Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(kuma-cp): add metrics and timeouts to CA interface #4089

Merged
merged 9 commits into from
Apr 4, 2022
Merged

feat(kuma-cp): add metrics and timeouts to CA interface #4089

merged 9 commits into from
Apr 4, 2022

Conversation

parkanzky
Copy link
Contributor

Summary

Add certificate generation latency metrics and configurable timeouts to the top level CA interface for DP and CA root certificate retrieval.

Full changelog

  • Add configurable timeouts to mTLS certificate retrieval
  • Add latency metrics to mTLS certificate retrieval

Issues resolved

Fix #4058

Documentation

Testing

  • Unit tests
  • E2E tests
  • Manual testing on Universal
  • Manual testing on Kubernetes

Backwards compatibility

  • Update UPGRADE.md with any steps users will need to take when upgrading.
  • Add backport-to-stable label if the code follows our backporting policy

Paul Parkanzky added 3 commits March 29, 2022 17:35
feat(kuma-cp): add cert metrics
17a48f3 
Signed-off-by: Paul Parkanzky <[email protected]>
chore(kuma-cp): make check
eec0c64 
Signed-off-by: Paul Parkanzky <[email protected]>
feat(kuma-cp): add configurable timeout
34c319b 
Signed-off-by: Paul Parkanzky <[email protected]>
@parkanzky parkanzky requested a review from a team as a code owner March 30, 2022 20:25
jakubdyszkiewicz
jakubdyszkiewicz reviewed Mar 31, 2022
View reviewed changes
Copy link
Contributor

@jakubdyszkiewicz jakubdyszkiewicz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tests are missing.

Timeout tests might be quite hard to write because we wound need custom identity and ca providers that are "stuck" and react on context.

Please add in secret_test.go that we report a metric

pkg/xds/secrets/ca_provider.go Outdated Show resolved Hide resolved
api/mesh/v1alpha1/mesh.proto Outdated Show resolved Hide resolved
Paul Parkanzky added 2 commits March 31, 2022 11:35
michaelbeaumont
michaelbeaumont reviewed Mar 31, 2022
View reviewed changes
pkg/xds/secrets/ca_provider.go Outdated Show resolved Hide resolved
pkg/xds/secrets/ca_provider.go Outdated Show resolved Hide resolved
@parkanzky parkanzky marked this pull request as draft March 31, 2022 22:46
@parkanzky
Copy link
Contributor Author

Temporarily converting this to draft to prevent merging. Now that the SummaryVec is no longer differentiated by the type of CA, the loop re-registers the same metric, which causes an error. I can fix that tomorrow.

@parkanzky parkanzky marked this pull request as ready for review April 1, 2022 14:08
Paul Parkanzky added 2 commits April 3, 2022 22:43
@parkanzky parkanzky merged commit ee60b1d into master Apr 4, 2022
@parkanzky parkanzky deleted the feat/ca-metrics-timeouts branch April 4, 2022 15:27
@lahabana lahabana changed the title feat/kuma-cp add metrics and timeouts to CA interface feat(kuma-cp): add metrics and timeouts to CA interface Apr 5, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michaelbeaumont michaelbeaumont michaelbeaumont left review comments

@jakubdyszkiewicz jakubdyszkiewicz jakubdyszkiewicz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add metrics and timeouts to Kuma CA interaction
3 participants
@parkanzky @michaelbeaumont @jakubdyszkiewicz