polycube-network / polycube Goto Github PK

We are missing this guide that tells people how to contribute to the project.

Currently, rules are shown in the pcn-firewall syntax. It has to be converted in a way that is equivalent to the original iptables one.
-Fulvio

In some cases, the output contains so many columns and the terminal is not wide enough to fit it.

There is some logic to break the last column into multiple lines, however, it doesn't work in all the cases (when there are not white spaces #193), also if the last column is a small one it doesn't make sense to break it.

There are many ways to handle this problem

Create an improved breaking logic that is capable of breaking the best / better column(s)
Print an error
Print only the columns that fit and tell in some way to the user that there are some hidden columns
Completely ignore the problem printing a misaligned table (current behavior)
-Mauricio

Mauricio identified a weird limitation that can cause many troubles to developers.

pcn_log is not a function nor a macro, it is just a string that is looked and replaced in the code using a set of regular expressions (DatapathLog::parse_log)[1]. Currently, those regex are only able to replace pcn_log correctly if this is in a single line, otherwise strange compilation errors happen.

This limitation is because this is not possible to use a map inside a macro with bcc, unfortunately, I haven't been able to look a solution for it.

https://github.com/polycube-network/polycube/blob/master/src/polycubed/src/datapath_log.cpp#L211

It would be good to have some script which will collect logs and other information, which will be later attached to the bugs reported here.

Priority: Low
Type: Enhancement

To validate and correct the macro in the documentation (wherever applicable).

Originally this was brought up Mauricio:

As a note: This works fine for now, but once do the first release this will cause problems because the documentation of that release would point to this the vagrant file in master.
Using the `SCM_WEB` macro is better.

Originally posted by @mauriciovasquezbernal in https://github.com/polycube-network/polycube/pull/83/files/460a55fe0040f2b352e8ef78a8a5ea7d73b1b97b

The CLI has some issues when a string that can be converted to a number is used as name of a port. Probably this is a more generic problem.

$ polycubectl simplebridge add br0
$ polycubectl br0 ports add 10e30
$ polycubectl show br0
name: br0
uuid: 104fc8c1-fdf4-405b-8ae9-db7d2a92aa43
type: type_tc
loglevel: info
fdb:
 aging-time: 300
ports:
- [0]
    name: 9999999999999999635896294965248.000000
    uuid: 9efbe0c7-f990-4544-b72f-4f445672fb40
    status: down
    peer: 
    mac: 4e:cc:d4:0c:ec:e7
$ polycubectl br0 fdb entry add 02:42:a7:24:d4:2d port=10e30
type must be string, but is number

-Mauricio

ExtIfaceTC and ExtIfaceXDP share a lot of code, maybe we can create a single class ExtIface or at least create a common base one.

pcn-iptables adopts some optimizations to skip the pipeline when no rules are instantiated in the target chain.
In particular, the Chain Logic module sets the PASS_LABELING label, which is used by the subsequent modules to understand the situation and act consequently.
However, I noticed that in this case, even though the system behaves correctly, it doesn't update the counters for the default action that is matched.

The issue can be easily reproduced by starting pcn-iptables without any rule and then send traffic to the INPUT or FORWARD chain.

• Sebastiano

$ polycubectl router add r1
$ polycubectl r1 ports add ?

Keyword             Type     Description
 <name>              string   Port Name
 
 Other parameters:
 peer=value          string   Peer name, such as a network interfaces (e.g., 'veth0') or another cube (e.g., 'br1:port2')
 ip=value            string   IP address of the port
 netmask=value       string   Netmask of the port
 mac=value           string   MAC address of the port
Example: 
 polycubectl r1 ports add port1 peer=r0:port1 ip=207.46.130.1 netmask=255.255.255.0 mac=B3:23:45:F5:3A 

peer and mac are optional parameters, but from that output, it is not possible to distinguish which are mandatory or optional.
-Mauricio

Packets going from the data path to the control plane (PacketIn events) and logging messages use different perf ring buffers, for this reason, they could be received on the control plane in a different order they were sent from the data path.

