Skip to content

Commit

Permalink
Merge pull request #23167 from cjcullen/sshcheck
Browse files Browse the repository at this point in the history
Auto commit by PR queue bot
(cherry picked from commit 10204f8)
  • Loading branch information
k8s-merge-robot authored and eparis committed Mar 24, 2016
1 parent a428e51 commit f2dc075
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 0 deletions.
4 changes: 4 additions & 0 deletions pkg/master/master.go
Original file line number Diff line number Diff line change
Expand Up @@ -858,5 +858,9 @@ func (m *Master) IsTunnelSyncHealthy(req *http.Request) error {
if lag > 600 {
return fmt.Errorf("Tunnel sync is taking to long: %d", lag)
}
sshKeyLag := m.tunneler.SecondsSinceSSHKeySync()
if sshKeyLag > 600 {
return fmt.Errorf("SSHKey sync is taking to long: %d", sshKeyLag)
}
return nil
}
11 changes: 11 additions & 0 deletions pkg/master/tunneler.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ type Tunneler interface {
Stop()
Dial(net, addr string) (net.Conn, error)
SecondsSinceSync() int64
SecondsSinceSSHKeySync() int64
}

type SSHTunneler struct {
Expand All @@ -51,6 +52,7 @@ type SSHTunneler struct {

tunnels *ssh.SSHTunnelList
lastSync int64 // Seconds since Epoch
lastSSHKeySync int64 // Seconds since Epoch
lastSyncMetric prometheus.GaugeFunc
clock util.Clock

Expand Down Expand Up @@ -101,6 +103,7 @@ func (c *SSHTunneler) Run(getAddresses AddressFunc) {

c.tunnels = ssh.NewSSHTunnelList(c.SSHUser, c.SSHKeyfile, c.HealthCheckURL, c.stopChan)
// Sync loop to ensure that the SSH key has been installed.
c.lastSSHKeySync = c.clock.Now().Unix()
c.installSSHKeySyncLoop(c.SSHUser, publicKeyFile)
// Sync tunnelList w/ nodes.
c.lastSync = c.clock.Now().Unix()
Expand All @@ -125,6 +128,12 @@ func (c *SSHTunneler) SecondsSinceSync() int64 {
return now - then
}

func (c *SSHTunneler) SecondsSinceSSHKeySync() int64 {
now := c.clock.Now().Unix()
then := atomic.LoadInt64(&c.lastSSHKeySync)
return now - then
}

func (c *SSHTunneler) installSSHKeySyncLoop(user, publicKeyfile string) {
go wait.Until(func() {
if c.InstallSSHKey == nil {
Expand All @@ -143,7 +152,9 @@ func (c *SSHTunneler) installSSHKeySyncLoop(user, publicKeyfile string) {
}
if err := c.InstallSSHKey(user, keyData); err != nil {
glog.Errorf("Failed to install ssh key: %v", err)
return
}
atomic.StoreInt64(&c.lastSSHKeySync, c.clock.Now().Unix())
}, 5*time.Minute, c.stopChan)
}

Expand Down
1 change: 1 addition & 0 deletions pkg/master/tunneler_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,7 @@ func TestIsTunnelSyncHealthy(t *testing.T) {

// Pass case: 540 second lag
tunneler.lastSync = time.Date(2015, time.January, 1, 1, 1, 1, 1, time.UTC).Unix()
tunneler.lastSSHKeySync = time.Date(2015, time.January, 1, 1, 1, 1, 1, time.UTC).Unix()
tunneler.clock = util.NewFakeClock(time.Date(2015, time.January, 1, 1, 9, 1, 1, time.UTC))
err := master.IsTunnelSyncHealthy(nil)
assert.NoError(err, "IsTunnelSyncHealthy() should not have returned an error.")
Expand Down

0 comments on commit f2dc075

Please sign in to comment.