From ba47141fd20182c1d38396403f2821f9d557dc94 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Wed, 1 Apr 2026 09:10:05 -0400 Subject: [PATCH 01/71] Build for ubuntu noble --- script/Dockerfile.noble | 38 ++++++++++++++++++++++++++++ script/cibuild-create-packages-noble | 28 ++++++++++++++++++++ 2 files changed, 66 insertions(+) create mode 100644 script/Dockerfile.noble create mode 100755 script/cibuild-create-packages-noble diff --git a/script/Dockerfile.noble b/script/Dockerfile.noble new file mode 100644 index 00000000..5c28ec69 --- /dev/null +++ b/script/Dockerfile.noble @@ -0,0 +1,38 @@ +FROM ubuntu:noble + +RUN apt-get update && apt-get -y install curl git + +# DPDK +RUN echo "deb http://dk.archive.ubuntu.com/ubuntu/ noble main universe" >> /etc/apt/sources.list +ARG DEBIAN_FRONTEND=noninteractive +RUN apt-get update && apt-get install -y build-essential dpdk=17.11.1-6 dpdk-dev=17.11.1-6 libdpdk-dev=17.11.1-6 wget pkg-config libjansson-dev libsystemd-dev + +# iptables / DKMS +ARG DEBIAN_FRONTEND=noninteractive +RUN apt-get update && apt-get install -y -f wget pkg-config libsystemd-dev dkms debhelper libxtables-dev + +# golang +RUN wget --quiet https://golang.org/dl/go1.24.5.linux-amd64.tar.gz -O- | tar -C /usr/local -zxvf - +ENV GOROOT /usr/local/go +ENV GOPATH /go +ENV PATH="${GOPATH}/bin:${GOROOT}/bin:${PATH}" + +# fpm for packaging +RUN apt-get update && apt-get install -y ruby ruby-dev rubygems build-essential + +# See fpm dependency breakage issue: https://github.com/jordansissel/fpm/issues/1918 +RUN gem install --version 2.7.6 dotenv +RUN gem install ffi -f +RUN gem install rake fpm + +# XDP +# linux-libc-dev must be upgraded to get a bpf.h that matches what we use. the rest match what we do in Vagrant for testing. +RUN apt-get update && apt install -y apt-transport-https curl software-properties-common +RUN apt-get update && apt install -y iproute2 libbpf-dev linux-libc-dev clang-10 + +# Hack because the kernel headers are not installed in the right place (linuxkit vs generic) +RUN ln -s /usr/src/$(ls /usr/src/ | grep generic) /usr/src/linux-headers-$(uname -r) + +# Hack for C99 math +RUN sed -i '1s/^/#define __USE_C99_MATH\n/' /usr/src/$(ls /usr/src/ | grep generic)/include/linux/kasan-checks.h +RUN sed -i '2s/^/#include \n/' /usr/src/$(ls /usr/src/ | grep generic)/include/linux/kasan-checks.h diff --git a/script/cibuild-create-packages-noble b/script/cibuild-create-packages-noble new file mode 100755 index 00000000..b32e963a --- /dev/null +++ b/script/cibuild-create-packages-noble @@ -0,0 +1,28 @@ +#!/bin/bash + +set -e + +HOSTPATH=$(cd $(dirname "$0") && cd .. && pwd) +cd "$(dirname "$0")/.." + +. script/helpers/folding.sh + +begin_fold "Preparing Docker build environment" +( + docker build -t glb-director-build-noble -f script/Dockerfile.noble script +) +end_fold + +begin_fold "Building packages" +( + # prep + rm -rf tmp/build/ + mkdir -p tmp/build/ + + docker run --rm \ + --volume "$HOSTPATH":/glb-director \ + "glb-director-build-noble" \ + bash -c "cd /glb-director && + make BUILDDIR=/glb-director/tmp/build clean mkdeb" +) +end_fold From 61b6fd611e60bc6298b4785e8bddc01c594fdd1f Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Fri, 8 May 2026 14:39:40 -0400 Subject: [PATCH 02/71] Use CI --- .github/workflows/ci.yml | 33 +++++++++++++++------------- script/Dockerfile.noble | 23 +++++++++++++++---- script/cibuild-create-packages | 9 ++++++-- script/cibuild-create-packages-focal | 28 ----------------------- script/cibuild-create-packages-noble | 28 ----------------------- 5 files changed, 44 insertions(+), 77 deletions(-) delete mode 100755 script/cibuild-create-packages-focal delete mode 100755 script/cibuild-create-packages-noble diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6fd9001d..c704323a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -5,19 +5,22 @@ on: [push] permissions: contents: read +# These deploy artifacts are only for testing. +# The production versions are built by https://github.com/github/brew2deb/blob/main/packages/glb-director/formula.rb and deployed with puppet. jobs: - package-build: - - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v6 - - name: Run package build focal - run: script/cibuild-create-packages-focal - - name: Tar files - run: tar -cvf glb-director.tar $GITHUB_WORKSPACE/tmp/build - - name: Upload Artifact - uses: actions/upload-artifact@v6 - with: - name: glb-director - path: glb-director.tar \ No newline at end of file + default-simple: + name: ${{ matrix.ci_job.job }} + strategy: + fail-fast: false + matrix: + ci_job: [ + {'job': 'build-tarball-focal', 'cibuild_script': 'script/cibuild-create-package focal'}, + {'job': 'build-tarball-noble', 'cibuild_script': 'script/cibuild-create-package noble'} + ] + uses: github/internal-actions/.github/workflows/default_simple.yml@main + with: + cibuild-script: 'script/${{ matrix.ci_job.cibuild_script }}' + ci-formatted-job-name: ${{ matrix.ci_job.job }} + secrets: + dx-bot-token: ${{ secrets.INTERNAL_ACTIONS_DX_BOT_ACCOUNT_TOKEN }} + datadog-api-key: ${{ secrets.DATADOG_API_KEY }} diff --git a/script/Dockerfile.noble b/script/Dockerfile.noble index 5c28ec69..35139b1a 100644 --- a/script/Dockerfile.noble +++ b/script/Dockerfile.noble @@ -3,13 +3,28 @@ FROM ubuntu:noble RUN apt-get update && apt-get -y install curl git # DPDK -RUN echo "deb http://dk.archive.ubuntu.com/ubuntu/ noble main universe" >> /etc/apt/sources.list ARG DEBIAN_FRONTEND=noninteractive -RUN apt-get update && apt-get install -y build-essential dpdk=17.11.1-6 dpdk-dev=17.11.1-6 libdpdk-dev=17.11.1-6 wget pkg-config libjansson-dev libsystemd-dev +RUN apt-get update +RUN apt-get install --assume-yes \ + build-essential \ + dpdk=23.11.4-0ubuntu0.24.04.2 \ + dpdk-dev=23.11.4-0ubuntu0.24.04.2 \ + libdpdk-dev=23.11.4-0ubuntu0.24.04.2 \ + wget \ + pkg-config \ + libjansson-dev \ + libsystemd-dev # iptables / DKMS ARG DEBIAN_FRONTEND=noninteractive -RUN apt-get update && apt-get install -y -f wget pkg-config libsystemd-dev dkms debhelper libxtables-dev +RUN apt-get update +RUN apt-get install --assume-yes --fix-broken \ + wget \ + pkg-config \ + libsystemd-dev \ + dkms \ + debhelper \ + libxtables-dev # golang RUN wget --quiet https://golang.org/dl/go1.24.5.linux-amd64.tar.gz -O- | tar -C /usr/local -zxvf - @@ -28,7 +43,7 @@ RUN gem install rake fpm # XDP # linux-libc-dev must be upgraded to get a bpf.h that matches what we use. the rest match what we do in Vagrant for testing. RUN apt-get update && apt install -y apt-transport-https curl software-properties-common -RUN apt-get update && apt install -y iproute2 libbpf-dev linux-libc-dev clang-10 +RUN apt-get update && apt install -y iproute2 libbpf-dev linux-libc-dev clang-20 # Hack because the kernel headers are not installed in the right place (linuxkit vs generic) RUN ln -s /usr/src/$(ls /usr/src/ | grep generic) /usr/src/linux-headers-$(uname -r) diff --git a/script/cibuild-create-packages b/script/cibuild-create-packages index 8cf9fa34..6014ed0e 100755 --- a/script/cibuild-create-packages +++ b/script/cibuild-create-packages @@ -7,9 +7,14 @@ cd "$(dirname "$0")/.." . script/helpers/folding.sh +DISTRO="$1" +if [ -z "$DISTRO" ]; then + DISTRO="focal" +fi + begin_fold "Preparing Docker build environment" ( - docker build -t glb-director-build-stretch -f script/Dockerfile.stretch script + docker build -t glb-director-build-stretch -f "script/Dockerfile.$DISTRO" script ) end_fold @@ -21,7 +26,7 @@ begin_fold "Building packages" docker run --rm \ --volume "$HOSTPATH":/glb-director \ - "glb-director-build-stretch" \ + "glb-director-build-$DISTRO" \ bash -c "cd /glb-director && make BUILDDIR=/glb-director/tmp/build clean mkdeb" ) diff --git a/script/cibuild-create-packages-focal b/script/cibuild-create-packages-focal deleted file mode 100755 index adc26467..00000000 --- a/script/cibuild-create-packages-focal +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash - -set -e - -HOSTPATH=$(cd $(dirname "$0") && cd .. && pwd) -cd "$(dirname "$0")/.." - -. script/helpers/folding.sh - -begin_fold "Preparing Docker build environment" -( - docker build -t glb-director-build-focal -f script/Dockerfile.focal script -) -end_fold - -begin_fold "Building packages" -( - # prep - rm -rf tmp/build/ - mkdir -p tmp/build/ - - docker run --rm \ - --volume "$HOSTPATH":/glb-director \ - "glb-director-build-focal" \ - bash -c "cd /glb-director && - make BUILDDIR=/glb-director/tmp/build clean mkdeb" -) -end_fold diff --git a/script/cibuild-create-packages-noble b/script/cibuild-create-packages-noble deleted file mode 100755 index b32e963a..00000000 --- a/script/cibuild-create-packages-noble +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash - -set -e - -HOSTPATH=$(cd $(dirname "$0") && cd .. && pwd) -cd "$(dirname "$0")/.." - -. script/helpers/folding.sh - -begin_fold "Preparing Docker build environment" -( - docker build -t glb-director-build-noble -f script/Dockerfile.noble script -) -end_fold - -begin_fold "Building packages" -( - # prep - rm -rf tmp/build/ - mkdir -p tmp/build/ - - docker run --rm \ - --volume "$HOSTPATH":/glb-director \ - "glb-director-build-noble" \ - bash -c "cd /glb-director && - make BUILDDIR=/glb-director/tmp/build clean mkdeb" -) -end_fold From b64e8c252aef02e8b50a6c108db7c60f48fedf35 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Fri, 8 May 2026 14:45:17 -0400 Subject: [PATCH 03/71] permissions --- .github/workflows/ci.yml | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c704323a..d71f8d3a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,6 +1,13 @@ +--- name: ci -on: [push] +"on": + workflow_dispatch: + push: + branches-ignore: + - "gh-readonly-queue/**" + merge_group: + types: [checks_requested] permissions: contents: read @@ -24,3 +31,11 @@ jobs: secrets: dx-bot-token: ${{ secrets.INTERNAL_ACTIONS_DX_BOT_ACCOUNT_TOKEN }} datadog-api-key: ${{ secrets.DATADOG_API_KEY }} + +permissions: + attestations: write + actions: read + checks: read + contents: read + statuses: read + id-token: write From 8c5d57428cdc07c4aa391baff368d2362ea2ef59 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Fri, 8 May 2026 14:46:08 -0400 Subject: [PATCH 04/71] Dedupe --- .github/workflows/ci.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d71f8d3a..ea956056 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,9 +9,6 @@ name: ci merge_group: types: [checks_requested] -permissions: - contents: read - # These deploy artifacts are only for testing. # The production versions are built by https://github.com/github/brew2deb/blob/main/packages/glb-director/formula.rb and deployed with puppet. jobs: From 7bfb9eea244feb5ad50e15c900f67d7cc1bcaf28 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Fri, 8 May 2026 15:03:56 -0400 Subject: [PATCH 05/71] syntax --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ea956056..928d7150 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,12 +18,12 @@ jobs: fail-fast: false matrix: ci_job: [ - {'job': 'build-tarball-focal', 'cibuild_script': 'script/cibuild-create-package focal'}, - {'job': 'build-tarball-noble', 'cibuild_script': 'script/cibuild-create-package noble'} + {'job': 'build-tarball-focal', 'cibuild_script': 'script/cibuild-create-packages focal'}, + {'job': 'build-tarball-noble', 'cibuild_script': 'script/cibuild-create-packages noble'} ] uses: github/internal-actions/.github/workflows/default_simple.yml@main with: - cibuild-script: 'script/${{ matrix.ci_job.cibuild_script }}' + cibuild-script: ${{ matrix.ci_job.cibuild_script }} ci-formatted-job-name: ${{ matrix.ci_job.job }} secrets: dx-bot-token: ${{ secrets.INTERNAL_ACTIONS_DX_BOT_ACCOUNT_TOKEN }} From 38726d9f14cab4421708089caff89cf6db94ef3f Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Wed, 13 May 2026 16:38:02 -0400 Subject: [PATCH 06/71] Create a new test.yml --- .github/workflows/ci.yml | 51 ++++++++++++++------------------------ .github/workflows/test.yml | 0 2 files changed, 18 insertions(+), 33 deletions(-) create mode 100644 .github/workflows/test.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 928d7150..6fd9001d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,38 +1,23 @@ ---- name: ci -"on": - workflow_dispatch: - push: - branches-ignore: - - "gh-readonly-queue/**" - merge_group: - types: [checks_requested] - -# These deploy artifacts are only for testing. -# The production versions are built by https://github.com/github/brew2deb/blob/main/packages/glb-director/formula.rb and deployed with puppet. -jobs: - default-simple: - name: ${{ matrix.ci_job.job }} - strategy: - fail-fast: false - matrix: - ci_job: [ - {'job': 'build-tarball-focal', 'cibuild_script': 'script/cibuild-create-packages focal'}, - {'job': 'build-tarball-noble', 'cibuild_script': 'script/cibuild-create-packages noble'} - ] - uses: github/internal-actions/.github/workflows/default_simple.yml@main - with: - cibuild-script: ${{ matrix.ci_job.cibuild_script }} - ci-formatted-job-name: ${{ matrix.ci_job.job }} - secrets: - dx-bot-token: ${{ secrets.INTERNAL_ACTIONS_DX_BOT_ACCOUNT_TOKEN }} - datadog-api-key: ${{ secrets.DATADOG_API_KEY }} +on: [push] permissions: - attestations: write - actions: read - checks: read contents: read - statuses: read - id-token: write + +jobs: + package-build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v6 + - name: Run package build focal + run: script/cibuild-create-packages-focal + - name: Tar files + run: tar -cvf glb-director.tar $GITHUB_WORKSPACE/tmp/build + - name: Upload Artifact + uses: actions/upload-artifact@v6 + with: + name: glb-director + path: glb-director.tar \ No newline at end of file diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000..e69de29b From 7a3b3d38146b74d19fe0619186049f0cab717c53 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Wed, 13 May 2026 16:41:15 -0400 Subject: [PATCH 07/71] Revision --- .github/workflows/test.yml | 68 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index e69de29b..f518b036 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -0,0 +1,68 @@ +name: Tests + +on: + push: + branches: + - main + - master + pull_request: + branches: + - main + - master + +jobs: + build-images: + runs-on: ubuntu-latest + strategy: + matrix: + dockerfile: [dockerfile.noble, dockerfile.focal] + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Build image + run: | + IMAGE_TAG=$(echo ${{ matrix.dockerfile }} | sed 's/dockerfile./glb-director-/') + docker build -f ${{ matrix.dockerfile }} -t ${IMAGE_TAG}:latest . + docker save ${IMAGE_TAG}:latest -o ${IMAGE_TAG}.tar + + - name: Upload image artifact + uses: actions/upload-artifact@v3 + with: + name: ${{ matrix.dockerfile }} + path: glb-director-*.tar + retention-days: 1 + + test: + needs: build-images + runs-on: ubuntu-latest + strategy: + matrix: + test-suite: [director, director-xdp, healthcheck, redirect] + dockerfile: [dockerfile.noble, dockerfile.focal] + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Download image artifact + uses: actions/download-artifact@v3 + with: + name: ${{ matrix.dockerfile }} + + - name: Load Docker image + run: | + IMAGE_TAG=$(echo ${{ matrix.dockerfile }} | sed 's/dockerfile./glb-director-/') + docker load -i ${IMAGE_TAG}.tar + + - name: Run test suite in container + run: | + IMAGE_TAG=$(echo ${{ matrix.dockerfile }} | sed 's/dockerfile./glb-director-/') + docker run --rm \ + --privileged \ + -v $(pwd):/workspace \ + -w /workspace \ + ${IMAGE_TAG}:latest \ + bash -c "script/test-glb-${{ matrix.test-suite }}" \ No newline at end of file From 251eb5c6d3498bb6273736705784d7036deaf0c5 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Wed, 13 May 2026 16:46:39 -0400 Subject: [PATCH 08/71] script --- .github/workflows/test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index f518b036..7aa22841 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - dockerfile: [dockerfile.noble, dockerfile.focal] + dockerfile: [script/Dockerfile.noble, script/Dockerfile.focal] steps: - name: Checkout code uses: actions/checkout@v3 @@ -42,7 +42,7 @@ jobs: strategy: matrix: test-suite: [director, director-xdp, healthcheck, redirect] - dockerfile: [dockerfile.noble, dockerfile.focal] + dockerfile: [script/Dockerfile.noble, script/Dockerfile.focal] steps: - name: Checkout code uses: actions/checkout@v3 From 52adba94a95bcf64d93dcacece47751b37e08dd2 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Wed, 13 May 2026 16:48:56 -0400 Subject: [PATCH 09/71] Filename --- .github/workflows/test.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 7aa22841..0cfcd23a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,14 +25,14 @@ jobs: - name: Build image run: | - IMAGE_TAG=$(echo ${{ matrix.dockerfile }} | sed 's/dockerfile./glb-director-/') + IMAGE_TAG=$(basename ${{ matrix.dockerfile }} | sed 's/Dockerfile\./glb-director-/' | tr '[:upper:]' '[:lower:]') docker build -f ${{ matrix.dockerfile }} -t ${IMAGE_TAG}:latest . docker save ${IMAGE_TAG}:latest -o ${IMAGE_TAG}.tar - name: Upload image artifact uses: actions/upload-artifact@v3 with: - name: ${{ matrix.dockerfile }} + name: $(basename ${{ matrix.dockerfile }}) path: glb-director-*.tar retention-days: 1 @@ -50,16 +50,16 @@ jobs: - name: Download image artifact uses: actions/download-artifact@v3 with: - name: ${{ matrix.dockerfile }} + name: $(basename ${{ matrix.dockerfile }}) - name: Load Docker image run: | - IMAGE_TAG=$(echo ${{ matrix.dockerfile }} | sed 's/dockerfile./glb-director-/') + IMAGE_TAG=$(basename ${{ matrix.dockerfile }} | sed 's/Dockerfile\./glb-director-/' | tr '[:upper:]' '[:lower:]') docker load -i ${IMAGE_TAG}.tar - name: Run test suite in container run: | - IMAGE_TAG=$(echo ${{ matrix.dockerfile }} | sed 's/dockerfile./glb-director-/') + IMAGE_TAG=$(basename ${{ matrix.dockerfile }} | sed 's/Dockerfile\./glb-director-/' | tr '[:upper:]' '[:lower:]') docker run --rm \ --privileged \ -v $(pwd):/workspace \ From 2c1d8ba916bca607ba61f450754b9e7e7ba6767c Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Wed, 13 May 2026 16:59:18 -0400 Subject: [PATCH 10/71] Update ci to run twice --- .github/workflows/ci.yml | 15 ++++++++------- .github/workflows/test.yml | 21 +++++++++------------ 2 files changed, 17 insertions(+), 19 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6fd9001d..c3f52451 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,17 +7,18 @@ permissions: jobs: package-build: - runs-on: ubuntu-latest - + strategy: + matrix: + distro: [focal, noble] steps: - uses: actions/checkout@v6 - - name: Run package build focal - run: script/cibuild-create-packages-focal + - name: Run package build ${{ matrix.distro }} + run: script/cibuild-create-packages ${{ matrix.distro }} - name: Tar files - run: tar -cvf glb-director.tar $GITHUB_WORKSPACE/tmp/build + run: tar -cvf glb-director-${{ matrix.distro }}.tar $GITHUB_WORKSPACE/tmp/build - name: Upload Artifact uses: actions/upload-artifact@v6 with: - name: glb-director - path: glb-director.tar \ No newline at end of file + name: glb-director-${{ matrix.distro }} + path: glb-director-${{ matrix.distro }}.tar \ No newline at end of file diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0cfcd23a..78a8604f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - dockerfile: [script/Dockerfile.noble, script/Dockerfile.focal] + distro: [noble, focal] steps: - name: Checkout code uses: actions/checkout@v3 @@ -25,15 +25,14 @@ jobs: - name: Build image run: | - IMAGE_TAG=$(basename ${{ matrix.dockerfile }} | sed 's/Dockerfile\./glb-director-/' | tr '[:upper:]' '[:lower:]') - docker build -f ${{ matrix.dockerfile }} -t ${IMAGE_TAG}:latest . - docker save ${IMAGE_TAG}:latest -o ${IMAGE_TAG}.tar + docker build -f script/Dockerfile.${{ matrix.distro }} -t glb-director-build-${{ matrix.distro }}:latest . + docker save glb-director-build-${{ matrix.distro }}:latest -o glb-director-build-${{ matrix.distro }}.tar - name: Upload image artifact uses: actions/upload-artifact@v3 with: - name: $(basename ${{ matrix.dockerfile }}) - path: glb-director-*.tar + name: glb-director-build-${{ matrix.distro }} + path: glb-director-build-${{ matrix.distro }}.tar retention-days: 1 test: @@ -42,7 +41,7 @@ jobs: strategy: matrix: test-suite: [director, director-xdp, healthcheck, redirect] - dockerfile: [script/Dockerfile.noble, script/Dockerfile.focal] + distro: [noble, focal] steps: - name: Checkout code uses: actions/checkout@v3 @@ -50,19 +49,17 @@ jobs: - name: Download image artifact uses: actions/download-artifact@v3 with: - name: $(basename ${{ matrix.dockerfile }}) + name: glb-director-build-${{ matrix.distro }} - name: Load Docker image run: | - IMAGE_TAG=$(basename ${{ matrix.dockerfile }} | sed 's/Dockerfile\./glb-director-/' | tr '[:upper:]' '[:lower:]') - docker load -i ${IMAGE_TAG}.tar + docker load -i glb-director-build-${{ matrix.distro }}.tar - name: Run test suite in container run: | - IMAGE_TAG=$(basename ${{ matrix.dockerfile }} | sed 's/Dockerfile\./glb-director-/' | tr '[:upper:]' '[:lower:]') docker run --rm \ --privileged \ -v $(pwd):/workspace \ -w /workspace \ - ${IMAGE_TAG}:latest \ + glb-director-build-${{ matrix.distro }}:latest \ bash -c "script/test-glb-${{ matrix.test-suite }}" \ No newline at end of file From 937f3030b444c2ce6e60e2b51693adefd4fa1b74 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Wed, 13 May 2026 17:07:41 -0400 Subject: [PATCH 11/71] Actions format and build correct tag --- script/cibuild-create-packages | 4 ++-- script/helpers/folding.sh | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/script/cibuild-create-packages b/script/cibuild-create-packages index 6014ed0e..e0f3dfd0 100755 --- a/script/cibuild-create-packages +++ b/script/cibuild-create-packages @@ -14,7 +14,7 @@ fi begin_fold "Preparing Docker build environment" ( - docker build -t glb-director-build-stretch -f "script/Dockerfile.$DISTRO" script + docker build -t glb-director-build-$DISTRO -f "script/Dockerfile.$DISTRO" script ) end_fold @@ -30,4 +30,4 @@ begin_fold "Building packages" bash -c "cd /glb-director && make BUILDDIR=/glb-director/tmp/build clean mkdeb" ) -end_fold +end_fold \ No newline at end of file diff --git a/script/helpers/folding.sh b/script/helpers/folding.sh index 0c387304..774bf222 100644 --- a/script/helpers/folding.sh +++ b/script/helpers/folding.sh @@ -1,9 +1,9 @@ #!/bin/bash begin_fold() { - echo "%%%FOLD {$*}%%%" + echo "::group::$*" } end_fold() { - echo "%%%END FOLD%%%" -} + echo "::endgroup::" +} \ No newline at end of file From ef6dbf22c9b661705d8b7dcd31589c8f79789a8f Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Wed, 13 May 2026 17:18:15 -0400 Subject: [PATCH 12/71] Fail-fast and makefile --- .github/workflows/ci.yml | 1 + .github/workflows/test.yml | 1 + src/glb-director/Makefile | 58 ++++++++++++++++++++++++-------------- 3 files changed, 39 insertions(+), 21 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c3f52451..9433cf99 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,6 +9,7 @@ jobs: package-build: runs-on: ubuntu-latest strategy: + fail-fast: false matrix: distro: [focal, noble] steps: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 78a8604f..95c5ff16 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -14,6 +14,7 @@ jobs: build-images: runs-on: ubuntu-latest strategy: + fail-fast: false matrix: distro: [noble, focal] steps: diff --git a/src/glb-director/Makefile b/src/glb-director/Makefile index ae516f31..cd11ab1c 100644 --- a/src/glb-director/Makefile +++ b/src/glb-director/Makefile @@ -30,34 +30,50 @@ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # Default SDK and target, can be overriden by command line or environment +# Check if legacy DPDK build system exists RTE_SDK ?