MXS-873 To prevent monitors and MaxAdmin from interfering with each other,
changes to the server status flags now happen under a lock. To avoid
interfering with monitor logic, the monitors now acquire locks to all
of their servers at the start of the monitor loop and release them
before sleeping.
A destroyed monitor should not have any servers added to it. This allows
the servers that once were monitored by a destroyed monitor to be added to
new monitors.
Adding a server to multiple monitors is forbidden. This should be detected
and reported to the end user.
The information provided by the config_runtime system to the client isn't
as detailed as it could be. Some sort of an error message stack should be
added so that client facing interfaces could properly report the reason
for the failure. Currently the only way to detect the reason of the
failure is to parse the log files.
All changes made to the configuration should be traceable. This makes the
process of understanding the life-cycle of a specific MaxScale
installation easier.
Aligning the statistics object indices to cache line size reduces the CPU
overhead of gathering the statistics. This allows the statistics to more
accurately measure the polling system without the measurement affecting
the outcome.
C++ header files have the .hh-suffix to distinguish them from C
header files, but also to allow a C++ header file (e.g. xyz.hh) for
an existing C header file (e.g. xyz.h).
- cpp.hh : Basic C++ stuff. Introduces the namespace "maxscale"
and its synonym "mxs".
- filter.[hh|cc]: Template class Filter and companion class FilterSession
to be used when implementing filters in C++.
- spinlock.h : Wrapper and lock guard class for SPINLOCK.
Router and filter instances cannot be destroyed before all worker
threads have exited. Otherwise there is a risk that data gets deleted
while someone might still be accessing it. Further, since all router
and filter instances are created by the main-thread it is better that
they are deleted by that thread as well (and not by whichever thread
happens to execute service_shutdown()). That will reduce the risk that
some unknown assumptions are violated.
Listeners are added to the list multiple times due to how DCBs are removed
from the list. This requires that an additional check is made so that we
are sure a DCB will not be added to the list twice.
There was no real need to have two separate functions for getting the
stored buffer and the target server. Combining them into one allows it to
be handled in a nicer way.
Statements can now be stored in the session object. This enables the
retrieval of these statements at a later time. These will be used by
readwritesplit to reroute failed reads to backup slaves.
This commit introduces safe session references that can be handled without
holding locks. This allows the safe searching of sessions with the unique
ID of the session.
Remove the use of raw pointers passed as strings. Change the comments of
the argument types and add more details to the parsing function
documentation.
When the client connections were listed, the DCB state was not
inspected. Only DCBs in the polling state should be printed as they are
guaranteed to be in a valid state.
Maxadmin can now create and destroy monitors. The created monitors are not
started as they would be useless without added servers and configuration
parameters.
When the monitor credentials were being written with snprintf, the source
and destination overlapped.
The serialization didn't add a 'type=monitor' line into the configuration.
The statistics of the polling system no longer match the implementation it
measures. Modified the statistics to better represent the new system by
calculating the number of epoll events each thread receives.
The polling system now has a concept of messages. This can be used to send
a synchronous message to the polling system which waits for all threads to
process the message before returning.
Currently this is used to flush unused DCBs when server persistent
statistics are reported.
Making the lists of persistent DCBs thread specific is both a bug fix and
a performance enhancement. There was a small window where a non-owner
thread could receive events for a DCB. By partitioning the DCBs into
thread specific lists, this is avoided by removing the possibility of DCBs
moving between threads.
When an epoll error occurs for a listener, the errno variable must be
stored in another variable while the listener is removed from all of the
epoll instances.
The `thread.next` pointer refers to active DCBs in the current thread's
list and the `memdata.next` pointer refers to DCBs about to be freed. The
latter was mixed up with the former due to some changes in the naming.
The code prevented scaling by imposing global spinlocks for the DCBs and
SESSIONs. Removing this list means that a thread-local list must be taken
into use to replace it.
The dcb_foreach allows a function to be mapped to all DCBs in
MaxScale. This allows the list of DCBs to be iterated in a safe manner
without having to worry about internal locking of the DCB mechanism.
Each DCB needs to be added to the owning thread's list so that they can be
iterated through. As sessions always have a client DCB, the sessions don't
need to be added to a similar per thread list.
This change fixes a problem with dcb_hangup_foreach that the removal of
the list manager introduced. Now the hangup events are properly injected
for the DCBs that connect to the server in question.
Since the listmanager code isn't used, the debug assertions will always
fail. They should be disabled until the listmanager code can converted to
the per-thread model.
Because each thread has their own epoll file descriptor and only one
thread can process a DCB, it makes sense to move to a per thread zombie
queue. This removes one of the last restrictions on scalability.
The thread-specific spinlock needs to be acquired before a fake event is
inserted from a non-polling thread. The usual situation is when a monitor
thread inserts a hangup event for a DCB.
Other, less common cases are when session timeouts have been enabled and
the DCB needs to be closed. Here it is better to insert a fake hangup
event instead of directly closing the DCB from an external thread.
Having a unique epoll instance for each thread allows a lot of the locking
from poll.c to be removed. The downside to this is that each session can
have only one thread processing events for it which might reduce
performance with very low client counts.
Previously, negative values were allowed for persistpoolmax and
persistmaxtime. Now they cause an error. Also, monitor_interval
allowed negative (or zero) values, which were then implicitly cast to
unsigned, causing unintended behaviour. Now this causes a warning
and the default value is used.
If the user running MaxScale could open the .secrets-file and the
file permissions were anything other than owner:read, the
secrets_readkeys() would fail with error message
"Ignoring secrets file <path>, invalid permissions." Now the
message is more accurate in stating the expected permissions.
