Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

worker auth: load correct records and ability to remove unused #4822

Closed
wants to merge 2 commits into from
Closed

worker auth: load correct records and ability to remove unused #4822

wants to merge 2 commits into from

Conversation

irenarindos
Copy link
Collaborator

Note: this will fail until the corresponding Nodeenrollment change is released

@irenarindos irenarindos mentioned this pull request May 23, 2024
Closed
johanbrandhorst
johanbrandhorst reviewed May 23, 2024
View reviewed changes
Copy link
Collaborator

@johanbrandhorst johanbrandhorst left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should fix the subsequent node rotation attempt, but will it fix the dialing errors we were seeing too? This relies on us having at least two active controller connections when the split brain error happens, since one will be lost during the EOF error, and the other will be required to try to rotate again. In a perfect world, I think that means the second rotation should go through and the split brain scenario should be resolved, but what if there's only a single controller and this happens? Since the worker can't tell the controller to delete unused credentials until it's able to complete dialing, I think we'll need a fix on the controller side of the dialing too.

internal/db/schema/migrations/oss/postgres/88/01_worker_auth_invariant_trigger.up.sql Outdated Show resolved Hide resolved
internal/db/schema/migrations/oss/postgres/88/01_worker_auth_invariant_trigger.up.sql Outdated Show resolved Hide resolved
internal/db/sqltest/tests/server/server_worker_worker_auth.sql Outdated Show resolved Hide resolved
internal/server/repository_workerauth.go Outdated Show resolved Hide resolved
@irenarindos
Copy link
Collaborator Author

This should fix the subsequent node rotation attempt, but will it fix the dialing errors we were seeing too? This relies on us having at least two active controller connections when the split brain error happens, since one will be lost during the EOF error, and the other will be required to try to rotate again. In a perfect world, I think that means the second rotation should go through and the split brain scenario should be resolved, but what if there's only a single controller and this happens? Since the worker can't tell the controller to delete unused credentials until it's able to complete dialing, I think we'll need a fix on the controller side of the dialing too.

It will fix the dialing errors; those were a result of GenerateServerCertificates calling LoadNodeInformation for a key id and the old logic there. We incorrectly assumed that the key id passed in was current and assigned the current auth record creds to the returned node information.

@irenarindos irenarindos added this to the 0.16.x milestone May 24, 2024
@irenarindos irenarindos closed this Jun 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@johanbrandhorst johanbrandhorst johanbrandhorst left review comments

@jefferai jefferai Awaiting requested review from jefferai

Assignees
No one assigned
Labels
core/db core/server core/sql core
Projects
None yet
Milestone
0.16.x
Development

Successfully merging this pull request may close these issues.
2 participants
@irenarindos @johanbrandhorst