athena audit logs - single consumer on auth by tobiaszheller · Pull Request #25639 · gravitational/teleport

tobiaszheller · 2023-05-04T16:18:33Z

Part of https://github.com/gravitational/teleport.e/issues/894
RFD: https://github.com/gravitational/teleport/blob/master/rfd/0118-scalable-audit-logs.md

This PR enable running consumer on single auth instance using object locking.

in 7270f8b
there are changes to runWhileLocked: passing config and releasing lock with ctx.background.

Fixes #15210

tobiaszheller · 2023-05-04T16:19:30Z

@mdwn you may be interested in review just this single commit: 7270f8b

tobiaszheller · 2023-05-11T10:26:50Z

@rosstimothy @camscale @timothyb89 friendly ping for review

public-teleport-github-review-bot · 2023-05-16T09:15:03Z

@tobiaszheller See the table below for backport results.

Branch	Result
branch/v13	Failed

public-teleport-github-review-bot · 2023-05-17T12:44:43Z

@tobiaszheller See the table below for backport results.

Branch	Result
branch/v13	Failed

public-teleport-github-review-bot · 2023-05-17T13:51:57Z

@tobiaszheller See the table below for backport results.

Branch	Result
branch/v13	Create PR

* Add configuration with optional timeout to AcquireLock (#24559) * Add configuration with optional timeout to AcquireLock * rename to RetryInterval * backport RunWhileLocked changes from #25639 * Hold Auth init lock for the duration of initialization (#29593) Auth now uses `RunWhileLocked` instead of `AcquireLock` to ensure that the initialization lock is held until the bootstrapping process is completed. Prior, Auth only held the lock for 30s which could allow multiple Auths to attempt bootstrapping simultaneously. Initialization should complete prior to 30s in most cases, but it is not guarateed, especially on first boot when CAs are being generated and a large data migration may be needed. --------- Co-authored-by: Tobiasz Heller <14020794+tobiaszheller@users.noreply.github.com>

github-actions Bot requested review from camscale and timothyb89 May 4, 2023 16:18

tobiaszheller requested a review from rosstimothy May 4, 2023 16:19

github-actions Bot added audit-log Issues related to Teleports Audit Log size/md labels May 4, 2023

tobiaszheller changed the title ~~athena audit logs - single auth~~ athena audit logs - single consumer on auth May 5, 2023

camscale reviewed May 8, 2023

View reviewed changes

Comment thread lib/backend/helpers.go Outdated

Comment thread lib/backend/helpers.go

Comment thread lib/events/athena/consumer.go Outdated

Comment thread lib/events/athena/consumer.go Outdated

Comment thread lib/events/athena/consumer.go Outdated

tobiaszheller requested a review from camscale May 9, 2023 09:36

tobiaszheller commented May 9, 2023

View reviewed changes

Comment thread lib/auth/auth.go Outdated

rosstimothy reviewed May 10, 2023

View reviewed changes

tobiaszheller requested a review from rosstimothy May 11, 2023 10:26

rosstimothy approved these changes May 12, 2023

View reviewed changes

Comment thread lib/events/athena/consumer.go Outdated

Comment thread lib/events/athena/consumer.go Outdated

camscale approved these changes May 15, 2023

View reviewed changes

public-teleport-github-review-bot Bot removed the request for review from timothyb89 May 15, 2023 08:13

athena audit logs - run on single auth

05424c4

tobiaszheller force-pushed the tobiaszheller/auditevents-athena-single-auth-consumer-v3 branch from bba942b to 05424c4 Compare May 15, 2023 09:25

tobiaszheller enabled auto-merge May 15, 2023 09:26

tobiaszheller added this pull request to the merge queue May 15, 2023

github-merge-queue Bot removed this pull request from the merge queue due to failed status checks May 15, 2023

tobiaszheller added this pull request to the merge queue May 15, 2023

github-merge-queue Bot removed this pull request from the merge queue due to failed status checks May 15, 2023

tobiaszheller added this pull request to the merge queue May 15, 2023

github-merge-queue Bot removed this pull request from the merge queue due to failed status checks May 15, 2023

tobiaszheller added this pull request to the merge queue May 15, 2023

Merged via the queue into master with commit e9d397e May 15, 2023

tobiaszheller deleted the tobiaszheller/auditevents-athena-single-auth-consumer-v3 branch May 15, 2023 10:21

tobiaszheller added the backport/branch/v13 label May 15, 2023

tobiaszheller mentioned this pull request May 15, 2023

TestIntegrations/TwoClustersTunnel/node flakiness #26225

Closed

tobiaszheller mentioned this pull request May 17, 2023

[v13] athena audit logs - single consumer on auth #26443

Merged

rosstimothy added a commit that referenced this pull request Jul 27, 2023

backport RunWhileLocked changes from #25639

0dd6658

rosstimothy mentioned this pull request Jul 27, 2023

[v12] Hold Auth init lock for the duration of initialization #29709

Merged

rosstimothy added a commit that referenced this pull request Jul 27, 2023

backport RunWhileLocked changes from #25639

4002817

rosstimothy mentioned this pull request Jul 27, 2023

[v11] Hold Auth init lock for the duration of initialization #29710

Merged

Conversation

tobiaszheller commented May 4, 2023 • edited by espadolini Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

tobiaszheller commented May 4, 2023

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

tobiaszheller commented May 11, 2023

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

public-teleport-github-review-bot Bot commented May 16, 2023

Uh oh!

public-teleport-github-review-bot Bot commented May 17, 2023

Uh oh!

public-teleport-github-review-bot Bot commented May 17, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

tobiaszheller commented May 4, 2023 •

edited by espadolini

Loading