| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
lock to decrease spurious wakeups.
Submitted by: davidxu
MFC after: 2 weeks
Notes:
svn path=/head/; revision=259195
|
| |
|
|
|
|
|
|
| |
Reviewed by: pjd
MFC after: 1 month
Notes:
svn path=/head/; revision=257155
|
| |
|
|
|
|
|
|
| |
Approved by: re (marius)
MFC after: 3 days
Notes:
svn path=/head/; revision=255717
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
waiting on an empty queue as the queue may have several consumers.
Before the fix the following scenario was possible: 2 threads are
waiting on empty queue, 2 threads are inserting simultaneously. The
first inserting thread detects that the queue is empty and is going to
send the signal, but before it sends the second thread inserts
too. When the first sends the signal only one of the waiting threads
receive it while the other one may wait forever.
The scenario above is is believed to be the cause of the observed
cases, when ggate_recv_thread() was getting stuck on taking free
request, while the free queue was not empty.
Reviewed by: pjd
Tested by: Yamagi Burmeister yamagi.org
Approved by: re (marius)
MFC after: 2 weeks
Notes:
svn path=/head/; revision=255714
|
| |
|
|
| |
Notes:
svn path=/head/; revision=248294
|
| |
|
|
|
|
|
|
|
|
| |
them. This may be useful for detecting problems with HAST disks.
Discussed with and reviewed by: pjd
MFC after: 1 week
Notes:
svn path=/head/; revision=247281
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
why it will now be the default.
- Bump protocol version to 2 and add backward compatibility for version 1.
- Allow to specify hosts by kern.hostid as well (in addition to hostname and
kern.hostuuid) in configuration file.
Sponsored by: Panzura
Tested by: trociny
Notes:
svn path=/head/; revision=246922
|
| |
|
|
|
|
|
| |
MFC after: 3 days
Notes:
svn path=/head/; revision=230092
|
| |
|
|
|
|
|
|
|
| |
any negative number.
MFC after: 3 days
Notes:
svn path=/head/; revision=229945
|
| |
|
|
|
|
|
| |
MFC after: 3 days
Notes:
svn path=/head/; revision=229744
|
| |
|
|
|
|
|
|
| |
Found by: Clang Static Analyzer
MFC after: 1 week
Notes:
svn path=/head/; revision=228544
|
| |
|
|
|
|
|
| |
MFC after: 3 days
Notes:
svn path=/head/; revision=226861
|
| |
|
|
|
|
|
|
|
|
| |
- Introduce hio_clear() function for clearing hio before returning it
onto free queue.
MFC after: 3 days
Notes:
svn path=/head/; revision=226854
|
| |
|
|
|
|
|
| |
MFC after: 3 days
Notes:
svn path=/head/; revision=226842
|
| |
|
|
|
|
|
|
|
| |
and don't bother trying in the future.
MFC after: 3 days
Notes:
svn path=/head/; revision=225832
|
| |
|
|
|
|
|
| |
MFC after: 3 days
Notes:
svn path=/head/; revision=225831
|
| |
|
|
|
|
|
|
|
|
| |
pjdlog versions will log problem to syslog when application is running in
background.
MFC after: 3 days
Notes:
svn path=/head/; revision=225782
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
only receiving the data. In r220271 the unused directions were
disabled using shutdown(2).
Unfortunately, this broke automatic receive buffer sizing, which
currently works only for connections in ETASBLISHED state. It was a
root cause of the issue reported by users, when connection between
primary and secondary could get stuck.
Disable the code introduced in r220271 until the issue with automatic
buffer sizing is not resolved.
Reported by: Daniel Kalchev <daniel@digsys.bg>, danger, sobomax
Tested by: Daniel Kalchev <daniel@digsys.bg>, danger
Approved by: pjd (mentor)
MFC after: 1 week
Notes:
svn path=/head/; revision=223181
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
requests as well as number of activemap updates.
