proxy: Keep DNS port allocated #11661
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Check if proxy port has already been configured in reservePort(). This is a cleanup only, should not change existing behavior. Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
Make proxy port changes visible in logs at info level. This should not add too much logging as proxy ports are supposedly relatively static over time. Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
Due to an apparent reference counting problem, where DNS redirect count reaches zero even though the reference count is set to one by SetProxyPort(), is is possible for the DNS proxy listening port to be reallocated and the corresponding datapath redirection rules changed to a new port, while the DNS proxy is incapable of changing it's listening port. Fix this by marking a proxy post set via SetProxyPort() as static and adding corresponding conditions that prevent the release and reallocation of the proxy port even if the reference count reaches zero. Fixes: 11637 Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
|
test-me-please |
|
test-me-please |
aanm
requested changes
May 25, 2020
| @@ -259,14 +266,14 @@ func (p *Proxy) ackProxyPort(pp *ProxyPort) error { | |||
|
|
|||
| // Remove old rules, if any and for different port | |||
| if pp.rulesPort != 0 && pp.rulesPort != pp.proxyPort { | |||
| scopedLog.Debugf("Removing old proxy port rules for %s:%d", pp.name, pp.rulesPort) | |||
| scopedLog.Infof("Removing old proxy port rules for %s:%d", pp.name, pp.rulesPort) | |||
There was a problem hiding this comment.
Are we planing to keep this as Info?
There was a problem hiding this comment.
I'd like to, for a while at least. It should not be chatty at all.
aanm
approved these changes
May 28, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proxy port for DNS becomes unallocated if the proxy port reference count reaches zero. While this should never happen for a DNS proxy port, as it starts with a reference count of 1, it would be better make sure the DNS proxy port is never reallocated as the DNS proxy can't change its listening port.
Fixes: #11637