= /usr/share/dpdk RTE_TARGET ?= x86_64-default-linuxapp-gcc -include $(RTE_SDK)/mk/rte.vars.mk +ifeq ($(wildcard $(RTE_SDK)/mk/rte.vars.mk),) + # Modern DPDK - use pkg-config + $(info Using modern DPDK build via pkg-config) + + APP = glb-director + SRCS-y := main.c bind_classifier.c glb_kni.c glb_fwd_config.c \ + glb_encap.c glb_encap_dpdk.c glb_control_loop.c glb_processor_loop.c \ + siphash24.c glb_director_config.c statsd-client.c shared_opt.c -# binary name -APP = glb-director + CFLAGS += $(shell pkg-config --cflags libdpdk) + CFLAGS += -O3 -g -pie -fPIE -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 -fstack-protector-strong + CFLAGS += -DSTATSD -DSYSTEMD + CFLAGS += -I$(SRCDIR)/../ + LDFLAGS += $(shell pkg-config --libs libdpdk) + LDFLAGS += -z relro -z now -ljansson -lsystemd -# all source are stored in SRCS-y -SRCS-y := main.c bind_classifier.c glb_kni.c glb_fwd_config.c \ -glb_encap.c glb_encap_dpdk.c glb_control_loop.c glb_processor_loop.c \ -siphash24.c glb_director_config.c statsd-client.c shared_opt.c + build/app/$(APP): $(SRCS-y) + mkdir -p build/app + $(CC) $(CFLAGS) -o $@ $(SRCS-y) $(LDFLAGS) -#WERROR_FLAGS += -Werror + clean: + rm -rf build -CFLAGS += -O3 -g -CFLAGS += $(WERROR_FLAGS) -CFLAGS += -pie -fPIE -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 -fstack-protector-strong -CFLAGS += -DSTATSD -CFLAGS += -DSYSTEMD -#CFLAGS += -DGLB_DUMP_FULL_PACKET -CFLAGS += -I$(SRCDIR)/../ # for + .PHONY: clean +else + # Legacy DPDK build system + include $(RTE_SDK)/mk/rte.vars.mk + + APP = glb-director + SRCS-y := main.c bind_classifier.c glb_kni.c glb_fwd_config.c \ + glb_encap.c glb_encap_dpdk.c glb_control_loop.c glb_processor_loop.c \ + siphash24.c glb_director_config.c statsd-client.c shared_opt.c -LDFLAGS += -z relro -z now -LDFLAGS += -ljansson -LDFLAGS += -lsystemd + CFLAGS += -O3 -g + CFLAGS += -pie -fPIE -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 -fstack-protector-strong + CFLAGS += -DSTATSD -DSYSTEMD + CFLAGS += -I$(SRCDIR)/../ + LDFLAGS += -z relro -z now -ljansson -lsystemd -# disable since libxenstore.so isn't linked properly -CONFIG_RTE_LIBRTE_PMD_XENVIRT = n + CONFIG_RTE_LIBRTE_PMD_XENVIRT = n -include $(RTE_SDK)/mk/rte.extapp.mk + include $(RTE_SDK)/mk/rte.extapp.mk +endif \ No newline at end of file From d92864d496341d1716c887c4d221ada08f52696e Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Wed, 13 May 2026 17:29:41 -0400 Subject: [PATCH 13/71] underscore --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 95c5ff16..8eb9edde 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -32,7 +32,7 @@ jobs: - name: Upload image artifact uses: actions/upload-artifact@v3 with: - name: glb-director-build-${{ matrix.distro }} + name: glb_director_build_${{ matrix.distro }} path: glb-director-build-${{ matrix.distro }}.tar retention-days: 1 From 44ea1d7101dd20ab6da6c339ae2096177ae1fc28 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Wed, 13 May 2026 17:31:45 -0400 Subject: [PATCH 14/71] Whitespace --- src/glb-director/Makefile | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/glb-director/Makefile b/src/glb-director/Makefile index cd11ab1c..35f7ee6f 100644 --- a/src/glb-director/Makefile +++ b/src/glb-director/Makefile @@ -37,7 +37,7 @@ RTE_TARGET ?= x86_64-default-linuxapp-gcc ifeq ($(wildcard $(RTE_SDK)/mk/rte.vars.mk),) # Modern DPDK - use pkg-config $(info Using modern DPDK build via pkg-config) - + APP = glb-director SRCS-y := main.c bind_classifier.c glb_kni.c glb_fwd_config.c \ glb_encap.c glb_encap_dpdk.c glb_control_loop.c glb_processor_loop.c \ @@ -51,17 +51,17 @@ ifeq ($(wildcard $(RTE_SDK)/mk/rte.vars.mk),) LDFLAGS += -z relro -z now -ljansson -lsystemd build/app/$(APP): $(SRCS-y) - mkdir -p build/app - $(CC) $(CFLAGS) -o $@ $(SRCS-y) $(LDFLAGS) + mkdir -p build/app + $(CC) $(CFLAGS) -o $@ $(SRCS-y) $(LDFLAGS) clean: - rm -rf build + rm -rf build .PHONY: clean else # Legacy DPDK build system include $(RTE_SDK)/mk/rte.vars.mk - + APP = glb-director SRCS-y := main.c bind_classifier.c glb_kni.c glb_fwd_config.c \ glb_encap.c glb_encap_dpdk.c glb_control_loop.c glb_processor_loop.c \ From 83c43e4f1a0a29eff782debe839f6822eee66019 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Thu, 14 May 2026 17:16:43 -0400 Subject: [PATCH 15/71] consistent names --- .github/workflows/test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8eb9edde..d5007607 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -33,7 +33,7 @@ jobs: uses: actions/upload-artifact@v3 with: name: glb_director_build_${{ matrix.distro }} - path: glb-director-build-${{ matrix.distro }}.tar + path: glb_director_build_${{ matrix.distro }}.tar retention-days: 1 test: @@ -50,7 +50,7 @@ jobs: - name: Download image artifact uses: actions/download-artifact@v3 with: - name: glb-director-build-${{ matrix.distro }} + name: glb_director_build_${{ matrix.distro }} - name: Load Docker image run: | From 58f591a117ead82ecf2f639bdad1f895f0ec7a2e Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Thu, 14 May 2026 17:21:06 -0400 Subject: [PATCH 16/71] Fix glb-redirect build --- src/glb-redirect/Makefile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/glb-redirect/Makefile b/src/glb-redirect/Makefile index 37c21e9f..effd33c9 100644 --- a/src/glb-redirect/Makefile +++ b/src/glb-redirect/Makefile @@ -36,11 +36,12 @@ IPT_LDFLAGS=-lxtables -shared mkdeb: rm -rf glb-redirect-iptables-dkms-mkdeb - cp -R /etc/dkms/template-dkms-mkdeb/ glb-redirect-iptables-dkms-mkdeb + test -d "$(DKMS_TEMPLATE_DIR)" + cp -R "$(DKMS_TEMPLATE_DIR)" glb-redirect-iptables-dkms-mkdeb chown : -R glb-redirect-iptables-dkms-mkdeb # Works around this bug: https://ubuntuforums.org/showthread.php?t=2234906 sed -i '/chmod 644/d' glb-redirect-iptables-dkms-mkdeb/Makefile sed -i '/^Depends:/ s/$$/, pkg-config, libxtables12 | libxtables10, libxtables-dev | libxtables10/' glb-redirect-iptables-dkms-mkdeb/debian/control sed -i 's/^Maintainer: .*/Maintainer: GitHub /' glb-redirect-iptables-dkms-mkdeb/debian/control dkms mkdeb --source-only - mv ../glb-redirect-iptables-dkms_$(DKMS_MOD_VER)_*.deb $(BUILDDIR)/ + mv ../glb-redirect-iptables-dkms_$(DKMS_MOD_VER)_*.deb $(BUILDDIR)/ \ No newline at end of file From 72eef82f367b61a6eba410d197938fcca22c7762 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Thu, 14 May 2026 17:29:07 -0400 Subject: [PATCH 17/71] Test --- .github/workflows/test.yml | 4 ++-- src/glb-redirect/Makefile | 7 +++++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index d5007607..8eb9edde 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -33,7 +33,7 @@ jobs: uses: actions/upload-artifact@v3 with: name: glb_director_build_${{ matrix.distro }} - path: glb_director_build_${{ matrix.distro }}.tar + path: glb-director-build-${{ matrix.distro }}.tar retention-days: 1 test: @@ -50,7 +50,7 @@ jobs: - name: Download image artifact uses: actions/download-artifact@v3 with: - name: glb_director_build_${{ matrix.distro }} + name: glb-director-build-${{ matrix.distro }} - name: Load Docker image run: | diff --git a/src/glb-redirect/Makefile b/src/glb-redirect/Makefile index effd33c9..3849092a 100644 --- a/src/glb-redirect/Makefile +++ b/src/glb-redirect/Makefile @@ -2,6 +2,7 @@ KDIR?=/usr/src/linux-headers-$(shell uname -r) BUILDDIR?=. ROOT_DIR:=$(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +DKMS_TEMPLATE_DIR ?= $(ROOT_DIR) DKMS_MOD_VER:=$(shell grep 'PACKAGE_VERSION' dkms.conf | cut -d'=' -f2) @@ -34,12 +35,14 @@ IPT_LDFLAGS=-lxtables -shared %.so: %.c $(CC) -o $@ $< $(IPT_CFLAGS) $(IPT_LDFLAGS) +DKMS_TEMPLATE_DIR ?= $(ROOT_DIR) + mkdeb: rm -rf glb-redirect-iptables-dkms-mkdeb - test -d "$(DKMS_TEMPLATE_DIR)" + @test -n "$(DKMS_TEMPLATE_DIR)" && test -d "$(DKMS_TEMPLATE_DIR)" || \ + (echo "DKMS_TEMPLATE_DIR is unset or does not exist: '$(DKMS_TEMPLATE_DIR)'" >&2; exit 1) cp -R "$(DKMS_TEMPLATE_DIR)" glb-redirect-iptables-dkms-mkdeb chown : -R glb-redirect-iptables-dkms-mkdeb - # Works around this bug: https://ubuntuforums.org/showthread.php?t=2234906 sed -i '/chmod 644/d' glb-redirect-iptables-dkms-mkdeb/Makefile sed -i '/^Depends:/ s/$$/, pkg-config, libxtables12 | libxtables10, libxtables-dev | libxtables10/' glb-redirect-iptables-dkms-mkdeb/debian/control sed -i 's/^Maintainer: .*/Maintainer: GitHub /' glb-redirect-iptables-dkms-mkdeb/debian/control From 7a0979241c683a23fe6e531320d169929590f968 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Thu, 14 May 2026 17:53:13 -0400 Subject: [PATCH 18/71] Update Makefile --- src/glb-redirect/Makefile | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/glb-redirect/Makefile b/src/glb-redirect/Makefile index 3849092a..d65a2264 100644 --- a/src/glb-redirect/Makefile +++ b/src/glb-redirect/Makefile @@ -38,13 +38,13 @@ IPT_LDFLAGS=-lxtables -shared DKMS_TEMPLATE_DIR ?= $(ROOT_DIR) mkdeb: - rm -rf glb-redirect-iptables-dkms-mkdeb + rm -rf "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb" @test -n "$(DKMS_TEMPLATE_DIR)" && test -d "$(DKMS_TEMPLATE_DIR)" || \ (echo "DKMS_TEMPLATE_DIR is unset or does not exist: '$(DKMS_TEMPLATE_DIR)'" >&2; exit 1) - cp -R "$(DKMS_TEMPLATE_DIR)" glb-redirect-iptables-dkms-mkdeb - chown : -R glb-redirect-iptables-dkms-mkdeb - sed -i '/chmod 644/d' glb-redirect-iptables-dkms-mkdeb/Makefile - sed -i '/^Depends:/ s/$$/, pkg-config, libxtables12 | libxtables10, libxtables-dev | libxtables10/' glb-redirect-iptables-dkms-mkdeb/debian/control - sed -i 's/^Maintainer: .*/Maintainer: GitHub /' glb-redirect-iptables-dkms-mkdeb/debian/control - dkms mkdeb --source-only - mv ../glb-redirect-iptables-dkms_$(DKMS_MOD_VER)_*.deb $(BUILDDIR)/ \ No newline at end of file + cp -R "$(DKMS_TEMPLATE_DIR)" "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb" + chown : -R "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb" + sed -i '/chmod 644/d' "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb/Makefile" + sed -i '/^Depends:/ s/$$/, pkg-config, libxtables12 | libxtables10, libxtables-dev | libxtables10/' "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb/debian/control" + sed -i 's/^Maintainer: .*/Maintainer: GitHub /' "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb/debian/control" + cd "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb" && dkms mkdeb --source-only + mv "$(BUILDDIR)"/glb-redirect-iptables-dkms_$(DKMS_MOD_VER)_*.deb "$(BUILDDIR)/" \ No newline at end of file From be2323a04d5fc6b213a6edbee5c25f203b948f5e Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Thu, 14 May 2026 18:04:13 -0400 Subject: [PATCH 19/71] Fixes --- .github/workflows/test.yml | 12 ++++++------ src/glb-redirect/Makefile | 6 ++++-- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8eb9edde..60e4748d 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -26,13 +26,13 @@ jobs: - name: Build image run: | - docker build -f script/Dockerfile.${{ matrix.distro }} -t glb-director-build-${{ matrix.distro }}:latest . - docker save glb-director-build-${{ matrix.distro }}:latest -o glb-director-build-${{ matrix.distro }}.tar + docker build --file script/Dockerfile.${{ matrix.distro }} --tag glb-director-build-${{ matrix.distro }}:latest . + docker save glb-director-build-${{ matrix.distro }}:latest --output glb-director-build-${{ matrix.distro }}.tar - name: Upload image artifact uses: actions/upload-artifact@v3 with: - name: glb_director_build_${{ matrix.distro }} + name: glb-director-build-${{ matrix.distro }} path: glb-director-build-${{ matrix.distro }}.tar retention-days: 1 @@ -54,13 +54,13 @@ jobs: - name: Load Docker image run: | - docker load -i glb-director-build-${{ matrix.distro }}.tar + docker load --input glb-director-build-${{ matrix.distro }}.tar - name: Run test suite in container run: | docker run --rm \ --privileged \ - -v $(pwd):/workspace \ - -w /workspace \ + --volume $(pwd):/workspace \ + --workdir /workspace \ glb-director-build-${{ matrix.distro }}:latest \ bash -c "script/test-glb-${{ matrix.test-suite }}" \ No newline at end of file diff --git a/src/glb-redirect/Makefile b/src/glb-redirect/Makefile index d65a2264..708982a7 100644 --- a/src/glb-redirect/Makefile +++ b/src/glb-redirect/Makefile @@ -44,7 +44,9 @@ mkdeb: cp -R "$(DKMS_TEMPLATE_DIR)" "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb" chown : -R "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb" sed -i '/chmod 644/d' "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb/Makefile" - sed -i '/^Depends:/ s/$$/, pkg-config, libxtables12 | libxtables10, libxtables-dev | libxtables10/' "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb/debian/control" - sed -i 's/^Maintainer: .*/Maintainer: GitHub /' "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb/debian/control" + if [ -f "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb/debian/control" ]; then \ + sed -i '/^Depends:/ s/$$/, pkg-config, libxtables12 | libxtables10, libxtables-dev | libxtables10/' "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb/debian/control"; \ + sed -i 's/^Maintainer: .*/Maintainer: GitHub /' "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb/debian/control"; \ + fi cd "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb" && dkms mkdeb --source-only mv "$(BUILDDIR)"/glb-redirect-iptables-dkms_$(DKMS_MOD_VER)_*.deb "$(BUILDDIR)/" \ No newline at end of file From 88fecb0715019cff8511441958581da61fbc43c3 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Thu, 14 May 2026 18:15:01 -0400 Subject: [PATCH 20/71] Fixes --- .github/workflows/test.yml | 11 ++++++----- src/glb-redirect/Makefile | 3 +-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 60e4748d..337e36f0 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -30,9 +30,9 @@ jobs: docker save glb-director-build-${{ matrix.distro }}:latest --output glb-director-build-${{ matrix.distro }}.tar - name: Upload image artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: - name: glb-director-build-${{ matrix.distro }} + name: build-${{ matrix.distro }} path: glb-director-build-${{ matrix.distro }}.tar retention-days: 1 @@ -47,11 +47,12 @@ jobs: - name: Checkout code uses: actions/checkout@v3 + - name: Download image artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: - name: glb-director-build-${{ matrix.distro }} - + name: build-${{ matrix.distro }} + - name: Load Docker image run: | docker load --input glb-director-build-${{ matrix.distro }}.tar diff --git a/src/glb-redirect/Makefile b/src/glb-redirect/Makefile index 708982a7..e435304e 100644 --- a/src/glb-redirect/Makefile +++ b/src/glb-redirect/Makefile @@ -48,5 +48,4 @@ mkdeb: sed -i '/^Depends:/ s/$$/, pkg-config, libxtables12 | libxtables10, libxtables-dev | libxtables10/' "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb/debian/control"; \ sed -i 's/^Maintainer: .*/Maintainer: GitHub /' "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb/debian/control"; \ fi - cd "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb" && dkms mkdeb --source-only - mv "$(BUILDDIR)"/glb-redirect-iptables-dkms_$(DKMS_MOD_VER)_*.deb "$(BUILDDIR)/" \ No newline at end of file + cd "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb" && dkms mkdeb --source-only \ No newline at end of file From 337be090717349ea1a5bff188bdd20465e9ac114 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Thu, 14 May 2026 18:32:01 -0400 Subject: [PATCH 21/71] Run tests inside container, not with docker --- .github/workflows/test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 337e36f0..3dd74d40 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -40,6 +40,7 @@ jobs: needs: build-images runs-on: ubuntu-latest strategy: + fail-fast: false matrix: test-suite: [director, director-xdp, healthcheck, redirect] distro: [noble, focal] @@ -47,7 +48,6 @@ jobs: - name: Checkout code uses: actions/checkout@v3 - - name: Download image artifact uses: actions/download-artifact@v4 with: @@ -64,4 +64,4 @@ jobs: --volume $(pwd):/workspace \ --workdir /workspace \ glb-director-build-${{ matrix.distro }}:latest \ - bash -c "script/test-glb-${{ matrix.test-suite }}" \ No newline at end of file + bash -c "cd /workspace/src/glb-${{ matrix.test-suite }} && script/test" \ No newline at end of file From e58eb2ac4d48919a995622eeaa345d31d608fe52 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Thu, 14 May 2026 18:36:05 -0400 Subject: [PATCH 22/71] Compiler --- src/glb-director/cli/main.c | 3 +++ src/glb-director/log.h | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/src/glb-director/cli/main.c b/src/glb-director/cli/main.c index dea70793..77910551 100644 --- a/src/glb-director/cli/main.c +++ b/src/glb-director/cli/main.c @@ -35,6 +35,9 @@ #include #include #include +#include + +bool debug = false; #include "log.h" diff --git a/src/glb-director/log.h b/src/glb-director/log.h index 58c4da2c..624e9281 100644 --- a/src/glb-director/log.h +++ b/src/glb-director/log.h @@ -35,8 +35,8 @@ #include #include -#define MAX_MESSAGE_SZ 1024 -bool debug; +#define MAX_MESSAG +extern bool debug; // outputs formatted logs to stdout or stderr From b3fbb853ecf91cce8c03d7f2569ede75793dd67c Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Fri, 15 May 2026 07:13:28 -0400 Subject: [PATCH 23/71] Fix --- script/Dockerfile.focal | 2 +- script/Dockerfile.noble | 3 ++- src/glb-director/log.h | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/script/Dockerfile.focal b/script/Dockerfile.focal index 20fb5dbb..74b61d76 100644 --- a/script/Dockerfile.focal +++ b/script/Dockerfile.focal @@ -5,7 +5,7 @@ RUN apt-get update && apt-get -y install curl git # DPDK RUN echo "deb http://dk.archive.ubuntu.com/ubuntu/ bionic main universe" >> /etc/apt/sources.list ARG DEBIAN_FRONTEND=noninteractive -RUN apt-get update && apt-get install -y build-essential dpdk=17.11.1-6 dpdk-dev=17.11.1-6 libdpdk-dev=17.11.1-6 wget pkg-config libjansson-dev libsystemd-dev +RUN apt-get update && apt-get install -y build-essential dpdk=17.11.1-6 dpdk-dev=17.11.1-6 libdpdk-dev=17.11.1-6 wget pkg-config libjansson-dev libsystemd-dev clang-tools-10 # iptables / DKMS ARG DEBIAN_FRONTEND=noninteractive diff --git a/script/Dockerfile.noble b/script/Dockerfile.noble index 35139b1a..510fa07a 100644 --- a/script/Dockerfile.noble +++ b/script/Dockerfile.noble @@ -13,7 +13,8 @@ RUN apt-get install --assume-yes \ wget \ pkg-config \ libjansson-dev \ - libsystemd-dev + libsystemd-dev \ + clang-tools-10 # iptables / DKMS ARG DEBIAN_FRONTEND=noninteractive diff --git a/src/glb-director/log.h b/src/glb-director/log.h index 624e9281..cd8e8cde 100644 --- a/src/glb-director/log.h +++ b/src/glb-director/log.h @@ -35,7 +35,7 @@ #include #include -#define MAX_MESSAG +#define MAX_MESSAGE_SZ 1024 extern bool debug; // outputs formatted logs to stdout or stderr From 0dc90fb28553ba27eb48b048238c488d6fd3d47e Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Fri, 15 May 2026 08:10:05 -0400 Subject: [PATCH 24/71] clang and move debug --- script/Dockerfile.noble | 2 +- src/glb-director/shared_opt.c | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/script/Dockerfile.noble b/script/Dockerfile.noble index 510fa07a..f4c16ca2 100644 --- a/script/Dockerfile.noble +++ b/script/Dockerfile.noble @@ -14,7 +14,7 @@ RUN apt-get install --assume-yes \ pkg-config \ libjansson-dev \ libsystemd-dev \ - clang-tools-10 + clang-tools-18 # iptables / DKMS ARG DEBIAN_FRONTEND=noninteractive diff --git a/src/glb-director/shared_opt.c b/src/glb-director/shared_opt.c index 5070a65b..ce86f287 100644 --- a/src/glb-director/shared_opt.c +++ b/src/glb-director/shared_opt.c @@ -33,6 +33,8 @@ #include "shared_opt.h" #include +bool debug = false; + /* parses --config-file, --forwarding-table, and --debug cli options */ void get_options(char *config_file, char *forwarding_table, int argc, @@ -40,7 +42,6 @@ void get_options(char *config_file, char *forwarding_table, int argc, { int opt_index, opt; - debug = false; static struct option long_options[] = { {"config-file", required_argument, NULL, 'c'}, From 1d1d01e28a4bd909c95838775bcf70a5d0727722 Mon Sep 17 00:00:00 2001 From: Mark Penny <163456289+mpenny-github@users.noreply.github.com> Date: Fri, 15 May 2026 08:28:26 -0400 Subject: [PATCH 25/71] Make scan-build invocation portable across distros --- script/test | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 script/test diff --git a/script/test b/script/test new file mode 100644 index 00000000..2f7f050f --- /dev/null +++ b/script/test @@ -0,0 +1,15 @@ +#!