studio/cli
2
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 4 Wiki Activity

feat(net): derive cluster API target from netmap by hostname

Browse Source 
Adds an optional `cluster_api_host` field to VpnConfig. When set, the
daemon resolves it against the netmap's peer list once the first
netmap arrives and uses that peer's tailnet IP as the proxy backend,
overriding the static `cluster_api_addr`. Falls back to the static
addr if the hostname doesn't match any peer.

The resolver tries hostname first, then peer name (FQDN), then a
prefix match against name. Picks v4 over v6 from the peer's address
list.

- sunbeam-net/src/config.rs: new `cluster_api_host: Option<String>`
- sunbeam-net/src/daemon/lifecycle.rs: resolve_peer_ip helper +
  resolution at proxy bind time
- sunbeam-net/tests/integration.rs: pass cluster_api_host: None in
  the existing VpnConfig literals
- src/config.rs: new context field `vpn-cluster-host`
- src/vpn_cmds.rs: thread it from context → VpnConfig
This commit is contained in:
Sienna Meridian Satterwhite
2026-04-07 15:00:30 +01:00
parent 27a6f4377c
commit e934eb45dc
5 changed files with 76 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
sunbeam-net/tests/integration.rs
View File

@@ -34,6 +34,7 @@ async fn test_register_and_receive_netmap() {
proxy_bind: "127.0.0.1:0".parse().unwrap(),
cluster_api_addr: "127.0.0.1".parse().unwrap(),
cluster_api_port: 6443,
cluster_api_host: None,
control_socket: state_dir.path().join("test.sock"),
hostname: "sunbeam-net-test".into(),
server_public_key: None,
@@ -102,6 +103,7 @@ async fn test_proxy_listener_accepts() {
proxy_bind,
cluster_api_addr: "100.64.0.1".parse().unwrap(),
cluster_api_port: 6443,
cluster_api_host: None,
control_socket: state_dir.path().join("proxy.sock"),
hostname: "sunbeam-net-proxy-test".into(),
server_public_key: None,
@@ -165,6 +167,7 @@ async fn test_e2e_tcp_through_tunnel() {
proxy_bind,
cluster_api_addr: peer_a_ip,
cluster_api_port: 5678,
cluster_api_host: None,
control_socket: state_dir.path().join("e2e.sock"),
hostname: "sunbeam-net-e2e-test".into(),
server_public_key: None,
@@ -245,6 +248,7 @@ async fn test_daemon_lifecycle() {
proxy_bind: "127.0.0.1:0".parse().unwrap(),
cluster_api_addr: "127.0.0.1".parse().unwrap(),
cluster_api_port: 6443,
cluster_api_host: None,
control_socket: state_dir.path().join("daemon.sock"),
hostname: "sunbeam-net-daemon-test".into(),
server_public_key: None,