diff --git a/doc/admin-guide/monitoring/statistics/core/http-connection.en.rst b/doc/admin-guide/monitoring/statistics/core/http-connection.en.rst index 28de812a0bf..cd9a554e0b7 100644 --- a/doc/admin-guide/monitoring/statistics/core/http-connection.en.rst +++ b/doc/admin-guide/monitoring/statistics/core/http-connection.en.rst @@ -164,10 +164,33 @@ HTTP Connection Counts the number of times current parent or next parent was detected +.. ts:stat:: global proxy.process.tunnel.total_client_connections_blind_tcp integer + :type: counter + + Total number of non-TLS TCP connections for tunnels where the far end is the client + initiated with an HTTP request (such as a CONNECT or WebSocket request). + +.. ts:stat:: global proxy.process.tunnel.current_client_connections_blind_tcp integer + :type: counter + + Current number of non-TLS TCP connections for tunnels where the far end is the client + initiated with an HTTP request (such as a CONNECT or WebSocket request). + +.. ts:stat:: global proxy.process.tunnel.total_server_connections_blind_tcp integer + :type: counter + + Total number of TCP connections for tunnels where the far end is the server, + except for those counted by ``proxy.process.tunnel.total_server_connections_tls`` + +.. ts:stat:: global proxy.process.tunnel.current_server_connections_blind_tcp integer + :type: counter + + Current number of TCP connections for tunnels where the far end is the server, + except for those counted by ``proxy.process.tunnel.current_server_connections_tls`` + HTTP/2 ------ - .. ts:stat:: global proxy.process.http2.total_client_connections integer :type: counter diff --git a/doc/admin-guide/monitoring/statistics/core/ssl.en.rst b/doc/admin-guide/monitoring/statistics/core/ssl.en.rst index e18bae11c6f..59eaa918a54 100644 --- a/doc/admin-guide/monitoring/statistics/core/ssl.en.rst +++ b/doc/admin-guide/monitoring/statistics/core/ssl.en.rst @@ -238,6 +238,66 @@ SSL/TLS A gauge of current active SNI Routing Tunnels. +.. ts:stat:: global proxy.process.tunnel.total_client_connections_tls_tunnel integer + :type: counter + + Total number of TCP connections for TLS tunnels where the far end is the client + created based on a ``tunnel_route`` key in a table in the :file:`sni.yaml` file. + +.. ts:stat:: global proxy.process.tunnel.current_client_connections_tls_tunnel integer + :type: counter + + Current number of TCP connections for TLS tunnels where the far end is the client + created based on a ``tunnel_route`` key in a table in the :file:`sni.yaml` file. + +.. ts:stat:: global proxy.process.tunnel.total_client_connections_tls_forward integer + :type: counter + + Total number of TCP connections for TLS tunnels where the far end is the client + created based on a ``forward_route`` key in a table in the :file:`sni.yaml` file. + +.. ts:stat:: global proxy.process.tunnel.current_client_connections_tls_forward integer + :type: counter + + Current number of TCP connections for TLS tunnels where the far end is the client + created based on a ``forward_route`` key in a table in the :file:`sni.yaml` file. + +.. ts:stat:: global proxy.process.tunnel.total_client_connections_tls_partial_blind integer + :type: counter + + Total number of TCP connections for TLS tunnels where the far end is the client + created based on a ``partial_blind_route`` key in a table in the :file:`sni.yaml` file. + +.. ts:stat:: global proxy.process.tunnel.current_client_connections_tls_partial_blind integer + :type: counter + + Current number of TCP connections for TLS tunnels where the far end is the client + created based on a ``partial_blind_route`` key in a table in the :file:`sni.yaml` file. + +.. ts:stat:: global proxy.process.tunnel.total_client_connections_tls_http integer + :type: counter + + Total number of TLS connections for tunnels where the far end is the client + initiated with an HTTP request. + +.. ts:stat:: global proxy.process.tunnel.current_client_connections_tls_http integer + :type: counter + + Current number of TLS connections for tunnels where the far end is the client + initiated with an HTTP request. + +.. ts:stat:: global proxy.process.tunnel.total_server_connections_tls integer + :type: counter + + Total number of TCP connections for TLS tunnels where the far end is the server + created based on a ``partial_blind_route`` key in a table in the :file:`sni.yaml` file. + +.. ts:stat:: global proxy.process.tunnel.current_server_connections_tls integer + :type: counter + + Current number of TCP connections for TLS tunnels where the far end is the server + created based on a ``partial_blind_route`` key in a table in the :file:`sni.yaml` file. + .. _pre-warming-tls-tunnel-stats: Pre-warming TLS Tunnel diff --git a/iocore/eventsystem/I_VConnection.h b/iocore/eventsystem/I_VConnection.h index e39f4dff5c2..7e0ba5c7679 100644 --- a/iocore/eventsystem/I_VConnection.h +++ b/iocore/eventsystem/I_VConnection.h @@ -360,7 +360,13 @@ class VConnection : public Continuation return false; } -public: + // This function should be called when the VConnection is a tunnel endpoint. By