ipn, ipn/ipnlocal: remove log streaming for StreamServe

This PR removes the per request logging to the CLI as the CLI
will not be displaying those logs initially.

Updates #8489

Signed-off-by: Marwan Sulaiman <marwan@tailscale.com>
pull/9279/head
Marwan Sulaiman 1 year ago committed by Marwan Sulaiman
parent 96c2cd2ada
commit 51d3220153

@ -95,7 +95,7 @@ tailscale.com/cmd/tailscaled dependencies: (generated by github.com/tailscale/de
L github.com/google/nftables/expr from github.com/google/nftables+ L github.com/google/nftables/expr from github.com/google/nftables+
L github.com/google/nftables/internal/parseexprfunc from github.com/google/nftables+ L github.com/google/nftables/internal/parseexprfunc from github.com/google/nftables+
L github.com/google/nftables/xt from github.com/google/nftables/expr+ L github.com/google/nftables/xt from github.com/google/nftables/expr+
github.com/google/uuid from tailscale.com/ipn/ipnlocal+ github.com/google/uuid from tailscale.com/clientupdate
github.com/hdevalence/ed25519consensus from tailscale.com/tka+ github.com/hdevalence/ed25519consensus from tailscale.com/tka+
L 💣 github.com/illarion/gonotify from tailscale.com/net/dns L 💣 github.com/illarion/gonotify from tailscale.com/net/dns
L github.com/insomniacslk/dhcp/dhcpv4 from tailscale.com/net/tstun L github.com/insomniacslk/dhcp/dhcpv4 from tailscale.com/net/tstun

@ -246,9 +246,6 @@ type LocalBackend struct {
serveListeners map[netip.AddrPort]*serveListener // addrPort => serveListener serveListeners map[netip.AddrPort]*serveListener // addrPort => serveListener
serveProxyHandlers sync.Map // string (HTTPHandler.Proxy) => *httputil.ReverseProxy serveProxyHandlers sync.Map // string (HTTPHandler.Proxy) => *httputil.ReverseProxy
// serveStreamers is a map for those running Funnel in the foreground
// and streaming incoming requests.
serveStreamers map[uint16]map[uint32]func(ipn.FunnelRequestLog) // serve port => map of stream loggers (key is UUID)
// statusLock must be held before calling statusChanged.Wait() or // statusLock must be held before calling statusChanged.Wait() or
// statusChanged.Broadcast(). // statusChanged.Broadcast().

