Apache Traffic Control is an Open Source implementation of a Content Delivery Network.
Traffic Ops Golang parent.config
~Still WIP. I've tested against a single edge and mid; still need to test against a large number of configurations of edges and mids.~
Removing WIP - I think this is good to be merged. I've manually diffed versus the old Perl parent.config, against every edge and mid in our production CDN.
The only differences vs Perl, are where duplicate origins exist with different configurations (a data bug), and Perl arbitrarily selects one with no warning or error. Go now logs an error when that happens. Unfortunately, Perl is ordering them by an internal Perl hash of the object, which isn't feasible to replicate in Go. But again, it's a data bug to have that scenario at all.
Fixes #3071 in https://github.com/apache/trafficcontrol/pull/3075/commits/48ba440ce7f79d9c7701ed3cdc381a666372216d Does not fix #2725 - that's a much more invasive fix, I think should be a separate PR.
Includes API tests.
Rewrites the /user/reset_password API endpoint to Go
Functionality is unchanged, so no documentation required.
Configure SMTP to be used with a TO instance built from this branch, then attempt to send a password reset email via this endpoint.
No tests because it requires an SMTP server to send an email to a human which is hard to test.
Reworked the POST method handler of the /servers/{{ID}}/deliveryservices endpoint to both
a) respect CDN limitations in assignments b) respect tenancy permissions
Also updated Traffic Portal so that servers which are unavailable for DS assignment cloning do not appear in the selection menu.
Draft status pending testing.
Build and run Traffic Ops and Traffic Portal, attempt to assign a server to one or more Delivery Services in a different CDN, and/or to one or more Delivery Services to which access by your tenant is forbidden. Traffic Portal should not present you with the ability to do so, and Traffic Ops should reject your attempt should you bypass the UI.
Rewrites the /capabilities endpoint to Go. Also adds handlers for the PUT and DELETE request methods.
Run the associated tests in traffic_ops/testing/api/v14.
Introduces an Angular7-based subset of Traffic Portal, intended for use by users who want to monitor/configure limited parts of a syndicated CDN architecture. This is meant to first and foremost replace a certain, closed-source UI for which there is currently no open-source equivalent.
This project is overall a WIP, but I'd like it to be merged into experimental/ in case anyone else wants to help out with the development.
Here's what's implemented so far:
mojolicious cookie is valid./api/ is sent upstream to TOdisplayName using a fuzzy search bar(inactive) to the name), and an informational link that appears when the Delivery Service has an infoURL which, when clicked, opens said URL in a new browsing context (usually a "tab").Key: {{xml_id}} ({{numeric id}})longDesc field, if defined<meter>s which generally render as a bar that goes from red to green as conditions improve, and include hover text and fallback rendering that display the actual percent as a number.A README with instructions for setup, deployment and development can be found at the project root (i.e. in experimental/traffic-portal-angular-7)
This PR implements solution for the issue: https://github.com/apache/incubator-trafficcontrol/issues/1907
It places the backup policy in the CZF file
{ "coverageZones": { "GROUP2": { "backupList": ["GROUP1"], "network6": [ "1234:567a::/64", "1234:567b::/64" ], "network": [ "10.197.69.0/24" ] }, "GROUP1": { "backupList": ["GROUP2"], "network6": [ "1234:5677::/64", "1234:5676::/64" ], "network": [ "10.126.250.0/24" ] } } }
GROUP1 : Two cache Servers Group2 : One Cache Server GEO Limit set to CZF only
Request from GROUP1's subnet , with one server in GROUP1 down and make sure the request is getting redirected to the remaining server in GROUP1 Request from GROUP1's subnet , with both servers in GROUP1 down and make sure the request is getting redirected to the GROUP2
Regression cases Set GEO limit to None without backup list configured in CZF Request from GROUP1's subnet , with both servers in GROUP1 down and make sure the request is getting redirected to the GROUP2
new feature Traffic Router abandonedRewrites the "Jobs" endpoints from Perl to Go. This includes
DELETE method - NEW deletes an existing Job. Queues reval_pending on all servers.GET methodPUT method - NEW replaces an existing Job. Queues reval_pending on all servers.POST method - NEW creates a new Job. Queues reval_pending on all servers.GET methodPOST method - now requires privilege Role >= Portal, regardless of tenancy. No longer checks DS-to-user assignments when considering permissions.Input timestamps are now accepted in RFC3339 format (with or without nanosecond precision) as well as our proprietary format used for "Last Updated" fields.
Creating, deleting, editing, replacing and viewing Jobs. Output and behavior should match the provided documentation. Client code has associated tests, which should pass when run.
Pattern-based consistent hashing is a new feature that allows the user to influence cache selection (and delivery service selection for steering ds's) by adjusting the request path before it is passed to the consistent hasher in Traffic Router by applying a regex group matching. This is accomplished via a new delivery service field on HTTP and Steering delivery services called "Consistent Hash Regex" that is propagated to TR through the CRConfig.
Traffic Router parses the new optional regex field from the CRConfig and uses it during cache selection (HTTP delivery services) or delivery service selection (Steering delivery services).
For HTTP delivery services:
For Steering delivery services:
Additionally, I've included a Traffic Portal "Test Tool" so that users can test a regex against a request path to determine exactly what will be used by Traffic Router's consistent hasher. There is a link to the test tool underneath the form field in Traffic Portal.
This adds an app, which serves Traffic Ops endpoints as they're written (currently, just monitoring.json), and reverse-proxies everything else to the old Perl Traffic Ops.
