Get ephemeral status fields out of the configs. They do not belong there and it just complicates things.

This commit is contained in:
Adam Ierymenko 2017-11-09 17:01:16 -05:00
parent 750e36993f
commit 0fb22df633
4 changed files with 83 additions and 72 deletions

View File

@ -475,7 +475,12 @@ void EmbeddedNetworkController::init(const Identity &signingId,Sender *sender)
_signingId = signingId; _signingId = signingId;
_sender = sender; _sender = sender;
_signingIdAddressString = signingId.address().toString(tmp); _signingIdAddressString = signingId.address().toString(tmp);
_db.reset(new ControllerDB(this,_signingId.address(),_path.c_str())); #ifdef ZT_CONTROLLER_USE_RETHINKDB
if ((_path.length() > 10)&&(_path.substr(0,10) == "rethinkdb:"))
_db.reset(new RethinkDB(this,_signingId.address(),_path.c_str()));
else // else use FileDB after endif
#endif
_db.reset(new FileDB(this,_signingId.address(),_path.c_str()));
_db->waitForReady(); _db->waitForReady();
} }
@ -529,7 +534,6 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpGET(
json member; json member;
if (!_db->get(nwid,network,address,member)) if (!_db->get(nwid,network,address,member))
return 404; return 404;
_addMemberNonPersistedFields(nwid,address,member,OSUtils::now());
responseBody = OSUtils::jsonDump(member); responseBody = OSUtils::jsonDump(member);
responseContentType = "application/json"; responseContentType = "application/json";
@ -559,10 +563,6 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpGET(
} else { } else {
// Get network // Get network
const int64_t now = OSUtils::now();
ControllerDB::NetworkSummaryInfo ns;
_db->summary(nwid,ns);
_addNetworkNonPersistedFields(nwid,network,now,ns);
responseBody = OSUtils::jsonDump(network); responseBody = OSUtils::jsonDump(network);
responseContentType = "application/json"; responseContentType = "application/json";
return 200; return 200;
@ -733,9 +733,8 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST(
member["address"] = addrs; // legacy member["address"] = addrs; // legacy
member["nwid"] = nwids; member["nwid"] = nwids;
_removeMemberNonPersistedFields(member); _cleanMember(member);
_db->save(&origMember,member); _db->save(&origMember,member);
_addMemberNonPersistedFields(nwid,address,member,now);
responseBody = OSUtils::jsonDump(member); responseBody = OSUtils::jsonDump(member);
responseContentType = "application/json"; responseContentType = "application/json";
@ -980,11 +979,8 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST(
network["id"] = nwids; network["id"] = nwids;
network["nwid"] = nwids; // legacy network["nwid"] = nwids; // legacy
_removeNetworkNonPersistedFields(network); _cleanNetwork(network);
_db->save(&origNetwork,network); _db->save(&origNetwork,network);
ControllerDB::NetworkSummaryInfo ns;
_db->summary(nwid,ns);
_addNetworkNonPersistedFields(nwid,network,now,ns);
responseBody = OSUtils::jsonDump(network); responseBody = OSUtils::jsonDump(network);
responseContentType = "application/json"; responseContentType = "application/json";
@ -1156,7 +1152,7 @@ void EmbeddedNetworkController::_request(
const Dictionary<ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY> &metaData) const Dictionary<ZT_NETWORKCONFIG_METADATA_DICT_CAPACITY> &metaData)
{ {
char nwids[24]; char nwids[24];
ControllerDB::NetworkSummaryInfo ns; DB::NetworkSummaryInfo ns;
json network,member,origMember; json network,member,origMember;
if (!_db) if (!_db)
@ -1282,15 +1278,11 @@ void EmbeddedNetworkController::_request(
if (fromAddr) if (fromAddr)
ms.physicalAddr = fromAddr; ms.physicalAddr = fromAddr;
char tmpip[64];
if (ms.physicalAddr)
member["physicalAddr"] = ms.physicalAddr.toString(tmpip);
} }
} }
} else { } else {
// If they are not authorized, STOP! // If they are not authorized, STOP!
_removeMemberNonPersistedFields(member); _cleanMember(member);
_db->save(&origMember,member); _db->save(&origMember,member);
_sender->ncSendError(nwid,requestPacketId,identity.address(),NetworkController::NC_ERROR_ACCESS_DENIED); _sender->ncSendError(nwid,requestPacketId,identity.address(),NetworkController::NC_ERROR_ACCESS_DENIED);
return; return;
@ -1653,7 +1645,7 @@ void EmbeddedNetworkController::_request(
return; return;
} }
_removeMemberNonPersistedFields(member); _cleanMember(member);
_db->save(&origMember,member); _db->save(&origMember,member);
_sender->ncSendConfig(nwid,requestPacketId,identity.address(),*(nc.get()),metaData.getUI(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_VERSION,0) < 6); _sender->ncSendConfig(nwid,requestPacketId,identity.address(),*(nc.get()),metaData.getUI(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_VERSION,0) < 6);
} }

