Page MenuHomeFreeBSD
Differential D35886

modify rpc.tlsservd so that it can optionally run multiple daemons
ClosedPublic
Actions

Authored by rmacklem on Jul 24 2022, 2:11 AM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Nov 12, 11:56 AM
Unknown Object (File)
Wed, Oct 30, 9:21 PM
Unknown Object (File)
Oct 2 2024, 11:06 PM
Unknown Object (File)
Sep 27 2024, 1:20 AM
Unknown Object (File)
Sep 25 2024, 4:41 PM
Unknown Object (File)
Sep 25 2024, 4:41 PM
Unknown Object (File)
Sep 25 2024, 4:41 PM
Unknown Object (File)
Sep 25 2024, 4:41 PM
View All 65 Files
Subscribers
imp

Details

Reviewers
emaste
karels
Commits
rG1e588a9ceb36: rpc.tlsservd: Add an option to run multiple daemons
Summary

During discussions with someone that was doing NFS-over-TLS
development for Solaris, we had a concern that the server might
become overloaded after rebooting, due to a large number of
TLS handshake requests from clients.

To alleviate this potential problem, this patch modifies rpc.tlsservd
so that it supports the "-N/--numdaemons" command line option,
which specifies that up to RPCTLS_SRV_MAXNPROCS (currently defined
as 16 in the patch) may be started.

When there are multiple daemons, one is selected by the patched kernel
in a round-robin fashion, to serve a TLS handshake request.

in order to share the load,

Test Plan

Has been tested with a modified FreeBSD kernel for both
the default case of 1 daemon and with multiple daemons.

I am not capable of testing a heavy client NFS-over-TLS
load.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

rmacklem created this revision.Jul 24 2022, 2:11 AM
Herald added a subscriber: imp. · View Herald TranscriptJul 24 2022, 2:11 AM
rmacklem requested review of this revision.Jul 24 2022, 2:11 AM
rmacklem added a comment.Jul 24 2022, 10:39 PM

Oh, and I forgot to mention that I will do the
man page update as a separate review/commit.

emaste added inline comments.Aug 16 2022, 1:37 AM
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
193–194

perhaps asprintf()? it takes care of the malloc for you

225–226

IMO line splitting after the || makes it more clear (even if style(9) suggests the current form)

if (rpctls_procs < 1 || 
    rpctls_procs > RPCTLS_SRV_MAXNPROCS)
rmacklem updated this revision to Diff 109567.Aug 19 2022, 8:40 PM

Includes the two minor changes suggested by emaste@.

rmacklem marked 2 inline comments as done.Aug 19 2022, 8:41 PM
rmacklem mentioned this in rG564ed8e806e7: nfsd: Allow multiple instances of rpc.tlsservd.Aug 22 2022, 8:56 PM
rmacklem added a reviewer: karels.Sep 24 2022, 12:04 AM

Hi Mike,

I thought you might be willing to take a look
at this one. Ed hasn't been able to check the
use of the signals when daemonizing, which
is the main area I'm wondering about?

karels added a comment.Sep 24 2022, 12:45 AM

I skimmed it now, will review more carefully tomorrow.

karels added a comment.Sep 24 2022, 1:28 PM

Two questions: (1) Why did you change the shutdown signal from SIGTERM to SIGUSR1? And (2) why do a shutdown on a SIGCHLD? That would mean that killing one of the workers would make all the instances go. away.

rmacklem added a comment.Sep 24 2022, 11:33 PM

I'll answer #2 first.
The kernel assigns TCP connections to the daemons
in a round-robin fashion. Therefore, when one server
daemon has failed, some mounts will work and others
will not.

My feeling was that this would be confusing for sysadmins
and it would be better to have the daemons all go away,
which the sysadmin can easily see via ps(1).

For #1, I can only say "tradition". The code was cloned
from nfsuserd.c and then modified. It seems to have inherited using
SIGUSR1 from nfsd.c.
Why?
I can't think of a good reason for using SIGUSR1 instead
of SIGTERM, but nfsd.c has been doing so for, I would
guess, decades.

If you think using SIGTERM would be better, I can try
modifying the code and, assuming it works, replace
the patch here. What do you think?

rmacklem updated this revision to Diff 110933.Sep 25 2022, 12:28 AM

This version of the patch is fixed so that SIGCHLD does
actually terminate all the daemons. (The unblocking of
SIGCHLD was missing in the previous version.)

I also added handling of SIGCHLD being posted to a
child/server daemon. This should never happen, but
I thought it was safer to add code to handle this case.

karels added a comment.Oct 1 2022, 3:04 PM

Sorry, I had lost track of this review.

I don't see the definition of RPCTLS_SRV_MAXNPROCS. Is there a header missing, or is it elsewhere?

I don't see any problem using SIGTERM, just replacing all instances of SIGUSR1 with SIGTERM and removing the current SIG_IGN of SIGTERM. That would seem more conventional and expected. Then "kill $master" would work as expected. Granted, "service tlssrvd stop" is more correct. What do you think?

Otherwise seems OK. I'm a little nervous that the wait call doesn't check for errors, but I can't think of a scenario where it would actually be a problem.

rmacklem updated this revision to Diff 111313.Oct 1 2022, 10:51 PM

Change the termination signal to SIGTERM, as suggested
by karels@.

RPCTLS_SRV_MAXNPROCS is defined in sys/rpc/rpcsec_tls.h,
which gets installed in /usr/include/rpc/rpcsec_tls.h.
(The kernel changes are already in main, done by a previous
commit.)

Thanks for looking at it, Mike.

karels accepted this revision.Oct 2 2022, 1:26 AM

Thanks for switching to SIGTERM, I like this better.

This revision is now accepted and ready to land.Oct 2 2022, 1:26 AM
Closed by commit rG1e588a9ceb36: rpc.tlsservd: Add an option to run multiple daemons (authored by rmacklem). · Explain WhyOct 8 2022, 11:08 PM
This revision was automatically updated to reflect the committed changes.
rmacklem added a commit: rG1e588a9ceb36: rpc.tlsservd: Add an option to run multiple daemons.

Revision Contents
Changeset List

PathSize
usr.sbin/
rpc.tlsservd/
110 lines

Diff 111587

View Options

usr.sbin/rpc.tlsservd/rpc.tlsservd.c

Loading...