Stabilize VPN farm WebSocket dataplane
This commit is contained in:
@@ -5101,13 +5101,10 @@ func enrichVPNClientFabricRoute(item VPNClientConnection, preferredEntryNodeID,
|
||||
|
||||
preferredEntryNodeID = strings.TrimSpace(preferredEntryNodeID)
|
||||
selectedEntry := selectPreferredNode(entryPool, preferredEntryNodeID)
|
||||
selectedExit := ""
|
||||
if item.ActiveLease != nil && item.ActiveLease.OwnerNodeID != "" {
|
||||
selectedExit := selectPreferredNode(exitPool, preferredExitNodeID)
|
||||
if selectedExit == "" && item.ActiveLease != nil && item.ActiveLease.OwnerNodeID != "" {
|
||||
selectedExit = item.ActiveLease.OwnerNodeID
|
||||
}
|
||||
if selectedExit == "" {
|
||||
selectedExit = selectPreferredNode(exitPool, preferredExitNodeID)
|
||||
}
|
||||
status := "waiting_for_entry_and_exit"
|
||||
switch {
|
||||
case selectedEntry != "" && selectedExit != "":
|
||||
|
||||
@@ -33,7 +33,7 @@ func TestMeshLatestObservationKeyDefaults(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestEnrichVPNClientFabricRoutePrefersPlacementEntryAndActiveExit(t *testing.T) {
|
||||
func TestEnrichVPNClientFabricRoutePrefersPlacementEntryAndPolicyExit(t *testing.T) {
|
||||
item := VPNClientConnection{
|
||||
AllowedNodeIDs: []string{"node-a", "node-b", "node-b"},
|
||||
EntryNodeIDs: []string{"entry-1", "entry-2"},
|
||||
@@ -55,7 +55,7 @@ func TestEnrichVPNClientFabricRoutePrefersPlacementEntryAndActiveExit(t *testing
|
||||
if route["preferred_data_plane"] != "fabric_service_channel" || route["fallback_data_plane"] != "none" || route["backend_relay_fallback"] != false {
|
||||
t.Fatalf("unexpected data-plane route contract: %#v", route)
|
||||
}
|
||||
if route["selected_entry_node_id"] != "entry-2" || route["selected_exit_node_id"] != "exit-active" {
|
||||
if route["selected_entry_node_id"] != "entry-2" || route["selected_exit_node_id"] != "exit-policy" {
|
||||
t.Fatalf("unexpected selected route endpoints: %#v", route)
|
||||
}
|
||||
if route["route_candidate_count"].(float64) != 8 {
|
||||
@@ -63,7 +63,7 @@ func TestEnrichVPNClientFabricRoutePrefersPlacementEntryAndActiveExit(t *testing
|
||||
}
|
||||
candidates := route["route_candidates"].([]any)
|
||||
firstCandidate := candidates[0].(map[string]any)
|
||||
if firstCandidate["role"] != "preferred" || firstCandidate["entry_node_id"] != "entry-2" || firstCandidate["exit_node_id"] != "exit-active" {
|
||||
if firstCandidate["role"] != "preferred" || firstCandidate["entry_node_id"] != "entry-2" || firstCandidate["exit_node_id"] != "exit-policy" {
|
||||
t.Fatalf("preferred route candidate = %#v", firstCandidate)
|
||||
}
|
||||
entryPool := route["entry_pool_node_ids"].([]any)
|
||||
@@ -114,6 +114,29 @@ func TestEnrichVPNClientFabricRoutePrefersExplicitExit(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestEnrichVPNClientFabricRouteUsesActiveLeaseWhenNoPolicyExit(t *testing.T) {
|
||||
item := VPNClientConnection{
|
||||
AllowedNodeIDs: []string{"node-a", "node-b"},
|
||||
EntryNodeIDs: []string{"entry-1"},
|
||||
ActiveLease: &NodeVPNAssignmentLease{
|
||||
OwnerNodeID: "node-b",
|
||||
},
|
||||
ClientConfig: json.RawMessage(`{"routes":["0.0.0.0/0"]}`),
|
||||
}
|
||||
|
||||
var cfg map[string]any
|
||||
if err := json.Unmarshal(enrichVPNClientFabricRoute(item, "entry-1", ""), &cfg); err != nil {
|
||||
t.Fatalf("unmarshal enriched config: %v", err)
|
||||
}
|
||||
route, ok := cfg["vpn_fabric_route"].(map[string]any)
|
||||
if !ok {
|
||||
t.Fatalf("missing vpn_fabric_route in %#v", cfg)
|
||||
}
|
||||
if route["selected_exit_node_id"] != "node-b" {
|
||||
t.Fatalf("unexpected selected exit: %#v", route["selected_exit_node_id"])
|
||||
}
|
||||
}
|
||||
|
||||
func TestEnrichVPNClientEntryEndpointCandidatesAddsReportedEntryAPI(t *testing.T) {
|
||||
item := VPNClientConnection{
|
||||
EntryNodeIDs: []string{"entry-1"},
|
||||
|
||||
Reference in New Issue
Block a user