View File

@ -43,20 +43,14 @@
#include "../ext/json/json.hpp" #include "../ext/json/json.hpp"
#include "DB.hpp"
#include "FileDB.hpp"
#ifdef ZT_CONTROLLER_USE_RETHINKDB #ifdef ZT_CONTROLLER_USE_RETHINKDB
#include "RethinkDB.hpp" #include "RethinkDB.hpp"
#else
#include "FileDB.hpp"
#endif #endif
namespace ZeroTier { namespace ZeroTier {
#ifdef ZT_CONTROLLER_USE_RETHINKDB
typedef RethinkDB ControllerDB;
#else
typedef FileDB ControllerDB;
#endif
class Node; class Node;
class EmbeddedNetworkController : public NetworkController class EmbeddedNetworkController : public NetworkController
@ -130,7 +124,6 @@ private:
if (!member.count("vMinor")) member["vMinor"] = -1; if (!member.count("vMinor")) member["vMinor"] = -1;
if (!member.count("vRev")) member["vRev"] = -1; if (!member.count("vRev")) member["vRev"] = -1;
if (!member.count("vProto")) member["vProto"] = -1; if (!member.count("vProto")) member["vProto"] = -1;
if (!member.count("physicalAddr")) member["physicalAddr"] = nlohmann::json();
if (!member.count("remoteTraceTarget")) member["remoteTraceTarget"] = nlohmann::json(); if (!member.count("remoteTraceTarget")) member["remoteTraceTarget"] = nlohmann::json();
member["objtype"] = "member"; member["objtype"] = "member";
} }
@ -160,42 +153,18 @@ private:
} }
network["objtype"] = "network"; network["objtype"] = "network";
} }
inline void _addNetworkNonPersistedFields(const uint64_t nwid,nlohmann::json &network,int64_t now,const ControllerDB::NetworkSummaryInfo &ns) inline void _cleanNetwork(nlohmann::json &network)
{
network["clock"] = now;
network["authorizedMemberCount"] = ns.authorizedMemberCount;
network["totalMemberCount"] = ns.totalMemberCount;
{
std::lock_guard<std::mutex> l(_memberStatus_l);
unsigned long ac = 0;
for(auto ms=_memberStatus.begin();ms!=_memberStatus.end();++ms) {
if ((ms->first.networkId == nwid)&&(ms->second.online(now)))
++ac;
}
network["activeMemberCount"] = ac;
}
}
inline void _removeNetworkNonPersistedFields(nlohmann::json &network)
{ {
network.erase("clock"); network.erase("clock");
network.erase("authorizedMemberCount"); network.erase("authorizedMemberCount");
network.erase("activeMemberCount"); network.erase("activeMemberCount");
network.erase("totalMemberCount"); network.erase("totalMemberCount");
// legacy fields
network.erase("lastModified"); network.erase("lastModified");
} }
inline void _addMemberNonPersistedFields(uint64_t nwid,uint64_t nodeId,nlohmann::json &member,int64_t now) inline void _cleanMember(nlohmann::json &member)
{
member["clock"] = now;
{
std::lock_guard<std::mutex> l(_memberStatus_l);
member["online"] = _memberStatus[_MemberStatusKey(nwid,nodeId)].online(now);
}
}
inline void _removeMemberNonPersistedFields(nlohmann::json &member)
{ {
member.erase("clock"); member.erase("clock");
// legacy fields member.erase("physicalAddr");
member.erase("recentLog"); member.erase("recentLog");
member.erase("lastModified"); member.erase("lastModified");
member.erase("lastRequestMetaData"); member.erase("lastRequestMetaData");
@ -244,7 +213,7 @@ private:
Identity _signingId; Identity _signingId;
std::string _signingIdAddressString; std::string _signingIdAddressString;
NetworkController::Sender *_sender; NetworkController::Sender *_sender;
std::unique_ptr<ControllerDB> _db; std::unique_ptr<DB> _db;
BlockingQueue< _RQEntry * > _queue; BlockingQueue< _RQEntry * > _queue;
std::vector<std::thread> _threads; std::vector<std::thread> _threads;
std::mutex _threads_l; std::mutex _threads_l;

View File

@ -79,7 +79,6 @@ Example:
| --------------------- | ------------- | ------------------------------------------------- | -------- | | --------------------- | ------------- | ------------------------------------------------- | -------- |
| id | string | 16-digit network ID | no | | id | string | 16-digit network ID | no |
| nwid | string | 16-digit network ID (old, but still around) | no | | nwid | string | 16-digit network ID (old, but still around) | no |
| clock | integer | Current clock, ms since epoch | no |
| name | string | A short name for this network | YES | | name | string | A short name for this network | YES |
| private | boolean | Is access control enabled? | YES | | private | boolean | Is access control enabled? | YES |
| enableBroadcast | boolean | Ethernet ff:ff:ff:ff:ff:ff allowed? | YES | | enableBroadcast | boolean | Ethernet ff:ff:ff:ff:ff:ff allowed? | YES |
@ -89,9 +88,6 @@ Example:
| multicastLimit | integer | Maximum recipients for a multicast packet | YES | | multicastLimit | integer | Maximum recipients for a multicast packet | YES |
| creationTime | integer | Time network was first created | no | | creationTime | integer | Time network was first created | no |
| revision | integer | Network config revision counter | no | | revision | integer | Network config revision counter | no |
| authorizedMemberCount | integer | Number of authorized members (for private nets) | no |
| activeMemberCount | integer | Number of members that appear to be online | no |
| totalMemberCount | integer | Total known members of this network | no |
| routes | array[object] | Managed IPv4 and IPv6 routes; see below | YES | | routes | array[object] | Managed IPv4 and IPv6 routes; see below | YES |
| ipAssignmentPools | array[object] | IP auto-assign ranges; see below | YES | | ipAssignmentPools | array[object] | IP auto-assign ranges; see below | YES |
| rules | array[object] | Traffic rules; see below | YES | | rules | array[object] | Traffic rules; see below | YES |
@ -191,7 +187,7 @@ The entry types and their additional fields are:
| `MATCH_TAGS_SAMENESS` | Match if both sides' tags differ by no more than value | `id`,`value` | | `MATCH_TAGS_SAMENESS` | Match if both sides' tags differ by no more than value | `id`,`value` |
| `MATCH_TAGS_BITWISE_AND` | Match if both sides' tags AND to value | `id`,`value` | | `MATCH_TAGS_BITWISE_AND` | Match if both sides' tags AND to value | `id`,`value` |
| `MATCH_TAGS_BITWISE_OR` | Match if both sides' tags OR to value | `id`,`value` | | `MATCH_TAGS_BITWISE_OR` | Match if both sides' tags OR to value | `id`,`value` |
| `MATCH_TAGS_BITWISE_XOR` | Match if both sides` tags XOR to value | `id`,`value` | | `MATCH_TAGS_BITWISE_XOR` | Match if both sides' tags XOR to value | `id`,`value` |
Important notes about rules engine behavior: Important notes about rules engine behavior:
@ -227,9 +223,7 @@ This returns an object containing all currently online members and the most rece
| id | string | Member's 10-digit ZeroTier address | no | | id | string | Member's 10-digit ZeroTier address | no |
| address | string | Member's 10-digit ZeroTier address | no | | address | string | Member's 10-digit ZeroTier address | no |
| nwid | string | 16-digit network ID | no | | nwid | string | 16-digit network ID | no |
| clock | integer | Current clock, ms since epoch | no |
| authorized | boolean | Is member authorized? (for private networks) | YES | | authorized | boolean | Is member authorized? (for private networks) | YES |
| authHistory | array[object] | History of auth changes, latest at end | no |
| activeBridge | boolean | Member is able to bridge to other Ethernet nets | YES | | activeBridge | boolean | Member is able to bridge to other Ethernet nets | YES |
| identity | string | Member's public ZeroTier identity (if known) | no | | identity | string | Member's public ZeroTier identity (if known) | no |
| ipAssignments | array[string] | Managed IP address assignments | YES | | ipAssignments | array[string] | Managed IP address assignments | YES |
@ -238,7 +232,6 @@ This returns an object containing all currently online members and the most rece
| vMinor | integer | Most recently known minor version | no | | vMinor | integer | Most recently known minor version | no |
| vRev | integer | Most recently known revision | no | | vRev | integer | Most recently known revision | no |
| vProto | integer | Most recently known protocl version | no | | vProto | integer | Most recently known protocl version | no |
| physicalAddr | string | Last known physical IP/port or null if none | no |
Note that managed IP assignments are only used if they fall within a managed route. Otherwise they are ignored. Note that managed IP assignments are only used if they fall within a managed route. Otherwise they are ignored.