A possible solution to this problem would be to use the same perf ring buffer for both kinds of messages.

• Mauricio

https://github.com/polycube-network/swagger-codegen/ is behind last changes we did to polycube.

AFAIK this as the missing changes:

• Ports constructor
• Ports::{create, get, getEntry, remove, removeEntry}
• packet_in signature
• remove TYPE_ from TYPE_{TC, XDP_SKB, XDP_DRV}
• egress_code argument always required in Cube constructor
• Cube is templated: cube inherits from Cube
• ports_ is not anymore present on service class (not sure if this is part of the code generator)
• CMakeList.txt on src/
• create service_dp.c instead of service_dp.h
• do not include datamodel in service-lib.cpp

Probably we should adopt a policy that a PR that affects code generation cannot be merged into polycube until the generation tools are updated

• Mauricio

Improve the Usage section.
-Fulvio

Snip from PR#152

Reviewed the code, looks good to me. But I am a little worry about the way the service being used, it is a system-wise service but we have to attach it to a particular interface, I think maybe we should introduce a host type service along with transparent and regular service.

Originally posted by @goldenrye in #152 (comment)

It is a quite strange issue, if there is a filename with a single-character name in the folder where invoking CLI, the help commands do not work:

$ echo "It does not matter what you put here" > a
$ polycubectl ? # gives "no service present with name a"
$ polycubectl router add r0
$ polycubectl r0 ? # gives "404 Not Found"
This is because the the ? is a bash special character is bash used as a single-character wild card [1]

This is not that important, I am only opening the issue to keep track of this in case somebody hits this problem.

[1] https://www.tldp.org/LDP/abs/html/special-chars.html

-Mauricio

Not sure when and who would pick this one. Keeping it here as a tracker for now.

Following our last to last week call, we agreed to have some metrics which will play a vital role when things goes into production, troubleshooting and performance analysis, benchmarking and (maybe) future dashboard integrations.

Majorly for:

PCN-FW
Like iptables have counters/metrics, something similar we need to have.

PCN-DDOS
Some counters which will display us the usage or some numbers to check about the DDOS protection.

PCN-K8S
Most of the metrics are reusable from K8S metrics.

The error message that is returned when the client performs a non-valid request does not contain a description of the error.

For instance:

$ polycubectl hw0 ports add p1 perar=dasda
{"ietf-restconf:errors":{"error":[{"error-type":"application","error-tag":"perar"}]}}

It would be nice to provide a human readable error description in those cases. I think we can use the error-message field of http://www.netconfcentral.org/modules/ietf-restconf#error.146.

Describe the bug

polycubectl returns an error for terminal size too small, even if it's 238(columns) by 57 (lines)

To Reproduce

Steps to reproduce the behavior:

1. Run polycubectl --help to see the error.

user@node1:~$ sudo docker run -it --rm --privileged --network host -it polycubenetwork/polycube:latest polycubectl --help
Size of the terminal is too small, output could be missaligned.
Keyword                 Type      Description
 transparenthelloworld   service   Transparent-Helloworld Service
 simplebridge            service   Simple L2 Bridge Service
 nat                     service   NAT Service
 lbrp                    service   LoadBalancer Reverse-Proxy Service
 firewall                service   Firewall Service
 ddosmitigator           service   DDoS Mitigator Service
 simpleforwarder         service   Simple Forwarder Base Service
 lbdsr                   service   LoadBalancer Direct Server Return Service
 pbforwarder             service   Policy-Based Forwarder Service
 helloworld              service   Helloworld Service
 iptables                service   Unknown
 router                  service   Router Service
 k8switch                service   Kubernetes HyperSwitch Service
 k8sfilter               service   Kubernetes Traffic Filtering Service

 connect                 command   Connect ports
 disconnect              command   Disconnect ports

 attach                  command   Attach transparent cubes
 detach                  command   Detach transparent cubes

 services                command   Show/Add/Del services (e.g. Bridge, Router,
                                   ..)
 cubes                   command   Show running service instances (e.g. br1,
                                   nat2, ..)
 topology                command   Show topology of service instances
 netdevs                 command   Show net devices available

user@node1:~$ tput lines && tput cols
57
238

Expected behavior

polycubecctl shouldn't throw an error if the screen size is large enough. Maybe we can also eliminate this terminal size check?!

