Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LifetimeWatcher should retry renew failures until end of lease #11445

Merged
merged 10 commits into from
May 6, 2021
Merged

LifetimeWatcher should retry renew failures until end of lease #11445

merged 10 commits into from
May 6, 2021

Conversation

ncabatoff
Copy link
Collaborator

This is based on @andrejvanderzee's work in #11008.

@ncabatoff ncabatoff mentioned this pull request Apr 23, 2021
Closed
@vercel vercel bot temporarily deployed to Preview – vault April 23, 2021 13:36 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook April 23, 2021 13:36 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook April 23, 2021 13:46 Inactive
@vercel vercel bot temporarily deployed to Preview – vault April 23, 2021 13:46 Inactive
@ncabatoff ncabatoff requested a review from a team April 23, 2021 14:39
@andrejvanderzee
Copy link
Contributor

andrejvanderzee commented Apr 25, 2021
edited
Loading

@ncabatoff Any reason why you are using github.com/cenkalti/backoff/v3 instead of github.com/cenkalti/backoff/v4?

@ncabatoff
Copy link
Collaborator Author

@ncabatoff Any reason why you are using github.com/cenkalti/backoff/v3 instead of github.com/cenkalti/backoff/v4?

@andrejvanderzee We're already using v3 elsewhere in Vault and I didn't see anything revolutionary in v4 I wanted.

vishalnayak
vishalnayak approved these changes Apr 26, 2021
View reviewed changes
Copy link
Contributor

@vishalnayak vishalnayak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking great!

@ncabatoff @vishalnayak
Update api/lifetime_watcher.go
bc6307a 
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
@vercel vercel bot temporarily deployed to Preview – vault-storybook April 26, 2021 14:19 Inactive
@vercel vercel bot temporarily deployed to Preview – vault April 26, 2021 14:19 Inactive
@vercel vercel bot temporarily deployed to Preview – vault April 26, 2021 14:21 Inactive
@andrejvanderzee
Copy link
Contributor

Thank you @ncabatoff and @vishalnayak for picking this up!

@vercel vercel bot temporarily deployed to Preview – vault-storybook April 26, 2021 20:07 Inactive
@vercel vercel bot temporarily deployed to Preview – vault April 26, 2021 20:07 Inactive
tomhjp
tomhjp approved these changes Apr 29, 2021
View reviewed changes
Copy link
Contributor

@tomhjp tomhjp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Just some very minor suggestions.

api/go.mod
@@ -5,6 +5,7 @@ go 1.13
replace github.com/hashicorp/vault/sdk => ../sdk

require (
github.com/cenkalti/backoff/v3 v3.0.0
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not familiar with the library and changes between versions, but why not the latest version, v4?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We're already using v3 elsewhere and IIRC the differences between the two versions are disruptive yet insignificant. Like adopting the new version would require changes elsewhere but doesn't fix any bugs or provide any new functionality. At least that's my recollection from when I looked into it.

api/lifetime_watcher.go Outdated Show resolved Hide resolved
api/lifetime_watcher.go Outdated Show resolved Hide resolved
api/lifetime_watcher.go Outdated Show resolved Hide resolved
@vercel vercel bot temporarily deployed to Preview – vault-storybook April 29, 2021 11:54 Inactive
@vercel vercel bot temporarily deployed to Preview – vault April 29, 2021 11:54 Inactive
tomhjp
tomhjp reviewed Apr 29, 2021
View reviewed changes
api/lifetime_watcher.go
@@ -268,18 +268,20 @@ func (r *LifetimeWatcher) doRenew() error {
default:
}

var leaseDuration time.Duration
var remainingLeaseDuration time.Duration
fallbackLeaseDuration := initialTime.Add(priorDuration).Sub(time.Now())
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One last thought, I think the value of this only gets used in one place now, so you could delete the variable to simplify a bit.

jasonodonnell
jasonodonnell approved these changes May 4, 2021
View reviewed changes
Copy link
Contributor

@jasonodonnell jasonodonnell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM and tested well in both K8s (with caching/templating) and locally.

@ncabatoff ncabatoff merged commit b986083 into master May 6, 2021
@ncabatoff ncabatoff deleted the retry_until_end_of_lease branch May 6, 2021 18:04
@ncabatoff ncabatoff added this to the 1.7.2 milestone May 6, 2021
ncabatoff added a commit that referenced this pull request May 6, 2021
@ncabatoff @andrejvanderzee
LifetimeWatcher should retry renew failures until end of lease (#11445)
a6f4c69 
Co-authored-by: Andrej van der Zee <andrejvanderzee@gmail.com>
This was referenced Jun 30, 2021
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tomhjp tomhjp tomhjp approved these changes

@tvoran tvoran tvoran approved these changes

@jasonodonnell jasonodonnell jasonodonnell approved these changes

@vishalnayak vishalnayak vishalnayak approved these changes

@calvn calvn Awaiting requested review from calvn

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.7.2
Development

Successfully merging this pull request may close these issues.
6 participants
@ncabatoff @andrejvanderzee @tvoran @jasonodonnell @vishalnayak @tomhjp