/usr/bin/env bash +set -euo pipefail + +if command -v scan-build-10 >/dev/null 2>&1; then + SCAN_BUILD=scan-build-10 +elif command -v scan-build >/dev/null 2>&1; then + SCAN_BUILD=scan-build +elif command -v scan-build-14 >/dev/null 2>&1; then + SCAN_BUILD=scan-build-14 +else + echo "scan-build is not installed" >&2 + exit 1 +fi + +"$SCAN_BUILD" make From 99011470889a547108ee380b6485c793e20304ed Mon Sep 17 00:00:00 2001 From: Mark Penny <163456289+mpenny-github@users.noreply.github.com> Date: Fri, 15 May 2026 08:34:58 -0400 Subject: [PATCH 26/71] Use pkg-config for DPDK build flags --- src/glb-director/cli/Makefile | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/src/glb-director/cli/Makefile b/src/glb-director/cli/Makefile index d584c639..b94ec06b 100644 --- a/src/glb-director/cli/Makefile +++ b/src/glb-director/cli/Makefile @@ -71,6 +71,9 @@ CFLAGS += -DCLI_MODE LDFLAGS += -z relro -z now LDFLAGS += -ljansson +DPDK_CFLAGS := $(shell pkg-config --cflags libdpdk) +DPDK_LIBS := $(shell pkg-config --libs libdpdk) + glb-director-cli: main.c gcc \ $(CFLAGS) \ @@ -87,9 +90,8 @@ glb-config-check: -o glb-config-check \ -I`pwd`/.. \ -I`pwd`/../.. \ - -I/usr/include/dpdk \ - -I/usr/include/x86_64-linux-gnu \ - -ldpdk -lpcap $(LDFLAGS)\ + $(DPDK_CFLAGS) \ + -lpcap $(LDFLAGS) $(DPDK_LIBS) \ -m64 -mssse3 glb-director-pcap: @@ -99,10 +101,9 @@ glb-director-pcap: -o glb-director-pcap \ -I`pwd`/.. \ -I`pwd`/../.. \ - -I/usr/include/dpdk \ - -I/usr/include/x86_64-linux-gnu \ + $(DPDK_CFLAGS) \ -lpcap \ - -DPCAP_MODE $(LDFLAGS)\ + -DPCAP_MODE $(LDFLAGS) $(DPDK_LIBS) \ -m64 -mssse3 glb-director-stub-server: @@ -112,9 +113,8 @@ glb-director-stub-server: -o glb-director-stub-server \ -I`pwd`/.. \ -I`pwd`/../.. \ - -I/usr/include/dpdk \ - -I/usr/include/x86_64-linux-gnu \ - -DPCAP_MODE $(LDFLAGS)\ + $(DPDK_CFLAGS) \ + -DPCAP_MODE $(LDFLAGS) $(DPDK_LIBS) \ -m64 -mssse3 clean: From 043170305acd70ccdc11076ef47b836b1565184a Mon Sep 17 00:00:00 2001 From: Mark Penny <163456289+mpenny-github@users.noreply.github.com> Date: Fri, 15 May 2026 08:41:49 -0400 Subject: [PATCH 27/71] Update DPDK header types for newer builds --- src/glb-director/bind_classifier_rules.h | 92 ++++++++++++------------ 1 file changed, 46 insertions(+), 46 deletions(-) diff --git a/src/glb-director/bind_classifier_rules.h b/src/glb-director/bind_classifier_rules.h index fa366d70..77d25882 100644 --- a/src/glb-director/bind_classifier_rules.h +++ b/src/glb-director/bind_classifier_rules.h @@ -80,16 +80,16 @@ struct rte_acl_field_def ipv4_defs[NUM_FIELDS_IPV4] = { .size = sizeof(uint32_t), .field_index = SRC_FIELD_IPV4, .input_index = RTE_ACL_IPV4_SRC, - .offset = offsetof(struct ipv4_hdr, src_addr) - - offsetof(struct ipv4_hdr, next_proto_id), + .offset = offsetof(struct rte_ipv4_hdr, src_addr) - + offsetof(struct rte_ipv4_hdr, next_proto_id), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = DST_FIELD_IPV4, .input_index = RTE_ACL_IPV4_DST, - .offset = offsetof(struct ipv4_hdr, dst_addr) - - offsetof(struct ipv4_hdr, next_proto_id), + .offset = offsetof(struct rte_ipv4_hdr, dst_addr) - + offsetof(struct rte_ipv4_hdr, next_proto_id), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, @@ -97,15 +97,15 @@ struct rte_acl_field_def ipv4_defs[NUM_FIELDS_IPV4] = { .field_index = SRCP_FIELD_IPV4, .input_index = RTE_ACL_IPV4_PORTS, .offset = - sizeof(struct ipv4_hdr) - offsetof(struct ipv4_hdr, next_proto_id), + sizeof(struct rte_ipv4_hdr) - offsetof(struct rte_ipv4_hdr, next_proto_id), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, .size = sizeof(uint16_t), .field_index = DSTP_FIELD_IPV4, .input_index = RTE_ACL_IPV4_PORTS, - .offset = sizeof(struct ipv4_hdr) - - offsetof(struct ipv4_hdr, next_proto_id) + sizeof(uint16_t), + .offset = sizeof(struct rte_ipv4_hdr) - + offsetof(struct rte_ipv4_hdr, next_proto_id) + sizeof(uint16_t), }, // support for ICMP introspection { @@ -113,30 +113,30 @@ struct rte_acl_field_def ipv4_defs[NUM_FIELDS_IPV4] = { .size = sizeof(uint32_t), .field_index = ICMP_INNER_SRC_FIELD_IPV4, .input_index = RTE_ACL_IPV4_INNER_SRC, - .offset = sizeof(struct ipv4_hdr) - - offsetof(struct ipv4_hdr, next_proto_id) + sizeof(uint32_t) + + .offset = sizeof(struct rte_ipv4_hdr) - + offsetof(struct rte_ipv4_hdr, next_proto_id) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over to inner IP header - offsetof(struct ipv4_hdr, src_addr), + offsetof(struct rte_ipv4_hdr, src_addr), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, .size = sizeof(uint16_t), .field_index = ICMP_INNER_SRCP_FIELD_IPV4, .input_index = RTE_ACL_IPV4_INNER_PORTS, - .offset = sizeof(struct ipv4_hdr) - - offsetof(struct ipv4_hdr, next_proto_id) + sizeof(uint32_t) + + .offset = sizeof(struct rte_ipv4_hdr) - + offsetof(struct rte_ipv4_hdr, next_proto_id) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over to inner IP header - sizeof(struct ipv4_hdr), + sizeof(struct rte_ipv4_hdr), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, .size = sizeof(uint16_t), .field_index = ICMP_INNER_DSTP_FIELD_IPV4, .input_index = RTE_ACL_IPV4_INNER_PORTS, - .offset = sizeof(struct ipv4_hdr) - - offsetof(struct ipv4_hdr, next_proto_id) + sizeof(uint32_t) + + .offset = sizeof(struct rte_ipv4_hdr) - + offsetof(struct rte_ipv4_hdr, next_proto_id) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over to inner IP header - sizeof(struct ipv4_hdr) + sizeof(uint16_t), + sizeof(struct rte_ipv4_hdr) + sizeof(uint16_t), }, }; @@ -204,78 +204,78 @@ struct rte_acl_field_def ipv6_defs[NUM_FIELDS_IPV6] = { .size = sizeof(uint32_t), .field_index = SRC1_FIELD_IPV6, .input_index = RTE_ACL_IPV6_SRC1, - .offset = offsetof(struct ipv6_hdr, src_addr) - - offsetof(struct ipv6_hdr, proto), + .offset = offsetof(struct rte_ipv6_hdr, src_addr) - + offsetof(struct rte_ipv6_hdr, proto), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = SRC2_FIELD_IPV6, .input_index = RTE_ACL_IPV6_SRC2, - .offset = offsetof(struct ipv6_hdr, src_addr) - - offsetof(struct ipv6_hdr, proto) + sizeof(uint32_t), + .offset = offsetof(struct rte_ipv6_hdr, src_addr) - + offsetof(struct rte_ipv6_hdr, proto) + sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = SRC3_FIELD_IPV6, .input_index = RTE_ACL_IPV6_SRC3, - .offset = offsetof(struct ipv6_hdr, src_addr) - - offsetof(struct ipv6_hdr, proto) + 2 * sizeof(uint32_t), + .offset = offsetof(struct rte_ipv6_hdr, src_addr) - + offsetof(struct rte_ipv6_hdr, proto) + 2 * sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = SRC4_FIELD_IPV6, .input_index = RTE_ACL_IPV6_SRC4, - .offset = offsetof(struct ipv6_hdr, src_addr) - - offsetof(struct ipv6_hdr, proto) + 3 * sizeof(uint32_t), + .offset = offsetof(struct rte_ipv6_hdr, src_addr) - + offsetof(struct rte_ipv6_hdr, proto) + 3 * sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = DST1_FIELD_IPV6, .input_index = RTE_ACL_IPV6_DST1, - .offset = offsetof(struct ipv6_hdr, dst_addr) - - offsetof(struct ipv6_hdr, proto), + .offset = offsetof(struct rte_ipv6_hdr, dst_addr) - + offsetof(struct rte_ipv6_hdr, proto), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = DST2_FIELD_IPV6, .input_index = RTE_ACL_IPV6_DST2, - .offset = offsetof(struct ipv6_hdr, dst_addr) - - offsetof(struct ipv6_hdr, proto) + sizeof(uint32_t), + .offset = offsetof(struct rte_ipv6_hdr, dst_addr) - + offsetof(struct rte_ipv6_hdr, proto) + sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = DST3_FIELD_IPV6, .input_index = RTE_ACL_IPV6_DST3, - .offset = offsetof(struct ipv6_hdr, dst_addr) - - offsetof(struct ipv6_hdr, proto) + 2 * sizeof(uint32_t), + .offset = offsetof(struct rte_ipv6_hdr, dst_addr) - + offsetof(struct rte_ipv6_hdr, proto) + 2 * sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = DST4_FIELD_IPV6, .input_index = RTE_ACL_IPV6_DST4, - .offset = offsetof(struct ipv6_hdr, dst_addr) - - offsetof(struct ipv6_hdr, proto) + 3 * sizeof(uint32_t), + .offset = offsetof(struct rte_ipv6_hdr, dst_addr) - + offsetof(struct rte_ipv6_hdr, proto) + 3 * sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, .size = sizeof(uint16_t), .field_index = SRCP_FIELD_IPV6, .input_index = RTE_ACL_IPV6_PORTS, - .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto), + .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, .size = sizeof(uint16_t), .field_index = DSTP_FIELD_IPV6, .input_index = RTE_ACL_IPV6_PORTS, - .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto) + + .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto) + sizeof(uint16_t), }, @@ -285,59 +285,59 @@ struct rte_acl_field_def ipv6_defs[NUM_FIELDS_IPV6] = { .size = sizeof(uint32_t), .field_index = ICMP_INNER_SRC1_FIELD_IPV6, .input_index = RTE_ACL_IPV6_INNER_SRC1, - .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto) + + .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over the ICMPv6 header - offsetof(struct ipv6_hdr, src_addr), + offsetof(struct rte_ipv6_hdr, src_addr), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = ICMP_INNER_SRC2_FIELD_IPV6, .input_index = RTE_ACL_IPV6_INNER_SRC2, - .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto) + + .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over the ICMPv6 header - offsetof(struct ipv6_hdr, src_addr) + sizeof(uint32_t), + offsetof(struct rte_ipv6_hdr, src_addr) + sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = ICMP_INNER_SRC3_FIELD_IPV6, .input_index = RTE_ACL_IPV6_INNER_SRC3, - .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto) + + .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over the ICMPv6 header - offsetof(struct ipv6_hdr, src_addr) + 2 * sizeof(uint32_t), + offsetof(struct rte_ipv6_hdr, src_addr) + 2 * sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = ICMP_INNER_SRC4_FIELD_IPV6, .input_index = RTE_ACL_IPV6_INNER_SRC4, - .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto) + + .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over the ICMPv6 header - offsetof(struct ipv6_hdr, src_addr) + 3 * sizeof(uint32_t), + offsetof(struct rte_ipv6_hdr, src_addr) + 3 * sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, .size = sizeof(uint16_t), .field_index = ICMP_INNER_SRCP_FIELD_IPV6, .input_index = RTE_ACL_IPV6_INNER_PORTS, - .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto) + + .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over the ICMPv6 header - sizeof(struct ipv6_hdr), + sizeof(struct rte_ipv6_hdr), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, .size = sizeof(uint16_t), .field_index = ICMP_INNER_DSTP_FIELD_IPV6, .input_index = RTE_ACL_IPV6_INNER_PORTS, - .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto) + + .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over the ICMPv6 header - sizeof(struct ipv6_hdr) + sizeof(uint16_t), + sizeof(struct rte_ipv6_hdr) + sizeof(uint16_t), }, }; From c3e00ddc0dd1eae1aaa9cd17acdacaee355047f0 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Fri, 15 May 2026 08:44:00 -0400 Subject: [PATCH 28/71] security warning --- .github/workflows/test.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3dd74d40..74215f71 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -10,6 +10,9 @@ on: - main - master +permissions: + contents: read + jobs: build-images: runs-on: ubuntu-latest @@ -36,6 +39,8 @@ jobs: path: glb-director-build-${{ matrix.distro }}.tar retention-days: 1 + + test: needs: build-images runs-on: ubuntu-latest From 9a460e4234649262b39ea0109476fe6b0c5432ac Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 12:52:09 +0000 Subject: [PATCH 29/71] Fix director test script scan-build selection on noble --- src/glb-director/script/test | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/src/glb-director/script/test b/src/glb-director/script/test index f2a44713..e8eff851 100755 --- a/src/glb-director/script/test +++ b/src/glb-director/script/test @@ -42,8 +42,21 @@ begin_fold "Building glb-director for testing" make clean make -C cli clean - scan-build-10 make - scan-build-10 make -C cli + if command -v scan-build-10 >/dev/null 2>&1; then + SCAN_BUILD=scan-build-10 + elif command -v scan-build-18 >/dev/null 2>&1; then + SCAN_BUILD=scan-build-18 + elif command -v scan-build >/dev/null 2>&1; then + SCAN_BUILD=scan-build + elif command -v scan-build-14 >/dev/null 2>&1; then + SCAN_BUILD=scan-build-14 + else + echo "scan-build is not installed" >&2 + exit 1 + fi + + "$SCAN_BUILD" make + "$SCAN_BUILD" make -C cli ) end_fold From 4f66bf37a590e46433da37ce1e42fc8814f73085 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 13:05:46 +0000 Subject: [PATCH 30/71] Fix focal package-build compile by including split DPDK IP headers --- src/glb-director/bind_classifier_rules.h | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/glb-director/bind_classifier_rules.h b/src/glb-director/bind_classifier_rules.h index 77d25882..8da3e740 100644 --- a/src/glb-director/bind_classifier_rules.h +++ b/src/glb-director/bind_classifier_rules.h @@ -35,6 +35,16 @@ * Rule and trace formats definitions. */ +#include +#ifdef __has_include +#if __has_include() +#include +#endif +#if __has_include() +#include +#endif +#endif + enum { PROTO_FIELD_IPV4, SRC_FIELD_IPV4, DST_FIELD_IPV4, From fea8293d6ba7ae02453d4eebdc48c826bc0a88c2 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 13:15:11 +0000 Subject: [PATCH 31/71] Add DPDK symbol compatibility aliases for Noble build --- src/glb-director/config.h | 44 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/src/glb-director/config.h b/src/glb-director/config.h index bba7752d..add54c0e 100644 --- a/src/glb-director/config.h +++ b/src/glb-director/config.h @@ -34,6 +34,10 @@ /* Macros for printing using RTE_LOG */ #define RTE_LOGTYPE_APP RTE_LOGTYPE_USER1 +#include +#include +#include + /* Max size of a single packet */ #define MAX_PACKET_SZ 9220 @@ -62,3 +66,43 @@ /* default ethernet dev, used for collecting nic info */ #define DEFAULT_ETH_DEV 0 + +/* + * Compatibility aliases for newer DPDK releases (e.g. Ubuntu Noble) where + * legacy symbol names are no longer provided. + */ +#ifndef ether_addr +#define ether_addr rte_ether_addr +#endif + +#ifndef ether_hdr +#define ether_hdr rte_ether_hdr +#endif + +#ifndef ipv4_hdr +#define ipv4_hdr rte_ipv4_hdr +#endif + +#ifndef ipv6_hdr +#define ipv6_hdr rte_ipv6_hdr +#endif + +#if !defined(ETHER_TYPE_IPv4) && defined(RTE_ETHER_TYPE_IPV4) +#define ETHER_TYPE_IPv4 RTE_ETHER_TYPE_IPV4 +#endif + +#if !defined(ETHER_TYPE_IPv6) && defined(RTE_ETHER_TYPE_IPV6) +#define ETHER_TYPE_IPv6 RTE_ETHER_TYPE_IPV6 +#endif + +#ifndef ether_addr_octet +#define ether_addr_octet addr_bytes +#endif + +#ifndef RTE_LCORE_FOREACH_SLAVE +#define RTE_LCORE_FOREACH_SLAVE RTE_LCORE_FOREACH_WORKER +#endif + +#ifndef rte_get_master_lcore +#define rte_get_master_lcore rte_get_main_lcore +#endif From 03cf87c66398df18d4d34354a0eca44cf09f5df0 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 13:25:58 +0000 Subject: [PATCH 32/71] Fix DPDK compatibility aliases for focal and noble builds --- src/glb-director/bind_classifier.c | 2 +- src/glb-director/config.h | 30 ++++++++++++++++++++++++++++-- 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/src/glb-director/bind_classifier.c b/src/glb-director/bind_classifier.c index d29203f9..45a41f47 100644 --- a/src/glb-director/bind_classifier.c +++ b/src/glb-director/bind_classifier.c @@ -76,8 +76,8 @@ #include #include "bind_classifier.h" -#include "bind_classifier_rules.h" #include "config.h" +#include "bind_classifier_rules.h" #include "glb_fwd_config.h" #include "glb_director_config.h" #include "log.h" diff --git a/src/glb-director/config.h b/src/glb-director/config.h index add54c0e..98e9a7f1 100644 --- a/src/glb-director/config.h +++ b/src/glb-director/config.h @@ -68,9 +68,10 @@ #define DEFAULT_ETH_DEV 0 /* - * Compatibility aliases for newer DPDK releases (e.g. Ubuntu Noble) where - * legacy symbol names are no longer provided. + * Compatibility aliases for DPDK API naming differences between older and + * newer releases. */ +#ifdef RTE_ETHER_TYPE_IPV4 #ifndef ether_addr #define ether_addr rte_ether_addr #endif @@ -98,6 +99,31 @@ #ifndef ether_addr_octet #define ether_addr_octet addr_bytes #endif +#else +#ifndef rte_ether_addr +#define rte_ether_addr ether_addr +#endif + +#ifndef rte_ether_hdr +#define rte_ether_hdr ether_hdr +#endif + +#ifndef rte_ipv4_hdr +#define rte_ipv4_hdr ipv4_hdr +#endif + +#ifndef rte_ipv6_hdr +#define rte_ipv6_hdr ipv6_hdr +#endif + +#if !defined(RTE_ETHER_TYPE_IPV4) && defined(ETHER_TYPE_IPv4) +#define RTE_ETHER_TYPE_IPV4 ETHER_TYPE_IPv4 +#endif + +#if !defined(RTE_ETHER_TYPE_IPV6) && defined(ETHER_TYPE_IPv6) +#define RTE_ETHER_TYPE_IPV6 ETHER_TYPE_IPv6 +#endif +#endif #ifndef RTE_LCORE_FOREACH_SLAVE #define RTE_LCORE_FOREACH_SLAVE RTE_LCORE_FOREACH_WORKER From 16e508fd77eedc0c9b18c873c2b70a45d4732a28 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 13:55:38 +0000 Subject: [PATCH 33/71] fix: guard rte_get_master_lcore alias with RTE_LCORE_FOREACH_WORKER check --- src/glb-director/config.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/glb-director/config.h b/src/glb-director/config.h index 98e9a7f1..85913f66 100644 --- a/src/glb-director/config.h +++ b/src/glb-director/config.h @@ -129,6 +129,8 @@ #define RTE_LCORE_FOREACH_SLAVE RTE_LCORE_FOREACH_WORKER #endif +#ifdef RTE_LCORE_FOREACH_WORKER #ifndef rte_get_master_lcore #define rte_get_master_lcore rte_get_main_lcore #endif +#endif From ea61b4f444ca7d6cef0fa3b9e1e1041ee120a370 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 14:10:33 +0000 Subject: [PATCH 34/71] fix: guard DPDK headers in config.h with NO_DPDK to fix focal package build --- src/glb-director/config.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/glb-director/config.h b/src/glb-director/config.h index 85913f66..7351b828 100644 --- a/src/glb-director/config.h +++ b/src/glb-director/config.h @@ -34,9 +34,11 @@ /* Macros for printing using RTE_LOG */ #define RTE_LOGTYPE_APP RTE_LOGTYPE_USER1 +#ifndef NO_DPDK #include #include #include +#endif /* Max size of a single packet */ #define MAX_PACKET_SZ 9220 @@ -71,6 +73,7 @@ * Compatibility aliases for DPDK API naming differences between older and * newer releases. */ +#ifndef NO_DPDK #ifdef RTE_ETHER_TYPE_IPV4 #ifndef ether_addr #define ether_addr rte_ether_addr @@ -134,3 +137,4 @@ #define rte_get_master_lcore rte_get_main_lcore #endif #endif +#endif /* NO_DPDK */ From de27caa2e98bc48fae30028fa4fbb4f271673645 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 15:03:26 +0000 Subject: [PATCH 35/71] Fix Noble (Ubuntu 24.04) build: DPDK 23.11 compatibility --- src/glb-director/bind_classifier.c | 2 + src/glb-director/cli/Makefile | 2 - src/glb-director/cmdline_parse.c | 17 ++++++++- src/glb-director/config.h | 61 ++++++++++++++++++++++++++++++ src/glb-director/glb_encap.c | 5 +++ src/glb-director/glb_kni.c | 37 +++++++++++++++++- src/glb-director/main.c | 13 ++++++- 7 files changed, 131 insertions(+), 6 deletions(-) diff --git a/src/glb-director/bind_classifier.c b/src/glb-director/bind_classifier.c index 45a41f47..e3028258 100644 --- a/src/glb-director/bind_classifier.c +++ b/src/glb-director/bind_classifier.c @@ -70,7 +70,9 @@ #include #include #include +#if __has_include() #include +#endif #include #include #include diff --git a/src/glb-director/cli/Makefile b/src/glb-director/cli/Makefile index b94ec06b..a11245f9 100644 --- a/src/glb-director/cli/Makefile +++ b/src/glb-director/cli/Makefile @@ -42,7 +42,6 @@ PCAP_SRCS = pcap_mode.c \ ../glb_fwd_config.c \ ../glb_director_config.c \ ../glb_encap.c \ - ../cmdline_parse.c \ ../cmdline_parse_etheraddr.c \ ../glb_encap_pcap.c \ ../siphash24.c \ @@ -52,7 +51,6 @@ STUB_SRCS = stub_server.c \ ../glb_fwd_config.c \ ../glb_director_config.c \ ../glb_encap.c \ - ../cmdline_parse.c \ ../cmdline_parse_etheraddr.c \ ../glb_encap_pcap.c \ ../siphash24.c \ diff --git a/src/glb-director/cmdline_parse.c b/src/glb-director/cmdline_parse.c index 3ab4a020..154d3ea1 100644 --- a/src/glb-director/cmdline_parse.c +++ b/src/glb-director/cmdline_parse.c @@ -71,6 +71,7 @@ #include #include +#include #include "cmdline.h" #include "cmdline_parse.h" @@ -86,6 +87,18 @@ #define CMDLINE_BUFFER_SIZE 64 +/* struct cmdline became opaque in DPDK 22.11; use the accessor if available */ +#if RTE_VERSION >= RTE_VERSION_NUM(22, 11, 0, 0) +#define CMDLINE_CTX(cl) cmdline_get_ctx(cl) +#else +#define CMDLINE_CTX(cl) ((cl)->ctx) +#endif + +/* RDLINE_BUF_SIZE was removed in newer DPDK; fall back to our local buffer size */ +#ifndef RDLINE_BUF_SIZE +#define RDLINE_BUF_SIZE CMDLINE_BUFFER_SIZE +#endif + /* isblank() needs _XOPEN_SOURCE >= 600 || _ISOC99_SOURCE, so use our * own. */ static int isblank2(char c) @@ -262,7 +275,7 @@ int cmdline_parse(struct cmdline *cl, const char *buf) if (!cl || !buf) return CMDLINE_PARSE_BAD_ARGS; - ctx = cl->ctx; + ctx = CMDLINE_CTX(cl); /* * - look if the buffer contains at least one line @@ -379,7 +392,7 @@ int cmdline_complete(struct cmdline *cl, const char *buf, int *state, char *dst, if (!cl || !buf || !state || !dst) return -1; - ctx = cl->ctx; + ctx = CMDLINE_CTX(cl); debug_printf("%s called\n", __func__); memset(&token_hdr, 0, sizeof(token_hdr)); diff --git a/src/glb-director/config.h b/src/glb-director/config.h index 7351b828..7c9e2ebd 100644 --- a/src/glb-director/config.h +++ b/src/glb-director/config.h @@ -102,6 +102,48 @@ #ifndef ether_addr_octet #define ether_addr_octet addr_bytes #endif + +#ifndef tcp_hdr +#define tcp_hdr rte_tcp_hdr +#endif + +#ifndef udp_hdr +#define udp_hdr rte_udp_hdr +#endif + +#ifndef ether_format_addr +#define ether_format_addr rte_ether_format_addr +#endif + +/* mbuf TX flags renamed in DPDK 21.11 */ +#ifndef PKT_TX_IPV4 +#define PKT_TX_IPV4 RTE_MBUF_F_TX_IPV4 +#endif + +#ifndef PKT_TX_IP_CKSUM +#define PKT_TX_IP_CKSUM RTE_MBUF_F_TX_IP_CKSUM +#endif + +#ifndef PKT_TX_UDP_CKSUM +#define PKT_TX_UDP_CKSUM RTE_MBUF_F_TX_UDP_CKSUM +#endif + +/* Ethernet device config constants renamed in DPDK 21.11 */ +#ifndef ETH_MQ_RX_RSS +#define ETH_MQ_RX_RSS RTE_ETH_MQ_RX_RSS +#endif + +#ifndef ETH_MQ_TX_NONE +#define ETH_MQ_TX_NONE RTE_ETH_MQ_TX_NONE +#endif + +#ifndef ETH_RSS_UDP +#define ETH_RSS_UDP RTE_ETH_RSS_UDP +#endif + +#ifndef ETH_RSS_TCP +#define ETH_RSS_TCP RTE_ETH_RSS_TCP +#endif #else #ifndef rte_ether_addr #define rte_ether_addr ether_addr @@ -126,6 +168,18 @@ #if !defined(RTE_ETHER_TYPE_IPV6) && defined(ETHER_TYPE_IPv6) #define RTE_ETHER_TYPE_IPV6 ETHER_TYPE_IPv6 #endif + +#ifndef rte_tcp_hdr +#define rte_tcp_hdr tcp_hdr +#endif + +#ifndef rte_udp_hdr +#define rte_udp_hdr udp_hdr +#endif + +#ifndef rte_ether_format_addr +#define rte_ether_format_addr ether_format_addr +#endif #endif #ifndef RTE_LCORE_FOREACH_SLAVE @@ -137,4 +191,11 @@ #define rte_get_master_lcore rte_get_main_lcore #endif #endif + +/* KNI was removed in DPDK 23.11. GLB_HAVE_KNI gates all KNI-dependent code. */ +#if __has_include() +#define GLB_HAVE_KNI 1 +#else +#define GLB_HAVE_KNI 0 +#endif #endif /* NO_DPDK */ diff --git a/src/glb-director/glb_encap.c b/src/glb-director/glb_encap.c index a38f5ff7..2f5f0498 100644 --- a/src/glb-director/glb_encap.c +++ b/src/glb-director/glb_encap.c @@ -131,8 +131,13 @@ int glb_encapsulate_packet(struct ether_hdr *eth_hdr, glb_route_context *route_c uint32_t first_hop_ip = route_context->ipv4_hops[0]; uint32_t remaining_hop_count = route_context->hop_count - 1; +#ifdef RTE_ETHER_TYPE_IPV4 + eth_hdr->dst_addr = g_director_config->gateway_ether_addr; + eth_hdr->src_addr = g_director_config->local_ether_addr; +#else eth_hdr->d_addr = g_director_config->gateway_ether_addr; eth_hdr->s_addr = g_director_config->local_ether_addr; +#endif eth_hdr->ether_type = htons(ETHER_TYPE_IPv4); ipv4_hdr->version = PDNET_IPV4_VERSION; diff --git a/src/glb-director/glb_kni.c b/src/glb-director/glb_kni.c index bc279b32..77d9f021 100644 --- a/src/glb-director/glb_kni.c +++ b/src/glb-director/glb_kni.c @@ -61,7 +61,9 @@ #include #include #include +#if __has_include() #include +#endif #include #include #include @@ -71,13 +73,15 @@ #include #include #include +#if __has_include() #include +#endif #include #include #include #include -#if RTE_VERSION >= RTE_VERSION_NUM(17, 11, 0, 1) +#if __has_include() #include #endif @@ -86,6 +90,8 @@ #include "log.h" #include "util.h" +#if GLB_HAVE_KNI + #if RTE_VERSION > RTE_VERSION_NUM(17,11,0,0) typedef uint16_t port_id_t; #else @@ -366,3 +372,32 @@ static void handle_kni_to_nic(unsigned port_id, struct rte_kni *kni, "lcore-%u: -> %d packets (%d queued) burst from KNI to port %d queue %d", rte_lcore_id(), nb_rx, nb_tx, port_id, tx_queue); } + +#else /* !GLB_HAVE_KNI — provide no-op stubs */ + +struct glb_kni_ { + /* empty stub when KNI is not available */ +}; + +glb_kni *glb_kni_new(uint8_t physical_port_id __attribute__((unused)), + uint16_t rx_tx_queue_id __attribute__((unused)), + unsigned owner_lcore_id __attribute__((unused)), + struct rte_mempool *pktmbuf_pool __attribute__((unused))) +{ + return NULL; +} + +void glb_kni_release(glb_kni *gk __attribute__((unused))) { } + +unsigned glb_kni_safe_tx_burst(glb_kni *gk __attribute__((unused)), + struct rte_mbuf **kni_tx_burst __attribute__((unused)), + unsigned tx_burst_size __attribute__((unused))) +{ + return 0; +} + +void glb_kni_lcore_flush(glb_kni *gk __attribute__((unused))) { } + +void glb_kni_handle_request(glb_kni *gk __attribute__((unused))) { } + +#endif /* GLB_HAVE_KNI */ diff --git a/src/glb-director/main.c b/src/glb-director/main.c index 12c91772..3fd8962d 100644 --- a/src/glb-director/main.c +++ b/src/glb-director/main.c @@ -63,7 +63,9 @@ #include #include #include +#if __has_include() #include +#endif #include #include #include @@ -73,11 +75,14 @@ #include #include #include +#if __has_include() #include +#endif #include #include #include #include +#include #ifdef SYSTEMD #include @@ -111,11 +116,13 @@ struct rte_mempool *glb_processor_msg_pool = NULL; struct rte_eth_conf port_conf = { .rxmode = { +#if RTE_VERSION < RTE_VERSION_NUM(22, 11, 0, 0) .header_split = 0, /* Header Split disabled */ .hw_ip_checksum = 1, /* IP checksum offload disabled */ .hw_vlan_filter = 0, /* VLAN filtering disabled */ .jumbo_frame = 0, /* Jumbo Frame Support disabled */ .hw_strip_crc = 1, /* CRC stripped by hardware */ +#endif .mq_mode = ETH_MQ_RX_RSS, }, .txmode = @@ -220,7 +227,7 @@ int main(int argc, char **argv) } /* Find out how many NIC ports we have, validate that it's reasonable */ - nb_sys_ports = rte_eth_dev_count(); + nb_sys_ports = rte_eth_dev_count_avail(); if (nb_sys_ports == 0) { glb_log_error_and_exit("No supported Ethernet device found"); return -1; @@ -274,9 +281,11 @@ int main(int argc, char **argv) init_port(i, physical_num_queues, pktmbuf_pool); } +#if GLB_HAVE_KNI if (g_director_config->kni_enabled) { rte_kni_init(nb_sys_ports); } +#endif /* Pre-allocate the control message mbuf pool */ glb_processor_msg_pool = rte_mempool_create( @@ -355,6 +364,7 @@ int main(int argc, char **argv) if (core != rte_get_master_lcore()) { glb_log_info("lcore %u setup with workloads 0x%04x", core, ctx->lcore_config.workloads); +#if GLB_HAVE_KNI if ((ctx->lcore_config.workloads & CORE_WORKLOAD_KNI) != 0) { for (kni_index = 0; kni_index < nb_sys_ports; kni_index++) { kni_ports[kni_index] = glb_kni_new(kni_index, 0, core, pktmbuf_pool); @@ -367,6 +377,7 @@ int main(int argc, char **argv) } } } +#endif if ((ctx->lcore_config.workloads & CORE_WORKLOAD_DIST) != 0) { // create the distributor to be linked up to workers on a second pass below From be445dd81b0b0d702789c56efd6b57ef334a3a41 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 15:05:15 +0000 Subject: [PATCH 36/71] Remove redundant #ifdef __has_include outer guard in bind_classifier_rules.h --- src/glb-director/bind_classifier_rules.