Transition away from private ips to dns

Author: davissp14

fly.toml

@@ -1,37 +1,29 @@
-# fly.toml app configuration file generated for shaun-etcd-test on 2024-10-14T16:06:44-05:00
+# fly.toml app configuration file generated for shaun-etcd-test on 2025-02-18T16:18:05-06:00
 #
 # See https://fly.io/docs/reference/configuration/ for information about how to use this file.
 #
 
 app = 'shaun-etcd-test'
+primary_region = 'ord'
 kill_signal = 'SIGTERM'
 kill_timeout = '30s'
 
 [experimental]
   auto_rollback = true
 
-[[mounts]]
-  source = 'etcd_data'
-  destination = '/etcd_data'
+[build]
 
-[checks]
-  [checks.etcd]
-    grace_period = "30s"
-    interval = "15s"
-    method = "get"
-    path = "/flycheck/etcd"
-    port = 5500
-    timeout = "10s"
-    type = "http"
+[[mounts]]
+  source = 'data'
+  destination = '/data'
 
-  [checks.vm]
-    grace_period = "1s"
-    interval = "1m"
-    method = "get"
-    path = "/flycheck/vm"
-    port = 5500
-    timeout = "10s"
-    type = "http"
+[http_service]
+  internal_port = 2379
+  force_https = true
+  auto_stop_machines = 'stop'
+  auto_start_machines = true
+  min_machines_running = 3
+  processes = ['app']
 
 [[services]]
   protocol = 'tcp'
@@ -53,10 +45,31 @@ kill_timeout = '30s'
     hard_limit = 1000
     soft_limit = 300
 
-  [[services.tcp_checks]]
-    interval = '10s'
-    timeout = '2s'
+[checks]
+  [checks.etcd]
+    port = 5500
+    type = 'http'
+    interval = '15s'
+    timeout = '10s'
+    grace_period = '30s'
+    method = 'get'
+    path = '/flycheck/etcd'
+
+  [checks.vm]
+    port = 5500
+    type = 'http'
+    interval = '1m0s'
+    timeout = '10s'
+    grace_period = '1s'
+    method = 'get'
+    path = '/flycheck/vm'
+
+[[vm]]
+  memory = '1gb'
+  cpu_kind = 'shared'
+  cpus = 1
 
 [[metrics]]
   port = 2379
   path = '/metrics'
+  https = false

internal/flyetcd/client.go

@@ -48,7 +48,7 @@ func NewClient(endpoints []string) (*Client, error) {
 	return &Client{c}, nil
 }
 
-func (c *Client) MemberId(ctx context.Context, name string) (uint64, error) {
+func (c *Client) MemberID(ctx context.Context, name string) (uint64, error) {
 	resp, err := c.MemberList(ctx)
 	if err != nil {
 		return 0, err
@@ -67,7 +67,7 @@ func (c *Client) IsLeader(ctx context.Context, node *Node) (bool, error) {
 		return false, err
 	}
 
-	id, err := c.MemberId(ctx, node.Config.Name)
+	id, err := c.MemberID(ctx, node.Config.Name)
 	if err != nil {
 		return false, err
 	}
@@ -78,24 +78,3 @@ func (c *Client) IsLeader(ctx context.Context, node *Node) (bool, error) {
 
 	return false, nil
 }
-
-// func (c *EtcdClient) InitializeAuth(ctx context.Context) error {
-// 	if err := c.CreateUser(ctx, "root", envOrDefault("ETCD_PASSWORD", "password")); err != nil {
-// 		switch err {
-// 		case rpctypes.ErrUserAlreadyExist:
-// 		case rpctypes.ErrUserEmpty: // Auth has already been enabled.
-// 			return nil
-// 		default:
-// 			return err
-// 		}
-// 	}
-
-// 	if err := c.GrantRoleToUser(ctx, "root", "root"); err != nil {
-// 		return err
-// 	}
-
-// 	if err := c.EnableAuthentication(ctx); err != nil {
-// 		return err
-// 	}
-// 	return nil
-// }

