Age | Commit message (Collapse) | Author |
|
* activate/deactivate is pending redesign, so the old code no longer applies.
* conceptually activate/deactivate should be transparent to commit so removing the old code.
|
|
|
|
|
|
|
|
|
|
configuration booting with 6000 vpn tunnels (w/ 2 gigs ram).
|
|
/etc/rc* system. An integer at the beginning of the script identifies
the order in which the script is executed (i.e. 01test is run before
55monkey).
2) There is now a pre-commit hook that can be used. These scripts are
located at: /etc/precommit and are invoked before commit has started
processing actions.
3) A success/failure environment flag set before a process has run has
been changed to a tri-state:
SUCCESS = all priority groups succeeded
FAILURE = all priority groups failed
PARTIAL = mixed success/failed
|
|
action applied. will be used to help resolve problems identified w/ fw synchronization of rules.
|
|
upped max_length_buffer length from 1024 to 4096.
Should leave open and reassign to mendocino so that a proper string length check can be added to the commit.
(cherry picked from commit df3c80575ea539e560afc3357eb322e3e9df64bf)
|
|
* change "commit" to use syscalls (instead of system("...") calls) for mount/umount.
* this is a temporary fix, and such low-level details need to be moved into the backend library.
|
|
* remove public status modifier as high-level operations no longer need it.
* add more information to clarify changed status handling in library.
* mark changed status at appropriate places in library.
|
|
* original backend implementation uses unionfs-specific "changes only" dir to determine "changed" status. this breaks when it involves deactivated nodes.
* new library design uses explicit per-node "changed" marker. however, since previously "commit" only handles a root "changed" marker, the new library could not implement this scheme and used a workaround instead.
* now add API functions for "commit" to properly clean up "changed" markers.
* modify "commit" to use these API functions and remove the workaround from the new library.
|
|
deactivated nodes.
|
|
|
|
simplified deactivated nodes logic in commit.
|
|
The entitlement bug can be fixed https://bugzilla.vyatta.com/show_bug.cgi?id=5354 by adding a hook into this directory.
|
|
Bug found my Mohit.
|
|
Get rid of:
return;
}
|
|
Change retrieve_data and srcDst to use const.
This fixes compiler warnings about violating const rules.
|
|
instance. todo update the parsing structure to support a signed value to support embedded tag node
value of 1 (current behavior)--will address this in the future (or when this behavior is requested).
|
|
supported.
|
|
priority: PARENT
Means that this priority group will adopt the priority value of the parent. And the behavior on deletion of this priority root node will be deleted before the parent. On
all other operations this node will be scheduled after the parent.
This should fix problems in scheduling creation/deletion orders for priority groups so long as they are located within the same hierarchy.
priority.pl has been updated as well.
|
|
Embedded leaf nodes can now be supported in the cli structure. In additional an arbritrary limit can be set on the number of multinode values allowed.
Format in the node.def is:
tag: [u32]
or
multi: [u32]
For the special case of a leaf node the value for u32 is 1. In this case the operation applied to the node is to replace the node with the set value. This generates a
delete of the old tree structure from the embedded leaf and a set of the new tree structure from the embedded leaf.
|
|
|
|
|
|
|
|
limited than this--at least tag node.def and multiple
configuration on commit.
tested fix with limited regression test.
also slightly modified break on priority values where embedded multinodes with priority values are treated as discrete transactions (which
isolates failures within the multinode and not the parent of the multinode).
|
|
references to old values.
|
|
and should be considered depricated.
|
|
diverges from the node.defs
commit behavior has not changed yet, but can be completely switched over to node.def priority system with simple change.
|
|
will now display both priorities:
interfaces (t: 0, p: 850,850)
the first value is from the old priority file and is the active value, the second value is the value retrieved from the node.def and is not used (yet).
|
|
|
|
deleted leafs. Partial regression run on changes, results map to 10/10 build.
|
|
will improve performance by avoiding the piecewise priority based copy and just
copy the complete configuration once. On specific test configuration performance improvement brought commit boot time down from >15 minutes to less than 10
minutes.
|
|
* convert subshell invocations to library function calls.
* reduce boot time by ~40 seconds for "certain configuration".
|
|
with slash in
jenner.
|
|
available to the partial commit status api (bug fix 4919). this approach will
be revised in next
release.
|
|
accounting file.
|
|
from commit and via .changes
file used for commit active node set.
|
|
nodes are delimited by "/" rather than spaces.
|
|
|
|
functional without additional testing.
|
|
CREATE, DELETE, END, BEGIN) within a priority tree.
That means that all work (include the commit-check pass) will be
performed on a priority tree before proceeding to the next priority tree.
If a priority tree generates a failure in the commit-check pass
processing will halt on the priority tree and no further processing will
be performed on the priority tree. The failed priority tree will NOT be
copied to the active working directory.
All nodes in the priority tree will execute SYNTAX and COMMIT actions
except for nodes that have been deleted. Note this iteration is
performed on the working tree, so all commit-check nodes will either be
directly modified or have a node down the hierarchy that had been modified.
The working directory and active directory will not be modified until
after all priority trees have been processed.
|
|
Note that commit check only applies in the following cases:
1) On nodes or ancestors of nodes that have been set or modified
2) Does not applied to deleted nodes
Feature developers should:
1) locate commit checks at a common ancestor if checking across a hierarchy
2) expect that the commit check only enforces created behavior (therefore behaves more like a create check).
An additional flag is provided "-f" to allow for full syntax and commit checks. This allows a complete single pass on all syntax and
commit errors. The default behavior is to stop processing on the first error.
|
|
passes regression
|
|
"ENV_SIBLING_POSITION". This value will either be "FIRST" or "LAST" or undefined.
"FIRST" means that the sibling is the first in the list of a common parent, provided that the sibling resides in the same priority group
"LAST" means that the sibling is the last in the list of a common parent, provided that the sibling resides in the same priority group
|
|
|
|
opaque directories are now handled corrected when a delete is followed by a set in a subsection of the deleted hierarchy.
|
|
So,
100 load-balancing/wan/rule/node.tag/*
applies the priority of "100" to all children of the multinode "rule:value"
NEW TRANS
+ source (t: 0, p: 333)
+ address (t: 0, p: 1000)
+ 1.1.1.1/32 (t: 8, p: 1000) [VALUE]
NEW TRANS
+ protocol (t: 0, p: 333)
+ all (t: 8, p: 1000) [VALUE] [SYNTAX]
NEW TRANS
+ protocol (t: 0, p: 333)
+ all (t: 8, p: 1000) [VALUE] [SYNTAX]
NEW TRANS
+ load-balancing (t: 0, p: 1000)
+ wan (t: 0, p: 1000) [DELETE] [COMMIT]
+ rule (t: 0, p: 1000) [MULTI]
+ 1 (t: 1, p: 1000) [VALUE]
+ 2 (t: 1, p: 1000) [VALUE]
Where protocol is a child node of "rule:value"
This should allow us to compress some of the entries given the current state of the priority file.
|
|
|