From b4ef1b484a0955c046200fced6b6ed22b6610a85 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 25 Apr 2025 08:55:10 -0400 Subject: [PATCH] Amend syncfiles address selection. A node with private, unroutable addresses relative to the deployment server may cause the deployment server to select an unroutable address. Address this with two strategies. First, if any of the addresses appear local to the deployment server networks, prefer those and filter out unroutable. Secondly, if a node is purely remote, and thus all addresses routable, then make all the addresses a candidate. However, since the client can't possibly be using fe80::, we can replace the principal list with just the clientip, provided it appears in the principal list. --- confluent_server/confluent/selfservice.py | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/confluent_server/confluent/selfservice.py b/confluent_server/confluent/selfservice.py index bb619f78..14c8dd0e 100644 --- a/confluent_server/confluent/selfservice.py +++ b/confluent_server/confluent/selfservice.py @@ -52,7 +52,7 @@ def listdump(input): return retval -def get_extra_names(nodename, cfg, myip=None): +def get_extra_names(nodename, cfg, myip=None, preferadjacent=False): names = set(['127.0.0.1', '::1', 'localhost', 'localhost.localdomain']) dnsinfo = cfg.get_node_attributes(nodename, ('dns.*', 'net.*hostname')) dnsinfo = dnsinfo.get(nodename, {}) @@ -74,11 +74,19 @@ def get_extra_names(nodename, cfg, myip=None): ncfgs.append(fncfg.get('default', {})) for ent in fncfg.get('extranets', []): ncfgs.append(fncfg['extranets'][ent]) + addall = True + routedaddrs = set([]) for ncfg in ncfgs: for nip in (ncfg.get('ipv4_address', None), ncfg.get('ipv6_address', None)): if nip: nip = nip.split('/', 1)[0] - names.add(nip) + if not preferadjacent or netutil.address_is_local(nip): + names.add(nip) + addall = False + else: + routedaddrs.add(nip) + if addall: + names.update(routedaddrs) return names def handle_request(env, start_response): @@ -520,7 +528,9 @@ def handle_request(env, start_response): return elif env['PATH_INFO'].startswith('/self/remotesyncfiles'): if 'POST' == operation: - pals = get_extra_names(nodename, cfg, myip) + pals = get_extra_names(nodename, cfg, myip, preferadjacent=True) + if clientip in pals: + pals = [clientip] result = syncfiles.start_syncfiles( nodename, cfg, json.loads(reqbody), pals) start_response(result[0], ())