internal/flyetcd/config.go

@@ -38,21 +38,29 @@ type Config struct {
 
 func NewConfig(endpoint *Endpoint) (*Config, error) {
 	cfg := &Config{
-		Name:                     endpoint.Name,
-		ListenPeerUrls:           endpoint.PeerURL,
-		AdvertiseClientUrls:      endpoint.ClientURL,
-		DataDir:                  dataDir,
-		ListenClientUrls:         "http://[::]:2379",
+		Name: endpoint.Name,
+		// Listen on all interfaces (IPv4/IPv6) at the default ports
+		// so etcd doesn’t complain about needing an IP.
+		ListenPeerUrls:   "http://[::]:2380",
+		ListenClientUrls: "http://[::]:2379",
+
+		// Advertise the DNS name (or ephemeral IP) so other members
+		// can connect to it.
 		InitialAdvertisePeerUrls: endpoint.PeerURL,
-		InitialCluster:           fmt.Sprintf("%s=%s", endpoint.Name, endpoint.PeerURL),
-		InitialClusterToken:      getMD5Hash(os.Getenv("FLY_APP_NAME")),
-		InitialClusterState:      "new",
-		AutoCompactionMode:       "periodic",
-		AutoCompactionRetention:  "1",
-		AuthToken:                "",
-		MaxSnapshots:             10,
-		MaxWals:                  10,
-		SnapshotCount:            10000, // Default
+		AdvertiseClientUrls:      endpoint.ClientURL,
+
+		// Etcd data directory
+		DataDir: dataDir,
+
+		InitialCluster:          fmt.Sprintf("%s=%s", endpoint.Name, endpoint.PeerURL),
+		InitialClusterToken:     getMD5Hash(os.Getenv("FLY_APP_NAME")),
+		InitialClusterState:     "new",
+		AutoCompactionMode:      "periodic",
+		AutoCompactionRetention: "1",
+		AuthToken:               "",
+		MaxSnapshots:            10,
+		MaxWals:                 10,
+		SnapshotCount:           10000, // Default
 	}
 
 	if err := cfg.SetAuthToken(); err != nil {

internal/flyetcd/endpoint.go

@@ -17,29 +17,35 @@ type Endpoint struct {
 
 func NewEndpoint(addr string) *Endpoint {
 	return &Endpoint{
-		Name:      getMD5Hash(addr),
+		Name:      os.Getenv("FLY_MACHINE_ID"),
 		Addr:      addr,
-		ClientURL: fmt.Sprintf("http://[%s]:2379", addr),
-		PeerURL:   fmt.Sprintf("http://[%s]:2380", addr),
+		ClientURL: fmt.Sprintf("http://%s:2379", addr),
+		PeerURL:   fmt.Sprintf("http://%s:2380", addr),
 	}
 }
 
-func currentEndpoint() (*Endpoint, error) {
-	privateIP, err := privnet.PrivateIPv6()
-	if err != nil {
-		return nil, err
-	}
-	return NewEndpoint(privateIP.String()), nil
-}
-
+// AllEndpoints uses DNS to return all Machines associated with the app.
 func AllEndpoints(ctx context.Context) ([]*Endpoint, error) {
-	addrs, err := privnet.AllPeers(ctx, os.Getenv("FLY_APP_NAME"))
+	machines, err := privnet.AllMachines(ctx, os.Getenv("FLY_APP_NAME"))
 	if err != nil {
 		return nil, err
 	}
 	var endpoints []*Endpoint
-	for _, addr := range addrs {
-		endpoints = append(endpoints, NewEndpoint(addr.String()))
+	for _, m := range machines {
+
+		endpoints = append(endpoints, endpointFromMachine(m))
 	}
 	return endpoints, nil
 }
+
+func currentEndpoint() (*Endpoint, error) {
+	endpoint := fmt.Sprintf("%s.vm.%s.internal",
+		os.Getenv(("FLY_MACHINE_ID")),
+		os.Getenv("FLY_APP_NAME"))
+
+	return NewEndpoint(endpoint), nil
+}
+
+func endpointFromMachine(machine privnet.Machine) *Endpoint {
+	return NewEndpoint(fmt.Sprintf("%s.vm.%s.internal", machine.ID, os.Getenv("FLY_APP_NAME")))
+}

internal/privnet/sixpn.go

@@ -9,60 +9,103 @@ import (
 	"time"
 )
 