default, a VConnection does not care if it + // is a tunnel endpoint. + virtual void + mark_as_tunnel_endpoint() + { + } + /** The error code from the last error. diff --git a/iocore/net/Net.cc b/iocore/net/Net.cc index 05438e5dd2f..b0dbf118c4f 100644 --- a/iocore/net/Net.cc +++ b/iocore/net/Net.cc @@ -82,33 +82,56 @@ register_net_stats() { ts::Metrics &intm = ts::Metrics::getInstance(); - net_rsb.accepts_currently_open = intm.newMetricPtr("proxy.process.net.accepts_currently_open"); - net_rsb.calls_to_read = intm.newMetricPtr("proxy.process.net.calls_to_read"); - net_rsb.calls_to_read_nodata = intm.newMetricPtr("proxy.process.net.calls_to_read_nodata"); - net_rsb.calls_to_readfromnet = intm.newMetricPtr("proxy.process.net.calls_to_readfromnet"); - net_rsb.calls_to_write = intm.newMetricPtr("proxy.process.net.calls_to_write"); - net_rsb.calls_to_write_nodata = intm.newMetricPtr("proxy.process.net.calls_to_write_nodata"); - net_rsb.calls_to_writetonet = intm.newMetricPtr("proxy.process.net.calls_to_writetonet"); - net_rsb.connections_currently_open = intm.newMetricPtr("proxy.process.net.connections_currently_open"); - net_rsb.connections_throttled_in = intm.newMetricPtr("proxy.process.net.connections_throttled_in"); - net_rsb.connections_throttled_out = intm.newMetricPtr("proxy.process.net.connections_throttled_out"); - net_rsb.default_inactivity_timeout_applied = intm.newMetricPtr("proxy.process.net.default_inactivity_timeout_applied"); - net_rsb.default_inactivity_timeout_count = intm.newMetricPtr("proxy.process.net.default_inactivity_timeout_count"); - net_rsb.fastopen_attempts = intm.newMetricPtr("proxy.process.net.fastopen_out.attempts"); - net_rsb.fastopen_successes = intm.newMetricPtr("proxy.process.net.fastopen_out.successes"); - net_rsb.handler_run = intm.newMetricPtr("proxy.process.net.net_handler_run"); - net_rsb.inactivity_cop_lock_acquire_failure = intm.newMetricPtr("proxy.process.net.inactivity_cop_lock_acquire_failure"); - net_rsb.keep_alive_queue_timeout_count = intm.newMetricPtr("proxy.process.net.dynamic_keep_alive_timeout_in_count"); - net_rsb.keep_alive_queue_timeout_total = intm.newMetricPtr("proxy.process.net.dynamic_keep_alive_timeout_in_total"); - net_rsb.read_bytes = intm.newMetricPtr("proxy.process.net.read_bytes"); - net_rsb.read_bytes_count = intm.newMetricPtr("proxy.process.net.read_bytes_count"); - net_rsb.requests_max_throttled_in = intm.newMetricPtr("proxy.process.net.max.requests_throttled_in"); - net_rsb.socks_connections_currently_open = intm.newMetricPtr("proxy.process.socks.connections_currently_open"); - net_rsb.socks_connections_successful = intm.newMetricPtr("proxy.process.socks.connections_successful"); - net_rsb.socks_connections_unsuccessful = intm.newMetricPtr("proxy.process.socks.connections_unsuccessful"); - net_rsb.tcp_accept = intm.newMetricPtr("proxy.process.tcp.total_accepts"); - net_rsb.write_bytes = intm.newMetricPtr("proxy.process.net.write_bytes"); - net_rsb.write_bytes_count = intm.newMetricPtr("proxy.process.net.write_bytes_count"); + net_rsb.accepts_currently_open = intm.newMetricPtr("proxy.process.net.accepts_currently_open"); + net_rsb.calls_to_read = intm.newMetricPtr("proxy.process.net.calls_to_read"); + net_rsb.calls_to_read_nodata = intm.newMetricPtr("proxy.process.net.calls_to_read_nodata"); + net_rsb.calls_to_readfromnet = intm.newMetricPtr("proxy.process.net.calls_to_readfromnet"); + net_rsb.calls_to_write = intm.newMetricPtr("proxy.process.net.calls_to_write"); + net_rsb.calls_to_write_nodata = intm.newMetricPtr("proxy.process.net.calls_to_write_nodata"); + net_rsb.calls_to_writetonet = intm.newMetricPtr("proxy.process.net.calls_to_writetonet"); + net_rsb.connections_currently_open = intm.newMetricPtr("proxy.process.net.connections_currently_open"); + net_rsb.connections_throttled_in = intm.newMetricPtr("proxy.process.net.connections_throttled_in"); + net_rsb.connections_throttled_out = intm.newMetricPtr("proxy.process.net.connections_throttled_out"); + net_rsb.tunnel_total_client_connections_blind_tcp = intm.newMetricPtr("proxy.process.tunnel.total_client_connections_blind_tcp"); + net_rsb.tunnel_current_client_connections_blind_tcp = + intm.newMetricPtr("proxy.process.tunnel.current_client_connections_blind_tcp"); + net_rsb.tunnel_total_server_connections_blind_tcp = intm.newMetricPtr("proxy.process.tunnel.total_server_connections_blind_tcp"); + net_rsb.tunnel_current_server_connections_blind_tcp = + intm.newMetricPtr("proxy.process.tunnel.current_server_connections_blind_tcp"); + net_rsb.tunnel_total_client_connections_tls_tunnel = + intm.newMetricPtr("proxy.process.tunnel.total_client_connections_tls_tunnel"); + net_rsb.tunnel_current_client_connections_tls_tunnel = + intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_tunnel"); + net_rsb.tunnel_total_client_connections_tls_forward = + intm.newMetricPtr("proxy.process.tunnel.total_client_connections_tls_forward"); + net_rsb.tunnel_current_client_connections_tls_forward = + intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_forward"); + net_rsb.tunnel_total_client_connections_tls_partial_blind = + intm.newMetricPtr("proxy.process.tunnel.total_client_connections_tls_partial_blind"); + net_rsb.tunnel_current_client_connections_tls_partial_blind = + intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_partial_blind"); + net_rsb.tunnel_total_client_connections_tls_http = intm.newMetricPtr("proxy.process.tunnel.total_client_connections_tls_http"); + net_rsb.tunnel_current_client_connections_tls_http = + intm.newMetricPtr("proxy.process.tunnel.current_client_connections_tls_http"); + net_rsb.tunnel_total_server_connections_tls = intm.newMetricPtr("proxy.process.tunnel.total_server_connections_tls"); + net_rsb.tunnel_current_server_connections_tls = intm.newMetricPtr("proxy.process.tunnel.current_server_connections_tls"); + net_rsb.default_inactivity_timeout_applied = intm.newMetricPtr("proxy.process.net.default_inactivity_timeout_applied"); + net_rsb.default_inactivity_timeout_count = intm.newMetricPtr("proxy.process.net.default_inactivity_timeout_count"); + net_rsb.fastopen_attempts = intm.newMetricPtr("proxy.process.net.fastopen_out.attempts"); + net_rsb.fastopen_successes = intm.newMetricPtr("proxy.process.net.fastopen_out.successes"); + net_rsb.handler_run = intm.newMetricPtr("proxy.process.net.net_handler_run"); + net_rsb.inactivity_cop_lock_acquire_failure = intm.newMetricPtr("proxy.process.net.inactivity_cop_lock_acquire_failure"); + net_rsb.keep_alive_queue_timeout_count = intm.newMetricPtr("proxy.process.net.dynamic_keep_alive_timeout_in_count"); + net_rsb.keep_alive_queue_timeout_total = intm.newMetricPtr("proxy.process.net.dynamic_keep_alive_timeout_in_total"); + net_rsb.read_bytes = intm.newMetricPtr("proxy.process.net.read_bytes"); + net_rsb.read_bytes_count = intm.newMetricPtr("proxy.process.net.read_bytes_count"); + net_rsb.requests_max_throttled_in = intm.newMetricPtr("proxy.process.net.max.requests_throttled_in"); + net_rsb.socks_connections_currently_open = intm.newMetricPtr("proxy.process.socks.connections_currently_open"); + net_rsb.socks_connections_successful = intm.newMetricPtr("proxy.process.socks.connections_successful"); + net_rsb.socks_connections_unsuccessful = intm.newMetricPtr("proxy.process.socks.connections_unsuccessful"); + net_rsb.tcp_accept = intm.newMetricPtr("proxy.process.tcp.total_accepts"); + net_rsb.write_bytes = intm.newMetricPtr("proxy.process.net.write_bytes"); + net_rsb.write_bytes_count = intm.newMetricPtr("proxy.process.net.write_bytes_count"); } void diff --git a/iocore/net/P_Net.h b/iocore/net/P_Net.h index 0d0fa0107ea..41798df868b 100644 --- a/iocore/net/P_Net.h +++ b/iocore/net/P_Net.h @@ -58,6 +58,20 @@ struct NetStatsBlock { Metrics::IntType *read_bytes; Metrics::IntType *read_bytes_count; Metrics::IntType *requests_max_throttled_in; + Metrics::IntType *tunnel_total_client_connections_blind_tcp; + Metrics::IntType *tunnel_current_client_connections_blind_tcp; + Metrics::IntType *tunnel_total_server_connections_blind_tcp; + Metrics::IntType *tunnel_current_server_connections_blind_tcp; + Metrics::IntType *tunnel_total_client_connections_tls_tunnel; + Metrics::IntType *tunnel_current_client_connections_tls_tunnel; + Metrics::IntType *tunnel_total_server_connections_tls; + Metrics::IntType *tunnel_current_server_connections_tls; + Metrics::IntType *tunnel_total_client_connections_tls_forward; + Metrics::IntType *tunnel_current_client_connections_tls_forward; + Metrics::IntType *tunnel_total_client_connections_tls_partial_blind; + Metrics::IntType *tunnel_current_client_connections_tls_partial_blind; + Metrics::IntType *tunnel_total_client_connections_tls_http; + Metrics::IntType *tunnel_current_client_connections_tls_http; Metrics::IntType *socks_connections_currently_open; Metrics::IntType *socks_connections_successful; Metrics::IntType *socks_connections_unsuccessful; diff --git a/iocore/net/P_SSLNetVConnection.h b/iocore/net/P_SSLNetVConnection.h index 0b6f4281d5e..8a6d797079d 100644 --- a/iocore/net/P_SSLNetVConnection.h +++ b/iocore/net/P_SSLNetVConnection.h @@ -500,6 +500,9 @@ class SSLNetVConnection : public UnixNetVConnection, ssl_error_t _ssl_write_buffer(const void *buf, int64_t nbytes, int64_t &nwritten); ssl_error_t _ssl_connect(); ssl_error_t _ssl_accept(); + + void _in_context_tunnel() override; + void _out_context_tunnel() override; }; typedef int (SSLNetVConnection::*SSLNetVConnHandler)(int, void *); diff --git a/iocore/net/P_UnixNetVConnection.h b/iocore/net/P_UnixNetVConnection.h index f453d014944..bf75b386e33 100644 --- a/iocore/net/P_UnixNetVConnection.h +++ b/iocore/net/P_UnixNetVConnection.h @@ -44,6 +44,8 @@ struct PollDescriptor; enum tcp_congestion_control_t { CLIENT_SIDE, SERVER_SIDE }; +// WARNING: many or most of the member functions of UnixNetVConnection should only be used when it is instantiated +// directly. They should not be used when UnixNetVConnection is a base class. class UnixNetVConnection : public NetVConnection, public NetEvent { public: @@ -225,10 +227,27 @@ class UnixNetVConnection : public NetVConnection, public