Conversation
puellanivis
reviewed
Sep 9, 2025
Collaborator
puellanivis
left a comment
puellanivis
left a comment
There was a problem hiding this comment.
Only thing I could think is to join the time.Now() calls into a common local variable, so they’re both based on the same “now”.
But yeah, good change all over otherwise. 👍
Signed-off-by: Bernardo Valente <[email protected]>
bvalente
force-pushed
the
tls-deadline
branch
from
39e2a66 to
7175b87
Compare
Contributor
Author
|
@puellanivis thank you for the review I addressed your comment, and force pushed after rebasing with master |
Contributor
Author
|
Hello @puellanivis, what would be the process to get this merged and tagged? Is there a timeline, or anything I can do from our side? 🙂 |
Collaborator
|
Sometimes reviews from IBM can take a while. I don’t actually have any ability to even approve in my code review, let alone merge anything. I’m just a third-party F/OSS contributor helping out with code reviews. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Related to:
We're using https://github.com/Mongey/terraform-provider-kafka to manage Kafka Topics with Terraform. Recently we've changed from Plaintext communications to AWS IAM Authentication. When doing so, our provider sometimes would hang indefinitely on some plans. We pinned this to the
kafka.t3.smallcluster tiers, as these have several limitations, including a maximum of 4 TCP connections per second.While debugging the provider, we understood that the Call Stack was stuck on writing to the cluster, more specifically right on the first communication that it was trying to do with the clusters. Reading through the code, we found a very interesting comment for the Write function of the TLS package.
https://github.com/golang/go/blob/go1.23.0/src/crypto/tls/conn.go#L1192-L1195
Based on this, TLS requires both Write and Read Deadlines to be set because the Write function may do a handshake on the fist communication, and the handshake both Writes and Reads.
I believe that in our case, since we are working with brokers that don't have a very reliable network, sometimes the handshake would not progress on the server side, and we would indefinitely wait for a Read that would never come.
After implementing this change in our local workstation, instead of experiencing indefinite hanging, the program would finally report some time of error: