From 1b7444b1d30d0d64ba3f08547f3ac61189ed0c28 Mon Sep 17 00:00:00 2001 From: yangwei Date: Fri, 25 Aug 2023 20:01:12 +0800 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20feat(sapp):=20update=20to=20sapp-4.?= =?UTF-8?q?3.23.7f030e5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Conflicts: ansible/install_config/group_vars/rpm_version.yml --- .../install_config/group_vars/rpm_version.yml | 6 +- ansible/roles/sapp/templates/sapp.toml.j2.j2 | 58 ++++++++++--------- ansible/roles/sapp/templates/sapp_log.conf.j2 | 6 +- .../traffic-engine/files/helm/conf/sapp.toml | 50 +++++++++------- 4 files changed, 66 insertions(+), 54 deletions(-) diff --git a/ansible/install_config/group_vars/rpm_version.yml b/ansible/install_config/group_vars/rpm_version.yml index a2a6a078..5009a112 100644 --- a/ansible/install_config/group_vars/rpm_version.yml +++ b/ansible/install_config/group_vars/rpm_version.yml @@ -69,9 +69,9 @@ mrzcpd_rpm_version: sapp_rpm_version: - sapp: sapp-4.3.21.738415d + sapp: sapp-4.3.23.7f030e5 tcpdump_mesa: tcpdump_mesa-1.0.13.6ec67f5 - sapp-pr: sapp-pr-4.3.21.738415d + sapp-pr: sapp-pr-4.3.23.7f030e5 tfe_rpm_version: tfe: tfe-4.8.34.9f2bf29 @@ -122,4 +122,4 @@ coredump_tools_rpm_version: coredump_tools: coredump-tools-1.0.12-51c6653 packet_adapter_rpm_version: - packet_adapter: packet_adapter-2.0.0.e34aa3f \ No newline at end of file + packet_adapter: packet_adapter-2.0.0.e34aa3f diff --git a/ansible/roles/sapp/templates/sapp.toml.j2.j2 b/ansible/roles/sapp/templates/sapp.toml.j2.j2 index 37200e23..45469ba7 100644 --- a/ansible/roles/sapp/templates/sapp.toml.j2.j2 +++ b/ansible/roles/sapp/templates/sapp.toml.j2.j2 @@ -26,10 +26,10 @@ dictator_enable=0 ### note, optional value is [none, vxlan] {% if dp_steering_firewall.encapsulation == 'vlan' or dp_steering_firewall.encapsulation == 'raw' %} - overlay_mode=none + overlay_mode="none" {% endif %} {% if dp_steering_firewall.encapsulation == 'vxlan' %} - overlay_mode=vxlan + overlay_mode="vxlan" {% endif %} {% if dp_steering_firewall.encapsulation == 'provision' %} overlay_mode={% raw %}{{ sapp_overlay_mode }} @@ -57,41 +57,41 @@ dictator_enable=0 ### vxlan_by_inline_device: encapsulation inject packet with vxlan, and then send to inline device by udp socket. ### raw_ethernet_single_gateway: send layer2 ethernet packet to specific gateway in same broadcast domain. ### raw_ethernet_multi_gateway: send layer2 ethernet packet to multiple gateway in same broadcast domain. - inject_pkt_mode=sys_route - + inject_pkt_mode="default" + inject_pkt_prepend_segment_id=0 ### note, this config is valid if inject_pkt_mode==vxlan_by_inline_device, means udp socket src port. - inject_mode_inline_device_sport=54789 + #inject_mode_inline_device_sport=54789 ### note, this config is valid if inject_pkt_mode==raw_ethernet_single_gateway. - inject_mode_single_gateway_device="eth1" + #inject_mode_single_gateway_device="eth1" ### inject_mode_single_gateway_src_mac has lower priority than get smac from inject_mode_single_gateway_device - inject_mode_single_gateway_src_mac="00:11:22:77:88:99" - inject_mode_single_gateway_dst_mac="00:11:22:33:44:55" - dumpfile_sleep_time_before_exit=3 + #inject_mode_single_gateway_src_mac="00:11:22:77:88:99" + #inject_mode_single_gateway_dst_mac="00:11:22:33:44:55" + #dumpfile_sleep_time_before_exit=3 -### note, depolyment.mode options: [mirror, inline, transparent] - [packet_io.depolyment] +### note, deployment.mode options: [mirror, inline, transparent] + [packet_io.deployment] {% if dp_steering_firewall.deployment == 'inline' %} - mode=inline + mode="inline" {% endif %} {% if dp_steering_firewall.deployment == 'mirror' %} - mode=mirror + mode="mirror" {% endif %} {% if dp_steering_firewall.deployment == 'transparent' %} - mode=transparent + mode="transparent" {% endif %} ### note, interface.type options: [pag,pcap,marsio] [packet_io.internal.interface] {% if dp_steering_firewall.capture_packet == 'driver' %} - type=marsio + type="marsio" {% endif %} {% if dp_steering_firewall.capture_packet == 'pcap' %} - type=pcap + type="pcap" {% endif %} name={{ dp_steering_firewall.nic_internal }} [packet_io.external.interface] - type=pcap + type="pcap" name=lo [packet_io.polling] @@ -128,6 +128,7 @@ dictator_enable=0 [DUPLICATE_PKT] [dup_pkt.traffic.original] + kickout_udp_stream_enabled=0 original_ipv4_tcp_enabled=1 original_ipv4_udp_enabled=0 ### note, can't distinguish between duplicate traffic and application retransmit traffic for IPv6 packets, @@ -177,10 +178,9 @@ dictator_enable=0 [PROFILING] [profiling.log] - sapp_log_category="log/sapp_log" - sapp_plugin_log_category="log/sapp_plugin_log" + sapp_log_category="sapp_log" + sapp_plugin_log_category="sapp_plugin_log" #for profiling-related API control, e.g printaddr - enabled_log_level=20 [profiling.metric] [profiling.metric.fs2] @@ -198,10 +198,16 @@ dictator_enable=0 refresh_interval_s=1 [profiling.process_latency] - log_category="log/sapp_process_latency_log" - enabled_log_level=10 - ### note, threshold unit is microseconds (us) - threshold_us=100000 + log_category="sapp_process_latency_log" + histogram_enabled=0 + local_file="fs2_process_latency.metrics" + refresh_interval_s=1 +### note, threshold unit is microseconds (us), legal_scope [1,99999999], max value is 99 + threshold_us=1000 +### define in time.h,use CLOCK_MONOTONIC_COARSE as default +### 0 means CLOCK_REALTIME, 1 means CLOCK_MONOTONIC, 2 means CLOCK_PROCESS_CPUTIME_ID, 3 means CLOCK_THREAD_CPUTIME_ID +### 4 means CLOCK_MONOTONIC_RAW, 5 means CLOCK_REALTIME_COARSE, 6 means CLOCK_MONOTONIC_COARSE + clock_gettime_id=6 [profiling.sanity_check] raw_pkt_broken_enabled=0 @@ -211,7 +217,7 @@ dictator_enable=0 [tools.pkt_dump] enabled=1 ### note, mode options value:[storage, udp_socket] - mode=udp_socket + mode="udp_socket" BSD_packet_filter="" [tools.pkt_dump.threads] @@ -233,7 +239,7 @@ dictator_enable=0 file_size_max_per_thread=10000 -[breakpad] +[BREAKPAD] {% raw %}{% if coredump.format == 'none' %} disable_coredump=1 enable_breakpad=0 diff --git a/ansible/roles/sapp/templates/sapp_log.conf.j2 b/ansible/roles/sapp/templates/sapp_log.conf.j2 index deda69cf..25ac51a8 100644 --- a/ansible/roles/sapp/templates/sapp_log.conf.j2 +++ b/ansible/roles/sapp/templates/sapp_log.conf.j2 @@ -11,8 +11,8 @@ STOP=40 other = "%d(%c), %V, %F, %U, %m%n" plugin = "%d(%c), %m%n" [rules] -sapp_log.info "./log/runtimelog.%d(%F)" +sapp_log.fatal "./log/runtimelog.%d(%F)" sapp_plugin_log.fatal >stdout; plugin -sapp_plugin_log.info "./log/plugin.log"; plugin -sapp_process_latency_log.info "./log/sapp_process_latency.log" +sapp_plugin_log.info "./log/plugin.log.%d(%F)"; plugin +sapp_process_latency_log.fatal "./log/sapp_process_latency.log.%d(%F)" !.fatal "./log/%c.%d(%F)"; other diff --git a/ansible/roles/traffic-engine/files/helm/conf/sapp.toml b/ansible/roles/traffic-engine/files/helm/conf/sapp.toml index 5f1008d3..27641efe 100644 --- a/ansible/roles/traffic-engine/files/helm/conf/sapp.toml +++ b/ansible/roles/traffic-engine/files/helm/conf/sapp.toml @@ -25,7 +25,7 @@ dictator_enable=0 l2_l3_tunnel_support=1 ### note, optional value is [none, vxlan, nf] - overlay_mode=nf + overlay_mode="nf" [packet_io.feature] destroy_all_plug_enabled = 0 @@ -48,29 +48,29 @@ dictator_enable=0 ### vxlan_by_inline_device: encapsulation inject packet with vxlan, and then send to inline device by udp socket. ### raw_ethernet_single_gateway: send layer2 ethernet packet to specific gateway in same broadcast domain. ### raw_ethernet_multi_gateway: send layer2 ethernet packet to multiple gateway in same broadcast domain. - inject_pkt_mode=sys_route - + inject_pkt_mode="default" + inject_pkt_prepend_segment_id=1064 ### note, this config is valid if inject_pkt_mode==vxlan_by_inline_device, means udp socket src port. - inject_mode_inline_device_sport=54789 + #inject_mode_inline_device_sport=54789 ### note, this config is valid if inject_pkt_mode==raw_ethernet_single_gateway. - inject_mode_single_gateway_device="eth1" + #inject_mode_single_gateway_device="eth1" ### inject_mode_single_gateway_src_mac has lower priority than get smac from inject_mode_single_gateway_device - inject_mode_single_gateway_src_mac="00:11:22:77:88:99" - inject_mode_single_gateway_dst_mac="00:11:22:33:44:55" - dumpfile_sleep_time_before_exit=3 + #inject_mode_single_gateway_src_mac="00:11:22:77:88:99" + #inject_mode_single_gateway_dst_mac="00:11:22:33:44:55" + #dumpfile_sleep_time_before_exit=3 ### note, depolyment.mode options: [mirror, inline, transparent] - [packet_io.depolyment] - mode=inline + [packet_io.deployment] + mode="inline" ### note, interface.type options: [pag,pcap,marsio] [packet_io.internal.interface] - type=marsio + type="marsio" name={{ .Values.nic_raw_name }} [packet_io.external.interface] - type=pcap - name=lo + type="pcap" + name="lo" [packet_io.polling] ### note, polling_priority = call sapp_recv_pkt every call polling_entry times, @@ -110,6 +110,7 @@ bypass_trigger_cpu_usage={{ .Values.overload_protection.detect_threshold_cpu_usa [DUPLICATE_PKT] [dup_pkt.traffic.original] + kickout_udp_stream_enabled=0 {{- if eq .Values.session_manager.tcp_duplicated_packet_filter .Values.define_enable_val_yes }} original_ipv4_tcp_enabled=1 {{- else }} @@ -172,10 +173,9 @@ bypass_trigger_cpu_usage={{ .Values.overload_protection.detect_threshold_cpu_usa [PROFILING] [profiling.log] - sapp_log_category="log/sapp_log" - sapp_plugin_log_category="log/sapp_plugin_log" + sapp_log_category="sapp_log" + sapp_plugin_log_category="sapp_plugin_log" #for profiling-related API control, e.g printaddr - enabled_log_level=20 [profiling.metric] [profiling.metric.fs2] @@ -193,10 +193,16 @@ bypass_trigger_cpu_usage={{ .Values.overload_protection.detect_threshold_cpu_usa refresh_interval_s=1 [profiling.process_latency] - log_category="log/sapp_process_latency_log" - enabled_log_level=10 - ### note, threshold unit is microseconds (us) - threshold_us=100000 + log_category="sapp_process_latency_log" + histogram_enabled=0 + local_file="fs2_process_latency.metrics" + refresh_interval_s=1 +### note, threshold unit is microseconds (us), legal_scope [1,99999999], max value is 99 + threshold_us=1000 +### define in time.h,use CLOCK_MONOTONIC_COARSE as default +### 0 means CLOCK_REALTIME, 1 means CLOCK_MONOTONIC, 2 means CLOCK_PROCESS_CPUTIME_ID, 3 means CLOCK_THREAD_CPUTIME_ID +### 4 means CLOCK_MONOTONIC_RAW, 5 means CLOCK_REALTIME_COARSE, 6 means CLOCK_MONOTONIC_COARSE + clock_gettime_id=6 [profiling.sanity_check] raw_pkt_broken_enabled=0 @@ -206,7 +212,7 @@ bypass_trigger_cpu_usage={{ .Values.overload_protection.detect_threshold_cpu_usa [tools.pkt_dump] enabled=1 ### note, mode options value:[storage, udp_socket] - mode=udp_socket + mode="udp_socket" BSD_packet_filter="" [tools.pkt_dump.threads] @@ -228,7 +234,7 @@ bypass_trigger_cpu_usage={{ .Values.overload_protection.detect_threshold_cpu_usa file_size_max_per_thread=10000 -[breakpad] +[BREAKPAD] {{- include "traffic-engine.coredump" . | indent 4 }} breakpad_minidump_dir="/run/sapp/crashreport" breakpad_upload_tools="/opt/tsg/framework/bin/minidump_upload"