fix(agent): move WireGuard ip del commands to a separate provisioner to be executed after all done

This resolves conflicts with systemd managed wg-quick legacy services
author: Trumeet <yuuta@yuuta.moe> 2021-04-03 16:33:19 -0700
committer: Trumeet <yuuta@yuuta.moe> 2021-04-03 16:33:19 -0700
commit: 53754701d5f6cf412151e213897945698819df4a (patch)
tree: 8d634af5c4bff6063b3ee28d919d29774e25ec8c
parent: f06016a4173b180a9f2ba6767c0309333d2e6b2b (diff)
download: dn42peering-53754701d5f6cf412151e213897945698819df4a.tar
dn42peering-53754701d5f6cf412151e213897945698819df4a.tar.gz
dn42peering-53754701d5f6cf412151e213897945698819df4a.tar.bz2
dn42peering-53754701d5f6cf412151e213897945698819df4a.zip
3 files changed, 61 insertions, 20 deletions
diff --git a/agent/src/main/java/moe/yuuta/dn42peering/agent/grpc/AgentServiceImpl.java b/agent/src/main/java/moe/yuuta/dn42peering/agent/grpc/AgentServiceImpl.java
index f477599..6ff5a52 100644
--- a/agent/src/main/java/moe/yuuta/dn42peering/agent/grpc/AgentServiceImpl.java
+++ b/agent/src/main/java/moe/yuuta/dn42peering/agent/grpc/AgentServiceImpl.java
@@ -9,6 +9,7 @@ import moe.yuuta.dn42peering.agent.proto.NodeConfig;
 import moe.yuuta.dn42peering.agent.proto.VertxAgentGrpc;
 import moe.yuuta.dn42peering.agent.provision.BGPProvisioner;
 import moe.yuuta.dn42peering.agent.provision.Change;
+import moe.yuuta.dn42peering.agent.provision.WireGuardCleanupProvisioner;
 import moe.yuuta.dn42peering.agent.provision.WireGuardProvisioner;
 
 import javax.annotation.Nonnull;
@@ -40,6 +41,7 @@ class AgentServiceImpl extends VertxAgentGrpc.AgentVertxImplBase {
         logger.info("Deployment started");
         final BGPProvisioner bgpProvisioner = new BGPProvisioner(vertx);
         final WireGuardProvisioner wireGuardProvisioner = new WireGuardProvisioner(vertx);
+        final WireGuardCleanupProvisioner wireGuardCleanupProvisioner = new WireGuardCleanupProvisioner(vertx);
 
         // TODO: Currently all provisioning operations are non-fault-tolering. This means that
         // TODO: if one operation fails, the following will fail. This may be changed in later.
@@ -49,6 +51,8 @@ class AgentServiceImpl extends VertxAgentGrpc.AgentVertxImplBase {
                 .compose(this::chainChanges)
                 .compose(_v -> wireGuardProvisioner.calculateChanges(config.getNode(), config.getWgsList())
                 .compose(this::chainChanges))
+                .compose(_v -> wireGuardCleanupProvisioner.calculateChanges(config.getNode(), config.getWgsList())
+                        .compose(this::chainChanges))
                 .onSuccess(res -> logger.info("Deployment finished. Detailed log can be traced above."))
                 .onFailure(err -> logger.error("Deployment failed. Detailed log can be traced above.", err))
                 .compose(compositeFuture -> Future.succeededFuture(null));
diff --git a/agent/src/main/java/moe/yuuta/dn42peering/agent/provision/WireGuardCleanupProvisioner.java b/agent/src/main/java/moe/yuuta/dn42peering/agent/provision/WireGuardCleanupProvisioner.java
new file mode 100644
index 0000000..6d4dd7f
--- /dev/null
+++ b/agent/src/main/java/moe/yuuta/dn42peering/agent/provision/WireGuardCleanupProvisioner.java
@@ -0,0 +1,57 @@
+package moe.yuuta.dn42peering.agent.provision;
+
+import io.vertx.core.Future;
+import io.vertx.core.Vertx;
+import moe.yuuta.dn42peering.agent.ip.Address;
+import moe.yuuta.dn42peering.agent.ip.IP;
+import moe.yuuta.dn42peering.agent.ip.IPOptions;
+import moe.yuuta.dn42peering.agent.proto.Node;
+import moe.yuuta.dn42peering.agent.proto.WireGuardConfig;
+
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+import java.util.ArrayList;
+import java.util.List;
+
+public class WireGuardCleanupProvisioner implements IProvisioner<WireGuardConfig> {
+    private final Vertx vertx;
+
+    public WireGuardCleanupProvisioner(@Nonnull Vertx vertx) {
+        this.vertx = vertx;
+    }
+
+    @Nullable
+    private WireGuardConfig searchDesiredConfig(@Nonnull List<WireGuardConfig> configs,
+                                                @Nonnull String device) {
+        // TODO: Optimize algorithm
+        for (final WireGuardConfig config : configs) {
+            if(config.getInterface().equals(device))
+                return config;
+        }
+        return null;
+    }
+
+    @Nonnull
+    @Override
+    public Future<List<Change>> calculateChanges(@Nonnull Node node, @Nonnull List<WireGuardConfig> allDesired) {
+        return IP.ip(vertx, new IPOptions(), IP.Addr.show(null))
+                .compose(IP.Addr::handler)
+                .compose(addrs -> {
+                    final List<String> ipCommands = new ArrayList<>();
+                    // Detect interfaces to delete
+                    for (final Address address : addrs) {
+                        if(!address.getLinkType().equals("none") ||
+                                !address.getIfname().matches("wg_.*")) {
+                            continue;
+                        }
+                        if(searchDesiredConfig(allDesired, address.getIfname()) == null)
+                            ipCommands.add(String.join(" ", IP.Link.del(address.getIfname())));
+                    }
+                    final List<Change> changes = new ArrayList<>();
+                    if(!ipCommands.isEmpty()) {
+                        changes.add(new IPChange(true, ipCommands));
+                    }
+                    return Future.succeededFuture(changes);
+                });
+    }
+}
diff --git a/agent/src/main/java/moe/yuuta/dn42peering/agent/provision/WireGuardProvisioner.java b/agent/src/main/java/moe/yuuta/dn42peering/agent/provision/WireGuardProvisioner.java
index bdf4d28..fee8917 100644
--- a/agent/src/main/java/moe/yuuta/dn42peering/agent/provision/WireGuardProvisioner.java
+++ b/agent/src/main/java/moe/yuuta/dn42peering/agent/provision/WireGuardProvisioner.java
@@ -70,17 +70,6 @@ public class WireGuardProvisioner implements IProvisioner<WireGuardConfig> {
     }
 
     @Nullable
-    private WireGuardConfig searchDesiredConfig(@Nonnull List<WireGuardConfig> configs,
-                                        @Nonnull String device) {
-        // TODO: Optimize algorithm
-        for (final WireGuardConfig config : configs) {
-            if(config.getInterface().equals(device))
-                return config;
-        }
-        return null;
-    }
-
-    @Nullable
     private Address searchActualAddress(@Nonnull List<Address> addresses,
                                         @Nonnull String device) {
         // TODO: Optimize algorithm
@@ -210,15 +199,6 @@ public class WireGuardProvisioner implements IProvisioner<WireGuardConfig> {
                             return Future.failedFuture(e);
                         }
                     }
-                    // Detect interfaces to delete
-                    for (final Address address : addrs) {
-                        if(!address.getLinkType().equals("none") ||
-                                !address.getIfname().matches("wg_.*")) {
-                            continue;
-                        }
-                        if(searchDesiredConfig(allDesired, address.getIfname()) == null)
-                            ipCommands.add(String.join(" ", IP.Link.del(address.getIfname())));
-                    }
                     final List<Change> changes = new ArrayList<>();
                     if(!ipCommands.isEmpty()) {
                         changes.add(new IPChange(true, ipCommands));
author	Trumeet <yuuta@yuuta.moe>	2021-04-03 16:33:19 -0700
committer	Trumeet <yuuta@yuuta.moe>	2021-04-03 16:33:19 -0700
commit	53754701d5f6cf412151e213897945698819df4a (patch)
tree	8d634af5c4bff6063b3ee28d919d29774e25ec8c
parent	f06016a4173b180a9f2ba6767c0309333d2e6b2b (diff)
download	dn42peering-53754701d5f6cf412151e213897945698819df4a.tar dn42peering-53754701d5f6cf412151e213897945698819df4a.tar.gz dn42peering-53754701d5f6cf412151e213897945698819df4a.tar.bz2 dn42peering-53754701d5f6cf412151e213897945698819df4a.zip