dind: ensure node certs are generated serially #11298
Conversation
|
[test] |
|
|
||
| exec 200>"${config_path}"/.openshift-generate-node-config.exclusivelock | ||
|
|
||
| flock -n 200 && return 0 || return 1 |
There was a problem hiding this comment.
What does masking the return code here achieve? The only difference is non-zero return codes get aliased as 1.
| @@ -8,6 +8,14 @@ source /usr/local/bin/openshift-dind-lib.sh | |||
| # Should set OPENSHIFT_NETWORK_PLUGIN | |||
| source /data/network-plugin | |||
|
|
|||
| function lock() { | |||
There was a problem hiding this comment.
We probably want to namespace this function, I feel like we could have name collisions with lock
marun
force-pushed
the
dind-sync-cert-gen
branch
from
39705d4
to
58230c2
Compare
|
flake #11240 re-[test] |
marun
force-pushed
the
dind-sync-cert-gen
branch
from
58230c2
to
3322d5b
Compare
|
@stevekuznetsov ptal |
|
LGTM |
|
Shouldn't we drop the lock at some point? AIUI, once we get the lock, this would hold it until the script exits |
|
@danwinship I'm not sure it's a problem to hold it until the file exits, but it can't hurt to unlock after config is generated. |
marun
force-pushed
the
dind-sync-cert-gen
branch
from
185dfa9
to
5efe73a
Compare
The cert gen commands are not intended to be run concurrently.
|
Evaluated for origin test up to 5efe73a |
|
continuous-integration/openshift-jenkins/test Running (https://ci.openshift.redhat.com/jenkins/job/test_pr_origin/9917/) |
|
Closed in favor of inclusion in #11326. |
The cert gen commands are not intended to be run concurrently.
Intended to fix #11274
cc: @liggitt @openshift/networking @stevekuznetsov