Includes RPM and Service files, to deploy it alongside the old TO.
This can be trivially deployed alongside the old TO with no config (Puppet) changes. It reads the old TO config, and Postinstall sets the new port it needs.
Things left before this can be merged:
/traffic_ops dir for build.shtocookie out of experimental.json and without[Issue 1907] Backup edge cache group TO API / TR cr-config changes
https://github.com/apache/incubator-trafficcontrol/issues/1907
Contains the following changes: Traffic Router - Backup edge configuration parsing and decision making code changes Traffic Ops - Mojolicious Perl CRUD APIs
This is the initial version of code. Only minimal testing has been done. Will run more cases and update. Hosting it in advance to get review comments :-)
new feature Traffic RouterAdd a new API for creating, reading, and deleting (not updating) server capabilities:
POST /api/1.4/server_capabilities
GET /api/1.4/server_capabilities[?name=<name>]
DELETE /api/1.4/server_capabilities?name=<name>
expected POST body:
{"name": "bar"}
expected POST response:
{
"alerts": [
{
"text": "server capability was created.",
"level": "success"
}
],
"response": {
"name": "bar",
"lastUpdated": "2019-10-07 22:10:00+00"
}
}
expected GET response (can use ?name=... qparam to filter by name):
{
"response": [
{
"name": "bar",
"lastUpdated": "2019-10-07 20:38:24+00"
}
]
}
expected DELETE response:
{
"alerts": [
{
"text": "server capability was deleted.",
"level": "success"
}
]
}
Documentation will be done in a follow-up PR.
Read the added TO API tests to verify they're sufficient, then run the TO API tests.
Replace go install with the golang docker image
Build docker images and verify they are still working
Closes: #7221 Closes: #7225
Bumps fast-json-patch from 3.1.0 to 3.1.1.
Sourced from fast-json-patch's releases.
3.1.1
Security Fix for Prototype Pollution - huntr.dev #262
9d313ac fix(tests): Updated tests to reflect new error messagee4f4eb3 3.1.1d7903fb fix: typescript codegen changes5f04488 Bumping version number7e9fe13 Typescript provided097864a Documentation updated51964ed feat: Cleaned up vars vs consts8a6a360 New buildadeb422 Update .gitignore59336fe Merge pull request #292 from Starcounter-Jack/dependabot/npm_and_yarn/ajv-6.12.6Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR@dependabot recreate will recreate this PR, overwriting any edits that have been made to it@dependabot merge will merge this PR after your CI passes on it@dependabot squash and merge will squash and merge this PR after your CI passes on it@dependabot cancel merge will cancel a previously requested merge and block automerging@dependabot reopen will reopen this PR if it is closed@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labels will set the current labels as the default for future PRs for this repo and language@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and languageYou can disable automated security fix PRs for this repo from the Security Alerts page.
Fix support of http rpm resources in Dockerfile (--build-arg TMCAT & RPM) of Traffic Router like other components.
Useful in CI/CD build context and work as expected with the current Example Build and Run of Dockerfile
Try docker build with--build-arg=TMCAT=https://<internal mirror>/tomcat-9.0.67-1.el8.noarch.rpm --build-arg=RPM=https://<internal mirror>/traffic_router.rpm
Changes between API versions are extensive, and generally aren't enumerated in the changelog - for example, in APIv5 the format of a timestamp in a Delivery Service structure changed from the TO custom timestamp to RFC3339, but that is not listed in the changelog. Such things are usually implementation details of larger changes listed in the CHANGELOG and are usually quite extensive for any given (major) version gap, so it's not reasonable to expect people to add all of that to a regular CHANGELOG. Especially not since we (try to) always require .. versionadded::, .. versionchanged::, and .. deprecated:: directives to the documentation for Traffic Ops endpoints whenever these changes occur.
So how do you know the API differences? There are two equally tedious methods today. You can read all of the documentation for one version, then all of the documentation for the other and compare what's different. Or, you could read through all of the changes for all of the PRs that went into a release that solidified the version in question, and by examining the changes to Go code and documentation you can figure out what's different.
However, because we (try to) always add the Sphinx directives above, there's a much easier way that just isn't being utilized at the moment.
You can get a list of the changes in a version with the changes Sphinx builder. The only problem is that we have a project-wide version that doesn't match our API version, so the changes get messed up. There's a simple way around that, and what this PR does is expose that through our docs' makefile. Now, if you want to see the things that were added, changed, and deprecated in API version, say 4.0, you can do:
make VERSION=4.0 apichanges
... and it spits out an HTML document summarizing those changes into docs/build/apichanges/. Note that if you don't specify a version, it'll default to the project version - 7.1.0 at the time of this writing.
This PR also adds the ability to override the version for the already-supported changes target, which summarizes changes to the entire project. This is because (in the API docs specifically, but also some other places throughout the docs) the prefix ATCv is prepended to the version number for those directives, to make it clear that it's the project version and not an API version. So make changes may not give you the whole truth; it may be necessary to also look at e.g. make VERSION=ATCv7.1.
I intend to follow this PR up with another that syncs this disparate usage across the docs to make this functionality easier to use, along with a guidelines section on the topic.
make VERSION=4.0 apichanges and verify outputLooks like Traffic Router creates a default self-signed certificate. 2 files seems to be generated:
When one changes the hostname of the server. A new certificate is not generated and Traffic Router complaints with a few messages like:
ERROR 2022-12-14T20:11:54.307 [Thread-21] org.apache.traffic_control.traffic_router.secure.CertificateRegistry - Failed to load default certificate. Received class java.lang.NullPointerException with message: null
ERROR 2022-12-14T20:11:54.308 [Thread-21] org.apache.traffic_control.traffic_router.secure.CertificateRegistry - Failed to initialize the API Default certificate.