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/glb-director/bind_classifier_rules.h b/src/glb-director/bind_classifier_rules.h index 8da3e740..670fddf8 100644 --- a/src/glb-director/bind_classifier_rules.h +++ b/src/glb-director/bind_classifier_rules.h @@ -36,14 +36,12 @@ */ #include -#ifdef __has_include #if __has_include() #include #endif #if __has_include() #include #endif -#endif enum { PROTO_FIELD_IPV4, SRC_FIELD_IPV4, From d8fd66b211f11ac371a7658986e25a3f79744755 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 15:16:43 +0000 Subject: [PATCH 37/71] Add include guard to strlcpy header for noble build --- src/glb-director/strlcpy.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/glb-director/strlcpy.h b/src/glb-director/strlcpy.h index 0f5e314a..de3a8793 100644 --- a/src/glb-director/strlcpy.h +++ b/src/glb-director/strlcpy.h @@ -1,5 +1,8 @@ /* $OpenBSD: strlcpy.c,v 1.11 2006/05/05 15:27:38 millert Exp $ */ +#ifndef GLB_STRLCPY_H +#define GLB_STRLCPY_H + /*- * Copyright (c) 1998 Todd C. Miller * @@ -46,3 +49,5 @@ strlcpy(char * __restrict dst, const char * __restrict src, size_t siz) return(s - src - 1); /* count does not include NUL */ } + +#endif From 627ce789da13cd28089738160897d038aff3b49d Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 15:26:19 +0000 Subject: [PATCH 38/71] Fix focal ether header field compatibility in encapsulation --- src/glb-director/config.h | 6 ++++++ src/glb-director/glb_encap.c | 9 ++------- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/src/glb-director/config.h b/src/glb-director/config.h index 7c9e2ebd..bd642bae 100644 --- a/src/glb-director/config.h +++ b/src/glb-director/config.h @@ -75,6 +75,9 @@ */ #ifndef NO_DPDK #ifdef RTE_ETHER_TYPE_IPV4 +#define GLB_ETHER_HDR_DST_ADDR dst_addr +#define GLB_ETHER_HDR_SRC_ADDR src_addr + #ifndef ether_addr #define ether_addr rte_ether_addr #endif @@ -145,6 +148,9 @@ #define ETH_RSS_TCP RTE_ETH_RSS_TCP #endif #else +#define GLB_ETHER_HDR_DST_ADDR d_addr +#define GLB_ETHER_HDR_SRC_ADDR s_addr + #ifndef rte_ether_addr #define rte_ether_addr ether_addr #endif diff --git a/src/glb-director/glb_encap.c b/src/glb-director/glb_encap.c index 2f5f0498..042feb7c 100644 --- a/src/glb-director/glb_encap.c +++ b/src/glb-director/glb_encap.c @@ -131,13 +131,8 @@ int glb_encapsulate_packet(struct ether_hdr *eth_hdr, glb_route_context *route_c uint32_t first_hop_ip = route_context->ipv4_hops[0]; uint32_t remaining_hop_count = route_context->hop_count - 1; -#ifdef RTE_ETHER_TYPE_IPV4 - eth_hdr->dst_addr = g_director_config->gateway_ether_addr; - eth_hdr->src_addr = g_director_config->local_ether_addr; -#else - eth_hdr->d_addr = g_director_config->gateway_ether_addr; - eth_hdr->s_addr = g_director_config->local_ether_addr; -#endif + eth_hdr->GLB_ETHER_HDR_DST_ADDR = g_director_config->gateway_ether_addr; + eth_hdr->GLB_ETHER_HDR_SRC_ADDR = g_director_config->local_ether_addr; eth_hdr->ether_type = htons(ETHER_TYPE_IPv4); ipv4_hdr->version = PDNET_IPV4_VERSION; From 1e48d1488df112e34572def82bf31f6e7ee45ed3 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 15:36:16 +0000 Subject: [PATCH 39/71] Fix noble libbpf compatibility in xdp-root-shim --- .../xdp-root-shim/xdp-root-shim.c | 54 ++++++++++++++++--- 1 file changed, 46 insertions(+), 8 deletions(-) diff --git a/src/glb-director-xdp/xdp-root-shim/xdp-root-shim.c b/src/glb-director-xdp/xdp-root-shim/xdp-root-shim.c index ec66f072..6ea004cb 100644 --- a/src/glb-director-xdp/xdp-root-shim/xdp-root-shim.c +++ b/src/glb-director-xdp/xdp-root-shim/xdp-root-shim.c @@ -38,6 +38,49 @@ #include #include +static int load_xdp_program(const char *tailcall_elf_path, struct bpf_object **shim_obj, int *prog_fd) { +#if defined(LIBBPF_MAJOR_VERSION) && LIBBPF_MAJOR_VERSION >= 1 + struct bpf_program *shim_prog; + + *shim_obj = bpf_object__open_file(tailcall_elf_path, NULL); + if (libbpf_get_error(*shim_obj)) { + *shim_obj = NULL; + return -1; + } + + if (bpf_object__load(*shim_obj) != 0) { + bpf_object__close(*shim_obj); + *shim_obj = NULL; + return -1; + } + + shim_prog = bpf_object__find_program_by_name(*shim_obj, "xdp_root"); + if (shim_prog == NULL) { + bpf_object__close(*shim_obj); + *shim_obj = NULL; + return -1; + } + + *prog_fd = bpf_program__fd(shim_prog); + return *prog_fd < 0 ? -1 : 0; +#else + struct bpf_prog_load_attr prog_load_attr = { + .prog_type = BPF_PROG_TYPE_XDP, + .file = tailcall_elf_path, + }; + + return bpf_prog_load_xattr(&prog_load_attr, shim_obj, prog_fd); +#endif +} + +static int attach_xdp_program(int iface_index, int prog_fd) { +#if defined(LIBBPF_MAJOR_VERSION) && LIBBPF_MAJOR_VERSION >= 1 + return bpf_xdp_attach(iface_index, prog_fd, 0, NULL); +#else + return bpf_set_link_xdp_fd(iface_index, prog_fd, 0); +#endif +} + int main(int argc, char **argv) { if (argc != 4) { fprintf(stderr, "Usage: %s \n", argv[0]); @@ -70,16 +113,11 @@ int main(int argc, char **argv) { return 1; } - /* load the tailcall bpf */ - struct bpf_prog_load_attr prog_load_attr = { - .prog_type = BPF_PROG_TYPE_XDP, - .file = tailcall_elf_path, - }; struct bpf_object *shim_obj; int prog_fd; - if (bpf_prog_load_xattr(&prog_load_attr, &shim_obj, &prog_fd)){ - fprintf(stderr, "Could not load '%s'\n", prog_load_attr.file); + if (load_xdp_program(tailcall_elf_path, &shim_obj, &prog_fd) != 0) { + fprintf(stderr, "Could not load '%s'\n", tailcall_elf_path); return 1; } @@ -93,7 +131,7 @@ int main(int argc, char **argv) { } /* bind it to the interface with XDP */ - if (bpf_set_link_xdp_fd(iface_index, prog_fd, 0) < 0) { + if (attach_xdp_program(iface_index, prog_fd) < 0) { fprintf(stderr, "Could not attach XDP program to interface '%s'\n", iface_name); return 1; } From 5eefb0f28a6cfc6ef957d2e27b56be242f53a5b0 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 15:43:20 +0000 Subject: [PATCH 40/71] Fix focal DPDK port count compatibility --- src/glb-director/main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/glb-director/main.c b/src/glb-director/main.c index 3fd8962d..3bcd1c7c 100644 --- a/src/glb-director/main.c +++ b/src/glb-director/main.c @@ -227,7 +227,7 @@ int main(int argc, char **argv) } /* Find out how many NIC ports we have, validate that it's reasonable */ - nb_sys_ports = rte_eth_dev_count_avail(); + nb_sys_ports = rte_eth_dev_count(); if (nb_sys_ports == 0) { glb_log_error_and_exit("No supported Ethernet device found"); return -1; From 1789cbabd2a41f149d73028c5d9e75221bfa9663 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 16:10:47 +0000 Subject: [PATCH 41/71] Fix noble build by auto-detecting clang/llc versions --- src/glb-director-xdp/bpf/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/glb-director-xdp/bpf/Makefile b/src/glb-director-xdp/bpf/Makefile index fa114682..e03a0004 100644 --- a/src/glb-director-xdp/bpf/Makefile +++ b/src/glb-director-xdp/bpf/Makefile @@ -1,7 +1,7 @@ all: glb_encap.o glb_encap_trace.o passer.o tailcall.o -CLANG=clang-10 -LLC=llc-10 +CLANG ?= $(shell command -v clang-10 2>/dev/null || command -v clang-20 2>/dev/null || command -v clang-18 2>/dev/null || command -v clang 2>/dev/null) +LLC ?= $(shell command -v llc-10 2>/dev/null || command -v llc-20 2>/dev/null || command -v llc-18 2>/dev/null || command -v llc 2>/dev/null) ifeq ($(KVER),) KVER=$(shell uname -r) From efac92fa5ec91fe914c78003902f7eab1072d724 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 16:20:33 +0000 Subject: [PATCH 42/71] fix: add generated x86 header include for xdp bpf build --- src/glb-director-xdp/bpf/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/src/glb-director-xdp/bpf/Makefile b/src/glb-director-xdp/bpf/Makefile index e03a0004..2ec33abf 100644 --- a/src/glb-director-xdp/bpf/Makefile +++ b/src/glb-director-xdp/bpf/Makefile @@ -18,6 +18,7 @@ endif -Werror \ -include /usr/src/linux-headers-$(KVER:-amd64=-common)/include/linux/kconfig.h \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include/uapi \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include/uapi \ From 20f91f17cabf1d1c039814d1edba0648a94a11eb Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 18:51:16 +0000 Subject: [PATCH 43/71] Fix noble XDP BPF build for bool/size_t kernel headers --- src/glb-director-xdp/bpf/Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/glb-director-xdp/bpf/Makefile b/src/glb-director-xdp/bpf/Makefile index 2ec33abf..8dabb0ed 100644 --- a/src/glb-director-xdp/bpf/Makefile +++ b/src/glb-director-xdp/bpf/Makefile @@ -17,6 +17,8 @@ endif -Wno-pointer-sign \ -Werror \ -include /usr/src/linux-headers-$(KVER:-amd64=-common)/include/linux/kconfig.h \ + -include stdbool.h \ + -include stddef.h \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ From 7d2a9dc1d073ce704b14a13124fcca46006cdae1 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 18:56:52 +0000 Subject: [PATCH 44/71] Fix xdp build by defining debug symbol --- src/glb-director-xdp/debug.c | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 src/glb-director-xdp/debug.c diff --git a/src/glb-director-xdp/debug.c b/src/glb-director-xdp/debug.c new file mode 100644 index 00000000..f3994065 --- /dev/null +++ b/src/glb-director-xdp/debug.c @@ -0,0 +1,3 @@ +#include + +bool debug = false; From 457c012777e1f913ba6f95dfdd0a34c9138ea59d Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 19:05:13 +0000 Subject: [PATCH 45/71] Fix xdp package build by building full Go package --- src/glb-director-xdp/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/glb-director-xdp/Makefile b/src/glb-director-xdp/Makefile index 46d72c37..f2f6e08d 100644 --- a/src/glb-director-xdp/Makefile +++ b/src/glb-director-xdp/Makefile @@ -1,8 +1,8 @@ all: make -C xdp-root-shim/ make -C bpf/ - go build -buildvcs=false -o glb-director-xdp main.go + go build -buildvcs=false -o glb-director-xdp . clean: make -C bpf/ clean - rm -rf glb-director-xdp \ No newline at end of file + rm -rf glb-director-xdp From 3102806c23ca7dd08631d0ed9ffb77a031314740 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 19:35:34 +0000 Subject: [PATCH 46/71] Fix noble glb-director package build compatibility --- src/glb-director/Makefile | 6 ++-- src/glb-director/config.h | 40 +++++++++++++++++++++++++++ src/glb-director/glb_processor_loop.c | 15 ++++++---- src/glb-director/main.c | 18 +++++++++++- 4 files changed, 69 insertions(+), 10 deletions(-) diff --git a/src/glb-director/Makefile b/src/glb-director/Makefile index 35f7ee6f..20080903 100644 --- a/src/glb-director/Makefile +++ b/src/glb-director/Makefile @@ -46,7 +46,7 @@ ifeq ($(wildcard $(RTE_SDK)/mk/rte.vars.mk),) CFLAGS += $(shell pkg-config --cflags libdpdk) CFLAGS += -O3 -g -pie -fPIE -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 -fstack-protector-strong CFLAGS += -DSTATSD -DSYSTEMD - CFLAGS += -I$(SRCDIR)/../ + CFLAGS += -I$(CURDIR)/.. LDFLAGS += $(shell pkg-config --libs libdpdk) LDFLAGS += -z relro -z now -ljansson -lsystemd @@ -70,10 +70,10 @@ else CFLAGS += -O3 -g CFLAGS += -pie -fPIE -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 -fstack-protector-strong CFLAGS += -DSTATSD -DSYSTEMD - CFLAGS += -I$(SRCDIR)/../ + CFLAGS += -I$(CURDIR)/.. LDFLAGS += -z relro -z now -ljansson -lsystemd CONFIG_RTE_LIBRTE_PMD_XENVIRT = n include $(RTE_SDK)/mk/rte.extapp.mk -endif \ No newline at end of file +endif diff --git a/src/glb-director/config.h b/src/glb-director/config.h index bd642bae..e11831e6 100644 --- a/src/glb-director/config.h +++ b/src/glb-director/config.h @@ -31,6 +31,8 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include + /* Macros for printing using RTE_LOG */ #define RTE_LOGTYPE_APP RTE_LOGTYPE_USER1 @@ -38,6 +40,14 @@ #include #include #include +#include +#include +#if __has_include() && RTE_VERSION >= RTE_VERSION_NUM(23, 3, 0, 0) +#include +#define GLB_HAVE_MBUF_USERDATA_DYNFIELD 1 +#else +#define GLB_HAVE_MBUF_USERDATA_DYNFIELD 0 +#endif #endif /* Max size of a single packet */ @@ -188,6 +198,12 @@ #endif #endif +#if RTE_VERSION >= RTE_VERSION_NUM(18, 11, 0, 0) +#define GLB_ETH_DEV_COUNT() rte_eth_dev_count_avail() +#else +#define GLB_ETH_DEV_COUNT() rte_eth_dev_count() +#endif + #ifndef RTE_LCORE_FOREACH_SLAVE #define RTE_LCORE_FOREACH_SLAVE RTE_LCORE_FOREACH_WORKER #endif @@ -204,4 +220,28 @@ #else #define GLB_HAVE_KNI 0 #endif + +#if GLB_HAVE_MBUF_USERDATA_DYNFIELD +extern int glb_mbuf_userdata_offset; + +static inline void glb_mbuf_set_userdata(struct rte_mbuf *mbuf, uint64_t value) +{ + *RTE_MBUF_DYNFIELD(mbuf, glb_mbuf_userdata_offset, uint64_t *) = value; +} + +static inline uint64_t glb_mbuf_get_userdata(const struct rte_mbuf *mbuf) +{ + return *RTE_MBUF_DYNFIELD(mbuf, glb_mbuf_userdata_offset, const uint64_t *); +} +#else +static inline void glb_mbuf_set_userdata(struct rte_mbuf *mbuf, uint64_t value) +{ + mbuf->udata64 = value; +} + +static inline uint64_t glb_mbuf_get_userdata(const struct rte_mbuf *mbuf) +{ + return mbuf->udata64; +} +#endif #endif /* NO_DPDK */ diff --git a/src/glb-director/glb_processor_loop.c b/src/glb-director/glb_processor_loop.c index 5a306994..7adf0c3d 100644 --- a/src/glb-director/glb_processor_loop.c +++ b/src/glb-director/glb_processor_loop.c @@ -129,7 +129,8 @@ static inline uint32_t processor_burst_rx_on_flows(struct glb_processor_ctx *ctx for (i = 0; i < nb_rx; i++) { // remember which flow this came from - pkts_burst[total_rx + i]->udata64 = TARGET_FLOW_PATH(f); + glb_mbuf_set_userdata(pkts_burst[total_rx + i], + TARGET_FLOW_PATH(f)); } rte_atomic64_add(&ctx->metrics.total_packet_count, nb_rx); @@ -224,7 +225,7 @@ static inline int processor_rx_dist_tx(struct glb_processor_ctx *ctx) // shard out the returned packets over their flow paths for (i = 0; i < nb_ret; i++) { struct rte_mbuf *pkt = pkts_burst[i]; - int target = pkt->udata64; + int target = glb_mbuf_get_userdata(pkt); if (unlikely(target == TARGET_KNI && perform_kni)) { if (perform_kni) { @@ -324,7 +325,7 @@ static inline int processor_worker(struct glb_processor_ctx *ctx) rte_lcore_id()); for (i = 0; i < num_pkts; i++) { // mark as destined for drop, don't forward - pkts_burst[i]->udata64 = TARGET_DROP; + glb_mbuf_set_userdata(pkts_burst[i], TARGET_DROP); } rte_atomic64_add( &ctx->metrics.classification_failures, @@ -344,7 +345,7 @@ static inline int processor_worker(struct glb_processor_ctx *ctx) rte_lcore_id(), i, num_pkts); #endif - pkts_burst[i]->udata64 = TARGET_KNI; + glb_mbuf_set_userdata(pkts_burst[i], TARGET_KNI); rte_atomic64_inc(&ctx->metrics.kni_packet_count); } else { int table = CLASSIFIED_TABLE(classifications[i]); @@ -371,7 +372,8 @@ static inline int processor_worker(struct glb_processor_ctx *ctx) #endif } else { // free the packet, we're dropping it - pkts_burst[i]->udata64 = TARGET_DROP; + glb_mbuf_set_userdata(pkts_burst[i], + TARGET_DROP); rte_atomic64_add(&ctx->metrics.encap_failures, 1); #ifdef TRACE_PACKET_FLOW glb_log_debug( @@ -383,7 +385,8 @@ static inline int processor_worker(struct glb_processor_ctx *ctx) #ifdef TRACE_PACKET_FLOW glb_log_debug( "lcore-%u: -> -> target is %d", - rte_lcore_id(), pkts_burst[i]->udata64); + rte_lcore_id(), + glb_mbuf_get_userdata(pkts_burst[i])); #endif } } diff --git a/src/glb-director/main.c b/src/glb-director/main.c index 3bcd1c7c..6b9d1a52 100644 --- a/src/glb-director/main.c +++ b/src/glb-director/main.c @@ -105,6 +105,7 @@ char forwarding_table[256]; int port_num_queues[MAX_KNI_PORTS]; glb_kni *kni_ports[MAX_KNI_PORTS] = {NULL}; +int glb_mbuf_userdata_offset = -1; /* Use an array of pointers rather than a contiguous array of structs * so that the pointers can be allocated separately, keeping them core-local. @@ -207,6 +208,21 @@ int main(int argc, char **argv) argc -= ret; argv += ret; +#if GLB_HAVE_MBUF_USERDATA_DYNFIELD + static const struct rte_mbuf_dynfield glb_mbuf_userdata_dynfield = { + .name = "glb_mbuf_userdata", + .size = sizeof(uint64_t), + .align = __alignof__(uint64_t), + .flags = 0, + }; + + glb_mbuf_userdata_offset = + rte_mbuf_dynfield_register(&glb_mbuf_userdata_dynfield); + if (glb_mbuf_userdata_offset < 0) { + glb_log_error_and_exit("Could not register mbuf userdata field"); + } +#endif + /* Find any command line options */ get_options(config_file, forwarding_table, argc, argv); @@ -227,7 +243,7 @@ int main(int argc, char **argv) } /* Find out how many NIC ports we have, validate that it's reasonable */ - nb_sys_ports = rte_eth_dev_count(); + nb_sys_ports = GLB_ETH_DEV_COUNT(); if (nb_sys_ports == 0) { glb_log_error_and_exit("No supported Ethernet device found"); return -1; From 84aa012922fa1baefae96d0ebab751873d12abf7 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 19:49:06 +0000 Subject: [PATCH 47/71] Fix focal legacy build include path resolution --- src/glb-director/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/glb-director/Makefile b/src/glb-director/Makefile index 20080903..893a09c6 100644 --- a/src/glb-director/Makefile +++ b/src/glb-director/Makefile @@ -70,7 +70,7 @@ else CFLAGS += -O3 -g CFLAGS += -pie -fPIE -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 -fstack-protector-strong CFLAGS += -DSTATSD -DSYSTEMD - CFLAGS += -I$(CURDIR)/.. + CFLAGS += -I$(SRCDIR)/.. LDFLAGS += -z relro -z now -ljansson -lsystemd CONFIG_RTE_LIBRTE_PMD_XENVIRT = n From 52b9b488c2b7c5b091387beadcc637f962898fb5 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 15 May 2026 20:00:13 +0000 Subject: [PATCH 48/71] Install Python test dependencies in focal CI image --- script/Dockerfile.focal | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/script/Dockerfile.focal b/script/Dockerfile.focal index 74b61d76..0ec7ddcb 100644 --- a/script/Dockerfile.focal +++ b/script/Dockerfile.focal @@ -2,6 +2,11 @@ FROM ubuntu:focal RUN apt-get update && apt-get -y install curl git +# Python testing dependencies +RUN apt-get update && apt-get install -y python3-pip +COPY requirements.txt /tmp/requirements.txt +RUN pip3 install --no-cache-dir -r /tmp/requirements.txt + # DPDK RUN echo "deb http://dk.archive.ubuntu.com/ubuntu/ bionic main universe" >> /etc/apt/sources.list ARG DEBIAN_FRONTEND=noninteractive From 87928229455ef9b2f9bc833bc3245b5f6120d28b Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Fri, 15 May 2026 16:08:39 -0400 Subject: [PATCH 49/71] Revert "Install Python test dependencies in focal CI image" This reverts commit 52b9b488c2b7c5b091387beadcc637f962898fb5. --- script/Dockerfile.focal | 5 ----- 1 file changed, 5 deletions(-) diff --git a/script/Dockerfile.focal b/script/Dockerfile.focal index 0ec7ddcb..74b61d76 100644 --- a/script/Dockerfile.focal +++ b/script/Dockerfile.focal @@ -2,11 +2,6 @@ FROM ubuntu:focal RUN apt-get update && apt-get -y install curl git -# Python testing dependencies -RUN apt-get update && apt-get install -y python3-pip -COPY requirements.txt /tmp/requirements.txt -RUN pip3 install --no-cache-dir -r /tmp/requirements.txt - # DPDK RUN echo "deb http://dk.archive.ubuntu.com/ubuntu/ bionic main universe" >> /etc/apt/sources.list ARG DEBIAN_FRONTEND=noninteractive From 0f5fda754c0d7be7cf23104c682279047c9cc1db Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Fri, 15 May 2026 17:07:22 -0400 Subject: [PATCH 50/71] Enable running docker test suite locally --- script/Dockerfile.focal | 14 +++++++++----- script/Dockerfile.noble | 13 +++++++++---- script/test-local | 42 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 60 insertions(+), 9 deletions(-) create mode 100755 script/test-local diff --git a/script/Dockerfile.focal b/script/Dockerfile.focal index 74b61d76..ee5eb853 100644 --- a/script/Dockerfile.focal +++ b/script/Dockerfile.focal @@ -1,14 +1,14 @@ FROM ubuntu:focal -RUN apt-get update && apt-get -y install curl git +ARG DEBIAN_FRONTEND=noninteractive + +RUN apt-get update && apt-get -y install curl git software-properties-common +RUN add-apt-repository universe # DPDK -RUN echo "deb http://dk.archive.ubuntu.com/ubuntu/ bionic main universe" >> /etc/apt/sources.list -ARG DEBIAN_FRONTEND=noninteractive -RUN apt-get update && apt-get install -y build-essential dpdk=17.11.1-6 dpdk-dev=17.11.1-6 libdpdk-dev=17.11.1-6 wget pkg-config libjansson-dev libsystemd-dev clang-tools-10 +RUN apt-get update && apt-get install -y build-essential dpdk=19.11.14-0ubuntu0.20.04.1 dpdk-dev=19.11.14-0ubuntu0.20.04.1 libdpdk-dev=19.11.14-0ubuntu0.20.04.1 wget pkg-config libjansson-dev libsystemd-dev clang-tools-10 # iptables / DKMS -ARG DEBIAN_FRONTEND=noninteractive RUN apt-get update && apt-get install -y -f wget pkg-config libsystemd-dev dkms debhelper libxtables-dev # golang @@ -25,6 +25,10 @@ RUN gem install --version 2.7.6 dotenv RUN gem install ffi -f RUN gem install rake fpm +# Python / nosetests for scapy tests +RUN apt-get update && apt-get install -y python3 python3-pip python3-nose python3-scapy +RUN ln -sf /usr/bin/python3 /usr/bin/python && ln -sf $(which nosetests3) /usr/local/bin/nosetests + # XDP # linux-libc-dev must be upgraded to get a bpf.h that matches what we use. the rest match what we do in Vagrant for testing. RUN apt-get update && apt install -y apt-transport-https curl software-properties-common diff --git a/script/Dockerfile.noble b/script/Dockerfile.noble index f4c16ca2..94d6e59b 100644 --- a/script/Dockerfile.noble +++ b/script/Dockerfile.noble @@ -1,9 +1,11 @@ FROM ubuntu:noble -RUN apt-get update && apt-get -y install curl git - -# DPDK ARG DEBIAN_FRONTEND=noninteractive + +RUN apt-get update && apt-get -y install curl git software-properties-common +RUN add-apt-repository universe + +# DPDK RUN apt-get update RUN apt-get install --assume-yes \ build-essential \ @@ -17,7 +19,6 @@ RUN apt-get install --assume-yes \ clang-tools-18 # iptables / DKMS -ARG DEBIAN_FRONTEND=noninteractive RUN apt-get update RUN apt-get install --assume-yes --fix-broken \ wget \ @@ -41,6 +42,10 @@ RUN gem install --version 2.7.6 dotenv RUN gem install ffi -f RUN gem install rake fpm +# Python / nosetests for scapy tests +RUN apt-get update && apt-get install -y python3 python3-pip python3-nose python3-scapy +RUN ln -sf /usr/bin/python3 /usr/bin/python && ln -sf $(which nosetests3) /usr/local/bin/nosetests + # XDP # linux-libc-dev must be upgraded to get a bpf.h that matches what we use. the rest match what we do in Vagrant for testing. RUN apt-get update && apt install -y apt-transport-https curl software-properties-common diff --git a/script/test-local b/script/test-local new file mode 100755 index 00000000..4f0b1ff0 --- /dev/null +++ b/script/test-local @@ -0,0 +1,42 @@ +#!/bin/bash + +set -e + +DISTRO="${1}" + +if [[ -z "$DISTRO" ]]; then + echo "Usage: $0 " + echo " e.g. $0 focal" + echo " e.g. $0 noble" + exit 1 +fi + +HOSTPATH=$(cd "$(dirname "$0")/.." && pwd) +IMAGE="glb-director-build-${DISTRO}:latest" +DOCKERFILE="script/Dockerfile.${DISTRO}" + +if [[ ! -f "${HOSTPATH}/${DOCKERFILE}" ]]; then + echo "ERROR: Dockerfile not found: ${DOCKERFILE}" + exit 1 +fi + +cd "$HOSTPATH" + +echo "==> Building Docker image for ${DISTRO}..." +docker build --file "${DOCKERFILE}" --tag "${IMAGE}" . + +TEST_SUITES=(director director-xdp healthcheck redirect) + +for suite in "${TEST_SUITES[@]}"; do + echo "" + echo "==> Running test suite: glb-${suite} (${DISTRO})" + docker run --rm \ + --privileged \ + --volume "$(pwd):/workspace" \ + --workdir /workspace \ + "${IMAGE}" \ + bash -c "cd /workspace/src/glb-${suite} && script/test" +done + +echo "" +echo "==> All test suites passed for ${DISTRO}." From 37a7a337ba98570d6735a62ddb08274ae79e8767 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Fri, 15 May 2026 17:16:25 -0400 Subject: [PATCH 51/71] Improve local testing --- script/Dockerfile.focal | 2 +- script/Dockerfile.noble | 2 +- script/test-local | 3 ++- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/script/Dockerfile.focal b/script/Dockerfile.focal index ee5eb853..f3b462e1 100644 --- a/script/Dockerfile.focal +++ b/script/Dockerfile.focal @@ -12,7 +12,7 @@ RUN apt-get update && apt-get install -y build-essential dpdk=19.11.14-0ubuntu0. RUN apt-get update && apt-get install -y -f wget pkg-config libsystemd-dev dkms debhelper libxtables-dev # golang -RUN wget --quiet https://golang.org/dl/go1.24.5.linux-amd64.tar.gz -O- | tar -C /usr/local -zxvf - +RUN ARCH=$(dpkg --print-architecture) && wget --quiet https://golang.org/dl/go1.24.5.linux-${ARCH}.tar.gz -O- | tar -C /usr/local -zxvf - ENV GOROOT /usr/local/go ENV GOPATH /go ENV PATH="${GOPATH}/bin:${GOROOT}/bin:${PATH}" diff --git a/script/Dockerfile.noble b/script/Dockerfile.noble index 94d6e59b..199c0992 100644 --- a/script/Dockerfile.noble +++ b/script/Dockerfile.noble @@ -29,7 +29,7 @@ RUN apt-get install --assume-yes --fix-broken \ libxtables-dev # golang -RUN wget --quiet https://golang.org/dl/go1.24.5.linux-amd64.tar.gz -O- | tar -C /usr/local -zxvf - +RUN ARCH=$(dpkg --print-architecture) && wget --quiet https://golang.org/dl/go1.24.5.linux-${ARCH}.tar.gz -O- | tar -C /usr/local -zxvf - ENV GOROOT /usr/local/go ENV GOPATH /go ENV PATH="${GOPATH}/bin:${GOROOT}/bin:${PATH}" diff --git a/script/test-local b/script/test-local index 4f0b1ff0..76fb2ec3 100755 --- a/script/test-local +++ b/script/test-local @@ -23,7 +23,7 @@ fi cd "$HOSTPATH" echo "==> Building Docker image for ${DISTRO}..." -docker build --file "${DOCKERFILE}" --tag "${IMAGE}" . +docker build --platform linux/amd64 --file "${DOCKERFILE}" --tag "${IMAGE}" . TEST_SUITES=(director director-xdp healthcheck redirect) @@ -31,6 +31,7 @@ for suite in "${TEST_SUITES[@]}"; do echo "" echo "==> Running test suite: glb-${suite} (${DISTRO})" docker run --rm \ + --platform linux/amd64 \ --privileged \ --volume "$(pwd):/workspace" \ --workdir /workspace \ From ec617545aab989f23459ca81beb5def97ded816c Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 11:17:10 -0400 Subject: [PATCH 52/71] Use DPDK --- script/Dockerfile.focal | 6 ++++-- script/Dockerfile.noble | 1 + 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/script/Dockerfile.focal b/script/Dockerfile.focal index f3b462e1..80f6d06c 100644 --- a/script/Dockerfile.focal +++ b/script/Dockerfile.focal @@ -5,8 +5,9 @@ ARG DEBIAN_FRONTEND=noninteractive RUN apt-get update && apt-get -y install curl git software-properties-common RUN add-apt-repository universe -# DPDK -RUN apt-get update && apt-get install -y build-essential dpdk=19.11.14-0ubuntu0.20.04.1 dpdk-dev=19.11.14-0ubuntu0.20.04.1 libdpdk-dev=19.11.14-0ubuntu0.20.04.1 wget pkg-config libjansson-dev libsystemd-dev clang-tools-10 +# DPDK (use 17.11 from bionic for API compatibility) +RUN echo "deb [trusted=yes] http://dk.archive.ubuntu.com/ubuntu/ bionic main universe" >> /etc/apt/sources.list +RUN apt-get update && apt-get install -y build-essential dpdk=17.11.1-6 dpdk-dev=17.11.1-6 libdpdk-dev=17.11.1-6 wget pkg-config libjansson-dev libsystemd-dev clang-tools-10 # iptables / DKMS RUN apt-get update && apt-get install -y -f wget pkg-config libsystemd-dev dkms debhelper libxtables-dev @@ -27,6 +28,7 @@ RUN gem install rake fpm # Python / nosetests for scapy tests RUN apt-get update && apt-get install -y python3 python3-pip python3-nose python3-scapy +RUN pip3 install siphash RUN ln -sf /usr/bin/python3 /usr/bin/python && ln -sf $(which nosetests3) /usr/local/bin/nosetests # XDP diff --git a/script/Dockerfile.noble b/script/Dockerfile.noble index 199c0992..9cb36c3b 100644 --- a/script/Dockerfile.noble +++ b/script/Dockerfile.noble @@ -44,6 +44,7 @@ RUN gem install rake fpm # Python / nosetests for scapy tests RUN apt-get update && apt-get install -y python3 python3-pip python3-nose python3-scapy +RUN pip3 install --break-system-packages siphash RUN ln -sf /usr/bin/python3 /usr/bin/python && ln -sf $(which nosetests3) /usr/local/bin/nosetests # XDP From 156523425869fcbbb102a64c5361474731ab270a Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 14:03:12 -0400 Subject: [PATCH 53/71] Python compatabiltiy --- script/Dockerfile.focal | 4 +- script/Dockerfile.noble | 7 +- src/glb-director-xdp/bpf/Makefile | 27 +++++ src/glb-director-xdp/bpf/bpf_helpers.h | 1 + src/glb-director-xdp/bpf/tailcall.c | 14 +-- src/glb-director-xdp/script/test | 19 ++++ src/glb-director/script/test | 53 +++++---- src/glb-director/tests/glb_test_utils.py | 46 +++++--- src/glb-director/tests/test-config.json | 104 +++++++++--------- src/glb-director/tests/test_cli_tool.py | 17 +-- .../tests/test_director_classify_ranges_v4.py | 3 +- .../tests/test_director_classify_ranges_v6.py | 3 +- .../tests/test_director_classify_v4.py | 3 +- .../tests/test_director_classify_v6.py | 5 +- .../tests/test_director_hash_fields.py | 3 +- src/glb-director/tests/test_director_kni.py | 3 +- .../tests/test_director_metrics.py | 3 +- .../tests/test_rendezvous_table.py | 15 +-- .../tests/test_glb_redirect_v4_on_v4.py | 5 +- .../tests/test_glb_redirect_v6_on_v4.py | 3 +- src/scapy-glb-gue/glb_scapy/__init__.py | 2 +- 21 files changed, 211 insertions(+), 129 deletions(-) diff --git a/script/Dockerfile.focal b/script/Dockerfile.focal index 80f6d06c..49972b93 100644 --- a/script/Dockerfile.focal +++ b/script/Dockerfile.focal @@ -27,8 +27,8 @@ RUN gem install ffi -f RUN gem install rake fpm # Python / nosetests for scapy tests -RUN apt-get update && apt-get install -y python3 python3-pip python3-nose python3-scapy -RUN pip3 install siphash +RUN apt-get update && apt-get install -y python3 python3-pip python3-nose python3-scapy netcat-openbsd +RUN pip3 install siphash 'pyroute2<0.7' netaddr RUN ln -sf /usr/bin/python3 /usr/bin/python && ln -sf $(which nosetests3) /usr/local/bin/nosetests # XDP diff --git a/script/Dockerfile.noble b/script/Dockerfile.noble index 9cb36c3b..2153ec56 100644 --- a/script/Dockerfile.noble +++ b/script/Dockerfile.noble @@ -43,8 +43,8 @@ RUN gem install ffi -f RUN gem install rake fpm # Python / nosetests for scapy tests -RUN apt-get update && apt-get install -y python3 python3-pip python3-nose python3-scapy -RUN pip3 install --break-system-packages siphash +RUN apt-get update && apt-get install -y python3 python3-pip python3-nose python3-scapy netcat-openbsd +RUN pip3 install --break-system-packages siphash pyroute2 netaddr RUN ln -sf /usr/bin/python3 /usr/bin/python && ln -sf $(which nosetests3) /usr/local/bin/nosetests # XDP @@ -52,6 +52,9 @@ RUN ln -sf /usr/bin/python3 /usr/bin/python && ln -sf $(which nosetests3) /usr/l RUN apt-get update && apt install -y apt-transport-https curl software-properties-common RUN apt-get update && apt install -y iproute2 libbpf-dev linux-libc-dev clang-20 +# libbpf.so.0 compat symlink (noble ships libbpf.so.1 but xdp-root-shim links against .0) +RUN ln -sf /usr/lib/x86_64-linux-gnu/libbpf.so.1 /usr/lib/x86_64-linux-gnu/libbpf.so.0 + # Hack because the kernel headers are not installed in the right place (linuxkit vs generic) RUN ln -s /usr/src/$(ls /usr/src/ | grep generic) /usr/src/linux-headers-$(uname -r) diff --git a/src/glb-director-xdp/bpf/Makefile b/src/glb-director-xdp/bpf/Makefile index 8dabb0ed..3a838919 100644 --- a/src/glb-director-xdp/bpf/Makefile +++ b/src/glb-director-xdp/bpf/Makefile @@ -21,6 +21,7 @@ endif -include stddef.h \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated/uapi \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include/uapi \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include/uapi \ @@ -32,5 +33,31 @@ endif $(LLC) -march=bpf -filetype=obj -o $@ .tmp.ll rm .tmp.ll +# tailcall.o uses BTF-defined maps (.maps section) which requires BTF debug info +# Compile directly to BPF target with -g to generate BTF +tailcall.o: tailcall.c + $(CLANG) -target bpf -c -O2 -g -D__KERNEL__ \ + -Wall \ + -Wno-gnu-variable-sized-type-not-at-end \ + -Wno-address-of-packed-member \ + -Wno-tautological-compare \ + -Wno-unknown-warning-option \ + -Wno-pointer-sign \ + -Werror \ + -include /usr/src/linux-headers-$(KVER:-amd64=-common)/include/linux/kconfig.h \ + -include stdbool.h \ + -include stddef.h \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated/uapi \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include/uapi \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include/uapi \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include \ + -I /usr/src/linux-headers-$(KVER)/include \ + -I include/ \ + -I ../.. \ + -o $@ $< + clean: rm -rf *.o diff --git a/src/glb-director-xdp/bpf/bpf_helpers.h b/src/glb-director-xdp/bpf/bpf_helpers.h index 864b40d2..163d9476 100644 --- a/src/glb-director-xdp/bpf/bpf_helpers.h +++ b/src/glb-director-xdp/bpf/bpf_helpers.h @@ -6,6 +6,7 @@ #define __uint(name, val) int (*name)[val] #define __type(name, val) typeof(val) *name +#define __array(name, val) typeof(val) *name[] /* Helper macro to print out debug messages */ #define bpf_printk(fmt, ...) \ diff --git a/src/glb-director-xdp/bpf/tailcall.c b/src/glb-director-xdp/bpf/tailcall.c index 92b330da..e4246be3 100644 --- a/src/glb-director-xdp/bpf/tailcall.c +++ b/src/glb-director-xdp/bpf/tailcall.c @@ -19,14 +19,14 @@ #define ROOT_ARRAY_SIZE 3 -struct bpf_map_def SEC("maps") root_array = { - .type = BPF_MAP_TYPE_PROG_ARRAY, - .key_size = sizeof(__u32), - .value_size = sizeof(__u32), - .max_entries = ROOT_ARRAY_SIZE, -}; +struct { + __uint(type, BPF_MAP_TYPE_PROG_ARRAY); + __uint(key_size, sizeof(__u32)); + __uint(value_size, sizeof(__u32)); + __uint(max_entries, ROOT_ARRAY_SIZE); +} root_array SEC(".maps"); -SEC("xdp-root") +SEC("xdp") int xdp_root(struct xdp_md *ctx) { #pragma clang loop unroll(full) for (__u32 i = 0; i < ROOT_ARRAY_SIZE; i++) { diff --git a/src/glb-director-xdp/script/test b/src/glb-director-xdp/script/test index f1107bfc..2e945eec 100755 --- a/src/glb-director-xdp/script/test +++ b/src/glb-director-xdp/script/test @@ -40,9 +40,28 @@ export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin . ../../script/helpers/folding.sh +# Ensure BPF filesystem is mounted (needed for XDP map pinning) +if ! mount | grep -q 'type bpf'; then + mount -t bpf bpf /sys/fs/bpf || true +fi + +# If kernel headers for the running kernel aren't available, find what we have +if [ ! -d "/usr/src/linux-headers-$(uname -r)" ]; then + AVAILABLE_HEADERS=$(ls -d /usr/src/linux-headers-*-generic 2>/dev/null | head -1 || true) + if [ -n "$AVAILABLE_HEADERS" ]; then + # Extract the version from the available headers path + AVAILABLE_KVER=$(basename "$AVAILABLE_HEADERS") + AVAILABLE_KVER="${AVAILABLE_KVER#linux-headers-}" + export KVER="$AVAILABLE_KVER" + echo "Using kernel headers version: $KVER" + fi +fi + begin_fold "Building glb-director-xdp for testing" ( make -j4 -C ../glb-director/cli + make clean + rm -f xdp-root-shim/xdp-root-shim make # scan-build bricks go ) end_fold diff --git a/src/glb-director/script/test b/src/glb-director/script/test index e8eff851..7774fa68 100755 --- a/src/glb-director/script/test +++ b/src/glb-director/script/test @@ -62,31 +62,40 @@ end_fold begin_fold "Running scapy packet tests against glb-director" ( - PYTHONPATH=$(pwd)/../scapy-glb-gue/:$PYTHONPATH nosetests -v -a '!director_type' -a 'director_type=dpdk' + if [ -e /dev/kni ]; then + PYTHONPATH=$(pwd)/../scapy-glb-gue/:$PYTHONPATH nosetests -v -a '!director_type' -a 'director_type=dpdk' + else + echo "Skipping DPDK director tests (no /dev/kni available, running non-DPDK tests only)" + PYTHONPATH=$(pwd)/../scapy-glb-gue/:$PYTHONPATH nosetests -v tests/test_cli_tool.py tests/test_rendezvous_table.py + fi ) end_fold -begin_fold "Running glb-director config tests" -( - bash tests/config_check.sh -) -end_fold +if [ -e /dev/kni ] || grep -q huge /proc/mounts 2>/dev/null; then + begin_fold "Running glb-director config tests" + ( + bash tests/config_check.sh + ) + end_fold -begin_fold "Running pcap tests" -( - # needs hugepages run after other tests since its already set up - bash tests/pcap_tests.sh -) -end_fold + begin_fold "Running pcap tests" + ( + # needs hugepages run after other tests since its already set up + bash tests/pcap_tests.sh + ) + end_fold -begin_fold "valgrind tests" -( - bash tests/valgrind_check.sh -) -end_fold + begin_fold "valgrind tests" + ( + bash tests/valgrind_check.sh + ) + end_fold -begin_fold "stub server tests" -( - bash tests/stub_server_tests.sh -) -end_fold + begin_fold "stub server tests" + ( + bash tests/stub_server_tests.sh + ) + end_fold +else + echo "Skipping config_check/pcap/valgrind/stub_server tests (no DPDK environment available)" +fi diff --git a/src/glb-director/tests/glb_test_utils.py b/src/glb-director/tests/glb_test_utils.py index e0bae561..17d134f1 100644 --- a/src/glb-director/tests/glb_test_utils.py +++ b/src/glb-director/tests/glb_test_utils.py @@ -17,10 +17,18 @@ import logging logging.getLogger("scapy.runtime").setLevel(logging.ERROR) +logging.getLogger("pyroute2").setLevel(logging.WARNING) +logging.getLogger("pyroute2.netlink").setLevel(logging.WARNING) +logging.getLogger("pyroute2.netlink.core").setLevel(logging.WARNING) +logging.getLogger("asyncio").setLevel(logging.WARNING) -from scapy.all import sniff, sendp, Ether, IP, IPv6, L2ListenSocket, MTU, Packet, UDP, TCP, bind_layers, ICMP, ICMPv6PacketTooBig +from scapy.all import sniff, sendp, Ether, IP, IPv6, MTU, Packet, UDP, TCP, bind_layers, ICMP, ICMPv6PacketTooBig +from scapy.arch.linux import L2ListenSocket from pyroute2 import IPRoute, NetlinkError -from nose.tools import assert_equals + +def assert_equals(a, b): + assert a == b, "%r != %r" % (a, b) + import subprocess, time import signal from contextlib import contextmanager @@ -75,7 +83,7 @@ def setup(self, iface): '--config-file', './tests/director-config.json', '--forwarding-table', './tests/test-tables.bin' ], - stdout=open('director-output.txt', 'wba'), + stdout=open('director-output.txt', 'ab'), stderr=subprocess.STDOUT, ) @@ -135,13 +143,13 @@ def updated_env(self): def wait(self): # wait for it to notify that it's actually bound to the iface. - self.notify_sock.settimeout(2) + self.notify_sock.settimeout(10) try: data, addr = self.notify_sock.recvfrom(32) - assert data == 'READY=1' # only thing it will send - except socket.timeout: + assert data == b'READY=1' # only thing it will send + except (socket.timeout, TimeoutError) as e: print('notify ready timed out') - raise Exception('Timeout while waiting for director to signal ready, did it crash?\n\n' + open('director-output.txt', 'rb').read()) + raise Exception('Timeout while waiting for director to signal ready, did it crash?\n\n' + open('director-output.txt', 'rb').read().decode('utf-8', errors='replace')) self.notify_sock.close() @@ -167,7 +175,7 @@ def setup(self, iface): '/sys/fs/bpf/root_array@' + iface, iface, ], - stdout=open('director-output.txt', 'wba'), + stdout=open('director-output.txt', 'ab'), stderr=subprocess.STDOUT, env=notify_shim.updated_env(), ) @@ -189,7 +197,7 @@ def launch_director(self): '--forwarding-table', os.path.abspath('./tests/test-tables.bin'), '--bpf-program', os.path.abspath('../glb-director-xdp/bpf/glb_encap.o'), ], - stdout=open('director-output.txt', 'wba'), + stdout=open('director-output.txt', 'ab'), stderr=subprocess.STDOUT, env=notify_director.updated_env(), ) @@ -299,7 +307,7 @@ def get_initial_director_config(cls): @classmethod def update_running_forwarding_tables(cls, config): - f = open('tests/test-tables.json', 'wb') + f = open('tests/test-tables.json', 'w') f.write(json.dumps(config, indent=4)) f.close() @@ -334,7 +342,7 @@ def setup_class(cls): GLBDirectorTestBase.py_side_mac = dict(ip.link('get', index=ip.link_lookup(ifname=cls.IFACE_NAME_PY))[0]['attrs'])['IFLA_ADDRESS'] - with open('tests/director-config.json', 'wb') as f: + with open('tests/director-config.json', 'w') as f: f.write(json.dumps(cls.get_initial_director_config(), indent=4)) # set up a statsd receiver @@ -375,7 +383,7 @@ def sendp(self, *args, **kwargs): sendp(*args, **kwargs) def wait_for_packet(self, iface, condition, timeout_seconds=5): - print('Waiting for packets on', iface.iff, 'with timeout', timeout_seconds) + print('Waiting for packets on', getattr(iface, 'iface', getattr(iface, 'iff', '?')), 'with timeout', timeout_seconds) try: with timeout(timeout_seconds): while True: @@ -388,7 +396,7 @@ def wait_for_packet(self, iface, condition, timeout_seconds=5): sys.stdout.write('-' * 50 + '\n') sys.stdout.write('Output from glb-director-ng\n') sys.stdout.write('-' * 50 + '\n') - sys.stdout.write(d.read()) + sys.stdout.write(d.read().decode('utf-8', errors='replace')) sys.stdout.write('-' * 50 + '\n') raise @@ -400,6 +408,8 @@ def stream_statsd_metrics(self, timeout=0): return # nothing more to receive, we timed out else: block, _ = s.recvfrom(4096) + if isinstance(block, bytes): + block = block.decode('utf-8') for data in block.split('\n'): metric_name, metric_data = data.split(':', 1) metric_info, metric_tags = metric_data.split('#', 1) @@ -414,7 +424,7 @@ def expect_metrics(self, spec): spec_matches = set() for metric_name, metric_value, metric_type, metric_tags in self.stream_statsd_metrics(timeout=1): metric_key = (metric_name, metric_tags) - print metric_key + print(metric_key) if metric_key in spec: assert spec[metric_key](metric_value), "Metric {} had unexpected value {}".format(metric_key, repr(metric_value)) spec_matches.add(metric_key) @@ -444,7 +454,7 @@ def pkt_hash(self, key, src_addr=None, dst_addr=None, src_port=None, dst_port=No hash_parts.append(self._encode_port(dst_port)) assert len(hash_parts) > 0 - hash_data = ''.join(hash_parts) + hash_data = b''.join(hash_parts) hash_bytes = siphash.SipHash_2_4(key, hash_data).digest() hash_num, = struct.unpack('. from rendezvous_table import GLBRendezvousTable -from nose.tools import assert_equals +def assert_equals(a, b): + assert a == b, "%r != %r" % (a, b) import json, subprocess, struct, socket class TestGLBBinaryCLI(): @@ -57,17 +58,17 @@ def get_example_config(self): def write_example_config(self): config = self.get_example_config() - with open('tests/test-config.json', 'wb') as f: + with open('tests/test-config.json', 'w') as f: f.write(json.dumps(config, indent=4)) f.close() def get_example_table_reference_implementation(self, table_index): table_config = self.get_example_config()['tables'][table_index] - return GLBRendezvousTable(table_config['seed'].decode('hex')) + return GLBRendezvousTable(bytes.fromhex(table_config['seed'])) def get_example_table_hosts(self, table_index): table_config = self.get_example_config()['tables'][table_index] - return map(lambda b: b['ip'], table_config['backends']) + return list(map(lambda b: b['ip'], table_config['backends'])) def test_generate_configs(self): self.write_example_config() @@ -75,7 +76,7 @@ def test_generate_configs(self): subprocess.check_call(['cli/glb-director-cli', 'build-config', 'tests/test-config.json', 'tests/test-config.bin']) f = open('tests/test-config.bin', 'rb') - assert_equals(f.read(4), 'GLBD') + assert_equals(f.read(4), b'GLBD') num_table_entries = 0x10000 max_num_backends = 0x100 @@ -109,7 +110,7 @@ def test_generate_configs(self): assert_equals(inet_addr, socket.inet_pton(socket.AF_INET6, backend['ip'])) else: assert_equals(inet_family, 1) - assert_equals(inet_addr, socket.inet_pton(socket.AF_INET, backend['ip']).ljust(16, '\x00')) + assert_equals(inet_addr, socket.inet_pton(socket.AF_INET, backend['ip']).ljust(16, b'\x00')) assert_equals(be_state, 1) assert_equals(be_health, 1) @@ -128,14 +129,14 @@ def test_generate_configs(self): assert_equals(ip_bits, 128) else: assert_equals(inet_family, 1) - assert_equals(inet_addr, socket.inet_pton(socket.AF_INET, bind['ip']).ljust(16, '\x00')) + assert_equals(inet_addr, socket.inet_pton(socket.AF_INET, bind['ip']).ljust(16, b'\x00')) assert_equals(ip_bits, 32) assert_equals(bind_port_start, bind['port']) assert_equals(bind_port_end, bind['port']) assert_equals(bind_proto, 6 if bind['proto'] == 'tcp' else 17) # validate hash key for source hashing - assert_equals(f.read(16), table['hash_key'].decode('hex').rjust(16, '\x00')) + assert_equals(f.read(16), bytes.fromhex(table['hash_key']).rjust(16, b'\x00')) # validate table entries for table_index in range(num_table_entries): diff --git a/src/glb-director/tests/test_director_classify_ranges_v4.py b/src/glb-director/tests/test_director_classify_ranges_v4.py index 799840ae..2172b87f 100644 --- a/src/glb-director/tests/test_director_classify_ranges_v4.py +++ b/src/glb-director/tests/test_director_classify_ranges_v4.py @@ -17,7 +17,8 @@ from glb_test_utils import GLBDirectorTestBase, GLBGUE from scapy.all import Ether, IP, IPv6, Packet, UDP, TCP, ICMP -from nose.tools import assert_equals +def assert_equals(a, b): + assert a == b, "%r != %r" % (a, b) from nose.plugins.attrib import attr from nose.plugins.skip import SkipTest import socket, struct, time diff --git a/src/glb-director/tests/test_director_classify_ranges_v6.py b/src/glb-director/tests/test_director_classify_ranges_v6.py index 88e4e27d..f76a5095 100644 --- a/src/glb-director/tests/test_director_classify_ranges_v6.py +++ b/src/glb-director/tests/test_director_classify_ranges_v6.py @@ -17,7 +17,8 @@ from glb_test_utils import GLBDirectorTestBase, GLBGUE from scapy.all import Ether, IP, IPv6, Packet, UDP, TCP, ICMP -from nose.tools import assert_equals +def assert_equals(a, b): + assert a == b, "%r != %r" % (a, b) from nose.plugins.attrib import attr import socket, struct, time diff --git a/src/glb-director/tests/test_director_classify_v4.py b/src/glb-director/tests/test_director_classify_v4.py index 6a368247..da065f48 100644 --- a/src/glb-director/tests/test_director_classify_v4.py +++ b/src/glb-director/tests/test_director_classify_v4.py @@ -17,7 +17,8 @@ from glb_test_utils import GLBDirectorTestBase, GLBGUE from scapy.all import Ether, IP, IPv6, Packet, UDP, TCP, ICMP -from nose.tools import assert_equals +def assert_equals(a, b): + assert a == b, "%r != %r" % (a, b) import socket, struct, time class TestGLBClassifyV4(GLBDirectorTestBase): diff --git a/src/glb-director/tests/test_director_classify_v6.py b/src/glb-director/tests/test_director_classify_v6.py index f40c6208..9ef903fc 100644 --- a/src/glb-director/tests/test_director_classify_v6.py +++ b/src/glb-director/tests/test_director_classify_v6.py @@ -17,7 +17,8 @@ from glb_test_utils import GLBDirectorTestBase, GLBGUE from scapy.all import Ether, IP, IPv6, Packet, UDP, TCP, ICMPv6PacketTooBig, ICMPv6EchoRequest -from nose.tools import assert_equals +def assert_equals(a, b): + assert a == b, "%r != %r" % (a, b) from nose.plugins.attrib import attr import socket, struct @@ -45,7 +46,7 @@ def test_01_route_classified_v6(self): assert_equals(glb_gue.private_data[0].hops, ['6.7.8.9']) inner_ip = glb_gue.payload - print repr(inner_ip) + print(repr(inner_ip)) assert isinstance(inner_ip, IPv6) # Expecting the inner IPv6 packet assert_equals(inner_ip.src, 'fd91:79d3:d621::1234') assert_equals(inner_ip.dst, 'fdb4:98ce:52d4::42') diff --git a/src/glb-director/tests/test_director_hash_fields.py b/src/glb-director/tests/test_director_hash_fields.py index 3eab328d..e5867f4e 100644 --- a/src/glb-director/tests/test_director_hash_fields.py +++ b/src/glb-director/tests/test_director_hash_fields.py @@ -17,7 +17,8 @@ from glb_test_utils import GLBDirectorTestBase, GLBGUE from scapy.all import Ether, IP, IPv6, Packet, UDP, TCP, ICMP -from nose.tools import assert_equals +def assert_equals(a, b): + assert a == b, "%r != %r" % (a, b) import socket, struct, time class GLBHashFieldsBase(GLBDirectorTestBase): diff --git a/src/glb-director/tests/test_director_kni.py b/src/glb-director/tests/test_director_kni.py index 68ee0390..e2e46b04 100644 --- a/src/glb-director/tests/test_director_kni.py +++ b/src/glb-director/tests/test_director_kni.py @@ -17,7 +17,8 @@ from glb_test_utils import GLBDirectorTestBase, GLBGUE from scapy.all import Ether, IP, IPv6, Packet, UDP, TCP -from nose.tools import assert_equals +def assert_equals(a, b): + assert a == b, "%r != %r" % (a, b) from nose.plugins.attrib import attr @attr(director_type='dpdk') diff --git a/src/glb-director/tests/test_director_metrics.py b/src/glb-director/tests/test_director_metrics.py index ec111a90..9452f4aa 100644 --- a/src/glb-director/tests/test_director_metrics.py +++ b/src/glb-director/tests/test_director_metrics.py @@ -17,7 +17,8 @@ from glb_test_utils import GLBDirectorTestBase, GLBGUE from scapy.all import Ether, IP, IPv6, Packet, UDP, TCP, ICMP -from nose.tools import assert_equals +def assert_equals(a, b): + assert a == b, "%r != %r" % (a, b) from nose.plugins.attrib import attr import socket, struct, time diff --git a/src/glb-director/tests/test_rendezvous_table.py b/src/glb-director/tests/test_rendezvous_table.py index a891831f..e92d74cd 100644 --- a/src/glb-director/tests/test_rendezvous_table.py +++ b/src/glb-director/tests/test_rendezvous_table.py @@ -16,16 +16,17 @@ # along with this project. If not, see . from rendezvous_table import GLBRendezvousTable -from nose.tools import assert_equals +def assert_equals(a, b): + assert a == b, "%r != %r" % (a, b) class TestGLBRendezvousTable(): def test_row_seeds(self): """GLBRendezvousTable correctly calculates valid row seeds""" - forwarding_table_seed = '49a3d861d661ae5ab06ed9326871a2f5'.decode('hex') + forwarding_table_seed = bytes.fromhex('49a3d861d661ae5ab06ed9326871a2f5') table = GLBRendezvousTable(forwarding_table_seed) - assert_equals(table.calculate_forwarding_table_row_seed(0x0000).encode('hex'), '491c53a72df4c837') - assert_equals(table.calculate_forwarding_table_row_seed(0xffff).encode('hex'), 'f223c0cc65161620') + assert_equals(table.calculate_forwarding_table_row_seed(0x0000).hex(), '491c53a72df4c837') + assert_equals(table.calculate_forwarding_table_row_seed(0xffff).hex(), 'f223c0cc65161620') def test_order_hosts_0000(self): """ @@ -37,7 +38,7 @@ def test_order_hosts_0000(self): 1.1.1.4 6f022ce1ea607e16 """ - forwarding_table_seed = '49a3d861d661ae5ab06ed9326871a2f5'.decode('hex') + forwarding_table_seed = bytes.fromhex('49a3d861d661ae5ab06ed9326871a2f5') table = GLBRendezvousTable(forwarding_table_seed) hosts = ['1.1.1.1', '1.1.1.2', '1.1.1.3', '1.1.1.4'] @@ -54,7 +55,7 @@ def test_order_hosts_ffff(self): 1.1.1.4 a1f610df9fbb2025 """ - forwarding_table_seed = '49a3d861d661ae5ab06ed9326871a2f5'.decode('hex') + forwarding_table_seed = bytes.fromhex('49a3d861d661ae5ab06ed9326871a2f5') table = GLBRendezvousTable(forwarding_table_seed) hosts = ['1.1.1.1', '1.1.1.2', '1.1.1.3', '1.1.1.4'] @@ -71,7 +72,7 @@ def test_order_hosts_bb44(self): 1.1.1.4 0676eaf9cb7d2f85 """ - forwarding_table_seed = '49a3d861d661ae5ab06ed9326871a2f5'.decode('hex') + forwarding_table_seed = bytes.fromhex('49a3d861d661ae5ab06ed9326871a2f5') table = GLBRendezvousTable(forwarding_table_seed) hosts = ['1.1.1.1', '1.1.1.2', '1.1.1.3', '1.1.1.4'] diff --git a/src/glb-redirect/tests/test_glb_redirect_v4_on_v4.py b/src/glb-redirect/tests/test_glb_redirect_v4_on_v4.py index e8616817..8844ff88 100644 --- a/src/glb-redirect/tests/test_glb_redirect_v4_on_v4.py +++ b/src/glb-redirect/tests/test_glb_redirect_v4_on_v4.py @@ -15,7 +15,10 @@ # You should have received a copy of the GNU General Public License # along with this project. If not, see . -from nose.tools import assert_equals, assert_true +def assert_equals(a, b): + assert a == b, "%r != %r" % (a, b) +def assert_true(a): + assert a from scapy.all import IP, UDP, TCP, ICMP, sniff, send, conf from glb_scapy import GLBGUEChainedRouting, GLBGUE from glb_test_utils import GLBTestHelpers diff --git a/src/glb-redirect/tests/test_glb_redirect_v6_on_v4.py b/src/glb-redirect/tests/test_glb_redirect_v6_on_v4.py index 8a5970d6..580a2e16 100644 --- a/src/glb-redirect/tests/test_glb_redirect_v6_on_v4.py +++ b/src/glb-redirect/tests/test_glb_redirect_v6_on_v4.py @@ -15,7 +15,8 @@ # You should have received a copy of the GNU General Public License # along with this project. If not, see . -from nose.tools import assert_equals +def assert_equals(a, b): + assert a == b, "%r != %r" % (a, b) from scapy.all import IP, IPv6, UDP, TCP, ICMPv6EchoRequest, ICMPv6EchoReply, ICMPv6PacketTooBig, sniff, send, conf, L3RawSocket6 from glb_scapy import GLBGUEChainedRouting, GLBGUE from glb_test_utils import GLBTestHelpers diff --git a/src/scapy-glb-gue/glb_scapy/__init__.py b/src/scapy-glb-gue/glb_scapy/__init__.py index 213434c5..f23dcde2 100644 --- a/src/scapy-glb-gue/glb_scapy/__init__.py +++ b/src/scapy-glb-gue/glb_scapy/__init__.py @@ -15,4 +15,4 @@ # You should have received a copy of the GNU General Public License # along with scapy-glb-gue. If not, see . -from glb_gue_scapy import GLBGUEChainedRouting, GLBGUE +from .glb_gue_scapy import GLBGUEChainedRouting, GLBGUE From 312baabfa7f0435e49665e3c03d244a6dff94dd8 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 18 May 2026 18:21:37 +0000 Subject: [PATCH 54/71] Fix assert_equals helper message argument in CLI tests --- src/glb-director/tests/test_cli_tool.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/glb-director/tests/test_cli_tool.py b/src/glb-director/tests/test_cli_tool.py index 3620836e..3f110b50 100644 --- a/src/glb-director/tests/test_cli_tool.py +++ b/src/glb-director/tests/test_cli_tool.py @@ -17,8 +17,10 @@ from rendezvous_table import GLBRendezvousTable -def assert_equals(a, b): - assert a == b, "%r != %r" % (a, b) +def assert_equals(a, b, msg=None): + if msg is None: + msg = "%r != %r" % (a, b) + assert a == b, msg import glob import json, subprocess, struct, socket, os, tempfile From ffa1592963c4219e9543015005215766470cba88 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 18 May 2026 18:48:17 +0000 Subject: [PATCH 55/71] Disable VCS stamping in healthcheck test build --- src/glb-healthcheck/script/test | 1 + 1 file changed, 1 insertion(+) diff --git a/src/glb-healthcheck/script/test b/src/glb-healthcheck/script/test index 4e412008..4246e57d 100755 --- a/src/glb-healthcheck/script/test +++ b/src/glb-healthcheck/script/test @@ -33,6 +33,7 @@ set -e ROOTDIR=$(dirname $0)/.. cd $ROOTDIR +export GOFLAGS="${GOFLAGS:+$GOFLAGS }-buildvcs=false" echo 'Building...' go build From 8933790b4300883e2c4e1062c2f5334123c0dff9 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 15:05:17 -0400 Subject: [PATCH 56/71] Simplify Dockerfile.focal and add script/test --- script/Dockerfile.focal | 9 ++------- script/test | 3 +++ 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/script/Dockerfile.focal b/script/Dockerfile.focal index c8323c72..7f537171 100644 --- a/script/Dockerfile.focal +++ b/script/Dockerfile.focal @@ -2,10 +2,6 @@ FROM ubuntu:focal RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf.d/80-retries -RUN apt-get update && apt-get -y install curl git - -# DPDK -RUN echo "deb http://archive.ubuntu.com/ubuntu/ bionic main universe" >> /etc/apt/sources.list ARG DEBIAN_FRONTEND=noninteractive RUN apt-get update && apt-get -y install curl git software-properties-common @@ -16,7 +12,7 @@ RUN echo "deb [trusted=yes] http://dk.archive.ubuntu.com/ubuntu/ bionic main uni RUN apt-get update && apt-get install -y build-essential dpdk=17.11.1-6 dpdk-dev=17.11.1-6 libdpdk-dev=17.11.1-6 wget pkg-config libjansson-dev libsystemd-dev clang-tools-10 # iptables / DKMS -RUN apt-get update && apt-get install -y -f wget pkg-config libsystemd-dev dkms debhelper libxtables-dev +RUN apt-get install -y -f dkms debhelper libxtables-dev # golang RUN ARCH=$(dpkg --print-architecture) && wget --quiet https://golang.org/dl/go1.24.5.linux-${ARCH}.tar.gz -O- | tar -C /usr/local -zxvf - @@ -25,7 +21,7 @@ ENV GOPATH /go ENV PATH="${GOPATH}/bin:${GOROOT}/bin:${PATH}" # fpm for packaging -RUN apt-get update && apt-get install -y ruby ruby-dev rubygems build-essential +RUN apt-get update && apt-get install -y ruby ruby-dev rubygems # See fpm dependency breakage issue: https://github.com/jordansissel/fpm/issues/1918 RUN gem install --version 2.7.6 dotenv @@ -39,7 +35,6 @@ RUN ln -sf /usr/bin/python3 /usr/bin/python && ln -sf $(which nosetests3) /usr/l # XDP # linux-libc-dev must be upgraded to get a bpf.h that matches what we use. the rest match what we do in Vagrant for testing. -RUN apt-get update && apt install -y apt-transport-https curl software-properties-common RUN apt-get update && apt install -y iproute2 libbpf-dev linux-libc-dev clang-10 # Hack because the kernel headers are not installed in the right place (linuxkit vs generic) diff --git a/script/test b/script/test index 2f7f050f..020dcb99 100644 --- a/script/test +++ b/script/test @@ -1,4 +1,7 @@ #!/usr/bin/env bash +# Runs a Clang static analysis build (scan-build) over the project to detect +# potential bugs at compile time. Automatically detects the available version +# of scan-build installed in the environment. set -euo pipefail if command -v scan-build-10 >/dev/null 2>&1; then From 471037ed0dc8780f376b93becb1b6a154deb0b23 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 18 May 2026 19:16:28 +0000 Subject: [PATCH 57/71] Install jq in focal CI image for healthcheck tests --- script/Dockerfile.focal | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/script/Dockerfile.focal b/script/Dockerfile.focal index 7f537171..00cdbc58 100644 --- a/script/Dockerfile.focal +++ b/script/Dockerfile.focal @@ -29,7 +29,7 @@ RUN gem install ffi -f RUN gem install rake fpm # Python / nosetests for scapy tests -RUN apt-get update && apt-get install -y python3 python3-pip python3-nose python3-scapy netcat-openbsd +RUN apt-get update && apt-get install -y python3 python3-pip python3-nose python3-scapy netcat-openbsd jq RUN pip3 install siphash 'pyroute2<0.7' netaddr RUN ln -sf /usr/bin/python3 /usr/bin/python && ln -sf $(which nosetests3) /usr/local/bin/nosetests From 1c1c3a1f37b2273795f4b3a1719f2eca0486c8b4 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 15:21:52 -0400 Subject: [PATCH 58/71] Remove unused --- src/glb-director/cli/main.c | 5 +---- src/glb-director/glb_kni.c | 37 +------------------------------------ 2 files changed, 2 insertions(+), 40 deletions(-) diff --git a/src/glb-director/cli/main.c b/src/glb-director/cli/main.c index a24141f4..b6d539e4 100644 --- a/src/glb-director/cli/main.c +++ b/src/glb-director/cli/main.c @@ -38,13 +38,10 @@ #include #include #include -#include #include #include -#include "log.h" - -bool debug = false; +#include "log.h" #define GLB_BACKEND_HEALTH_DOWN 0 #define GLB_BACKEND_HEALTH_UP 1 diff --git a/src/glb-director/glb_kni.c b/src/glb-director/glb_kni.c index 77d9f021..bc279b32 100644 --- a/src/glb-director/glb_kni.c +++ b/src/glb-director/glb_kni.c @@ -61,9 +61,7 @@ #include #include #include -#if __has_include() #include -#endif #include #include #include @@ -73,15 +71,13 @@ #include #include #include -#if __has_include() #include -#endif #include #include #include #include -#if __has_include() +#if RTE_VERSION >= RTE_VERSION_NUM(17, 11, 0, 1) #include #endif @@ -90,8 +86,6 @@ #include "log.h" #include "util.h" -#if GLB_HAVE_KNI - #if RTE_VERSION > RTE_VERSION_NUM(17,11,0,0) typedef uint16_t port_id_t; #else @@ -372,32 +366,3 @@ static void handle_kni_to_nic(unsigned port_id, struct rte_kni *kni, "lcore-%u: -> %d packets (%d queued) burst from KNI to port %d queue %d", rte_lcore_id(), nb_rx, nb_tx, port_id, tx_queue); } - -#else /* !GLB_HAVE_KNI — provide no-op stubs */ - -struct glb_kni_ { - /* empty stub when KNI is not available */ -}; - -glb_kni *glb_kni_new(uint8_t physical_port_id __attribute__((unused)), - uint16_t rx_tx_queue_id __attribute__((unused)), - unsigned owner_lcore_id __attribute__((unused)), - struct rte_mempool *pktmbuf_pool __attribute__((unused))) -{ - return NULL; -} - -void glb_kni_release(glb_kni *gk __attribute__((unused))) { } - -unsigned glb_kni_safe_tx_burst(glb_kni *gk __attribute__((unused)), - struct rte_mbuf **kni_tx_burst __attribute__((unused)), - unsigned tx_burst_size __attribute__((unused))) -{ - return 0; -} - -void glb_kni_lcore_flush(glb_kni *gk __attribute__((unused))) { } - -void glb_kni_handle_request(glb_kni *gk __attribute__((unused))) { } - -#endif /* GLB_HAVE_KNI */ From e029b2907ea0edac75550c3ddfdc7b9d6193f389 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 15:39:40 -0400 Subject: [PATCH 59/71] We still need rte_pci --- src/glb-director-xdp/bpf/Makefile | 26 ------ src/glb-director/bind_classifier.c | 4 +- src/glb-director/bind_classifier_rules.h | 100 +++++++++++------------ 3 files changed, 47 insertions(+), 83 deletions(-) diff --git a/src/glb-director-xdp/bpf/Makefile b/src/glb-director-xdp/bpf/Makefile index 3a838919..a600d5a9 100644 --- a/src/glb-director-xdp/bpf/Makefile +++ b/src/glb-director-xdp/bpf/Makefile @@ -33,31 +33,5 @@ endif $(LLC) -march=bpf -filetype=obj -o $@ .tmp.ll rm .tmp.ll -# tailcall.o uses BTF-defined maps (.maps section) which requires BTF debug info -# Compile directly to BPF target with -g to generate BTF -tailcall.o: tailcall.c - $(CLANG) -target bpf -c -O2 -g -D__KERNEL__ \ - -Wall \ - -Wno-gnu-variable-sized-type-not-at-end \ - -Wno-address-of-packed-member \ - -Wno-tautological-compare \ - -Wno-unknown-warning-option \ - -Wno-pointer-sign \ - -Werror \ - -include /usr/src/linux-headers-$(KVER:-amd64=-common)/include/linux/kconfig.h \ - -include stdbool.h \ - -include stddef.h \ - -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ - -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated \ - -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated/uapi \ - -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ - -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include/uapi \ - -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include/uapi \ - -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include \ - -I /usr/src/linux-headers-$(KVER)/include \ - -I include/ \ - -I ../.. \ - -o $@ $< - clean: rm -rf *.o diff --git a/src/glb-director/bind_classifier.c b/src/glb-director/bind_classifier.c index e3028258..d29203f9 100644 --- a/src/glb-director/bind_classifier.c +++ b/src/glb-director/bind_classifier.c @@ -70,16 +70,14 @@ #include #include #include -#if __has_include() #include -#endif #include #include #include #include "bind_classifier.h" -#include "config.h" #include "bind_classifier_rules.h" +#include "config.h" #include "glb_fwd_config.h" #include "glb_director_config.h" #include "log.h" diff --git a/src/glb-director/bind_classifier_rules.h b/src/glb-director/bind_classifier_rules.h index 670fddf8..fa366d70 100644 --- a/src/glb-director/bind_classifier_rules.h +++ b/src/glb-director/bind_classifier_rules.h @@ -35,14 +35,6 @@ * Rule and trace formats definitions. */ -#include -#if __has_include() -#include -#endif -#if __has_include() -#include -#endif - enum { PROTO_FIELD_IPV4, SRC_FIELD_IPV4, DST_FIELD_IPV4, @@ -88,16 +80,16 @@ struct rte_acl_field_def ipv4_defs[NUM_FIELDS_IPV4] = { .size = sizeof(uint32_t), .field_index = SRC_FIELD_IPV4, .input_index = RTE_ACL_IPV4_SRC, - .offset = offsetof(struct rte_ipv4_hdr, src_addr) - - offsetof(struct rte_ipv4_hdr, next_proto_id), + .offset = offsetof(struct ipv4_hdr, src_addr) - + offsetof(struct ipv4_hdr, next_proto_id), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = DST_FIELD_IPV4, .input_index = RTE_ACL_IPV4_DST, - .offset = offsetof(struct rte_ipv4_hdr, dst_addr) - - offsetof(struct rte_ipv4_hdr, next_proto_id), + .offset = offsetof(struct ipv4_hdr, dst_addr) - + offsetof(struct ipv4_hdr, next_proto_id), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, @@ -105,15 +97,15 @@ struct rte_acl_field_def ipv4_defs[NUM_FIELDS_IPV4] = { .field_index = SRCP_FIELD_IPV4, .input_index = RTE_ACL_IPV4_PORTS, .offset = - sizeof(struct rte_ipv4_hdr) - offsetof(struct rte_ipv4_hdr, next_proto_id), + sizeof(struct ipv4_hdr) - offsetof(struct ipv4_hdr, next_proto_id), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, .size = sizeof(uint16_t), .field_index = DSTP_FIELD_IPV4, .input_index = RTE_ACL_IPV4_PORTS, - .offset = sizeof(struct rte_ipv4_hdr) - - offsetof(struct rte_ipv4_hdr, next_proto_id) + sizeof(uint16_t), + .offset = sizeof(struct ipv4_hdr) - + offsetof(struct ipv4_hdr, next_proto_id) + sizeof(uint16_t), }, // support for ICMP introspection { @@ -121,30 +113,30 @@ struct rte_acl_field_def ipv4_defs[NUM_FIELDS_IPV4] = { .size = sizeof(uint32_t), .field_index = ICMP_INNER_SRC_FIELD_IPV4, .input_index = RTE_ACL_IPV4_INNER_SRC, - .offset = sizeof(struct rte_ipv4_hdr) - - offsetof(struct rte_ipv4_hdr, next_proto_id) + sizeof(uint32_t) + + .offset = sizeof(struct ipv4_hdr) - + offsetof(struct ipv4_hdr, next_proto_id) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over to inner IP header - offsetof(struct rte_ipv4_hdr, src_addr), + offsetof(struct ipv4_hdr, src_addr), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, .size = sizeof(uint16_t), .field_index = ICMP_INNER_SRCP_FIELD_IPV4, .input_index = RTE_ACL_IPV4_INNER_PORTS, - .offset = sizeof(struct rte_ipv4_hdr) - - offsetof(struct rte_ipv4_hdr, next_proto_id) + sizeof(uint32_t) + + .offset = sizeof(struct ipv4_hdr) - + offsetof(struct ipv4_hdr, next_proto_id) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over to inner IP header - sizeof(struct rte_ipv4_hdr), + sizeof(struct ipv4_hdr), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, .size = sizeof(uint16_t), .field_index = ICMP_INNER_DSTP_FIELD_IPV4, .input_index = RTE_ACL_IPV4_INNER_PORTS, - .offset = sizeof(struct rte_ipv4_hdr) - - offsetof(struct rte_ipv4_hdr, next_proto_id) + sizeof(uint32_t) + + .offset = sizeof(struct ipv4_hdr) - + offsetof(struct ipv4_hdr, next_proto_id) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over to inner IP header - sizeof(struct rte_ipv4_hdr) + sizeof(uint16_t), + sizeof(struct ipv4_hdr) + sizeof(uint16_t), }, }; @@ -212,78 +204,78 @@ struct rte_acl_field_def ipv6_defs[NUM_FIELDS_IPV6] = { .size = sizeof(uint32_t), .field_index = SRC1_FIELD_IPV6, .input_index = RTE_ACL_IPV6_SRC1, - .offset = offsetof(struct rte_ipv6_hdr, src_addr) - - offsetof(struct rte_ipv6_hdr, proto), + .offset = offsetof(struct ipv6_hdr, src_addr) - + offsetof(struct ipv6_hdr, proto), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = SRC2_FIELD_IPV6, .input_index = RTE_ACL_IPV6_SRC2, - .offset = offsetof(struct rte_ipv6_hdr, src_addr) - - offsetof(struct rte_ipv6_hdr, proto) + sizeof(uint32_t), + .offset = offsetof(struct ipv6_hdr, src_addr) - + offsetof(struct ipv6_hdr, proto) + sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = SRC3_FIELD_IPV6, .input_index = RTE_ACL_IPV6_SRC3, - .offset = offsetof(struct rte_ipv6_hdr, src_addr) - - offsetof(struct rte_ipv6_hdr, proto) + 2 * sizeof(uint32_t), + .offset = offsetof(struct ipv6_hdr, src_addr) - + offsetof(struct ipv6_hdr, proto) + 2 * sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = SRC4_FIELD_IPV6, .input_index = RTE_ACL_IPV6_SRC4, - .offset = offsetof(struct rte_ipv6_hdr, src_addr) - - offsetof(struct rte_ipv6_hdr, proto) + 3 * sizeof(uint32_t), + .offset = offsetof(struct ipv6_hdr, src_addr) - + offsetof(struct ipv6_hdr, proto) + 3 * sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = DST1_FIELD_IPV6, .input_index = RTE_ACL_IPV6_DST1, - .offset = offsetof(struct rte_ipv6_hdr, dst_addr) - - offsetof(struct rte_ipv6_hdr, proto), + .offset = offsetof(struct ipv6_hdr, dst_addr) - + offsetof(struct ipv6_hdr, proto), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = DST2_FIELD_IPV6, .input_index = RTE_ACL_IPV6_DST2, - .offset = offsetof(struct rte_ipv6_hdr, dst_addr) - - offsetof(struct rte_ipv6_hdr, proto) + sizeof(uint32_t), + .offset = offsetof(struct ipv6_hdr, dst_addr) - + offsetof(struct ipv6_hdr, proto) + sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = DST3_FIELD_IPV6, .input_index = RTE_ACL_IPV6_DST3, - .offset = offsetof(struct rte_ipv6_hdr, dst_addr) - - offsetof(struct rte_ipv6_hdr, proto) + 2 * sizeof(uint32_t), + .offset = offsetof(struct ipv6_hdr, dst_addr) - + offsetof(struct ipv6_hdr, proto) + 2 * sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = DST4_FIELD_IPV6, .input_index = RTE_ACL_IPV6_DST4, - .offset = offsetof(struct rte_ipv6_hdr, dst_addr) - - offsetof(struct rte_ipv6_hdr, proto) + 3 * sizeof(uint32_t), + .offset = offsetof(struct ipv6_hdr, dst_addr) - + offsetof(struct ipv6_hdr, proto) + 3 * sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, .size = sizeof(uint16_t), .field_index = SRCP_FIELD_IPV6, .input_index = RTE_ACL_IPV6_PORTS, - .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto), + .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, .size = sizeof(uint16_t), .field_index = DSTP_FIELD_IPV6, .input_index = RTE_ACL_IPV6_PORTS, - .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto) + + .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto) + sizeof(uint16_t), }, @@ -293,59 +285,59 @@ struct rte_acl_field_def ipv6_defs[NUM_FIELDS_IPV6] = { .size = sizeof(uint32_t), .field_index = ICMP_INNER_SRC1_FIELD_IPV6, .input_index = RTE_ACL_IPV6_INNER_SRC1, - .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto) + + .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over the ICMPv6 header - offsetof(struct rte_ipv6_hdr, src_addr), + offsetof(struct ipv6_hdr, src_addr), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = ICMP_INNER_SRC2_FIELD_IPV6, .input_index = RTE_ACL_IPV6_INNER_SRC2, - .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto) + + .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over the ICMPv6 header - offsetof(struct rte_ipv6_hdr, src_addr) + sizeof(uint32_t), + offsetof(struct ipv6_hdr, src_addr) + sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = ICMP_INNER_SRC3_FIELD_IPV6, .input_index = RTE_ACL_IPV6_INNER_SRC3, - .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto) + + .