search

ffnord / mesh-announce

Discussion at #mesh-announce:irc.hackint.org and (separately) at
https://matrix.to/#/!MjLIHcALOcENXZWQlH:irc.hackint.org/$1547640760901FmKaD:matrix.eclabs.de
13 stars 45 forks source link

silent failure on systems without fastd #66

Closed herbetom closed 3 years ago

herbetom commented 3 years ago

Currently mesh-announce doesn't really like it if fastd isn't installed on a system. This should probably be quieter:

Warning - option -m was deprecated and will be removed in the future
Traceback (most recent call last):
  File "/opt/mesh-announce/providers/__init__.py", line 150, in call
    _set_value(ret, source.path, source.call(env))
  File "/opt/mesh-announce/providers/__init__.py", line 115, in call
    result = self.source.call(*args)
  File "/opt/mesh-announce/providers/nodeinfo/software/fastd/version.py", line 6, in call
    return call(['fastd','-v'])[0].split(' ')[1]
  File "/opt/mesh-announce/providers/util.py", line 4, in call
    output = subprocess.check_output(cmdline)
  File "/usr/lib/python3.7/subprocess.py", line 395, in check_output
    **kwargs).stdout
  File "/usr/lib/python3.7/subprocess.py", line 472, in run
    with Popen(*popenargs, **kwargs) as process:
  File "/usr/lib/python3.7/subprocess.py", line 775, in __init__
    restore_signals, start_new_session)
  File "/usr/lib/python3.7/subprocess.py", line 1522, in _execute_child
    raise child_exception_type(errno_num, err_msg, err_filename)
FileNotFoundError: [Errno 2] No such file or directory: 'fastd': 'fastd'
Warning - option -m was deprecated and will be removed in the future
AiyionPrime commented 3 years ago

I'd propose a config-parameter called vpn_proto or something. It'd be a string, with currently the valid value 'fastd' and None if unset defaults to 'fastd' for legacy purposes, and then wrap the code @herbetom marked above with something like if 'fastd' == vpn_proto: that way fastd would not be called if configured out.

Furthermore herbetom and I could evaluate, what we use instead of fastd and commit PRs for those protocols. Similar to how @genofire did in #27, respecting babel intends to replace batman while we replace the higher vpn protocols..

Any takers for the idea? @TobleMiner

herbetom commented 3 years ago

The Node i got that error message from is one of our DNS Resolvers:

https://map.ffrn.de/#!/de/map/6aff94005402 (Domain 0) https://map.ffrn.de/#!/de/map/6aff94015402 (Domain 1) https://map.ffrn.de/#!/de/map/6aff94025402 (Domain 2)

We use Wireguard+VXLAN in between our VMs to get them to mesh with each other. This method is used to connect our Gateways, Map Server, the DNS Resolvers and the Unifi Controller.

Our Nodes currently still use fastd to connect to the Gateways. But we're looking into alternatives.

So the Gateways currently have two VPN Methods. But I have currently no need to represent both wg+vxlan and fastd. I'm fine with just no errors in the Logs of the Servers :sweat_smile:

AiyionPrime commented 3 years ago

It's a similar setup on our side as well. We've got supernodes that run fastd for clients as well as to communicate with each other and our related-Servers, and we've got supernodes, that speak WG as well as fastd for clients, and fastd for backend stuff.

I'm not sure, if it's a feasable approach to make the proposed parameter a list. For the software path that'd work well, but I've got to look into the statistics tab first; whether the counted packets are just batman related, which would be quite easy for us; or if they get counted on fastd-level.

AiyionPrime commented 3 years ago

@TobleMiner I don't think there's a problem with having multiple vpn protocols at the same time, do you? I'd therefore revise this to become a list of protocols. A short feedback would be greatly appreciated in order to go on in the right direction.

At least for what we intend for now; drop in replacements for fastd without layer breaking changes like for babel.