polycube-network / polycube Goto Github PK
View Code? Open in Web Editor NEWeBPF/XDP-based software framework for fast network services running in the Linux kernel.
License: Apache License 2.0
eBPF/XDP-based software framework for fast network services running in the Linux kernel.
License: Apache License 2.0
We are missing this guide that tells people how to contribute to the project.
Currently, rules are shown in the pcn-firewall syntax. It has to be converted in a way that is equivalent to the original iptables one.
-Fulvio
In some cases, the output contains so many columns and the terminal is not wide enough to fit it.
There is some logic to break the last column into multiple lines, however, it doesn't work in all the cases (when there are not white spaces #193), also if the last column is a small one it doesn't make sense to break it.
There are many ways to handle this problem
Create an improved breaking logic that is capable of breaking the best / better column(s)
Print an error
Print only the columns that fit and tell in some way to the user that there are some hidden columns
Completely ignore the problem printing a misaligned table (current behavior)
-Mauricio
Mauricio identified a weird limitation that can cause many troubles to developers.
pcn_log is not a function nor a macro, it is just a string that is looked and replaced in the code using a set of regular expressions (DatapathLog::parse_log)[1]. Currently, those regex are only able to replace pcn_log correctly if this is in a single line, otherwise strange compilation errors happen.
This limitation is because this is not possible to use a map inside a macro with bcc, unfortunately, I haven't been able to look a solution for it.
https://github.com/polycube-network/polycube/blob/master/src/polycubed/src/datapath_log.cpp#L211
It would be good to have some script which will collect logs and other information, which will be later attached to the bugs reported here.
Priority: Low
Type: Enhancement
To validate and correct the macro in the documentation (wherever applicable).
Originally this was brought up Mauricio:
As a note: This works fine for now, but once do the first release this will cause problems because the documentation of that release would point to this the vagrant file in master.
Using the `SCM_WEB` macro is better.
Originally posted by @mauriciovasquezbernal in https://github.com/polycube-network/polycube/pull/83/files/460a55fe0040f2b352e8ef78a8a5ea7d73b1b97b
The CLI has some issues when a string that can be converted to a number is used as name of a port. Probably this is a more generic problem.
$ polycubectl simplebridge add br0
$ polycubectl br0 ports add 10e30
$ polycubectl show br0
name: br0
uuid: 104fc8c1-fdf4-405b-8ae9-db7d2a92aa43
type: type_tc
loglevel: info
fdb:
aging-time: 300
ports:
- [0]
name: 9999999999999999635896294965248.000000
uuid: 9efbe0c7-f990-4544-b72f-4f445672fb40
status: down
peer:
mac: 4e:cc:d4:0c:ec:e7
$ polycubectl br0 fdb entry add 02:42:a7:24:d4:2d port=10e30
type must be string, but is number
-Mauricio
ExtIfaceTC
and ExtIfaceXDP
share a lot of code, maybe we can create a single class ExtIface or at least create a common base one.
pcn-iptables adopts some optimizations to skip the pipeline when no rules are instantiated in the target chain.
In particular, the Chain Logic module sets the PASS_LABELING label, which is used by the subsequent modules to understand the situation and act consequently.
However, I noticed that in this case, even though the system behaves correctly, it doesn't update the counters for the default action that is matched.
The issue can be easily reproduced by starting pcn-iptables without any rule and then send traffic to the INPUT or FORWARD chain.
$ polycubectl router add r1
$ polycubectl r1 ports add ?
Keyword Type Description
<name> string Port Name
Other parameters:
peer=value string Peer name, such as a network interfaces (e.g., 'veth0') or another cube (e.g., 'br1:port2')
ip=value string IP address of the port
netmask=value string Netmask of the port
mac=value string MAC address of the port
Example:
polycubectl r1 ports add port1 peer=r0:port1 ip=207.46.130.1 netmask=255.255.255.0 mac=B3:23:45:F5:3A
peer
and mac
are optional parameters, but from that output, it is not possible to distinguish which are mandatory or optional.
-Mauricio
Packets going from the data path to the control plane (PacketIn events) and logging messages use different perf ring buffers, for this reason, they could be received on the control plane in a different order they were sent from the data path.
A possible solution to this problem would be to use the same perf ring buffer for both kinds of messages.
https://github.com/polycube-network/swagger-codegen/ is behind last changes we did to polycube.
