From e680550089d4696e9c9f4cf09b5e011a0e9aac18 Mon Sep 17 00:00:00 2001 From: Walt Karas Date: Fri, 10 Feb 2023 05:22:24 +0000 Subject: [PATCH 1/5] Add 14 metrics for TCP connections created for tunnels. Add current and total metrics for TCP connetions towards clients for blind TCP tunnels, and TLS tunnel, forward, and partial blind tunnel SNI-based tunnels. Add current and total metrics for TCP connetions towards servers, for blind TCP tunnels and TLS tunnels. Only partial blind tunnel SNI-based tunnels are counted as TLS tunnels on the outgoing side, because they are only SNI-based tunnels where ATS termitates the TLS connection form the client and originates a new one towards the server. --- .../statistics/core/http-connection.en.rst | 25 ++++++- .../monitoring/statistics/core/ssl.en.rst | 60 +++++++++++++++++ iocore/eventsystem/I_VConnection.h | 8 ++- iocore/net/Net.cc | 14 ++++ iocore/net/P_Net.h | 14 ++++ iocore/net/P_SSLNetVConnection.h | 3 + iocore/net/P_UnixNetVConnection.h | 19 ++++++ iocore/net/SSLNetVConnection.cc | 65 +++++++++++++++++++ iocore/net/UnixNetVConnection.cc | 53 +++++++++++++++ proxy/ProxyTransaction.cc | 8 +++ proxy/ProxyTransaction.h | 2 + proxy/http/HttpSM.cc | 5 ++ tests/gold_tests/connect/connect.test.py | 37 ++++++++++- tests/gold_tests/connect/gold/metrics.gold | 21 ++++++ .../remap/gold/remap-ws-metrics.gold | 21 ++++++ tests/gold_tests/remap/remap_ws.test.py | 34 ++++++++++ .../tls-partial-blind-tunnel-metrics.gold | 21 ++++++ .../tls/gold/tls-tunnel-forward-metrics.gold | 21 ++++++ .../tls/gold/tls-tunnel-metrics.gold | 14 ++++ .../tls/tls_partial_blind_tunnel.test.py | 32 +++++++++ tests/gold_tests/tls/tls_tunnel.test.py | 16 ++++- .../gold_tests/tls/tls_tunnel_forward.test.py | 32 +++++++++ 22 files changed, 521 insertions(+), 4 deletions(-) create mode 100644 tests/gold_tests/connect/gold/metrics.gold create mode 100644 tests/gold_tests/remap/gold/remap-ws-metrics.gold create mode 100644 tests/gold_tests/tls/gold/tls-partial-blind-tunnel-metrics.gold create mode 100644 tests/gold_tests/tls/gold/tls-tunnel-forward-metrics.gold diff --git a/doc/admin-guide/monitoring/statistics/core/http-connection.en.rst b/doc/admin-guide/monitoring/statistics/core/http-connection.en.rst index 28de812a0bf..cd9a554e0b7 100644 --- a/doc/admin-guide/monitoring/statistics/core/http-connection.en.rst +++ b/doc/admin-guide/monitoring/statistics/core/http-connection.en.rst @@ -164,10 +164,33 @@ HTTP Connection Counts the number of times current parent or next parent was detected +.. ts:stat:: global proxy.process.tunnel.total_client_connections_blind_tcp integer + :type: counter + + Total number of non-TLS TCP connections for tunnels where the far end is the client + initiated with an HTTP request (such as a CONNECT or WebSocket request). + +.. ts:stat:: global proxy.process.tunnel.current_client_connections_blind_tcp integer + :type: counter + + Current number of non-TLS TCP connections for tunnels where the far end is the client + initiated with an HTTP request (such as a CONNECT or WebSocket request). + +.. ts:stat:: global proxy.process.tunnel.total_server_connections_blind_tcp integer + :type: counter + + Total number of TCP connections for tunnels where the far end is the server, + except for those counted by ``proxy.process.tunnel.total_server_connections_tls`` + +.. ts:stat:: global proxy.process.tunnel.current_server_connections_blind_tcp integer + :type: counter + + Current number of TCP connections for tunnels where the far end is the server, + except for those counted by ``proxy.process.tunnel.current_server_connections_tls`` + HTTP/2 ------ - .. ts:stat:: global proxy.process.http2.total_client_connections integer :type: counter diff --git a/doc/admin-guide/monitoring/statistics/core/ssl.en.rst b/doc/admin-guide/monitoring/statistics/core/ssl.en.rst index e18bae11c6f..59eaa918a54 100644 --- a/doc/admin-guide/monitoring/statistics/core/ssl.en.rst +++ b/doc/admin-guide/monitoring/statistics/core/ssl.en.rst @@ -238,6 +238,66 @@ SSL/TLS A gauge of current active SNI Routing Tunnels. +.. ts:stat:: global proxy.process.tunnel.total_client_connections_tls_tunnel integer + :type: counter + + Total number of TCP connections for TLS tunnels where the far end is the client + created based on a ``tunnel_route`` key in a table in the :file:`sni.yaml` file. + +.. ts:stat:: global proxy.process.tunnel.current_client_connections_tls_tunnel integer + :type: counter + + Current number of TCP connections for TLS tunnels where the far end is the client + created based on a ``tunnel_route`` key in a table in the :file:`sni.yaml` file. + +.. ts:stat:: global proxy.process.tunnel.total_client_connections_tls_forward integer + :type: counter + + Total number of TCP connections for TLS tunnels where the far end is the client + created based on a ``forward_route`` key in a table in the :file:`sni.yaml` file. + +.. ts:stat:: global proxy.process.tunnel.current_client_connections_tls_forward integer + :type: counter + + Current number of TCP connections for TLS tunnels where the far end is the client + created based on a ``forward_route`` key in a table in the :file:`sni.yaml` file. + +.. ts:stat:: global proxy.process.tunnel.total_client_connections_tls_partial_blind integer + :type: counter + + Total number of TCP connections for TLS tunnels where the far end is the client + created based on a ``partial_blind_route`` key in a table in the :file:`sni.yaml` file. + +.. ts:stat:: global proxy.process.tunnel.current_client_connections_tls_partial_blind integer + :type: counter + + Current number of TCP connections for TLS tunnels where the far end is the client + created based on a ``partial_blind_route`` key in a table in the :file:`sni.yaml` file. + +.. ts:stat:: global proxy.process.tunnel.total_client_connections_tls_http integer + :type: counter + + Total number of TLS connections for tunnels where the far end is the client + initiated with an HTTP request. + +.. ts:stat:: global proxy.process.tunnel.current_client_connections_tls_http integer + :type: counter + + Current number of TLS connections for tunnels where the far end is the client + initiated with an HTTP request. + +.. ts:stat:: global proxy.process.tunnel.total_server_connections_tls integer + :type: counter + + Total number of TCP connections for TLS tunnels where the far end is the server + created based on a ``partial_blind_route`` key in a table in the :file:`sni.yaml` file. + +.. ts:stat:: global proxy.process.tunnel.current_server_connections_tls integer + :type: counter + + Current number of TCP connections for TLS tunnels where the far end is the server + created based on a ``partial_blind_route`` key in a table in the :file:`sni.yaml` file. + .. _pre-warming-tls-tunnel-stats: Pre-warming TLS Tunnel diff --git a/iocore/eventsystem/I_VConnection.h b/iocore/eventsystem/I_VConnection.h index e39f4dff5c2..6943a037fff 100644 --- a/iocore/eventsystem/I_VConnection.h +++ b/iocore/eventsystem/I_VConnection.h @@ -360,7 +360,13 @@ class VConnection : public Continuation return false; } -public: + // This function should be called when the VConnection is a tunnel endpoint. By default, a VConnection does not care if it + // is a tunnel endpoint. + virtual void + make_tunnel_endpoint() + { + } + /** The error code from the last error. diff --git a/iocore/net/Net.cc b/iocore/net/Net.cc