Token caching for IMDS Client #3543
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Javadoc and clean-up.
Javadoc and clean-up.
- safe async client closing - Ec2MetadataEndpointProvider singleton instance - default attribute map for IMDS - Fix javadoc <p> tag
zoewangg
reviewed
Nov 16, 2022
core/imds/src/main/java/software/amazon/awssdk/imds/Ec2MetadataRetryPolicy.java
Outdated
Show resolved
Hide resolved
core/imds/src/main/java/software/amazon/awssdk/imds/Ec2MetadataRetryPolicy.java
Outdated
Show resolved
Hide resolved
core/imds/src/main/java/software/amazon/awssdk/imds/internal/BaseEc2MetadataClient.java
Show resolved
Hide resolved
core/imds/src/test/java/software/amazon/awssdk/imds/internal/CachedTokenAsyncClientTest.java
Outdated
Show resolved
Hide resolved
core/imds/src/main/java/software/amazon/awssdk/imds/Ec2MetadataClientBuilder.java
Show resolved
Hide resolved
core/imds/src/main/java/software/amazon/awssdk/imds/TokenCacheStrategy.java
Outdated
Show resolved
Hide resolved
core/imds/src/main/java/software/amazon/awssdk/imds/internal/DefaultEc2MetadataAsyncClient.java
Outdated
Show resolved
Hide resolved
core/imds/src/main/java/software/amazon/awssdk/imds/internal/DefaultEc2MetadataAsyncClient.java
Outdated
Show resolved
Hide resolved
core/imds/src/main/java/software/amazon/awssdk/imds/internal/DefaultEc2MetadataAsyncClient.java
Outdated
Show resolved
Hide resolved
- upgrade to Junit 5 - TokenCacheStrategy as an interface - added Token class - Improved Asynchronous request retry and caching logic
zoewangg
reviewed
Nov 23, 2022
core/imds/src/main/java/software/amazon/awssdk/imds/internal/StringResponseHandler.java
Outdated
Show resolved
Hide resolved
core/imds/src/main/java/software/amazon/awssdk/imds/internal/StringResponseHandler.java
Outdated
Show resolved
Hide resolved
core/imds/src/main/java/software/amazon/awssdk/imds/BlockingTokenCache.java
Outdated
Show resolved
Hide resolved
core/imds/src/main/java/software/amazon/awssdk/imds/NoCache.java
Outdated
Show resolved
Hide resolved
| CompletableFutureUtils.forwardExceptionTo(tokenFuture, tokenValueFuture); | ||
| return tokenFuture; | ||
| }; | ||
| this.tokenCache = tokenCacheStrategy.getCachedSupplier(valueSupplier, this.tokenTtl); |
Contributor
There was a problem hiding this comment.
Should we use the token TTL from the response header X-aws-ec2-metadata-token-ttl-seconds? Do we know what happens if the token TTL provided is greater than the max token TTL allowed on the server side? Does it fail or succeed with the max token TTL?
Contributor
There was a problem hiding this comment.
Can we track this somewhere if we haven't done so already?
Contributor
There was a problem hiding this comment.
Maybe add a TODO or add a backlog item?
core/imds/src/main/java/software/amazon/awssdk/imds/internal/DefaultEc2MetadataAsyncClient.java
Outdated
Show resolved
Hide resolved
core/imds/src/main/java/software/amazon/awssdk/imds/internal/Token.java
Outdated
Show resolved
Hide resolved
| ThreadFactory threadFactory = new ThreadFactoryBuilder().threadNamePrefix("IMDS-ScheduledExecutor").build(); | ||
| return Executors.newScheduledThreadPool(DEFAULT_RETRY_THREAD_POOL_SIZE, threadFactory); | ||
| }); | ||
| TokenCacheStrategy tokenCacheStrategy = Validate.getOrDefault(builder.tokenCacheStrategy, () -> TokenCacheStrategy.NONE); |
Contributor
There was a problem hiding this comment.
Should we cache it by default? Let's discuss it in the API surface area review meeting
core/imds/src/main/java/software/amazon/awssdk/imds/BlockingTokenCache.java
Show resolved
Hide resolved
core/imds/src/main/java/software/amazon/awssdk/imds/internal/DefaultEc2MetadataAsyncClient.java
Outdated
Show resolved
Hide resolved
|
SonarCloud Quality Gate failed. |
zoewangg
approved these changes
Nov 25, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Implements token caching for both the Ec2MetadataClient and its Async version.
Motivation and Context
Required as part of the v2 parity.
Modifications
Add an opt-in option to use a CachedSupplier to prevent sending a token request for every MetadataRequest. The token is cached until the token time to live has expired.
Testing
Added unit tests for token caching, both for regular and async clients.
Types of changes
Checklist
mvn installsucceedsscripts/new-changescript and following the instructions. Commit the new file created by the script in.changes/next-releasewith your changes.License