-func AllPeers(ctx context.Context, appName string) ([]net.IPAddr, error) {
-	return Get6PN(ctx, fmt.Sprintf("%s.internal", appName))
+// func AllPeers(ctx context.Context, appName string) ([]net.IPAddr, error) {
+// 	return Get6PN(ctx, fmt.Sprintf("%s.internal", appName))
+// }
+
+// func Get6PN(ctx context.Context, hostname string) ([]net.IPAddr, error) {
+// 	nameserver := os.Getenv("FLY_NAMESERVER")
+// 	if nameserver == "" {
+// 		nameserver = "fdaa::3"
+// 	}
+// 	nameserver = net.JoinHostPort(nameserver, "53")
+// 	r := &net.Resolver{
+// 		PreferGo: true,
+// 		Dial: func(ctx context.Context, network, address string) (net.Conn, error) {
+// 			d := net.Dialer{
+// 				Timeout: 1 * time.Second,
+// 			}
+// 			return d.DialContext(ctx, "udp6", nameserver)
+// 		},
+// 	}
+// 	ips, err := r.LookupIPAddr(ctx, hostname)
+
+// 	if err != nil {
+// 		return ips, err
+// 	}
+
+// 	// make sure we're including the local ip, just in case it's not in service discovery yet
+// 	local, err := r.LookupIPAddr(ctx, "fly-local-6pn")
+
+// 	if err != nil || len(local) < 1 {
+// 		return ips, err
+// 	}
+
+// 	localExists := false
+// 	for _, v := range ips {
+// 		if v.IP.String() == local[0].IP.String() {
+// 			localExists = true
+// 		}
+// 	}
+
+// 	if !localExists {
+// 		ips = append(ips, local[0])
+// 	}
+// 	return ips, err
+// }
+
+type Machine struct {
+	ID     string
+	Region string
+}
+
+func AllMachines(ctx context.Context, appName string) ([]Machine, error) {
+	r := getResolver()
+	txts, err := r.LookupTXT(ctx, fmt.Sprintf("vms.%s.internal", appName))
+	if err != nil {
+		return nil, err
+	}
+
+	machines := make([]Machine, 0)
+	for _, txt := range txts {
+		parts := strings.Split(txt, ",")
+		for _, part := range parts {
+			parts := strings.Split(part, " ")
+			if len(parts) != 2 {
+				return nil, fmt.Errorf("invalid machine DNS TXT format: %s", txt)
+			}
+			machines = append(machines, Machine{ID: parts[0], Region: parts[1]})
+		}
+	}
+	return machines, nil
 }
 
-func Get6PN(ctx context.Context, hostname string) ([]net.IPAddr, error) {
+func getResolver() *net.Resolver {
 	nameserver := os.Getenv("FLY_NAMESERVER")
 	if nameserver == "" {
 		nameserver = "fdaa::3"
 	}
 	nameserver = net.JoinHostPort(nameserver, "53")
-	r := &net.Resolver{
+	return &net.Resolver{
 		PreferGo: true,
-		Dial: func(ctx context.Context, network, address string) (net.Conn, error) {
+		Dial: func(ctx context.Context, network, _ string) (net.Conn, error) {
 			d := net.Dialer{
 				Timeout: 1 * time.Second,
 			}
 			return d.DialContext(ctx, "udp6", nameserver)
 		},
 	}
-	ips, err := r.LookupIPAddr(ctx, hostname)
-
-	if err != nil {
-		return ips, err
-	}
-
-	// make sure we're including the local ip, just in case it's not in service discovery yet
-	local, err := r.LookupIPAddr(ctx, "fly-local-6pn")
-
-	if err != nil || len(local) < 1 {
-		return ips, err
-	}
-
-	localExists := false
-	for _, v := range ips {
-		if v.IP.String() == local[0].IP.String() {
-			localExists = true
-		}
-	}
-
-	if !localExists {
-		ips = append(ips, local[0])
-	}
-	return ips, err
 }
 
-func PrivateIPv6() (net.IP, error) {
-	ips, err := net.LookupIP("fly-local-6pn")
-	if err != nil && !strings.HasSuffix(err.Error(), "no such host") && !strings.HasSuffix(err.Error(), "server misbehaving") {
-		return nil, err
-	}
+// func PrivateIPv6() (net.IP, error) {
+// 	ips, err := net.LookupIP("fly-local-6pn")
+// 	if err != nil && !strings.HasSuffix(err.Error(), "no such host") && !strings.HasSuffix(err.Error(), "server misbehaving") {
+// 		return nil, err
+// 	}
 
-	if len(ips) > 0 {
-		return ips[0], nil
-	}
+// 	if len(ips) > 0 {
+// 		return ips[0], nil
+// 	}
 
-	return net.ParseIP("127.0.0.1"), nil
-}
+// 	return net.ParseIP("127.0.0.1"), nil
+// }