Add WireGuardPersistentKeepAlive to mesh.Node

2020-02-11 21:08:04 -07:00 · 2020-02-11 21:08:04 -07:00 · 8a5dbbe368
commit 8a5dbbe368
parent a6afc3247d
3 changed files with 56 additions and 33 deletions
--- a/pkg/k8s/backend.go
+++ b/pkg/k8s/backend.go
@ -47,16 +47,17 @@ import (

 const (
 	// Backend is the name of this mesh backend.
-	Backend                      = "kubernetes"
-	externalIPAnnotationKey      = "kilo.squat.ai/external-ip"
-	forceExternalIPAnnotationKey = "kilo.squat.ai/force-external-ip"
-	forceInternalIPAnnotationKey = "kilo.squat.ai/force-internal-ip"
-	internalIPAnnotationKey      = "kilo.squat.ai/internal-ip"
-	keyAnnotationKey             = "kilo.squat.ai/key"
-	lastSeenAnnotationKey        = "kilo.squat.ai/last-seen"
-	leaderAnnotationKey          = "kilo.squat.ai/leader"
-	locationAnnotationKey        = "kilo.squat.ai/location"
-	wireGuardIPAnnotationKey     = "kilo.squat.ai/wireguard-ip"
+	Backend                         = "kubernetes"
+	externalIPAnnotationKey         = "kilo.squat.ai/external-ip"
+	forceExternalIPAnnotationKey    = "kilo.squat.ai/force-external-ip"
+	forceInternalIPAnnotationKey    = "kilo.squat.ai/force-internal-ip"
+	internalIPAnnotationKey         = "kilo.squat.ai/internal-ip"
+	keyAnnotationKey                = "kilo.squat.ai/key"
+	lastSeenAnnotationKey           = "kilo.squat.ai/last-seen"
+	leaderAnnotationKey             = "kilo.squat.ai/leader"
+	locationAnnotationKey           = "kilo.squat.ai/location"
+	wireGuardIPAnnotationKey        = "kilo.squat.ai/wireguard-ip"
+	wireGuardPersistentKeepAliveKey = "kilo.squat.ai/wireguard-persistent-keepalive"

 	regionLabelKey  = "topology.kubernetes.io/region"
 	jsonPatchSlash  = "~1"
@ -262,6 +263,15 @@ func translateNode(node *v1.Node) *mesh.Node {
 	if !ok {
 		internalIP = node.ObjectMeta.Annotations[internalIPAnnotationKey]
 	}
+	// Set Wireguard PersistentKeepAliveKey.
+	var wireGuardPersistentKeepAlive int64
+	if wgKeepAlive, ok := node.ObjectMeta.Annotations[wireGuardIPAnnotationKey]; !ok {
+		wireGuardPersistentKeepAlive = 0
+	} else {
+		if wireGuardPersistentKeepAlive, err = strconv.ParseInt(wgKeepAlive, 10, 64); err != nil {
+			wireGuardPersistentKeepAlive = 0
+		}
+	}
 	var lastSeen int64
 	if ls, ok := node.ObjectMeta.Annotations[lastSeenAnnotationKey]; !ok {
 		lastSeen = 0
@ -286,7 +296,8 @@ func translateNode(node *v1.Node) *mesh.Node {
 		// WireGuardIP can fail to parse if the node is not a leader or if
 		// the node's agent has not yet reconciled. In either case, the IP
 		// will parse as nil.
-		WireGuardIP: normalizeIP(node.ObjectMeta.Annotations[wireGuardIPAnnotationKey]),
+		WireGuardIP:                  normalizeIP(node.ObjectMeta.Annotations[wireGuardIPAnnotationKey]),
+		WireGuardPersistentKeepAlive: wireGuardPersistentKeepAlive,
 	}
 }