NetEvent friend void write_to_net_io(NetHandler *, UnixNetVConnection *, EThread *); + // set_context() should be called before calling this member function. + void mark_as_tunnel_endpoint() override; + + bool + is_tunnel_endpoint() const + { + return _is_tunnel_endpoint; + } + private: virtual void *_prepareForMigration(); virtual NetProcessor *_getNetProcessor(); + bool _is_tunnel_endpoint{false}; + + // Called by make_tunnel_endpiont() when the far end of the TCP connection is the active/client end. + virtual void _in_context_tunnel(); + + // Called by make_tunnel_endpiont() when the far end of the TCP connection is the passive/server end. + virtual void _out_context_tunnel(); + inline static DbgCtl _dbg_ctl_socket{"socket"}; inline static DbgCtl _dbg_ctl_socket_mptcp{"socket_mptcp"}; }; diff --git a/iocore/net/SSLNetVConnection.cc b/iocore/net/SSLNetVConnection.cc index ac68ecf4a0f..aad6b0ad1c9 100644 --- a/iocore/net/SSLNetVConnection.cc +++ b/iocore/net/SSLNetVConnection.cc @@ -1037,6 +1037,29 @@ SSLNetVConnection::free_thread(EThread *t) } con.close(); + if (is_tunnel_endpoint()) { + ink_assert(get_context() != NET_VCONNECTION_UNSET); + + Metrics::decrement(([&]() -> Metrics::IntType * { + if (get_context() == NET_VCONNECTION_IN) { + switch (get_tunnel_type()) { + case SNIRoutingType::BLIND: + return net_rsb.tunnel_current_client_connections_tls_tunnel; + case SNIRoutingType::FORWARD: + return net_rsb.tunnel_current_client_connections_tls_forward; + case SNIRoutingType::PARTIAL_BLIND: + return net_rsb.tunnel_current_client_connections_tls_partial_blind; + default: + return net_rsb.tunnel_current_client_connections_tls_http; + } + } + // NET_VCONNECTION_OUT - Never a tunnel type for out (to server) context. + ink_assert(get_tunnel_type() == SNIRoutingType::NONE); + + return net_rsb.tunnel_current_server_connections_tls; + })()); + } + #if TS_HAS_TLS_EARLY_DATA if (_early_data_reader != nullptr) { _early_data_reader->dealloc(); @@ -1960,6 +1983,47 @@ SSLNetVConnection::populate(Connection &con, Continuation *c, void *arg) return EVENT_DONE; } +void +SSLNetVConnection::_in_context_tunnel() +{ + ink_assert(get_context() == NET_VCONNECTION_IN); + + Metrics::IntType *t, *c; + + switch (get_tunnel_type()) { + case SNIRoutingType::BLIND: + t = net_rsb.tunnel_total_client_connections_tls_tunnel; + c = net_rsb.tunnel_current_client_connections_tls_tunnel; + break; + case SNIRoutingType::FORWARD: + t = net_rsb.tunnel_total_client_connections_tls_forward; + c = net_rsb.tunnel_current_client_connections_tls_forward; + break; + case SNIRoutingType::PARTIAL_BLIND: + t = net_rsb.tunnel_total_client_connections_tls_partial_blind; + c = net_rsb.tunnel_current_client_connections_tls_partial_blind; + break; + default: + t = net_rsb.tunnel_total_client_connections_tls_http; + c = net_rsb.tunnel_current_client_connections_tls_http; + break; + } + Metrics::increment(t); + Metrics::increment(c); +} + +void +SSLNetVConnection::_out_context_tunnel() +{ + ink_assert(get_context() == NET_VCONNECTION_OUT); + + // Never a tunnel type for out (to server) context. + ink_assert(get_tunnel_type() == SNIRoutingType::NONE); + + Metrics::increment(net_rsb.tunnel_total_server_connections_tls); + Metrics::increment(net_rsb.tunnel_current_server_connections_tls); +} + void SSLNetVConnection::increment_ssl_version_metric(int version) const { diff --git a/iocore/net/UnixNetVConnection.cc b/iocore/net/UnixNetVConnection.cc index c97fc70f97f..a8b03640f4b 100644 --- a/iocore/net/UnixNetVConnection.cc +++ b/iocore/net/UnixNetVConnection.cc @@ -1284,6 +1284,8 @@ UnixNetVConnection::clear() void UnixNetVConnection::free_thread(EThread *t) { + Debug("iocore_net", "Entering UnixNetVConnection::free()"); + ink_release_assert(t == this_ethread()); // close socket fd @@ -1292,6 +1294,21 @@ UnixNetVConnection::free_thread(EThread *t) } con.close(); + if (is_tunnel_endpoint()) { + Debug("iocore_net", "Freeing UnixNetVConnection that is tunnel endpoint"); + + Metrics::decrement(([&]() -> Metrics::IntType * { + switch (get_context()) { + case NET_VCONNECTION_IN: + return net_rsb.tunnel_current_client_connections_blind_tcp; + case NET_VCONNECTION_OUT: + return net_rsb.tunnel_current_server_connections_blind_tcp; + default: + ink_release_assert(false); + } + })()); + } + clear(); SET_CONTINUATION_HANDLER(this, &UnixNetVConnection::startEvent); ink_assert(con.fd == NO_FD); @@ -1491,3 +1508,38 @@ UnixNetVConnection::set_tcp_congestion_control(int side) return -1; #endif } + +void +UnixNetVConnection::mark_as_tunnel_endpoint() +{ + Debug("iocore_net", "Entering UnixNetVConnection::mark_as_tunnel_endpoint()"); + + ink_assert(!