index 05438e5dd2f..e66df9b63a7 100644 --- a/iocore/net/Net.cc +++ b/iocore/net/Net.cc @@ -92,6 +92,20 @@ register_net_stats() net_rsb.connections_currently_open = intm.newMetricPtr("proxy.process.net.connections_currently_open"); net_rsb.connections_throttled_in = intm.newMetricPtr("proxy.process.net.connections_throttled_in"); net_rsb.connections_throttled_out = intm.newMetricPtr("proxy.process.net.connections_throttled_out"); + net_rsb.tunnel_total_client_connections_blind_tcp = intm.newMetricPtr("proxy.process.tunnel.total_client_connections_blind_tcp"); + net_rsb.tunnel_current_client_connections_blind_tcp = intm.newMetricPtr("proxy.process.tunnel.current_client_connections_blind_tcp"); + net_rsb.tunnel_total_server_connections_blind_tcp = intm.newMetricPtr("proxy.process.tunnel.total_server_connections_blind_tcp"); + net_rsb.tunnel_current_server_connections_blind_tcp = intm.newMetricPtr("proxy.process.tunnel.current_server_connections_blind_tcp"); + net_rsb.tunnel_total_client_connections_tls_tunnel = intm.newMetricPtr("proxy.process.tunnel.total_client_connections_tls_tunnel"); + net_rsb.tunnel_current_client_connections_tls_tunnel = intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_tunnel"); + net_rsb.tunnel_total_client_connections_tls_forward = intm.newMetricPtr("proxy.process.tunnel.total_client_connections_tls_forward"); + net_rsb.tunnel_current_client_connections_tls_forward = intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_forward"); + net_rsb.tunnel_total_client_connections_tls_partial_blind = intm.newMetricPtr("proxy.process.tunnel.total_client_connections_tls_partial_blind"); + net_rsb.tunnel_current_client_connections_tls_partial_blind = intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_partial_blind"); + net_rsb.tunnel_total_client_connections_tls_http = intm.newMetricPtr("proxy.process.tunnel.total_client_connections_tls_http"); + net_rsb.tunnel_current_client_connections_tls_http = intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_http"); + net_rsb.tunnel_total_server_connections_tls = intm.newMetricPtr("proxy.process.tunnel.total_server_connections_tls"); + net_rsb.tunnel_current_server_connections_tls = intm.newMetricPtr("proxy.process.tunnel.current_server_connections_tls"); net_rsb.default_inactivity_timeout_applied = intm.newMetricPtr("proxy.process.net.default_inactivity_timeout_applied"); net_rsb.default_inactivity_timeout_count = intm.newMetricPtr("proxy.process.net.default_inactivity_timeout_count"); net_rsb.fastopen_attempts = intm.newMetricPtr("proxy.process.net.fastopen_out.attempts"); diff --git a/iocore/net/P_Net.h b/iocore/net/P_Net.h index 0d0fa0107ea..41798df868b 100644 --- a/iocore/net/P_Net.h +++ b/iocore/net/P_Net.h @@ -58,6 +58,20 @@ struct NetStatsBlock { Metrics::IntType *read_bytes; Metrics::IntType *read_bytes_count; Metrics::IntType *requests_max_throttled_in; + Metrics::IntType *tunnel_total_client_connections_blind_tcp; + Metrics::IntType *tunnel_current_client_connections_blind_tcp; + Metrics::IntType *tunnel_total_server_connections_blind_tcp; + Metrics::IntType *tunnel_current_server_connections_blind_tcp; + Metrics::IntType *tunnel_total_client_connections_tls_tunnel; + Metrics::IntType *tunnel_current_client_connections_tls_tunnel; + Metrics::IntType *tunnel_total_server_connections_tls; + Metrics::IntType *tunnel_current_server_connections_tls; + Metrics::IntType *tunnel_total_client_connections_tls_forward; + Metrics::IntType *tunnel_current_client_connections_tls_forward; + Metrics::IntType *tunnel_total_client_connections_tls_partial_blind; + Metrics::IntType *tunnel_current_client_connections_tls_partial_blind; + Metrics::IntType *tunnel_total_client_connections_tls_http; + Metrics::IntType *tunnel_current_client_connections_tls_http; Metrics::IntType *socks_connections_currently_open; Metrics::IntType *socks_connections_successful; Metrics::IntType *socks_connections_unsuccessful; diff --git a/iocore/net/P_SSLNetVConnection.h b/iocore/net/P_SSLNetVConnection.h index 0b6f4281d5e..8a6d797079d 100644 --- a/iocore/net/P_SSLNetVConnection.h +++ b/iocore/net/P_SSLNetVConnection.h @@ -500,6 +500,9 @@ class SSLNetVConnection : public UnixNetVConnection, ssl_error_t _ssl_write_buffer(const void *buf, int64_t nbytes, int64_t &nwritten); ssl_error_t _ssl_connect(); ssl_error_t _ssl_accept(); + + void _in_context_tunnel() override; + void _out_context_tunnel() override; }; typedef int (SSLNetVConnection::*SSLNetVConnHandler)(int, void *); diff --git a/iocore/net/P_UnixNetVConnection.h b/iocore/net/P_UnixNetVConnection.h index f453d014944..1d459f9fbe6 100644 --- a/iocore/net/P_UnixNetVConnection.h +++ b/iocore/net/P_UnixNetVConnection.h @@ -44,6 +44,8 @@ struct PollDescriptor; enum tcp_congestion_control_t { CLIENT_SIDE, SERVER_SIDE }; +// WARNING: many or most of the member functions of UnixNetVConnection should only be used when it is instantiated +// directly. They should not be used when UnixNetVConnection is a base class. class UnixNetVConnection : public NetVConnection, public NetEvent { public: @@ -225,10 +227,27 @@ class UnixNetVConnection : public NetVConnection, public NetEvent friend void write_to_net_io(NetHandler *, UnixNetVConnection *, EThread *); + // set_context() should be called before calling this member function. + void make_tunnel_endpoint() override; + + bool + is_tunnel_endpoint() const + { + return _is_tunnel_endpoint; + } + private: virtual void *_prepareForMigration(); virtual NetProcessor *_getNetProcessor(); + bool _is_tunnel_endpoint{false}; + + // Called by make_tunnel_endpiont() when the far end of the TCP connection is the active/client end. + virtual void _in_context_tunnel(); + + // Called by make_tunnel_endpiont() when the far end of the TCP connection is the passive/server end. + virtual void _out_context_tunnel(); + inline static DbgCtl _dbg_ctl_socket{"socket"}; inline static DbgCtl _dbg_ctl_socket_mptcp{"socket_mptcp"}; }; diff --git a/iocore/net/SSLNetVConnection.cc b/iocore/net/SSLNetVConnection.cc index ac68ecf4a0f..1bf6decf850 100644 --- a/iocore/net/SSLNetVConnection.cc +++ b/iocore/net/SSLNetVConnection.cc @@ -1037,6 +1037,30 @@ SSLNetVConnection::free_thread(EThread *t) } con.close(); + if (is_tunnel_endpoint()) { + ink_assert(get_context() != NET_VCONNECTION_UNSET); + + Metrics::decrement(([&]() -> Metrics::IntType * + { + if (get_context() == NET_VCONNECTION_IN) { + switch (get_tunnel_type()) { + case SNIRoutingType::BLIND: + return net_rsb.tunnel_current_client_connections_tls_tunnel; + case SNIRoutingType::FORWARD: + return net_rsb.tunnel_current_client_connections_tls_forward; + case SNIRoutingType::PARTIAL_BLIND: + return net_rsb.tunnel_current_client_connections_tls_partial_blind; + default: + return net_rsb.tunnel_current_client_connections_tls_http; + } + } + // NET_VCONNECTION_OUT - Never a tunnel type for out (to server) context. + ink_assert(get_tunnel_type() == SNIRoutingType::NONE); + + return net_rsb.tunnel_current_server_connections_tls; + })()); + } + #if TS_HAS_TLS_EARLY_DATA if (_early_data_reader != nullptr) { _early_data_reader->dealloc(); @@ -1960,6 +1984,47 @@ SSLNetVConnection::populate(Connection &con, Continuation *c, void *arg) return EVENT_DONE; } +void +SSLNetVConnection::_in_context_tunnel() +{ + ink_assert(get_context() == NET_VCONNECTION_IN); + + Metrics::IntType *t, *c; + + switch (get_tunnel_type()) { + case SNIRoutingType::BLIND: + t = net_rsb.tunnel_total_client_connections_tls_tunnel; + c = net_rsb.tunnel_current_client_connections_tls_tunnel; + break; + case SNIRoutingType::FORWARD: + t = net_rsb.tunnel_total_client_connections_tls_forward; + c = net_rsb.tunnel_current_client_connections_tls_forward; + break; + case SNIRoutingType::PARTIAL_BLIND: + t = net_rsb.tunnel_total_client_connections_tls_partial_blind; + c = net_rsb.tunnel_current_client_connections_tls_partial_blind; + break; + default: + t = net_rsb.tunnel_total_client_connections_tls_http; + c = net_rsb.tunnel_current_client_connections_tls_http; + break; + } + Metrics::increment(t); + Metrics::increment(c); +} + +void +SSLNetVConnection::_out_context_tunnel() +{ + ink_assert(get_context() == NET_VCONNECTION_OUT); + + // Never a tunnel type for out (to server) context. + ink_assert(get_tunnel_type() == SNIRoutingType::NONE); + + Metrics::increment(net_rsb.tunnel_total_server_connections_tls); + Metrics::increment(net_rsb.tunnel_current_server_connections_tls); +} + void SSLNetVConnection::increment_ssl_version_metric(int version) const { diff --git a/iocore/net/UnixNetVConnection.cc b/iocore/net/UnixNetVConnection.cc index c97fc70f97f..86817430626 100644 --- a/iocore/net/UnixNetVConnection.cc +++ b/iocore/net/UnixNetVConnection.cc @@ -1284,6 +1284,8 @@ UnixNetVConnection::clear() void UnixNetVConnection::free_thread(EThread *t) { + Debug("iocore_net", "Entering UnixNetVConnection::free()"); + ink_release_assert(t == this_ethread()); // close socket fd @@ -1292,6 +1294,22 @@ UnixNetVConnection::free_thread(EThread *t) } con.close(); + if (is_tunnel_endpoint()) { + Debug("iocore_net", "Freeing UnixNetVConnection that is tunnel endpoint"); + + Metrics::decrement(([&]() -> Metrics::IntType * + { + switch (get_context()) { + case NET_VCONNECTION_IN: + return net_rsb.tunnel_current_client_connections_blind_tcp; + case NET_VCONNECTION_OUT: + return net_rsb.tunnel_current_server_connections_blind_tcp; + default: + ink_release_assert(false); + } + })()); + } + clear(); SET_CONTINUATION_HANDLER(this, &UnixNetVConnection::startEvent); ink_assert(con.fd == NO_FD); @@ -1491,3 +1509,38 @@ UnixNetVConnection::set_tcp_congestion_control(int side) return -1; #endif } + +void +UnixNetVConnection::make_tunnel_endpoint() +{ + Debug("iocore_net", "Entering UnixNetVConnection::make_tunnel_endpoint()"); + + ink_assert(!_is_tunnel_endpoint); + + _is_tunnel_endpoint = true; + + switch (get_context()) { + case NET_VCONNECTION_IN: + _in_context_tunnel(); + break; + case NET_VCONNECTION_OUT: + _out_context_tunnel(); + break; + default: + ink_release_assert(false); + } +} + +void +UnixNetVConnection::_in_context_tunnel() +{ + Metrics::increment(net_rsb.tunnel_total_client_connections_blind_tcp); + Metrics::increment(net_rsb.tunnel_current_client_connections_blind_tcp); +} + +void +UnixNetVConnection::_out_context_tunnel() +{ + Metrics::increment(net_rsb.tunnel_total_server_connections_blind_tcp); + Metrics::increment(net_rsb.tunnel_current_server_connections_blind_tcp); +} diff --git a/proxy/ProxyTransaction.cc b/proxy/ProxyTransaction.cc index 0198cf83615..4b7b4ca1ae7 100644 --- a/proxy/ProxyTransaction.cc +++ b/proxy/ProxyTransaction.cc @@ -276,3 +276,11 @@ void ProxyTransaction::set_close_connection(HTTPHdr &hdr) const { } + +void +ProxyTransaction::make_tunnel_endpoint() +{ + auto nvc = get_netvc(); + ink_assert(nvc != nullptr); + nvc->make_tunnel_endpoint(); +} diff --git a/proxy/ProxyTransaction.h b/proxy/ProxyTransaction.h index 3a8193b5b38..ff6e60ea7ce 100644 --- a/proxy/ProxyTransaction.h +++ b/proxy/ProxyTransaction.h @@ -136,6 +136,8 @@ class ProxyTransaction : public VConnection bool support_sni() const; + void make_tunnel_endpoint() override; + /// Variables // HttpSessionAccept::Options upstream_outbound_options; // overwritable copy of options diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index 055aca6f97c..9c7d1db9b52 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -7216,6 +7216,8 @@ HttpSM::setup_push_transfer_to_cache() void HttpSM::setup_blind_tunnel(bool send_response_hdr, IOBufferReader *initial) { + ink_assert(server_entry->vc != nullptr); + HttpTunnelConsumer *c_ua; HttpTunnelConsumer *c_os; HttpTunnelProducer *p_ua; @@ -7303,6 +7305,9 @@ HttpSM::setup_blind_tunnel(bool send_response_hdr, IOBufferReader *initial) "http server - tunnel"); } + _ua.get_entry()->vc->make_tunnel_endpoint(); + server_entry->vc->make_tunnel_endpoint(); + // Make the tunnel aware that the entries are bi-directional tunnel.chain(c_os, p_os); tunnel.chain(c_ua, p_ua); diff --git a/tests/gold_tests/connect/connect.test.py b/tests/gold_tests/connect/connect.test.py index db3c5c57527..69a2083b607 100644 --- a/tests/gold_tests/connect/connect.test.py +++ b/tests/gold_tests/connect/connect.test.py @@ -135,7 +135,7 @@ def setupTS(self): self.ts.Disk.records_config.update({ 'proxy.config.diags.debug.enabled': 1, - 'proxy.config.diags.debug.tags': 'http', + 'proxy.config.diags.debug.tags': 'http|iocore_net|rec', 'proxy.config.http.server_ports': f"{self.ts.Variables.port}", 'proxy.config.http.connect_ports': f"{self.server.Variables.http_port}", }) @@ -160,8 +160,43 @@ def runTraffic(self): tr.StillRunningAfter = self.server tr.StillRunningAfter = self.ts + def __testMetrics(self): + tr = Test.AddTestRun("Reload config") + tr.Processes.Default.Command = ( + f"{Test.Variables.AtsTestToolsDir}/stdout_wait" + + " 'traffic_ctl metric get" + + " proxy.process.http.total_incoming_connections" + + " proxy.process.http.total_client_connections" + + " proxy.process.http.total_client_connections_ipv4" + + " proxy.process.http.total_client_connections_ipv6" + + " proxy.process.http.total_server_connections" + + " proxy.process.http2.total_client_connections" + + " proxy.process.http.connect_requests" + + " proxy.process.tunnel.total_client_connections_blind_tcp" + + " proxy.process.tunnel.current_client_connections_blind_tcp" + + " proxy.process.tunnel.total_server_connections_blind_tcp" + + " proxy.process.tunnel.current_server_connections_blind_tcp" + + " proxy.process.tunnel.total_client_connections_tls_tunnel" + + " proxy.process.tunnel.current_client_connections_tls_tunnel" + + " proxy.process.tunnel.total_client_connections_tls_forward" + + " proxy.process.tunnel.current_client_connections_tls_forward" + + " proxy.process.tunnel.total_client_connections_tls_partial_blind" + + " proxy.process.tunnel.current_client_connections_tls_partial_blind" + + " proxy.process.tunnel.total_client_connections_tls_http" + + " proxy.process.tunnel.current_client_connections_tls_http" + + " proxy.process.tunnel.total_server_connections_tls" + + " proxy.process.tunnel.current_server_connections_tls'" + + f" {Test.TestDirectory}/gold/metrics.gold" + ) + # Need to copy over the environment so traffic_ctl knows where to find the unix domain socket + tr.Processes.Default.Env = self.ts.Env + tr.Processes.Default.ReturnCode = 0 + tr.StillRunningAfter = self.server + tr.StillRunningAfter = self.ts + def run(self): self.runTraffic() + self.