Traffic Router should regenerate a new certificate that matches the hostname.
Apache Traffic Control 7.0.1 is also available here:
Source code(tar.gz)PUT a requested configuration change for a full configuration or per host and an endpoint to approve or deny the request.GET capacity and telemetry data for CDNi integration.status field logging with the addition of the filed to publish/CrStatesGET /deliveryservices/{id}/servers/ and /deliveryservices/{id}/servers/eligible.GET /servers/, POST /servers/, PUT /servers/{id} and DELETE /servers/{id}.tm_query_status_override -- to override which status of Traffic Monitors to query (default: ONLINE).ats #6879.distributed_polling which enables the ability for Traffic Monitor to poll a subset of the CDN and divide into "local peer groups" and "distributed peer groups". Traffic Monitors in the same group are local peers, while Traffic Monitors in other groups are distibuted peers. Each TM group polls the same set of cachegroups and gets availability data for the other cachegroups from other TM groups. This allows each TM to be responsible for polling a subset of the CDN while still having a full view of CDN availability. In order to use this, stat_polling must be disabled.access.log to TM.cdn.conf option -- server_update_status_cache_refresh_interval_sec -- which enables an in-memory server update status cache to improve performance. Default: 0 (disabled).cdn.conf option -- user_cache_refresh_interval_sec -- which enables an in-memory users cache to improve performance. Default: 0 (disabled).file-protocol URLs for the geolocation.polling.url for the Geolocation database.status and lastPoll fields to the publish/CrStates endpoint of Traffic Monitor (TM) #6448.__HOSTNAME__ in "unknown" files (others than the defaults ones), was being replaced by the full FQDN instead of the shot hostname.GET /deliveryservicesserver causing error when an IMS request is made with the cdn and maxRevalDurationDays parameters set.PUT /servers/:id/status to only queue updates on the same CDN as the updated serverRHEL_VERSION=7operations and admin roles should have the DELIVERY-SERVICE:UPDATE permission.npm audit issues.api/{{version}/deliveryservices/{id}/health returns no info if the delivery service uses a topology./acme_accounts/acme_accounts endpoint to validate email and URL fieldsPOST and response code for PUT to /acme_accounts endpointcreate_tables.sql more than once./server/details associated with query parameters.GET for /servers to display all profiles irrespective of the index position. Also, replaced query param profileId with profileName.POST api/cachegroups/id/queue_updates endpoint so that it doesn't give an internal server error anymore.dequeueing server updates should not require checking for cdn locks.client.steering.forced.diversity feature flag(profile parameter) from Traffic Router (TR). Client steering responses now have cache diversity by default.npm audit issues, specifically grunt-concurrent, grunt-contrib-concat, grunt-contrib-cssmin, grunt-contrib-jsmin, grunt-contrib-uglify, grunt-contrib-htmlmin, grunt-newer, and grunt-wiredeppeer_polling_protocol option. Traffic Monitor now just uses hostnames to request peer states, which can be handled via IPv4 or IPv6 depending on the underlying IP version in use.forever with pm2 for process management of the traffic portal node server to remediate security issues./servers/details endpoint of the Traffic Ops API has been dropped in version 4.0, and marked deprecated in earlier versions.deliveryservice_tmuser table from Traffic Ops databaseTRAFFIC_ROUTER-type Profiles no longer need to have names that match any kind of pattern (e.g. CCR_.*)cdn and maxRevalDurationDays to the GET /api/x/jobs Traffic Ops API to filter by CDN name and within the start_time window defined by the maxRevalDurationDays GLOBAL profile parameter, respectively.disable_auto_cert_deletion -- in order to optionally prevent the automatic deletion of certificates for delivery services that no longer exist whenever a CDN snapshot is taken.cdn to the GET /api/x/deliveryserviceserver Traffic Ops API to filter by CDN nameGET /cdns/routing Traffic Ops APIuser/current to work with v4 User Roles and PermissionsToDnssecRefresh binary and make the trafops_dnssec_refresh cron job use it
- Changed Invalidation Jobs throughout (TO, TP, T3C, etc.) to account for the ability to do both REFRESH and REFETCH requests for resources.admin Role is now always guaranteed to exist, and can't be deleted or modified./api_capability and /capabilities.user_role table.traffic_ops.sh shell profile no longer sets GOPATH or adds its bin folder to the PATH/capabilities removed from Traffic Ops API version 4.-c to specify a configuration file, and the ability to set log: null to log to stdout (consult documentation for details).Invalidation Type (REFRESH or REFETCH) for invalidating content to Traffic Portal.ruby compass to compile sass and now uses dart-sass.
