Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

release v1.9.6 #933

Merged
merged 123 commits into from
Jan 2, 2024
Merged

release v1.9.6 #933

merged 123 commits into from
Jan 2, 2024

Conversation

ywc689
Copy link
Collaborator

@ywc689 ywc689 commented Jan 2, 2024

No description provided.

root and others added 30 commits January 29, 2023 15:25
add/update agent about socket message
4dd729f
@you-looks-not-tasty
Merge remote-tracking branch 'iqiyi/devel' into dpvs-agent
5eb6931
@you-looks-not-tasty
Merge branch 'devel' of https://github.com/iqiyi/dpvs into dpvs-agent
b206396
@you-looks-not-tasty
rename rt6_prefix as rt_addr
0f3c69f
@you-looks-not-tasty
replace dpvs_service_table_t by dpvs_agent_services_front_t
b855d7b
@you-looks-not-tasty
deregister agent_ifa_sockopts in inetaddr.init error return
73d5de0
@you-looks-not-tasty
deregister dest lcore unicast msg of init error and term
c2d0a2b
@you-looks-not-tasty
remove useless code
9103d89
@you-looks-not-tasty
dpvs-agent not put the count of realserver in sockopt DPVSAGENT_VS_GE…
3e0b545 
…T_DESTS, we had set outlen after hit the vs
@you-looks-not-tasty
consistency with dpvs agent memory layout
76815f9
@ywc689
add config macro CONFIG_DPVS_AGENT to enable/disable dpvs-agent on co…
27e066f 
…mpiling, and fix some bugs

Signed-off-by: ywc689 <[email protected]>
@ywc689
Merge pull request #868 from you-looks-not-tasty/dpvs-agent
25d9158 
add/update agent about socket message
@ywc689
netif: add supports for extended statistics of an ethernet device
c93a1a2 
Signed-off-by: ywc689 <[email protected]>
@ywc689
cfgfile: remove the stale config "ipc_msg/unix_domain"
2b4aca3 
The config file block "ipc_msg/unix_domain" was replaced with
command option "-p, --pid-file FILE" in commit 6ce4dd9.

Signed-off-by: ywc689 <[email protected]>
@ywc689
netif: set nic multicast ether address from master lcore only
bae7f1d 
It takes long for some nics to update multicast ether addresses. The per-cpu
process of per-cpu inetaddr causes mc ether address updating from both slave
lcores and master lcore, which is nonsense but a dramatic hurt for performacne.
So just do it once on master lcore.

Signed-off-by: ywc689 <[email protected]>
@ywc689
netif: fix crash problem by ether address list buffer overflow
fe0e2e2 
Signed-off-by: ywc689 <[email protected]>
@ywc689
netif: multicast ether address setting improvements
61bcd36 
It has been noted that rte_eth_dev_set_mc_addr_list is of some restrictions:
* The Api may be slow and take hundreds miliseconds.
* Support only a very limited multicast ether address number.

For instance of 25G Meallnox CX5, its PMD driver for rte_eth_dev_set_mc_addr_list
supports only 128 multicast ether addresses for each port, and it takes about 250ms
for rte_eth_dev_set_mc_addr_list to finish its work. Hence we make the following
improvements:

1. Enable allmulitcast when rte_eth_dev_set_mc_addr_list failed,
2. Do not call rte_eth_dev_set_mc_addr_list when allmulitcast enabled.

In next commmit, allmulticast can be configured at start of DPVS, which can solve
the rte_eth_dev_set_mc_addr_list slow problem totally.

Signed-off-by: ywc689 <[email protected]>
@ywc689
netif: add config file and dpip supports for allmulticast of netif de…
5e5a618 
…vices

Signed-off-by: ywc689 <[email protected]>
@ywc689
netif: fix divided by zero crash problem when bonding slaves sending …
7eb3c58 
…packets out

Signed-off-by: ywc689 <[email protected]>
@ywc689
netif: fix invalid port problem when getting nic extra info
4fc35b7 
Signed-off-by: ywc689 <[email protected]>
keepalived: don't delete and re-add vs/rs when update at reload
50a863d 
when update vs/rs configuration parameters at keepalived reload,
it's no need to delete and re-add vs/rs, which will result in
traffic interruption of the vs/rs.
@ywc689
Merge pull request #889 from ywc689/hw-mc-address-bugfix
1b21236 
hardware multicast address bugfix
@you-looks-not-tasty @ywc689
unregister msg MSG_TYPE_AGENT_GET_DESTS callback
fe47065
@you-looks-not-tasty @ywc689
return laddr device name to dpvs-agent
f194cec
@you-looks-not-tasty @ywc689
add dest edit
27e8ffd
@ywc689
ipvs: backend passive health check
a5ce222 
It works only for TCP by checking if syn-ack is replied from the backend, and
if not, inhibit scheduling the backend for a period. The inhibiting period is
gained/lost exponentially after successive checking failed/succeeded.

Signed-off-by: ywc689 <[email protected]>
@ywc689
ipvs: make backend passive health check configurable per-service
9b96110 
Signed-off-by: ywc689 <[email protected]>
@ywc689
ipvs: backnd passive health check for bidirectional udp flow
d41afd4 
udp dest-check works only when the udp is bidirectional, that is,
the udp conns that forwarding inbound only or outbound only are always
detcted dead. Thus "dest-check" should be never configured for the
single directional udp flow. Besides, the a smaller conn timeout may be
specified for the bidirectional flow service to detect dest fault quickly.

Signed-off-by: ywc689 <[email protected]>
@ywc689
ipvsadm: add option --conn-timeout for service config
7123111 
Signed-off-by: ywc689 <[email protected]>
@ywc689
ipvsadm: fix ambiguity of command opt'-Y'
48f6881 
fix #877

Signed-off-by: ywc689 <[email protected]>
ywc689 added 21 commits December 8, 2023 11:25
@ywc689
tools: add supports for proxy protocol
45ad38b 
Signed-off-by: ywc689 <[email protected]>
@ywc689
keepalived: fix a crash problem caused by the missing allowlist/denylist
2fd48ed 
Signed-off-by: ywc689 <[email protected]>
@ywc689
healtcheck: upd_check supports ppv2
4a95793 
Signed-off-by: ywc689 <[email protected]>
@ywc689
test: fix serveral trivial problems in proxy protocol test programs
70280c1 
Signed-off-by: ywc689 <[email protected]>
@ywc689
ipvs: fix problems found in debug of proxy protocol implementation
94261d7 
Signed-off-by: ywc689 <[email protected]>
@ywc689
ipvs: fix standalone tcp proxy protocol packet sent problem
60f7789
@ywc689
ipvs: forbid sending proxy protocol data in pure tcp ack packets
6186642 
Signed-off-by: ywc689 <[email protected]>
@ywc689
ipvs: fix serveral problems in sending standalone proxy protocol packets
57d7bc8 
Signed-off-by: ywc689 <[email protected]>
@ywc689
ipvs: fix dozens of problems found in proxy protocol cascading test
4aa1e68 
Signed-off-by: ywc689 <[email protected]>
@ywc689
test: add test checklist for proxy protocol
d3f0899 
Signed-off-by: ywc689 <[email protected]>
@ywc689
ipvs: fix issues in proxy protocol v2 parsing
bc95eed
@ywc689
test: update checklist for proxy protocol
679e076
@ywc689
tools: add more supports for proxy protocol
af55bca 
Signed-off-by: ywc689 <[email protected]>
@ywc689
tools: dpvs-agent supports proxy protocol config
2b6e457 
Signed-off-by: ywc689 <[email protected]>
@ywc689
doc: add doc client-address-conservation-in-fullnat.md
109a491 
Signed-off-by: ywc689 <[email protected]>
@ywc689
ipvs: protect proxy protocol from source address spoofing attack
486ed1e 
Two versions -- v1-insecure and v2-insecure -- ared added for the proxy cascading
case where the proxy protocol addresses should remain unchanged in the backend
proxy server. Meanwhile, the v1 and v2 versions are always using the addresses
from client's ip header of inbound packets.

Signed-off-by: ywc689 <[email protected]>
@ywc689
ipvs: toa enhancements
30f421d 
1. Do not insert toa data in syn packets any more.
2. Compact tcp option space or remove some options when inserting toa data failed
   and then try again.
3. Emit a warning log for audit when toa insertion failed finally.