Please tell us about your environment:

1. OS details: "Ubuntu 18.04.1 LTS" (64 bit)
2. Kernel details: 4.17.8-041708-generic
3. Polycube Version: pre_transparent_services+ [git: (branch/commit): master/b813c671]
4. Polycube Log:

[2019-04-29 20:17:41.022] [polycubed] [info] configuration parameters:
[2019-04-29 20:17:41.022] [polycubed] [info]  loglevel: info
[2019-04-29 20:17:41.022] [polycubed] [info]  daemon: true
[2019-04-29 20:17:41.022] [polycubed] [info]  pidfile: /var/run/polycube.pid
[2019-04-29 20:17:41.022] [polycubed] [info]  port: 9000
[2019-04-29 20:17:41.023] [polycubed] [info]  addr: localhost
[2019-04-29 20:17:41.023] [polycubed] [info]  logfile: /var/log/polycube/polycubed.log
[2019-04-29 20:17:41.023] [polycubed] [info] polycubed starting...
[2019-04-29 20:17:41.023] [polycubed] [info] version pre_transparent_services+ [git: (branch/commit): master/b813c671]
[2019-04-29 20:17:41.023] [polycubed] [info] running as daemon

Additional context

$ sudo docker images | grep polycube
polycubenetwork/polycube                   latest               5a4805bd2dbc        2 days ago          526MB

To reproduce:

polycubectl k8switch add k8switch1 loglevel=OFF \
cluster-ip-subnet=10.96.0.0/12 client-subnet=192.168.1.0/24 \
virtual-client-subnet=10.10.1.0/24 type=TYPE_XDP_DRV

The verifier will fails with:

math between pkt pointer and register with unbounded min value is not allowed

This is somehow related to the checksum update functions, but we still don't find the solution for it.

Testing for pcn-k8s related components is badly missing, so it is common to have problems like #100.

In order to avoid breaking pcn-k8s we should:

• create tests for pcn-k8switch and pcn-k8sfilter services.
• create a test (maybe based on vagrant) for the full solution: pod to pod, pod to service, external services and so on.
• create tests for the pcn-k8s agent.

There is a problem in adding a service to the framework through the command polycubectl service add.
The same service works if i add it in src/services/CMakeLists.txt and then reinstall polycube, so it is not a problem of the service itself.

Here a screenshot:

There is no clear distinction between pcn-iptables and pcn-firewall in the documentation.

Clarification of the difference between pcn-iptables and the firewall service (in particular to emphasize the possibility to use the former as a drop-in replacement of iptables) and, more in general, of the difference between applications and services.

• Matteo

Commercial devices have the possibility to configure a "mirror port", which takes the traffic on one (or more) ports and duplicates the packets over it. This is used for debugging purposes, as a tcpdump/Wireshark can capture exactly the packet flow that is actually going on in the network.
We should add such a feature to polycube as well: when two services are connected, we should add the possibility to create a mirror port, which turns into creating a hidden iomodule inserted in between the existing two, which takes the packets and duplicate them, and send one to the target iomodule, the other to a tap.
Tcpdump/Wireshark can the attach to that tap and capture the traffic. In this way, we can capture exactly the traffic that is flowing through iomodules, hence possibly detecting where a bug may be.
This feature should be provided by the framework, so it should be included by default in the code automatically produced by our code generation tools.
-Fulvio

Error while following the procedure to build the HTML documentation.