- Changed Invalidation Jobs throughout (TO, TP, T3C, etc.) to account for the ability to do both REFRESH and REFETCH requests for resources.short_hostname_override -- to traffic_monitor.cfg to allow overriding the system hostname that Traffic Monitor uses.stat_polling (default: true) -- to traffic_monitor.cfg to disable stat polling.heartbeat.polling.interval for CDN Traffic Monitor config in API documentation.logs property of the Traffic Stats configuration file (refer to documentation for details).log4j.properties with Log4j 1.2maxConnections value on Traffic Router, to prevent the thundering herd problem (TR).jackson-databind and jackson-annotations Traffic Router dependencies to version 2.13.1- Updated t3c to request less unnecessary deliveryservice-server assignment and invalidation jobs data via new query params supported by Traffic Ops
- Changed Invalidation Jobs throughout (TO, TP, T3C, etc.) to account for the ability to do both REFRESH and REFETCH requests for resources.
t3c-apply to reduce mutable state in TrafficOpsReq struct.pkg script options, -h, -s, -S, and -L.Released February 4th, 2022
Apache Traffic Control 5.1.6 is available here:
log4j.properties with Log4j 1.2jackson-databind and jackson-annotations Traffic Router dependencies to version 2.13.1Released December 23rd, 2021
Apache Traffic Control 5.1.5 is available here:
log4j module in Traffic Router from version 1.2.17 to 2.17.0log4j dependency in Traffic Router from version 1.2.17 to 2.17.0Released November 8 th, 2021
Apache Traffic Control 6.0.1 is available here:
/cdns/{name}/federations?id=# to search for CDN./deliveryservices/:id/routing makes requests to all TRs instead of by CDN.Released November 8th, 2021
Apache Traffic Control 5.1.4 is available here:
GET /user/current, GET /users, GET /user?id=) response payloadinstall/bin/_postinstall.pl and has been deprecated, pending removal in a future release.traffic_vault_backend and traffic_vault_configGET request method for /deliveryservices/{{ID}}/assignGET request method for /deliveryservices/{{ID}}/statusGetServersByDeliveryService method to the TO Go clientDELETE request method for deliveryservices/xmlId/{name}/urlkeys and deliveryservices/{id}/urlkeys.traffic_ops/app/db/traffic_vault_migrate to help with migrating Traffic Ops Traffic Vault backends/traffic_ops/app/db/reencrypt to re-encrypt the data in the Postgres Traffic Vault with a new key.tlsVersions - that explicitly lists the TLS versions that may be used to retrieve their content from Cache Servers./deliveryservices/request Traffic Ops API endpoint can no longer contain characters besides alphanumerics, @, !, #, $, %, ^, &, *, (, ), [, ], '.', ' ', and '-'. This fixes a vulnerability that allowed email content injection.403 Forbidden when the user tries to get servers of a non-existent DS using GET /servers?dsId={{nonexistent DS ID}}monitor to true./deliveryservices/{{ID}}/safe returns incorrect response for the requested API version/servers/{{ID}}/deliveryservices returns incorrect response for the requested API versiondb/admin tool to use Migrate instead of Goose and converted the migrations to Migrate format (split up/down for each migration into separate files)/cdns/dnsseckeys/refresh). As of TO API v4, its method is PUT instead of GET, its response format was changed to return an alert instead of a string-based response, it returns a 202 instead of a 200, and it now works with the async_status API in order for the client to check the status of the async job: #3054goose provider to the maintained fork github.com/kevinburke/goose/servers/{{host name}}/update_status Traffic Ops API endpoint has been changed to use a top-level response property, in keeping with (most of) the rest of the API.ToDnssecRefresh binary and make the trafops_dnssec_refresh cron job use itriak.conf config file and its corresponding --riakcfg option in traffic_ops_golang have been deprecated. Please use "traffic_vault_backend": "riak" and "traffic_vault_config" (with the existing contents of riak.conf) instead.GET /api/{version}/vault/bucket/{bucket}/key/{key}/values has been deprecated and will no longer be available as of Traffic Ops API v4POST /api/{version}/deliveryservices/request has been deprecated and will no longer be available as of Traffic Ops API v4GET /api/{version}/cachegroupparameters, POST /api/{version}/cachegroupparameters, GET /api/{version}/cachegroups/{id}/parameters, and DELETE /api/{version}/cachegroupparameters/{cachegroupID}/{parameterId} have been deprecated and will no longer be available as of Traffic Ops API v4riak_port option in cdn.conf is now deprecated. Please use the "port" field in traffic_vault_config instead.backend_max_connections option from cdn.conf.Long Description 2 and Long Description 3 fields of DeliveryService from the UI, and changed the backend so that routes corresponding API 4.0 and above no longer accept or return these fields.app/public directory, as the static webserver has been removed along with the Perl Traffic Ops implementation. Traffic Ops also no longer attempts to download MaxMind GeoIP City databases when running the Traffic Ops Postinstall script.compare tool stack has been removed, as it no longer serves a purpose.cdn.conf option geniso.iso_root_pathlog_location_info instead of log_location_warninghttp_poll_no_sleep, max_stat_history, max_health_history, cache_health_polling_interval_ms, cache_stat_polling_interval_ms, and peer_polling_interval_ms Traffic Monitor config options.svc="..." field to request logging output.t3c (Traffic Control Cache Config) has replaced ORT and atstccfg. t3c now uses separate apps, full run syntax changed to t3c apply ..., moved to cache-config and RPM changed to trafficcontrol-cache-config. See cache-config README.md.traffic_ops_ort.pl tool has been deprecated in favor of t3c, and will be removed in the next major version.Released October 11th, 2021
Apache Traffic Control 5.1.3 is available here:
/deliveryservices/request Traffic Ops API endpoint can no longer contain characters besides alphanumerics, @, !, #, $, %, ^, &, *, (, ), [, ], '.', ' ', and '-'. This fixes a vulnerability that allowed email content injection.Released May 17th, 2021
Apache Traffic Control 5.1.2 is available here:
cdns/routing to avoid incorrect success response.cache_statsONLINE caches as available.Released April 1st, 2021
Apache Traffic Control 5.1.1 is available here:
TM UI and /api/cache-statuses to report aggregate bandwidth_kbps correctly.Released March 11th, 2021
Apache Traffic Control 5.1.0 is available here:
maxRequestHeaderBytes on a per delivery service basisweight parameter of parent.config is a floatparent_reval_pending for servers in a Flexible Topology CDN-specific on GET /servers/{name}/update_statusReleased January 21st, 2021
Apache Traffic Control 5.0.0 is available here:
A transliteration of the traffic_ops_ort.pl Perl script to the Go language. See traffic_ops_ort/t3c/README.md
Traffic Ops API v3
For full details, refer tothe blueprint.
