Integrate mycelium in zos #2342
Conversation
Eslam-Nawara
force-pushed
the
integrate-mycelium-in-zos
branch
2 times, most recently
from
b260121 to
52be829
Compare
Eslam-Nawara
force-pushed
the
integrate-mycelium-in-zos
branch
from
52be829 to
70b73ee
Compare
|
don't forget to add an ADR please |
Eslam-Nawara
force-pushed
the
integrate-mycelium-in-zos
branch
from
37da9be to
f6fddb9
Compare
Eslam-Nawara
force-pushed
the
integrate-mycelium-in-zos
branch
from
f6fddb9 to
29253a8
Compare
Eslam-Nawara
requested review from
muhamadazmy,
delandtj,
mariobassem,
ashraffouda,
rawdaGastan and
xmonader
as code owners
cmds/modules/networkd/main.go
Outdated
| @@ -148,9 +161,34 @@ func action(cli *cli.Context) error { | |||
| if err := dmzYgg.SetYggIP(ip, gw.IP); err != nil { | |||
| return errors.Wrap(err, "failed to set yggdrasil ip for dmz") | |||
| } | |||
|
|
|||
| // set up mycelium in ndmz | |||
| dmzMy, err := mycelium.NewMyNamespace(dmz.Namespace()) | |||
There was a problem hiding this comment.
can be extracted into another function
|
|
||
| ## Decision | ||
|
|
||
| Integrate mycelium in zos and allow zos host to have mycelium IPs, serve flists over mycelium, and support mycelium on zdbs |
There was a problem hiding this comment.
is it serve or mount flists over mycelium?
pkg/network/types/constant.go
Outdated
| YggBridge = "br-ygg" | ||
| // MyBridge mycelium bridge | ||
| MyBridge = "br-my" |
pkg/network/networker.go
Outdated
| } | ||
|
|
||
| ip, err := myc.SubnetFor(hw) | ||
| log.Info().Msgf("myc subnet is %s", ip) |
pkg/network/networker.go
Outdated
| @@ -114,13 +117,14 @@ func NewNetworker(identity *stubs.IdentityManagerStub, ndmz ndmz.DMZ, ygg *yggdr | |||
| portSet: set.NewInt(), | |||
|
|
|||
| ygg: ygg, | |||
| myc: myc, | |||
pkg/network/mycelium/utils.go
Outdated
| "github.com/threefoldtech/zos/pkg/zinit" | ||
| ) | ||
|
|
||
| func EnsureMycelium(ctx context.Context, privateKey ed25519.PrivateKey, ns MyceliumNamespace) (*MyServer, error) { |
There was a problem hiding this comment.
move this into mycelium.go and remove utils file
pkg/flist/flist.go
Outdated
| // this should return always the flist mountpoint. which is used | ||
| // as a base for all RW mounts. | ||
| sublog := log.With().Str("url", url).Str("storage", storage).Logger() | ||
| sublog.Info().Msg("request to mount flist") | ||
|
|
||
| hash, flistPath, err := f.downloadFlist(url) | ||
| hash, flistPath, err := f.downloadFlist(url, namespace) |
There was a problem hiding this comment.
You probably need to use this same namespace at line 262 below
pkg/network/mycelium/mycelium.go
Outdated
|
|
||
| key := x25519.EdPrivateKeyToX25519([]byte(privateKey)) | ||
|
|
||
| return json.NewEncoder(f).Encode(key) |
There was a problem hiding this comment.
Why are u using json here. the priv key of mycelium is not json encoded. It's a binary file. i don't believe this file is loaded by mycelium and is either ignored is overridden.
If this ever worked, then i assume it's because mycelium just read key length bytes from the file and used that as seed for the key!
This is definitely an issue, because it means the key u generated here is not secure. because it's not the full "Random" key but only part of the key json encoded bytes.
Do you get what I mean ?
pkg/network/mycelium/config.go
Outdated
| TunName string | ||
| Peers []string | ||
| PrivateKey ed25519.PrivateKey | ||
| PublicKey string |
pkg/network/mycelium/config.go
Outdated
| KeyFile string | ||
| TunName string | ||
| Peers []string | ||
| PrivateKey ed25519.PrivateKey |
There was a problem hiding this comment.
Why do you keep the private key as ed25519 while we need x25519. I think it's better to convert the key before storing it on the NodeConfig from the start instead of changing it on start
pkg/network/mycelium/config.go
Outdated
| Peers []string | ||
| PrivateKey ed25519.PrivateKey | ||
| PublicKey string | ||
| NodeInfo map[string]interface{} |
There was a problem hiding this comment.
What is this and what is it used for?
We don't need to copy everything over from ygg. Ygg has a completely different configuration and even requires a config file with way more config than mycelium.
Please drop all attributes that are not needed.
| myBin = "mycelium" | ||
| zinitService = "mycelium" | ||
| confPath = "/tmp/mycelium_priv_key.bin" | ||
| MyListenTCP = 9651 |
There was a problem hiding this comment.
you will have to add this to the list of reserved ports of the system
There was a problem hiding this comment.
it's added to reserved ports here
pkg/network/mycelium/mycelium.go
Outdated
| func (s *MyServer) NodeID() (ed25519.PublicKey, error) { | ||
| if s.cfg.PublicKey == "" { | ||
| panic("EncryptionPublicKey empty") | ||
| } | ||
|
|
||
| return hex.DecodeString(s.cfg.PublicKey) | ||
| } |
pkg/network/mycelium/mycelium.go
Outdated
| return inspection, err | ||
| } | ||
|
|
||
| cmd := fmt.Sprintf(`exec ip netns exec %s %s inspect --json --key-file %s `, s.ns, bin, confPath) |
There was a problem hiding this comment.
Any idea why your command is a sh then u do exec and not the command directly!
I mean why not do
os.Command("ip", "netns", "exec", s.ns, bin, "inspect", "--json", "--key-file", confPath)
?!
pkg/network/mycelium/mycelium.go
Outdated
| Address net.IP `json:"address"` | ||
| } | ||
|
|
||
| type Subnet [8]byte |
pkg/network/mycelium/mycelium.go
Outdated
|
|
||
| // SubnetFor return an IP address out of the node allocated subnet by hasing b and using it | ||
| // to generate the last 64 bits of the IPV6 address | ||
| func (m *MyceliumInspection) SubnetFor(b []byte) (net.IPNet, error) { |
There was a problem hiding this comment.
I really think this should be called IPFor not SubnetFor even if it's called like that in ygg it's still wrong.
Eslam-Nawara
force-pushed
the
integrate-mycelium-in-zos
branch
from
1fde494 to
be8bc71
Compare
Eslam-Nawara
force-pushed
the
integrate-mycelium-in-zos
branch
4 times, most recently
from
775b12f to
f45a0e1
Compare
Eslam-Nawara
force-pushed
the
integrate-mycelium-in-zos
branch
from
f45a0e1 to
14ebe83
Compare
Description
Integrate mycelium in zos and allow flists to be served over mycelium
Changes
Add mycelium to networkd
Related Issues
Checklist