pip install -r requirements.txt

root@webserver-dev1:~/polycube/Documentation# pip install -r requirements.txt
Collecting Sphinx>=1.8.1 (from -r requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/0e/5c/e7d076cf2900b38cba5c7d48545953540d86634d391b702067c00d99cb01/Sphinx-1.8.3-py2.py3-none-any.whl (3.1MB)
    100% |████████████████████████████████| 3.1MB 320kB/s
Collecting sphinx-rtd-theme==0.4.2 (from -r requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/ef/0c/e4a462190506bc4bff6ca8cf93da07b2d13e540466d2e8a760352d0c69b0/sphinx_rtd_theme-0.4.2-py2.py3-none-any.whl (6.4MB)
    100% |████████████████████████████████| 6.4MB 152kB/s
Collecting sphinxcontrib-spelling>4.0.0 (from -r requirements.txt (line 3))
  Downloading https://files.pythonhosted.org/packages/74/22/3fc121b8a7acd4952e0a280ced4703ed0082ae61533204731ef4cdfa01cb/sphinxcontrib-spelling-4.2.0.tar.gz
Collecting sphinxcontrib-websupport (from Sphinx>=1.8.1->-r requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/52/69/3c2fbdc3702358c5b34ee25e387b24838597ef099761fc9a42c166796e8f/sphinxcontrib_websupport-1.1.0-py2.py3-none-any.whl
Collecting babel!=2.0,>=1.3 (from Sphinx>=1.8.1->-r requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/b8/ad/c6f60602d3ee3d92fbed87675b6fb6a6f9a38c223343ababdb44ba201f10/Babel-2.6.0-py2.py3-none-any.whl (8.1MB)
    100% |████████████████████████████████| 8.1MB 126kB/s
Collecting imagesize (from Sphinx>=1.8.1->-r requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/fc/b6/aef66b4c52a6ad6ac18cf6ebc5731ed06d8c9ae4d3b2d9951f261150be67/imagesize-1.1.0-py2.py3-none-any.whl
Requirement already satisfied: setuptools in /usr/lib/python2.7/dist-packages (from Sphinx>=1.8.1->-r requirements.txt (line 1))
Collecting packaging (from Sphinx>=1.8.1->-r requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/89/d1/92e6df2e503a69df9faab187c684585f0136662c12bb1f36901d426f3fab/packaging-18.0-py2.py3-none-any.whl
Collecting Pygments>=2.0 (from Sphinx>=1.8.1->-r requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/13/e5/6d710c9cf96c31ac82657bcfb441df328b22df8564d58d0c4cd62612674c/Pygments-2.3.1-py2.py3-none-any.whl (849kB)
    100% |████████████████████████████████| 849kB 1.1MB/s
Collecting requests>=2.0.0 (from Sphinx>=1.8.1->-r requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/7d/e3/20f3d364d6c8e5d2353c72a67778eb189176f08e873c9900e10c0287b84b/requests-2.21.0-py2.py3-none-any.whl (57kB)
    100% |████████████████████████████████| 61kB 8.4MB/s
Requirement already satisfied: six>=1.5 in /usr/lib/python2.7/dist-packages (from Sphinx>=1.8.1->-r requirements.txt (line 1))
Collecting docutils>=0.11 (from Sphinx>=1.8.1->-r requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/50/09/c53398e0005b11f7ffb27b7aa720c617aba53be4fb4f4f3f06b9b5c60f28/docutils-0.14-py2-none-any.whl (543kB)
    100% |████████████████████████████████| 552kB 2.0MB/s
Collecting typing; python_version < "3.5" (from Sphinx>=1.8.1->-r requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/cc/3e/29f92b7aeda5b078c86d14f550bf85cff809042e3429ace7af6193c3bc9f/typing-3.6.6-py2-none-any.whl
Collecting alabaster<0.8,>=0.7 (from Sphinx>=1.8.1->-r requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/10/ad/00b090d23a222943eb0eda509720a404f531a439e803f6538f35136cae9e/alabaster-0.7.12-py2.py3-none-any.whl
Collecting Jinja2>=2.3 (from Sphinx>=1.8.1->-r requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/7f/ff/ae64bacdfc95f27a016a7bed8e8686763ba4d277a78ca76f32659220a731/Jinja2-2.10-py2.py3-none-any.whl (126kB)
    100% |████████████████████████████████| 133kB 6.4MB/s
Collecting snowballstemmer>=1.1 (from Sphinx>=1.8.1->-r requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/d4/6c/8a935e2c7b54a37714656d753e4187ee0631988184ed50c0cf6476858566/snowballstemmer-1.2.1-py2.py3-none-any.whl (64kB)
    100% |████████████████████████████████| 71kB 7.2MB/s
Collecting PyEnchant>=1.6.5 (from sphinxcontrib-spelling>4.0.0->-r requirements.txt (line 3))
  Downloading https://files.pythonhosted.org/packages/9e/54/04d88a59efa33fefb88133ceb638cdf754319030c28aadc5a379d82140ed/pyenchant-2.0.0.tar.gz (64kB)
    100% |████████████████████████████████| 71kB 6.3MB/s
    Complete output from command python setup.py egg_info:
    Traceback (most recent call last):
      File "<string>", line 1, in <module>
      File "/tmp/pip-build-i3UU4e/PyEnchant/setup.py", line 212, in <module>
        import enchant
      File "enchant/__init__.py", line 92, in <module>
        from enchant import _enchant as _e
      File "enchant/_enchant.py", line 145, in <module>
        raise ImportError(msg)
    ImportError: The 'enchant' C library was not found. Please install it via your OS package manager, or use a pre-built binary wheel from PyPI.