/topologies, to create, read, update and delete flexible topologiesEdge Traffic Routing - a feature which allows Traffic Router to localize more DNS record types than just the routing name for DNS Delivery Services
We've begun the process of shifting away from jQuery-plugin-based "data tables" to the much more performant AG-Grid table system.
So far the following tables have been improved:
astats_over_http plugin CSV support
The astats_over_http plugin for ATS now supports outputting data in CSV format when
given the text/csv MIME-Type in the Accept header. Traffic Monitor is capable of requesting this new format (which
is faster to parse than the JSON format) in its Profile's http_polling_format Parameter.
As 5.0.0 also adds support to Traffic Monitor for the more standard stats_over_http plugin, CSV format using that
health.polling.format value is also supported - but note that one must also install the system_stats plugin to
provide all of the data necessary for Traffic Monitor's evaluations. Note also that this usage requires ATS version 9 or higher.
Servers are now allowed to have multiple network interfaces specified. For full details, refer to the blueprint.
The ability to view Hash ID field (aka xmppId) on Traffic Portals' server summary page
The ability to delete invalidation requests, accessible in Traffic Portal
A UI indiciator to the Traffic Monitor when using a disk backup of configuration from Traffic Ops.
Support for the If-Match and If-Unmodified-Since HTTP headers to Traffic Ops and its native Go client
The "Status Last Updated" field to servers, which makes visible the time when the last status change took place for a server
TR using the default miss location of a Delivery Service in case the location (for the client's IP address) returned was the default location for the country
Traffic Ops, Traffic Ops ORT, Traffic Monitor, Traffic Stats, and Grove are now compiled using Go version 1.15
User-Agent string to Traffic Router log output
locationByDeepCoverageZone to the crs/stats/ip/{{ip}} endpoint in the Traffic Router API
The number of days of API change logs to fetch is now configurable in traffic_portal_properties.json (default is 7 days) and can be overridden by the user in Traffic Portal
Support for building RPMs that target CentOS version 8
GET /api/x/cdns/capacity gives back 500, with the message capacity was zero/jobs and /jobs/:id Traffic Ops API routes to allow falling back to Perl via the routing blacklistcoalesce_number_v6 Parameter.POST deliveryservices/request (designed to simple send an email) regression which erroneously required deep caching type and routing name/deliveryservice_stats regression restricting metric type to a predefined set of values__RANGE_DIRECTIVE__ directive to allow inserting the Range Directive after the Raw Remap text. This allows Raw Remaps which manipulate the Rangecreate_tables.sql be run concurrently without issuetmconfig.backup to that of a GET request to /cdns/{{name}}/configs/monitoring instead of a transformed mapgithub.com/apache/trafficcontrol/traffic_ops/client is now deprecated in favor of versioned import paths e.g. github.com/apache/trafficcontrol/traffic_ops/v3-client.atstccfg.--traffic_ops_insecure=<0|1> optional option to traffic_ops_ort.pl__RANGE_DIRECTIVE__ overrideSYNCDS runs by defaultinsecure option in traffic_ops_golang in favor of "tls_config": { "InsecureSkipVerify": <bool> }Note: these are abbreviated release notes. For more information, see the full changelog.
__RANGE_DIRECTIVE__ directiveallow_ip6 profile parameter to include the IPv6 addresses of your Traffic Monitors, otherwise they will fail to poll over IPv6 and consider those caches to be unavailable over IPv6)This release contains many new bug fixes. For the full list, please see the changelog.
