Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(cf): Improved caching agent robustness #4351

Merged
merged 7 commits into from
Feb 25, 2020
Merged

fix(cf): Improved caching agent robustness #4351

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
4ab26c9
fix(cf): Skip caching CF apps having frigga incompatible names
Feb 18, 2020
8fd4a43
fix(cf): Stop swallowing exception causes.
Feb 18, 2020
d15acf3
fix(cf): Race condition causing NPE getting token in the HTTP Client.
Feb 18, 2020
053015b
fix(cf): NPE after on-demand cache refresh run
Feb 18, 2020
bed104a
fix(cf): Adjusted log verbosity level
Feb 18, 2020
4cc49a6
fix(cf): Re-enabling cache eviction of a serverGroup on-demand
Feb 20, 2020
b6de067
fix(cf): Sensible defaults for cache data retrieval
Feb 25, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 8 additions & 1 deletion ...dry/src/main/java/com/netflix/spinnaker/clouddriver/cloudfoundry/client/Applications.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -169,6 +169,13 @@ public List<CloudFoundryApplication> all() {

for (CloudFoundryServerGroup serverGroup : serverGroupCache.asMap().values()) {
Names names = Names.parseName(serverGroup.getName());
if (names.getCluster() == null) {
log.debug(
"Skipping app '{}' from foundation '{}' because the name isn't following the frigga naming schema.",
serverGroup.getName(),
this.account);
continue;
}
serverGroupsByClusters
.computeIfAbsent(names.getCluster(), clusterName -> new HashSet<>())
.add(serverGroup);
Expand Down Expand Up @@ -417,7 +424,7 @@ private CloudFoundryServerGroup checkHealthStatus(
})
.collect(toSet());

log.debug(
log.trace(
"Successfully retrieved "
+ instances.size()
+ " instances for application '"
Expand Down
5 changes: 3 additions & 2 deletions .../java/com/netflix/spinnaker/clouddriver/cloudfoundry/client/CloudFoundryApiException.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,14 +36,15 @@ public CloudFoundryApiException(ErrorDescription errorCause, RetrofitError retro
super(
Optional.ofNullable(errorCause)
.map(e -> getMessage(e.getErrors().toArray(new String[0])))
.orElse(getRetrofitErrorMessage(retrofitError)));
.orElse(getRetrofitErrorMessage(retrofitError)),
retrofitError);
if (errorCause != null) {
this.errorCode = errorCause.getCode();
}
}

public CloudFoundryApiException(RetrofitError retrofitError) {
super(getRetrofitErrorMessage(retrofitError));
super(getRetrofitErrorMessage(retrofitError), retrofitError);
}

public CloudFoundryApiException(Throwable t, String... errors) {
Expand Down
49 changes: 20 additions & 29 deletions ...in/java/com/netflix/spinnaker/clouddriver/cloudfoundry/client/HttpCloudFoundryClient.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@
import java.time.Duration;
import java.util.ArrayList;
import java.util.List;
import java.util.concurrent.atomic.AtomicLong;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicReference;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
Expand Down Expand Up @@ -77,8 +77,9 @@ public class HttpCloudFoundryClient implements CloudFoundryClient {
private Logger logger = LoggerFactory.getLogger(HttpCloudFoundryClient.class);

private AuthenticationService uaaService;
private AtomicLong tokenExpirationNs = new AtomicLong(System.nanoTime());
private volatile Token token;
private long tokenExpiration = System.currentTimeMillis();
private Token token;
private final Object tokenLock = new Object();

private JacksonConverter jacksonConverter;

Expand All @@ -93,13 +94,7 @@ public class HttpCloudFoundryClient implements CloudFoundryClient {
private Logs logs;

private final RequestInterceptor oauthInterceptor =
new RequestInterceptor() {
@Override
public void intercept(RequestFacade request) {
refreshTokenIfNecessary();
request.addHeader("Authorization", "bearer " + token.getAccessToken());
}
};
request -> request.addHeader("Authorization", "bearer " + getToken(false).getAccessToken());

private static class RetryableApiException extends RuntimeException {
RetryableApiException(String message) {
Expand All @@ -120,7 +115,7 @@ Response createRetryInterceptor(Interceptor.Chain chain) {
.intervalFunction(IntervalFunction.ofExponentialBackoff(Duration.ofSeconds(10), 3))
.retryExceptions(RetryableApiException.class)
.build());
logger.debug("cf request: " + chain.request().urlString());
logger.trace("cf request: " + chain.request().urlString());
AtomicReference<Response> lastResponse = new AtomicReference<>();
try {
return retry.executeCallable(
Expand All @@ -135,13 +130,12 @@ Response createRetryInterceptor(Interceptor.Chain chain) {
Buffer buffer = source.buffer();
String body = buffer.clone().readString(Charset.forName("UTF-8"));
if (!body.contains("Bad credentials")) {
refreshToken();
response =
chain.proceed(
chain
.request()
.newBuilder()
.header("Authorization", "bearer " + token.getAccessToken())
.header("Authorization", "bearer " + getToken(true).getAccessToken())
.build());
lastResponse.set(response);
}
Expand Down Expand Up @@ -188,6 +182,7 @@ public HttpCloudFoundryClient(
this.password = password;

this.okHttpClient = createHttpClient(skipSslValidation);
this.okHttpClient.setReadTimeout(20, TimeUnit.SECONDS);

okHttpClient.interceptors().add(this::createRetryInterceptor);

