Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Hot Reload for creds #101

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

msberyanov
Copy link

No description provided.

@msberyanov msberyanov force-pushed the feature/etcd-creds_hot-reload branch 2 times, most recently from 7accf4a to 60817db Compare July 1, 2024 05:10
@@ -580,7 +585,7 @@ public boolean isClosed() {
// ------ authentication logic

private static final Set<Code> OTHER_AUTH_FAILURE_CODES = ImmutableSet.of(
Code.INVALID_ARGUMENT, Code.FAILED_PRECONDITION, Code.PERMISSION_DENIED, Code.UNKNOWN);
Code.INVALID_ARGUMENT, Code.FAILED_PRECONDITION, Code.PERMISSION_DENIED, Code.INTERNAL, Code.UNKNOWN);
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There was a problem with incorrect auth case identification. Had to add Code.INTERNAL to OTHER_AUTH_FAILURE_CODES among existing.

} else {
failStatus = Status.fromThrowable(failure);
// If this was a real auth failure, postpone further attempts a bit longer
authFailRetryTime = System.currentTimeMillis() + 15_000L;
authFailRetryTime = System.currentTimeMillis() + AUTH_RETRY_TIMEOUT_MS;
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Waiting for 15s every time I hot reload is bad. Most likely it is good to turn the delay off (or make it a parameter).

@@ -697,6 +701,8 @@ private static Metadata tokenHeader(AuthenticateResponse authResponse) {
}

private ListenableFuture<AuthenticateResponse> authenticate() {
logger.error("Auth token seems to be incorrect or uninitialized yet. Getting new token with current etcd creds...");
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just to show in console some things happen..

@@ -264,16 +264,8 @@ private <ReqT,R> ListenableFuture<R> call(MethodDescriptor<ReqT,R> method,
// multiple retries disabled or deadline expired
return Futures.immediateFailedFuture(t);
}
boolean reauth = false;
if (authProvider.requiresReauth(t)) {
if (afterReauth) {
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do not understand why to have such condition...

@@ -646,10 +635,9 @@ public void onError(Throwable t) {
if (finished) {
finalError = true;
} else {
reauthed = !lastAuthFailed && reauthIfRequired(t, sentCallOptions);
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same

@msberyanov msberyanov force-pushed the feature/etcd-creds_hot-reload branch from 60817db to e9f0674 Compare July 1, 2024 05:40
Signed-off-by: Maxim Beryanov <msberyanov@gmail.com>
@msberyanov msberyanov force-pushed the feature/etcd-creds_hot-reload branch from e9f0674 to 6ef25d3 Compare July 1, 2024 06:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant