From 5f4ff9f28341d58a4a905a0e86742aa6c90e81bf Mon Sep 17 00:00:00 2001
From: Mik Vyatskov <vmik@google.com>
Date: Thu, 5 Oct 2017 23:18:55 +0200
Subject: [PATCH] Adjust defaults of audit webhook backends

Signed-off-by: Mik Vyatskov <vmik@google.com>
---
 .../apiserver/plugin/pkg/audit/webhook/BUILD    |  1 +
 .../plugin/pkg/audit/webhook/webhook.go         | 17 ++++++++++-------
 2 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/audit/webhook/BUILD b/staging/src/k8s.io/apiserver/plugin/pkg/audit/webhook/BUILD
index fd43d807e7..dfd5e16ce0 100644
--- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/webhook/BUILD
+++ b/staging/src/k8s.io/apiserver/plugin/pkg/audit/webhook/BUILD
@@ -41,6 +41,7 @@ go_library(
         "//vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/audit:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/webhook:go_default_library",
+        "//vendor/k8s.io/client-go/rest:go_default_library",
     ],
 )
 
diff --git a/staging/src/k8s.io/apiserver/plugin/pkg/audit/webhook/webhook.go b/staging/src/k8s.io/apiserver/plugin/pkg/audit/webhook/webhook.go
index bcec271b50..4f8190b84d 100644
--- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/webhook/webhook.go
+++ b/staging/src/k8s.io/apiserver/plugin/pkg/audit/webhook/webhook.go
@@ -34,6 +34,7 @@ import (
 	auditv1beta1 "k8s.io/apiserver/pkg/apis/audit/v1beta1"
 	"k8s.io/apiserver/pkg/audit"
 	"k8s.io/apiserver/pkg/util/webhook"
+	"k8s.io/client-go/rest"
 )
 
 const (
@@ -58,9 +59,10 @@ const (
 	//
 	// TODO(ericchiang): Make these value configurable. Maybe through a
 	// kubeconfig extension?
-	defaultBatchBufferSize = 1000        // Buffer up to 1000 events before blocking.
-	defaultBatchMaxSize    = 100         // Only send 100 events at a time.
-	defaultBatchMaxWait    = time.Minute // Send events at least once a minute.
+	defaultBatchBufferSize = 10000            // Buffer up to 10000 events before starting discarding.
+	defaultBatchMaxSize    = 400              // Only send up to 400 events at a time.
+	defaultBatchMaxWait    = 30 * time.Second // Send events at least twice a minute.
+	defaultInitialBackoff  = 10 * time.Second // Wait at least 10 seconds before retrying.
 )
 
 // The plugin name reported in error metrics.
@@ -100,7 +102,8 @@ func init() {
 }
 
 func loadWebhook(configFile string, groupVersion schema.GroupVersion) (*webhook.GenericWebhook, error) {
-	return webhook.NewGenericWebhook(registry, audit.Codecs, configFile, []schema.GroupVersion{groupVersion}, 0)
+	return webhook.NewGenericWebhook(registry, audit.Codecs, configFile,
+		[]schema.GroupVersion{groupVersion}, defaultInitialBackoff)
 }
 
 func newBlockingWebhook(configFile string, groupVersion schema.GroupVersion) (*blockingBackend, error) {
@@ -314,9 +317,9 @@ func (b *batchBackend) sendBatchEvents(events []auditinternal.Event) {
 		defer b.reqMutex.RUnlock()
 		defer runtime.HandleCrash()
 
-		err := webhook.WithExponentialBackoff(0, func() error {
-			return b.w.RestClient.Post().Body(&list).Do().Error()
-		})
+		err := b.w.WithExponentialBackoff(func() rest.Result {
+			return b.w.RestClient.Post().Body(&list).Do()
+		}).Error()
 		if err != nil {
 			impacted := make([]*auditinternal.Event, len(events))
 			for i := range events {