all: add ts_omit_serve, start making tailscale serve/funnel be modular

tailscaled tailscale combined (linux/amd64) 29853147 17384418 31412596 omitting everything + 621570 + 219277 + 554256 .. add serve Updates #17128 Change-Id: I87c2c6c3d3fc2dc026c3de8ef7000a813b41d31c Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2025-10-28 05:00:08 +00:00 · 2025-09-13 20:20:08 -07:00
parent 5b5ae2b2ee
commit 4cca9f7c67
21 changed files with 651 additions and 491 deletions
--- a/wgengine/netstack/netstack.go
+++ b/wgengine/netstack/netstack.go
@@ -33,6 +33,7 @@ import (
 	"gvisor.dev/gvisor/pkg/tcpip/transport/udp"
 	"gvisor.dev/gvisor/pkg/waiter"
 	"tailscale.com/envknob"
+	"tailscale.com/feature/buildfeatures"
 	"tailscale.com/ipn/ipnlocal"
 	"tailscale.com/metrics"
 	"tailscale.com/net/dns"
@@ -643,13 +644,15 @@ func (ns *Impl) UpdateNetstackIPs(nm *netmap.NetworkMap) {
 	var selfNode tailcfg.NodeView
 	var serviceAddrSet set.Set[netip.Addr]
 	if nm != nil {
-		vipServiceIPMap := nm.GetVIPServiceIPMap()
-		serviceAddrSet = make(set.Set[netip.Addr], len(vipServiceIPMap)*2)
-		for _, addrs := range vipServiceIPMap {
-			serviceAddrSet.AddSlice(addrs)
-		}
 		ns.atomicIsLocalIPFunc.Store(ipset.NewContainsIPFunc(nm.GetAddresses()))
-		ns.atomicIsVIPServiceIPFunc.Store(serviceAddrSet.Contains)
+		if buildfeatures.HasServe {
+			vipServiceIPMap := nm.GetVIPServiceIPMap()
+			serviceAddrSet = make(set.Set[netip.Addr], len(vipServiceIPMap)*2)
+			for _, addrs := range vipServiceIPMap {
+				serviceAddrSet.AddSlice(addrs)
+			}
+			ns.atomicIsVIPServiceIPFunc.Store(serviceAddrSet.Contains)
+		}
 		selfNode = nm.SelfNode
 	} else {
 		ns.atomicIsLocalIPFunc.Store(ipset.FalseContainsIPFunc())
@@ -1032,6 +1035,9 @@ func (ns *Impl) isLocalIP(ip netip.Addr) bool {
 // isVIPServiceIP reports whether ip is an IP address that's
 // assigned to a VIP service.
 func (ns *Impl) isVIPServiceIP(ip netip.Addr) bool {
+	if !buildfeatures.HasServe {
+		return false
+	}
 	return ns.atomicIsVIPServiceIPFunc.Load()(ip)
 }

@@ -1074,7 +1080,7 @@ func (ns *Impl) shouldProcessInbound(p *packet.Parsed, t *tstun.Wrapper) bool {
 			return true
 		}
 	}
-	if isService {
+	if buildfeatures.HasServe && isService {
 		if p.IsEchoRequest() {
 			return true
 		}