AFAIK this as the missing changes:
Probably we should adopt a policy that a PR that affects code generation cannot be merged into polycube until the generation tools are updated
Improve the Usage section.
-Fulvio
Snip from PR#152
Reviewed the code, looks good to me. But I am a little worry about the way the service being used, it is a system-wise service but we have to attach it to a particular interface, I think maybe we should introduce a host type service along with transparent and regular service.
Originally posted by @goldenrye in #152 (comment)
It is a quite strange issue, if there is a filename with a single-character name in the folder where invoking CLI, the help commands do not work:
$ echo "It does not matter what you put here" > a
$ polycubectl ? # gives "no service present with name a"
$ polycubectl router add r0
$ polycubectl r0 ? # gives "404 Not Found"
This is because the the ? is a bash special character is bash used as a single-character wild card [1]
This is not that important, I am only opening the issue to keep track of this in case somebody hits this problem.
[1] https://www.tldp.org/LDP/abs/html/special-chars.html
-Mauricio
Not sure when and who would pick this one. Keeping it here as a tracker for now.
Following our last to last week call, we agreed to have some metrics which will play a vital role when things goes into production, troubleshooting and performance analysis, benchmarking and (maybe) future dashboard integrations.
Majorly for:
PCN-FW
Like iptables have counters/metrics, something similar we need to have.
PCN-DDOS
Some counters which will display us the usage or some numbers to check about the DDOS protection.
PCN-K8S
Most of the metrics are reusable from K8S metrics.
The error message that is returned when the client performs a non-valid request does not contain a description of the error.
For instance:
$ polycubectl hw0 ports add p1 perar=dasda
{"ietf-restconf:errors":{"error":[{"error-type":"application","error-tag":"perar"}]}}
It would be nice to provide a human readable error description in those cases. I think we can use the error-message
field of http://www.netconfcentral.org/modules/ietf-restconf#error.146.
polycubectl
returns an error for terminal size too small, even if it's 238(columns) by 57 (lines)
Steps to reproduce the behavior:
polycubectl --help
to see the error.user@node1:~$ sudo docker run -it --rm --privileged --network host -it polycubenetwork/polycube:latest polycubectl --help
Size of the terminal is too small, output could be missaligned.
Keyword Type Description
transparenthelloworld service Transparent-Helloworld Service
simplebridge service Simple L2 Bridge Service
nat service NAT Service
lbrp service LoadBalancer Reverse-Proxy Service
firewall service Firewall Service
ddosmitigator service DDoS Mitigator Service
simpleforwarder service Simple Forwarder Base Service
lbdsr service LoadBalancer Direct Server Return Service
pbforwarder service Policy-Based Forwarder Service
helloworld service Helloworld Service
iptables service Unknown
router service Router Service
k8switch service Kubernetes HyperSwitch Service
k8sfilter service Kubernetes Traffic Filtering Service
connect command Connect ports
disconnect command Disconnect ports
attach command Attach transparent cubes
detach command Detach transparent cubes
services command Show/Add/Del services (e.g. Bridge, Router,
..)
cubes command Show running service instances (e.g. br1,
nat2, ..)
topology command Show topology of service instances
netdevs command Show net devices available
user@node1:~$ tput lines && tput cols
57
238
polycubecctl
shouldn't throw an error if the screen size is large enough. Maybe we can also eliminate this terminal size check?!
"Ubuntu 18.04.1 LTS" (64 bit)
4.17.8-041708-generic
pre_transparent_services+ [git: (branch/commit): master/b813c671]
[2019-04-29 20:17:41.022] [polycubed] [info] configuration parameters:
[2019-04-29 20:17:41.022] [polycubed] [info] loglevel: info
[2019-04-29 20:17:41.022] [polycubed] [info] daemon: true
[2019-04-29 20:17:41.022] [polycubed] [info] pidfile: /var/run/polycube.pid
[2019-04-29 20:17:41.022] [polycubed] [info] port: 9000
[2019-04-29 20:17:41.023] [polycubed] [info] addr: localhost
[2019-04-29 20:17:41.023] [polycubed] [info] logfile: /var/log/polycube/polycubed.log
[2019-04-29 20:17:41.023] [polycubed] [info] polycubed starting...