    ----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-i3UU4e/PyEnchant/

Shared NIC problem (an eBPF service takes the entire traffic on the NIC; we cannot start a service that takes a subset of traffic)

As you can see from [here](url
https://github.com/polycube-network/polycube/blob/439eb2f2d3af94da9686df5ed8dee2131feda80d/polycubed/src/iomodule_xdp.cpp#L193), when a developer calls the polycube_pkt_redirect function, a lookup in the forward_chain_ map is made in order to understand the next-hop to which redirect the packet (that can be a netdev or another iomodule).

Based on my performance tests, I've discovered that the lookup in that map is costly and reduces the performance compared to the eBPF baseline.

My proposal is to remove this map lookup adding dynamically, into the polycube_pkt_redirect function code, the address of the next iomodule and then reload the code whenever a new peer is attached.
In this way, we could also use the bpf_redirect_map helper with devmap, which provides a 20-30% of improvement due bulking via delayed tailptr write.

Finally, a sample implementation of the eBPF code for the polycube_pkt_redirect function would be:

int polycube_pkt_redirect(struct xdp_md *pkt, int out_port) {
  // The netdev map contains the logical-physical port mapping only for netdevs
  switch (out_port) {
      case 0:
          bpf_redirect_map(&netdev_map, out_port, 0);
      case 1:
          xdp_nodes.call(pkt, 0xaabbcc);
      case 2:
          xdp_nodes.call(pkt, 0xbbaacc);
  }
}

This code would be automatically generated every time a new peer is connected to the iomodule.

-Sebastiano

We should preserve the order in the JSON that is received from polycubed in order to print the elements to the user in the same list they are defined in the data model.

In order to do that we modified the https://github.com/Jeffail/gabs library in order to use https://github.com/cevaris/ordered_map instead of standard maps, it is working for some cases but not for all of them. For example, when an array of objects is received, the order is not preserved.

There is not an easy solution for it, the major challenge is that the JSON unmarshalling provided by golang is based on the standard map that is not ordered, so there will be always a case where the order is lost.

I think a possible solution would be to create (probably not from scratch) our own JSON unmarshalling routine, unfortunately, it doesn't appear to be that easy work.
-Mauricio

Current procedure is to set the directmode with etcdctl (etcd client), it's working well. But for ease of management, we might look into possibilities to set this with polycubed cli.