_is_tunnel_endpoint); + + _is_tunnel_endpoint = true; + + switch (get_context()) { + case NET_VCONNECTION_IN: + _in_context_tunnel(); + break; + case NET_VCONNECTION_OUT: + _out_context_tunnel(); + break; + default: + ink_release_assert(false); + } +} + +void +UnixNetVConnection::_in_context_tunnel() +{ + Metrics::increment(net_rsb.tunnel_total_client_connections_blind_tcp); + Metrics::increment(net_rsb.tunnel_current_client_connections_blind_tcp); +} + +void +UnixNetVConnection::_out_context_tunnel() +{ + Metrics::increment(net_rsb.tunnel_total_server_connections_blind_tcp); + Metrics::increment(net_rsb.tunnel_current_server_connections_blind_tcp); +} diff --git a/proxy/ProxyTransaction.cc b/proxy/ProxyTransaction.cc index 0198cf83615..e92a648c2b0 100644 --- a/proxy/ProxyTransaction.cc +++ b/proxy/ProxyTransaction.cc @@ -276,3 +276,11 @@ void ProxyTransaction::set_close_connection(HTTPHdr &hdr) const { } + +void +ProxyTransaction::mark_as_tunnel_endpoint() +{ + auto nvc = get_netvc(); + ink_assert(nvc != nullptr); + nvc->mark_as_tunnel_endpoint(); +} diff --git a/proxy/ProxyTransaction.h b/proxy/ProxyTransaction.h index 3a8193b5b38..6e04ea9b897 100644 --- a/proxy/ProxyTransaction.h +++ b/proxy/ProxyTransaction.h @@ -136,6 +136,8 @@ class ProxyTransaction : public VConnection bool support_sni() const; + void mark_as_tunnel_endpoint() override; + /// Variables // HttpSessionAccept::Options upstream_outbound_options; // overwritable copy of options diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index 055aca6f97c..6940dd6f62b 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -7216,6 +7216,8 @@ HttpSM::setup_push_transfer_to_cache() void HttpSM::setup_blind_tunnel(bool send_response_hdr, IOBufferReader *initial) { + ink_assert(server_entry->vc != nullptr); + HttpTunnelConsumer *c_ua; HttpTunnelConsumer *c_os; HttpTunnelProducer *p_ua; @@ -7303,6 +7305,9 @@ HttpSM::setup_blind_tunnel(bool send_response_hdr, IOBufferReader *initial) "http server - tunnel"); } + _ua.get_entry()->vc->mark_as_tunnel_endpoint(); + server_entry->vc->mark_as_tunnel_endpoint(); + // Make the tunnel aware that the entries are bi-directional tunnel.chain(c_os, p_os); tunnel.chain(c_ua, p_ua); diff --git a/proxy/http/HttpTransact.h b/proxy/http/HttpTransact.h index f5f1b8c4b14..25756103358 100644 --- a/proxy/http/HttpTransact.h +++ b/proxy/http/HttpTransact.h @@ -753,10 +753,11 @@ class HttpTransact int64_t internal_msg_buffer_size = 0; // out int64_t internal_msg_buffer_fast_allocator_size = -1; - int scheme = -1; // out - int next_hop_scheme = scheme; // out - int orig_scheme = scheme; // pre-mapped scheme - int method = 0; + int scheme = -1; // out + int next_hop_scheme = scheme; // out + int orig_scheme = scheme; // pre-mapped scheme + int method = 0; + bool method_metric_incremented = false; /// The errno associated with a failed connect attempt. /// diff --git a/tests/gold_tests/connect/connect.test.py b/tests/gold_tests/connect/connect.test.py index db3c5c57527..7c914cdd889 100644 --- a/tests/gold_tests/connect/connect.test.py +++ b/tests/gold_tests/connect/connect.test.py @@ -135,7 +135,7 @@ def setupTS(self): self.ts.Disk.records_config.update({ 'proxy.config.diags.debug.enabled': 1, - 'proxy.config.diags.debug.tags': 'http', + 'proxy.config.diags.debug.tags': 'http|iocore_net|rec', 'proxy.config.http.server_ports': f"{self.ts.Variables.port}", 'proxy.config.http.connect_ports': f"{self.server.Variables.http_port}", }) @@ -160,8 +160,43 @@ def runTraffic(self): tr.StillRunningAfter = self.server tr.StillRunningAfter = self.ts + def __testMetrics(self): + tr = Test.AddTestRun("Test metrics") + tr.Processes.Default.Command = ( + f"{Test.Variables.AtsTestToolsDir}/stdout_wait" + + " 'traffic_ctl metric get" + + " proxy.process.http.total_incoming_connections" + + " proxy.process.http.total_client_connections" + + " proxy.process.http.total_client_connections_ipv4" + + " proxy.process.http.total_client_connections_ipv6" + + " proxy.process.http.total_server_connections" + + " proxy.process.http2.total_client_connections" + + " proxy.process.http.connect_requests" + + " proxy.process.tunnel.total_client_connections_blind_tcp" + + " proxy.process.tunnel.current_client_connections_blind_tcp" + + " proxy.process.tunnel.total_server_connections_blind_tcp" + + " proxy.process.tunnel.current_server_connections_blind_tcp" + + " proxy.process.tunnel.total_client_connections_tls_tunnel" + + " proxy.process.tunnel.current_client_connections_tls_tunnel" + + " proxy.process.tunnel.total_client_connections_tls_forward" + + " proxy.process.tunnel.current_client_connections_tls_forward" + + " proxy.process.tunnel.total_client_connections_tls_partial_blind" + + " proxy.process.tunnel.current_client_connections_tls_partial_blind" + + " proxy.process.tunnel.total_client_connections_tls_http" + + " proxy.process.tunnel.current_client_connections_tls_http" + + " proxy.process.tunnel.total_server_connections_tls" + + " proxy.process.tunnel.current_server_connections_tls'" + + f" {Test.TestDirectory}/gold/metrics.gold" + ) + # Need to copy over the environment so traffic_ctl knows where to find the unix domain socket + tr.Processes.Default.Env = self.ts.Env + tr.Processes.Default.ReturnCode = 0 + tr.StillRunningAfter = self.server + tr.StillRunningAfter = self.ts + def run(self): self.runTraffic() + self.