-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add windows compatibility for diagnose port-conflict #27457
base: main
Are you sure you want to change the base?
Conversation
Regression DetectorRegression Detector ResultsRun ID: 7672c513-aeb6-4501-bf38-ee3986aa02ae Metrics dashboard Target profiles Baseline: 81e640e Performance changes are noted in the perf column of each table:
No significant changes in experiment optimization goalsConfidence level: 90.00% There were no significant changes in experiment optimization goals at this confidence level and effect size tolerance.
|
perf | experiment | goal | Δ mean % | Δ mean % CI | trials | links |
---|---|---|---|---|---|---|
➖ | tcp_syslog_to_blackhole | ingress throughput | +0.27 | [+0.22, +0.32] | 1 | Logs |
➖ | file_to_blackhole_500ms_latency | egress throughput | +0.13 | [-0.12, +0.38] | 1 | Logs |
➖ | idle | memory utilization | +0.11 | [+0.06, +0.16] | 1 | Logs |
➖ | file_to_blackhole_1000ms_latency | egress throughput | +0.04 | [-0.45, +0.53] | 1 | Logs |
➖ | uds_dogstatsd_to_api_cpu | % cpu utilization | +0.04 | [-0.68, +0.76] | 1 | Logs |
➖ | file_to_blackhole_0ms_latency | egress throughput | +0.02 | [-0.32, +0.36] | 1 | Logs |
➖ | file_to_blackhole_100ms_latency | egress throughput | +0.01 | [-0.21, +0.23] | 1 | Logs |
➖ | tcp_dd_logs_filter_exclude | ingress throughput | -0.00 | [-0.01, +0.01] | 1 | Logs |
➖ | uds_dogstatsd_to_api | ingress throughput | -0.01 | [-0.12, +0.10] | 1 | Logs |
➖ | file_to_blackhole_300ms_latency | egress throughput | -0.04 | [-0.23, +0.15] | 1 | Logs |
➖ | basic_py_check | % cpu utilization | -0.31 | [-2.98, +2.37] | 1 | Logs |
➖ | idle_all_features | memory utilization | -0.40 | [-0.51, -0.29] | 1 | Logs |
➖ | file_tree | memory utilization | -0.57 | [-0.69, -0.44] | 1 | Logs |
➖ | pycheck_lots_of_tags | % cpu utilization | -1.00 | [-3.47, +1.47] | 1 | Logs |
➖ | otel_to_otel_logs | ingress throughput | -1.25 | [-2.05, -0.44] | 1 | Logs |
Bounds Checks
perf | experiment | bounds_check_name | replicates_passed |
---|---|---|---|
✅ | file_to_blackhole_0ms_latency | memory_usage | 10/10 |
✅ | file_to_blackhole_1000ms_latency | memory_usage | 10/10 |
✅ | file_to_blackhole_100ms_latency | memory_usage | 10/10 |
✅ | file_to_blackhole_300ms_latency | memory_usage | 10/10 |
✅ | file_to_blackhole_500ms_latency | memory_usage | 10/10 |
✅ | idle | memory_usage | 10/10 |
Explanation
A regression test is an A/B test of target performance in a repeatable rig, where "performance" is measured as "comparison variant minus baseline variant" for an optimization goal (e.g., ingress throughput). Due to intrinsic variability in measuring that goal, we can only estimate its mean value for each experiment; we report uncertainty in that value as a 90.00% confidence interval denoted "Δ mean % CI".
For each experiment, we decide whether a change in performance is a "regression" -- a change worth investigating further -- if all of the following criteria are true:
-
Its estimated |Δ mean %| ≥ 5.00%, indicating the change is big enough to merit a closer look.
-
Its 90.00% confidence interval "Δ mean % CI" does not contain zero, indicating that if our statistical model is accurate, there is at least a 90.00% chance there is a difference in performance between baseline and comparison variants.
-
Its configuration does not mark it "erratic".
Test changes on VMUse this command from test-infra-definitions to manually test this PR changes on a VM: inv create-vm --pipeline-id=46218115 --os-family=ubuntu Note: This applies to commit 1120fe1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I made a fist pass. Need to look again. But the biggest concern is that the functionality returning module name from pid or rather entry require admin privilege. I wondering how did it worked for you at all
if err != windows.ERROR_INSUFFICIENT_BUFFER { | ||
return "", err | ||
} | ||
if desiredLen > 1<<20 { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How big is 2 to 20 power in KB?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
1024 KB. Is that ok?
owningModuleInfo [16]uint64 | ||
} | ||
|
||
func moduleInfo[entryType moduleInfoConstraint](entry *entryType, proc *windows.LazyProc) (string, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I do not know how it would work in context of agent.exe process because by default it runs as non-administrator, But a comment from https://learn.microsoft.com/en-us/windows/win32/api/iphlpapi/nf-iphlpapi-getownermodulefromtcpentry
For computers running on Windows Vista or later, accessing the pModuleName and pModulePath members of the TCPIP_OWNER_MODULE_BASIC_INFO structure is limited by user account control (UAC). If an application that calls this function is executed by a user logged on as a member of the Administrators group other than the built-in Administrator, this call will succeed but access to these members returns an empty string unless the application has been marked in the manifest file with a requestedExecutionLevel set to requireAdministrator. If the application on Windows Vista or later lacks this manifest file, a user logged on as a member of the Administrators group other than the built-in Administrator must then be executing the application in an enhanced shell as the built-in Administrator (RunAs administrator) for access to the protected pModuleName and pModulePath members to be allowed.
How did it work for you. It is not a new limitation, builtin netstat has the same problem
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah I'm running into a problem because the diagnose command can tell that the APM and process agent ports are being utilized, but it can't tell what process is utilizing them. So we end up getting failures here:
24. --------------
FAIL apm_config.debug.port
Diagnosis: Required port 5012 is already used by an another process (PID=2204).
24. --------------
FAIL apm_config.receiver_port
Diagnosis: Required port 8126 is already used by an another process (PID=2204).
24. --------------
FAIL process_config.expvar_port
Diagnosis: Required port 6062 is already used by an another process (PID=3640).
24. --------------
FAIL process_config.cmd_port
Diagnosis: Required port 6162 is already used by an another process (PID=3640).
Another bug is that the list outputs every entry as 24 when it should be rising from 1-24.
Do you have any ideas on how to check the process name from the process ID? Otherwise I might just add some verbiage to say "Check if process ID xxxx is an Agent component or something else."
… darwin and linux
…roc name is blank
What does this PR do?
Add windows compatibility for the diagnose port conflict suite. This builds on PR#25209.
Motivation
Making this feature available for Windows makes this feature available on all OSes.
Describe how to test/QA your changes
Check that the diagnose suite works properly for Windows:
You can use
netcat
to bind to a port:Reviewer's Checklist
Triage
milestone is set.major_change
label if your change either has a major impact on the code base, is impacting multiple teams or is changing important well-established internals of the Agent. This label will be use during QA to make sure each team pay extra attention to the changed behavior. For any customer facing change use a releasenote.changelog/no-changelog
label has been applied.qa/skip-qa
label is not applied.team/..
label has been applied, indicating the team(s) that should QA this change.need-change/operator
andneed-change/helm
labels have been applied.k8s/<min-version>
label, indicating the lowest Kubernetes version compatible with this feature.