aetherscale

[unmaintained] code for a cloud provider tutorial
Log | Files | Refs | README | LICENSE
commit 41911ad7240cf164b0bc3cbd5d333914c88126bb
parent 3940a34efe6b7baaf72112fe32db610747845e87
Author: Stefan Koch <programming@stefan-koch.name>
Date:   Thu,  7 Jan 2021 18:48:39 +0100

use different ports per VPN

Diffstat:

Maetherscale/computing.py | 6+++++-


Maetherscale/config.py | 1+


Maetherscale/vpn/tinc.py | 5++---


3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/aetherscale/computing.py b/aetherscale/computing.py
@@ -102,6 +102,7 @@ class ComputingHandler:
         self.service_manager = service_manager
 
         self.established_vpns: Dict[str, TincVirtualNetwork] = {}
+        self.available_vpn_ports = config.VPN_PORTS
 
     def list_vms(self, _: Dict[str, Any]) -> Iterator[List[Dict[str, Any]]]:
         vms = []
@@ -362,12 +363,15 @@ class ComputingHandler:
         vpn_network_prefix = self.radvd.generate_prefix()
 
         if vpn_name in self.established_vpns:
+            # TODO: Established VPNs should be restored after daemon re-start
             vpn = self.established_vpns[vpn_name]
         else:
             logging.info(f'Creating VPN {vpn_name} for VM {vm_id}')
 
+            vpn_port = self.available_vpn_ports.pop()
             vpn = TincVirtualNetwork(
-                vpn_name, config.VPN_CONFIG_FOLDER, self.service_manager)
+                vpn_name, config.VPN_CONFIG_FOLDER, vpn_port,
+                self.service_manager)
             vpn.create_config(config.HOSTNAME)
             vpn.gen_keypair()
 
diff --git a/aetherscale/config.py b/aetherscale/config.py
@@ -24,5 +24,6 @@ NETWORK_PHYSICAL_DEVICE = os.getenv('NETWORK_PHYSICAL_DEVICE', default='eth0')
 VPN_CONFIG_FOLDER = AETHERSCALE_CONFIG_DIR / 'tinc'
 VPN_NUM_PREPARED_INTERFACES = 2
 VPN_48_PREFIX = 'fde7:2361:234a'
+VPN_PORTS = set(range(50000, 51000))
 
 USER = pwd.getpwuid(os.getuid()).pw_name
diff --git a/aetherscale/vpn/tinc.py b/aetherscale/vpn/tinc.py
@@ -18,7 +18,7 @@ class VpnException(Exception):
 
 class TincVirtualNetwork(object):
     def __init__(
-            self, netname: str, config_folder: Path,
+            self, netname: str, config_folder: Path, port: int,
             service_manager: ServiceManager):
         if not self._validate_netname(netname):
             raise ValueError(
@@ -27,8 +27,7 @@ class TincVirtualNetwork(object):
         self.netname = netname
         self.config_base_folder = config_folder
         self.service_manager = service_manager
-        # TODO: To support multi VPN each VPN has to use another port
-        self.port = 20000
+        self.port = port
 
         self.pidfile = Path(tempfile.gettempdir()) / f'tincd-{self.netname}.run'