-
Notifications
You must be signed in to change notification settings - Fork 395
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
<fix>[conf]: internal port #1329
base: master
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -174,7 +174,7 @@ | |
<category>kvm</category> | ||
<name>kvmagent.allow.ports</name> | ||
<description>tcp or udp ports allowed by kvmagent, udp port start with 'u' like 'u67', port range can be like this: 1100:1200, multiple port or port range can be separated by ”,“</description> | ||
<defaultValue>22,7070,16509,49152:49261,2049,20000:30000,u4789,u8472,7069,9100,9103,9092</defaultValue> | ||
<defaultValue>22,{KvmAgent.port},16509,49152:49261,2049,20000:30000,u4789,u8472,{KvmAgent.prometheusPort},{KvmAgent.nodeExportPort},{KvmAgent.collectdExposePort},{kvmhost.pushgateway.webListenPort}</defaultValue> | ||
<type>java.lang.String</type> | ||
</config> | ||
|
||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. with a brief overview of the code patch The code patch is adding new ports to the kvmagent.allow.ports configuration, by replacing the existing port values with references to variables. The four new variables being used are KvmAgent.port, KvmAgent.prometheusPort, KvmAgent.nodeExportPort and kvmhost.pushgateway.webListenPort. Now, let's look at potential risks:
Suggestions for improvement:
|
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -43,7 +43,5 @@ | |
<zstack:extension interface="org.zstack.header.console.ConsoleBackend" /> | ||
<zstack:extension interface="org.zstack.header.managementnode.ManagementNodeReadyExtensionPoint" /> | ||
</zstack:plugin> | ||
|
||
<property name="agentPort" value="${ManagementServerConsoleProxyBackend.agentPort:7758}" /> | ||
</bean> | ||
</beans> | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. the review:
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -13,4 +13,6 @@ public class ConsoleGlobalProperty { | |
public static String AGENT_PACKAGE_NAME; | ||
@GlobalProperty(name="MN.network.", defaultValue = "") | ||
public static List<String> MN_NETWORKS; | ||
@GlobalProperty(name="ConsoleProxy.agentPort", defaultValue = "7758") | ||
public static int AGENT_PORT; | ||
} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. code review
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -337,6 +337,7 @@ public void run(Map tokens, Object data) { | |
private void update(String newValue, boolean localUpdate) { | ||
// substitute system properties in newValue | ||
newValue = StringTemplate.substitute(newValue, propertiesMap); | ||
newValue = StringTemplate.substitute(newValue, Platform.getGlobalProperties()); | ||
|
||
validate(newValue); | ||
|
||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. with the code patch The first thing I would do is check for any potential security issues or vulnerabilities. Since the code is accessing global properties, I would make sure that these are properly sanitized and validated before being used. Additionally, I would investigate if the newValue parameter is properly escaped to prevent any type of code injection. Next, I would review the logic of the code to make sure that it is doing what is expected. I would also check for any dead code or redundant operations. Finally, I would consider if there is any potential for performance improvements. For example, are there any operations that can be cached or optimized? Overall, the code looks like it is doing what it is supposed to, but it would be beneficial to do a thorough review in order to identify any potential problems. |
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,7 @@ | ||
package org.zstack.core.config; | ||
|
||
import org.springframework.beans.factory.annotation.Autowired; | ||
import org.zstack.core.Platform; | ||
import org.zstack.core.cloudbus.CloudBus; | ||
import org.zstack.core.cloudbus.MessageSafe; | ||
import org.zstack.core.componentloader.PluginRegistry; | ||
|
@@ -224,6 +225,7 @@ private void loadConfigFromJava() { | |
} | ||
// substitute system properties in defaultValue | ||
String defaultValue = StringTemplate.substitute(d.defaultValue(), propertiesMap); | ||
defaultValue = StringTemplate.substitute(defaultValue, Platform.getGlobalProperties()); | ||
|
||
GlobalConfig c = new GlobalConfig(); | ||
c.setCategory(config.getCategory()); | ||
|
@@ -512,11 +514,13 @@ private void parseConfig(File file) throws JAXBException { | |
throw new IllegalArgumentException(String.format("GlobalConfig[category:%s, name:%s] must have a default value", c.getCategory(), c.getName())); | ||
} else { | ||
