github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Adjust defaults of audit webhook backends 

Signed-off-by: Mik Vyatskov <vmik@google.com>
pull/6/head
Mik Vyatskov 2017-10-05 23:18:55 +02:00
parent d2bbeb6665
commit 5f4ff9f283
2 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
staging/src/k8s.io/apiserver/plugin/pkg/audit/webhook/BUILD
View File

@ -41,6 +41,7 @@ go_library(
"//vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1:go_default_library", "//vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1:go_default_library",
"//vendor/k8s.io/apiserver/pkg/audit:go_default_library", "//vendor/k8s.io/apiserver/pkg/audit:go_default_library",
"//vendor/k8s.io/apiserver/pkg/util/webhook:go_default_library", "//vendor/k8s.io/apiserver/pkg/util/webhook:go_default_library",
"//vendor/k8s.io/client-go/rest:go_default_library",
], ],
) )

17
staging/src/k8s.io/apiserver/plugin/pkg/audit/webhook/webhook.go
View File

@ -34,6 +34,7 @@ import (
auditv1beta1 "k8s.io/apiserver/pkg/apis/audit/v1beta1" auditv1beta1 "k8s.io/apiserver/pkg/apis/audit/v1beta1"
"k8s.io/apiserver/pkg/audit" "k8s.io/apiserver/pkg/audit"
"k8s.io/apiserver/pkg/util/webhook" "k8s.io/apiserver/pkg/util/webhook"
"k8s.io/client-go/rest"
) )
const ( const (
@ -58,9 +59,10 @@ const (
// //
// TODO(ericchiang): Make these value configurable. Maybe through a // TODO(ericchiang): Make these value configurable. Maybe through a
// kubeconfig extension? // kubeconfig extension?
defaultBatchBufferSize = 1000 // Buffer up to 1000 events before blocking. defaultBatchBufferSize = 10000 // Buffer up to 10000 events before starting discarding.
defaultBatchMaxSize = 100 // Only send 100 events at a time. defaultBatchMaxSize = 400 // Only send up to 400 events at a time.
defaultBatchMaxWait = time.Minute // Send events at least once a minute. defaultBatchMaxWait = 30 * time.Second // Send events at least twice a minute.
defaultInitialBackoff = 10 * time.Second // Wait at least 10 seconds before retrying.
) )
// The plugin name reported in error metrics. // The plugin name reported in error metrics.
@ -100,7 +102,8 @@ func init() {
} }
func loadWebhook(configFile string, groupVersion schema.GroupVersion) (*webhook.GenericWebhook, error) { func loadWebhook(configFile string, groupVersion schema.GroupVersion) (*webhook.GenericWebhook, error) {
return webhook.NewGenericWebhook(registry, audit.Codecs, configFile, []schema.GroupVersion{groupVersion}, 0) return webhook.NewGenericWebhook(registry, audit.Codecs, configFile,
[]schema.GroupVersion{groupVersion}, defaultInitialBackoff)
} }
func newBlockingWebhook(configFile string, groupVersion schema.GroupVersion) (*blockingBackend, error) { func newBlockingWebhook(configFile string, groupVersion schema.GroupVersion) (*blockingBackend, error) {
@ -314,9 +317,9 @@ func (b *batchBackend) sendBatchEvents(events []auditinternal.Event) {
defer b.reqMutex.RUnlock() defer b.reqMutex.RUnlock()
defer runtime.HandleCrash() defer runtime.HandleCrash()
err := webhook.WithExponentialBackoff(0, func() error { err := b.w.WithExponentialBackoff(func() rest.Result {
return b.w.RestClient.Post().Body(&list).Do().Error() return b.w.RestClient.Post().Body(&list).Do()
}) }).Error()
if err != nil { if err != nil {
impacted := make([]*auditinternal.Event, len(events)) impacted := make([]*auditinternal.Event, len(events))
for i := range events { for i := range events {