-
Notifications
You must be signed in to change notification settings - Fork 98
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
vault: delay the usage of renewed auth tokens (#488)
This commit adds a delay that has to ellapse before a new Vault auth. token is used. A dist. Vault cluster may experience some replication lag. Hence, some cluster nodes already have the renewed token while others don't. If KES makes a request to a Vault node that does not have the renewed token, then the Vault node will reject the request. By waiting a certain amount of time (e.g. 30s) KES allows the Vault cluster to sync a renewed token to all peer nodes. KES cannot know when the token will be replicated but 30s seems a reasonable value for most practical purposes. Signed-off-by: Andreas Auernhammer <[email protected]> Co-authored-by: kannappanr <[email protected]>
- Loading branch information
1 parent
db17a10
commit d3b6494
Showing
1 changed file
with
41 additions
and
26 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters