Backport of Stop processing ACME verifications when active node is stepped down into release/1.15.x#23286
Merged
stevendpclark merged 1 commit intorelease/1.15.xfrom Sep 26, 2023
Conversation
hc-github-team-secure-vault-core
requested a review
from a team
as a code owner
hc-github-team-secure-vault-core
force-pushed
the
backport/stevendpclark/vault-20315-acme-active-node-change/verbally-large-baboon
branch
from
e0d748e to
fc18ac7
Compare
github-actions
bot
added
the
hashicorp-contributed-pr
stevendpclark
approved these changes
Sep 26, 2023
|
Build Results: |
stevendpclark
deleted the
backport/stevendpclark/vault-20315-acme-active-node-change/verbally-large-baboon
branch
|
CI Results: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backport
This PR is auto-generated from #23278 to be assessed for backporting due to the inclusion of the label backport/1.15.x.
The below text is copied from the body of the original PR.
Do not load existing ACME challenges persisted within storage on non-active nodes. This was the main culprit of the issues, secondary nodes would load existing persisted challenges trying to resolve them but writes would fail leading to the excessive logging.
If a node is stepped down from being the active node while it is actively processing a verification, we could get into an infinite loop due to an ErrReadOnly error attempting to clean up a challenge entry
Add a maximum number of retries for errors around attempting to decode,fetch challenge/authorization entries from disk. We use double the number of "normal" max attempts for these types of errors, than we would for normal ACME retry attempts to avoid collision issues. Note that these additional retry attempts are not persisted to disk and will restart on every node start
Add a 1 second backoff to any disk related error to not immediately spin on disk/io errors for challenges.
Overview of commits