mirror of
https://github.com/pomerium/pomerium.git
synced 2025-08-03 16:59:22 +02:00
zero: resource bundle reconciler (#4445)
This commit is contained in:
Denis Mishin
Kenneth Jenkins
parent
c0b1309e90
commit
ea8762d706
17 changed files with 1559 additions and 0 deletions
89
internal/zero/reconciler/service.go
Normal file
89
internal/zero/reconciler/service.go
Normal file
|
|
@ -0,0 +1,89 @@
|
|||
package reconciler
|
||||
|
||||
/*
|
||||
* This is a main control loop for the reconciler service.
|
||||
*
|
||||
*/
|
||||
|
||||
import (
|
||||
"context"
|
||||
"time"
|
||||
|
||||
"golang.org/x/sync/errgroup"
|
||||
"golang.org/x/time/rate"
|
||||
|
||||
"github.com/pomerium/pomerium/internal/atomicutil"
|
||||
connect_mux "github.com/pomerium/zero-sdk/connect-mux"
|
||||
)
|
||||
|
||||
type service struct {
|
||||
config *reconcilerConfig
|
||||
|
||||
databrokerRateLimit *rate.Limiter
|
||||
|
||||
bundles BundleQueue
|
||||
|
||||
fullSyncRequest chan struct{}
|
||||
bundleSyncRequest chan struct{}
|
||||
periodicUpdateInterval atomicutil.Value[time.Duration]
|
||||
}
|
||||
|
||||
// Run creates a new bundle updater client
|
||||
// that runs until the context is canceled or a fatal error occurs.
|
||||
func Run(ctx context.Context, opts ...Option) error {
|
||||
config := newConfig(opts...)
|
||||
|
||||
c := &service{
|
||||
config: config,
|
||||
databrokerRateLimit: rate.NewLimiter(rate.Limit(config.databrokerRPS), 1),
|
||||
fullSyncRequest: make(chan struct{}, 1),
|
||||
}
|
||||
c.periodicUpdateInterval.Store(config.checkForUpdateIntervalWhenDisconnected)
|
||||
|
||||
eg, ctx := errgroup.WithContext(ctx)
|
||||
eg.Go(func() error { return c.watchUpdates(ctx) })
|
||||
eg.Go(func() error { return c.SyncLoop(ctx) })
|
||||
|
||||
return eg.Wait()
|
||||
}
|
||||
|
||||
// run is a main control loop.
|
||||
// it is very simple and sequential download and reconcile.
|
||||
// it may be later optimized by splitting between download and reconciliation process,
|
||||
// as we would get more resource bundles beyond the config.
|
||||
func (c *service) watchUpdates(ctx context.Context) error {
|
||||
return c.config.api.Watch(ctx,
|
||||
connect_mux.WithOnConnected(func(ctx context.Context) {
|
||||
c.triggerFullUpdate(true)
|
||||
}),
|
||||
connect_mux.WithOnDisconnected(func(_ context.Context) {
|
||||
c.triggerFullUpdate(false)
|
||||
}),
|
||||
connect_mux.WithOnBundleUpdated(func(_ context.Context, key string) {
|
||||
c.triggerBundleUpdate(key)
|
||||
}),
|
||||
)
|
||||
}
|
||||
|
||||
func (c *service) triggerBundleUpdate(id string) {
|
||||
c.periodicUpdateInterval.Store(c.config.checkForUpdateIntervalWhenConnected)
|
||||
c.bundles.MarkForSync(id)
|
||||
|
||||
select {
|
||||
case c.fullSyncRequest <- struct{}{}:
|
||||
default:
|
||||
}
|
||||
}
|
||||
|
||||
func (c *service) triggerFullUpdate(connected bool) {
|
||||
timeout := c.config.checkForUpdateIntervalWhenDisconnected
|
||||
if connected {
|
||||
timeout = c.config.checkForUpdateIntervalWhenConnected
|
||||
}
|
||||
c.periodicUpdateInterval.Store(timeout)
|
||||
|
||||
select {
|
||||
case c.fullSyncRequest <- struct{}{}:
|
||||
default:
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue