From 6e66a359822a988f9acd7062c3731559535abcd5 Mon Sep 17 00:00:00 2001
From: Richa Banker <richabanker@google.com>
Date: Fri, 27 Sep 2024 16:54:08 -0700
Subject: [PATCH 1/2] reset err in resolveServingLocation() when the req can be
 served by local apiserver

---
 .../k8s.io/apiserver/pkg/util/peerproxy/peerproxy_handler.go | 3 ++-
 .../apiserver/pkg/util/peerproxy/peerproxy_handler_test.go   | 5 ++++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/staging/src/k8s.io/apiserver/pkg/util/peerproxy/peerproxy_handler.go b/staging/src/k8s.io/apiserver/pkg/util/peerproxy/peerproxy_handler.go
index 8e236a7505c..c1a77791d7f 100644
--- a/staging/src/k8s.io/apiserver/pkg/util/peerproxy/peerproxy_handler.go
+++ b/staging/src/k8s.io/apiserver/pkg/util/peerproxy/peerproxy_handler.go
@@ -199,7 +199,8 @@ func (h *peerProxyHandler) resolveServingLocation(apiservers *sync.Map) (bool, [
 		apiserverKey := key.(string)
 		if apiserverKey == h.serverId {
 			locallyServiceable = true
-			// stop iteration
+			// stop iteration and reset any errors encountered so far.
+			respErr = nil
 			return false
 		}
 
diff --git a/staging/src/k8s.io/apiserver/pkg/util/peerproxy/peerproxy_handler_test.go b/staging/src/k8s.io/apiserver/pkg/util/peerproxy/peerproxy_handler_test.go
index f9c9aec9e26..4fb45f30243 100644
--- a/staging/src/k8s.io/apiserver/pkg/util/peerproxy/peerproxy_handler_test.go
+++ b/staging/src/k8s.io/apiserver/pkg/util/peerproxy/peerproxy_handler_test.go
@@ -285,7 +285,10 @@ func TestPeerProxy(t *testing.T) {
 			}
 			req.Header.Set(PeerProxiedHeader, tt.peerproxiedHeader)
 
-			resp, _ := requestGetter(req)
+			resp, err := requestGetter(req)
+			if err != nil {
+				t.Fatalf("unexpected error trying to get the request: %v", err)
+			}
 
 			// compare response
 			assert.Equal(t, tt.expectedStatus, resp.StatusCode)

From fe97e41f291c881946e0c99a680a46077b3c54a9 Mon Sep 17 00:00:00 2001
From: Richa Banker <richabanker@google.com>
Date: Tue, 8 Oct 2024 17:10:53 -0700
Subject: [PATCH 2/2] add more logging for peer_proxy_test, also tweak
 IdentityLeaseGCPeriod and IdentityLeaseRenewIntervalPeriod

---
 .../apiserver/peerproxy/peer_proxy_test.go    | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/test/integration/apiserver/peerproxy/peer_proxy_test.go b/test/integration/apiserver/peerproxy/peer_proxy_test.go
index d73858edcf8..80702e1155b 100644
--- a/test/integration/apiserver/peerproxy/peer_proxy_test.go
+++ b/test/integration/apiserver/peerproxy/peer_proxy_test.go
@@ -132,12 +132,13 @@ func TestPeerProxiedRequestToThirdServerAfterFirstDies(t *testing.T) {
 	// set lease duration to 1s for serverA to ensure that storageversions for serverA are updated
 	// once it is shutdown
 	controlplaneapiserver.IdentityLeaseDurationSeconds = 10
-	controlplaneapiserver.IdentityLeaseGCPeriod = time.Second
-	controlplaneapiserver.IdentityLeaseRenewIntervalPeriod = 10 * time.Second
+	controlplaneapiserver.IdentityLeaseGCPeriod = 2 * time.Second
+	controlplaneapiserver.IdentityLeaseRenewIntervalPeriod = time.Second
 
 	// start serverA with all APIs enabled
 	// override hostname to ensure unique ips
 	server.SetHostnameFuncForTests("test-server-a")
+	t.Log("starting apiserver for ServerA")
 	serverA := kastesting.StartTestServerOrDie(t, &kastesting.TestServerInstanceOptions{EnableCertAuth: true, ProxyCA: &proxyCA}, []string{}, etcd)
 	kubeClientSetA, err := kubernetes.NewForConfig(serverA.ClientConfig)
 	require.NoError(t, err)
@@ -151,6 +152,7 @@ func TestPeerProxiedRequestToThirdServerAfterFirstDies(t *testing.T) {
 	// start serverB with some api disabled
 	// override hostname to ensure unique ips
 	server.SetHostnameFuncForTests("test-server-b")
+	t.Log("starting apiserver for ServerB")
 	serverB := kastesting.StartTestServerOrDie(t, &kastesting.TestServerInstanceOptions{EnableCertAuth: true, ProxyCA: &proxyCA}, []string{
 		fmt.Sprintf("--runtime-config=%v", "batch/v1=false")}, etcd)
 	defer serverB.TearDownFn()
@@ -163,6 +165,7 @@ func TestPeerProxiedRequestToThirdServerAfterFirstDies(t *testing.T) {
 	// start serverC with all APIs enabled
 	// override hostname to ensure unique ips
 	server.SetHostnameFuncForTests("test-server-c")
+	t.Log("starting apiserver for ServerC")
 	serverC := kastesting.StartTestServerOrDie(t, &kastesting.TestServerInstanceOptions{EnableCertAuth: true, ProxyCA: &proxyCA}, []string{}, etcd)
 	defer serverC.TearDownFn()
 
@@ -177,14 +180,24 @@ func TestPeerProxiedRequestToThirdServerAfterFirstDies(t *testing.T) {
 
 	var jobsB *v1.JobList
 	// list jobs using ServerB which it should proxy to ServerC and get back valid response
-	err = wait.PollImmediate(1*time.Second, 1*time.Minute, func() (bool, error) {
+	err = wait.PollUntilContextTimeout(ctx, 1*time.Second, 1*time.Minute, false, func(ctx context.Context) (bool, error) {
+		select {
+		case <-ctx.Done():
+			return false, ctx.Err()
+		default:
+		}
+
+		t.Log("retrieving jobs from ServerB")
 		jobsB, err = kubeClientSetB.BatchV1().Jobs("default").List(context.Background(), metav1.ListOptions{})
 		if err != nil {
+			t.Logf("error trying to list jobs from ServerB: %v", err)
 			return false, nil
 		}
+
 		if jobsB != nil {
 			return true, nil
 		}
+		t.Log("retrieved nil jobs from ServerB")
 		return false, nil
 	})
 	klog.Infof("\nServerB has retrieved jobs list of length %v \n\n", len(jobsB.Items))