__testMetrics() ConnectViaPVTest().run() diff --git a/tests/gold_tests/connect/gold/metrics.gold b/tests/gold_tests/connect/gold/metrics.gold new file mode 100644 index 00000000000..bdbda6443cc --- /dev/null +++ b/tests/gold_tests/connect/gold/metrics.gold @@ -0,0 +1,21 @@ +proxy.process.http.total_incoming_connections 1 +proxy.process.http.total_client_connections 1 +proxy.process.http.total_client_connections_ipv4 1 +proxy.process.http.total_client_connections_ipv6 0 +proxy.process.http.total_server_connections 0 +proxy.process.http2.total_client_connections 0 +proxy.process.http.connect_requests 1 +proxy.process.tunnel.total_client_connections_blind_tcp 1 +proxy.process.tunnel.current_client_connections_blind_tcp 0 +proxy.process.tunnel.total_server_connections_blind_tcp 1 +proxy.process.tunnel.current_server_connections_blind_tcp 0 +proxy.process.tunnel.total_client_connections_tls_tunnel 0 +proxy.process.tunnel.current_client_connections_tls_tunnel 0 +proxy.process.tunnel.total_client_connections_tls_forward 0 +proxy.process.tunnel.current_client_connections_tls_forward 0 +proxy.process.tunnel.total_client_connections_tls_partial_blind 0 +proxy.process.tunnel.current_client_connections_tls_partial_blind 0 +proxy.process.tunnel.total_client_connections_tls_http 0 +proxy.process.tunnel.current_client_connections_tls_http 0 +proxy.process.tunnel.total_server_connections_tls 0 +proxy.process.tunnel.current_server_connections_tls 0 diff --git a/tests/gold_tests/remap/gold/remap-ws-metrics.gold b/tests/gold_tests/remap/gold/remap-ws-metrics.gold new file mode 100644 index 00000000000..cf39c20a91c --- /dev/null +++ b/tests/gold_tests/remap/gold/remap-ws-metrics.gold @@ -0,0 +1,21 @@ +proxy.process.http.total_incoming_connections 3 +proxy.process.http.total_client_connections 3 +proxy.process.http.total_client_connections_ipv4 3 +proxy.process.http.total_client_connections_ipv6 0 +proxy.process.http.total_server_connections 2 +proxy.process.http2.total_client_connections 0 +proxy.process.http.connect_requests 0 +proxy.process.tunnel.total_client_connections_blind_tcp 1 +proxy.process.tunnel.current_client_connections_blind_tcp 0 +proxy.process.tunnel.total_server_connections_blind_tcp 2 +proxy.process.tunnel.current_server_connections_blind_tcp 0 +proxy.process.tunnel.total_client_connections_tls_tunnel 0 +proxy.process.tunnel.current_client_connections_tls_tunnel 0 +proxy.process.tunnel.total_client_connections_tls_forward 0 +proxy.process.tunnel.current_client_connections_tls_forward 0 +proxy.process.tunnel.total_client_connections_tls_partial_blind 0 +proxy.process.tunnel.current_client_connections_tls_partial_blind 0 +proxy.process.tunnel.total_client_connections_tls_http 1 +proxy.process.tunnel.current_client_connections_tls_http 0 +proxy.process.tunnel.total_server_connections_tls 0 +proxy.process.tunnel.current_server_connections_tls 0 diff --git a/tests/gold_tests/remap/remap_ws.test.py b/tests/gold_tests/remap/remap_ws.test.py index f87f797824d..e1b96d3f787 100644 --- a/tests/gold_tests/remap/remap_ws.test.py +++ b/tests/gold_tests/remap/remap_ws.test.py @@ -77,3 +77,37 @@ tr.Processes.Default.Streams.stderr = "gold/remap-ws-upgrade-400.gold" tr.StillRunningAfter = server tr.StillRunningAfter = ts + +# Test metrics +tr = Test.AddTestRun() +tr.Processes.Default.Command = ( + f"{Test.Variables.AtsTestToolsDir}/stdout_wait" + + " 'traffic_ctl metric get" + + " proxy.process.http.total_incoming_connections" + + " proxy.process.http.total_client_connections" + + " proxy.process.http.total_client_connections_ipv4" + + " proxy.process.http.total_client_connections_ipv6" + + " proxy.process.http.total_server_connections" + + " proxy.process.http2.total_client_connections" + + " proxy.process.http.connect_requests" + + " proxy.process.tunnel.total_client_connections_blind_tcp" + + " proxy.process.tunnel.current_client_connections_blind_tcp" + + " proxy.process.tunnel.total_server_connections_blind_tcp" + + " proxy.process.tunnel.current_server_connections_blind_tcp" + + " proxy.process.tunnel.total_client_connections_tls_tunnel" + + " proxy.process.tunnel.current_client_connections_tls_tunnel" + + " proxy.process.tunnel.total_client_connections_tls_forward" + + " proxy.process.tunnel.current_client_connections_tls_forward" + + " proxy.process.tunnel.total_client_connections_tls_partial_blind" + + " proxy.process.tunnel.current_client_connections_tls_partial_blind" + + " proxy.process.tunnel.total_client_connections_tls_http" + + " proxy.process.tunnel.current_client_connections_tls_http" + + " proxy.process.tunnel.total_server_connections_tls" + + " proxy.process.tunnel.current_server_connections_tls'" + + f" {Test.TestDirectory}/gold/remap-ws-metrics.gold" +) +# Need to copy over the environment so traffic_ctl knows where to find the unix domain socket +tr.Processes.Default.Env = ts.Env +tr.Processes.Default.ReturnCode = 0 +tr.StillRunningAfter = server +tr.StillRunningAfter = ts diff --git a/tests/gold_tests/tls/gold/tls-partial-blind-tunnel-metrics.gold b/tests/gold_tests/tls/gold/tls-partial-blind-tunnel-metrics.gold new file mode 100644 index 00000000000..fc8da18b108 --- /dev/null +++ b/tests/gold_tests/tls/gold/tls-partial-blind-tunnel-metrics.gold @@ -0,0 +1,21 @@ +proxy.process.http.total_incoming_connections 1 +proxy.process.http.total_client_connections 1 +proxy.process.http.total_client_connections_ipv4 1 +proxy.process.http.total_client_connections_ipv6 0 +proxy.process.http.total_server_connections 0 +proxy.process.http2.total_client_connections 0 +proxy.process.http.connect_requests 1 +proxy.process.tunnel.total_client_connections_blind_tcp 0 +proxy.process.tunnel.current_client_connections_blind_tcp 0 +proxy.process.tunnel.total_server_connections_blind_tcp 0 +proxy.process.tunnel.current_server_connections_blind_tcp 0 +proxy.process.tunnel.total_client_connections_tls_tunnel 0 +proxy.process.tunnel.current_client_connections_tls_tunnel 0 +proxy.process.tunnel.total_client_connections_tls_forward 0 +proxy.process.tunnel.current_client_connections_tls_forward 0 +proxy.process.tunnel.total_client_connections_tls_partial_blind 1 +proxy.process.tunnel.current_client_connections_tls_partial_blind 0 +proxy.process.tunnel.total_client_connections_tls_http 0 +proxy.process.tunnel.current_client_connections_tls_http 0 +proxy.process.tunnel.total_server_connections_tls 1 +proxy.process.tunnel.current_server_connections_tls 0 diff --git a/tests/gold_tests/tls/gold/tls-tunnel-forward-metrics.gold b/tests/gold_tests/tls/gold/tls-tunnel-forward-metrics.gold new file mode 100644 index 00000000000..025d86c556d --- /dev/null +++ b/tests/gold_tests/tls/gold/tls-tunnel-forward-metrics.gold @@ -0,0 +1,21 @@ +proxy.process.http.total_incoming_connections 3 +proxy.process.http.total_client_connections 3 +proxy.process.http.total_client_connections_ipv4 3 +proxy.process.http.total_client_connections_ipv6 0 +proxy.process.http.total_server_connections 0 +proxy.process.http2.total_client_connections 0 +proxy.process.http.connect_requests 3 +proxy.process.tunnel.total_client_connections_blind_tcp 0 +proxy.process.tunnel.current_client_connections_blind_tcp 0 +proxy.process.tunnel.total_server_connections_blind_tcp 3 +proxy.process.tunnel.current_server_connections_blind_tcp 0 +proxy.process.tunnel.total_client_connections_tls_tunnel 1 +proxy.process.tunnel.current_client_connections_tls_tunnel 0 +proxy.process.tunnel.total_client_connections_tls_forward 2 +proxy.process.tunnel.current_client_connections_tls_forward 0 +proxy.process.tunnel.total_client_connections_tls_partial_blind 0 +proxy.process.tunnel.current_client_connections_tls_partial_blind 