__testMetrics() ConnectViaPVTest().run() diff --git a/tests/gold_tests/connect/gold/metrics.gold b/tests/gold_tests/connect/gold/metrics.gold new file mode 100644 index 00000000000..bdbda6443cc --- /dev/null +++ b/tests/gold_tests/connect/gold/metrics.gold @@ -0,0 +1,21 @@ +proxy.process.http.total_incoming_connections 1 +proxy.process.http.total_client_connections 1 +proxy.process.http.total_client_connections_ipv4 1 +proxy.process.http.total_client_connections_ipv6 0 +proxy.process.http.total_server_connections 0 +proxy.process.http2.total_client_connections 0 +proxy.process.http.connect_requests 1 +proxy.process.tunnel.total_client_connections_blind_tcp 1 +proxy.process.tunnel.current_client_connections_blind_tcp 0 +proxy.process.tunnel.total_server_connections_blind_tcp 1 +proxy.process.tunnel.current_server_connections_blind_tcp 0 +proxy.process.tunnel.total_client_connections_tls_tunnel 0 +proxy.process.tunnel.current_client_connections_tls_tunnel 0 +proxy.process.tunnel.total_client_connections_tls_forward 0 +proxy.process.tunnel.current_client_connections_tls_forward 0 +proxy.process.tunnel.total_client_connections_tls_partial_blind 0 +proxy.process.tunnel.current_client_connections_tls_partial_blind 0 +proxy.process.tunnel.total_client_connections_tls_http 0 +proxy.process.tunnel.current_client_connections_tls_http 0 +proxy.process.tunnel.total_server_connections_tls 0 +proxy.process.tunnel.current_server_connections_tls 0 diff --git a/tests/gold_tests/remap/gold/remap-ws-metrics.gold b/tests/gold_tests/remap/gold/remap-ws-metrics.gold new file mode 100644 index 00000000000..cf39c20a91c --- /dev/null +++ b/tests/gold_tests/remap/gold/remap-ws-metrics.gold @@ -0,0 +1,21 @@ +proxy.process.http.total_incoming_connections 3 +proxy.process.http.total_client_connections 3 +proxy.process.http.total_client_connections_ipv4 3 +proxy.process.http.total_client_connections_ipv6 0 +proxy.process.http.total_server_connections 2 +proxy.process.http2.total_client_connections 0 +proxy.process.http.connect_requests 0 +proxy.process.tunnel.total_client_connections_blind_tcp 1 +proxy.process.tunnel.current_client_connections_blind_tcp 0 +proxy.process.tunnel.total_server_connections_blind_tcp 2 +proxy.process.tunnel.current_server_connections_blind_tcp 0 +proxy.process.tunnel.total_client_connections_tls_tunnel 0 +proxy.process.tunnel.current_client_connections_tls_tunnel 0 +proxy.process.tunnel.total_client_connections_tls_forward 0 +proxy.process.tunnel.current_client_connections_tls_forward 0 +proxy.process.tunnel.total_client_connections_tls_partial_blind 0 +proxy.process.tunnel.current_client_connections_tls_partial_blind 0 +proxy.process.tunnel.total_client_connections_tls_http 1 +proxy.process.tunnel.current_client_connections_tls_http 0 +proxy.process.tunnel.total_server_connections_tls 0 +proxy.process.tunnel.current_server_connections_tls 0 diff --git a/tests/gold_tests/remap/remap_ws.test.py b/tests/gold_tests/remap/remap_ws.test.py index f87f797824d..e1b96d3f787 100644 --- a/tests/gold_tests/remap/remap_ws.test.py +++ b/tests/gold_tests/remap/remap_ws.test.py @@ -77,3 +77,37 @@ tr.Processes.Default.Streams.stderr = "gold/remap-ws-upgrade-400.gold" tr.StillRunningAfter = server tr.StillRunningAfter = ts + +# Test metrics +tr = Test.AddTestRun() +tr.Processes.Default.Command = ( + f"{Test.Variables.AtsTestToolsDir}/stdout_wait" + + " 'traffic_ctl metric get" + + " proxy.process.http.total_incoming_connections" + + " proxy.process.http.total_client_connections" + + " proxy.process.http.total_client_connections_ipv4" + + " proxy.process.http.total_client_connections_ipv6" + + " proxy.process.http.total_server_connections" + + " proxy.process.http2.total_client_connections" + + " proxy.process.http.connect_requests" + + " proxy.process.tunnel.total_client_connections_blind_tcp" + + " proxy.process.tunnel.current_client_connections_blind_tcp" + + " proxy.process.tunnel.total_server_connections_blind_tcp" + + " proxy.process.tunnel.current_server_connections_blind_tcp" + + " proxy.process.tunnel.total_client_connections_tls_tunnel" + + " proxy.process.tunnel.current_client_connections_tls_tunnel" + + " proxy.process.tunnel.total_client_connections_tls_forward" + + " proxy.process.tunnel.current_client_connections_tls_forward" + + " proxy.process.tunnel.total_client_connections_tls_partial_blind" + + " proxy.process.tunnel.current_client_connections_tls_partial_blind" + + " proxy.process.tunnel.total_client_connections_tls_http" + + " proxy.process.tunnel.current_client_connections_tls_http" + + " proxy.process.tunnel.total_server_connections_tls" + + " proxy.process.tunnel.current_server_connections_tls'" + + f" {Test.TestDirectory}/gold/remap-ws-metrics.gold" +) +# Need to copy over the environment so traffic_ctl knows where to find the unix domain socket +tr.Processes.Default.Env = ts.Env +tr.Processes.Default.ReturnCode = 0 +tr.StillRunningAfter = server +tr.StillRunningAfter = ts diff --git a/tests/gold_tests/tls/gold/tls-partial-blind-tunnel-metrics.gold b/tests/gold_tests/tls/gold/tls-partial-blind-tunnel-metrics.gold new file mode 100644 index 00000000000..fc8da18b108 --- /dev/null +++ b/tests/gold_tests/tls/gold/tls-partial-blind-tunnel-metrics.gold @@ -0,0 +1,21 @@ +proxy.process.http.total_incoming_connections 1 +proxy.process.http.total_client_connections 1 +proxy.process.http.total_client_connections_ipv4 1 +proxy.process.http.total_client_connections_ipv6 0 +proxy.process.http.total_server_connections 0 +proxy.process.http2.total_client_connections 0 +proxy.process.http.connect_requests 1 +proxy.process.tunnel.total_client_connections_blind_tcp 0 +proxy.process.tunnel.current_client_connections_blind_tcp 0 +proxy.process.tunnel.total_server_connections_blind_tcp 0 +proxy.process.tunnel.current_server_connections_blind_tcp 0 +proxy.process.tunnel.total_client_connections_tls_tunnel 0 +proxy.process.tunnel.current_client_connections_tls_tunnel 0 +proxy.process.tunnel.total_client_connections_tls_forward 0 +proxy.process.tunnel.current_client_connections_tls_forward 0 +proxy.process.tunnel.total_client_connections_tls_partial_blind 1 +proxy.process.tunnel.current_client_connections_tls_partial_blind 0 +proxy.process.tunnel.total_client_connections_tls_http 0 +proxy.process.tunnel.current_client_connections_tls_http 0 +proxy.process.tunnel.total_server_connections_tls 1 +proxy.process.tunnel.current_server_connections_tls 0 diff --git a/tests/gold_tests/tls/gold/tls-tunnel-forward-metrics.gold b/tests/gold_tests/tls/gold/tls-tunnel-forward-metrics.gold new file mode 100644 index 00000000000..025d86c556d --- /dev/null +++ b/tests/gold_tests/tls/gold/tls-tunnel-forward-metrics.gold @@ -0,0 +1,21 @@ +proxy.process.http.total_incoming_connections 3 +proxy.process.http.total_client_connections 3 +proxy.process.http.total_client_connections_ipv4 3 +proxy.process.http.total_client_connections_ipv6 0 +proxy.process.http.total_server_connections 0 +proxy.process.http2.total_client_connections 0 +proxy.process.http.connect_requests 3 +proxy.process.tunnel.total_client_connections_blind_tcp 0 +proxy.process.tunnel.current_client_connections_blind_tcp 0 +proxy.process.tunnel.total_server_connections_blind_tcp 3 +proxy.process.tunnel.current_server_connections_blind_tcp 0 +proxy.process.tunnel.total_client_connections_tls_tunnel 1 +proxy.process.tunnel.current_client_connections_tls_tunnel 0 +proxy.process.tunnel.total_client_connections_tls_forward 2 +proxy.process.tunnel.current_client_connections_tls_forward 0 +proxy.process.tunnel.total_client_connections_tls_partial_blind 0 +proxy.process.tunnel.current_client_connections_tls_partial_blind 0 +proxy.process.tunnel.total_client_connections_tls_http 0 +proxy.process.tunnel.current_client_connections_tls_http 0 +proxy.process.tunnel.total_server_connections_tls 0 +proxy.process.tunnel.current_server_connections_tls 0 diff --git a/tests/gold_tests/tls/gold/tls-tunnel-metrics.gold b/tests/gold_tests/tls/gold/tls-tunnel-metrics.gold index 081b4cfad7d..b75ecc1cac0 100644 --- a/tests/gold_tests/tls/gold/tls-tunnel-metrics.gold +++ b/tests/gold_tests/tls/gold/tls-tunnel-metrics.gold @@ -5,3 +5,17 @@ proxy.process.http.total_client_connections_ipv6 0 proxy.process.http.total_server_connections 0 proxy.process.http2.total_client_connections 2 proxy.process.http.connect_requests 10 +proxy.process.tunnel.total_client_connections_blind_tcp 0 +proxy.process.tunnel.current_client_connections_blind_tcp 0 +proxy.process.tunnel.total_server_connections_blind_tcp 8 +proxy.process.tunnel.current_server_connections_blind_tcp 0 +proxy.process.tunnel.total_client_connections_tls_tunnel 8 +proxy.process.tunnel.current_client_connections_tls_tunnel 0 +proxy.process.tunnel.total_client_connections_tls_forward 0 +proxy.process.tunnel.current_client_connections_tls_forward 0 +proxy.process.tunnel.total_client_connections_tls_partial_blind 0 +proxy.process.tunnel.current_client_connections_tls_partial_blind 0 +proxy.process.tunnel.total_client_connections_tls_http 0 +proxy.process.tunnel.current_client_connections_tls_http 0 +proxy.process.tunnel.total_server_connections_tls 0 +proxy.process.tunnel.current_server_connections_tls 0 diff --git a/tests/gold_tests/tls/tls_partial_blind_tunnel.test.py b/tests/gold_tests/tls/tls_partial_blind_tunnel.test.py index 021eae88859..44f14fca33f 100644 --- a/tests/gold_tests/tls/tls_partial_blind_tunnel.test.py +++ b/tests/gold_tests/tls/tls_partial_blind_tunnel.test.py @@ -74,3 +74,35 @@ "Should not try to remap on Traffic Server") tr.Processes.Default.Streams.All += Testers.ContainsExpression("HTTP/1.1 200 OK", "Should get a successful response") tr.Processes.Default.Streams.All += Testers.ContainsExpression("ok bar", "Body is expected") + +tr = Test.AddTestRun("Test Metrics") +tr.Processes.Default.Command = ( + f"{Test.Variables.AtsTestToolsDir}/stdout_wait" + + " 'traffic_ctl metric