pkg/mesh: optionally assign external IP to node's private IP
This commit is contained in:
Sean Baildon
@@ -111,6 +111,7 @@ var (
|
|||||||
port uint
|
port uint
|
||||||
subnet string
|
subnet string
|
||||||
resyncPeriod time.Duration
|
resyncPeriod time.Duration
|
||||||
|
prioritisePrivateAddr bool
|
||||||
|
|
||||||
printVersion bool
|
printVersion bool
|
||||||
logLevel string
|
logLevel string
|
||||||
@@ -139,6 +140,7 @@ func init() {
|
|||||||
cmd.Flags().UintVar(&port, "port", mesh.DefaultKiloPort, "The port over which WireGuard peers should communicate.")
|
cmd.Flags().UintVar(&port, "port", mesh.DefaultKiloPort, "The port over which WireGuard peers should communicate.")
|
||||||
cmd.Flags().StringVar(&subnet, "subnet", mesh.DefaultKiloSubnet.String(), "CIDR from which to allocate addresses for WireGuard interfaces.")
|
cmd.Flags().StringVar(&subnet, "subnet", mesh.DefaultKiloSubnet.String(), "CIDR from which to allocate addresses for WireGuard interfaces.")
|
||||||
cmd.Flags().DurationVar(&resyncPeriod, "resync-period", 30*time.Second, "How often should the Kilo controllers reconcile?")
|
cmd.Flags().DurationVar(&resyncPeriod, "resync-period", 30*time.Second, "How often should the Kilo controllers reconcile?")
|
||||||
|
cmd.Flags().BoolVar(&prioritisePrivateAddr, "prioritise-private-addresses", false, "Prefer to assign a private IP address to the node's endpoint")
|
||||||
|
|
||||||
cmd.PersistentFlags().BoolVar(&printVersion, "version", false, "Print version and exit")
|
cmd.PersistentFlags().BoolVar(&printVersion, "version", false, "Print version and exit")
|
||||||
cmd.PersistentFlags().StringVar(&logLevel, "log-level", logLevelInfo, fmt.Sprintf("Log level to use. Possible values: %s", availableLogLevels))
|
cmd.PersistentFlags().StringVar(&logLevel, "log-level", logLevelInfo, fmt.Sprintf("Log level to use. Possible values: %s", availableLogLevels))
|
||||||
@@ -234,7 +236,7 @@ func runRoot(_ *cobra.Command, _ []string) error {
|
|||||||
return fmt.Errorf("backend %v unknown; possible values are: %s", backend, availableBackends)
|
return fmt.Errorf("backend %v unknown; possible values are: %s", backend, availableBackends)
|
||||||
}
|
}
|
||||||
|
|
||||||
m, err := mesh.New(b, enc, gr, hostname, uint32(port), s, local, cni, cniPath, iface, cleanUpIface, createIface, mtu, resyncPeriod, log.With(logger, "component", "kilo"))
|
m, err := mesh.New(b, enc, gr, hostname, uint32(port), s, local, cni, cniPath, iface, cleanUpIface, createIface, mtu, resyncPeriod, prioritisePrivateAddr, log.With(logger, "component", "kilo"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("failed to create Kilo mesh: %v", err)
|
return fmt.Errorf("failed to create Kilo mesh: %v", err)
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -86,7 +86,7 @@ type Mesh struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// New returns a new Mesh instance.
|
// New returns a new Mesh instance.
|
||||||
func New(backend Backend, enc encapsulation.Encapsulator, granularity Granularity, hostname string, port uint32, subnet *net.IPNet, local, cni bool, cniPath, iface string, cleanUpIface bool, createIface bool, mtu uint, resyncPeriod time.Duration, logger log.Logger) (*Mesh, error) {
|
func New(backend Backend, enc encapsulation.Encapsulator, granularity Granularity, hostname string, port uint32, subnet *net.IPNet, local, cni bool, cniPath, iface string, cleanUpIface bool, createIface bool, mtu uint, resyncPeriod time.Duration, prioritisePrivateAddr bool, logger log.Logger) (*Mesh, error) {
|
||||||
if err := os.MkdirAll(kiloPath, 0700); err != nil {
|
if err := os.MkdirAll(kiloPath, 0700); err != nil {
|
||||||
return nil, fmt.Errorf("failed to create directory to store configuration: %v", err)
|
return nil, fmt.Errorf("failed to create directory to store configuration: %v", err)
|
||||||
}
|
}
|
||||||
@@ -143,6 +143,12 @@ func New(backend Backend, enc encapsulation.Encapsulator, granularity Granularit
|
|||||||
enc = encapsulation.Noop(enc.Strategy())
|
enc = encapsulation.Noop(enc.Strategy())
|
||||||
level.Debug(logger).Log("msg", "running without a private IP address")
|
level.Debug(logger).Log("msg", "running without a private IP address")
|
||||||
}
|
}
|
||||||
|
var externalIP *net.IPNet
|
||||||
|
if prioritisePrivateAddr && privateIP != nil {
|
||||||
|
externalIP = privateIP
|
||||||
|
} else {
|
||||||
|
externalIP = publicIP
|
||||||
|
}
|
||||||
level.Debug(logger).Log("msg", fmt.Sprintf("using %s as the public IP address", publicIP.String()))
|
level.Debug(logger).Log("msg", fmt.Sprintf("using %s as the public IP address", publicIP.String()))
|
||||||
ipTables, err := iptables.New(iptables.WithLogger(log.With(logger, "component", "iptables")), iptables.WithResyncPeriod(resyncPeriod))
|
ipTables, err := iptables.New(iptables.WithLogger(log.With(logger, "component", "iptables")), iptables.WithResyncPeriod(resyncPeriod))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@@ -154,7 +160,7 @@ func New(backend Backend, enc encapsulation.Encapsulator, granularity Granularit
|
|||||||
cni: cni,
|
cni: cni,
|
||||||
cniPath: cniPath,
|
cniPath: cniPath,
|
||||||
enc: enc,
|
enc: enc,
|
||||||
externalIP: publicIP,
|
externalIP: externalIP,
|
||||||
granularity: granularity,
|
granularity: granularity,
|
||||||
hostname: hostname,
|
hostname: hostname,
|
||||||
internalIP: privateIP,
|
internalIP: privateIP,
|
||||||
|
|||||||
Reference in New Issue
Block a user