Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

*: implement a retry logic for auth old revision in the client #13308

Merged
merged 1 commit into from
Sep 7, 2021
Merged

*: implement a retry logic for auth old revision in the client #13308

merged 1 commit into from
Sep 7, 2021

Conversation

mitake
Copy link
Contributor

@mitake mitake commented Aug 28, 2021
edited
Loading

fix #13300

@davissp14 could you try this one? I tried the change with https://github.com/mitake/etcd-things/tree/master/auth-failover and it worked

  • add test, ideally for retry_intercepter.go

@mitake mitake changed the title *: implement a retry logic for auth old revision in the client WIP *: implement a retry logic for auth old revision in the client Aug 28, 2021
mitake
mitake commented Aug 28, 2021
View reviewed changes
client/v3/retry_interceptor.go Outdated
@@ -157,7 +157,8 @@ func (c *Client) shouldRefreshToken(err error, callOpts *options) bool {
// which is possible when the client token is cleared somehow
return c.authTokenBundle != nil // equal to c.Username != "" && c.Password != ""
}
return callOpts.retryAuth && rpctypes.Error(err) == rpctypes.ErrInvalidAuthToken

return callOpts.retryAuth && (errors.Is(err, rpctypes.ErrInvalidAuthToken) || errors.Is(err, rpctypes.ErrGRPCAuthOldRevision))
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@r-ashish could you check this path? I think we should use errors.Is() instead of == here.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

also line 155 would need change too. I'll add a unit test to the file for ensuring that the error handling logic is correct

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah agree, looks okay.

@davissp14
Copy link
Contributor

davissp14 commented Aug 30, 2021
edited
Loading

@mitake Seems to recover nicely! Thoughts on when this could get pushed out?

@davissp14
Copy link
Contributor

Actually, one thing I did find is that tokens are not renewed at expire time:

{"level":"warn","ts":"2021-08-30T08:45:13.387-0500","logger":"etcd-client","caller":"v3/retry_interceptor.go:63","msg":"retrying of unary invoker failed","target":"etcd-endpoints://0xc00000c780/#initially=[http://127.0.0.1:2379]","attempt":0,"error":"rpc error: code = Unauthenticated desc = etcdserver: invalid auth token"}
Get failed: etcdserver: invalid auth token
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0x160a32a]

goroutine 1 [running]:
main.main()
	/Users/davissp14/go/src/github.com/fly-examples/etcd/test.go:37 +0x48a
exit status 2

@mitake
Copy link
Contributor Author

mitake commented Aug 30, 2021

@davissp14 thanks for checking! I’ll fix the renew issue. Probably I can finalize this PR this weekend (or sometime next week), is this ok for you?

@mitake
Copy link
Contributor Author

mitake commented Aug 31, 2021

@davissp14 the issue should be fixed now, could you try again?

@mitake
Copy link
Contributor Author

mitake commented Sep 4, 2021

I think the change is ready to be reviewed, could you take a look @spzala @serathius ?

@mitake mitake changed the title WIP *: implement a retry logic for auth old revision in the client *: implement a retry logic for auth old revision in the client Sep 5, 2021
spzala
spzala approved these changes Sep 6, 2021
View reviewed changes
Copy link
Member

@spzala spzala left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mitake lgtm overall. Great job adding test :) Thanks!

@mitake
Copy link
Contributor Author

mitake commented Sep 7, 2021

@spzala thanks! I'm merging this PR then.

@mitake mitake merged commit a08cc73 into etcd-io:main Sep 7, 2021
@mitake mitake deleted the auth-old-rev branch September 7, 2021 14:25
@mitake
Copy link
Contributor Author

mitake commented Sep 12, 2021

@davissp14 did this MR solve the issue on your env? I'll also make PRs for backporting this PR (and related ones) to stable releases.

@davissp14
Copy link
Contributor

davissp14 commented Oct 25, 2021
edited
Loading

@mitake Was this change included in 3.5.1?

@hexfusion
Copy link
Contributor

@davissp14 if you would like to raise the PR to backport to release-3.5 we can ensure it is part of 3.5.2.

@mitake mitake mentioned this pull request Nov 14, 2021
Merged
@mitake mitake mentioned this pull request Mar 21, 2022
Merged
This was referenced Apr 26, 2022
Closed
Merged
@Rmarian Rmarian mentioned this pull request Mar 23, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@r-ashish r-ashish r-ashish left review comments

@spzala spzala spzala approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Bug: Auth revision w/ JWT tokens
5 participants
@mitake @davissp14 @hexfusion @spzala @r-ashish