b554f9344a
Extension of #14673 Once Vault is initially fingerprinted, extend the period since changes should be infrequent and the fingerprint is relatively expensive since it is contacting a central Vault server. Also move the period timer reset *after* the fingerprint. This is similar to #9435 where the idea is to ensure the retry period starts *after* the operation is attempted. 15s will be the *minimum* time between fingerprints now instead of the *maximum* time between fingerprints. In the case of Vault fingerprinting, the original behavior might cause the following: 1. Timer is reset to 15s 2. Fingerprint takes 16s 3. Timer has already elapsed so we immediately Fingerprint again Even if fingerprinting Vault only takes a few seconds, that may very well be due to excessive load and backing off our fingerprints is desirable. The new bevahior ensures we always wait at least 15s between fingerprint attempts and should allow some natural jittering based on server load and network latency.
87 lines
2.3 KiB
Go
87 lines
2.3 KiB
Go
package fingerprint
|
|
|
|
import (
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/hashicorp/nomad/ci"
|
|
"github.com/hashicorp/nomad/client/config"
|
|
"github.com/hashicorp/nomad/helper/testlog"
|
|
"github.com/hashicorp/nomad/nomad/structs"
|
|
"github.com/hashicorp/nomad/testutil"
|
|
)
|
|
|
|
func TestVaultFingerprint(t *testing.T) {
|
|
ci.Parallel(t)
|
|
|
|
tv := testutil.NewTestVault(t)
|
|
defer tv.Stop()
|
|
|
|
fp := NewVaultFingerprint(testlog.HCLogger(t))
|
|
node := &structs.Node{
|
|
Attributes: make(map[string]string),
|
|
}
|
|
|
|
p, period := fp.Periodic()
|
|
if !p {
|
|
t.Fatalf("expected fingerprint to be periodic")
|
|
}
|
|
if period != (15 * time.Second) {
|
|
t.Fatalf("expected period to be 15s but found: %s", period)
|
|
}
|
|
|
|
conf := config.DefaultConfig()
|
|
conf.VaultConfig = tv.Config
|
|
|
|
request := &FingerprintRequest{Config: conf, Node: node}
|
|
var response FingerprintResponse
|
|
err := fp.Fingerprint(request, &response)
|
|
if err != nil {
|
|
t.Fatalf("Failed to fingerprint: %s", err)
|
|
}
|
|
|
|
if !response.Detected {
|
|
t.Fatalf("expected response to be applicable")
|
|
}
|
|
|
|
assertNodeAttributeContains(t, response.Attributes, "vault.accessible")
|
|
assertNodeAttributeContains(t, response.Attributes, "vault.version")
|
|
assertNodeAttributeContains(t, response.Attributes, "vault.cluster_id")
|
|
assertNodeAttributeContains(t, response.Attributes, "vault.cluster_name")
|
|
|
|
// Period should be longer after initial discovery
|
|
p, period = fp.Periodic()
|
|
if !p {
|
|
t.Fatalf("expected fingerprint to be periodic")
|
|
}
|
|
if period < (30*time.Second) || period > (2*time.Minute) {
|
|
t.Fatalf("expected period to be between 30s and 2m but found: %s", period)
|
|
}
|
|
|
|
// Stop Vault to simulate it being unavailable
|
|
tv.Stop()
|
|
|
|
err = fp.Fingerprint(request, &response)
|
|
if err != nil {
|
|
t.Fatalf("Failed to fingerprint: %s", err)
|
|
}
|
|
|
|
if !response.Detected {
|
|
t.Fatalf("should still show as detected")
|
|
}
|
|
|
|
assertNodeAttributeContains(t, response.Attributes, "vault.accessible")
|
|
assertNodeAttributeContains(t, response.Attributes, "vault.version")
|
|
assertNodeAttributeContains(t, response.Attributes, "vault.cluster_id")
|
|
assertNodeAttributeContains(t, response.Attributes, "vault.cluster_name")
|
|
|
|
// Period should be original once trying to discover Vault is available again
|
|
p, period = fp.Periodic()
|
|
if !p {
|
|
t.Fatalf("expected fingerprint to be periodic")
|
|
}
|
|
if period != (15 * time.Second) {
|
|
t.Fatalf("expected period to be 15s but found: %s", period)
|
|
}
|
|
}
|