0 +proxy.process.tunnel.total_client_connections_tls_http 0 +proxy.process.tunnel.current_client_connections_tls_http 0 +proxy.process.tunnel.total_server_connections_tls 0 +proxy.process.tunnel.current_server_connections_tls 0 diff --git a/tests/gold_tests/tls/gold/tls-tunnel-metrics.gold b/tests/gold_tests/tls/gold/tls-tunnel-metrics.gold index 081b4cfad7d..b75ecc1cac0 100644 --- a/tests/gold_tests/tls/gold/tls-tunnel-metrics.gold +++ b/tests/gold_tests/tls/gold/tls-tunnel-metrics.gold @@ -5,3 +5,17 @@ proxy.process.http.total_client_connections_ipv6 0 proxy.process.http.total_server_connections 0 proxy.process.http2.total_client_connections 2 proxy.process.http.connect_requests 10 +proxy.process.tunnel.total_client_connections_blind_tcp 0 +proxy.process.tunnel.current_client_connections_blind_tcp 0 +proxy.process.tunnel.total_server_connections_blind_tcp 8 +proxy.process.tunnel.current_server_connections_blind_tcp 0 +proxy.process.tunnel.total_client_connections_tls_tunnel 8 +proxy.process.tunnel.current_client_connections_tls_tunnel 0 +proxy.process.tunnel.total_client_connections_tls_forward 0 +proxy.process.tunnel.current_client_connections_tls_forward 0 +proxy.process.tunnel.total_client_connections_tls_partial_blind 0 +proxy.process.tunnel.current_client_connections_tls_partial_blind 0 +proxy.process.tunnel.total_client_connections_tls_http 0 +proxy.process.tunnel.current_client_connections_tls_http 0 +proxy.process.tunnel.total_server_connections_tls 0 +proxy.process.tunnel.current_server_connections_tls 0 diff --git a/tests/gold_tests/tls/tls_partial_blind_tunnel.test.py b/tests/gold_tests/tls/tls_partial_blind_tunnel.test.py index 021eae88859..44f14fca33f 100644 --- a/tests/gold_tests/tls/tls_partial_blind_tunnel.test.py +++ b/tests/gold_tests/tls/tls_partial_blind_tunnel.test.py @@ -74,3 +74,35 @@ "Should not try to remap on Traffic Server") tr.Processes.Default.Streams.All += Testers.ContainsExpression("HTTP/1.1 200 OK", "Should get a successful response") tr.Processes.Default.Streams.All += Testers.ContainsExpression("ok bar", "Body is expected") + +tr = Test.AddTestRun("Test Metrics") +tr.Processes.Default.Command = ( + f"{Test.Variables.AtsTestToolsDir}/stdout_wait" + + " 'traffic_ctl metric get" + + " proxy.process.http.total_incoming_connections" + + " proxy.process.http.total_client_connections" + + " proxy.process.http.total_client_connections_ipv4" + + " proxy.process.http.total_client_connections_ipv6" + + " proxy.process.http.total_server_connections" + + " proxy.process.http2.total_client_connections" + + " proxy.process.http.connect_requests" + + " proxy.process.tunnel.total_client_connections_blind_tcp" + + " proxy.process.tunnel.current_client_connections_blind_tcp" + + " proxy.process.tunnel.total_server_connections_blind_tcp" + + " proxy.process.tunnel.current_server_connections_blind_tcp" + + " proxy.process.tunnel.total_client_connections_tls_tunnel" + + " proxy.process.tunnel.current_client_connections_tls_tunnel" + + " proxy.process.tunnel.total_client_connections_tls_forward" + + " proxy.process.tunnel.current_client_connections_tls_forward" + + " proxy.process.tunnel.total_client_connections_tls_partial_blind" + + " proxy.process.tunnel.current_client_connections_tls_partial_blind" + + " proxy.process.tunnel.total_client_connections_tls_http" + + " proxy.process.tunnel.current_client_connections_tls_http" + + " proxy.process.tunnel.total_server_connections_tls" + + " proxy.process.tunnel.current_server_connections_tls'" + + f" {Test.TestDirectory}/gold/tls-partial-blind-tunnel-metrics.gold" +) +# Need to copy over the environment so traffic_ctl knows where to find the unix domain socket +tr.Processes.Default.Env = ts.Env +tr.Processes.Default.ReturnCode = 0 +tr.StillRunningAfter = ts diff --git a/tests/gold_tests/tls/tls_tunnel.test.py b/tests/gold_tests/tls/tls_tunnel.test.py index 938ee27b74a..a76dcf8c20b 100644 --- a/tests/gold_tests/tls/tls_tunnel.test.py +++ b/tests/gold_tests/tls/tls_tunnel.test.py @@ -337,7 +337,21 @@ " proxy.process.http.total_client_connections_ipv6" + " proxy.process.http.total_server_connections" + " proxy.process.http2.total_client_connections" + - " proxy.process.http.connect_requests'" + + " proxy.process.http.connect_requests" + + " proxy.process.tunnel.total_client_connections_blind_tcp" + + " proxy.process.tunnel.current_client_connections_blind_tcp" + + " proxy.process.tunnel.total_server_connections_blind_tcp" + + " proxy.process.tunnel.current_server_connections_blind_tcp" + + " proxy.process.tunnel.total_client_connections_tls_tunnel" + + " proxy.process.tunnel.current_client_connections_tls_tunnel" + + " proxy.process.tunnel.total_client_connections_tls_forward" + + " proxy.process.tunnel.current_client_connections_tls_forward" + + " proxy.process.tunnel.total_client_connections_tls_partial_blind" + + " proxy.process.tunnel.current_client_connections_tls_partial_blind" + + " proxy.process.tunnel.total_client_connections_tls_http" + + " proxy.process.tunnel.current_client_connections_tls_http" + + " proxy.process.tunnel.total_server_connections_tls" + + " proxy.process.tunnel.current_server_connections_tls'" + f" {Test.TestDirectory}/gold/tls-tunnel-metrics.gold" ) # Need to copy over the environment so traffic_ctl knows where to find the unix domain socket diff --git a/tests/gold_tests/tls/tls_tunnel_forward.test.py b/tests/gold_tests/tls/tls_tunnel_forward.test.py index d82b92a07b4..bd2417eaf86 100644 --- a/tests/gold_tests/tls/tls_tunnel_forward.test.py +++ b/tests/gold_tests/tls/tls_tunnel_forward.test.py @@ -122,3 +122,35 @@ tr3.Processes.Default.Streams.All += Testers.ContainsExpression("CN=foo.com", "Should TLS terminate on Traffic Server") tr3.Processes.Default.Streams.All += Testers.ContainsExpression("HTTP/1.1 200 OK", "Should get a successful response") tr3.Processes.Default.Streams.All += Testers.ContainsExpression("ok random", "Body is expected") + +tr = Test.AddTestRun("Test Metrics") +tr.Processes.Default.Command = ( + f"{Test.Variables.AtsTestToolsDir}/stdout_wait" + + " 'traffic_ctl metric get" + + " proxy.process.http.total_incoming_connections" + + " proxy.process.http.total_client_connections" + + " proxy.process.http.total_client_connections_ipv4" + + " proxy.process.http.total_client_connections_ipv6" + + " proxy.process.http.total_server_connections" + + " proxy.process.http2.total_client_connections" + + " proxy.process.http.connect_requests" + + " proxy.process.tunnel.total_client_connections_blind_tcp" + + " proxy.process.tunnel.current_client_connections_blind_tcp" + + " proxy.process.tunnel.total_server_connections_blind_tcp" + + " proxy.process.tunnel.current_server_connections_blind_tcp" + + " proxy.process.tunnel.total_client_connections_tls_tunnel" + + " proxy.process.tunnel.current_client_connections_tls_tunnel" + + " proxy.process.tunnel.total_client_connections_tls_forward" + + " proxy.process.tunnel.current_client_connections_tls_forward" + + " proxy.process.tunnel.total_client_connections_tls_partial_blind" + + " proxy.process.tunnel.current_client_connections_tls_partial_blind" + + " proxy.process.tunnel.total_client_connections_tls_http" + + " proxy.process.tunnel.current_client_connections_tls_http" + + " proxy.process.tunnel.total_server_connections_tls" + + " proxy.process.tunnel.current_server_connections_tls'" + + f" {Test.TestDirectory}/gold/tls-tunnel-forward-metrics.gold" +) +# Need