[2019-04-29 20:17:41.023] [polycubed] [info] version pre_transparent_services+ [git: (branch/commit): master/b813c671]
[2019-04-29 20:17:41.023] [polycubed] [info] running as daemon
$ sudo docker images | grep polycube
polycubenetwork/polycube latest 5a4805bd2dbc 2 days ago 526MB
To reproduce:
polycubectl k8switch add k8switch1 loglevel=OFF \
cluster-ip-subnet=10.96.0.0/12 client-subnet=192.168.1.0/24 \
virtual-client-subnet=10.10.1.0/24 type=TYPE_XDP_DRV
The verifier will fails with:
math between pkt pointer and register with unbounded min value is not allowed
This is somehow related to the checksum update functions, but we still don't find the solution for it.
Testing for pcn-k8s related components is badly missing, so it is common to have problems like #100.
In order to avoid breaking pcn-k8s we should:
pcn-k8switch
and pcn-k8sfilter
services.There is no clear distinction between pcn-iptables and pcn-firewall in the documentation.
Clarification of the difference between pcn-iptables and the firewall service (in particular to emphasize the possibility to use the former as a drop-in replacement of iptables) and, more in general, of the difference between applications and services.
Commercial devices have the possibility to configure a "mirror port", which takes the traffic on one (or more) ports and duplicates the packets over it. This is used for debugging purposes, as a tcpdump/Wireshark can capture exactly the packet flow that is actually going on in the network.
We should add such a feature to polycube as well: when two services are connected, we should add the possibility to create a mirror port, which turns into creating a hidden iomodule inserted in between the existing two, which takes the packets and duplicate them, and send one to the target iomodule, the other to a tap.
Tcpdump/Wireshark can the attach to that tap and capture the traffic. In this way, we can capture exactly the traffic that is flowing through iomodules, hence possibly detecting where a bug may be.
This feature should be provided by the framework, so it should be included by default in the code automatically produced by our code generation tools.
-Fulvio
Error while following the procedure to build the HTML documentation.
pip install -r requirements.txt
root@webserver-dev1:~/polycube/Documentation# pip install -r requirements.txt
Collecting Sphinx>=1.8.1 (from -r requirements.txt (line 1))
Downloading https://files.pythonhosted.org/packages/0e/5c/e7d076cf2900b38cba5c7d48545953540d86634d391b702067c00d99cb01/Sphinx-1.8.3-py2.py3-none-any.whl (3.1MB)
100% |████████████████████████████████| 3.1MB 320kB/s
Collecting sphinx-rtd-theme==0.4.2 (from -r requirements.txt (line 2))
Downloading https://files.pythonhosted.org/packages/ef/0c/e4a462190506bc4bff6ca8cf93da07b2d13e540466d2e8a760352d0c69b0/sphinx_rtd_theme-0.4.2-py2.py3-none-any.whl (6.4MB)
100% |████████████████████████████████| 6.4MB 152kB/s
Collecting sphinxcontrib-spelling>4.0.0 (from -r requirements.txt (line 3))
Downloading https://files.pythonhosted.org/packages/74/22/3fc121b8a7acd4952e0a280ced4703ed0082ae61533204731ef4cdfa01cb/sphinxcontrib-spelling-4.2.0.tar.gz
Collecting sphinxcontrib-websupport (from Sphinx>=1.8.1->-r requirements.txt (line 1))
Downloading https://files.pythonhosted.org/packages/52/69/3c2fbdc3702358c5b34ee25e387b24838597ef099761fc9a42c166796e8f/sphinxcontrib_websupport-1.1.0-py2.py3-none-any.whl
Collecting babel!=2.0,>=1.3 (from Sphinx>=1.8.1->-r requirements.txt (line 1))
Downloading https://files.pythonhosted.org/packages/b8/ad/c6f60602d3ee3d92fbed87675b6fb6a6f9a38c223343ababdb44ba201f10/Babel-2.6.0-py2.py3-none-any.whl (8.1MB)
