New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
UPSTREAM: <carry>: return 429 instead of 404 when the server hasn't been ready #820
Conversation
@p0lyn0mial: the contents of this pull request could not be automatically validated. The following commits could not be validated and must be approved by a top-level approver:
|
} | ||
|
||
func patchMatches(path string) bool { | ||
return strings.HasPrefix(path, "/apis") || strings.HasPrefix(path, "/apis/") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is this enough?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is this enough?
Yes. Add a comment explaining that since discovery contains all groups, we have to block the discovery paths until CRDs and APIServices are synced. Otherwise someone will optimize this to expose built-in APIs.
I'm open to allowing direct GETS and PUTs for built-in APIs, but not their discovery
|
||
if patchMatches(r.URL.Path) && userMatches(attribs.GetUser().GetName()) { | ||
w.Header().Set("Retry-After", "3") | ||
http.Error(w, "Too many requests, please try again later.", http.StatusTooManyRequests) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
does this match the 429 returned by p&f? I thought we tried to return json.
Can the message here be distinct so we can find it while tracing?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
does this match the 429 returned by p&f? I thought we tried to return json
yes, p&f uses tooManyRequest function
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can the message here be distinct so we can find it while tracing?
+1
} | ||
|
||
func userMatches(user string) bool { | ||
return user == "system:serviceaccount:kube-system:generic-garbage-collector" || user == "system:serviceaccount:kube-system:namespace-controller" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
GC uses its own account for informers?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nope, informers use system:kube-controller-manager
, do we want to add it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I thought it only matters to the discovery and the normal client
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think that informers will simply retry on 404
…een ready WithNotFoundProtectorHandler will return 429 instead of 404 iff: - server hasn't been ready (/readyz=false) - the user is GC or the namespace lifecycle controller - the path is for an aggregated API or CR This handler ensures that the system stays consistent even when requests are received before the server is ready. In particular it prevents child deletion in case of GC or/and orphaned content in case of the namespaces controller.
8f3cbdf
to
003809e
Compare
@p0lyn0mial: the contents of this pull request could not be automatically validated. The following commits could not be validated and must be approved by a top-level approver:
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: p0lyn0mial The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
} | ||
|
||
if patchMatches(r.URL.Path) && userMatches(attribs.GetUser().GetName()) { | ||
w.Header().Set("Retry-After", "3") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do we want to randomize the timeout?
@p0lyn0mial: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
Issues go stale after 90d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle stale |
@p0lyn0mial: PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Stale issues rot after 30d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle rotten |
Rotten issues close after 30d of inactivity. Reopen the issue by commenting /close |
@openshift-bot: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
WithNotFoundProtectorHandler will return 429 instead of 404 iff:
This handler ensures that the system stays consistent even when requests are received before the server is ready.
In particular it prevents child deletion in case of GC or/and orphaned content in case of the namespaces controller.