luxolus
/
open-nomad
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

taskrunner: add clarifying initial vault token renew comment.

This commit is contained in:
James Rasell 2021-10-28 17:09:22 +02:00
parent 73351c35dd
commit e3537a06bb
No known key found for this signature in database
GPG Key ID: AA7D460F5C8377AA
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
client/allocrunner/taskrunner/vault_hook.go
View File

@ -216,7 +216,16 @@ OUTER:
}
}
// Start the renewal process
// Start the renewal process.
//
// This is the initial renew of the token which we derived from the
// server. The client does not know how long it took for the token to
// be generated and derived and also wants to gain control of the
// process quickly, but not too quickly. We therefore use a hardcoded
// increment value of 30; this value without a suffix is in seconds.
//
// If Vault is having availability issues or is overloaded, a large
// number of initial token renews can exacerbate the problem.
renewCh, err := h.client.RenewToken(token, 30)
// An error returned means the token is not being renewed