From 61d89bd1182273fb479a2eb250ce0cc452345d9b Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Thu, 12 Mar 2015 14:27:14 -0700 Subject: [PATCH] docs --- netconf/README.md | 6 ++++++ netconf/SqliteNetworkConfigMaster.cpp | 5 +++++ netconf/netconf-schema.sql | 19 +++++++++++++++---- 3 files changed, 26 insertions(+), 4 deletions(-) diff --git a/netconf/README.md b/netconf/README.md index ec2cb104a..41ff27de8 100644 --- a/netconf/README.md +++ b/netconf/README.md @@ -19,6 +19,12 @@ To initialize a database run: Then type '.quit' to exit the SQLite3 command shell. +Since SQLite3 supports multiple concurrent processes attached to the same database, it's easy to have another process administrate network details while the ZeroTier One service serves them. The schema is simple. Folks with some sysadmin expertise should be able to figure out how to populate a database and get something running. We'll probably publish some code for this at some point in the future, but for now it's all tied up with our zerotier.com web backend. + +One important detail you'll need to know: + +Whenever a network (including associated tables) is changed in any way, its revision number must be incremented. For private networks this is part of the certificate. Certificates are permitted to differ by up to 16 revisions. Therefore, to explicitly and rapidly de-authorize someone you should do a *two-step increment*. This is done with a time delay. First de-authorize the user and increment the revision by one. Then wait 30-60 seconds and increment it by 15. This gives all running clients a chance to get updated certificates before the now-excluded node falls off the revision number horizon. All other changes need only increment once, since a few nodes briefly having a slightly out of date config won't cause any harm. + ### Reliability Network configuration masters can go offline without affecting already-configured members of running networks. You just won't be able to add new members, de-authorize members, or otherwise change any network configuration while the master is offline. diff --git a/netconf/SqliteNetworkConfigMaster.cpp b/netconf/SqliteNetworkConfigMaster.cpp index d4b552f94..8361a2766 100644 --- a/netconf/SqliteNetworkConfigMaster.cpp +++ b/netconf/SqliteNetworkConfigMaster.cpp @@ -42,6 +42,11 @@ #include "../node/CertificateOfMembership.hpp" #include "../node/NetworkConfig.hpp" +// Stored in database as schemaVersion key in Config. +// If not present, database is assumed to be empty and at the current schema version +// and this key/value is added automatically. +#define ZT_NETCONF_SQLITE_SCHEMA_VERSION 1 + namespace ZeroTier { SqliteNetworkConfigMaster::SqliteNetworkConfigMaster(const Identity &signingId,const char *dbPath) : diff --git a/netconf/netconf-schema.sql b/netconf/netconf-schema.sql index 601323ae8..4d985562f 100644 --- a/netconf/netconf-schema.sql +++ b/netconf/netconf-schema.sql @@ -10,11 +10,11 @@ CREATE TABLE IpAssignment ( ipNetmaskBits integer(4) NOT NULL DEFAULT(0) ); -CREATE INDEX IpAssignment_networkId ON IpAssignment (networkId); +CREATE UNIQUE INDEX IpAssignment_networkId_ip ON IpAssignment (networkId, ip); CREATE INDEX IpAssignment_networkId_nodeId ON IpAssignment (networkId, nodeId); -CREATE UNIQUE INDEX IpAssignment_networkId_ip ON IpAssignment (networkId, ip); +CREATE INDEX IpAssignment_networkId ON IpAssignment (networkId); CREATE TABLE IpAssignmentPool ( networkId char(16) NOT NULL, @@ -36,9 +36,20 @@ CREATE TABLE Member ( activeBridge integer(1) NOT NULL DEFAULT(0) ); +CREATE INDEX Member_networkId ON Member (networkId); + CREATE UNIQUE INDEX Member_networkId_nodeId ON Member (networkId, nodeId); -CREATE INDEX Member_networkId ON Member (networkId ASC); +CREATE TABLE MulticastRate ( + networkId char(16) NOT NULL, + mgMac char(12) NOT NULL, + mgAdi integer(8) NOT NULL DEFAULT(0), + preload integer(16) NOT NULL, + maxBalance integer(16) NOT NULL, + accrual integer(16) NOT NULL +); + +CREATE INDEX MulticastRate_networkId ON MulticastRate (networkId); CREATE TABLE Network ( id char(16) PRIMARY KEY NOT NULL, @@ -78,4 +89,4 @@ CREATE TABLE Rule ( "action" varchar(4096) NOT NULL DEFAULT('accept') ); -CREATE INDEX Rule_networkId ON Rule (networkId); \ No newline at end of file +CREATE INDEX Rule_networkId ON Rule (networkId);