Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Agent health check reports ready prematurely #5297

Open
Manbeardo opened this issue Jul 12, 2024 · 3 comments
Open

Agent health check reports ready prematurely #5297

Manbeardo opened this issue Jul 12, 2024 · 3 comments
Assignees
@amartinezfayo
Labels
priority/backlog Issue is approved and in the backlog

Comments

@Manbeardo
Copy link
Contributor

It's fairly common for a misconfigured agent to be unable to acquire an SVID and crash out. When this happens, the agent health check reports that it is ready before its attempt at node attestation fails. This causes a false-positive result in deployment tools that believe the agents are healthy and continue on to subsequent deployment steps.

  • Version: v1.9.2
  • Platform: Linux spire-server-0 5.10.219-208.866.amzn2.x86_64 CLI authentication #1 SMP Tue Jun 18 14:00:06 UTC 2024 x86_64 GNU/Linux
  • Subsystem: agent
@Manbeardo Manbeardo mentioned this issue Jul 12, 2024
Merged
3 tasks
@amartinezfayo amartinezfayo added the triage/in-progress Issue triage is in progress label Jul 16, 2024
@amartinezfayo amartinezfayo self-assigned this Jul 16, 2024
@amartinezfayo
Copy link
Member

Thank you @Manbeardo for bringing this up and contributing the fix for this!

@amartinezfayo amartinezfayo added priority/backlog Issue is approved and in the backlog and removed triage/in-progress Issue triage is in progress labels Jul 17, 2024
@amartinezfayo
Copy link
Member

Fixed by #5298

@amartinezfayo
Copy link
Member

We had to revert #5298 due to #5455. We will have to come up with a solution that does not use the SVID on disk to determine the attested state of the agent.

@amartinezfayo amartinezfayo reopened this Sep 4, 2024
@amartinezfayo amartinezfayo mentioned this issue Sep 4, 2024
Merged
@MarcosDY MarcosDY mentioned this issue Sep 5, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@amartinezfayo amartinezfayo

Labels
priority/backlog Issue is approved and in the backlog
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Manbeardo @amartinezfayo