View File

@ -21,6 +21,8 @@
#include "RethinkDB.hpp" #include "RethinkDB.hpp"
#include "EmbeddedNetworkController.hpp" #include "EmbeddedNetworkController.hpp"
#include "../version.h"
#include <chrono> #include <chrono>
#include <algorithm> #include <algorithm>
#include <stdexcept> #include <stdexcept>
@ -216,6 +218,8 @@ RethinkDB::RethinkDB(EmbeddedNetworkController *const nc,const Address &myAddres
} }
_onlineNotificationThread = std::thread([this]() { _onlineNotificationThread = std::thread([this]() {
int64_t lastUpdatedNetworkStatus = 0;
std::unordered_map< std::pair<uint64_t,uint64_t>,int64_t,_PairHasher > lastOnlineCumulative;
try { try {
std::unique_ptr<R::Connection> rdb; std::unique_ptr<R::Connection> rdb;
while (_run == 1) { while (_run == 1) {
@ -223,24 +227,77 @@ RethinkDB::RethinkDB(EmbeddedNetworkController *const nc,const Address &myAddres
if (!rdb) if (!rdb)
rdb = R::connect(this->_host,this->_port,this->_auth); rdb = R::connect(this->_host,this->_port,this->_auth);
if (rdb) { if (rdb) {
std::lock_guard<std::mutex> l(_lastOnline_l);
R::Array batch; R::Array batch;
R::Object tmpobj; R::Object tmpobj;
for(auto i=_lastOnline.begin();i!=_lastOnline.end();++i) {
std::unordered_map< std::pair<uint64_t,uint64_t>,std::pair<int64_t,InetAddress>,_PairHasher > lastOnline;
{
std::lock_guard<std::mutex> l(_lastOnline_l);
lastOnline.swap(_lastOnline);
}
for(auto i=lastOnline.begin();i!=lastOnline.end();++i) {
lastOnlineCumulative[i->first] = i->second.first;
char tmp[64],tmp2[64]; char tmp[64],tmp2[64];
OSUtils::ztsnprintf(tmp,sizeof(tmp),"%.16llx-%.10llx",i->first.first,i->first.second); OSUtils::ztsnprintf(tmp,sizeof(tmp),"%.16llx-%.10llx",i->first.first,i->first.second);
tmpobj["id"] = tmp; tmpobj["id"] = tmp;
tmpobj["ts"] = i->second.first; tmpobj["ts"] = i->second.first;
tmpobj["phy"] = i->second.second.toIpString(tmp2); tmpobj["phy"] = i->second.second.toIpString(tmp2);
batch.emplace_back(tmpobj); batch.emplace_back(tmpobj);
if (batch.size() >= 256) { if (batch.size() >= 1024) {
R::db(this->_db).table("MemberLastRequest",R::optargs("read_mode","outdated")).insert(batch,R::optargs("conflict","update")).run(*rdb); R::db(this->_db).table("MemberStatus",R::optargs("read_mode","outdated")).insert(batch,R::optargs("conflict","update")).run(*rdb);
batch.clear();
}
}
if (batch.size() > 0) {
R::db(this->_db).table("MemberStatus",R::optargs("read_mode","outdated")).insert(batch,R::optargs("conflict","update")).run(*rdb);
batch.clear();
}
tmpobj.clear();
const int64_t now = OSUtils::now();
if ((now - lastUpdatedNetworkStatus) > 10000) {
lastUpdatedNetworkStatus = now;
