Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support wgkex loadbalancing/client steering mechanism #35

Closed
wants to merge 6 commits into from
Closed

Support wgkex loadbalancing/client steering mechanism #35

wants to merge 6 commits into from

Conversation

DasSkelett
Copy link
Member

@DasSkelett DasSkelett commented Jan 15, 2024
edited
Loading

See freifunkMUC/wgkex#87, this is the first draft to implement the client side in checkuplink.

This PR is a placeholder for now, I guess it shouldn't be merged to main in the end, which seems to be kept in sync with upstream.

Changes

  • Add functionality to get gateway peer details from the wgkex broker instead of reading from site.conf
  • Using this, the wgkex broker can loadbalance the clients between available gateways (Weighted loadbalancing (client steering), WG peer config push to clients wgkex#87)
  • This behaviour can be turned on by setting loadbalancing = '1' in site.conf
    In this case, the peers option is no longer needed to be set
  • The supposed value of the broker option has changed, it should now only be the base path (without http:// scheme prefix and without / suffix) instead of the full path with /api/v1/wg/key/exchange
  • Added dependency on lua-jsonc

Will reopen in upstream repo after review.

Closes freifunkMUC/site-ffm#142

@DasSkelett DasSkelett added the enhancement New feature or request label Jan 15, 2024
@DasSkelett DasSkelett changed the title [WIP] Support wgkex loadbalancing mechanism [WIP] Support wgkex loadbalancing/client steering mechanism Jan 16, 2024
grische
grische requested changes Jan 24, 2024
View reviewed changes
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Outdated Show resolved Hide resolved
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Outdated Show resolved Hide resolved
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Show resolved Hide resolved
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Outdated Show resolved Hide resolved
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Outdated Show resolved Hide resolved
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Outdated Show resolved Hide resolved
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Outdated Show resolved Hide resolved
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Outdated Show resolved Hide resolved
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Outdated Show resolved Hide resolved
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Outdated Show resolved Hide resolved
grische
grische requested changes Feb 2, 2024
View reviewed changes
Copy link

@grische grische left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@DasSkelett most comments of mine still hold even after the rebase. Especially the unreachable code should be fixed probably.

ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Show resolved Hide resolved
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Outdated Show resolved Hide resolved
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Outdated Show resolved Hide resolved
@DasSkelett
Copy link
Member Author

DasSkelett commented Feb 2, 2024
edited
Loading

Yes indeed, I only did the rebase so far, which was a necessary step before addressing anything else. I will let you know when I'm ready for another review, I am probably going to mark this PR as "ready for review"/not WIP then, please hold off with further reviews until then, it just makes this more convoluted otherwise.

@DasSkelett DasSkelett marked this pull request as ready for review February 6, 2024 23:01
@DasSkelett DasSkelett changed the title [WIP] Support wgkex loadbalancing/client steering mechanism Support wgkex loadbalancing/client steering mechanism Mar 10, 2024
@DasSkelett
Copy link
Member Author

@grische please do one more pass, if it looks good to you I'll reopen this PR upstream

T0biii
T0biii reviewed Mar 11, 2024
View reviewed changes
Copy link
Member

@T0biii T0biii left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe got one idea for a change

ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Outdated Show resolved Hide resolved
grische
grische requested changes Mar 14, 2024
View reviewed changes
Copy link

@grische grische left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The only real issue I can see is this [[ ${ip} == *":"* ]];, otherwise a few things we can also improve later.

ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Outdated Show resolved Hide resolved
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Show resolved Hide resolved
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Outdated Show resolved Hide resolved
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Show resolved Hide resolved
ffmuc-mesh-vpn-wireguard-vxlan/files/lib/gluon/gluon-mesh-wireguard-vxlan/checkuplink Outdated Show resolved Hide resolved
@grische
Copy link

grische commented Mar 15, 2024

The latest commit also fixes the NTP issues that were caused occasionally be some IPv6 regex mismatch. See freifunk-gluon#96 for details

@grische
Copy link

grische commented Mar 16, 2024

Fixed the merge conflicts

@grische @DasSkelett
ffmuc-mesh-vpn-wireguard: add wgkex loadbalancing
ca67656 
Add support for the server-side loadbalancing with wgkex v0.2.0+

Co-authored-by: DasSkelett <dasskelett@gmail.com>
@grische
Copy link

grische commented Mar 17, 2024
edited
Loading

I considerably rewrote the whole function so the integration actually works as intended:
https://github.com/freifunkMUC/community-packages/compare/4bf62bcbe723aa3c69e6cbccd38d0b8e213e4d7b..b82299dd660158a4240053d1a88bc94f15711e70

This needs a proper re-test.
Images can be found here: https://github.com/freifunkMUC/site-ffm/actions/runs/8318469845?pr=380

@grische
Copy link

grische commented Mar 26, 2024

Merged 9fc30b8

@grische grische closed this Mar 26, 2024
wusel42 pushed a commit to ffgtso/community-packages that referenced this pull request Jun 10, 2024
@maurerle
ffac-wg-registration: add wireguard packages (freifunkMUC#35)
89aa96a 
* ffac-wg-registration: add wireguard packages
- adds ffac-wg-registration - which communicates with a broker
- adds ffac-mesh-vpn-wireguard-openwrt19 - which provides upstream compatible wg functionality for older devices

* ffac-mesh-vpn-wireguard-openwrt19: fix public_key

* set coorect key generation
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@grische grische grische requested changes

@T0biii T0biii T0biii left review comments

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

wgkex client: Add feature to get gateway from wgkex
3 participants
@DasSkelett @grische @T0biii