Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Quit agent endpoint with config #14223

Merged
merged 9 commits into from
Feb 25, 2022
Merged

Quit agent endpoint with config #14223

merged 9 commits into from
Feb 25, 2022

Conversation

tomhjp
Copy link
Contributor

@tomhjp tomhjp commented Feb 23, 2022

Builds on #12789 and closes #11089

Support a quit API endpoint so that when Vault Agent can be programatically shut down. This is useful for instance when Agent is a sidecar in a Kubernetes job to stop the job from hanging forever. Currently the only workarounds are to use shareProcessNamespace: true for the container so that process kill signals can be sent, or to avoid the sidecar container entirely and just rely on an init container.

@vercel vercel bot temporarily deployed to Preview – vault February 23, 2022 14:28 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook February 23, 2022 14:28 Inactive
@tomhjp tomhjp mentioned this pull request Feb 23, 2022
Closed
@tomhjp tomhjp added this to the 1.10 milestone Feb 23, 2022
@tomhjp
Copy link
Contributor Author

tomhjp commented Feb 23, 2022

cc @taoism4504 for documentation updates

@calvn calvn modified the milestones: 1.10, 1.10-rc1 Feb 23, 2022
@benashz benashz self-requested a review February 23, 2022 17:58
benashz
benashz reviewed Feb 23, 2022
View reviewed changes
Copy link
Contributor

@benashz benashz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking good! Had a few questions/suggestions.

command/agent_test.go Show resolved Hide resolved
command/agent_test.go Outdated Show resolved Hide resolved
command/agent_test.go Show resolved Hide resolved
command/agent.go Outdated Show resolved Hide resolved
command/agent.go Show resolved Hide resolved
command/agent.go Show resolved Hide resolved
command/agent.go Outdated Show resolved Hide resolved
command/agent.go Show resolved Hide resolved
internalshared/configutil/listener.go Show resolved Hide resolved
website/content/docs/agent/index.mdx Show resolved Hide resolved
tvoran
tvoran reviewed Feb 23, 2022
View reviewed changes
command/agent.go Outdated Show resolved Hide resolved
benashz
benashz reviewed Feb 23, 2022
View reviewed changes
command/agent_test.go Outdated Show resolved Hide resolved
@vercel vercel bot temporarily deployed to Preview – vault-storybook February 24, 2022 18:03 Inactive
@tomhjp tomhjp requested review from calvn and tvoran February 24, 2022 18:10
@tomhjp @benashz
http constant
8beb9e5 
Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>
@vercel vercel bot temporarily deployed to Preview – vault February 24, 2022 18:29 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook February 24, 2022 18:29 Inactive
@tomhjp tomhjp requested a review from benashz February 24, 2022 18:31
@tomhjp
Copy link
Contributor Author

tomhjp commented Feb 24, 2022

Thanks for the reviews. I think that's all comments addressed. Docs site deployment link is here if you'd like to browse: https://vault-aq18lm9e5-hashicorp.vercel.app/docs/agent#api

tvoran
tvoran approved these changes Feb 24, 2022
View reviewed changes
Copy link
Member

@tvoran tvoran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Working great for me in my testing!

calvn
calvn approved these changes Feb 24, 2022
View reviewed changes
Copy link
Member

@calvn calvn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great!

Reminder that if there's a release/1.10.x by the time this gets merged, we'd need to also backport it to that branch.

taoism4504
taoism4504 approved these changes Feb 24, 2022
View reviewed changes
Copy link
Contributor

@taoism4504 taoism4504 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Text looks good.

benashz
benashz approved these changes Feb 24, 2022
View reviewed changes
Copy link
Contributor

@benashz benashz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@tomhjp tomhjp merged commit e9df7a6 into main Feb 25, 2022
@tomhjp tomhjp deleted the quit-agent-endpoint-with-config branch February 25, 2022 10:29
benashz
benashz reviewed Feb 25, 2022
View reviewed changes
command/agent_test.go
}

// Get a randomly assigned port and then free it again before returning it.
// There is still a race when trying to use it, but should work better
Copy link
Contributor

@benashz benashz Feb 25, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The risk of a port collision should be relatively low since most kernels incrementally assign ports from their dynamic range of many thousands of ports.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TIL, thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@benashz benashz benashz approved these changes

@tvoran tvoran tvoran approved these changes

@calvn calvn calvn approved these changes

@taoism4504 taoism4504 taoism4504 approved these changes

@imthaghost imthaghost Awaiting requested review from imthaghost

Assignees
No one assigned
Labels
agent enhancement
Projects
None yet
Milestone
1.10-rc1
Development

Successfully merging this pull request may close these issues.

Support for shutting down Vault Agent when Job ends (possibly via HTTP POST)
6 participants
@tomhjp @tvoran @calvn @benashz @taoism4504 @remilapeyre