relaypro-open
diff --git a/‎src/dog_common.erl‎
Lines changed: 35 additions & 3 deletions b/‎src/dog_common.erl‎
Lines changed: 35 additions & 3 deletions
diff --git a/‎src/dog_external_agent.erl‎
Lines changed: 2 additions & 1 deletion b/‎src/dog_external_agent.erl‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎src/dog_external_update_agent.erl‎
Lines changed: 222 additions & 0 deletions b/‎src/dog_external_update_agent.erl‎
Lines changed: 222 additions & 0 deletions
diff --git a/‎src/dog_group_watcher.erl‎
Lines changed: 3 additions & 2 deletions b/‎src/dog_group_watcher.erl‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎src/dog_host_interfaces_watcher.erl‎
Lines changed: 2 additions & 1 deletion b/‎src/dog_host_interfaces_watcher.erl‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎src/dog_ips.erl‎
Lines changed: 5 additions & 4 deletions b/‎src/dog_ips.erl‎
Lines changed: 5 additions & 4 deletions
@@ -3,12 +3,14 @@
 -include("dog_trainer.hrl").
 
 -export([
-    inverse_map_of_lists/1,
+    concat/2,
     create_hash/1,
     eel_test/0,
+    eq_join/4,
     format_value/1,
     format_var/1,
     format_vars/1,
+    inverse_map_of_lists/1,
     list_of_maps_to_map/2,
     lmm/2,
     merge_lists_in_tuples/1,
@@ -17,10 +19,10 @@
     re_filter/2,
     rekey_map_of_maps/3,
     rkmm/3,
+    to_binary/1,
     to_list/1,
-    tuple_pairs_to_map_of_lists/1,
     to_terraform_name/1,
-    eq_join/4
+    tuple_pairs_to_map_of_lists/1
 ]).
 
 -spec to_list(Item :: iolist() | atom() | tuple() | map() | binary() | integer() | float()) ->
@@ -40,6 +42,23 @@ to_list(Item) when is_integer(Item) ->
 to_list(Item) when is_float(Item) ->
     float_to_list(Item).
 
+-spec to_binary(Item :: iolist() | atom() | tuple() | map() | binary() | integer() | float()) ->
+    binary().
+to_binary(Item) when is_atom(Item) ->
+    erlang:atom_to_binary(Item, utf8);
+to_binary(Item) when is_list(Item) -> % Assumes Item is a valid iolist or string
+    erlang:iolist_to_binary(Item);
+to_binary(Item) when is_tuple(Item) -> % String representation like "{a,b}"
+    erlang:iolist_to_binary(io_lib:format("~p", [Item]));
+to_binary(Item) when is_map(Item) -> % String representation like "#{a=>b}"
+    erlang:iolist_to_binary(io_lib:format("~p", [Item]));
+to_binary(Item) when is_binary(Item) ->
+    Item;
+to_binary(Item) when is_integer(Item) ->
+    erlang:integer_to_binary(Item);
+to_binary(Item) when is_float(Item) ->
+    erlang:float_to_binary(Item).
+
 -spec re_filter(List :: [iolist()], Re :: string()) -> [iolist()].
 re_filter(List, Re) ->
     lists:filter(
@@ -269,3 +288,16 @@ eq_join(Table1Name, Table2Name, Key1, Key2) ->
         OneResult
     ),
     JoinedResult.
+
+%% EXTERNAL
+
+concat(Words, string) ->
+    internal_concat(Words);
+concat(Words, binary) ->
+    list_to_binary(internal_concat(Words)).
+
+%% INTERNAL
+
+internal_concat(Elements) ->
+    NonBinaryElements = [case Element of _ when is_binary(Element) -> binary_to_list(Element); _ -> Element end || Element <- Elements],
+    lists:concat(NonBinaryElements).
@@ -64,7 +64,8 @@ loop(_RoutingKey, _CType, Payload, State) ->
     ExistingExternalId = maps:get(<<"id">>, ExistingExternal),
     %TODO: create on link creation, set empty, inactive
     dog_external:replace(ExistingExternalId, ExternalEnv),
-    dog_ipset:update_ipsets(local_env),
+    ?LOG_INFO("dog_ipset_update_agent:queue_update()"),
+    dog_ipset_update_agent:queue_update(dog_common:concat([<<"external->">>,ExternalEnvName],binary)),
     {ack, State}.
 
 -spec set_link_state(NewState :: map()) -> ok | error.
 
