|
|
|
@ -1311,30 +1311,39 @@ func (l *State) deleteService(key structs.ServiceID) error {
|
|
|
|
l.logger.Info("Deregistered service", "service", key.ID)
|
|
|
|
l.logger.Info("Deregistered service", "service", key.ID)
|
|
|
|
return nil
|
|
|
|
return nil
|
|
|
|
case acl.IsErrNotFound(err):
|
|
|
|
case acl.IsErrNotFound(err):
|
|
|
|
// token might have sunken already, fallback to the default token
|
|
|
|
// token might have sunken already, fallback to the default token
|
|
|
|
var out struct{}
|
|
|
|
var out struct{}
|
|
|
|
err := l.Delegate.RPC("Catalog.Deregister", &fallback_req, &out)
|
|
|
|
err := l.Delegate.RPC("Catalog.Deregister", &fallback_req, &out)
|
|
|
|
switch {
|
|
|
|
switch {
|
|
|
|
case err == nil:
|
|
|
|
case err == nil || strings.Contains(err.Error(), "Unknown service"):
|
|
|
|
delete(l.services, key)
|
|
|
|
delete(l.services, key)
|
|
|
|
// service deregister also deletes associated checks
|
|
|
|
// service deregister also deletes associated checks
|
|
|
|
for _, c := range l.checks {
|
|
|
|
for _, c := range l.checks {
|
|
|
|
if c.Deleted && c.Check != nil {
|
|
|
|
if c.Deleted && c.Check != nil {
|
|
|
|
sid := c.Check.CompoundServiceID()
|
|
|
|
sid := c.Check.CompoundServiceID()
|
|
|
|
if sid.Matches(key) {
|
|
|
|
if sid.Matches(key) {
|
|
|
|
l.pruneCheck(c.Check.CompoundCheckID())
|
|
|
|
l.pruneCheck(c.Check.CompoundCheckID())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
l.logger.Info("Deregistered service", "service", key.ID)
|
|
|
|
l.logger.Info("Deregistered service with fallback_req", "service", key.ID)
|
|
|
|
return nil
|
|
|
|
return nil
|
|
|
|
default:
|
|
|
|
case acl.IsErrPermissionDenied(err):
|
|
|
|
l.logger.Warn("Deregistering service failed.",
|
|
|
|
// todo(fs): mark the service to be in sync to prevent excessive retrying before next full sync
|
|
|
|
"service", key.String(),
|
|
|
|
// todo(fs): some backoff strategy might be a better solution
|
|
|
|
"error", err,
|
|
|
|
l.services[key].InSync = true
|
|
|
|
)
|
|
|
|
accessorID := l.aclAccessorID(st)
|
|
|
|
return err
|
|
|
|
l.logger.Warn("Service deregistration blocked by ACLs with fallback_req", "service", key.String(), "accessorID", accessorID)
|
|
|
|
}
|
|
|
|
metrics.IncrCounter([]string{"acl", "blocked", "service", "deregistration"}, 1)
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
|
|
|
l.logger.Warn("Deregistering service failed with fallback_req.",
|
|
|
|
|
|
|
|
"service", key.String(),
|
|
|
|
|
|
|
|
"error", err,
|
|
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
return err
|
|
|
|
|
|
|
|
}
|
|
|
|
case acl.IsErrPermissionDenied(err):
|
|
|
|
case acl.IsErrPermissionDenied(err):
|
|
|
|
// todo(fs): mark the service to be in sync to prevent excessive retrying before next full sync
|
|
|
|
// todo(fs): mark the service to be in sync to prevent excessive retrying before next full sync
|
|
|
|
// todo(fs): some backoff strategy might be a better solution
|
|
|
|
// todo(fs): some backoff strategy might be a better solution
|
|
|
|
@ -1533,26 +1542,34 @@ func (l *State) syncCheck(key structs.CheckID) error {
|
|
|
|
return nil
|
|
|
|
return nil
|
|
|
|
|
|
|
|
|
|
|
|
case acl.IsErrNotFound(err):
|
|
|
|
case acl.IsErrNotFound(err):
|
|
|
|
// token might have sunken already, fallback to the default token
|
|
|
|
// token might have sunken already, fallback to the default token
|
|
|
|
var out struct{}
|
|
|
|
var out struct{}
|
|
|
|
err := l.Delegate.RPC("Catalog.Register", &fallback_req, &out)
|
|
|
|
err := l.Delegate.RPC("Catalog.Register", &fallback_req, &out)
|
|
|
|
switch {
|
|
|
|
switch {
|
|
|
|
case err == nil:
|
|
|
|
case err == nil:
|
|
|
|
l.checks[key].InSync = true
|
|
|
|
l.checks[key].InSync = true
|
|
|
|
// Given how the register API works, this info is also updated
|
|
|
|
// Given how the register API works, this info is also updated
|
|
|
|
// every time we sync a check.
|
|
|
|
// every time we sync a check.
|
|
|
|
l.nodeInfoInSync = true
|
|
|
|
l.nodeInfoInSync = true
|
|
|
|
l.logger.Info("Synced check", "check", key.String())
|
|
|
|
l.logger.Info("Synced check with fallback_req", "check", key.String())
|
|
|
|
return nil
|
|
|
|
return nil
|
|
|
|
default:
|
|
|
|
case acl.IsErrPermissionDenied(err):
|
|
|
|
l.logger.Warn("Syncing check failed.",
|
|
|
|
// todo(fs): mark the check to be in sync to prevent excessive retrying before next full sync
|
|
|
|
"check", key.String(),
|
|
|
|
// todo(fs): some backoff strategy might be a better solution
|
|
|
|
"error", err,
|
|
|
|
l.checks[key].InSync = true
|
|
|
|
)
|
|
|
|
accessorID := l.aclAccessorID(ct)
|
|
|
|
return err
|
|
|
|
l.logger.Warn("Check registration blocked by ACLs with fallback_req", "check", key.String(), "accessorID", accessorID)
|
|
|
|
}
|
|
|
|
metrics.IncrCounter([]string{"acl", "blocked", "check", "registration"}, 1)
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
|
|
|
l.logger.Warn("Syncing check failed with fallback_req.",
|
|
|
|
|
|
|
|
"check", key.String(),
|
|
|
|
|
|
|
|
"error", err,
|
|
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
return err
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
case acl.IsErrPermissionDenied(err), acl.IsErrNotFound(err):
|
|
|
|
case acl.IsErrPermissionDenied(err):
|
|
|
|
// todo(fs): mark the check to be in sync to prevent excessive retrying before next full sync
|
|
|
|
// todo(fs): mark the check to be in sync to prevent excessive retrying before next full sync
|
|
|
|
// todo(fs): some backoff strategy might be a better solution
|
|
|
|
// todo(fs): some backoff strategy might be a better solution
|
|
|
|
l.checks[key].InSync = true
|
|
|
|
l.checks[key].InSync = true
|
|
|
|
|
John A. Lotoski
3 years ago
committed by