Number of BIO_WRITEs and activemap updates are especially interesting, because
if those two are too close to each other, it means that your workload needs
bigger number of dirty extents. Activemap should be updated as rarely as
possible.
MFC after: 1 week
Notes:
svn path=/head/; revision=222228
|
| |
|
|
|
|
|
| |
MFC after: 1 week
Notes:
svn path=/head/; revision=222164
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
because we need to do ioctl(2)s, which are not permitted in the capability
mode. What we do now is to chroot(2) to /var/empty, which restricts access
to file system name space and we drop privileges to hast user and hast
group.
This still allows to access to other name spaces, like list of processes,
network and sysvipc.
To address that, use jail(2) instead of chroot(2). Using jail(2) will restrict
access to process table, network (we use ip-less jails) and sysvipc (if
security.jail.sysvipc_allowed is turned off). This provides much better
separation.
MFC after: 1 week
Notes:
svn path=/head/; revision=221899
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- We have two nodes connected and synchronized (local counters on both sides
are 0).
- We take secondary down and recreate it.
- Primary connects to it and starts synchronization (but local counters are
still 0).
- We switch the roles.
- Synchronization restarts but data is synchronized now from new primary
(because local counters are 0) that doesn't have new data yet.
This fix this issue we bump local counter on primary when we discover that
connected secondary was recreated and has no data yet.
Reported by: trociny
Discussed with: trociny
Tested by: trociny
MFC after: 1 week
Notes:
svn path=/head/; revision=220865
|
| |
|
|
|
|
|
|
|
|
| |
In HAST we use two sockets - one for only sending the data and one for only
receiving the data.
MFC after: 1 month
Notes:
svn path=/head/; revision=220271
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Before it could change later and we were sending invalid mapsize.
Some time ago I added optimization where when nodes are connected for the
first time and there were no writes to them yet, there is no initial full
synchronization. This bug prevented it from working.
MFC after: 1 week
Notes:
svn path=/head/; revision=220007
|
| |
|
|
|
|
|
| |
MFC after: 1 week
Notes:
svn path=/head/; revision=220005
|
| |
|
|
|
|
|
|
|
| |
Secondary doesn't need to connect anywhere.
MFC after: 1 week
Notes:
svn path=/head/; revision=219900
|
| |
|
|
|
|
|
| |
MFC after: 1 week
Notes:
svn path=/head/; revision=219864
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We can use capsicum for secondary worker processes and hastctl.
When working as primary we drop privileges using chroot+setgid+setuid
still as we need to send ioctl(2)s to ggate device, for which capsicum
doesn't allow (yet).
X-MFC after: capsicum is merged to stable/8
Notes:
svn path=/head/; revision=219847
|
| |
|
|
|
|
|
| |
MFC after: 1 week
Notes:
svn path=/head/; revision=219843
|
| |
|
|
|
|
|
| |
MFC after: 1 week
Notes:
svn path=/head/; revision=219831
|
| |
|
|
|
|
|
|
|
|
| |
This means that both nodes have separately managed resources that don't
have the same data.
MFC after: 1 week
Notes:
svn path=/head/; revision=219830
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This way we know how to connect to secondary node when we are primary.
The same variable is used by the secondary node - it only accepts
connections from the address stored in 'remote' variable.
In cluster configurations it is common that each node has its individual
IP address and there is one addtional shared IP address which is assigned
to primary node. It seems it is possible that if the shared IP address is
from the same network as the individual IP address it might be choosen by
the kernel as a source address for connection with the secondary node.
Such connection will be rejected by secondary, as it doesn't come from
primary node individual IP.
Add 'source' variable that allows to specify source IP address we want to
bind to before connecting to the secondary node.
MFC after: 1 week
Notes:
svn path=/head/; revision=219818
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
connection so the worker will exit if it does not receive packets from
the primary during this interval.