@@ -0,0 +1,222 @@
+-module(dog_external_update_agent).
+-behaviour(gen_server).
+
+%% ------------------------------------------------------------------
+%% Record and Type Definitions
+%% ------------------------------------------------------------------
+
+-include("dog_trainer.hrl").
+-include_lib("kernel/include/logger.hrl").
+%% ------------------------------------------------------------------
+%% API Function Exports
+%% ------------------------------------------------------------------
+
+-export([
+    periodic_publish/0,
+    publish_to_external/1,
+    publish_to_outbound_exchange/2,
+    publish_to_outbound_exchanges/1,
+    queue_length/0,
+    queue_update/1,
+    start_link/0
+]).
+
+%% ------------------------------------------------------------------
+%% gen_server Function Exports
+%% ------------------------------------------------------------------
+
+-export([
+    init/1,
+    handle_call/3,
+    handle_cast/2,
+    handle_info/2,
+    terminate/2,
+    code_change/3
+]).
+
+%% ------------------------------------------------------------------
+%% test Function Exports
+%% ------------------------------------------------------------------
+%-export([do_periodic_publish/1]).
+
+%% ------------------------------------------------------------------
+%% API Function Definitions
+%% ------------------------------------------------------------------
+
+-spec start_link() ->
+    {ok, Pid :: pid()} | ignore | {error, {already_started, Pid :: pid()} | term()}.
+start_link() ->
+    gen_server:start_link({local, ?SERVER}, ?MODULE, [], []).
+
+-spec periodic_publish() -> OldServer :: ok.
+periodic_publish() ->
+    ?LOG_INFO("function"),
+    gen_server:call(?MODULE, periodic_publish).
+
+-spec queue_update(Ipsets :: list) -> ok.
+queue_update(Ipsets) ->
+    imetrics:add(external_queue_add),
+    gen_server:cast(?MODULE, {add_to_queue, [Ipsets]}).
+
+queue_length() ->
+    gen_server:call(?MODULE, queue_length).
+%% ------------------------------------------------------------------
+%% gen_server Function Definitions
+%% ------------------------------------------------------------------
+
+%%----------------------------------------------------------------------
+%% Func: init/1
+%% Returns: {ok, State} |
+%%          {ok, State, Timeout} |
+%%          ignore |
+%%          {stop, Reason}
+%%----------------------------------------------------------------------
+
+-spec init(_) -> {'ok', []}.
+init(_Args) ->
+    %CurrentIpset = dog_ipset:read_current_ipset(),
+    %{ok, CurrentIpsetHashes} = dog_ipset:get_hashes(),
+    %dog_ipset:create(CurrentIpsetHashes),
+    PeriodicPublishInterval = application:get_env(
+        dog_trainer, external_ipset_periodic_publish_interval_seconds, 5
+    ),
+    _PublishTimer = erlang:send_after(PeriodicPublishInterval * 1000, self(), periodic_publish),
+    State = ordsets:new(),
+    {ok, State}.
+
+%%----------------------------------------------------------------------
+%% Func: handle_call/3
+%% Returns: {reply, Reply, State} |
+%%          {reply, Reply, State, Timeout} |
+%%          {noreply, State} |
+%%          {noreply, State, Timeout} |
+%%          {stop, Reason, Reply, State} | (terminate/2 is called)
+%%          {stop, Reason, State} (terminate/2 is called)
+%%----------------------------------------------------------------------
+-spec handle_call(term(), {pid(), term()}, State :: ips_state()) -> {reply, ok, any()}.
+handle_call(queue_length, _from, State) ->
+    QueueLength = length(State),
+    {reply, QueueLength, State};
+handle_call(_Request, _From, State) ->
+    {reply, ok, State}.
+
+%%----------------------------------------------------------------------
+%% Func: handle_cast/2
+%% Returns: {noreply, State} |
+%%          {noreply, State, Timeout} |
+%%          {stop, Reason, State} (terminate/2 is called)
+%%----------------------------------------------------------------------
+-spec handle_cast(_, _) -> {'noreply', _}.
+handle_cast(stop, State) ->
+    {stop, normal, State};
+handle_cast({add_to_queue, Ipsets}, State) ->
+    NewState = Ipsets,
+    {noreply, NewState};
+handle_cast(Msg, State) ->
+    ?LOG_ERROR("unknown_message: Msg: ~p, State: ~p", [Msg, State]),
+    {noreply, State}.
+
+%%----------------------------------------------------------------------
+%% Func: handle_info/2
+%% Returns: {noreply, State} |
+%%          {noreply, State, Timeout} |
+%%          {stop, Reason, State} (terminate/2 is called)
+%%----------------------------------------------------------------------
+% TODO: be more specific about Info in spec
+-spec handle_info(_, _) -> {'noreply', _}.
+handle_info(periodic_publish, State) ->
