bevel-operator-fabric icon indicating copy to clipboard operation
bevel-operator-fabric copied to clipboard

Published 20 hours ago verified publisher icon hyperledger

Temporary Files Accumulation in HLF Operator Pod

Open Horkyze opened this issue 9 months ago • 0 comments

What happened?

Issue Description

The HLF operator pod is continuously creating temporary files in the /tmp directory without cleanup, leading to potential disk space issues. The temporary files are CA certificate-related files that are being created during CA client operations.

$ ls | wc -l
72655
# After a few moments...
$ ls | wc -l
74761

$ ls | head
ca-cert1000328084
ca-cert1000572008
ca-cert1000588891
...

Root Cause

The GetClient function in the certs package creates temporary directories and files for CA operations but does not implement cleanup mechanisms:

func GetClient(ca FabricCAParams) (*lib.Client, error) {
    caHomeDir, err := ioutil.TempDir("", "fabric-ca-client")    // Not cleaned up
    caCertFile, err := ioutil.TempFile("", "ca-cert")           // Not cleaned up
    ...
}

This function is frequently called by operations like EnrollUser, ReenrollUser, GetCAInfo, etc., causing the accumulation of temporary files.

Solution (AI gen..)

  1. Add proper cleanup using defer:
func GetClient(ca FabricCAParams) (*lib.Client, error) {
    caHomeDir, err := ioutil.TempDir("", "fabric-ca-client")
    if err != nil {
        return nil, fmt.Errorf("failed to create temp dir: %v", err)
    }
    defer os.RemoveAll(caHomeDir)

    caCertFile, err := ioutil.TempFile("", "ca-cert")
    if err != nil {
        return nil, fmt.Errorf("failed to create temp file: %v", err)
    }
    defer os.Remove(caCertFile.Name())
    defer caCertFile.Close()
    ...
}
  1. Add a helper function for structured cleanup:
func WithClient(ca FabricCAParams, fn func(*lib.Client) error) error {
    client, err := GetClient(ca)
    if err != nil {
        return err
    }
    return fn(client)
}

Implementation Details

  1. Added defer statements for cleanup of:

    • Temporary directories
    • CA certificate files
    • File handles

  2. Improved error handling with descriptive messages

  3. Added helper function WithClient to handle cleanup in a structured way

  4. Modified existing functions to use the new cleanup pattern

Impact

  • Prevents accumulation of temporary files in the pod
  • Reduces disk space usage
  • Proper resource cleanup after operations
  • Maintains existing functionality while adding proper resource management

What did you expect to happen?

.

How can we reproduce it (as minimally and precisely as possible)?

.

Anything else we need to know?

No response

Kubernetes version

OS linux (amd64) OS Image Fedora CoreOS 39.20240731.base.0 Kernel version 6.5.12-300.fc39.x86_64 Container runtime containerd://1.7.10 Kubelet version v1.27.11

Horkyze avatar Jan 28 '25 10:01 Horkyze