db/admin.pl script has now been removed. Please use the db/admin binary instead.atstccfg.MID caches will serve all delivery services in a given CDN, but this feature can be used to allow a only a subset of MID caches to serve certain delivery services (based on the server capabilities assigned to the MID caches and required by the delivery services). See the blueprintrouting_blacklist field in cdn.conf, enable certain whitelisted Go routes to be handled by Perl instead (via the perl_routes list) in case a regression is found in the Go handler, and explicitly disable any routes via the disabled_routes list. Requests to disabled routes are immediately given a 503 response. Both fields are lists of Route IDs, and route information (ID, version, method, path, and whether or not it can bypass to Perl) can be found by running ./traffic_ops_golang --api-routes. To disable a route or have it bypassed to Perl, find its Route ID using the previous command and put it in the disabled_routes or perl_routes list, respectively.Expires cookie header was not being set properly in responses. Also, added the Max-Age cookie header in responses./cachegroup_fallbacks endpoint is now deprecated. That functionality was added to the /cachegroups API.db/admin.pl script is now deprecated. There is a new Go db/admin binary to replace the Perl db/admin.pl script, which will be removed in a future release. The new db/admin binary is essentially a drop-in replacement for db/admin.pl since it supports all of the same commands and options; therefore, it should be used in place of db/admin.pl for all the same tasks./api/1.1/osversions endpoint (used for ISO generation) now expects the Perl osversions.cfg configuration file to be JSON. Added a traffic_ops/app/bin/osversions-convert.pl script to convert the osversions.cfg file from Perl to JSON as part of the /osversions endpoint rewrite./foo?a=1 and /foo?a=2 each return unique content, you should add a to the list of consistent hash query parameters for that delivery service. This allows clients to be routed to edges for that content more efficiently.client.steering.forced.diversity Traffic Router profile parameter.REFUSED DNS answers if the zone priming execution did not complete within the configured zonemanager.init.timeout period.rhi. This defaults to '-' and is only used when EDNS0 client subnet extensions are enabled and a client subnet is present in the request. When enabled and a subnet is present, the subnet appears in the chi field and the resolver address is in the rhi field.__RETURN__ in delivery service edge/mid header rewrite rules, regex remap expressions, raw remap text and traffic router additional request/response headers.atstccfg, installed with ORT. Includes all configs. Includes a plugin system.(GET,POST,PUT,DELETE)(GET,POST,PUT,DELETE)(GET,POST,PUT,DELETE)org_server_fqdn column in the deliveryservice table has been removed. The org_server_fqdn data is now computed from the Delivery Service's primary origin (note: the name of the primary origin is the xml_id of its delivery service).latitude and longitude columns in the cachegroup table have been replaced with coordinate (a foreign key to Coordinate). Coordinates created from Cachegroups are given the name from_cachegroup_\<cachegroup name\>.CLIENT_STEERING delivery services: STEERING_GEO_ORDER and STEERING_GEO_WEIGHT. When targets of these types have an Origin with a Coordinate, Traffic Router will order and prioritize them based upon the shortest total distance from client -> edge -> origin. Co-located targets are grouped together and can be weighted or ordered within the same location using STEERING_GEO_WEIGHT or STEERING_GEO_ORDER, respectively.use_tenancy global parameter and will allow for code to be simplified as a result. If all user and delivery services reference the root tenant, then there will be no difference from having use_tenancy set to 0.localizationMethods field which specifies the localization methods allowed for that cachegroup (currently 'DEEP_CZ', 'CZ', and 'GEO'). By default if this field is null/empty, all localization methods are enabled. After Traffic Router has localized a client, it will only route that client to cachegroups that have enabled the localization method used. For example, this can be used to prevent GEO-localized traffic (i.e. most likely from off-net/internet clients) to cachegroups that aren't optimal for internet traffic.traffic_monitor_javainfrastructure/cdn-in-a-box for Apachecon 2018 demonstrationChanges with Traffic Control 2.2.0 #729 - Traffic Ops Golang Incremental Rewrite App #875 - TO API - should not be able to create / update a user with a higher role than your role #932 - [TC-482] Filtered UI View Persistence and Linking #942 - [TC-458] please add ilo link to servers main page #944 - [TC-429] TPv2 - remove map due to license compatibility issues #955 - [TC-26] Prepare Docker Environment for Traffic Portal #983 - [TC-443] TPv2 - add the ability to view cache config files #986 - [TC-544] TR should de-dupe Reponse Headers when sending a Steering response. #993 - [TC-515] Traffic Portal - Show human readable protocol on DS page #997 - [TC-472] traffic_ops/experimental - failure to assign servers to new Delivery Service #1022 - [TC-522] "Online Caches" on TP Dashboard is confusing #1049 - [TC-442] TPv2 - create user registration functionality #1053 - [TC-436] TPv2 - add the ability to manage DNSSEC keys #1055 - [TC-431] TPv2 - add the ability to compare 2 profiles #1059 - [TC-421] TPv2 - create cache health view #1099 - [TC-509] TO postinstall set default number of secrets to 1 #1109 - disable tm java build; enable tm golang #1130 - cacheurl is deprecated in ATS 7.x #1132 - TO - make password reset link configurable #1135 - Traffic Server administration docs are out of date #1146 - Traffic Ops Rewrite: /api/1.2/servers endpoint - with sqlx #1171 - Creating an invalidate content request (purge) on a delivery service should check tenancy (if turned on) #1173 - 'Multi Site Origin Algorithm' is removed in delivery service UI in traffic_ops in TC-2.1 #1183 - parent cachegroup is required for all cachegroup types in portal #1187 - api throws db error if no