Skip to content
This repository was archived by the owner on Nov 24, 2025. It is now read-only.

Backport 4.0.x: Fix ip_allow config generation for mids to include rascal servers #4308

Merged
rawlinp merged 1 commit intoapache:4.0.xfrom
mhoppa:bug/fix_ip_config
Jan 21, 2020
Merged

Backport 4.0.x: Fix ip_allow config generation for mids to include rascal servers #4308
rawlinp merged 1 commit intoapache:4.0.xfrom
mhoppa:bug/fix_ip_config

Conversation

@mhoppa
Copy link
Copy Markdown
Contributor

@mhoppa mhoppa commented Jan 21, 2020
edited
Loading

(cherry picked from #4296)

What does this PR (Pull Request) do?

Currently in ip_allow.config generation for mids it does not include rascal server IPs causing them to be blocked on attempting to pull astats.

The behavior in the perl implementation is that it would include all servers of type Rascal as well as EDGEs that are in either parent/secondary cachegroup of the mid. https://github.com/apache/trafficcontrol/blob/master/traffic_ops/app/lib/API/Configs/ApacheTrafficServer.pm#L2210-L2228

TO GO API Bug

In the go TO implementation it checks the parent/secondary cachegroup on both Rascal AND Edge servers which is a mismatch of logic.

Going from is rascal OR (is edge AND edge.cg in (mid parent cg, mid secondary cg) to is rascal OR edge AND s.cg in (mid parent cg, mid secondary cg)

atstccfg Bug

In the atstccfg cfg it does not attempt to include rascal servers

Which Traffic Control components are affected by this PR?

  • Traffic Ops
  • atstccfg

What is the best way to verify this PR?

Generate the ip_allow.cfg for a mid and ensure the rascal servers are included via TO API and atstccfg

If this is a bug fix, what versions of Traffic Control are affected?

The following criteria are ALL met by this PR

  • This PR includes tests OR I have explained why tests are unnecessary
  • This PR includes documentation OR I have explained why documentation is unnecessary
  • This PR includes an update to CHANGELOG.md OR such an update is not necessary
  • This PR includes any and all required license headers
  • This PR ensures that database migration sequence is correct OR this PR does not include a database migration
  • This PR DOES NOT FIX A SERIOUS SECURITY VULNERABILITY (see the Apache Software Foundation's security guidelines for details)

Additional Information

@mitchell852 mitchell852 added the backport an upstream change merged into an older release label Jan 21, 2020
@rawlinp rawlinp added this to the 4.0.0 milestone Jan 21, 2020
@rawlinp rawlinp added Traffic Ops related to Traffic Ops Traffic Ops ORT *DEPRECATED* related to the traffic_ops_ort.pl script labels Jan 21, 2020
@mhoppa
Fix ip_allow config generation for mids to include rascal servers (ap…
0c6d2b9 
…ache#4296)

* Fix ip_allow config generation to include rascal servers

* Fix ip_allow generation in atstccfg

* Add API tests for ip_allow

* Make tests more robust

(cherry picked from commit 6b11bd9)
@mhoppa mhoppa force-pushed the bug/fix_ip_config branch from ce0b090 to 0c6d2b9 Compare January 21, 2020 22:27
@rawlinp rawlinp merged commit 253b9e7 into apache:4.0.x Jan 21, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

backport an upstream change merged into an older release Traffic Ops ORT *DEPRECATED* related to the traffic_ops_ort.pl script Traffic Ops related to Traffic Ops

Projects

None yet

Milestone

4.0.0

Development

Successfully merging this pull request may close these issues.

3 participants

@mhoppa @mitchell852 @rawlinp