NET-1119 (#2886)

* exclude IngressGW in failover

* resetfailoverpeer when adding IngressGw if failover enabled

* exclude InetGW in failover

* get egress ranges of failedover peer

---------

Co-authored-by: abhishek9686 <[email protected]>

logic/gateway.go

@@ -164,6 +164,11 @@ func CreateIngressGateway(netid string, nodeid string, ingress models.IngressReq
 	node.IngressGatewayRange = network.AddressRange
 	node.IngressGatewayRange6 = network.AddressRange6
 	node.IngressDNS = ingress.ExtclientDNS
+	if servercfg.IsPro {
+		if _, exists := FailOverExists(node.Network); exists {
+			ResetFailedOverPeer(&node)
+		}
+	}
 	node.SetLastModified()
 	if node.Metadata == "" {
 		node.Metadata = "This host can be used for remote access"

logic/peers.go

@@ -25,6 +25,10 @@ var (
 	ResetFailedOverPeer = func(failedOverNode *models.Node) error {
 		return nil
 	}
+	// FailOverExists - check if failover node existed or not
+	FailOverExists = func(network string) (failOverNode models.Node, exists bool) {
+		return failOverNode, exists
+	}
 	// GetFailOverPeerIps - gets failover peerips
 	GetFailOverPeerIps = func(peer, node *models.Node) []net.IPNet {
 		return []net.IPNet{}

mq/handlers.go

@@ -198,7 +198,21 @@ func signalPeer(signal models.Signal) {
 	signal.IsPro = servercfg.IsPro
 	peerHost, err := logic.GetHost(signal.ToHostID)
 	if err != nil {
-		slog.Error("failed to signal, peer not found", "error", err)
+		slog.Error("failed to signal, peer host not found", "error", err)
+		return
+	}
+	peerNode, err := logic.GetNodeByID(signal.ToNodeID)
+	if err != nil {
+		slog.Error("failed to signal, node not found", "error", err)
+		return
+	}
+	node, err := logic.GetNodeByID(signal.FromNodeID)
+	if err != nil {
+		slog.Error("failed to signal, peer node not found", "error", err)
+		return
+	}
+	if peerNode.IsIngressGateway || node.IsIngressGateway || peerNode.IsInternetGateway || node.IsInternetGateway {
+		signal.Action = ""
 		return
 	}
 	err = HostUpdate(&models.HostUpdate{

pro/controllers/inet_gws.go

@@ -11,6 +11,7 @@ import (
 	"github.com/gravitl/netmaker/models"
 	"github.com/gravitl/netmaker/mq"
 	proLogic "github.com/gravitl/netmaker/pro/logic"
+	"github.com/gravitl/netmaker/servercfg"
 )
 
 // InetHandlers - handlers for internet gw
@@ -66,6 +67,14 @@ func createInternetGw(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	proLogic.SetInternetGw(&node, request)
+	if servercfg.IsPro {
+		if _, exists := proLogic.FailOverExists(node.Network); exists {
+			go func() {
+				proLogic.ResetFailedOverPeer(&node)
+				mq.PublishPeerUpdate(false)
+			}()
+		}
+	}
 	err = logic.UpsertNode(&node)
 	if err != nil {
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))

pro/initialize.go

@@ -84,6 +84,7 @@ func InitPro() {
 	})
 	logic.ResetFailOver = proLogic.ResetFailOver
 	logic.ResetFailedOverPeer = proLogic.ResetFailedOverPeer
+	logic.FailOverExists = proLogic.FailOverExists
 	logic.CreateFailOver = proLogic.CreateFailOver
 	logic.GetFailOverPeerIps = proLogic.GetFailOverPeerIps
 	logic.DenyClientNodeAccess = proLogic.DenyClientNode

pro/logic/failover.go

@@ -11,6 +11,9 @@ import (
 )
 
 func SetFailOverCtx(failOverNode, victimNode, peerNode models.Node) error {
+	if victimNode.IsIngressGateway || peerNode.IsIngressGateway || victimNode.IsInternetGateway || peerNode.IsInternetGateway {
+		return nil
+	}
 	if peerNode.FailOverPeers == nil {
 		peerNode.FailOverPeers = make(map[string]struct{})
 	}
@@ -119,6 +122,9 @@ func GetFailOverPeerIps(peer, node *models.Node) []net.IPNet {
 				}
 				allowedips = append(allowedips, allowed)
 			}
+			if failOverpeer.IsEgressGateway {
+				allowedips = append(allowedips, logic.GetEgressIPs(&failOverpeer)...)
+			}
 
 		}
 	}