mirror of
https://github.com/kemko/nomad.git
synced 2026-01-04 17:35:43 +03:00
f0330d6df1
The allocrunner's `identity_hook` implements the interface for TaskStop, but this interface is only ever called for task-level hooks. This results in a leaked goroutine that tries to periodically renew WIs until the client shuts down gracefully. Add an implementation for the allocrunner's `PreKill` and `Destroy` hooks, so that whenever an allocation is stopped or garbage collected we stop renewing its Workload Identities. This also requires making the `Shutdown` method of `WIDMgr` safe to call multiple times.
53 lines
1.1 KiB
Go
53 lines
1.1 KiB
Go
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: BUSL-1.1
|
|
|
|
package allocrunner
|
|
|
|
import (
|
|
log "github.com/hashicorp/go-hclog"
|
|
"github.com/hashicorp/nomad/client/widmgr"
|
|
)
|
|
|
|
type identityHook struct {
|
|
widmgr widmgr.IdentityManager
|
|
logger log.Logger
|
|
}
|
|
|
|
func newIdentityHook(logger log.Logger, widmgr widmgr.IdentityManager) *identityHook {
|
|
h := &identityHook{
|
|
widmgr: widmgr,
|
|
}
|
|
h.logger = logger.Named(h.Name())
|
|
return h
|
|
}
|
|
|
|
func (*identityHook) Name() string {
|
|
return "identity"
|
|
}
|
|
|
|
func (h *identityHook) Prerun() error {
|
|
// run the renewal
|
|
if err := h.widmgr.Run(); err != nil {
|
|
return err
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// PreKill implements interfaces.PreKill and is called on allocation stop
|
|
func (h *identityHook) PreKill() {
|
|
h.widmgr.Shutdown()
|
|
}
|
|
|
|
// Destroy implements interfaces.Destroy and is called on allocation GC
|
|
func (h *identityHook) Destroy() error {
|
|
h.widmgr.Shutdown()
|
|
return nil
|
|
}
|
|
|
|
// Shutdown implements interfaces.ShutdownHook and is called when the client
|
|
// gracefully shuts down
|
|
func (h *identityHook) Shutdown() {
|
|
h.widmgr.Shutdown()
|
|
}
|