Address review comments (round 2)

andyzhangx · andyzhangx · commit fe04017f3e37 · 2026-04-20T09:04:15.000Z
- Update function comment to accurately describe symlink reuse behavior
- Only retry rename on os.IsExist; fail fast on permission/IO errors
- Update test comment to reflect filesystem-based concurrency (no CRUID lock)
diff --git a/pkg/smb/nodeserver.go b/pkg/smb/nodeserver.go
@@ -585,7 +585,8 @@ func getKerberosCache(krb5CacheDirectory, krb5Prefix string, credUID int, secret
 // Create kerberos cache in the file based on the VolumeID, so it can be cleaned up during unstage
 // At the same time, kerberos expects to find cache in file named "krb5cc_*", so creating symlink
 // will allow both clean up and serving proper cache to the kerberos.
-// If symlink already exists, ignore it.
+// If a valid symlink already exists (pointing to a readable cache file), it is kept as-is
+// to avoid disrupting concurrent mounts. Dangling or non-symlink entries are replaced.
 func (d *Driver) ensureKerberosCache(krb5CacheDirectory, krb5Prefix, volumeID string, mountFlags []string, secrets map[string]string) (bool, error) {
 	if !hasKerberosMountOption(mountFlags) {
 		return false, nil
@@ -660,6 +661,14 @@ func (d *Driver) ensureKerberosCache(krb5CacheDirectory, krb5Prefix, volumeID st
 		}
 
 		if err := os.Rename(tempSymlinkName, krb5CacheFileName); err != nil {
+			// On Linux, Rename replaces the target atomically; this branch is
+			// only expected on systems where rename-over-existing fails (e.g.,
+			// certain Windows/NFS edge cases). Only retry when the target
+			// already exists; for other errors (permission, I/O) fail fast.
+			if !os.IsExist(err) {
+				os.Remove(tempSymlinkName)
+				return false, status.Error(codes.Internal, fmt.Sprintf("Couldn't atomically update kerberos symlink %s -> %s for credUID %d: %v", krb5CacheFileName, volumeIDCacheAbsolutePath, credUID, err))
+			}
 			if removeErr := os.Remove(krb5CacheFileName); removeErr != nil && !os.IsNotExist(removeErr) {
 				os.Remove(tempSymlinkName)
 				return false, status.Error(codes.Internal, fmt.Sprintf("Couldn't replace kerberos symlink %s: rename failed: %v, remove failed: %v", krb5CacheFileName, err, removeErr))
diff --git a/pkg/smb/nodeserver_test.go b/pkg/smb/nodeserver_test.go
@@ -1065,8 +1065,8 @@ func TestEnsureKerberosCache(t *testing.T) {
 }
 
 // Regression test for the race where parallel kubelet mounts sharing a CRUID
-// collided on the shared krb5cc_<uid> symlink. Runs many goroutines against the
-// per-CRUID lock and asserts no caller observes a "file exists" from Symlink
+// collided on the shared krb5cc_<uid> symlink. Runs many goroutines concurrently
+// and asserts that atomic temp-symlink-then-rename avoids "file exists" errors
 // and that the final symlink points at a valid volume-specific cache file.
 func TestEnsureKerberosCacheConcurrent(t *testing.T) {
 	if runtime.GOOS != "linux" {