+    {ok, NewState} = do_periodic_publish(State),
+    PeriodicPublishInterval = application:get_env(
+        dog_trainer, external_ipset_periodic_publish_interval_seconds, 5
+    ),
+    erlang:send_after(PeriodicPublishInterval * 1000, self(), periodic_publish),
+    {noreply, NewState};
+handle_info(Info, State) ->
+    ?LOG_ERROR("unknown_message: Info: ~p, State: ~p", [Info, State]),
+    {noreply, State}.
+
+%%----------------------------------------------------------------------
+%% Func: terminate/2
+%% Purpose: Shutdown the server
+%% Returns: any (ignored by gen_server)
+%%----------------------------------------------------------------------
+-spec terminate(_, ips_state()) -> {close}.
+terminate(Reason, State) ->
+    ?LOG_INFO("terminate: Reason: ~p, State: ~p", [Reason, State]),
+    {close}.
+
+-spec code_change(_, State :: ips_state(), _) -> {ok, State :: ips_state()}.
+code_change(_OldVsn, State, _Extra) ->
+    {ok, State}.
+
+%% ------------------------------------------------------------------
+%% Internal Function Definitions
+%% ------------------------------------------------------------------
+-spec do_periodic_publish(_) -> OldServers :: {ok, list()}.
+do_periodic_publish(State) ->
+    ?LOG_INFO("do_periodic_publish"),
+    case State of
+        [] ->
+            {ok, []};
+        _ ->
+            ?LOG_INFO("ipset queue: ~p", [State]),
+            ?LOG_INFO("length of ipset queue: ~p", [length(State)]),
+            LatestInternalIpsets = lists:last(State),
+            publish_to_external(LatestInternalIpsets),
+            dog_ipset:update_ipsets(),
+            {ok, []}
+    end.
+
+-spec publish_to_outbound_exchanges(IpsetExternalMap :: map()) -> any().
+publish_to_outbound_exchanges(IpsetExternalMap) ->
+    {ok, ExternalEnvs} = dog_link:get_all_active_outbound(),
+    IdsByGroup = dog_group:get_all_internal_ec2_security_group_ids(),
+    %dog_common:merge_maps_of_lists([IdsByGroupMap,AllActiveUnionEc2Sgs]).
+    lists:foreach(
+        fun(Env) ->
+            EnvName = maps:get(<<"name">>, Env),
+            ExternalMap = maps:put(<<"ec2">>, IdsByGroup, IpsetExternalMap),
+            %ExternalMap = maps:put(<<"ec2">>,jsx:encode(#{}),IpsetExternalMap),
+            ?LOG_DEBUG("ExternalMap: ~p~n", [ExternalMap]),
+            publish_to_outbound_exchange(EnvName, ExternalMap)
+        end,
+        ExternalEnvs
+    ).
+
+-spec publish_to_outbound_exchange(TargetEnvName :: binary(), IpsetExternalMap :: map()) -> any().
+publish_to_outbound_exchange(TargetEnvName, IpsetExternalMap) ->
+    ?LOG_INFO("IpsetExternalMap: ~p", [IpsetExternalMap]),
+    {ok, LocalEnvName} = application:get_env(dog_trainer, env),
+    UserData = #{
+        ipsets => jsx:encode(IpsetExternalMap),
+        name => LocalEnvName
+    },
+    Count = 1,
+    Pid = erlang:self(),
+    Message = term_to_binary([
+        {count, Count},
+        {local_time, calendar:local_time()},
+        {pid, Pid},
+        {user_data, UserData}
+    ]),
+    RoutingKey = binary:list_to_bin(LocalEnvName),
+    BrokerConfigName = list_to_atom(binary:bin_to_list(TargetEnvName)),
+    %thumper:start_link(BrokerConfigName),
+    ?LOG_INFO("~p, ~p, ~p, ~p", [BrokerConfigName, Message, <<"inbound">>, RoutingKey]),
+    %Response = thumper:publish_to(BrokerConfigName, Message, <<"inbound">>, RoutingKey),
+    PublisherName = erlang:binary_to_atom(<<TargetEnvName/binary, <<"_publisher">>/binary>>),
+    Response = turtle:publish(
+        PublisherName,
+        <<"inbound">>,
+        RoutingKey,
+        <<"text/json">>,
+        Message,
+        #{delivery_mode => persistent}
+    ),
+    imetrics:add(ipset_outbound_publish),
+    Response.
+
+-spec publish_to_external(InternalIpsetsMap :: map()) -> any().
+publish_to_external(InternalIpsetsMap) ->
+    ?LOG_INFO("publishing to external"),
+    publish_to_outbound_exchanges(InternalIpsetsMap).
@@ -135,12 +135,13 @@ handle_query_result(Result, State) ->
                     {ok, _} = dog_group:set_hash4_ipsets(GroupName, Hash4Ipsets),
                     {ok, _} = dog_group:set_hash6_ipsets(GroupName, Hash6Ipsets),
                     {ok, _} = dog_group:set_hash4_iptables(GroupName, Hash4Iptables),
-                    {ok, _} = dog_group:set_hash6_iptables(GroupName, Hash6Iptables)
+                    {ok, _} = dog_group:set_hash6_iptables(GroupName, Hash6Iptables),
+                    ?LOG_INFO("dog_ipset_update_agent:queue_update()"),
+                    dog_ipset_update_agent:queue_update(dog_common:concat([<<"group-">>,GroupName],binary))
                 end,
                 Result
             )
     end,
-    dog_ipset:force_update_ipsets(),
     {noreply, [Result | State]}.
 