@ -23,7 +23,6 @@ import (
"sync" "sync"
"time" "time"
"github.com/google/uuid"
"tailscale.com/ipn" "tailscale.com/ipn"
"tailscale.com/logtail/backoff" "tailscale.com/logtail/backoff"
"tailscale.com/net/netutil" "tailscale.com/net/netutil"
@ -282,6 +281,9 @@ func (b *LocalBackend) DeleteForegroundSession(sessionID string) error {
// the backend enables it for the duration of the context's lifespan and // the backend enables it for the duration of the context's lifespan and
// then turns it back off once the context is closed. If either are already enabled, // then turns it back off once the context is closed. If either are already enabled,
// then they remain that way but logs are still streamed // then they remain that way but logs are still streamed
//
// TODO(marwan-at-work): this whole endpoint will be
// deleted in a follow up PR in favor of WatchIPNBus
func (b *LocalBackend) StreamServe(ctx context.Context, w io.Writer, req ipn.ServeStreamRequest) (err error) { func (b *LocalBackend) StreamServe(ctx context.Context, w io.Writer, req ipn.ServeStreamRequest) (err error) {
f, ok := w.(http.Flusher) f, ok := w.(http.Flusher)
if !ok { if !ok {
@ -310,44 +312,13 @@ func (b *LocalBackend) StreamServe(ctx context.Context, w io.Writer, req ipn.Ser
err = errors.Join(err, b.SetServeConfig(sc)) err = errors.Join(err, b.SetServeConfig(sc))
}() }()
var writeErrs []error
writeToStream := func(log ipn.FunnelRequestLog) {
jsonLog, err := json.Marshal(log)
if err != nil {
writeErrs = append(writeErrs, err)
return
}
if _, err := fmt.Fprintf(w, "%s\n", jsonLog); err != nil {
writeErrs = append(writeErrs, err)
return
}
f.Flush()
}
// Hook up connections stream.
b.mu.Lock()
mak.NonNilMapForJSON(&b.serveStreamers)
if b.serveStreamers[port] == nil {
b.serveStreamers[port] = make(map[uint32]func(ipn.FunnelRequestLog))
}
id := uuid.New().ID()
b.serveStreamers[port][id] = writeToStream
b.mu.Unlock()
// Clean up streamer when done.
defer func() {
b.mu.Lock()
delete(b.serveStreamers[port], id)
b.mu.Unlock()
}()
select { select {
case <-ctx.Done(): case <-ctx.Done():
// Triggered by foreground `tailscale funnel` process // Triggered by foreground `tailscale funnel` process
// (the streamer) getting closed, or by turning off Tailscale. // (the streamer) getting closed, or by turning off Tailscale.
} }
return errors.Join(writeErrs...) return nil
} }
func setHandler(sc *ipn.ServeConfig, req ipn.ServeStreamRequest) { func setHandler(sc *ipn.ServeConfig, req ipn.ServeStreamRequest) {
@ -408,33 +379,6 @@ func deleteHandler(sc *ipn.ServeConfig, req ipn.ServeStreamRequest, port uint16)
} }
} }
func (b *LocalBackend) maybeLogServeConnection(destPort uint16, srcAddr netip.AddrPort) {
b.mu.Lock()
streamers := b.serveStreamers[destPort]
b.mu.Unlock()
if len(streamers) == 0 {
return
}
var log ipn.FunnelRequestLog
log.SrcAddr = srcAddr
log.Time = b.clock.Now()
if node, user, ok := b.WhoIs(srcAddr); ok {
log.NodeName = node.ComputedName()
if node.IsTagged() {
log.NodeTags = node.Tags().AsSlice()
} else {
log.UserLoginName = user.LoginName
log.UserDisplayName = user.DisplayName
}
}
for _, stream := range streamers {
stream(log)
}
}
func (b *LocalBackend) HandleIngressTCPConn(ingressPeer tailcfg.NodeView, target ipn.HostPort, srcAddr netip.AddrPort, getConnOrReset func() (net.Conn, bool), sendRST func()) { func (b *LocalBackend) HandleIngressTCPConn(ingressPeer tailcfg.NodeView, target ipn.HostPort, srcAddr netip.AddrPort, getConnOrReset func() (net.Conn, bool), sendRST func()) {
b.mu.Lock() b.mu.Lock()
sc := b.serveConfig sc := b.serveConfig
@ -537,7 +481,6 @@ func (b *LocalBackend) tcpHandlerForServe(dport uint16, srcAddr netip.AddrPort)
if backDst := tcph.TCPForward(); backDst != "" { if backDst := tcph.TCPForward(); backDst != "" {
return func(conn net.Conn) error { return func(conn net.Conn) error {
defer conn.Close() defer conn.Close()
b.maybeLogServeConnection(dport, srcAddr)
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
backConn, err := b.dialer.SystemDial(ctx, "tcp", backDst) backConn, err := b.dialer.SystemDial(ctx, "tcp", backDst)
cancel() cancel()
@ -706,9 +649,6 @@ func (b *LocalBackend) serveWebHandler(w http.ResponseWriter, r *http.Request) {
http.NotFound(w, r) http.NotFound(w, r)
return return
} }
if c, ok := getServeHTTPContext(r); ok {
b.maybeLogServeConnection(c.DestPort, c.SrcAddr)
}
if s := h.Text(); s != "" { if s := h.Text(); s != "" {
w.Header().Set("Content-Type", "text/plain; charset=utf-8") w.Header().Set("Content-Type", "text/plain; charset=utf-8")
io.WriteString(w, s) io.WriteString(w, s)

@ -12,7 +12,6 @@ import (
"slices" "slices"
"strconv" "strconv"
"strings" "strings"
"time"
"tailscale.com/tailcfg" "tailscale.com/tailcfg"
) )
@ -107,25 +106,6 @@ type ServeStreamRequest struct {
Funnel bool `json:",omitempty"` Funnel bool `json:",omitempty"`
} }
// FunnelRequestLog is the JSON type written out to io.Writers
// watching funnel connections via ipnlocal.StreamServe.
//
// This structure is in development and subject to change.
type FunnelRequestLog struct {
Time time.Time `json:",omitempty"` // time of request forwarding
// SrcAddr is the address that initiated the Funnel request.
SrcAddr netip.AddrPort `json:",omitempty"`
// The following fields are only populated if the connection
// initiated from another node on the client's tailnet.
NodeName string `json:",omitempty"` // src node MagicDNS name
NodeTags []string `json:",omitempty"` // src node tags
UserLoginName string `json:",omitempty"` // src node's owner login (if not tagged)
UserDisplayName string `json:",omitempty"` // src node's owner name (if not tagged)
}
// WebServerConfig describes a web server's configuration. // WebServerConfig describes a web server's configuration.
type WebServerConfig struct { type WebServerConfig struct {
Handlers map[string]*HTTPHandler // mountPoint => handler Handlers map[string]*HTTPHandler // mountPoint => handler

Loading…
Cancel
Save