From 6d572ea9b76b284ba3e864a08d09f8872e3bde65 Mon Sep 17 00:00:00 2001
From: Xianglin Gao <xianglin.gxl@alibaba-inc.com>
Date: Wed, 10 Jun 2020 00:23:46 +0800
Subject: [PATCH] Add retries for CreateOrUpdateRoleBinding

Signed-off-by: Xianglin Gao <xianglin.gxl@alibaba-inc.com>
---
 cmd/kubeadm/app/util/apiclient/idempotency.go | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/cmd/kubeadm/app/util/apiclient/idempotency.go b/cmd/kubeadm/app/util/apiclient/idempotency.go
index f893c352cec..f47830bba6a 100644
--- a/cmd/kubeadm/app/util/apiclient/idempotency.go
+++ b/cmd/kubeadm/app/util/apiclient/idempotency.go
@@ -221,16 +221,18 @@ func CreateOrUpdateRole(client clientset.Interface, role *rbac.Role) error {
 
 // CreateOrUpdateRoleBinding creates a RoleBinding if the target resource doesn't exist. If the resource exists already, this function will update the resource instead.
 func CreateOrUpdateRoleBinding(client clientset.Interface, roleBinding *rbac.RoleBinding) error {
-	if _, err := client.RbacV1().RoleBindings(roleBinding.ObjectMeta.Namespace).Create(context.TODO(), roleBinding, metav1.CreateOptions{}); err != nil {
-		if !apierrors.IsAlreadyExists(err) {
-			return errors.Wrap(err, "unable to create RBAC rolebinding")
-		}
+	return wait.PollImmediate(constants.APICallRetryInterval, constants.APICallWithWriteTimeout, func() (bool, error) {
+		if _, err := client.RbacV1().RoleBindings(roleBinding.ObjectMeta.Namespace).Create(context.TODO(), roleBinding, metav1.CreateOptions{}); err != nil {
+			if !apierrors.IsAlreadyExists(err) {
+				return false, errors.Wrap(err, "unable to create RBAC rolebinding")
+			}
 
-		if _, err := client.RbacV1().RoleBindings(roleBinding.ObjectMeta.Namespace).Update(context.TODO(), roleBinding, metav1.UpdateOptions{}); err != nil {
-			return errors.Wrap(err, "unable to update RBAC rolebinding")
+			if _, err := client.RbacV1().RoleBindings(roleBinding.ObjectMeta.Namespace).Update(context.TODO(), roleBinding, metav1.UpdateOptions{}); err != nil {
+				return false, errors.Wrap(err, "unable to update RBAC rolebinding")
+			}
 		}
-	}
-	return nil
+		return true, nil
+	})
 }
 
 // CreateOrUpdateClusterRole creates a ClusterRole if the target resource doesn't exist. If the resource exists already, this function will update the resource instead.