--- a/pkg/k8s/backend_test.go
+++ b/pkg/k8s/backend_test.go
@ -111,6 +111,15 @@ func TestTranslateNode(t *testing.T) {
 				ExternalIP: &net.IPNet{IP: net.ParseIP("10.0.0.2"), Mask: net.CIDRMask(24, 32)},
 			},
 		},
+		{
+			name: "wireguard persistent keepalive override",
+			annotations: map[string]string{
+				wireGuardPersistentKeepAliveKey: "25",
+			},
+			out: &mesh.Node{
+				WireGuardPersistentKeepAlive: 25,
+			},
+		},
 		{
 			name: "internal IP override",
 			annotations: map[string]string{
@ -131,28 +140,30 @@ func TestTranslateNode(t *testing.T) {
 		{
 			name: "complete",
 			annotations: map[string]string{
-				externalIPAnnotationKey:      "10.0.0.1/24",
-				forceExternalIPAnnotationKey: "10.0.0.2/24",
-				forceInternalIPAnnotationKey: "10.1.0.2/32",
-				internalIPAnnotationKey:      "10.1.0.1/32",
-				keyAnnotationKey:             "foo",
-				lastSeenAnnotationKey:        "1000000000",
-				leaderAnnotationKey:          "",
-				locationAnnotationKey:        "b",
-				wireGuardIPAnnotationKey:     "10.4.0.1/16",
+				externalIPAnnotationKey:         "10.0.0.1/24",
+				forceExternalIPAnnotationKey:    "10.0.0.2/24",
+				forceInternalIPAnnotationKey:    "10.1.0.2/32",
+				internalIPAnnotationKey:         "10.1.0.1/32",
+				keyAnnotationKey:                "foo",
+				lastSeenAnnotationKey:           "1000000000",
+				leaderAnnotationKey:             "",
+				locationAnnotationKey:           "b",
+				wireGuardIPAnnotationKey:        "10.4.0.1/16",
+				wireGuardPersistentKeepAliveKey: "25",
 			},
 			labels: map[string]string{
 				regionLabelKey: "a",
 			},
 			out: &mesh.Node{
-				ExternalIP:  &net.IPNet{IP: net.ParseIP("10.0.0.2"), Mask: net.CIDRMask(24, 32)},
-				InternalIP:  &net.IPNet{IP: net.ParseIP("10.1.0.2"), Mask: net.CIDRMask(32, 32)},
-				Key:         []byte("foo"),
-				LastSeen:    1000000000,
-				Leader:      true,
-				Location:    "b",
-				Subnet:      &net.IPNet{IP: net.ParseIP("10.2.1.0"), Mask: net.CIDRMask(24, 32)},
-				WireGuardIP: &net.IPNet{IP: net.ParseIP("10.4.0.1"), Mask: net.CIDRMask(16, 32)},
+				ExternalIP:                   &net.IPNet{IP: net.ParseIP("10.0.0.2"), Mask: net.CIDRMask(24, 32)},
+				InternalIP:                   &net.IPNet{IP: net.ParseIP("10.1.0.2"), Mask: net.CIDRMask(32, 32)},
+				Key:                          []byte("foo"),
+				LastSeen:                     1000000000,
+				Leader:                       true,
+				Location:                     "b",
+				Subnet:                       &net.IPNet{IP: net.ParseIP("10.2.1.0"), Mask: net.CIDRMask(24, 32)},
+				WireGuardIP:                  &net.IPNet{IP: net.ParseIP("10.4.0.1"), Mask: net.CIDRMask(16, 32)},
+				WireGuardPersistentKeepAlive: 25,
 			},
 			subnet: "10.2.1.0/24",
 		},
--- a/pkg/mesh/mesh.go
+++ b/pkg/mesh/mesh.go
@ -79,11 +79,12 @@ type Node struct {
 	LastSeen int64
 	// Leader is a suggestion to Kilo that
 	// the node wants to lead its segment.
-	Leader      bool
-	Location    string
-	Name        string
-	Subnet      *net.IPNet
-	WireGuardIP *net.IPNet
+	Leader                       bool
+	Location                     string
+	Name                         string
+	Subnet                       *net.IPNet
+	WireGuardIP                  *net.IPNet
+	WireGuardPersistentKeepAlive int64
 }

 // Ready indicates whether or not the node is ready.