to copy over the environment so traffic_ctl knows where to find the unix domain socket +tr.Processes.Default.Env = ts.Env +tr.Processes.Default.ReturnCode = 0 +tr.StillRunningAfter = ts From fc95473baccc513893ec34e1b971a03c13e66606 Mon Sep 17 00:00:00 2001 From: Walt Karas Date: Tue, 27 Jun 2023 15:04:53 +0000 Subject: [PATCH 2/5] VConnection::make_tunnel_endpoint() -> mark_as_tunnel_endpoint(). --- iocore/eventsystem/I_VConnection.h | 2 +- iocore/net/P_UnixNetVConnection.h | 2 +- iocore/net/UnixNetVConnection.cc | 4 ++-- proxy/ProxyTransaction.cc | 4 ++-- proxy/ProxyTransaction.h | 2 +- proxy/http/HttpSM.cc | 4 ++-- 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/iocore/eventsystem/I_VConnection.h b/iocore/eventsystem/I_VConnection.h index 6943a037fff..7e0ba5c7679 100644 --- a/iocore/eventsystem/I_VConnection.h +++ b/iocore/eventsystem/I_VConnection.h @@ -363,7 +363,7 @@ class VConnection : public Continuation // This function should be called when the VConnection is a tunnel endpoint. By default, a VConnection does not care if it // is a tunnel endpoint. virtual void - make_tunnel_endpoint() + mark_as_tunnel_endpoint() { } diff --git a/iocore/net/P_UnixNetVConnection.h b/iocore/net/P_UnixNetVConnection.h index 1d459f9fbe6..bf75b386e33 100644 --- a/iocore/net/P_UnixNetVConnection.h +++ b/iocore/net/P_UnixNetVConnection.h @@ -228,7 +228,7 @@ class UnixNetVConnection : public NetVConnection, public NetEvent friend void write_to_net_io(NetHandler *, UnixNetVConnection *, EThread *); // set_context() should be called before calling this member function. - void make_tunnel_endpoint() override; + void mark_as_tunnel_endpoint() override; bool is_tunnel_endpoint() const diff --git a/iocore/net/UnixNetVConnection.cc b/iocore/net/UnixNetVConnection.cc index 86817430626..c72d574b08f 100644 --- a/iocore/net/UnixNetVConnection.cc +++ b/iocore/net/UnixNetVConnection.cc @@ -1511,9 +1511,9 @@ UnixNetVConnection::set_tcp_congestion_control(int side) } void -UnixNetVConnection::make_tunnel_endpoint() +UnixNetVConnection::mark_as_tunnel_endpoint() { - Debug("iocore_net", "Entering UnixNetVConnection::make_tunnel_endpoint()"); + Debug("iocore_net", "Entering UnixNetVConnection::mark_as_tunnel_endpoint()"); ink_assert(!_is_tunnel_endpoint); diff --git a/proxy/ProxyTransaction.cc b/proxy/ProxyTransaction.cc index 4b7b4ca1ae7..e92a648c2b0 100644 --- a/proxy/ProxyTransaction.cc +++ b/proxy/ProxyTransaction.cc @@ -278,9 +278,9 @@ ProxyTransaction::set_close_connection(HTTPHdr &hdr) const } void -ProxyTransaction::make_tunnel_endpoint() +ProxyTransaction::mark_as_tunnel_endpoint() { auto nvc = get_netvc(); ink_assert(nvc != nullptr); - nvc->make_tunnel_endpoint(); + nvc->mark_as_tunnel_endpoint(); } diff --git a/proxy/ProxyTransaction.h b/proxy/ProxyTransaction.h index ff6e60ea7ce..6e04ea9b897 100644 --- a/proxy/ProxyTransaction.h +++ b/proxy/ProxyTransaction.h @@ -136,7 +136,7 @@ class ProxyTransaction : public VConnection bool support_sni() const; - void make_tunnel_endpoint() override; + void mark_as_tunnel_endpoint() override; /// Variables // diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index 9c7d1db9b52..770f2acabf7 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -7305,8 +7305,8 @@ HttpSM::setup_blind_tunnel(bool send_response_hdr, IOBufferReader *initial) "http server - tunnel"); } - _ua.get_entry()->vc->make_tunnel_endpoint(); - server_entry->vc->make_tunnel_endpoint(); + _ua.get_entry()->vc->make_as_tunnel_endpoint(); + server_entry->vc->make_as_tunnel_endpoint(); // Make the tunnel aware that the entries are bi-directional tunnel.chain(c_os, p_os); From a7379bac2da9eeca44ddf12f8db05165a8175dd3 Mon Sep 17 00:00:00 2001 From: Walt Karas Date: Tue, 27 Jun 2023 18:19:13 +0000 Subject: [PATCH 3/5] Fix error in proxy.process.http.connect_requests. Due to change in usage of HttpTransact::State::method. --- proxy/http/HttpTransact.cc | 34 ++++++++++++++++++++++++ proxy/http/HttpTransact.h | 9 ++++--- tests/gold_tests/connect/connect.test.py | 2 +- 3 files changed, 40 insertions(+), 5 deletions(-) diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc index 1a8be933335..7f9ebce0d55 100644 --- a/proxy/http/HttpTransact.cc +++ b/proxy/http/HttpTransact.cc @@ -5745,6 +5745,40 @@ HttpTransact::initialize_state_variables_from_request(State *s, HTTPHdr *obsolet s->hdr_info.extension_method = true; } + // This function, HttpTransact::initialize_state_variables_from_request(), may be called multiple times for the same + // HTTP request. But we only want to increment the per-method request metric the first time this function is called + // for each request. + + if (!s->method_metric_incremented) { + if (s->method == HTTP_WKSIDX_GET) { + HTTP_INCREMENT_DYN_STAT(http_get_requests_stat); + } else if (s->method == HTTP_WKSIDX_HEAD) { + HTTP_INCREMENT_DYN_STAT(http_head_requests_stat); + } else if (s->method == HTTP_WKSIDX_POST) { + HTTP_INCREMENT_DYN_STAT(http_post_requests_stat); + } else if (s->method == HTTP_WKSIDX_PUT) { + HTTP_INCREMENT_DYN_STAT(http_put_requests_stat); + } else if (s->method == HTTP_WKSIDX_CONNECT) { + HTTP_INCREMENT_DYN_STAT(http_connect_requests_stat); + } else if (s->method == HTTP_WKSIDX_DELETE) { + HTTP_INCREMENT_DYN_STAT(http_delete_requests_stat); + } else if (s->method == HTTP_WKSIDX_PURGE) { + HTTP_INCREMENT_DYN_STAT(http_purge_requests_stat); + } else if (s->method == HTTP_WKSIDX_TRACE) { + HTTP_INCREMENT_DYN_STAT(http_trace_requests_stat); + } else if (s->method == HTTP_WKSIDX_PUSH) { + HTTP_INCREMENT_DYN_STAT(http_push_requests_stat); + } else if (s->method == HTTP_WKSIDX_OPTIONS) { + HTTP_INCREMENT_DYN_STAT(http_options_requests_stat); + } else { + HTTP_INCREMENT_DYN_STAT(http_extension_method_requests_stat); + SET_VIA_STRING(VIA_DETAIL_TUNNEL, VIA_DETAIL_TUNNEL_METHOD); + s->squid_codes.log_code = SQUID_LOG_TCP_MISS; + s->hdr_info.extension_method = true; + } + s->method_metric_incremented = true; + } + // if transfer encoding is chunked content length is undefined if (s->client_info.transfer_encoding == CHUNKED_ENCODING) { s->hdr_info.request_content_length = HTTP_UNDEFINED_CL; diff --git a/proxy/http/HttpTransact.h b/proxy/http/HttpTransact.h index f5f1b8c4b14..25756103358 100644 --- a/proxy/http/HttpTransact.h +++ b/proxy/http/HttpTransact.h @@ -753,10 +753,11 @@ class HttpTransact int64_t internal_msg_buffer_size = 0; // out int64_t internal_msg_buffer_fast_allocator_size = -1; - int scheme = -1; // out - int next_hop_scheme = scheme; // out - int orig_scheme = scheme; // pre-mapped scheme - int method = 0; + int scheme = -1; // out + int next_hop_scheme = scheme; // out + int orig_scheme = scheme; // pre-mapped scheme + int method = 0; + bool method_metric_incremented = false; /// The errno associated with a failed connect attempt. /// diff --git a/tests/gold_tests/connect/connect.test.py b/tests/gold_tests/connect/connect.test.py index 69a2083b607..7c914cdd889 100644 --- a/tests/gold_tests/connect/connect.test.py +++ b/tests/gold_tests/connect/connect.test.py @@ -161,7 +161,7 @@ def runTraffic(self): tr.StillRunningAfter = self.ts def __testMetrics(self): - tr = Test.AddTestRun("Reload config") + tr = Test.AddTestRun("Test metrics") tr.Processes.Default.Command = ( f"{Test.Variables.AtsTestToolsDir}/stdout_wait" + " 'traffic_ctl metric get" + From c7ef93a11752310a8e407a7994ced2dd92b26c05 Mon Sep 17 00:00:00 2001 From: Walt Karas Date: Thu, 17 Aug 2023 17:43:28 +0000 Subject: [PATCH 4/5] Rebase changes for PR 9869. --- proxy/http/HttpSM.