Describe the bug

Some commands do not work using the notation
polycubectl <service_type> <service_name> <add/remove/set/..>

To Reproduce

1. polycubectl bridge add b1 stp-enabled=true -> ok
2. polycubectl bridge b1 ports add p1 -> ok
3. polycubectl bridge b1 stp 1 set priority=28672 -> error

Output after command 3. -> No cube found named bridge

Additional context

If i omit <service_type>, the command works correctly
E.g. polycubectl b1 stp 1 set priority=28672 -> ok

Strangely, this bug does not happens everytime (for example command 2. above does not present any problem)

Although we have implemented an algorithm that deletes entries when they are not used [1], this implementation presents many limitations and complications.
There is not so much that we can do from our side, this limitation requires an extension to the eBPF maps.
[1] https://github.com/polycube-network/polycube/blob/master/src/services/pcn-bridge/src/Bridge.h#L167-L175
-Mauricio

A SIGINT makes polycubed to crash with a segmentation fault when it is starting.

Example:

[2019-01-22 20:25:09.781] [polycubed] [info] loading configuration from /etc/polycube/polycubed.conf
[2019-01-22 20:25:09.783] [polycubed] [info] configuration parameters: 
[2019-01-22 20:25:09.783] [polycubed] [info]  loglevel: debug
[2019-01-22 20:25:09.783] [polycubed] [info]  daemon: false
[2019-01-22 20:25:09.783] [polycubed] [info]  pidfile: /var/run/polycube.pid
[2019-01-22 20:25:09.783] [polycubed] [info]  port: 9000
[2019-01-22 20:25:09.783] [polycubed] [info]  addr: localhost
[2019-01-22 20:25:09.783] [polycubed] [info]  logfile: /var/log/polycube/polycubed.log
[2019-01-22 20:25:09.783] [polycubed] [info] polycubed starting...
[2019-01-22 20:25:09.783] [polycubed] [info] version -128-NOTFOUND+ [git: (branch/commit): transparent_services_new/6fab8309]
^C[2019-01-22 20:25:10.595] [polycubed] [info] Caught signal 2
Segmentation fault

Describe the bug

Followed all the instructions to install the PCN-Iptables from https://github.com/polycube-network/polycube/blob/master/Documentation/installation.rst#installing-polycube-1
All goes well until I reach to the end section of the documentation link to install polycubed and polycubectl.

$ cmake .. -DENABLE_PCN_IPTABLES=ON
-- Version is pre_transparent_services+ [git: (branch/commit): master/79429777]
-- Latest recognized Git tag is -128-NOTFOUND
-- Git HEAD is 79429777c3b0afab3dc8770ed3b0b1b3bcac4558
-- Revision is 128-NOTFOUND-79429777
-- Found LLVM: /usr/lib/llvm-5.0/include 5.0.1
-- Using static-libstdc++
-- Could NOT find LuaJIT (missing: LUAJIT_LIBRARIES LUAJIT_INCLUDE_DIR)
CMake Warning at src/libs/bcc/tests/python/CMakeLists.txt:6 (message):
  Recommended test program 'arping' not found


CMake Warning at src/libs/bcc/tests/python/CMakeLists.txt:10 (message):
  ignore line: []
  ignore line: [Run Build Command:"/usr/bin/make" "cmTC_b4d5c/fast"]
  ignore line: [/usr/bin/make -f CMakeFiles/cmTC_b4d5c.dir/build.make CMakeFiles/cmTC_b4d5c.dir/build]
  ignore line: [make[1]: Entering directory '/home/kube/polycube/build/CMakeFiles/CMakeTmp']
  ignore line: [Building C object CMakeFiles/cmTC_b4d5c.dir/CMakeCCompilerABI.c.o]
  ignore line: [/usr/bin/cc    -o CMakeFiles/cmTC_b4d5c.dir/CMakeCCompilerABI.c.o   -c /usr/share/cmake-3.10/Modules/CMakeCCompilerABI.c]
  ignore line: [Linking C executable cmTC_b4d5c]
  ignore line: [/usr/bin/cmake -E cmake_link_script CMakeFiles/cmTC_b4d5c.dir/link.txt --verbose=1]
  ignore line: [/usr/bin/cc     -v -rdynamic CMakeFiles/cmTC_b4d5c.dir/CMakeCCompilerABI.c.o  -o cmTC_b4d5c ]
  ignore line: [Using built-in specs.]
  ignore line: [COLLECT_GCC=/usr/bin/cc]
  ignore line: [COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/7/lto-wrapper]
  ignore line: [OFFLOAD_TARGET_NAMES=nvptx-none]
  ignore line: [OFFLOAD_TARGET_DEFAULT=1]
                                                                                                                                                                                              
