Skip to content
This repository has been archived by the owner on Jul 26, 2022. It is now read-only.

_scheduleNextPoll sets _setNextPoll with 0ms value argument #760

Closed
carlosreyna-cloudposse opened this issue May 25, 2021 · 2 comments
Closed

_scheduleNextPoll sets _setNextPoll with 0ms value argument #760

carlosreyna-cloudposse opened this issue May 25, 2021 · 2 comments

Comments

@carlosreyna-cloudposse
Copy link

EKS: 1.9
kubernetes-external-secrets: 8.0.1

It looks like observedGeneration is always less than currentGeneration.

kubernetes-external-secrets/lib/poller.js

Line 314 in 22e6dd8

if (observedGeneration < currentGeneration) {

We set the DISABLE_POLLING and were unable to disable polling due to the observedGeneration check occuring prior to the _pollingDisabled check.

logs

{"level":20,"message_time":"2021-05-25T02:42:33.444Z","pid":17,"hostname":"external-secrets-774f594499-j6b9n","msg":"spinning up poller for some/key"}
{"level":30,"message_time":"2021-05-25T02:42:33.445Z","pid":17,"hostname":"external-secrets-774f594499-j6b9n","msg":"starting poller for some/key"}
{"level":20,"message_time":"2021-05-25T02:42:33.456Z","pid":17,"hostname":"external-secrets-774f594499-j6b9n","msg":"next poll for some/key in 0 ms"}
{"level":30,"message_time":"2021-05-25T02:42:33.456Z","pid":17,"hostname":"external-secrets-774f594499-j6b9n","msg":"running poll on the secret some/key"}
{"level":30,"message_time":"2021-05-25T02:42:33.469Z","pid":17,"hostname":"external-secrets-774f594499-j6b9n","msg":"fetching secret property /olympus/newrelic/key with role: pods role in region: pods region"}
{"level":30,"message_time":"2021-05-25T02:42:33.528Z","pid":17,"hostname":"external-secrets-774f594499-j6b9n","msg":"upserting secret some/key"}
{"level":20,"message_time":"2021-05-25T02:42:33.558Z","pid":17,"hostname":"external-secrets-774f594499-j6b9n","msg":"updating status for some/key to: SUCCESS"}
{"level":20,"message_time":"2021-05-25T02:42:33.571Z","pid":17,"hostname":"external-secrets-774f594499-j6b9n","msg":"stopping and removing poller e7a1c552-c11d-42d4-a95e-29c5bc9fc22c"}
{"level":30,"message_time":"2021-05-25T02:42:33.571Z","pid":17,"hostname":"external-secrets-774f594499-j6b9n","msg":"stopping poller for some/key"}

apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "5"
    meta.helm.sh/release-name: external-secrets
    meta.helm.sh/release-namespace: external-secrets
  creationTimestamp: "2021-05-24T04:23:56Z"
  generation: 5
  labels:
    app.kubernetes.io/instance: external-secrets
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: external-secrets
    helm.sh/chart: kubernetes-external-secrets-8.0.1
  managedFields:
  - apiVersion: apps/v1
    fieldsType: FieldsV1
    fieldsV1:
      f:metadata:
        f:annotations:
          .: {}
          f:meta.helm.sh/release-name: {}
          f:meta.helm.sh/release-namespace: {}
        f:labels:
          .: {}
          f:app.kubernetes.io/instance: {}
          f:app.kubernetes.io/managed-by: {}
          f:app.kubernetes.io/name: {}
          f:helm.sh/chart: {}
      f:spec:
        f:progressDeadlineSeconds: {}
        f:replicas: {}
        f:revisionHistoryLimit: {}
        f:selector:
          f:matchLabels:
            .: {}
            f:app.kubernetes.io/instance: {}
            f:app.kubernetes.io/name: {}
        f:strategy:
          f:rollingUpdate:
            .: {}
            f:maxSurge: {}
            f:maxUnavailable: {}
          f:type: {}
        f:template:
          f:metadata:
            f:labels:
              .: {}
              f:app.kubernetes.io/instance: {}
              f:app.kubernetes.io/name: {}
          f:spec:
            f:containers:
              k:{"name":"kubernetes-external-secrets"}:
                .: {}
                f:env:
                  .: {}
                  k:{"name":"AWS_DEFAULT_REGION"}:
                    .: {}
                    f:name: {}
                    f:value: {}
                  k:{"name":"AWS_REGION"}:
                    .: {}
                    f:name: {}
                    f:value: {}
                  k:{"name":"DISABLE_POLLING"}:
                    .: {}
                    f:name: {}
                    f:value: {}
                  k:{"name":"LOG_LEVEL"}:
                    .: {}
                    f:name: {}
                    f:value: {}
                  k:{"name":"LOG_MESSAGE_KEY"}:
                    .: {}
                    f:name: {}
                    f:value: {}
                  k:{"name":"METRICS_PORT"}:
                    .: {}
                    f:name: {}
                    f:value: {}
                  k:{"name":"POLLER_INTERVAL_MILLISECONDS"}:
                    .: {}
                    f:name: {}
                    f:value: {}
                  k:{"name":"VAULT_ADDR"}:
                    .: {}
                    f:name: {}
                    f:value: {}
                  k:{"name":"WATCH_TIMEOUT"}:
                    .: {}
                    f:name: {}
                    f:value: {}
                f:image: {}
                f:imagePullPolicy: {}
                f:name: {}
                f:ports:
                  .: {}
                  k:{"containerPort":3001,"protocol":"TCP"}:
                    .: {}
                    f:containerPort: {}
                    f:name: {}
                    f:protocol: {}
                f:resources: {}
                f:terminationMessagePath: {}
                f:terminationMessagePolicy: {}
            f:dnsPolicy: {}
            f:restartPolicy: {}
            f:schedulerName: {}
            f:securityContext:
              .: {}
              f:runAsNonRoot: {}
            f:serviceAccount: {}
            f:serviceAccountName: {}
            f:terminationGracePeriodSeconds: {}
    manager: Go-http-client
    operation: Update
    time: "2021-05-25T02:10:16Z"
  - apiVersion: apps/v1
    fieldsType: FieldsV1
    fieldsV1:
      f:metadata:
        f:annotations:
          f:deployment.kubernetes.io/revision: {}
      f:status:
        f:availableReplicas: {}
        f:conditions:
          .: {}
          k:{"type":"Available"}:
            .: {}
            f:lastTransitionTime: {}
            f:lastUpdateTime: {}
            f:message: {}
            f:reason: {}
            f:status: {}
            f:type: {}
          k:{"type":"Progressing"}:
            .: {}
            f:lastTransitionTime: {}
            f:lastUpdateTime: {}
            f:message: {}
            f:reason: {}
            f:status: {}
            f:type: {}
        f:observedGeneration: {}
        f:readyReplicas: {}
        f:replicas: {}
        f:updatedReplicas: {}
    manager: kube-controller-manager
    operation: Update
    time: "2021-05-25T02:40:57Z"
  name: external-secrets
  namespace: external-secrets
  resourceVersion: "28269378"
  selfLink: /apis/apps/v1/namespaces/external-secrets/deployments/external-secrets
  uid: 1fbf8fd2-b82f-400d-b3cd-16151c9e6fe5
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/instance: external-secrets
      app.kubernetes.io/name: external-secrets
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        app.kubernetes.io/instance: external-secrets
        app.kubernetes.io/name: external-secrets
    spec:
      containers:
      - env:
        - name: AWS_DEFAULT_REGION
          value: us-east-1
        - name: AWS_REGION
          value: us-east-1
        - name: DISABLE_POLLING
          value: "true"
        - name: LOG_LEVEL
          value: debug
        - name: LOG_MESSAGE_KEY
          value: msg
        - name: METRICS_PORT
          value: "3001"
        - name: POLLER_INTERVAL_MILLISECONDS
          value: "10000"
        - name: VAULT_ADDR
          value: http://127.0.0.1:8200
        - name: WATCH_TIMEOUT
          value: "60000"
        image: ghcr.io/external-secrets/kubernetes-external-secrets:8.0.1
        imagePullPolicy: IfNotPresent
        name: kubernetes-external-secrets
        ports:
        - containerPort: 3001
          name: prometheus
          protocol: TCP
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext:
        runAsNonRoot: true
      serviceAccount: external-secrets
      serviceAccountName: external-secrets
      terminationGracePeriodSeconds: 30
status:
  availableReplicas: 1
  conditions:
  - lastTransitionTime: "2021-05-24T04:23:58Z"
    lastUpdateTime: "2021-05-24T04:23:58Z"
    message: Deployment has minimum availability.
    reason: MinimumReplicasAvailable
    status: "True"
    type: Available
  - lastTransitionTime: "2021-05-24T04:23:56Z"
    lastUpdateTime: "2021-05-25T02:40:57Z"
    message: ReplicaSet "external-secrets-774f594499" has successfully progressed.
    reason: NewReplicaSetAvailable
    status: "True"
    type: Progressing
  observedGeneration: 5
  readyReplicas: 1
  replicas: 1
  updatedReplicas: 1
@Flydiverny
Copy link
Member

Did you update crd to version 8.0.1?

@carlosreyna-cloudposse
Copy link
Author

Did you update crd to version 8.0.1?

Looks like that was the issue. Thank you.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Flydiverny @carlosreyna-cloudposse