Reported by: Christian Vogt <Christian.Vogt@haw-hamburg.de>
Tested by: Christian Vogt <Christian.Vogt@haw-hamburg.de>
Approved by: pjd (mentor)
MFC after: 1 week
Notes:
svn path=/head/; revision=219721
|
| |
|
|
|
|
|
|
| |
Approved by: pjd (mentor)
MFC after: 1 week
Notes:
svn path=/head/; revision=219482
|
| |
|
|
|
|
|
|
|
|
|
|
| |
worker can ask the main privileged process to connect in worker's behalf
and then we can migrate descriptor using this socketpair to worker.
This is not really needed now, but will be needed once we start to use
capsicum for sandboxing.
MFC after: 1 week
Notes:
svn path=/head/; revision=218218
|
| |
|
|
|
|
|
|
|
| |
We don't want to log this in hastctl.
MFC after: 1 week
Notes:
svn path=/head/; revision=218214
|
| |
|
|
|
|
|
|
|
|
|
|
| |
to syslog if we run in background.
- Asserts in proto.c that method we want to call is implemented and remove
dummy methods from protocols implementation that are only there to abort
the program with nice message.
MFC after: 1 week
Notes:
svn path=/head/; revision=218138
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Accepting connections and handshaking in secondary is still done before
dropping privileges. It should be implemented by only accepting connections in
privileged main process and passing connection descriptors to the worker, but
is not implemented yet.
MFC after: 1 week
Notes:
svn path=/head/; revision=218049
|
| |
|
|
|
|
|
|
|
| |
descriptors are open.
MFC after: 1 week
Notes:
svn path=/head/; revision=218045
|
| |
|
|
|
|
|
| |
MFC after: 1 week
Notes:
svn path=/head/; revision=218043
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
initialize all the data. This is huge waste of time and resources if
there were no writes yet, as there is no real data to synchronize.
Optimize this by sending "virgin" argument to secondary, which gives it a hint
that synchronization is not needed.
In the common case (where noth nodes are configured at the same time) instead
of synchronizing everything, we don't synchronize at all.
MFC after: 1 week
Notes:
svn path=/head/; revision=214284
|
| |
|
|
|
|
|
| |
MFC after: 3 days
Notes:
svn path=/head/; revision=214276
|
| |
|
|
|
|
|
| |
MFC after: 3 days
Notes:
svn path=/head/; revision=214275
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This way the primary process inherits signal mask from the main process,
which fixes a race where signal is delivered to the primary process before
configuring signal mask.
Reported by: Mikolaj Golub <to.my.trociny@gmail.com>
MFC after: 3 days
Notes:
svn path=/head/; revision=213009
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
while the main process sends control message to the worker process, but worker
process hasn't started control thread yet, because it waits for reply from the
main process.
The fix is to start the control thread before sending any events.
Reported and fix suggested by: Mikolaj Golub <to.my.trociny@gmail.com>
MFC after: 3 days
Notes:
svn path=/head/; revision=213007
|
| |
|
|
|
|
|
| |
MFC after: 3 days
Notes:
svn path=/head/; revision=212899
|
| |
|
|
|
|
|
|
| |
Submitted by: Mikolaj Golub <to.my.trociny@gmail.com>
MFC after: 2 weeks
Notes:
svn path=/head/; revision=212051
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
limited to async-signal safe functions in the child process), move all hooks
execution to the main (non-threaded) process.
Do it by maintaining connection (socketpair) between child and parent
and sending events from the child to parent, so it can execute the hook.
This is step in right direction for others reasons too. For example there is
one less problem to drop privs in worker processes.
MFC after: 2 weeks
Obtained from: Wheel Systems Sp. z o.o. http://www.wheelsystems.com
Notes:
svn path=/head/; revision=212038
|
| |
|
|
|
|
|
|
| |
MFC after: 2 weeks
Obtained from: Wheel Systems Sp. z o.o. http://www.wheelsystems.com
Notes:
svn path=/head/; revision=211984
|
| |
|
|
|
|
|
|
| |
MFC after: 2 weeks
Obtained from: Wheel Systems Sp. z o.o. http://www.wheelsystems.com
Notes:
svn path=/head/; revision=211983
|
