ES-13905 Infinite retry for 403 CSP errors#144616
Open
zhubotang-wq wants to merge 12 commits intoelastic:mainfrom
Open
ES-13905 Infinite retry for 403 CSP errors#144616zhubotang-wq wants to merge 12 commits intoelastic:mainfrom
zhubotang-wq wants to merge 12 commits intoelastic:mainfrom
Conversation
Contributor
Author
|
Initial elicitation for feedbacks. |
elasticsearchmachine
added
v9.4.0
needs:triage
zhubotang-wq
added
:Distributed/Distributed
Collaborator
|
Pinging @elastic/es-distributed (Team:Distributed) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes: ES-13905
Cloud storage services use an eventual consistency model for identity, access control, and metadata. As a result, they may occasionally return transient 403 Forbidden errors even when permissions are correctly configured. This class wraps the blobContainer to provide a dedicated retry mechanism initially for handling these 403 errors.
My intention is to separate the retry limit for a particular type of CSP error. I have considered the following options
Option 1: Application-Level Retry Wrapper. In this PR, I opted for this approach, the FilterBlobContainer already did most of the work for me and it is ideal suited for this purpose.
Option 2: I can dive into cloud client SDK.
Option 3: increase the overall retry budget.
I expect a fair amount iterations for this. But I feel a custom wrapper around blobStore that specifically retry in event of 403 is a fairly surgical way to increase robustness with small amount of risks.