100% |████████████████████████████████| 8.1MB 126kB/s
Collecting imagesize (from Sphinx>=1.8.1->-r requirements.txt (line 1))
Downloading https://files.pythonhosted.org/packages/fc/b6/aef66b4c52a6ad6ac18cf6ebc5731ed06d8c9ae4d3b2d9951f261150be67/imagesize-1.1.0-py2.py3-none-any.whl
Requirement already satisfied: setuptools in /usr/lib/python2.7/dist-packages (from Sphinx>=1.8.1->-r requirements.txt (line 1))
Collecting packaging (from Sphinx>=1.8.1->-r requirements.txt (line 1))
Downloading https://files.pythonhosted.org/packages/89/d1/92e6df2e503a69df9faab187c684585f0136662c12bb1f36901d426f3fab/packaging-18.0-py2.py3-none-any.whl
Collecting Pygments>=2.0 (from Sphinx>=1.8.1->-r requirements.txt (line 1))
Downloading https://files.pythonhosted.org/packages/13/e5/6d710c9cf96c31ac82657bcfb441df328b22df8564d58d0c4cd62612674c/Pygments-2.3.1-py2.py3-none-any.whl (849kB)
100% |████████████████████████████████| 849kB 1.1MB/s
Collecting requests>=2.0.0 (from Sphinx>=1.8.1->-r requirements.txt (line 1))
Downloading https://files.pythonhosted.org/packages/7d/e3/20f3d364d6c8e5d2353c72a67778eb189176f08e873c9900e10c0287b84b/requests-2.21.0-py2.py3-none-any.whl (57kB)
100% |████████████████████████████████| 61kB 8.4MB/s
Requirement already satisfied: six>=1.5 in /usr/lib/python2.7/dist-packages (from Sphinx>=1.8.1->-r requirements.txt (line 1))
Collecting docutils>=0.11 (from Sphinx>=1.8.1->-r requirements.txt (line 1))
Downloading https://files.pythonhosted.org/packages/50/09/c53398e0005b11f7ffb27b7aa720c617aba53be4fb4f4f3f06b9b5c60f28/docutils-0.14-py2-none-any.whl (543kB)
100% |████████████████████████████████| 552kB 2.0MB/s
Collecting typing; python_version < "3.5" (from Sphinx>=1.8.1->-r requirements.txt (line 1))
Downloading https://files.pythonhosted.org/packages/cc/3e/29f92b7aeda5b078c86d14f550bf85cff809042e3429ace7af6193c3bc9f/typing-3.6.6-py2-none-any.whl
Collecting alabaster<0.8,>=0.7 (from Sphinx>=1.8.1->-r requirements.txt (line 1))
Downloading https://files.pythonhosted.org/packages/10/ad/00b090d23a222943eb0eda509720a404f531a439e803f6538f35136cae9e/alabaster-0.7.12-py2.py3-none-any.whl
Collecting Jinja2>=2.3 (from Sphinx>=1.8.1->-r requirements.txt (line 1))
Downloading https://files.pythonhosted.org/packages/7f/ff/ae64bacdfc95f27a016a7bed8e8686763ba4d277a78ca76f32659220a731/Jinja2-2.10-py2.py3-none-any.whl (126kB)
100% |████████████████████████████████| 133kB 6.4MB/s
Collecting snowballstemmer>=1.1 (from Sphinx>=1.8.1->-r requirements.txt (line 1))
Downloading https://files.pythonhosted.org/packages/d4/6c/8a935e2c7b54a37714656d753e4187ee0631988184ed50c0cf6476858566/snowballstemmer-1.2.1-py2.py3-none-any.whl (64kB)
100% |████████████████████████████████| 71kB 7.2MB/s
Collecting PyEnchant>=1.6.5 (from sphinxcontrib-spelling>4.0.0->-r requirements.txt (line 3))
Downloading https://files.pythonhosted.org/packages/9e/54/04d88a59efa33fefb88133ceb638cdf754319030c28aadc5a379d82140ed/pyenchant-2.0.0.tar.gz (64kB)
100% |████████████████████████████████| 71kB 6.3MB/s
Complete output from command python setup.py egg_info:
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/tmp/pip-build-i3UU4e/PyEnchant/setup.py", line 212, in <module>
import enchant
File "enchant/__init__.py", line 92, in <module>
from enchant import _enchant as _e
File "enchant/_enchant.py", line 145, in <module>
raise ImportError(msg)
ImportError: The 'enchant' C library was not found. Please install it via your OS package manager, or use a pre-built binary wheel from PyPI.
----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-i3UU4e/PyEnchant/
Shared NIC problem (an eBPF service takes the entire traffic on the NIC; we cannot start a service that takes a subset of traffic)
As you can see from [here](url
https://github.com/polycube-network/polycube/blob/439eb2f2d3af94da9686df5ed8dee2131feda80d/polycubed/src/iomodule_xdp.cpp#L193), when a developer calls the polycube_pkt_redirect
function, a lookup in the forward_chain_ map
is made in order to understand the next-hop to which redirect the packet (that can be a netdev or another iomodule).
Based on my performance tests, I've discovered that the lookup in that map is costly and reduces the performance compared to the eBPF baseline.
My proposal is to remove this map lookup adding dynamically, into the polycube_pkt_redirect function code, the address of the next iomodule and then reload the code whenever a new peer is attached.
In this way, we could also use the bpf_redirect_map helper with devmap, which provides a 20-30% of improvement due bulking via delayed tailptr write.
Finally, a sample implementation of the eBPF code for the polycube_pkt_redirect function would be:
int polycube_pkt_redirect(struct xdp_md *pkt, int out_port) {
// The netdev map contains the logical-physical port mapping only for netdevs
switch (out_port) {
case 0:
bpf_redirect_map(&netdev_map, out_port, 0);
case 1:
xdp_nodes.call(pkt, 0xaabbcc);
case 2:
xdp_nodes.call(pkt, 0xbbaacc);
}
}
This code would be automatically generated every time a new peer is connected to the iomodule.
-Sebastiano
We should preserve the order in the JSON that is received from polycubed in order to print the elements to the user in the same list they are defined in the data model.
In order to do that we modified the https://github.com/Jeffail/gabs library in order to use https://github.com/cevaris/ordered_map instead of standard maps, it is working for some cases but not for all of them. For example, when an array of objects is received, the order is not preserved.
There is not an easy solution for it, the major challenge is that the JSON unmarshalling provided by golang is based on the standard map that is not ordered, so there will be always a case where the order is lost.
I think a possible solution would be to create (probably not from scratch) our own JSON unmarshalling routine, unfortunately, it doesn't appear to be that easy work.
-Mauricio
Current procedure is to set the directmode with etcdctl (etcd client), it's working well. But for ease of management, we might look into possibilities to set this with polycubed cli.
Some commands do not work using the notation
polycubectl <service_type> <service_name> <add/remove/set/..>
polycubectl bridge add b1 stp-enabled=true
-> okpolycubectl bridge b1 ports add p1
-> okpolycubectl bridge b1 stp 1 set priority=28672
-> errorOutput after command 3. -> No cube found named bridge
If i omit <service_type>, the command works correctly
E.g. polycubectl b1 stp 1 set priority=28672
-> ok
Strangely, this bug does not happens everytime (for example command 2. above does not present any problem)
Although we have implemented an algorithm that deletes entries when they are not used [1], this implementation presents many limitations and complications.
There is not so much that we can do from our side, this limitation requires an extension to the eBPF maps.
[1] https://github.com/polycube-network/polycube/blob/master/src/services/pcn-bridge/src/Bridge.h#L167-L175
-Mauricio
A SIGINT
makes polycubed
to crash with a segmentation fault when it is starting.
Example:
[2019-01-22 20:25:09.781] [polycubed] [info] loading configuration from /etc/polycube/polycubed.conf
[2019-01-22 20:25:09.783] [polycubed] [info] configuration parameters:
[2019-01-22 20:25:09.783] [polycubed] [info] loglevel: debug
[2019-01-22 20:25:09.783] [polycubed] [info] daemon: false
[2019-01-22 20:25:09.783] [polycubed] [info] pidfile: /var/run/polycube.pid
[2019-01-22 20:25:09.783] [polycubed] [info] port: 9000
[2019-01-22 20:25:09.783] [polycubed] [info] addr: localhost
[2019-01-22 20:25:09.783] [polycubed] [info] logfile: /var/log/polycube/polycubed.log
[2019-01-22 20:25:09.783] [polycubed] [info] polycubed starting...
[2019-01-22 20:25:09.783] [polycubed] [info] version -128-NOTFOUND+ [git: (branch/commit): transparent_services_new/6fab8309]
^C[2019-01-22 20:25:10.595] [polycubed] [info] Caught signal 2
Segmentation fault
Followed all the instructions to install the PCN-Iptables from https://github.com/polycube-network/polycube/blob/master/Documentation/installation.rst#installing-polycube-1
All goes well until I reach to the end section of the documentation link to install polycubed
and polycubectl
.
