Skip to content
This repository was archived by the owner on Jan 9, 2023. It is now read-only.

Improve vault tunnel creation #288

Merged
simonswine merged 2 commits into from
Jun 11, 2018
Merged

Improve vault tunnel creation #288

simonswine merged 2 commits into from
Jun 11, 2018

Conversation

@dippynark
Copy link
Contributor

@dippynark dippynark commented Jun 5, 2018

This PR fixes the following:

  • when testing connection to the bastion before creating vault tunnels, we use the -N flag, which shouldn't be used as we are running a remote command (/bin/true)
  • when creating vault tunnels, if a problem occurs, there was a chance we could hang indefinitely - this change reduces the chance of a blocking channel so that this hanging doesn't occur
Improve Vault tunnel creation preventing indefinite hanging in certain situations

@jetstack-bot jetstack-bot added the release-note Denotes a PR that will be considered when it comes time to generate release notes. label Jun 5, 2018
@jetstack-bot jetstack-bot requested a review from charlieegan3 June 5, 2018 13:34
@jetstack-bot jetstack-bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Jun 5, 2018
@dippynark dippynark changed the title Fix vault tunnel creationg Improve vault tunnel creation Jun 5, 2018
@dippynark dippynark force-pushed the fix-vault-tunnel-creation branch 2 times, most recently from 41c8ef6 to 439057b Compare June 5, 2018 15:39
@dippynark dippynark force-pushed the fix-vault-tunnel-creation branch from 439057b to 50183e9 Compare June 5, 2018 15:41
simonswine
simonswine reviewed Jun 5, 2018
View reviewed changes
pkg/tarmak/vault/vault.go Outdated
return
}

if health.Standby == false && health.Sealed == false {
Copy link
Contributor

@simonswine simonswine Jun 5, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we have to check here for health.Initialized

Copy link
Contributor Author

@dippynark dippynark Jun 8, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

agreed

pkg/tarmak/vault/vault.go Outdated
VaultStateUnsealed
VaultStateUnintialised
VaultStateErr
vaultTunnelCreationTimeoutSeconds = 5
Copy link
Contributor

@simonswine simonswine Jun 5, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please test multi/single cluster E2E, I am not too sure if that is a good value

Copy link
Contributor Author

@dippynark dippynark Jun 8, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It worked fine with 5, but have upped it to 10 to be safe

@simonswine
Copy link
Contributor

simonswine commented Jun 6, 2018

/assign @dippynark

@dippynark what is your feeling about my comments?

@dippynark dippynark force-pushed the fix-vault-tunnel-creation branch from 42032bf to d0a470b Compare June 8, 2018 12:00
@simonswine
Copy link
Contributor

simonswine commented Jun 11, 2018

Thanks luke for tracking this down

/lgtm
/approve

@jetstack-bot jetstack-bot added the lgtm Indicates that a PR is ready to be merged. label Jun 11, 2018
@jetstack-bot
Copy link
Collaborator

jetstack-bot commented Jun 11, 2018

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: simonswine

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@jetstack-bot jetstack-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jun 11, 2018
@simonswine simonswine merged commit 41e50c2 into jetstack:master Jun 11, 2018
@dippynark dippynark mentioned this pull request Jul 25, 2018
Merged
jetstack-bot added a commit that referenced this pull request Jul 27, 2018
@jetstack-bot
Merge pull request #381 from dippynark/automated-cherry-pick-of-#247-#…
7785524 
…101-#287-#288-#293-#285-#299-#301-#304-#267-#305-#306-#326-#323-#322-#327-#330-#329-#346-#338-#313-#300-#296-#347-#295-#344-#235-#361-#365-#345-#343-#325-#336-#321-#371-#364-#378-origin-release-0.4

Automated cherry pick of #247 #101 #287 #288 #293 #285 #299 #301 #304 #267 #305 #306 #326 #323 #322 #327 #330 #329 #346 #338 #313 #300 #296 #347 #295 #344 #235 #361 #365 #345 #343 #325 #336 #321 #371 #364 #378
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@charlieegan3 charlieegan3 Awaiting requested review from charlieegan3

1 more reviewer

@simonswine simonswine simonswine left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@simonswine simonswine

@dippynark dippynark

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@dippynark @simonswine @jetstack-bot