store.Store, userManager users.Manager, extraSettingsManager extra_settings.Manager) Manager { @@ -117,6 +118,10 @@ func (m *ManagerMock) SetGetSettingsFunc(f func(ctx context.Context, accountID, } func (m *ManagerMock) GetExtraSettings(ctx context.Context, accountID string) (*types.ExtraSettings, error) { + if m.GetExtraSettingsFunc != nil { + return m.GetExtraSettingsFunc(ctx, accountID) + } + return &types.ExtraSettings{}, nil } diff --git a/management/server/telemetry/http_api_metrics.go b/management/server/telemetry/http_api_metrics.go index 5ef9e6d02..ae27466d9 100644 --- a/management/server/telemetry/http_api_metrics.go +++ b/management/server/telemetry/http_api_metrics.go @@ -13,7 +13,7 @@ import ( "go.opentelemetry.io/otel/attribute" "go.opentelemetry.io/otel/metric" - "github.com/netbirdio/netbird/formatter" + "github.com/netbirdio/netbird/formatter/hook" nbContext "github.com/netbirdio/netbird/management/server/context" ) @@ -167,7 +167,7 @@ func (m *HTTPMiddleware) Handler(h http.Handler) http.Handler { reqStart := time.Now() //nolint - ctx := context.WithValue(r.Context(), formatter.ExecutionContextKey, formatter.HTTPSource) + ctx := context.WithValue(r.Context(), hook.ExecutionContextKey, hook.HTTPSource) reqID := uuid.New().String() //nolint diff --git a/management/server/token_mgr.go b/management/server/token_mgr.go index 7217b543f..2bd59b6e1 100644 --- a/management/server/token_mgr.go +++ b/management/server/token_mgr.go @@ -9,13 +9,12 @@ import ( "sync" "time" - log "github.com/sirupsen/logrus" - - "github.com/netbirdio/management-integrations/integrations" - "github.com/netbirdio/netbird/management/proto" auth "github.com/netbirdio/netbird/relay/auth/hmac" authv2 "github.com/netbirdio/netbird/relay/auth/hmac/v2" + log "github.com/sirupsen/logrus" + + integrationsConfig "github.com/netbirdio/management-integrations/integrations/config" ) const defaultDuration = 12 * time.Hour @@ -218,7 +217,7 @@ func (m *TimeBasedAuthSecretsManager) pushNewTURNAndRelayTokens(ctx context.Cont } } - integrations.ExtendNetBirdConfig(update.NetbirdConfig, nil) + integrationsConfig.ExtendNetBirdConfig(update.NetbirdConfig, nil) log.WithContext(ctx).Debugf("sending new TURN credentials to peer %s", peerID) m.updateManager.SendUpdate(ctx, peerID, &UpdateMessage{Update: update}) @@ -242,7 +241,7 @@ func (m *TimeBasedAuthSecretsManager) pushNewRelayTokens(ctx context.Context, pe }, } - integrations.ExtendNetBirdConfig(update.NetbirdConfig, nil) + integrationsConfig.ExtendNetBirdConfig(update.NetbirdConfig, nil) log.WithContext(ctx).Debugf("sending new relay credentials to peer %s", peerID) m.updateManager.SendUpdate(ctx, peerID, &UpdateMessage{Update: update}) diff --git a/management/server/types/peer.go b/management/server/types/peer.go new file mode 100644 index 000000000..15d343793 --- /dev/null +++ b/management/server/types/peer.go @@ -0,0 +1,37 @@ +package types + +import ( + "net" + + nbpeer "github.com/netbirdio/netbird/management/server/peer" +) + +// PeerSync used as a data object between the gRPC API and Manager on Sync request. +type PeerSync struct { + // WireGuardPubKey is a peers WireGuard public key + WireGuardPubKey string + // Meta is the system information passed by peer, must be always present + Meta nbpeer.PeerSystemMeta + // UpdateAccountPeers indicate updating account peers, + // which occurs when the peer's metadata is updated + UpdateAccountPeers bool +} + +// PeerLogin used as a data object between the gRPC API and Manager on Login request. +type PeerLogin struct { + // WireGuardPubKey is a peers WireGuard public key + WireGuardPubKey string + // SSHKey is a peer's ssh key. Can be empty (e.g., old version do not provide it, or this feature is disabled) + SSHKey string + // Meta is the system information passed by peer, must be always present. + Meta nbpeer.PeerSystemMeta + // UserID indicates that JWT was used to log in, and it was valid. Can be empty when SetupKey is used or auth is not required. + UserID string + // SetupKey references to a server.SetupKey to log in. Can be empty when UserID is used or auth is not required. + SetupKey string + // ConnectionIP is the real IP of the peer + ConnectionIP net.IP + + // ExtraDNSLabels is a list of extra DNS labels that the peer wants to use + ExtraDNSLabels []string +}