$ cmake .. -DENABLE_PCN_IPTABLES=ON
-- Version is pre_transparent_services+ [git: (branch/commit): master/79429777]
-- Latest recognized Git tag is -128-NOTFOUND
-- Git HEAD is 79429777c3b0afab3dc8770ed3b0b1b3bcac4558
-- Revision is 128-NOTFOUND-79429777
-- Found LLVM: /usr/lib/llvm-5.0/include 5.0.1
-- Using static-libstdc++
-- Could NOT find LuaJIT (missing: LUAJIT_LIBRARIES LUAJIT_INCLUDE_DIR)
CMake Warning at src/libs/bcc/tests/python/CMakeLists.txt:6 (message):
Recommended test program 'arping' not found
CMake Warning at src/libs/bcc/tests/python/CMakeLists.txt:10 (message):
ignore line: []
ignore line: [Run Build Command:"/usr/bin/make" "cmTC_b4d5c/fast"]
ignore line: [/usr/bin/make -f CMakeFiles/cmTC_b4d5c.dir/build.make CMakeFiles/cmTC_b4d5c.dir/build]
ignore line: [make[1]: Entering directory '/home/kube/polycube/build/CMakeFiles/CMakeTmp']
ignore line: [Building C object CMakeFiles/cmTC_b4d5c.dir/CMakeCCompilerABI.c.o]
ignore line: [/usr/bin/cc -o CMakeFiles/cmTC_b4d5c.dir/CMakeCCompilerABI.c.o -c /usr/share/cmake-3.10/Modules/CMakeCCompilerABI.c]
ignore line: [Linking C executable cmTC_b4d5c]
ignore line: [/usr/bin/cmake -E cmake_link_script CMakeFiles/cmTC_b4d5c.dir/link.txt --verbose=1]
ignore line: [/usr/bin/cc -v -rdynamic CMakeFiles/cmTC_b4d5c.dir/CMakeCCompilerABI.c.o -o cmTC_b4d5c ]
ignore line: [Using built-in specs.]
ignore line: [COLLECT_GCC=/usr/bin/cc]
ignore line: [COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/7/lto-wrapper]
ignore line: [OFFLOAD_TARGET_NAMES=nvptx-none]
ignore line: [OFFLOAD_TARGET_DEFAULT=1]
Recommended test program 'netperf' not found
CMake Error at /usr/share/cmake-3.10/Modules/FindPackageHandleStandardArgs.cmake:137 (message):
Could NOT find PkgConfig (missing: PKG_CONFIG_EXECUTABLE)
Call Stack (most recent call first):
/usr/share/cmake-3.10/Modules/FindPackageHandleStandardArgs.cmake:378 (_FPHSA_FAILURE_MESSAGE)
/usr/share/cmake-3.10/Modules/FindPkgConfig.cmake:36 (find_package_handle_standard_args)
src/polycubed/src/CMakeLists.txt:1 (find_package)
-- Configuring incomplete, errors occurred!
See also "/home/kube/polycube/build/CMakeFiles/CMakeOutput.log".
Steps to reproduce the behavior:
polycubed
and polycubectl
All the process should be clear and easy to follow without any error(s).
Ubuntu 18.04 LTS
4.15.0-20-generic x86_64
N/A
N/A
n/A
polycubed
implements a rest API [1], these are some of the available functions:
This API is not documented [2]
[1] https://github.com/polycube-network/polycube/blob/master/src/polycubed/src/rest_server.h#L60
[2] https://github.com/polycube-network/polycube/blob/master/Documentation/polycubed/polycubed.rst#rest-api
We should replace the architecture Picture [1], with a new one (produced by more expert designers :) ).
Or at least, replace the polycube(logo) text with just polycube.
[1] https://github.com/polycube-network/polycube/blob/master/Documentation/images/polycube-archi.png
vagrant@vagrant:~/polycube/tutorials/tutorial-basic2$ polycubectl bridge br1 show
Method not implemented
vagrant@vagrant:~/polycube/tutorials/tutorial-basic2$ polycubectl bridge br1 show ?