Signed-off-by: ywc689 <[email protected]>
@ywc689
patch: update dcdn-toa.patch
58a0e75 
Signed-off-by: ywc689 <[email protected]>
@ywc689
Merge pull request #928 from ywc689/toa-enhancement
e42c170 
ipvs: toa enhancements
@ywc689
release v1.9.6
3336c3e 
Signed-off-by: ywc689 <[email protected]>
@ywc689
Merge pull request #930 from ywc689/release-v1.9.6
b7216d1 
release v1.9.6
@ywc689
Copy link
Collaborator Author

ywc689 commented Jan 2, 2024

Features

  • New tool: dpvs-agent, a management daemon tool for dpvs based on OpenAPI(doc).
  • New tool: healthcheck, a service health check daemon tool cooperating with dpvs-agent.
  • Dpvs: Develop passive health check methods for tcp and bidirectional udp backends(doc.)
  • Dpvs: Add supports for Proxy Protocol with both v1 and v2 versions(doc).
  • Dpvs: Add supports for extended statistics of ethernet devices.
  • Dpvs: Add configuration file and dpip supports for allmulticast setting switch.
  • Build: Transfer all build configurations to a top-level file config.mk.
  • Containerization: Draft a Dockerfile and a tutorial document(doc) to build and run dpvs in container.

Bugfixes

  • Dpvs: Protect toa from source address spoofing attack and increase success ratio for source address delivery via toa.
  • Dpvs: Adjust tcp window scale in outbound direction for synproxy to improve throughput in bulk upload cases.
  • Dpvs: Fix timer inaccuracy problem when timing over 524s.
  • Dpvs: Fix the crash problem caused by ether address list buffer overflow.
  • Dpvs: Fix the crash problem caused by dividing by zero when bonding slaves attempt to send packets out.
  • Dpvs: Fix the crash problem caused by inconsistent data structures of dp_vs_dest_compat between dpvs and keepalived.
  • Dpvs: Correct ipo option length for judgement of branching to standalone uoa.
  • Dpvs: Inhibit setting multicast ether address from slave lcores.
  • Dpvs: Fix service flag conflicts of synproxy and expire-quiescent.
  • Dpvs: Fix the chaos use of flag, flags and fwdmode in dest and service structures.
  • Dpvs: Fix service flush function not usable problem.
  • Dpvs: Fix invalid port problem when getting verbose information of netif devices.
  • Dpvs: Use atomic operation to generate packet id for ipv4 header.
  • Dpvs: Remove fragile implementations of strategy routing for snat.
  • Dpvs: Remove the stale config item "ipc_msg/unix_domain".
  • Keepalived: Do not delete and re-add vs/rs to eliminate service disturbances at reload.
  • Keepalived: Fix a carsh problem caused by missing definition of allowlist/denylist config items.
  • Ipvsadm: Add conn-timeout configuration option for service.
  • Ipvsadm: Fix the ambiguous use of '-Y' configuration option.
  • Ipvsadm: Fix icmpv6 configuration option -1 lost problem..
  • Ipvsadm: Update help text, including supported schedulers, laddr and allow/deny ip list.
  • Dpip: Fix line break problem in help message.
  • Uoa: Enable ipv6 with a macro for uoa example server.

@ywc689 ywc689 requested a review from wenjiejiang January 2, 2024 02:31
ytwang0320
ytwang0320 approved these changes Jan 2, 2024
View reviewed changes
Copy link
Collaborator

@ytwang0320 ytwang0320 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

approve +1

@ywc689 ywc689 merged commit 6ddc860 into master Jan 2, 2024
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ytwang0320 ytwang0320 ytwang0320 approved these changes

@wenjiejiang wenjiejiang Awaiting requested review from wenjiejiang

@chengweiv5 chengweiv5 Awaiting requested review from chengweiv5

@you-looks-not-tasty you-looks-not-tasty Awaiting requested review from you-looks-not-tasty

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@ywc689 @ytwang0320 @you-looks-not-tasty @roykingz @donghaobo @cfc4n