Fix ip_allow config generation for mids to include rascal servers#4296
Fix ip_allow config generation for mids to include rascal servers#4296rob05c merged 5 commits intoapache:masterfrom
Conversation
rawlinp
added
regression bug
|
Looks to have the same issue in atstccfg as well https://github.com/apache/trafficcontrol/blob/master/traffic_ops/ort/atstccfg/cfgfile/ipallowdotconfig.go#L112-L117 need to test and look into that |
mhoppa
changed the title
|
TO GO and ATSTCCFG should both be fixed for mid ip_allow generation now |
rob05c
left a comment
rob05c
left a comment
There was a problem hiding this comment.
Great catch! Looks good, tested manually, both atstccfg and TO return all the IPs of all RASCAL (monitor) servers on that Mid's CDN, either the IP or a range containing it.
Would you mind adding an integration test to traffic_ops/testing/api/v14/atsconfig_test.go to verify that (or copying one like hdr_rw_dot_config_test.go and making a new file, whatever's easier)?
|
Yeah I can do that! |
|
API tests are modified to be more robust incase the rascal server is included in a range instead on its own. CRED goes to @rob05c for the |
rob05c
left a comment
rob05c
left a comment
There was a problem hiding this comment.
Looks great! API tests pass, unit tests pass. Thanks for doing those, I know it was more painful than either of us realized
…ache#4296) * Fix ip_allow config generation to include rascal servers * Fix ip_allow generation in atstccfg * Add API tests for ip_allow * Make tests more robust (cherry picked from commit 6b11bd9)
3 participants
What does this PR (Pull Request) do?
Currently in ip_allow.config generation for mids it does not include rascal server IPs causing them to be blocked on attempting to pull astats.
The behavior in the perl implementation is that it would include all servers of type Rascal as well as EDGEs that are in either parent/secondary cachegroup of the mid. https://github.com/apache/trafficcontrol/blob/master/traffic_ops/app/lib/API/Configs/ApacheTrafficServer.pm#L2210-L2228
TO GO API Bug
In the go TO implementation it checks the parent/secondary cachegroup on both Rascal AND Edge servers which is a mismatch of logic.
Going from
is rascal OR (is edge AND edge.cg in (mid parent cg, mid secondary cg)tois rascal OR edge AND s.cg in (mid parent cg, mid secondary cg)atstccfg Bug
In the atstccfg cfg it does not attempt to include rascal servers
Which Traffic Control components are affected by this PR?
What is the best way to verify this PR?
Generate the ip_allow.cfg for a mid and ensure the rascal servers are included via TO API and atstccfg
If this is a bug fix, what versions of Traffic Control are affected?
The following criteria are ALL met by this PR
Additional Information