Expand Down Expand Up @@ -284,23 +279,19 @@ public X509Certificate[] getAcceptedIssuers() {
return client;
}

private void refreshTokenIfNecessary() {
long currentExpiration = tokenExpirationNs.get();
long now = System.nanoTime();
long comp = Math.min(currentExpiration, now);
if (tokenExpirationNs.compareAndSet(comp, now)) {
this.refreshToken();
}
}

private void refreshToken() {
try {
token = uaaService.passwordToken("password", user, password, "cf", "");
} catch (Exception e) {
log.warn("Failed to obtain a token", e);
throw e;
private Token getToken(boolean forceRefresh) {
synchronized (tokenLock) {
if (forceRefresh || (token == null || System.currentTimeMillis() >= tokenExpiration)) {
try {
token = uaaService.passwordToken("password", user, password, "cf", "");
} catch (Exception e) {
log.warn("Failed to obtain a token", e);
throw e;
}
tokenExpiration = System.currentTimeMillis() + ((token.getExpiresIn() - 120) * 1000);
}
return token;
}
tokenExpirationNs.addAndGet(Duration.ofSeconds(token.getExpiresIn()).toNanos());
}

private <S> S createService(Class<S> serviceClass) {
Expand Down
2 changes: 1 addition & 1 deletion ...innaker/clouddriver/cloudfoundry/provider/agent/CloudFoundryLoadBalancerCachingAgent.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ public CacheResult loadData(ProviderCache providerCache) {
cacheData -> {
long cacheTime = (long) cacheData.getAttributes().get("cacheTime");
if (cacheTime < loadDataStart
&& (int) cacheData.getAttributes().get("processedCount") > 0) {
&& (int) cacheData.getAttributes().computeIfAbsent("processedCount", s -> 0) > 0) {
toEvict.add(cacheData.getId());
} else {
toKeep.put(cacheData.getId(), cacheData);
Expand Down
9 changes: 1 addition & 8 deletions ...pinnaker/clouddriver/cloudfoundry/provider/agent/CloudFoundryServerGroupCachingAgent.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ public CacheResult loadData(ProviderCache providerCache) {
cacheData -> {
long cacheTime = (long) cacheData.getAttributes().get("cacheTime");
if (cacheTime < loadDataStart
&& (int) cacheData.getAttributes().get("processedCount") > 0) {
&& (int) cacheData.getAttributes().computeIfAbsent("processedCount", s -> 0) > 0) {
toEvict.add(cacheData.getId());
} else {
toKeep.put(cacheData.getId(), cacheData);
Expand Down Expand Up @@ -150,13 +150,6 @@ public OnDemandResult handle(ProviderCache providerCache, Map<String, ?> data) {
if (serverGroupName == null) {
return null;
}
CloudFoundryServerGroup serverGroup =
this.getClient()
.getApplications()
.findServerGroupByNameAndSpaceId(serverGroupName, space.getId());
if (serverGroup == null) {
return null;
}

log.info("On Demand cache refresh triggered, waiting for Server group loadData to be called");
CloudFoundryServerGroup cloudFoundryServerGroup =
Expand Down
2 changes: 1 addition & 1 deletion ...java/com/netflix/spinnaker/clouddriver/cloudfoundry/security/CloudFoundryCredentials.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ public CloudFoundryCredentials(
this.password = password;
this.environment = Optional.ofNullable(environment).orElse("dev");
this.skipSslValidation = skipSslValidation;
this.resultsPerPage = Optional.ofNullable(resultsPerPage).orElse(500);
this.resultsPerPage = Optional.ofNullable(resultsPerPage).orElse(100);
this.maxCapiConnectionsForCache = Optional.ofNullable(maxCapiConnectionsForCache).orElse(16);
}

Expand Down
11 changes: 7 additions & 4 deletions ...aker/clouddriver/cloudfoundry/provider/agent/CloudFoundryServerGroupCachingAgentTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,7 @@ void handleShouldReturnNullWhenServerGroupNameIsUnspecified() {
}

@Test
void handleShouldReturnNullWhenServerGroupDoesNotExist() {
void handleShouldReturnAnEvictResultWhenServerGroupDoesNotExists() {
String region = "org > space";
String serverGroupName = "server-group";
Map<String, Object> data =
Expand All @@ -133,12 +133,15 @@ void handleShouldReturnNullWhenServerGroupDoesNotExist() {
when(cloudFoundryClient.getApplications()).thenReturn(mockApplications);
when(mockApplications.findServerGroupByNameAndSpaceId(any(), any())).thenReturn(null);

when(mockProviderCache.filterIdentifiers(any(), any()))
.thenReturn(Collections.singletonList("key"));

OnDemandAgent.OnDemandResult result =
cloudFoundryServerGroupCachingAgent.handle(mockProviderCache, data);

assertThat(result).isNull();
verify(organizations).findSpaceByRegion(eq(region));
verify(mockApplications).findServerGroupByNameAndSpaceId(eq(serverGroupName), eq(spaceId));
assertThat(result).isNotNull();
assertThat(result.getEvictions()).hasSize(1);
assertThat(result.getEvictions().get(SERVER_GROUPS.getNs())).containsExactly("key");
}

@Test
Expand Down
2 changes: 1 addition & 1 deletion .../spinnaker/clouddriver/cloudfoundry/security/CloudFoundryCredentialsSynchronizerTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -149,7 +149,7 @@ private CloudFoundryConfigurationProperties.ManagedAccount createAccount(String

private CloudFoundryCredentials createCredentials(String name) {
return new CloudFoundryCredentials(
name, null, null, "api." + name, "user-" + name, "pwd-" + name, null, false, 500, 16);
name, null, null, "api." + name, "user-" + name, "pwd-" + name, null, false, null, 16);
}

private void loadProviderFromRepository() {
Expand Down