Keyword Type Description
ports list Entry of the ports table
stp list Per-vlan Spanning Tree Protocol Configuration
stpenabled boolean Enable/Disable the STP protocol of the bridge
type string Type of the IOModule (TYPE_TC, TYPE_XDP_SKB, TYPE_XDP_DRV)
uuid string UUID of the IOModule
agingtime integer Aging time of the filtering database
filteringdatabase list Entry associated with the filtering database
vagrant@vagrant:~/polycube/tutorials/tutorial-basic2$ polycubectl bridge br1 show ports ?
Keyword Type Description
string Port Name
vagrant@vagrant:~/polycube/tutorials/tutorial-basic2$ polycubectl bridge br1 show ports
Method not implemented
-Mauricio
I received an error '404 not found' when I try to write the character '/' in the CLI, for instance, when I write "polycubectl router r1 routingtableentryipv6 f80::/64 c213::/64 show interface".
This doesn't appear when I do the same when I add a port ("polycubectl router r1 ports add port1 ipv6="fe21::/64")
Reproducer:
$ polycubectl router add r1
$ polycubectl r1 ports add to_br1 ip=10.0.1.254 netmask=255.255.255.0
$ polycubectl r1 route 10.0.3.0 255.255.255.0 10.0.1.2 set pathcost=5
[Route]: Method setPathcost not implemented
Check if all the documents have the example for the services
libpolycube
provides a set of primitives used by the services to communicate with the framework.
Some includes paths are giving problems in the compilation of standalone services (services that are not shipped with polycube), in order to solve it a pkg-config
configuration file for libpolycube should be created, so services know which libraries and include paths they should use.
There are some parts in some services that could have race conditions.
As of today, we have identified one in the nat (kubenat has it as well) [1]. It would be possible for that function to be invoked from more than a thread at the time, that will cause unexpected behavior.
I'm almost sure that there are similar issues in other services.
[1]
polycube/src/services/pcn-nat/src/Nat_dp.c
Line 179 in 1f3dbfe
The workaround has been made available for this issue but definitely, fix is needed.
Adding to tracker.
This solution is just a workaround, so I prefer to close it until we implement a proper solution for this problem: #91.
Originally posted by @mauriciovasquezbernal in #77 (comment)
E.g., some rules belong to "INPUT" chain, then other rules are in common between both INPUT and OUTPUT rulesets.
This is needed particularly for pcn-iptables.
-Fulvio
Some services need to get a timestamp to implement an aging mechanism. eBPF provides the bpf_ktime_get_ns
helper, however we identified this function is slow in different benchmarks.
pcn-simplebride
[1] and pcn-iptables
[2] implement this by having a map that stores a timestamp that is updated by a thread in user-space, this solution is not ideal as each cube instance has a different thread just to update the timestamp.
This feature should be implemented directly in polycube, having a single thread for all the system to update that counter.
[1] 9a58dd3
[2] https://github.com/polycube-network/polycube/blob/master/src/services/pcn-iptables/src/modules/ConntrackTableUpdate.cpp#L110
When a test is executed it is necessary to check the return code to get the test result, it would be nice to have to print an explicitly message indicating the result.
pcn-iptables supports the non-interactive mode, where a set of rules can be inserted into the firewall without requiring the recompilation of the datapath, which can be applied at a later stage by applying the current configuration.
I noticed that the insertion of a rule within the interactive=false mode was influenced by the number of rules (which is not expected in this mode).
When looking at the code I discovered that the limitation was due to the 'ACCEPT-ESTABLISHED' optimization, which was checked every time and (maybe) not always required, except when rules are definitely applied.
I have a small fix for this, but I didn't want to submit a PR because of the rework of pcn-iptables that @mbertrone is performing.
I opened this issue just to keep track of this problem.
Build procedure for pcn-iptables may need a review.
Steps to reproduce the behavior:
Ubuntu 18.04 LTS
4.15.0-20-generic x86_64
It is not possible to run two instances of polycubed on the same system, when a second instance is launched, it closes with the following message error:
terminate called after throwing an instance of 'std::runtime_error'
what(): epoll_ctl(epoll_fd, EPOLL_CTL_ADD, fd, &ev): Bad file descriptor
Aborted
That message is not clear enough to recognize the source of the problem.
A mechanism to check if another instance is running would allow printing a more useful message, as:
Another instance of polycubed is running PID: ....
-Mauricio
We rely on clang-format for the coding style, however, a proper document describing it is missing.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.