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over the ICMPv6 header - offsetof(struct rte_ipv6_hdr, src_addr) + 2 * sizeof(uint32_t), + offsetof(struct ipv6_hdr, src_addr) + 2 * sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_MASK, .size = sizeof(uint32_t), .field_index = ICMP_INNER_SRC4_FIELD_IPV6, .input_index = RTE_ACL_IPV6_INNER_SRC4, - .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto) + + .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over the ICMPv6 header - offsetof(struct rte_ipv6_hdr, src_addr) + 3 * sizeof(uint32_t), + offsetof(struct ipv6_hdr, src_addr) + 3 * sizeof(uint32_t), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, .size = sizeof(uint16_t), .field_index = ICMP_INNER_SRCP_FIELD_IPV6, .input_index = RTE_ACL_IPV6_INNER_PORTS, - .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto) + + .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over the ICMPv6 header - sizeof(struct rte_ipv6_hdr), + sizeof(struct ipv6_hdr), }, { .type = RTE_ACL_FIELD_TYPE_RANGE, .size = sizeof(uint16_t), .field_index = ICMP_INNER_DSTP_FIELD_IPV6, .input_index = RTE_ACL_IPV6_INNER_PORTS, - .offset = sizeof(struct rte_ipv6_hdr) - offsetof(struct rte_ipv6_hdr, proto) + + .offset = sizeof(struct ipv6_hdr) - offsetof(struct ipv6_hdr, proto) + sizeof(uint32_t) + sizeof(uint32_t) + // skip over the ICMPv6 header - sizeof(struct rte_ipv6_hdr) + sizeof(uint16_t), + sizeof(struct ipv6_hdr) + sizeof(uint16_t), }, }; From 316b2183aff5b2664824b00ad0e7e346808e6230 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 15:48:32 -0400 Subject: [PATCH 60/71] kni_enabled --- src/glb-director/Makefile | 8 ++++---- src/glb-director/glb_kni.c | 6 ++++++ src/glb-director/glb_kni.h | 25 +++++++++++++++++++++++++ src/glb-director/main.c | 4 ++++ 4 files changed, 39 insertions(+), 4 deletions(-) diff --git a/src/glb-director/Makefile b/src/glb-director/Makefile index 893a09c6..831f670c 100644 --- a/src/glb-director/Makefile +++ b/src/glb-director/Makefile @@ -30,7 +30,6 @@ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # Default SDK and target, can be overriden by command line or environment -# Check if legacy DPDK build system exists RTE_SDK ?= /usr/share/dpdk RTE_TARGET ?= x86_64-default-linuxapp-gcc @@ -51,11 +50,11 @@ ifeq ($(wildcard $(RTE_SDK)/mk/rte.vars.mk),) LDFLAGS += -z relro -z now -ljansson -lsystemd build/app/$(APP): $(SRCS-y) - mkdir -p build/app - $(CC) $(CFLAGS) -o $@ $(SRCS-y) $(LDFLAGS) + mkdir -p build/app + $(CC) $(CFLAGS) -o $@ $(SRCS-y) $(LDFLAGS) clean: - rm -rf build + rm -rf build .PHONY: clean else @@ -68,6 +67,7 @@ else siphash24.c glb_director_config.c statsd-client.c shared_opt.c CFLAGS += -O3 -g + CFLAGS += $(WERROR_FLAGS) CFLAGS += -pie -fPIE -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 -fstack-protector-strong CFLAGS += -DSTATSD -DSYSTEMD CFLAGS += -I$(SRCDIR)/.. diff --git a/src/glb-director/glb_kni.c b/src/glb-director/glb_kni.c index bc279b32..805256f3 100644 --- a/src/glb-director/glb_kni.c +++ b/src/glb-director/glb_kni.c @@ -31,6 +31,10 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include "config.h" + +#if GLB_HAVE_KNI + #include #include #include @@ -366,3 +370,5 @@ static void handle_kni_to_nic(unsigned port_id, struct rte_kni *kni, "lcore-%u: -> %d packets (%d queued) burst from KNI to port %d queue %d", rte_lcore_id(), nb_rx, nb_tx, port_id, tx_queue); } + +#endif /* GLB_HAVE_KNI */ diff --git a/src/glb-director/glb_kni.h b/src/glb-director/glb_kni.h index bbc5d5e7..90b5a0d7 100644 --- a/src/glb-director/glb_kni.h +++ b/src/glb-director/glb_kni.h @@ -35,9 +35,12 @@ #define GLB_KNI_H #include +#include "config.h" typedef struct glb_kni_ glb_kni; +#if GLB_HAVE_KNI + /* Creates a GLB context for a KNI interface mapping to the given physical port. * The specified lcore is the one core that will be allowed to burst packets * directly to the KNI interface, while all other lcores will sent via an @@ -68,4 +71,26 @@ void glb_kni_handle_request(glb_kni *gk); */ void glb_kni_release(glb_kni *gk); +#else /* !GLB_HAVE_KNI */ + +static inline glb_kni *glb_kni_new(uint8_t physical_port_id, uint16_t rx_tx_queue_id, + unsigned owner_lcore_id, struct rte_mempool *pktmbuf_pool) +{ + (void)physical_port_id; (void)rx_tx_queue_id; (void)owner_lcore_id; (void)pktmbuf_pool; + return NULL; +} + +static inline unsigned glb_kni_safe_tx_burst(glb_kni *gk, struct rte_mbuf **kni_tx_burst, + unsigned tx_burst_size) +{ + (void)gk; (void)kni_tx_burst; (void)tx_burst_size; + return 0; +} + +static inline void glb_kni_lcore_flush(glb_kni *gk) { (void)gk; } +static inline void glb_kni_handle_request(glb_kni *gk) { (void)gk; } +static inline void glb_kni_release(glb_kni *gk) { (void)gk; } + +#endif /* GLB_HAVE_KNI */ + #endif // GLB_KNI_H diff --git a/src/glb-director/main.c b/src/glb-director/main.c index 6b9d1a52..3dc9efdb 100644 --- a/src/glb-director/main.c +++ b/src/glb-director/main.c @@ -301,6 +301,10 @@ int main(int argc, char **argv) if (g_director_config->kni_enabled) { rte_kni_init(nb_sys_ports); } +#else + if (g_director_config->kni_enabled) { + glb_log_info("WARNING: KNI is enabled in config but not available in this DPDK version. KNI functionality will be disabled."); + } #endif /* Pre-allocate the control message mbuf pool */ From a01c9ccf856e865189f9d2635a250ae0d355e727 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 16:12:14 -0400 Subject: [PATCH 61/71] Use compatible dockerfile --- script/Dockerfile.focal | 4 ++-- script/Dockerfile.noble | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/script/Dockerfile.focal b/script/Dockerfile.focal index 00cdbc58..c7e44760 100644 --- a/script/Dockerfile.focal +++ b/script/Dockerfile.focal @@ -1,4 +1,4 @@ -FROM ubuntu:focal +FROM --platform=linux/amd64 ubuntu:focal RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf.d/80-retries @@ -8,7 +8,7 @@ RUN apt-get update && apt-get -y install curl git software-properties-common RUN add-apt-repository universe # DPDK (use 17.11 from bionic for API compatibility) -RUN echo "deb [trusted=yes] http://dk.archive.ubuntu.com/ubuntu/ bionic main universe" >> /etc/apt/sources.list +RUN echo "deb [trusted=yes arch=amd64] http://dk.archive.ubuntu.com/ubuntu/ bionic main universe" >> /etc/apt/sources.list RUN apt-get update && apt-get install -y build-essential dpdk=17.11.1-6 dpdk-dev=17.11.1-6 libdpdk-dev=17.11.1-6 wget pkg-config libjansson-dev libsystemd-dev clang-tools-10 # iptables / DKMS diff --git a/script/Dockerfile.noble b/script/Dockerfile.noble index 2153ec56..c7b555f5 100644 --- a/script/Dockerfile.noble +++ b/script/Dockerfile.noble @@ -1,4 +1,4 @@ -FROM ubuntu:noble +FROM --platform=linux/amd64 ubuntu:noble ARG DEBIAN_FRONTEND=noninteractive @@ -53,7 +53,7 @@ RUN apt-get update && apt install -y apt-transport-https curl software-propertie RUN apt-get update && apt install -y iproute2 libbpf-dev linux-libc-dev clang-20 # libbpf.so.0 compat symlink (noble ships libbpf.so.1 but xdp-root-shim links against .0) -RUN ln -sf /usr/lib/x86_64-linux-gnu/libbpf.so.1 /usr/lib/x86_64-linux-gnu/libbpf.so.0 +# RUN ln -sf /usr/lib/x86_64-linux-gnu/libbpf.so.1 /usr/lib/x86_64-linux-gnu/libbpf.so.0 # Hack because the kernel headers are not installed in the right place (linuxkit vs generic) RUN ln -s /usr/src/$(ls /usr/src/ | grep generic) /usr/src/linux-headers-$(uname -r) From c4cffdca0fe9fccf1f7ba937caeda931d1f7b728 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 16:13:07 -0400 Subject: [PATCH 62/71] Update compile flags for glb-director-xdp --- src/glb-director-xdp/bpf/Makefile | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/src/glb-director-xdp/bpf/Makefile b/src/glb-director-xdp/bpf/Makefile index a600d5a9..8264f4b8 100644 --- a/src/glb-director-xdp/bpf/Makefile +++ b/src/glb-director-xdp/bpf/Makefile @@ -17,14 +17,12 @@ endif -Wno-pointer-sign \ -Werror \ -include /usr/src/linux-headers-$(KVER:-amd64=-common)/include/linux/kconfig.h \ - -include stdbool.h \ - -include stddef.h \ - -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated \ - -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated/uapi \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated/uapi \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include/uapi \ - -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include/uapi \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include/generated/uapi \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include \ -I /usr/src/linux-headers-$(KVER)/include \ -I include/ \ From 62a55380d0bedc8877e76db260d75ba988c52041 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 16:13:40 -0400 Subject: [PATCH 63/71] Reorder bind_classifier for compilation error --- src/glb-director/bind_classifier.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/glb-director/bind_classifier.c b/src/glb-director/bind_classifier.c index d29203f9..45a41f47 100644 --- a/src/glb-director/bind_classifier.c +++ b/src/glb-director/bind_classifier.c @@ -76,8 +76,8 @@ #include #include "bind_classifier.h" -#include "bind_classifier_rules.h" #include "config.h" +#include "bind_classifier_rules.h" #include "glb_fwd_config.h" #include "glb_director_config.h" #include "log.h" From 325df5ee6574f002b1185ac6396d2aa80ca9fec8 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 17:11:00 -0400 Subject: [PATCH 64/71] Revert Makefile --- src/glb-director-xdp/bpf/Makefile | 6 ++---- src/glb-director/glb_kni.h | 1 - 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/src/glb-director-xdp/bpf/Makefile b/src/glb-director-xdp/bpf/Makefile index 8264f4b8..e03a0004 100644 --- a/src/glb-director-xdp/bpf/Makefile +++ b/src/glb-director-xdp/bpf/Makefile @@ -17,12 +17,10 @@ endif -Wno-pointer-sign \ -Werror \ -include /usr/src/linux-headers-$(KVER:-amd64=-common)/include/linux/kconfig.h \ - -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include \ - -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ - -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated/uapi \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include/uapi \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include/uapi \ - -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include/generated/uapi \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include \ -I /usr/src/linux-headers-$(KVER)/include \ -I include/ \ diff --git a/src/glb-director/glb_kni.h b/src/glb-director/glb_kni.h index 90b5a0d7..8b264e07 100644 --- a/src/glb-director/glb_kni.h +++ b/src/glb-director/glb_kni.h @@ -35,7 +35,6 @@ #define GLB_KNI_H #include -#include "config.h" typedef struct glb_kni_ glb_kni; From ad09e548544052b5fedd1f897ed343eca1473993 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 17:19:15 -0400 Subject: [PATCH 65/71] Working build for focal --- .../xdp-root-shim/xdp-root-shim.c | 54 +++---------------- src/glb-director/config.h | 5 ++ 2 files changed, 13 insertions(+), 46 deletions(-) diff --git a/src/glb-director-xdp/xdp-root-shim/xdp-root-shim.c b/src/glb-director-xdp/xdp-root-shim/xdp-root-shim.c index 6ea004cb..ec66f072 100644 --- a/src/glb-director-xdp/xdp-root-shim/xdp-root-shim.c +++ b/src/glb-director-xdp/xdp-root-shim/xdp-root-shim.c @@ -38,49 +38,6 @@ #include #include -static int load_xdp_program(const char *tailcall_elf_path, struct bpf_object **shim_obj, int *prog_fd) { -#if defined(LIBBPF_MAJOR_VERSION) && LIBBPF_MAJOR_VERSION >= 1 - struct bpf_program *shim_prog; - - *shim_obj = bpf_object__open_file(tailcall_elf_path, NULL); - if (libbpf_get_error(*shim_obj)) { - *shim_obj = NULL; - return -1; - } - - if (bpf_object__load(*shim_obj) != 0) { - bpf_object__close(*shim_obj); - *shim_obj = NULL; - return -1; - } - - shim_prog = bpf_object__find_program_by_name(*shim_obj, "xdp_root"); - if (shim_prog == NULL) { - bpf_object__close(*shim_obj); - *shim_obj = NULL; - return -1; - } - - *prog_fd = bpf_program__fd(shim_prog); - return *prog_fd < 0 ? -1 : 0; -#else - struct bpf_prog_load_attr prog_load_attr = { - .prog_type = BPF_PROG_TYPE_XDP, - .file = tailcall_elf_path, - }; - - return bpf_prog_load_xattr(&prog_load_attr, shim_obj, prog_fd); -#endif -} - -static int attach_xdp_program(int iface_index, int prog_fd) { -#if defined(LIBBPF_MAJOR_VERSION) && LIBBPF_MAJOR_VERSION >= 1 - return bpf_xdp_attach(iface_index, prog_fd, 0, NULL); -#else - return bpf_set_link_xdp_fd(iface_index, prog_fd, 0); -#endif -} - int main(int argc, char **argv) { if (argc != 4) { fprintf(stderr, "Usage: %s \n", argv[0]); @@ -113,11 +70,16 @@ int main(int argc, char **argv) { return 1; } + /* load the tailcall bpf */ + struct bpf_prog_load_attr prog_load_attr = { + .prog_type = BPF_PROG_TYPE_XDP, + .file = tailcall_elf_path, + }; struct bpf_object *shim_obj; int prog_fd; - if (load_xdp_program(tailcall_elf_path, &shim_obj, &prog_fd) != 0) { - fprintf(stderr, "Could not load '%s'\n", tailcall_elf_path); + if (bpf_prog_load_xattr(&prog_load_attr, &shim_obj, &prog_fd)){ + fprintf(stderr, "Could not load '%s'\n", prog_load_attr.file); return 1; } @@ -131,7 +93,7 @@ int main(int argc, char **argv) { } /* bind it to the interface with XDP */ - if (attach_xdp_program(iface_index, prog_fd) < 0) { + if (bpf_set_link_xdp_fd(iface_index, prog_fd, 0) < 0) { fprintf(stderr, "Could not attach XDP program to interface '%s'\n", iface_name); return 1; } diff --git a/src/glb-director/config.h b/src/glb-director/config.h index e11831e6..868e5911 100644 --- a/src/glb-director/config.h +++ b/src/glb-director/config.h @@ -31,6 +31,9 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#ifndef _GLB_CONFIG_H_ +#define _GLB_CONFIG_H_ + #include /* Macros for printing using RTE_LOG */ @@ -245,3 +248,5 @@ static inline uint64_t glb_mbuf_get_userdata(const struct rte_mbuf *mbuf) } #endif #endif /* NO_DPDK */ + +#endif /* _GLB_CONFIG_H_ */ From f0c70b3769ca728b2bb98ec4287c66b5a214454f Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 17:26:31 -0400 Subject: [PATCH 66/71] working noble build locally --- script/Dockerfile.noble | 3 +++ src/glb-director-xdp/bpf/Makefile | 2 ++ 2 files changed, 5 insertions(+) diff --git a/script/Dockerfile.noble b/script/Dockerfile.noble index c7b555f5..ec05491f 100644 --- a/script/Dockerfile.noble +++ b/script/Dockerfile.noble @@ -61,3 +61,6 @@ RUN ln -s /usr/src/$(ls /usr/src/ | grep generic) /usr/src/linux-headers-$(uname # Hack for C99 math RUN sed -i '1s/^/#define __USE_C99_MATH\n/' /usr/src/$(ls /usr/src/ | grep generic)/include/linux/kasan-checks.h RUN sed -i '2s/^/#include \n/' /usr/src/$(ls /usr/src/ | grep generic)/include/linux/kasan-checks.h + +# Hack for size_t in kcsan-checks.h +RUN sed -i '1s/^/typedef unsigned long size_t;\n/' /usr/src/$(ls /usr/src/ | grep generic)/include/linux/kcsan-checks.h diff --git a/src/glb-director-xdp/bpf/Makefile b/src/glb-director-xdp/bpf/Makefile index e03a0004..8a6ff8dc 100644 --- a/src/glb-director-xdp/bpf/Makefile +++ b/src/glb-director-xdp/bpf/Makefile @@ -17,6 +17,8 @@ endif -Wno-pointer-sign \ -Werror \ -include /usr/src/linux-headers-$(KVER:-amd64=-common)/include/linux/kconfig.h \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated \ + -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated/uapi \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/uapi \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/include/uapi \ From 128538ae0b8422e862c94c7833bb6ec2ff779247 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 17:31:45 -0400 Subject: [PATCH 67/71] Capatability header --- script/Dockerfile.noble | 2 -- src/glb-director-xdp/bpf/Makefile | 1 + src/glb-director-xdp/bpf/include/compat/types.h | 7 +++++++ 3 files changed, 8 insertions(+), 2 deletions(-) create mode 100644 src/glb-director-xdp/bpf/include/compat/types.h diff --git a/script/Dockerfile.noble b/script/Dockerfile.noble index ec05491f..7aa601fb 100644 --- a/script/Dockerfile.noble +++ b/script/Dockerfile.noble @@ -62,5 +62,3 @@ RUN ln -s /usr/src/$(ls /usr/src/ | grep generic) /usr/src/linux-headers-$(uname RUN sed -i '1s/^/#define __USE_C99_MATH\n/' /usr/src/$(ls /usr/src/ | grep generic)/include/linux/kasan-checks.h RUN sed -i '2s/^/#include \n/' /usr/src/$(ls /usr/src/ | grep generic)/include/linux/kasan-checks.h -# Hack for size_t in kcsan-checks.h -RUN sed -i '1s/^/typedef unsigned long size_t;\n/' /usr/src/$(ls /usr/src/ | grep generic)/include/linux/kcsan-checks.h diff --git a/src/glb-director-xdp/bpf/Makefile b/src/glb-director-xdp/bpf/Makefile index 8a6ff8dc..712f9981 100644 --- a/src/glb-director-xdp/bpf/Makefile +++ b/src/glb-director-xdp/bpf/Makefile @@ -16,6 +16,7 @@ endif -Wno-unknown-warning-option \ -Wno-pointer-sign \ -Werror \ + -include include/compat/types.h \ -include /usr/src/linux-headers-$(KVER:-amd64=-common)/include/linux/kconfig.h \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated \ -I /usr/src/linux-headers-$(KVER:-amd64=-common)/arch/x86/include/generated/uapi \ diff --git a/src/glb-director-xdp/bpf/include/compat/types.h b/src/glb-director-xdp/bpf/include/compat/types.h new file mode 100644 index 00000000..76859a78 --- /dev/null +++ b/src/glb-director-xdp/bpf/include/compat/types.h @@ -0,0 +1,7 @@ +#ifndef _COMPAT_TYPES_H +#define _COMPAT_TYPES_H + +/* Provide size_t for kernel headers that reference it (e.g. kcsan-checks.h) */ +typedef unsigned long size_t; + +#endif /* _COMPAT_TYPES_H */ From 57235934fb1f63bec6b0039bab3983ee20ea2e26 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 17:36:20 -0400 Subject: [PATCH 68/71] Undo changes --- src/glb-director/Makefile | 58 +++++++++++------------------- src/glb-director/bind_classifier.c | 2 +- src/glb-director/cmdline_parse.c | 17 ++------- src/glb-director/glb_kni.c | 6 ---- src/glb-director/main.c | 33 +---------------- src/glb-director/shared_opt.c | 3 +- src/glb-director/strlcpy.h | 5 --- src/glb-redirect/Makefile | 23 +++++------- 8 files changed, 35 insertions(+), 112 deletions(-) diff --git a/src/glb-director/Makefile b/src/glb-director/Makefile index 831f670c..ae516f31 100644 --- a/src/glb-director/Makefile +++ b/src/glb-director/Makefile @@ -33,47 +33,31 @@ RTE_SDK ?= /usr/share/dpdk RTE_TARGET ?= x86_64-default-linuxapp-gcc -ifeq ($(wildcard $(RTE_SDK)/mk/rte.vars.mk),) - # Modern DPDK - use pkg-config - $(info Using modern DPDK build via pkg-config) +include $(RTE_SDK)/mk/rte.vars.mk - APP = glb-director - SRCS-y := main.c bind_classifier.c glb_kni.c glb_fwd_config.c \ - glb_encap.c glb_encap_dpdk.c glb_control_loop.c glb_processor_loop.c \ - siphash24.c glb_director_config.c statsd-client.c shared_opt.c +# binary name +APP = glb-director - CFLAGS += $(shell pkg-config --cflags libdpdk) - CFLAGS += -O3 -g -pie -fPIE -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 -fstack-protector-strong - CFLAGS += -DSTATSD -DSYSTEMD - CFLAGS += -I$(CURDIR)/.. - LDFLAGS += $(shell pkg-config --libs libdpdk) - LDFLAGS += -z relro -z now -ljansson -lsystemd +# all source are stored in SRCS-y +SRCS-y := main.c bind_classifier.c glb_kni.c glb_fwd_config.c \ +glb_encap.c glb_encap_dpdk.c glb_control_loop.c glb_processor_loop.c \ +siphash24.c glb_director_config.c statsd-client.c shared_opt.c - build/app/$(APP): $(SRCS-y) - mkdir -p build/app - $(CC) $(CFLAGS) -o $@ $(SRCS-y) $(LDFLAGS) +#WERROR_FLAGS += -Werror - clean: - rm -rf build +CFLAGS += -O3 -g +CFLAGS += $(WERROR_FLAGS) +CFLAGS += -pie -fPIE -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 -fstack-protector-strong +CFLAGS += -DSTATSD +CFLAGS += -DSYSTEMD +#CFLAGS += -DGLB_DUMP_FULL_PACKET +CFLAGS += -I$(SRCDIR)/../ # for - .PHONY: clean -else - # Legacy DPDK build system - include $(RTE_SDK)/mk/rte.vars.mk +LDFLAGS += -z relro -z now +LDFLAGS += -ljansson +LDFLAGS += -lsystemd - APP = glb-director - SRCS-y := main.c bind_classifier.c glb_kni.c glb_fwd_config.c \ - glb_encap.c glb_encap_dpdk.c glb_control_loop.c glb_processor_loop.c \ - siphash24.c glb_director_config.c statsd-client.c shared_opt.c +# disable since libxenstore.so isn't linked properly +CONFIG_RTE_LIBRTE_PMD_XENVIRT = n - CFLAGS += -O3 -g - CFLAGS += $(WERROR_FLAGS) - CFLAGS += -pie -fPIE -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 -fstack-protector-strong - CFLAGS += -DSTATSD -DSYSTEMD - CFLAGS += -I$(SRCDIR)/.. - LDFLAGS += -z relro -z now -ljansson -lsystemd - - CONFIG_RTE_LIBRTE_PMD_XENVIRT = n - - include $(RTE_SDK)/mk/rte.extapp.mk -endif +include $(RTE_SDK)/mk/rte.extapp.mk diff --git a/src/glb-director/bind_classifier.c b/src/glb-director/bind_classifier.c index 45a41f47..d29203f9 100644 --- a/src/glb-director/bind_classifier.c +++ b/src/glb-director/bind_classifier.c @@ -76,8 +76,8 @@ #include #include "bind_classifier.h" -#include "config.h" #include "bind_classifier_rules.h" +#include "config.h" #include "glb_fwd_config.h" #include "glb_director_config.h" #include "log.h" diff --git a/src/glb-director/cmdline_parse.c b/src/glb-director/cmdline_parse.c index 154d3ea1..3ab4a020 100644 --- a/src/glb-director/cmdline_parse.c +++ b/src/glb-director/cmdline_parse.c @@ -71,7 +71,6 @@ #include #include -#include #include "cmdline.h" #include "cmdline_parse.h" @@ -87,18 +86,6 @@ #define CMDLINE_BUFFER_SIZE 64 -/* struct cmdline became opaque in DPDK 22.11; use the accessor if available */ -#if RTE_VERSION >= RTE_VERSION_NUM(22, 11, 0, 0) -#define CMDLINE_CTX(cl) cmdline_get_ctx(cl) -#else -#define CMDLINE_CTX(cl) ((cl)->ctx) -#endif - -/* RDLINE_BUF_SIZE was removed in newer DPDK; fall back to our local buffer size */ -#ifndef RDLINE_BUF_SIZE -#define RDLINE_BUF_SIZE CMDLINE_BUFFER_SIZE -#endif - /* isblank() needs _XOPEN_SOURCE >= 600 || _ISOC99_SOURCE, so use our * own. */ static int isblank2(char c) @@ -275,7 +262,7 @@ int cmdline_parse(struct cmdline *cl, const char *buf) if (!cl || !buf) return CMDLINE_PARSE_BAD_ARGS; - ctx = CMDLINE_CTX(cl); + ctx = cl->ctx; /* * - look if the buffer contains at least one line @@ -392,7 +379,7 @@ int cmdline_complete(struct cmdline *cl, const char *buf, int *state, char *dst, if (!cl || !buf || !state || !dst) return -1; - ctx = CMDLINE_CTX(cl); + ctx = cl->ctx; debug_printf("%s called\n", __func__); memset(&token_hdr, 0, sizeof(token_hdr)); diff --git a/src/glb-director/glb_kni.c b/src/glb-director/glb_kni.c index 805256f3..bc279b32 100644 --- a/src/glb-director/glb_kni.c +++ b/src/glb-director/glb_kni.c @@ -31,10 +31,6 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "config.h" - -#if GLB_HAVE_KNI - #include #include #include @@ -370,5 +366,3 @@ static void handle_kni_to_nic(unsigned port_id, struct rte_kni *kni, "lcore-%u: -> %d packets (%d queued) burst from KNI to port %d queue %d", rte_lcore_id(), nb_rx, nb_tx, port_id, tx_queue); } - -#endif /* GLB_HAVE_KNI */ diff --git a/src/glb-director/main.c b/src/glb-director/main.c index 3dc9efdb..12c91772 100644 --- a/src/glb-director/main.c +++ b/src/glb-director/main.c @@ -63,9 +63,7 @@ #include #include #include -#if __has_include() #include -#endif #include #include #include @@ -75,14 +73,11 @@ #include #include #include -#if __has_include() #include -#endif #include #include #include #include -#include #ifdef SYSTEMD #include @@ -105,7 +100,6 @@ char forwarding_table[256]; int port_num_queues[MAX_KNI_PORTS]; glb_kni *kni_ports[MAX_KNI_PORTS] = {NULL}; -int glb_mbuf_userdata_offset = -1; /* Use an array of pointers rather than a contiguous array of structs * so that the pointers can be allocated separately, keeping them core-local. @@ -117,13 +111,11 @@ struct rte_mempool *glb_processor_msg_pool = NULL; struct rte_eth_conf port_conf = { .rxmode = { -#if RTE_VERSION < RTE_VERSION_NUM(22, 11, 0, 0) .header_split = 0, /* Header Split disabled */ .hw_ip_checksum = 1, /* IP checksum offload disabled */ .hw_vlan_filter = 0, /* VLAN filtering disabled */ .jumbo_frame = 0, /* Jumbo Frame Support disabled */ .hw_strip_crc = 1, /* CRC stripped by hardware */ -#endif .mq_mode = ETH_MQ_RX_RSS, }, .txmode = @@ -208,21 +200,6 @@ int main(int argc, char **argv) argc -= ret; argv += ret; -#if GLB_HAVE_MBUF_USERDATA_DYNFIELD - static const struct rte_mbuf_dynfield glb_mbuf_userdata_dynfield = { - .name = "glb_mbuf_userdata", - .size = sizeof(uint64_t), - .align = __alignof__(uint64_t), - .flags = 0, - }; - - glb_mbuf_userdata_offset = - rte_mbuf_dynfield_register(&glb_mbuf_userdata_dynfield); - if (glb_mbuf_userdata_offset < 0) { - glb_log_error_and_exit("Could not register mbuf userdata field"); - } -#endif - /* Find any command line options */ get_options(config_file, forwarding_table, argc, argv); @@ -243,7 +220,7 @@ int main(int argc, char **argv) } /* Find out how many NIC ports we have, validate that it's reasonable */ - nb_sys_ports = GLB_ETH_DEV_COUNT(); + nb_sys_ports = rte_eth_dev_count(); if (nb_sys_ports == 0) { glb_log_error_and_exit("No supported Ethernet device found"); return -1; @@ -297,15 +274,9 @@ int main(int argc, char **argv) init_port(i, physical_num_queues, pktmbuf_pool); } -#if GLB_HAVE_KNI if (g_director_config->kni_enabled) { rte_kni_init(nb_sys_ports); } -#else - if (g_director_config->kni_enabled) { - glb_log_info("WARNING: KNI is enabled in config but not available in this DPDK version. KNI functionality will be disabled."); - } -#endif /* Pre-allocate the control message mbuf pool */ glb_processor_msg_pool = rte_mempool_create( @@ -384,7 +355,6 @@ int main(int argc, char **argv) if (core != rte_get_master_lcore()) { glb_log_info("lcore %u setup with workloads 0x%04x", core, ctx->lcore_config.workloads); -#if GLB_HAVE_KNI if ((ctx->lcore_config.workloads & CORE_WORKLOAD_KNI) != 0) { for (kni_index = 0; kni_index < nb_sys_ports; kni_index++) { kni_ports[kni_index] = glb_kni_new(kni_index, 0, core, pktmbuf_pool); @@ -397,7 +367,6 @@ int main(int argc, char **argv) } } } -#endif if ((ctx->lcore_config.workloads & CORE_WORKLOAD_DIST) != 0) { // create the distributor to be linked up to workers on a second pass below diff --git a/src/glb-director/shared_opt.c b/src/glb-director/shared_opt.c index ce86f287..5070a65b 100644 --- a/src/glb-director/shared_opt.c +++ b/src/glb-director/shared_opt.c @@ -33,8 +33,6 @@ #include "shared_opt.h" #include -bool debug = false; - /* parses --config-file, --forwarding-table, and --debug cli options */ void get_options(char *config_file, char *forwarding_table, int argc, @@ -42,6 +40,7 @@ void get_options(char *config_file, char *forwarding_table, int argc, { int opt_index, opt; + debug = false; static struct option long_options[] = { {"config-file", required_argument, NULL, 'c'}, diff --git a/src/glb-director/strlcpy.h b/src/glb-director/strlcpy.h index de3a8793..0f5e314a 100644 --- a/src/glb-director/strlcpy.h +++ b/src/glb-director/strlcpy.h @@ -1,8 +1,5 @@ /* $OpenBSD: strlcpy.c,v 1.11 2006/05/05 15:27:38 millert Exp $ */ -#ifndef GLB_STRLCPY_H -#define GLB_STRLCPY_H - /*- * Copyright (c) 1998 Todd C. Miller * @@ -49,5 +46,3 @@ strlcpy(char * __restrict dst, const char * __restrict src, size_t siz) return(s - src - 1); /* count does not include NUL */ } - -#endif diff --git a/src/glb-redirect/Makefile b/src/glb-redirect/Makefile index e435304e..37c21e9f 100644 --- a/src/glb-redirect/Makefile +++ b/src/glb-redirect/Makefile @@ -2,7 +2,6 @@ KDIR?