c.setDefaultValue(StringTemplate.substitute(c.getDefaultValue(), propertiesMap)); | ||
c.setDefaultValue(StringTemplate.substitute(c.getDefaultValue(), Platform.getGlobalProperties())); | ||
} | ||
if (c.getValue() == null) { | ||
c.setValue(c.getDefaultValue()); | ||
} else { | ||
c.setValue(StringTemplate.substitute(c.getValue(), propertiesMap)); | ||
c.setValue(StringTemplate.substitute(c.getValue(), Platform.getGlobalProperties())); | ||
} | ||
GlobalConfig config = GlobalConfig.valueOf(c); | ||
if (configsFromXml.containsKey(config.getIdentity())) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. with a brief code review:
|
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -29,7 +29,18 @@ public class KVMGlobalProperty { | |
public static String TAKEVOERFLAGPATH; | ||
@GlobalProperty(name="MN.network.", defaultValue = "") | ||
public static List<String> MN_NETWORKS; | ||
<<<<<<< HEAD | ||
@GlobalProperty(name = "host.skip.packages", defaultValue = "qemu, qemu-kvm, qemu-kvm-ev, qemu-img, qemu-img-ev") | ||
public static String SKIP_PACKAGES; | ||
|
||
======= | ||
@GlobalProperty(name="KvmAgent.prometheusPort", defaultValue = "7069") | ||
public static int PROMETHEUS_PORT; | ||
@GlobalProperty(name="KvmAgent.collectdExposePort", defaultValue = "9103") | ||
public static int COLLECTD_EXPOSE_PORT; | ||
@GlobalProperty(name="KvmAgent.nodeExportPort", defaultValue = "9100") | ||
public static int NODE_EXPORT_PORT; | ||
@GlobalProperty(name="KvmAgent.collectdAcceptPort", defaultValue = "25826") | ||
public static int COLLECTD_ACCEPT_PORT; | ||
>>>>>>> 79bcc5c08d ([BugFix: ZSTACK-25869]internal-port) | ||
} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. :
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -4122,8 +4122,14 @@ public void run(final FlowTrigger trigger, Map data) { | |
ub.path(new StringBind(KVMConstant.KVM_ANSIBLE_LOG_PATH_FROMAT).bind("uuid", self.getUuid()).toString()); | ||
String postUrl = ub.build().toString(); | ||
|
||
<<<<<<< HEAD | ||
deployArguments.setPostUrl(postUrl); | ||
runner.setDeployArguments(deployArguments); | ||
======= | ||
runner.putArgument("post_url", postUrl); | ||
runner.putArgument("kvmagent_prometheus_port", String.valueOf(KVMGlobalProperty.PROMETHEUS_PORT)); | ||
runner.putArgument("kvmagent_port", String.valueOf(KVMGlobalProperty.AGENT_PORT)); | ||
>>>>>>> 79bcc5c08d ([BugFix: ZSTACK-25869]internal-port) | ||
runner.run(new ReturnValueCompletion<Boolean>(trigger) { | ||
@Override | ||
public void success(Boolean run) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. with a brief code review of the above patch The code patch adds additional arguments to the 'runner` object, specifically the postUrl and kvmagent_prometheus_port & kvmagent_port. Adding these parameters should improve the performance of the application by allowing for more efficient communication with the KVM agent. Additionally, it looks like the patch is also fixing an issue with the StringBind class, which could potentially lead to issues with the application. Overall, this patch looks like a positive change and should improve the performance of the application. |
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
package org.zstack.network.service.lb; | ||
|
||
import org.zstack.core.Platform; | ||
import org.zstack.header.network.service.NetworkServiceType; | ||
import org.zstack.header.vm.VmInstanceConstant; | ||
|
||
|
@@ -64,7 +65,7 @@ public static enum HealthCheckStatusCode { | |
|
||
public static final int DNS_PORT = 53; | ||
public static final int SSH_PORT = 22; | ||
public static final int ZVR_PORT = 7272; | ||
public static final int ZVR_PORT = Integer.parseInt(Platform.getGlobalProperties().get("VirtualRouter.agentPort")); | ||
|
||
/*max concurrent connect no more than MAX_CONNECTION_LIMIT per listener*/ | ||
public static final long MAX_CONNECTION_LIMIT = 10000000; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. the code review:
|
||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The patch changes the default port from 4900,4901 to {consoleProxyPort},4901 - this could introduce a security risk if consoleProxyPort is not validated properly or if it is empty.
It would be better to validate the value of consoleProxyPort before using it in the defaultValue.
If the intention is to allow multiple ports, then the syntax used for defaultValue should be according to the description given in the code. For example: 1100:1200,u67 etc.
It might be beneficial to add some more comments to the code to make it more readable and understandable.