get" + + " proxy.process.http.total_incoming_connections" + + " proxy.process.http.total_client_connections" + + " proxy.process.http.total_client_connections_ipv4" + + " proxy.process.http.total_client_connections_ipv6" + + " proxy.process.http.total_server_connections" + + " proxy.process.http2.total_client_connections" + + " proxy.process.http.connect_requests" + + " proxy.process.tunnel.total_client_connections_blind_tcp" + + " proxy.process.tunnel.current_client_connections_blind_tcp" + + " proxy.process.tunnel.total_server_connections_blind_tcp" + + " proxy.process.tunnel.current_server_connections_blind_tcp" + + " proxy.process.tunnel.total_client_connections_tls_tunnel" + + " proxy.process.tunnel.current_client_connections_tls_tunnel" + + " proxy.process.tunnel.total_client_connections_tls_forward" + + " proxy.process.tunnel.current_client_connections_tls_forward" + + " proxy.process.tunnel.total_client_connections_tls_partial_blind" + + " proxy.process.tunnel.current_client_connections_tls_partial_blind" + + " proxy.process.tunnel.total_client_connections_tls_http" + + " proxy.process.tunnel.current_client_connections_tls_http" + + " proxy.process.tunnel.total_server_connections_tls" + + " proxy.process.tunnel.current_server_connections_tls'" + + f" {Test.TestDirectory}/gold/tls-partial-blind-tunnel-metrics.gold" +) +# Need to copy over the environment so traffic_ctl knows where to find the unix domain socket +tr.Processes.Default.Env = ts.Env +tr.Processes.Default.ReturnCode = 0 +tr.StillRunningAfter = ts diff --git a/tests/gold_tests/tls/tls_tunnel.test.py b/tests/gold_tests/tls/tls_tunnel.test.py index 938ee27b74a..a76dcf8c20b 100644 --- a/tests/gold_tests/tls/tls_tunnel.test.py +++ b/tests/gold_tests/tls/tls_tunnel.test.py @@ -337,7 +337,21 @@ " proxy.process.http.total_client_connections_ipv6" + " proxy.process.http.total_server_connections" + " proxy.process.http2.total_client_connections" + - " proxy.process.http.connect_requests'" + + " proxy.process.http.connect_requests" + + " proxy.process.tunnel.total_client_connections_blind_tcp" + + " proxy.process.tunnel.current_client_connections_blind_tcp" + + " proxy.process.tunnel.total_server_connections_blind_tcp" + + " proxy.process.tunnel.current_server_connections_blind_tcp" + + " proxy.process.tunnel.total_client_connections_tls_tunnel" + + " proxy.process.tunnel.current_client_connections_tls_tunnel" + + " proxy.process.tunnel.total_client_connections_tls_forward" + + " proxy.process.tunnel.current_client_connections_tls_forward" + + " proxy.process.tunnel.total_client_connections_tls_partial_blind" + + " proxy.process.tunnel.current_client_connections_tls_partial_blind" + + " proxy.process.tunnel.total_client_connections_tls_http" + + " proxy.process.tunnel.current_client_connections_tls_http" + + " proxy.process.tunnel.total_server_connections_tls" + + " proxy.process.tunnel.current_server_connections_tls'" + f" {Test.TestDirectory}/gold/tls-tunnel-metrics.gold" ) # Need to copy over the environment so traffic_ctl knows where to find the unix domain socket diff --git a/tests/gold_tests/tls/tls_tunnel_forward.test.py b/tests/gold_tests/tls/tls_tunnel_forward.test.py index d82b92a07b4..bd2417eaf86 100644 --- a/tests/gold_tests/tls/tls_tunnel_forward.test.py +++ b/tests/gold_tests/tls/tls_tunnel_forward.test.py @@ -122,3 +122,35 @@ tr3.Processes.Default.Streams.All += Testers.ContainsExpression("CN=foo.com", "Should TLS terminate on Traffic Server") tr3.Processes.Default.Streams.All += Testers.ContainsExpression("HTTP/1.1 200 OK", "Should get a successful response") tr3.Processes.Default.Streams.All += Testers.ContainsExpression("ok random", "Body is expected") + +tr = Test.AddTestRun("Test Metrics") +tr.Processes.Default.Command = ( + f"{Test.Variables.AtsTestToolsDir}/stdout_wait" + + " 'traffic_ctl metric get" + + " proxy.process.http.total_incoming_connections" + + " proxy.process.http.total_client_connections" + + " proxy.process.http.total_client_connections_ipv4" + + " proxy.process.http.total_client_connections_ipv6" + + " proxy.process.http.total_server_connections" + + " proxy.process.http2.total_client_connections" + + " proxy.process.http.connect_requests" + + " proxy.process.tunnel.total_client_connections_blind_tcp" + + " proxy.process.tunnel.current_client_connections_blind_tcp" + + " proxy.process.tunnel.total_server_connections_blind_tcp" + + " proxy.process.tunnel.current_server_connections_blind_tcp" + + " proxy.process.tunnel.total_client_connections_tls_tunnel" + + " proxy.process.tunnel.current_client_connections_tls_tunnel" + + " proxy.process.tunnel.total_client_connections_tls_forward" + + " proxy.process.tunnel.current_client_connections_tls_forward" + + " proxy.process.tunnel.total_client_connections_tls_partial_blind" + + " proxy.process.tunnel.current_client_connections_tls_partial_blind" + + " proxy.process.tunnel.total_client_connections_tls_http" + + " proxy.process.tunnel.current_client_connections_tls_http" + + " proxy.process.tunnel.total_server_connections_tls" + + " proxy.process.tunnel.current_server_connections_tls'" + + f" {Test.TestDirectory}/gold/tls-tunnel-forward-metrics.gold" +) +# Need to copy over the environment so traffic_ctl knows where to find the unix domain socket +tr.Processes.Default.Env = ts.Env +tr.Processes.Default.ReturnCode = 0 +tr.StillRunningAfter = ts