istio.io/istio@v0.0.0-20240520182934-d79c90f27776/pkg/security/retry.go

istio.io/istio@v0.0.0-20240520182934-d79c90f27776/pkg/security/retry.go (about)

     1  // Copyright Istio Authors
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package security
    16  
    17  import (
    18  	"time"
    19  
    20  	retry "github.com/grpc-ecosystem/go-grpc-middleware/retry"
    21  	"google.golang.org/grpc"
    22  	"google.golang.org/grpc/codes"
    23  
    24  	"istio.io/istio/pkg/log"
    25  	"istio.io/istio/security/pkg/monitoring"
    26  )
    27  
    28  var caLog = log.RegisterScope("ca", "ca client")
    29  
    30  // CARetryOptions returns the default retry options recommended for CA calls
    31  // This includes 5 retries, with backoff from 100ms -> 1.6s with jitter.
    32  var CARetryOptions = []retry.CallOption{
    33  	retry.WithMax(5),
    34  	retry.WithBackoff(wrapBackoffWithMetrics(retry.BackoffExponentialWithJitter(100*time.Millisecond, 0.1))),
    35  	retry.WithCodes(codes.Canceled, codes.DeadlineExceeded, codes.ResourceExhausted, codes.Aborted, codes.Internal, codes.Unavailable),
    36  }
    37  
    38  // CARetryInterceptor is a grpc UnaryInterceptor that adds retry options, as a convenience wrapper
    39  // around CARetryOptions. If needed to chain with other interceptors, the CARetryOptions can be used
    40  // directly.
    41  func CARetryInterceptor() grpc.DialOption {
    42  	return grpc.WithUnaryInterceptor(retry.UnaryClientInterceptor(CARetryOptions...))
    43  }
    44  
    45  // grpcretry has no hooks to trigger logic on failure (https://github.com/grpc-ecosystem/go-grpc-middleware/issues/375)
    46  // Instead, we can wrap the backoff hook to log/increment metrics before returning the backoff result.
    47  func wrapBackoffWithMetrics(bf retry.BackoffFunc) retry.BackoffFunc {
    48  	return func(attempt uint) time.Duration {
    49  		wait := bf(attempt)
    50  		caLog.Warnf("ca request failed, starting attempt %d in %v", attempt, wait)
    51  		monitoring.NumOutgoingRetries.With(monitoring.RequestType.Value(monitoring.CSR)).Increment()
    52  		return wait
    53  	}
    54  }