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index 770f2acabf7..6940dd6f62b 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -7305,8 +7305,8 @@ HttpSM::setup_blind_tunnel(bool send_response_hdr, IOBufferReader *initial) "http server - tunnel"); } - _ua.get_entry()->vc->make_as_tunnel_endpoint(); - server_entry->vc->make_as_tunnel_endpoint(); + _ua.get_entry()->vc->mark_as_tunnel_endpoint(); + server_entry->vc->mark_as_tunnel_endpoint(); // Make the tunnel aware that the entries are bi-directional tunnel.chain(c_os, p_os); From 70239b5920e36a377de62a2b2d4bb33955ed8ad7 Mon Sep 17 00:00:00 2001 From: Walt Karas Date: Sat, 14 Oct 2023 00:45:03 +0000 Subject: [PATCH 5/5] Rebase changes. iocore/net/Net.cc iocore/net/SSLNetVConnection.cc iocore/net/UnixNetVConnection.cc proxy/http/HttpTransact.cc --- iocore/net/Net.cc | 83 ++++++++++++++++++-------------- iocore/net/SSLNetVConnection.cc | 31 ++++++------ iocore/net/UnixNetVConnection.cc | 19 ++++---- proxy/http/HttpTransact.cc | 34 ------------- 4 files changed, 70 insertions(+), 97 deletions(-) diff --git a/iocore/net/Net.cc b/iocore/net/Net.cc index e66df9b63a7..b0dbf118c4f 100644 --- a/iocore/net/Net.cc +++ b/iocore/net/Net.cc @@ -82,47 +82,56 @@ register_net_stats() { ts::Metrics &intm = ts::Metrics::getInstance(); - net_rsb.accepts_currently_open = intm.newMetricPtr("proxy.process.net.accepts_currently_open"); - net_rsb.calls_to_read = intm.newMetricPtr("proxy.process.net.calls_to_read"); - net_rsb.calls_to_read_nodata = intm.newMetricPtr("proxy.process.net.calls_to_read_nodata"); - net_rsb.calls_to_readfromnet = intm.newMetricPtr("proxy.process.net.calls_to_readfromnet"); - net_rsb.calls_to_write = intm.newMetricPtr("proxy.process.net.calls_to_write"); - net_rsb.calls_to_write_nodata = intm.newMetricPtr("proxy.process.net.calls_to_write_nodata"); - net_rsb.calls_to_writetonet = intm.newMetricPtr("proxy.process.net.calls_to_writetonet"); - net_rsb.connections_currently_open = intm.newMetricPtr("proxy.process.net.connections_currently_open"); - net_rsb.connections_throttled_in = intm.newMetricPtr("proxy.process.net.connections_throttled_in"); - net_rsb.connections_throttled_out = intm.newMetricPtr("proxy.process.net.connections_throttled_out"); + net_rsb.accepts_currently_open = intm.newMetricPtr("proxy.process.net.accepts_currently_open"); + net_rsb.calls_to_read = intm.newMetricPtr("proxy.process.net.calls_to_read"); + net_rsb.calls_to_read_nodata = intm.newMetricPtr("proxy.process.net.calls_to_read_nodata"); + net_rsb.calls_to_readfromnet = intm.newMetricPtr("proxy.process.net.calls_to_readfromnet"); + net_rsb.calls_to_write = intm.newMetricPtr("proxy.process.net.calls_to_write"); + net_rsb.calls_to_write_nodata = intm.newMetricPtr("proxy.process.net.calls_to_write_nodata"); + net_rsb.calls_to_writetonet = intm.newMetricPtr("proxy.process.net.calls_to_writetonet"); + net_rsb.connections_currently_open = intm.newMetricPtr("proxy.process.net.connections_currently_open"); + net_rsb.connections_throttled_in = intm.newMetricPtr("proxy.process.net.connections_throttled_in"); + net_rsb.connections_throttled_out = intm.newMetricPtr("proxy.process.net.connections_throttled_out"); net_rsb.tunnel_total_client_connections_blind_tcp = intm.newMetricPtr("proxy.process.tunnel.total_client_connections_blind_tcp"); - net_rsb.tunnel_current_client_connections_blind_tcp = intm.newMetricPtr("proxy.process.tunnel.current_client_connections_blind_tcp"); + net_rsb.tunnel_current_client_connections_blind_tcp = + intm.newMetricPtr("proxy.process.tunnel.current_client_connections_blind_tcp"); net_rsb.tunnel_total_server_connections_blind_tcp = intm.newMetricPtr("proxy.process.tunnel.total_server_connections_blind_tcp"); - net_rsb.tunnel_current_server_connections_blind_tcp = intm.newMetricPtr("proxy.process.tunnel.current_server_connections_blind_tcp"); - net_rsb.tunnel_total_client_connections_tls_tunnel = intm.newMetricPtr("proxy.process.tunnel.total_client_connections_tls_tunnel"); - net_rsb.tunnel_current_client_connections_tls_tunnel = intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_tunnel"); - net_rsb.tunnel_total_client_connections_tls_forward = intm.newMetricPtr("proxy.process.tunnel.total_client_connections_tls_forward"); - net_rsb.tunnel_current_client_connections_tls_forward = intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_forward"); - net_rsb.tunnel_total_client_connections_tls_partial_blind = intm.newMetricPtr("proxy.process.tunnel.total_client_connections_tls_partial_blind"); - net_rsb.tunnel_current_client_connections_tls_partial_blind = intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_partial_blind"); + net_rsb.tunnel_current_server_connections_blind_tcp = + intm.newMetricPtr("proxy.process.tunnel.current_server_connections_blind_tcp"); + net_rsb.tunnel_total_client_connections_tls_tunnel = + intm.newMetricPtr("proxy.process.tunnel.total_client_connections_tls_tunnel"); + net_rsb.tunnel_current_client_connections_tls_tunnel = + intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_tunnel"); + net_rsb.tunnel_total_client_connections_tls_forward = + intm.newMetricPtr("proxy.process.tunnel.total_client_connections_tls_forward"); + net_rsb.tunnel_current_client_connections_tls_forward = + intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_forward"); + net_rsb.tunnel_total_client_connections_tls_partial_blind = + intm.newMetricPtr("proxy.process.tunnel.total_client_connections_tls_partial_blind"); + net_rsb.tunnel_current_client_connections_tls_partial_blind = + intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_partial_blind"); net_rsb.tunnel_total_client_connections_tls_http = intm.newMetricPtr("proxy.process.tunnel.total_client_connections_tls_http"); - net_rsb.tunnel_current_client_connections_tls_http = intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_http"); - net_rsb.tunnel_total_server_connections_tls = intm.newMetricPtr("proxy.process.tunnel.total_server_connections_tls"); + net_rsb.tunnel_current_client_connections_tls_http = + intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_http"); + net_rsb.tunnel_total_server_connections_tls = intm.newMetricPtr("proxy.process.tunnel.total_server_connections_tls"); net_rsb.tunnel_current_server_connections_tls = intm.newMetricPtr("proxy.process.tunnel.current_server_connections_tls"); - net_rsb.default_inactivity_timeout_applied = intm.newMetricPtr("proxy.process.net.default_inactivity_timeout_applied"); - net_rsb.default_inactivity_timeout_count = intm.newMetricPtr("proxy.process.net.default_inactivity_timeout_count"); - net_rsb.fastopen_attempts = intm.newMetricPtr("proxy.process.net.fastopen_out.attempts"); - net_rsb.fastopen_successes = intm.newMetricPtr("proxy.process.net.fastopen_out.successes"); - net_rsb.handler_run = intm.newMetricPtr("proxy.process.net.net_handler_run"); - net_rsb.inactivity_cop_lock_acquire_failure = intm.newMetricPtr("proxy.process.net.inactivity_cop_lock_acquire_failure"); - net_rsb.keep_alive_queue_timeout_count = intm.newMetricPtr("proxy.process.net.dynamic_keep_alive_timeout_in_count"); - net_rsb.keep_alive_queue_timeout_total = intm.newMetricPtr("proxy.process.net.dynamic_keep_alive_timeout_in_total"); - net_rsb.read_bytes = intm.newMetricPtr("proxy.process.net.read_bytes"); - net_rsb.read_bytes_count = intm.newMetricPtr("proxy.process.net.read_bytes_count"); - net_rsb.requests_max_throttled_in = intm.newMetricPtr("proxy.process.net.max.requests_throttled_in"); - net_rsb.socks_connections_currently_open = intm.newMetricPtr("proxy.process.socks.connections_currently_open"); - net_rsb.socks_connections_successful = intm.newMetricPtr("proxy.process.socks.connections_successful"); - net_rsb.socks_connections_unsuccessful = intm.newMetricPtr("proxy.process.socks.connections_unsuccessful"); - net_rsb.tcp_accept = intm.newMetricPtr("proxy.process.tcp.total_accepts"); - net_rsb.write_bytes = intm.newMetricPtr("proxy.process.net.write_bytes"); - net_rsb.write_bytes_count = intm.newMetricPtr("proxy.process.net.write_bytes_count"); + net_rsb.default_inactivity_timeout_applied = intm.newMetricPtr("proxy.process.net.default_inactivity_timeout_applied"); + net_rsb.default_inactivity_timeout_count = intm.newMetricPtr("proxy.process.net.default_inactivity_timeout_count"); + net_rsb.fastopen_attempts = intm.newMetricPtr("proxy.process.net.fastopen_out.attempts"); + net_rsb.fastopen_successes = intm.newMetricPtr("proxy.process.net.fastopen_out.successes"); + net_rsb.handler_run = intm.newMetricPtr("proxy.process.net.net_handler_run"); + net_rsb.inactivity_cop_lock_acquire_failure = intm.newMetricPtr("proxy.process.net.inactivity_cop_lock_acquire_failure"); + net_rsb.keep_alive_queue_timeout_count = intm.newMetricPtr("proxy.process.net.dynamic_keep_alive_timeout_in_count"); + net_rsb.keep_alive_queue_timeout_total = intm.newMetricPtr("proxy.process.net.dynamic_keep_alive_timeout_in_total"); + net_rsb.read_bytes = intm.newMetricPtr("proxy.process.net.read_bytes"); + net_rsb.read_bytes_count = intm.newMetricPtr("proxy.process.net.read_bytes_count"); + net_rsb.requests_max_throttled_in = intm.newMetricPtr("proxy.process.net.max.requests_throttled_in"); + net_rsb.socks_connections_currently_open = intm.newMetricPtr("proxy.process.socks.connections_currently_open"); + net_rsb.socks_connections_successful = intm.newMetricPtr("proxy.process.socks.connections_successful"); + net_rsb.socks_connections_unsuccessful = intm.newMetricPtr("proxy.process.socks.connections_unsuccessful"); + net_rsb.tcp_accept = intm.newMetricPtr("proxy.process.tcp.total_accepts"); + net_rsb.write_bytes = intm.newMetricPtr("proxy.process.net.write_bytes"); + net_rsb.write_bytes_count = intm.newMetricPtr("proxy.process.net.write_bytes_count"); } void diff --git a/iocore/net/SSLNetVConnection.cc b/iocore/net/SSLNetVConnection.cc index 1bf6decf850..aad6b0ad1c9 100644 --- a/iocore/net/SSLNetVConnection.cc +++ b/iocore/net/SSLNetVConnection.cc @@ -1040,24 +1040,23 @@ SSLNetVConnection::free_thread(EThread *t) if (is_tunnel_endpoint()) { ink_assert(get_context() != NET_VCONNECTION_UNSET); - Metrics::decrement(([&]() -> Metrics::IntType * - { - if (get_context() == NET_VCONNECTION_IN) { - switch (get_tunnel_type()) { - case SNIRoutingType::BLIND: - return net_rsb.tunnel_current_client_connections_tls_tunnel; - case SNIRoutingType::FORWARD: - return net_rsb.tunnel_current_client_connections_tls_forward; - case SNIRoutingType::PARTIAL_BLIND: - return net_rsb.tunnel_current_client_connections_tls_partial_blind; - default: - return net_rsb.tunnel_current_client_connections_tls_http; + Metrics::decrement(([&]() -> Metrics::IntType * { + if (get_context() == NET_VCONNECTION_IN) { + switch (get_tunnel_type()) { + case SNIRoutingType::BLIND: + return net_rsb.tunnel_current_client_connections_tls_tunnel; + case SNIRoutingType::FORWARD: + return net_rsb.tunnel_current_client_connections_tls_forward; + case SNIRoutingType::PARTIAL_BLIND: + return net_rsb.tunnel_current_client_connections_tls_partial_blind; + default: + return net_rsb.tunnel_current_client_connections_tls_http; + } } - } - // NET_VCONNECTION_OUT - Never a tunnel type for out (to server) context. - ink_assert(get_tunnel_type() == SNIRoutingType::NONE); + // NET_VCONNECTION_OUT - Never a tunnel type for out (to server) context. + ink_assert(get_tunnel_type() == SNIRoutingType::NONE); - return net_rsb.tunnel_current_server_connections_tls; + return net_rsb.tunnel_current_server_connections_tls; })()); } diff --git a/iocore/net/UnixNetVConnection.cc b/iocore/net/UnixNetVConnection.cc index c72d574b08f..a8b03640f4b 100644 --- a/iocore/net/UnixNetVConnection.cc +++ b/iocore/net/UnixNetVConnection.cc @@ -1297,16 +1297,15 @@ UnixNetVConnection::free_thread(EThread *t) if (is_tunnel_endpoint()) { Debug("iocore_net", "Freeing UnixNetVConnection that is tunnel endpoint"); - Metrics::decrement(([&]() -> Metrics::IntType * - { - switch (get_context()) { - case NET_VCONNECTION_IN: - return net_rsb.tunnel_current_client_connections_blind_tcp; - case NET_VCONNECTION_OUT: - return net_rsb.tunnel_current_server_connections_blind_tcp; - default: - ink_release_assert(false); - } + Metrics::decrement(([&]() -> Metrics::IntType * { + switch (get_context()) { + case NET_VCONNECTION_IN: + return net_rsb.tunnel_current_client_connections_blind_tcp; + case NET_VCONNECTION_OUT: + return net_rsb.tunnel_current_server_connections_blind_tcp; + default: + ink_release_assert(false); + } })()); } diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc index 7f9ebce0d55..1a8be933335 100644 --- a/proxy/http/HttpTransact.cc +++ b/proxy/http/HttpTransact.cc @@ -5745,40 +5745,6 @@ HttpTransact::initialize_state_variables_from_request(State *s, HTTPHdr *obsolet s->hdr_info.extension_method = true; } - // This function, HttpTransact::initialize_state_variables_from_request(), may be called multiple times for the same - // HTTP request. But we only want to increment the per-method request metric the first time this function is called - // for each request. - - if (!s->method_metric_incremented) { - if (s->method == HTTP_WKSIDX_GET) { - HTTP_INCREMENT_DYN_STAT(http_get_requests_stat); - } else if (s->method == HTTP_WKSIDX_HEAD) { - HTTP_INCREMENT_DYN_STAT(http_head_requests_stat); - } else if (s->method == HTTP_WKSIDX_POST) { - HTTP_INCREMENT_DYN_STAT(http_post_requests_stat); - } else if (s->method == HTTP_WKSIDX_PUT) { - HTTP_INCREMENT_DYN_STAT(http_put_requests_stat); - } else if (s->method == HTTP_WKSIDX_CONNECT) { - HTTP_INCREMENT_DYN_STAT(http_connect_requests_stat); - } else if (s->method == HTTP_WKSIDX_DELETE) { - HTTP_INCREMENT_DYN_STAT(http_delete_requests_stat); - } else if (s->method == HTTP_WKSIDX_PURGE) { - HTTP_INCREMENT_DYN_STAT(http_purge_requests_stat); - } else if (s->method == HTTP_WKSIDX_TRACE) { - HTTP_INCREMENT_DYN_STAT(http_trace_requests_stat); - } else if (s->method == HTTP_WKSIDX_PUSH) { - HTTP_INCREMENT_DYN_STAT(http_push_requests_stat); - } else if (s->method == HTTP_WKSIDX_OPTIONS) { - HTTP_INCREMENT_DYN_STAT(http_options_requests_stat); - } else { - HTTP_INCREMENT_DYN_STAT(http_extension_method_requests_stat); - SET_VIA_STRING(VIA_DETAIL_TUNNEL, VIA_DETAIL_TUNNEL_METHOD); - s->squid_codes.log_code = SQUID_LOG_TCP_MISS; - s->hdr_info.extension_method = true; - } - s->method_metric_incremented = true; - } - // if transfer encoding is chunked content length is undefined if (s->client_info.transfer_encoding == CHUNKED_ENCODING) { s->hdr_info.request_content_length = HTTP_UNDEFINED_CL;