Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update(userspace/falco): make webserver threadiness configurable #2090

Merged
merged 4 commits into from
Aug 26, 2022
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
update(userspace/falco): add configuration entry for webserver thread…
…iness

Signed-off-by: Jason Dellaluce <[email protected]>
jasondellaluce committed Aug 26, 2022
commit 75130f3b186c815cce159505211efb89de5f0a71
8 changes: 7 additions & 1 deletion userspace/falco/app_actions/start_webserver.cpp
Original file line number Diff line number Diff line change
@@ -27,8 +27,14 @@ application::run_result application::start_webserver()
if(!is_capture_mode() && m_state->config->m_webserver_enabled)
{
std::string ssl_option = (m_state->config->m_webserver_ssl_enabled ? " (SSL)" : "");
falco_logger::log(LOG_INFO, "Starting internal webserver, listening on port " + to_string(m_state->config->m_webserver_listen_port) + ssl_option + "\n");
falco_logger::log(LOG_INFO, "Starting health webserver with threadiness "
+ to_string(m_state->config->m_webserver_threadiness)
+ ", listening on port "
+ to_string(m_state->config->m_webserver_listen_port)
+ ssl_option + "\n");

m_state->webserver.start(
m_state->config->m_webserver_threadiness,
m_state->config->m_webserver_listen_port,
m_state->config->m_webserver_k8s_healthz_endpoint,
m_state->config->m_webserver_ssl_certificate,
6 changes: 6 additions & 0 deletions userspace/falco/configuration.cpp
Original file line number Diff line number Diff line change
@@ -35,6 +35,7 @@ falco_configuration::falco_configuration():
m_buffered_outputs(false),
m_time_format_iso_8601(false),
m_webserver_enabled(false),
m_webserver_threadiness(0),
m_webserver_listen_port(8765),
m_webserver_k8s_healthz_endpoint("/healthz"),
m_webserver_ssl_enabled(false),
@@ -207,10 +208,15 @@ void falco_configuration::init(string conf_filename, const vector<string> &cmdli
falco_logger::log_syslog = m_config->get_scalar<bool>("log_syslog", true);

m_webserver_enabled = m_config->get_scalar<bool>("webserver.enabled", false);
m_webserver_threadiness = m_config->get_scalar<uint32_t>("webserver.threadiness", 0);
m_webserver_listen_port = m_config->get_scalar<uint32_t>("webserver.listen_port", 8765);
m_webserver_k8s_healthz_endpoint = m_config->get_scalar<string>("webserver.k8s_healthz_endpoint", "/healthz");
m_webserver_ssl_enabled = m_config->get_scalar<bool>("webserver.ssl_enabled", false);
m_webserver_ssl_certificate = m_config->get_scalar<string>("webserver.ssl_certificate", "/etc/falco/falco.pem");
if(m_webserver_threadiness == 0)
{
m_webserver_threadiness = falco::utils::hardware_concurrency();
}

std::list<string> syscall_event_drop_acts;
m_config->get_sequence(syscall_event_drop_acts, "syscall_event_drops.actions");
1 change: 1 addition & 0 deletions userspace/falco/configuration.h
Original file line number Diff line number Diff line change
@@ -250,6 +250,7 @@ class falco_configuration
std::string m_grpc_root_certs;

bool m_webserver_enabled;
uint32_t m_webserver_threadiness;
uint32_t m_webserver_listen_port;
std::string m_webserver_k8s_healthz_endpoint;
bool m_webserver_ssl_enabled;
10 changes: 5 additions & 5 deletions userspace/falco/webserver.cpp
Original file line number Diff line number Diff line change
@@ -24,10 +24,11 @@ falco_webserver::~falco_webserver()
}

void falco_webserver::start(
uint32_t listen_port,
std::string& healthz_endpoint,
std::string &ssl_certificate,
bool ssl_enabled)
uint32_t threadiness,
uint32_t listen_port,
std::string& healthz_endpoint,
std::string &ssl_certificate,
bool ssl_enabled)
{
if (m_running)
{
@@ -48,7 +49,6 @@ void falco_webserver::start(
}

// configure server
auto threadiness = std::min(2u, falco::utils::hardware_concurrency());
m_server->new_task_queue = [&threadiness] { return new httplib::ThreadPool(threadiness); };

// setup healthz endpoint
1 change: 1 addition & 0 deletions userspace/falco/webserver.h
Original file line number Diff line number Diff line change
@@ -26,6 +26,7 @@ class falco_webserver
public:
virtual ~falco_webserver();
virtual void start(
uint32_t threadiness,
uint32_t listen_port,
std::string& healthz_endpoint,
std::string &ssl_certificate,