Merge pull request #1841 from jpculp/imds-token-tokio-retry

imdsclient: better retries with tokio retry and timeout
bottlerocket-os · Dec 15, 2021 · 4db4b5a · 4db4b5a
2 parents 76ca753 + 5e5200e
commit 4db4b5a
Show file tree

Hide file tree

Showing 7 changed files with 226 additions and 150 deletions.
diff --git a/sources/Cargo.lock b/sources/Cargo.lock
diff --git a/sources/api/early-boot-config/src/provider/aws.rs b/sources/api/early-boot-config/src/provider/aws.rs
@@ -85,7 +85,7 @@ impl PlatformDataProvider for AwsDataProvider {
     ) -> std::result::Result<Vec<SettingsJson>, Box<dyn std::error::Error>> {
         let mut output = Vec::new();
 
-        let mut client = ImdsClient::new().await.context(error::ImdsClient)?;
+        let mut client = ImdsClient::new();
 
         // Attempt to read from local file first on the `aws-dev` variant
         #[cfg(bottlerocket_platform = "aws-dev")]

diff --git a/sources/api/pluto/src/main.rs b/sources/api/pluto/src/main.rs
@@ -303,7 +303,7 @@ fn parse_args(mut args: env::Args) -> String {
 
 async fn run() -> Result<()> {
     let setting_name = parse_args(env::args());
-    let mut client = ImdsClient::new().await.context(error::ImdsClient)?;
+    let mut client = ImdsClient::new();
 
     let setting = match setting_name.as_ref() {
         "cluster-dns-ip" => get_cluster_dns_ip(&mut client).await,

diff --git a/sources/api/shibaken/src/main.rs b/sources/api/shibaken/src/main.rs
@@ -42,7 +42,7 @@ impl UserData {
 /// Returns a list of public keys.
 async fn fetch_public_keys_from_imds() -> Result<Vec<String>> {
     info!("Connecting to IMDS");
-    let mut client = ImdsClient::new().await.context(error::ImdsClient)?;
+    let mut client = ImdsClient::new();
     let public_keys = client
         .fetch_public_ssh_keys()
         .await

diff --git a/sources/imdsclient/Cargo.toml b/sources/imdsclient/Cargo.toml
@@ -16,6 +16,7 @@ reqwest = { version = "0.11.1", default-features = false }
 serde_json = "1"
 snafu = "0.6"
 tokio = { version = "~1.8", default-features = false, features = ["macros", "rt-multi-thread", "time"] }  # LTS
+tokio-retry = "0.3"
 url = "2.1.1"
 
 [build-dependencies]

diff --git a/sources/imdsclient/README.md b/sources/imdsclient/README.md
@@ -6,6 +6,9 @@ Current version: 0.1.0
 
 The library uses IMDSv2 (session-oriented) requests over a pinned schema to guarantee compatibility.
 Session tokens are fetched automatically and refreshed if the request receives a `401` response.
+If an IMDS token fetch or query fails, the library will continue to retry with a fibonacci backoff
+strategy until it is successful or times out. The default timeout is 300s to match the ifup timeout
+set in wicked.service, but can configured using `.with_timeout` during client creation.
 
 Each public method is explicitly targeted and return either bytes or a `String`.