ipn,tailcfg: add VIPService struct and c2n to fetch them from client (#14046)
* ipn,tailcfg: add VIPService struct and c2n to fetch them from client Updates tailscale/corp#22743, tailscale/corp#22955 Signed-off-by: Naman Sood <mail@nsood.in> * more review fixes Signed-off-by: Naman Sood <mail@nsood.in> * don't mention PeerCapabilityServicesDestination since it's currently unused Signed-off-by: Naman Sood <mail@nsood.in> --------- Signed-off-by: Naman Sood <mail@nsood.in>
This commit is contained in:
Naman Sood
@ -150,7 +150,8 @@ type CapabilityVersion int
|
||||
// - 105: 2024-08-05: Fixed SSH behavior on systems that use busybox (issue #12849)
|
||||
// - 106: 2024-09-03: fix panic regression from cryptokey routing change (65fe0ba7b5)
|
||||
// - 107: 2024-10-30: add App Connector to conffile (PR #13942)
|
||||
const CurrentCapabilityVersion CapabilityVersion = 107
|
||||
// - 108: 2024-11-08: Client sends ServicesHash in Hostinfo, understands c2n GET /vip-services.
|
||||
const CurrentCapabilityVersion CapabilityVersion = 108
|
||||
|
||||
type StableID string
|
||||
|
||||
@ -820,6 +821,7 @@ type Hostinfo struct {
|
||||
Userspace opt.Bool `json:",omitempty"` // if the client is running in userspace (netstack) mode
|
||||
UserspaceRouter opt.Bool `json:",omitempty"` // if the client's subnet router is running in userspace (netstack) mode
|
||||
AppConnector opt.Bool `json:",omitempty"` // if the client is running the app-connector service
|
||||
ServicesHash string `json:",omitempty"` // opaque hash of the most recent list of tailnet services, change in hash indicates config should be fetched via c2n
|
||||
|
||||
// Location represents geographical location data about a
|
||||
// Tailscale host. Location is optional and only set if
|
||||
@ -830,6 +832,26 @@ type Hostinfo struct {
|
||||
// require changes to Hostinfo.Equal.
|
||||
}
|
||||
|
||||
// VIPService represents a service created on a tailnet from the
|
||||
// perspective of a node providing that service. These services
|
||||
// have an virtual IP (VIP) address pair distinct from the node's IPs.
|
||||
type VIPService struct {
|
||||
// Name is the name of the service, of the form `svc:dns-label`.
|
||||
// See CheckServiceName for a validation func.
|
||||
// Name uniquely identifies a service on a particular tailnet,
|
||||
// and so also corresponds uniquely to the pair of IP addresses
|
||||
// belonging to the VIP service.
|
||||
Name string
|
||||
|
||||
// Ports specify which ProtoPorts are made available by this node
|
||||
// on the service's IPs.
|
||||
Ports []ProtoPortRange
|
||||
|
||||
// Active specifies whether new requests for the service should be
|
||||
// sent to this node by control.
|
||||
Active bool
|
||||
}
|
||||
|
||||
// TailscaleSSHEnabled reports whether or not this node is acting as a
|
||||
// Tailscale SSH server.
|
||||
func (hi *Hostinfo) TailscaleSSHEnabled() bool {
|
||||
@ -1429,6 +1451,11 @@ const (
|
||||
// user groups as Kubernetes user groups. This capability is read by
|
||||
// peers that are Tailscale Kubernetes operator instances.
|
||||
PeerCapabilityKubernetes PeerCapability = "tailscale.com/cap/kubernetes"
|
||||
|
||||
// PeerCapabilityServicesDestination grants a peer the ability to serve as
|
||||
// a destination for a set of given VIP services, which is provided as the
|
||||
// value of this key in NodeCapMap.
|
||||
PeerCapabilityServicesDestination PeerCapability = "tailscale.com/cap/services-destination"
|
||||
)
|
||||
|
||||
// NodeCapMap is a map of capabilities to their optional values. It is valid for
|
||||
|
||||
Reference in New Issue
Block a user