ports provided #1198 - Updated Traffic Ops ISO Generation process to work with management interfaces #1201 - TP cache stats (bandwidth and connection) charts wipe out data if API call fails #1219 - Generating DNSSEC keys for a brand new CDN thru the API creates DNSSEC keys for potentially the wrong delivery services and then results in a 500 internal server error #1222 - Delivery service sort by last updated column doesn't work #1226 - Provide the ability to configure defaults for delivery service creation #1252 - Tenant dropdowns don't visualize the tenant hierarchy #1268 - Generate ISO #1269 - TP Dashboard #1270 - Assign servers to DS #1271 - Ability to copy a profile #1273 - Ability to view cache config files #1275 - Ability to link profiles to parameters #1276 - Ability to diff CRconfig.json #1277 - Ability to snapshot CRConfig.json #1278 - Ability to assign/unassign delivery services to a user #1279 - Ability to send new user registration #1281 - Ability to manage steering targets #1282 - Ability to compare profiles #1284 - Server checks view #1285 - Manage federations #1286 - Ability to clone delivery service assignments from one cache to another #1295 - Re-add managment interface code to gen iso #1300 - Add the ability to assign multiple delivery services to a cache #1304 - Add confirmation dialog when queuing updates on a CDN #1308 - Need a way to view in the Traffic Portal the Traffic Ops URL #1309 - Move Generic Go Libs out of Traffic Monitor #1324 - Generating DNSSEC keys through the API results in internal server error #1330 - seeds.sql minor correction required #1350 - TrafficOps: use cdn.conf as JSON instead of perl #1363 - Profile Parameter Page Should List Profile(s) #1364 - Traffic Ops golang -- GET /api/1.2/system/info endpoint #1374 - Only create bonding config if interface name is 'bond0' #1379 - Failure in launching traffic-portal in dev-environment #1397 - ORT tries to get ats_uid before installing trafficserver #1398 - Get ats_uid after packages are installed #1400 - Traffic Portal dashboard page won't load if any view resolves fail #1406 - TP - provide a better experience when assigning caches to a delivery service #1409 - Add URI Signing #1433 - Fixed the response for a deliveryservice with no urisigning keys. #1434 - TO API/TPv2 should have some ability to default geo miss long/lat for a delivery service #1436 - Login can result in no header #1437 - updated to be idiomatic and include query parameter narrowing #1438 - Fix for cachegroup query parameter misalignment #1439 - Updates to the api uri signing service. #1440 - Breadcrumb navigation doesn't work on ds ssl key generation page #1441 - Provide warning when assigning/removing parameters from a profile #1442 - When assigning ds's to a caches, add ds type to table for filtering #1443 - Hide 'View Config Files' from server form if server.type != EDGE* or MID #1444 - Cannot delete the CDN if did snapshot before #1460 - TP - no dot allowed in server hostname #1463 - surface HTTP response body in HTTPError #1465 - Portal -- SSL certificates for HTTP* deliveryservices should be created as wildcards #1466 - False not NULL #1484 - Handle the case where there is no signingAlgorithm or signed params s… #1497 - Change cdn.name to cdn.domain_name in DeliveryServiceInfoForDomainList #1503 - Golang phys locations #1507 - /api/regions?division=:divId no longer filters regions by division #1508 - /api/asns?cachegroup=:cgId no longer filters asns by cachgroup ID #1510 - Provide the ability to show only changed parts (added/removed) in TP of a snapshot diff #1521 - TP continues to try refresh after 401 #1531 - Traffic Portal - Cloning Delivery Services sort order and dropping existing delivery services #1533 - TP unique value error trying to store NULL IPv6 address for server #1537 - We need better feedback for why create/update/save buttons are disabled in Traffic Portal. #1543 - Loosen up API validation on delivery service create/update #1551 - [Issue-1550] TO golang -- adds orderby= parameter handling to endpoints #1554 - TO/TP - query string handling options force cacheurl on option 1 #1560 - Golang Proxy Scrypt module to be compatible with the Perl Crypt::ScryptKDF lib #1569 - TrafficPortal DNS Bypass TTL storing empty string #1577 - TO API should not try to insert any non-integer into an integer DB column #1582 - Attempting to delete a user in Traffic Portal results in "Resource Not Found" #1584 - When creating a new server, only profiles for the same cdn should be available for selection #1599 - Ops: Add Multiple custom access logs and Header field for ATS #1604 - Initial version of the TO API test tool via the Golang TO Client #1605 - TP - when generating a cert for a DS, the common name field should be editable #1606 - [Issue-1283] - adds export/import profile functionality to TP and basically just lev… #1609 - Updated documentation for the Servers API #1620 - API: Server API sets xmpp_id to null #1630 - No delivery service prefix after upgrading to 2.2 #1634 - Provide simple/advanced view for creating/editing delivery services in TP #1638 - Traffic Portal - Gen Iso: Copy server attributes no longer works #1642 - Attempt to unlink parameter from DS profile incorrectly shows 0 servers affected #1653 - Add context around added/removed pieces of CDN snapshot when doing a snapshot diff #1655 - TP: Bug when updating a user role a new password must be entered #1661 - Dockerize Traffic Ops API tests #1664 - Traffic Portal doesn't restart using systemctl #1697 - Traffic Portal: Can't add a new server (Key (status)=(1) is not present) #1699 - Refreshing Cache Checks table should retain state of the table #1705 - When creating multiple DS's, the values of the last DS are persisted to the new DS form #1714 - TP: Need to remove parameter data size limit #1720 - Adding TXT Records support #1740 - Read-only users cannot update their own password #1750 - /traffic_ops/app/public/images/ contains non-free images #1761 - Traffic OPS ZIPCode #1768 - Add Traffic Monitor Plugin System for Cache Stats Formats #1769 - Monitor Stats Format Plugin For Delivery Service Names #1775 - api/1.3/profiles is slow #1777 - TO golang -- api/1.3/parameters?orderby=id produces an error #1792 - changed maxLength of zip code to be longer. #1797 - TO golang -- time format incorrect #1800 - Fix deep_caching_type validator regex #1807 - Replacing ccr during config file generation #1810 - [Issue 1809] prefetch type for ds type query #1811 - Traffic Ops: remove unused get_type call that makes extra sql queries #1814 - response fields are not complete in POST/PUT steering target APIs #1816 - Value isn't validated for STEERING_WEIGHT type target in POST/PUT steering target APIs #1825 - updated docs to add some missing data #1826 - Traffic Stats error when trying to get LastSummaryTime #1829 - GET /api/1.3/cdns returns wrong response code and response format when unauthorized or forbidden #1833 - [Issue-1830] - increases portal priv level to above R/O role to better reflect what … #1844 - DeepCachingType -- "NEVER" is now default #1851 - browser-icons.png should be removed #1852 - Document spinner-small.gif license #1854 - Added 2.0 to 2.2 migration document #1858 - url parameters for last_updated are not parsed correctly #1860 - normalize url query parameters handling and where and orderby clause construction #1862 - [Issue-1855] - messing with the hostname causes mismatches when the ssl keys are upd… #1873 - License fixes #1878 - Add docs per-DS routing migration #1880 - Add Apache license headers, license file refs #1882 - 2.2.x license headers, missing license file libraries #1883 - Add docs per-DS routing migration #1917 - [Issue 1916] extra flag needed for go build in rpm
Source code(tar.gz)Changes with Traffic Control 2.1.0 #878 - [TC-488] Docs - Multi Site Origin not up to date #879 - [TC-490] mso.qstring_handling parameter is checked but not documented #880 - [TC-489] Multi Site Origin - Invalid default values for multiple config params #901 - [TC-377] Default profiles for EDGE and MID are missing after initial install #906 - [TC-327] ConfigFiles.pm detects blank as not null and tries to gen files GH #1090 #909 - [TC-301] creating https delivery service and not setting to active still looks for cert. Github Issue #1086 #912 - [TC-169] TR download the RGB file continuously when the same RGB file on server #915 - [TC-116] remap.config order is different on master (postgres) than it is on 1.8. #980 - [TC-552] Global parameters may be duplicated when seeds.sql is run #988 - [TC-514] ORT: Change Traffic Ops hostname in middle of ORT run #1001 - [TC-408] Documentation for creating ssl keys is missing a field. #1090 - [TC-518] ToCDUCheck and ToCHRCheck: Value formatted as float instead of int #1115 - [TC-429] - TP - removes map due to license incompatibility #1118 - POST /api/1.2/deliveryserviceserver doesn't update header rewrite, regex remap and cacheurl #1167 - [BACKPORT][TC-518] ToCDUCheck and ToCHRCheck: Value formatted as float instead of int #1090 #1168 - [BACKPORT][TC-514] ORT: Change Traffic Ops hostname in middle of ORT run #1195 - [Issue-1189] - Backport to 2.1.x - delivery service tenancy is forced on creation and update if use_tenancy is on #1375 - BACKPORT - fix docs for Deliveryservice/sslkeys/generate and deliveryservice/ssl… #1386 - Traffic Portal V2 main menu has two rows labeled "Tenants"
Source code(tar.gz)ALPN Pass This tool will listen on a given port, strip SSL encryption, forward traffic through a plain TCP proxy, then encrypt the returning traffic a
httpcap A simple network analyzer that captures http network traffic. support Windows/MacOS/Linux/OpenWrt(x64) https only capture clienthello colorful
Headscale - An open source, self-hosted implementation of the Tailscale control server
https://goreplay.org/ GoReplay is an open-source network monitoring tool which can record your live traffic, and use it for shadowing, load testing, m
https://goreplay.org/ GoReplay is an open-source network monitoring tool which can record your live traffic, and use it for shadowing, load testing, m
Catch breaking changes faster Akita builds models of your APIs to help you: Catch breaking changes on every pull request, including added/removed endp
Basenine Schema-free, document-oriented streaming database that optimized for monitoring network traffic in real-time. Featured Aspects Has the fastes
sniffer A modern alternative network traffic sniffer inspired by bandwhich(Rust) and nethogs(C++). sniffer.mov Introduction 中文介绍 sniffer is designed f
Capdns is a network capture utility designed specifically for DNS traffic. This utility is based on tcpdump. Some of its features include: Unde
goproxy Go Http Proxy with Authentication, Schedule Control, and Portal Control Why this tool? You may need to restrict my kids's youtube watch time i
What is free5GC The free5GC is an open-source project for 5th generation (5G) mobile core networks. The ultimate goal of this project is to implement
It is an open source, free, and lightweight P2P sharing network. As long as any device joins in, you can access them anywhere
Introduction Kebe intends to be a full replacement for the Snap Store. Quickstart Once you have an environment setup (for instance using https://githu
Try browsing the code on Sourcegraph! IPÊ An open source Pusher server implementation compatible with Pusher client libraries written in Go. Why I wro
RocketMQ Client Go A product ready RocketMQ Client in pure go, which supports almost the full features of Apache RocketMQ, such as pub and sub message
paster_core Paster 服务端核心模块,使用字节跳动开源的微服务 RPC 框架 KiteX ,以 Apache Thrift 作为通信协议。 Todo: 实现 KiteX 服务注册扩展接口,使用 Consul 服务注册 新增 frame 层,通过 PreProcessor, PostP
apache dubbo gateway,L7 proxy,virtual host,k8s ingress controller.
Message Relay Message relay written in golang for PostgreSQL and Apache Kafka Requirements Docker and Docker Compose Local installation and using dock
Traefik Modsecurity Plugin Traefik plugin to proxy requests to owasp/modsecurity-crs:apache Traefik Modsecurity Plugin Demo Full Configuration with do
18 Dec 31, 2022
2 Oct 25, 2022
9.9k Dec 29, 2022
16.6k Jan 1, 2023
230 Jan 2, 2023
38 Nov 2, 2022
530 Dec 29, 2022
10 Feb 26, 2022
2 Mar 27, 2022
1.5k Jan 4, 2023
199 Dec 31, 2022
25 Nov 9, 2022
1 Aug 27, 2022
1k Jan 4, 2023
11 Aug 4, 2022
0 Jul 22, 2022
0 Dec 19, 2021
64 Dec 27, 2022