Skip to content

Commit

Permalink
fix: fix some nat traversal bugs
Browse files Browse the repository at this point in the history
Signed-off-by: Liang Deng <[email protected]>
  • Loading branch information
YTGhost committed Nov 7, 2023
1 parent c4425d6 commit d65e5d0
Show file tree
Hide file tree
Showing 9 changed files with 415 additions and 193 deletions.
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ go 1.18

require (
github.com/EvilSuperstars/go-cidrman v0.0.0-20190607145828-28e79e32899a
github.com/ccding/go-stun/stun v0.0.0-20200514191101-4dc67bcdb029
github.com/ccding/go-stun v0.1.5-0.20230908213042-0f417a9a4966
github.com/coreos/go-iptables v0.6.0
github.com/gorilla/mux v1.8.0
github.com/lorenzosaino/go-sysctl v0.3.1
Expand Down
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -96,8 +96,8 @@ github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqO
github.com/blang/semver v3.5.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ=
github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
github.com/ccding/go-stun/stun v0.0.0-20200514191101-4dc67bcdb029 h1:POmUHfxXdeyM8Aomg4tKDcwATCFuW+cYLkj6pwsw9pc=
github.com/ccding/go-stun/stun v0.0.0-20200514191101-4dc67bcdb029/go.mod h1:Rpr5n9cGHYdM3S3IK8ROSUUUYjQOu+MSUCZDcJbYWi8=
github.com/ccding/go-stun v0.1.5-0.20230908213042-0f417a9a4966 h1:ugTbop8ITMmnyZRFFQZ0LDnEi+m28dDU7Jxf6cYoA5M=
github.com/ccding/go-stun v0.1.5-0.20230908213042-0f417a9a4966/go.mod h1:cCZjJ1J3WFSJV6Wj8Y9Di8JMTsEXh6uv2eNmLzKaUeM=
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
Expand Down
75 changes: 75 additions & 0 deletions pkg/engine/tunnel.go
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
package engine

import (
"context"
"fmt"

"k8s.io/client-go/util/retry"
"k8s.io/client-go/util/workqueue"
"k8s.io/klog/v2"
"sigs.k8s.io/controller-runtime/pkg/client"
Expand Down Expand Up @@ -97,7 +99,71 @@ func (t *TunnelEngine) clearDriver() error {
return nil
}

func (t *TunnelEngine) configGatewayListStunInfo() error {
var gws v1beta1.GatewayList
if err := t.client.List(context.Background(), &gws); err != nil {
return err
}
for i := range gws.Items {
// try to update info required by nat traversal
gw := &gws.Items[i]
if ep := getTunnelActiveEndpoints(gw); ep != nil {
if ep.NATType == "" || ep.NATType != utils.NATSymmetric && ep.PublicPort == 0 {
err := t.configGatewayStunInfo(gw)
if err != nil {
klog.ErrorS(err, "error config gateway nat type", "gateway", klog.KObj(gw))
}
}

}
}
return nil
}

func (t *TunnelEngine) configGatewayStunInfo(gateway *v1beta1.Gateway) error {
if getTunnelActiveEndpoints(gateway).NodeName != t.nodeName {
return nil
}

natType, err := utils.GetNATType()
if err != nil {
return err
}

publicPort, err := utils.GetPublicPort()
if err != nil {
return err
}

// retry to update nat type of localGateway
err = retry.RetryOnConflict(retry.DefaultBackoff, func() error {
// get localGateway from api server
var apiGw v1beta1.Gateway
err := t.client.Get(context.Background(), client.ObjectKey{
Name: gateway.Name,
}, &apiGw)
if err != nil {
return err
}
for k, v := range apiGw.Spec.Endpoints {
if v.NodeName == t.nodeName {
apiGw.Spec.Endpoints[k].NATType = natType
if natType != utils.NATSymmetric {
apiGw.Spec.Endpoints[k].PublicPort = publicPort
}
err = t.client.Update(context.Background(), &apiGw)
return err
}
}
return nil
})
return err
}

func (t *TunnelEngine) reconcile() error {
if err := t.configGatewayListStunInfo(); err != nil {
return err
}
if t.routeDriver == nil || t.vpnDriver == nil {
err := t.initDriver()
if err != nil {
Expand All @@ -124,3 +190,12 @@ func (t *TunnelEngine) handleEventErr(err error, event interface{}) {
klog.Info(utils.FormatRavenEngine("dropping event %q out of the queue: %v", event, err))
t.queue.Forget(event)
}

func getTunnelActiveEndpoints(gw *v1beta1.Gateway) *v1beta1.Endpoint {
for _, aep := range gw.Status.ActiveEndpoints {
if aep.Type == v1beta1.Tunnel {
return aep.DeepCopy()
}
}
return nil
}
Loading

0 comments on commit d65e5d0

Please sign in to comment.