  Recommended test program 'netperf' not found


CMake Error at /usr/share/cmake-3.10/Modules/FindPackageHandleStandardArgs.cmake:137 (message):
  Could NOT find PkgConfig (missing: PKG_CONFIG_EXECUTABLE)
Call Stack (most recent call first):
  /usr/share/cmake-3.10/Modules/FindPackageHandleStandardArgs.cmake:378 (_FPHSA_FAILURE_MESSAGE)
  /usr/share/cmake-3.10/Modules/FindPkgConfig.cmake:36 (find_package_handle_standard_args)
  src/polycubed/src/CMakeLists.txt:1 (find_package)


-- Configuring incomplete, errors occurred!
See also "/home/kube/polycube/build/CMakeFiles/CMakeOutput.log".

To Reproduce

Steps to reproduce the behavior:

1. Follow the instructions from https://github.com/polycube-network/polycube/blob/master/Documentation/installation.rst#installing-polycube-1
2. Execute the final section of the same doc to generate polycubed and polycubectl
3. See error and the output.log

Expected behavior

All the process should be clear and easy to follow without any error(s).

Please tell us about your environment:

1. OS details: Ubuntu 18.04 LTS
2. Kernel details: 4.15.0-20-generic x86_64
3. Polycube Version: N/A
4. Polycube Log: N/A

Additional context

n/A

polycubed implements a rest API [1], these are some of the available functions:

• Add, show and get services
• Get full list of cubes
• Get topology
• Get netdevs in the system
• Connect & disconnect cubes
• Get version

This API is not documented [2]

[1] https://github.com/polycube-network/polycube/blob/master/src/polycubed/src/rest_server.h#L60
[2] https://github.com/polycube-network/polycube/blob/master/Documentation/polycubed/polycubed.rst#rest-api

We should replace the architecture Picture [1], with a new one (produced by more expert designers :) ).
Or at least, replace the polycube(logo) text with just polycube.

[1] https://github.com/polycube-network/polycube/blob/master/Documentation/images/polycube-archi.png

• Matteo

vagrant@vagrant:~/polycube/tutorials/tutorial-basic2$ polycubectl bridge br1 show
Method not implemented

vagrant@vagrant:~/polycube/tutorials/tutorial-basic2$ polycubectl bridge br1 show ?

Keyword Type Description
ports list Entry of the ports table
stp list Per-vlan Spanning Tree Protocol Configuration
stpenabled boolean Enable/Disable the STP protocol of the bridge
type string Type of the IOModule (TYPE_TC, TYPE_XDP_SKB, TYPE_XDP_DRV)
uuid string UUID of the IOModule
agingtime integer Aging time of the filtering database
filteringdatabase list Entry associated with the filtering database

vagrant@vagrant:~/polycube/tutorials/tutorial-basic2$ polycubectl bridge br1 show ports ?