=/usr/src/linux-headers-$(shell uname -r) BUILDDIR?=. ROOT_DIR:=$(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) -DKMS_TEMPLATE_DIR ?= $(ROOT_DIR) DKMS_MOD_VER:=$(shell grep 'PACKAGE_VERSION' dkms.conf | cut -d'=' -f2) @@ -35,17 +34,13 @@ IPT_LDFLAGS=-lxtables -shared %.so: %.c $(CC) -o $@ $< $(IPT_CFLAGS) $(IPT_LDFLAGS) -DKMS_TEMPLATE_DIR ?= $(ROOT_DIR) - mkdeb: - rm -rf "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb" - @test -n "$(DKMS_TEMPLATE_DIR)" && test -d "$(DKMS_TEMPLATE_DIR)" || \ - (echo "DKMS_TEMPLATE_DIR is unset or does not exist: '$(DKMS_TEMPLATE_DIR)'" >&2; exit 1) - cp -R "$(DKMS_TEMPLATE_DIR)" "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb" - chown : -R "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb" - sed -i '/chmod 644/d' "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb/Makefile" - if [ -f "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb/debian/control" ]; then \ - sed -i '/^Depends:/ s/$$/, pkg-config, libxtables12 | libxtables10, libxtables-dev | libxtables10/' "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb/debian/control"; \ - sed -i 's/^Maintainer: .*/Maintainer: GitHub /' "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb/debian/control"; \ - fi - cd "$(BUILDDIR)/glb-redirect-iptables-dkms-mkdeb" && dkms mkdeb --source-only \ No newline at end of file + rm -rf glb-redirect-iptables-dkms-mkdeb + cp -R /etc/dkms/template-dkms-mkdeb/ glb-redirect-iptables-dkms-mkdeb + chown : -R glb-redirect-iptables-dkms-mkdeb + # Works around this bug: https://ubuntuforums.org/showthread.php?t=2234906 + sed -i '/chmod 644/d' glb-redirect-iptables-dkms-mkdeb/Makefile + sed -i '/^Depends:/ s/$$/, pkg-config, libxtables12 | libxtables10, libxtables-dev | libxtables10/' glb-redirect-iptables-dkms-mkdeb/debian/control + sed -i 's/^Maintainer: .*/Maintainer: GitHub /' glb-redirect-iptables-dkms-mkdeb/debian/control + dkms mkdeb --source-only + mv ../glb-redirect-iptables-dkms_$(DKMS_MOD_VER)_*.deb $(BUILDDIR)/ From 0f307373741ce4a2dbdb9c573a0b6bd9c7618482 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 17:39:14 -0400 Subject: [PATCH 69/71] Remove --- src/glb-director/log.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/glb-director/log.h b/src/glb-director/log.h index cd8e8cde..58c4da2c 100644 --- a/src/glb-director/log.h +++ b/src/glb-director/log.h @@ -36,7 +36,7 @@ #include #define MAX_MESSAGE_SZ 1024 -extern bool debug; +bool debug; // outputs formatted logs to stdout or stderr From beecf591d3582dc8af0efeddba7a281d47495fd2 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Mon, 18 May 2026 17:43:27 -0400 Subject: [PATCH 70/71] Undo more unneeded changes --- src/glb-director/glb_kni.h | 24 ------------------------ 1 file changed, 24 deletions(-) diff --git a/src/glb-director/glb_kni.h b/src/glb-director/glb_kni.h index 8b264e07..bbc5d5e7 100644 --- a/src/glb-director/glb_kni.h +++ b/src/glb-director/glb_kni.h @@ -38,8 +38,6 @@ typedef struct glb_kni_ glb_kni; -#if GLB_HAVE_KNI - /* Creates a GLB context for a KNI interface mapping to the given physical port. * The specified lcore is the one core that will be allowed to burst packets * directly to the KNI interface, while all other lcores will sent via an @@ -70,26 +68,4 @@ void glb_kni_handle_request(glb_kni *gk); */ void glb_kni_release(glb_kni *gk); -#else /* !GLB_HAVE_KNI */ - -static inline glb_kni *glb_kni_new(uint8_t physical_port_id, uint16_t rx_tx_queue_id, - unsigned owner_lcore_id, struct rte_mempool *pktmbuf_pool) -{ - (void)physical_port_id; (void)rx_tx_queue_id; (void)owner_lcore_id; (void)pktmbuf_pool; - return NULL; -} - -static inline unsigned glb_kni_safe_tx_burst(glb_kni *gk, struct rte_mbuf **kni_tx_burst, - unsigned tx_burst_size) -{ - (void)gk; (void)kni_tx_burst; (void)tx_burst_size; - return 0; -} - -static inline void glb_kni_lcore_flush(glb_kni *gk) { (void)gk; } -static inline void glb_kni_handle_request(glb_kni *gk) { (void)gk; } -static inline void glb_kni_release(glb_kni *gk) { (void)gk; } - -#endif /* GLB_HAVE_KNI */ - #endif // GLB_KNI_H From 91a678a72b3ef16a41a8681edb1500b56ef3fbd8 Mon Sep 17 00:00:00 2001 From: Mark Penny Date: Tue, 19 May 2026 11:41:34 -0400 Subject: [PATCH 71/71] Build on Ubuntu Noble (24.04) alongside Focal (20.04) Make 'script/cibuild-create-packages focal' and 'script/cibuild-create-packages noble' both succeed by adding compatibility shims for DPDK 23.11 (Noble) while keeping the existing DPDK 17.11 (Focal) build working. Build system: - src/glb-director/Makefile: detect the legacy DPDK make fragments; when absent (Noble), fall back to a pkg-config based build that produces build/app/glb-director. - src/glb-redirect/Makefile: detect /etc/dkms/template-dkms-mkdeb at runtime. On Focal use the legacy 'dkms mkdeb --source-only' path. On Noble dispatch to a new mkdeb-dh-dkms target that synthesises a minimal debian/ tree (control, changelog, rules, source/format, .dkms, .install) and runs dpkg-buildpackage with dh-dkms, producing the same glb-redirect-iptables-dkms__all.deb artifact. - script/Dockerfile.noble: add dh-dkms, dpkg-dev, and fakeroot for the modern packaging path. DPDK 23.11 source compatibility: - main.c: gate with __has_include; switch rte_eth_dev_count() to GLB_ETH_DEV_COUNT(); guard pre-22.11 rxmode fields (header_split / hw_ip_checksum / hw_vlan_filter / jumbo_frame / hw_strip_crc) with RTE_VERSION; define and register glb_mbuf_userdata_offset when GLB_HAVE_MBUF_USERDATA_DYNFIELD is set. - glb_kni.c: gate the whole file on GLB_HAVE_KNI (KNI was removed in DPDK 23.11) and provide no-op stubs for the public glb_kni_* API in the disabled branch. - bind_classifier.c: include config.h before bind_classifier_rules.h so the ipv4_hdr/ipv6_hdr -> rte_* aliases are visible to the rule table definitions. - cmdline_parse.c: introduce CMDLINE_CTX() macro to use cmdline_get_ctx() on DPDK >= 22.11 (struct cmdline became opaque). C hygiene fixes surfaced by newer toolchain: - log.h: add include guard and change 'bool debug;' to extern; the single definition now lives in shared_opt.c. Fixes multiple- definition link errors on newer GCC defaults (-fno-common). - strlcpy.h: add header guard to prevent the static inline strlcpy from being declared twice when included via multiple paths. Both 'script/cibuild-create-packages focal' and 'script/cibuild-create-packages noble' now exit 0 and produce the expected .deb artifacts (glb-director-cli, glb-director, glb-director- xdp, xdp-root-shim, glb-healthcheck, glb-redirect-iptables-dkms). --- script/Dockerfile.noble | 3 + src/glb-director/Makefile | 27 +++++++++ src/glb-director/bind_classifier.c | 2 +- src/glb-director/cmdline_parse.c | 12 +++- src/glb-director/glb_kni.c | 54 ++++++++++++++++++ src/glb-director/log.h | 7 ++- src/glb-director/main.c | 31 ++++++++++- src/glb-director/shared_opt.c | 3 +- src/glb-director/strlcpy.h | 7 ++- src/glb-redirect/Makefile | 89 +++++++++++++++++++++++++++--- 10 files changed, 219 insertions(+), 16 deletions(-) diff --git a/script/Dockerfile.noble b/script/Dockerfile.noble index 7aa601fb..8854c446 100644 --- a/script/Dockerfile.noble +++ b/script/Dockerfile.noble @@ -25,6 +25,9 @@ RUN apt-get install --assume-yes --fix-broken \ pkg-config \ libsystemd-dev \ dkms \ + dh-dkms \ + dpkg-dev \ + fakeroot \ debhelper \ libxtables-dev diff --git a/src/glb-director/Makefile b/src/glb-director/Makefile index ae516f31..1a2f5fec 100644 --- a/src/glb-director/Makefile +++ b/src/glb-director/Makefile @@ -33,6 +33,32 @@ RTE_SDK ?= /usr/share/dpdk RTE_TARGET ?= x86_64-default-linuxapp-gcc +ifeq ($(wildcard $(RTE_SDK)/mk/rte.vars.mk),) +# Modern DPDK (no legacy make fragments): use pkg-config +APP = glb-director + +SRCS-y := main.c bind_classifier.c glb_kni.c glb_fwd_config.c \ +glb_encap.c glb_encap_dpdk.c glb_control_loop.c glb_processor_loop.c \ +siphash24.c glb_director_config.c statsd-client.c shared_opt.c + +CFLAGS += $(shell pkg-config --cflags libdpdk) +CFLAGS += -O3 -g -pie -fPIE -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 -fstack-protector-strong +CFLAGS += -DSTATSD -DSYSTEMD +CFLAGS += -I$(CURDIR)/.. +LDFLAGS += $(shell pkg-config --libs libdpdk) +LDFLAGS += -z relro -z now -ljansson -lsystemd + +build/app/$(APP): $(SRCS-y) + mkdir -p build/app + $(CC) $(CFLAGS) -o $@ $(SRCS-y) $(LDFLAGS) + +all: build/app/$(APP) + +clean: + rm -rf build + +.PHONY: all clean +else include $(RTE_SDK)/mk/rte.vars.mk # binary name @@ -61,3 +87,4 @@ LDFLAGS += -lsystemd CONFIG_RTE_LIBRTE_PMD_XENVIRT = n include $(RTE_SDK)/mk/rte.extapp.mk +endif diff --git a/src/glb-director/bind_classifier.c b/src/glb-director/bind_classifier.c index d29203f9..45a41f47 100644 --- a/src/glb-director/bind_classifier.c +++ b/src/glb-director/bind_classifier.c @@ -76,8 +76,8 @@ #include #include "bind_classifier.h" -#include "bind_classifier_rules.h" #include "config.h" +#include "bind_classifier_rules.h" #include "glb_fwd_config.h" #include "glb_director_config.h" #include "log.h" diff --git a/src/glb-director/cmdline_parse.c b/src/glb-director/cmdline_parse.c index 3ab4a020..ecb02325 100644 --- a/src/glb-director/cmdline_parse.c +++ b/src/glb-director/cmdline_parse.c @@ -71,6 +71,7 @@ #include #include +#include #include "cmdline.h" #include "cmdline_parse.h" @@ -86,6 +87,13 @@ #define CMDLINE_BUFFER_SIZE 64 +/* struct cmdline became opaque in DPDK 22.11; use the accessor if available */ +#if RTE_VERSION >= RTE_VERSION_NUM(22, 11, 0, 0) +#define CMDLINE_CTX(cl) cmdline_get_ctx(cl) +#else +#define CMDLINE_CTX(cl) ((cl)->ctx) +#endif + /* isblank() needs _XOPEN_SOURCE >= 600 || _ISOC99_SOURCE, so use our * own. */ static int isblank2(char c) @@ -262,7 +270,7 @@ int cmdline_parse(struct cmdline *cl, const char *buf) if (!cl || !buf) return CMDLINE_PARSE_BAD_ARGS; - ctx = cl->ctx; + ctx = CMDLINE_CTX(cl); /* * - look if the buffer contains at least one line @@ -379,7 +387,7 @@ int cmdline_complete(struct cmdline *cl, const char *buf, int *state, char *dst, if (!cl || !buf || !state || !dst) return -1; - ctx = cl->ctx; + ctx = CMDLINE_CTX(cl); debug_printf("%s called\n", __func__); memset(&token_hdr, 0, sizeof(token_hdr)); diff --git a/src/glb-director/glb_kni.c b/src/glb-director/glb_kni.c index bc279b32..edc7452f 100644 --- a/src/glb-director/glb_kni.c +++ b/src/glb-director/glb_kni.c @@ -31,6 +31,10 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include "config.h" + +#if GLB_HAVE_KNI + #include #include #include @@ -366,3 +370,53 @@ static void handle_kni_to_nic(unsigned port_id, struct rte_kni *kni, "lcore-%u: -> %d packets (%d queued) burst from KNI to port %d queue %d", rte_lcore_id(), nb_rx, nb_tx, port_id, tx_queue); } + +#else /* !GLB_HAVE_KNI */ + +#include +#include +#include "glb_kni.h" +#include "log.h" + +/* KNI was removed in DPDK 23.11. Provide stubs that fail gracefully. */ + +struct glb_kni_ { + int unused; +}; + +glb_kni *glb_kni_new(uint8_t physical_port_id, uint16_t rx_tx_queue_id, + unsigned owner_lcore_id, struct rte_mempool *pktmbuf_pool) +{ + (void)physical_port_id; + (void)rx_tx_queue_id; + (void)owner_lcore_id; + (void)pktmbuf_pool; + glb_log_error("KNI support not available in this build of DPDK"); + return NULL; +} + +unsigned glb_kni_safe_tx_burst(glb_kni *gk, struct rte_mbuf **kni_tx_burst, + unsigned tx_burst_size) +{ + (void)gk; + (void)kni_tx_burst; + (void)tx_burst_size; + return 0; +} + +void glb_kni_lcore_flush(glb_kni *gk) +{ + (void)gk; +} + +void glb_kni_handle_request(glb_kni *gk) +{ + (void)gk; +} + +void glb_kni_release(glb_kni *gk) +{ + free(gk); +} + +#endif /* GLB_HAVE_KNI */ diff --git a/src/glb-director/log.h b/src/glb-director/log.h index 58c4da2c..66f08317 100644 --- a/src/glb-director/log.h +++ b/src/glb-director/log.h @@ -30,13 +30,16 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#ifndef _GLB_LOG_H +#define _GLB_LOG_H + #include #include #include #include #define MAX_MESSAGE_SZ 1024 -bool debug; +extern bool debug; // outputs formatted logs to stdout or stderr @@ -165,3 +168,5 @@ inline static void glb_log_error_and_exit(const char *format, ...) exit(1); } + +#endif /* _GLB_LOG_H */ diff --git a/src/glb-director/main.c b/src/glb-director/main.c index 12c91772..afdcf092 100644 --- a/src/glb-director/main.c +++ b/src/glb-director/main.c @@ -63,7 +63,9 @@ #include #include #include +#if __has_include() #include +#endif #include #include #include @@ -94,6 +96,8 @@ #include "shared_opt.h" #include "util.h" +#include + char config_file[256]; char forwarding_table[256]; @@ -101,6 +105,10 @@ int port_num_queues[MAX_KNI_PORTS]; glb_kni *kni_ports[MAX_KNI_PORTS] = {NULL}; +#if GLB_HAVE_MBUF_USERDATA_DYNFIELD +int glb_mbuf_userdata_offset = -1; +#endif + /* Use an array of pointers rather than a contiguous array of structs * so that the pointers can be allocated separately, keeping them core-local. */ @@ -111,11 +119,13 @@ struct rte_mempool *glb_processor_msg_pool = NULL; struct rte_eth_conf port_conf = { .rxmode = { +#if RTE_VERSION < RTE_VERSION_NUM(22, 11, 0, 0) .header_split = 0, /* Header Split disabled */ .hw_ip_checksum = 1, /* IP checksum offload disabled */ .hw_vlan_filter = 0, /* VLAN filtering disabled */ .jumbo_frame = 0, /* Jumbo Frame Support disabled */ .hw_strip_crc = 1, /* CRC stripped by hardware */ +#endif .mq_mode = ETH_MQ_RX_RSS, }, .txmode = @@ -200,6 +210,21 @@ int main(int argc, char **argv) argc -= ret; argv += ret; +#if GLB_HAVE_MBUF_USERDATA_DYNFIELD + static const struct rte_mbuf_dynfield glb_mbuf_userdata_dynfield = { + .name = "glb_mbuf_userdata", + .size = sizeof(uint64_t), + .align = __alignof__(uint64_t), + .flags = 0, + }; + + glb_mbuf_userdata_offset = + rte_mbuf_dynfield_register(&glb_mbuf_userdata_dynfield); + if (glb_mbuf_userdata_offset < 0) { + glb_log_error_and_exit("Could not register mbuf userdata field"); + } +#endif + /* Find any command line options */ get_options(config_file, forwarding_table, argc, argv); @@ -220,7 +245,7 @@ int main(int argc, char **argv) } /* Find out how many NIC ports we have, validate that it's reasonable */ - nb_sys_ports = rte_eth_dev_count(); + nb_sys_ports = GLB_ETH_DEV_COUNT(); if (nb_sys_ports == 0) { glb_log_error_and_exit("No supported Ethernet device found"); return -1; @@ -275,7 +300,11 @@ int main(int argc, char **argv) } if (g_director_config->kni_enabled) { +#if __has_include() rte_kni_init(nb_sys_ports); +#else + glb_log_info("WARNING: KNI is enabled in config but not available in this DPDK version."); +#endif } /* Pre-allocate the control message mbuf pool */ diff --git a/src/glb-director/shared_opt.c b/src/glb-director/shared_opt.c index 5070a65b..ce86f287 100644 --- a/src/glb-director/shared_opt.c +++ b/src/glb-director/shared_opt.c @@ -33,6 +33,8 @@ #include "shared_opt.h" #include +bool debug = false; + /* parses --config-file, --forwarding-table, and --debug cli options */ void get_options(char *config_file, char *forwarding_table, int argc, @@ -40,7 +42,6 @@ void get_options(char *config_file, char *forwarding_table, int argc, { int opt_index, opt; - debug = false; static struct option long_options[] = { {"config-file", required_argument, NULL, 'c'}, diff --git a/src/glb-director/strlcpy.h b/src/glb-director/strlcpy.h index 0f5e314a..91906e8c 100644 --- a/src/glb-director/strlcpy.h +++ b/src/glb-director/strlcpy.h @@ -1,4 +1,7 @@ -/* $OpenBSD: strlcpy.c,v 1.11 2006/05/05 15:27:38 millert Exp $ */ +/*$OpenBSD: strlcpy.c,v 1.11 2006/05/05 15:27:38 millert Exp $*/ + +#ifndef GLB_STRLCPY_H +#define GLB_STRLCPY_H /*- * Copyright (c) 1998 Todd C. Miller @@ -46,3 +49,5 @@ strlcpy(char * __restrict dst, const char * __restrict src, size_t siz) return(s - src - 1); /* count does not include NUL */ } + +#endif diff --git a/src/glb-redirect/Makefile b/src/glb-redirect/Makefile index 37c21e9f..b0a0e06c 100644 --- a/src/glb-redirect/Makefile +++ b/src/glb-redirect/Makefile @@ -35,12 +35,83 @@ IPT_LDFLAGS=-lxtables -shared $(CC) -o $@ $< $(IPT_CFLAGS) $(IPT_LDFLAGS) mkdeb: - rm -rf glb-redirect-iptables-dkms-mkdeb - cp -R /etc/dkms/template-dkms-mkdeb/ glb-redirect-iptables-dkms-mkdeb - chown : -R glb-redirect-iptables-dkms-mkdeb - # Works around this bug: https://ubuntuforums.org/showthread.php?t=2234906 - sed -i '/chmod 644/d' glb-redirect-iptables-dkms-mkdeb/Makefile - sed -i '/^Depends:/ s/$$/, pkg-config, libxtables12 | libxtables10, libxtables-dev | libxtables10/' glb-redirect-iptables-dkms-mkdeb/debian/control - sed -i 's/^Maintainer: .*/Maintainer: GitHub /' glb-redirect-iptables-dkms-mkdeb/debian/control - dkms mkdeb --source-only - mv ../glb-redirect-iptables-dkms_$(DKMS_MOD_VER)_*.deb $(BUILDDIR)/ + @if [ -d /etc/dkms/template-dkms-mkdeb/ ]; then \ + set -e; \ + echo "Using legacy 'dkms mkdeb' workflow"; \ + rm -rf glb-redirect-iptables-dkms-mkdeb; \ + cp -R /etc/dkms/template-dkms-mkdeb/ glb-redirect-iptables-dkms-mkdeb; \ + chown : -R glb-redirect-iptables-dkms-mkdeb; \ + sed -i '/chmod 644/d' glb-redirect-iptables-dkms-mkdeb/Makefile; \ + sed -i '/^Depends:/ s/$$/, pkg-config, libxtables12 | libxtables10, libxtables-dev | libxtables10/' glb-redirect-iptables-dkms-mkdeb/debian/control; \ + sed -i 's/^Maintainer: .*/Maintainer: GitHub /' glb-redirect-iptables-dkms-mkdeb/debian/control; \ + dkms mkdeb --source-only; \ + mv ../glb-redirect-iptables-dkms_$(DKMS_MOD_VER)_*.deb $(BUILDDIR)/; \ + elif command -v dh_dkms >/dev/null 2>&1; then \ + set -e; \ + echo "Using modern 'dh-dkms / dpkg-buildpackage' workflow"; \ + $(MAKE) mkdeb-dh-dkms; \ + else \ + echo "Error: neither 'dkms mkdeb' template nor dh-dkms available" >&2; \ + exit 1; \ + fi + +# Modern DKMS packaging via dh-dkms + dpkg-buildpackage. +# Produces an "all"-arch source-only DKMS deb that builds the kernel module +# on the installation target (same behavior as the legacy 'dkms mkdeb --source-only'). +PKG_NAME := glb-redirect-iptables +PKG_VER := $(DKMS_MOD_VER) +DH_BUILD := $(BUILDDIR)/dh-dkms-build +SRCDIR_NAME := $(PKG_NAME)-$(PKG_VER) + +.PHONY: mkdeb-dh-dkms +mkdeb-dh-dkms: + rm -rf $(DH_BUILD) + mkdir -p $(DH_BUILD)/$(SRCDIR_NAME) + # Copy the kernel module source (everything dkms.conf references). + cp -a dkms.conf ipt_GLBREDIRECT.c ipt_glbredirect.h Makefile install-ipt.sh \ + $(DH_BUILD)/$(SRCDIR_NAME)/ + # Generate a minimal debian/ tree that delegates to dh-dkms. + mkdir -p $(DH_BUILD)/$(SRCDIR_NAME)/debian/source + echo '3.0 (native)' > $(DH_BUILD)/$(SRCDIR_NAME)/debian/source/format + printf '%s\n' \ + 'Source: $(PKG_NAME)-dkms' \ + 'Section: misc' \ + 'Priority: optional' \ + 'Maintainer: GitHub ' \ + 'Build-Depends: debhelper-compat (= 13), dh-dkms' \ + 'Standards-Version: 4.6.0' \ + '' \ + 'Package: $(PKG_NAME)-dkms' \ + 'Architecture: all' \ + 'Depends: dkms, $${misc:Depends}, pkg-config, libxtables12 | libxtables10, libxtables-dev | libxtables10' \ + 'Description: GLB redirect iptables kernel module (DKMS).' \ + ' DKMS source for the ipt_GLBREDIRECT iptables target used by GLB.' \ + > $(DH_BUILD)/$(SRCDIR_NAME)/debian/control + printf '%s\n' \ + '$(PKG_NAME)-dkms ($(PKG_VER)) unstable; urgency=medium' \ + '' \ + ' * Automated build.' \ + '' \ + ' -- GitHub $(shell date -R)' \ + > $(DH_BUILD)/$(SRCDIR_NAME)/debian/changelog + # dh_dkms reads the .dkms file and installs it as dkms.conf into + # /usr/src/-/. The kernel module source files are + # installed alongside it via debian/install. + echo 'dkms.conf' > $(DH_BUILD)/$(SRCDIR_NAME)/debian/$(PKG_NAME)-dkms.dkms + printf '%s\n' \ + 'ipt_GLBREDIRECT.c usr/src/$(SRCDIR_NAME)' \ + 'ipt_glbredirect.h usr/src/$(SRCDIR_NAME)' \ + 'Makefile usr/src/$(SRCDIR_NAME)' \ + 'install-ipt.sh usr/src/$(SRCDIR_NAME)' \ + > $(DH_BUILD)/$(SRCDIR_NAME)/debian/$(PKG_NAME)-dkms.install + printf '%s\n' \ + '#!/usr/bin/make -f' \ + '%:' \ + ' dh $$@ --with dkms' \ + 'override_dh_auto_build:' \ + 'override_dh_auto_test:' \ + 'override_dh_auto_install:' \ + > $(DH_BUILD)/$(SRCDIR_NAME)/debian/rules + chmod +x $(DH_BUILD)/$(SRCDIR_NAME)/debian/rules + cd $(DH_BUILD)/$(SRCDIR_NAME) && dpkg-buildpackage -us -uc -b + mv $(DH_BUILD)/$(PKG_NAME)-dkms_$(PKG_VER)_all.deb $(BUILDDIR)/glb-redirect-iptables-dkms_$(PKG_VER)_all.deb