 handle_query_done(State) ->
 
@@ -99,7 +99,8 @@ handle_query_result(Result, State) ->
             pass;
         _ ->
             imetrics:add_m(watcher, host_config_update),
-            dog_ipset_update_agent:queue_update()
+            ?LOG_INFO("dog_ipset_update_agent:queue_update()"),
+            dog_ipset_update_agent:queue_update(<<"dog_host_interface_watcher">>)
     end,
     {noreply, [Result | State]}.
 
 
@@ -72,6 +72,7 @@ loop(_RoutingKey, _CType, Payload, State) ->
         Hostkey = maps:get(<<"hostkey">>, Config),
         ?LOG_DEBUG(#{hostname => Hostname, hostkey => Hostkey}),
         dog_config:update_host_keepalive(Hostkey),
+        UpdateSource = dog_common:concat([<<"host_group->">>,GroupName],binary),
         case dog_host:get_by_hostkey(Hostkey) of
             {ok, HostExists} ->
                 %HostId = maps:get(<<"id">>, HostExists),
@@ -89,12 +90,12 @@ loop(_RoutingKey, _CType, Payload, State) ->
                     force ->
                         ?LOG_INFO("got force: ~p", [Hostkey]),
                         dog_host:update_by_hostkey(Hostkey, Config),
-                        dog_ipset_update_agent:queue_force(),
+                        dog_ipset_update_agent:queue_update(UpdateSource), %ignoring force
                         dog_iptables:update_group_iptables(GroupName, <<"group">>);
                     update ->
                         ?LOG_INFO("got update: ~p", [Hostkey]),
                         dog_host:update_by_hostkey(Hostkey, Config),
-                        dog_ipset_update_agent:queue_update(),
+                        dog_ipset_update_agent:queue_update(UpdateSource),
                         dog_iptables:update_group_iptables(GroupName, <<"group">>);
                     keepalive ->
                         ?LOG_INFO("got keepalive: ~p", [Hostkey]),
@@ -160,12 +161,12 @@ subscriber_callback(_DeliveryTag, _RoutingKey, Payload) ->
                     force ->
                         ?LOG_INFO("got force: ~p", [Hostkey]),
                         dog_host:update_by_hostkey(Hostkey, Config),
-                        dog_ipset_update_agent:queue_force(),
+                        dog_ipset_update_agent:queue_update(Hostkey), %ignoring force
                         dog_iptables:update_group_iptables(GroupName, <<"group">>);
                     update ->
                         ?LOG_INFO("got update: ~p", [Hostkey]),
                         dog_host:update_by_hostkey(Hostkey, Config),
-                        dog_ipset_update_agent:queue_update(),
+                        dog_ipset_update_agent:queue_update(Hostkey),
                         dog_iptables:update_group_iptables(GroupName, <<"group">>);
                     keepalive ->
                         ?LOG_INFO("got keepalive: ~p", [Hostkey]),