Keyword Type Description
string Port Name

vagrant@vagrant:~/polycube/tutorials/tutorial-basic2$ polycubectl bridge br1 show ports
Method not implemented

-Mauricio

I received an error '404 not found' when I try to write the character '/' in the CLI, for instance, when I write "polycubectl router r1 routingtableentryipv6 f80::/64 c213::/64 show interface".
This doesn't appear when I do the same when I add a port ("polycubectl router r1 ports add port1 ipv6="fe21::/64")

Reproducer:

$ polycubectl router add r1
$ polycubectl r1 ports add to_br1 ip=10.0.1.254 netmask=255.255.255.0
$ polycubectl r1 route 10.0.3.0 255.255.255.0 10.0.1.2 set pathcost=5
[Route]: Method setPathcost not implemented

• Mauricio

Check if all the documents have the example for the services

• [ddosmitigator.rst] (Documentation/services/pcn-ddosmitigator/ddosmitigator.rst)
  Originally posted by @mauriciovasquezbernal in #51

libpolycube provides a set of primitives used by the services to communicate with the framework.

Some includes paths are giving problems in the compilation of standalone services (services that are not shipped with polycube), in order to solve it a pkg-config configuration file for libpolycube should be created, so services know which libraries and include paths they should use.

There are some parts in some services that could have race conditions.

As of today, we have identified one in the nat (kubenat has it as well) [1]. It would be possible for that function to be invoked from more than a thread at the time, that will cause unexpected behavior.

I'm almost sure that there are similar issues in other services.

[1]

The workaround has been made available for this issue but definitely, fix is needed.
Adding to tracker.

This solution is just a workaround, so I prefer to close it until we implement a proper solution for this problem: #91.

Originally posted by @mauriciovasquezbernal in #77 (comment)

E.g., some rules belong to "INPUT" chain, then other rules are in common between both INPUT and OUTPUT rulesets.
This is needed particularly for pcn-iptables.
-Fulvio

Some services need to get a timestamp to implement an aging mechanism. eBPF provides the bpf_ktime_get_ns helper, however we identified this function is slow in different benchmarks.

pcn-simplebride [1] and pcn-iptables [2] implement this by having a map that stores a timestamp that is updated by a thread in user-space, this solution is not ideal as each cube instance has a different thread just to update the timestamp.

This feature should be implemented directly in polycube, having a single thread for all the system to update that counter.

[1] 9a58dd3
[2] https://github.com/polycube-network/polycube/blob/master/src/services/pcn-iptables/src/modules/ConntrackTableUpdate.cpp#L110

When a test is executed it is necessary to check the return code to get the test result, it would be nice to have to print an explicitly message indicating the result.

pcn-iptables supports the non-interactive mode, where a set of rules can be inserted into the firewall without requiring the recompilation of the datapath, which can be applied at a later stage by applying the current configuration.

I noticed that the insertion of a rule within the interactive=false mode was influenced by the number of rules (which is not expected in this mode).
When looking at the code I discovered that the limitation was due to the 'ACCEPT-ESTABLISHED' optimization, which was checked every time and (maybe) not always required, except when rules are definitely applied.
I have a small fix for this, but I didn't want to submit a PR because of the rework of pcn-iptables that @mbertrone is performing.

I opened this issue just to keep track of this problem.

• Sebastiano

Describe the bug

Build procedure for pcn-iptables may need a review.

https://github.com/polycube-network/polycube/tree/master/src/components/iptables#steps-to-install-pcn-iptables

To Reproduce

Steps to reproduce the behavior:

1. Follow the instruction from the above link and it won't work, as the build directory isn't there.

Expected behavior

1. Needs a clear and easy to follow instruction to build and install.

Please tell us about your environment:

1. OS details: Ubuntu 18.04 LTS
2. Kernel details: 4.15.0-20-generic x86_64
3. Polycube Version: N/A
4. Polycube Log: N/A

It is not possible to run two instances of polycubed on the same system, when a second instance is launched, it closes with the following message error:

terminate called after throwing an instance of 'std::runtime_error'
  what():  epoll_ctl(epoll_fd, EPOLL_CTL_ADD, fd, &ev): Bad file descriptor
Aborted

That message is not clear enough to recognize the source of the problem.
A mechanism to check if another instance is running would allow printing a more useful message, as:

Another instance of polycubed is running PID: ....

-Mauricio

We rely on clang-format for the coding style, however, a proper document describing it is missing.

• Mauricio