std::vector< std::pair< uint64_t,std::shared_ptr<_Network> > > networks;
{
std::lock_guard<std::mutex> l(_networks_l);
networks.reserve(_networks.size() + 1);
for(auto i=_networks.begin();i!=_networks.end();++i)
networks.push_back(*i);
}
for(auto i=networks.begin();i!=networks.end();++i) {
char tmp[64];
Utils::hex(i->first,tmp);
tmpobj["id"] = tmp;
{
std::lock_guard<std::mutex> l2(i->second->lock);
tmpobj["authorizedMemberCount"] = i->second->authorizedMembers.size();
tmpobj["totalMemberCount"] = i->second->members.size();
unsigned long activeMemberCount = 0;
for(auto m=i->second->members.begin();m!=i->second->members.end();++m) {
auto lo = lastOnlineCumulative.find(std::pair<uint64_t,uint64_t>(i->first,m->first));
if (lo != lastOnlineCumulative.end()) {
if ((now - lo->second) <= (ZT_NETWORK_AUTOCONF_DELAY * 2))
++activeMemberCount;
else lastOnlineCumulative.erase(lo);
}
}
tmpobj["activeMemberCount"] = activeMemberCount;
tmpobj["bridgeCount"] = i->second->activeBridgeMembers.size();
}
batch.emplace_back(tmpobj);
if (batch.size() >= 1024) {
R::db(this->_db).table("NetworkStatus",R::optargs("read_mode","outdated")).insert(batch,R::optargs("conflict","update")).run(*rdb);
batch.clear();
}
}
if (batch.size() > 0) {
R::db(this->_db).table("NetworkStatus",R::optargs("read_mode","outdated")).insert(batch,R::optargs("conflict","update")).run(*rdb);
batch.clear(); batch.clear();
} }
} }
if (batch.size() > 0)
R::db(this->_db).table("MemberLastRequest",R::optargs("read_mode","outdated")).insert(batch,R::optargs("conflict","update")).run(*rdb);
_lastOnline.clear();
} }
} catch (std::exception &e) { } catch (std::exception &e) {
fprintf(stderr,"ERROR: controller RethinkDB (node status update): %s" ZT_EOL_S,e.what()); fprintf(stderr,"ERROR: controller RethinkDB (node status update): %s" ZT_EOL_S,e.what());
@ -266,7 +323,7 @@ RethinkDB::RethinkDB(EmbeddedNetworkController *const nc,const Address &myAddres
if (!rdb) if (!rdb)
rdb = R::connect(this->_host,this->_port,this->_auth); rdb = R::connect(this->_host,this->_port,this->_auth);
if (rdb) { if (rdb) {
OSUtils::ztsnprintf(tmp,sizeof(tmp),"{\"id\":\"%s\",\"lastAlive\":%lld}",this->_myAddressStr.c_str(),(long long)OSUtils::now()); OSUtils::ztsnprintf(tmp,sizeof(tmp),"{\"id\":\"%s\",\"lastAlive\":%lld,\"version\":\"%d.%d.%d\"}",this->_myAddressStr.c_str(),(long long)OSUtils::now(),ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION);
//printf("HEARTBEAT: %s" ZT_EOL_S,tmp); //printf("HEARTBEAT: %s" ZT_EOL_S,tmp);
R::db(this->_db).table("Controller").update(R::Datum::from_json(tmp)).run(*rdb); R::db(this->_db).table("Controller").update(R::Datum::from_json(tmp)).run(*rdb);
} }