We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nebula
1.7.2
Linux
This is what I expect.
# terminal 1 ❯ socat unix-recv:/tmp/test.sock - READY=1 STATUS=helloBARRIER=1ERRNO=110EXIT_STATUS=1
# terminal 2 ❯ NOTIFY_SOCKET=/tmp/test.sock systemd-notify --ready --status="hello"
# terminal 1 ❯ socat unix-recv:/tmp/test.sock -
# terminal 2 ❯ NOTIFY_SOCKET=/tmp/test.sock nebula -config config.yaml ... connection will be established ...
Nebula notify does not work as nothing comes to test.sock socket. I would expect to get also log if notify could not be sent
nebula/cmd/nebula/notify_linux.go
Lines 16 to 21 in 50d6a1e
This will result example nebula.service to hang for timeout period in starting state and finally restart.
INFO[0000] Firewall rule added firewallRule="map[caName: caSha: direction:incoming endPort:0 groups:[] host:any ip: localIp: proto:1 startPort:0]" INFO[0000] Firewall started firewallHash=807243764ac783d089ea5ae93e0ed7fc0a1da4756ca7cb7ae553e128a2b3eb65 INFO[0000] Main HostMap created network=10.250.0.2/16 preferredRanges="[]" INFO[0000] punchy enabled INFO[0000] Loaded send_recv_error config sendRecvError=always INFO[0000] Nebula interface is active boringcrypto=false build=1.7.2 interface=nebula1 network=10.250.0.2/16 udpAddr="0.0.0.0:4242" INFO[0000] Handshake message sent handshake="map[stage:1 style:ix_psk0]" initiatorIndex=1312030387 localIndex=1312030387 remoteIndex=0 udpAddrs="[XXX.XXX.XXX.XXX:4242]" vpnIp=10.250.0.1 INFO[0000] Handshake message received certName=lighthouse1 durationNs=24264526 fingerprint=46ccff068e39f1b27a12d4b14c7ac2e88ff56b9d6ea54ab9050810a5fa829c4a handshake="map[stage:2 style:ix_psk0]" initiatorIndex=1312030387 issuer=a5fdee0187dabbe031ce279d569d574680d17314d862894c5dc9e60a1dadc393 remoteIndex=1312030387 responderIndex=3241798842 sentCachedPackets=1 udpAddr="XXX.XXX.XXX.XXX:4242" vpnIp=10.250.0.1
pki: ca: | -----BEGIN NEBULA CERTIFICATE----- xxxx -----END NEBULA CERTIFICATE----- cert: | -----BEGIN NEBULA CERTIFICATE----- xxxx -----END NEBULA CERTIFICATE----- key: | -----BEGIN NEBULA X25519 PRIVATE KEY----- xxxx -----END NEBULA X25519 PRIVATE KEY----- static_host_map: "10.250.0.1": ["XXX.XXX.XXX.XXX:4242"] lighthouse: am_lighthouse: false interval: 10 hosts: - "10.250.0.1" listen: host: 0.0.0.0 port: 4242 punchy: punch: true respond: true relay: am_relay: false use_relays: true tun: disabled: false dev: nebula1 drop_local_broadcast: false drop_multicast: false tx_queue: 500 mtu: 1300 routes: unsafe_routes: logging: level: info format: text firewall: outbound_action: reject inbound_action: reject conntrack: tcp_timeout: 12m udp_timeout: 3m default_timeout: 10m outbound: - port: any proto: any host: any inbound: - port: any proto: icmp host: any
The text was updated successfully, but these errors were encountered:
Ok My bad. this feature is not yet in 1.7.2 version https://github.com/slackhq/nebula/blob/v1.7.2/cmd/nebula/main.go#L66-L69 vs main https://github.com/slackhq/nebula/blob/master/cmd/nebula/main.go#L61-L64
Sorry, something went wrong.
Yep, this is coming in v1.7.3 (see #929.) You can run a nightly build if you like, or wait for the next release.
If the ready signal doesn't work in a nightly build or v1.7.3, feel free to open a new ticket, or tag me on this ticket and I'll reopen it.
No branches or pull requests
What version of
nebula
are you using?1.7.2
What operating system are you using?
Linux
Describe the Bug
Test with systemd-notify program
This is what I expect.
# terminal 1 ❯ socat unix-recv:/tmp/test.sock - READY=1 STATUS=helloBARRIER=1ERRNO=110EXIT_STATUS=1
Test With Nebula
# terminal 1 ❯ socat unix-recv:/tmp/test.sock -
# terminal 2 ❯ NOTIFY_SOCKET=/tmp/test.sock nebula -config config.yaml ... connection will be established ...
Issue
Nebula notify does not work as nothing comes to test.sock socket.
I would expect to get also log if notify could not be sent
nebula/cmd/nebula/notify_linux.go
Lines 16 to 21 in 50d6a1e
This will result example nebula.service to hang for timeout period in starting state and finally restart.
Logs from affected hosts
Config files from affected hosts
The text was updated successfully, but these errors were encountered: