tags: ensure tag changes propagate #2961
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
a9241e1 to
e5e19f4
Compare
kradalby
commented
Dec 13, 2025
a38fb33 to
eae5976
Compare
Signed-off-by: Kristoffer Dalby <[email protected]>
eae5976 to
56a5062
Compare
kradalby
commented
Dec 15, 2025
This commit changes so that node changes to the policy is calculated if any of the nodes has changed in a way that might affect the policy. Previously we just checked if the number of nodes had changed, which meant that if a node was added and removed, we would be in a bad state. Signed-off-by: Kristoffer Dalby <[email protected]>
This commit adds tests to validate that there are issues with how we propagate tag changes in the system. This replicates juanfont#2389 Signed-off-by: Kristoffer Dalby <[email protected]>
56a5062 to
a7f6c5c
Compare
a7f6c5c to
9f32dc5
Compare
This commit replaces the ChangeSet with a simpler bool based change model that can be directly used in the map builder to build the appropriate map response based on the change that has occured. Previously, we fell back to sending full maps for a lot of changes as that was consider "the safe" thing to do to ensure no updates were missed. This was slightly problematic as a node that already has a list of peers will only do full replacement of the peers if the list is non-empty, meaning that it was not possible to remove all nodes (if for example policy changed). Now we will keep track of last seen nodes, so we can send remove ids, but also we are much smarter on how we send smaller, partial maps when needed. Fixes juanfont#2389 Signed-off-by: Kristoffer Dalby <[email protected]>
9f32dc5 to
c84d04a
Compare
Signed-off-by: Kristoffer Dalby <[email protected]>
Signed-off-by: Kristoffer Dalby <[email protected]>
Signed-off-by: Kristoffer Dalby <[email protected]>
Signed-off-by: Kristoffer Dalby <[email protected]>
nblock
approved these changes
Dec 16, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This commit rebuilds the system for how we propagate
changes in headscale to make sure we send the appropriate
map response based on the changes that has occured instead
of sending a full map response when we do not know what to
do or to be lazy.
This closes gaps where we did not updates peers correctly
when a node was assigned or taken away from a node, or it
was changed in the Policy, and required the nodes to be
informed about changes to the network map.
Additional information in commits
Fixes #2389
claude was used in this PR.