diff options
author | Bjørn Christian Seime <bjorncs@oath.com> | 2018-11-16 17:37:29 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@oath.com> | 2018-11-16 17:38:35 +0100 |
commit | c947a1356105a611fbffb07da23b604d80e10bc1 (patch) | |
tree | 0abe7fee67cc0c4a5577be1f4abdb986e550dfd5 | |
parent | cae7456c12e1bd3d22c0900772f9e53d1c14b2d5 (diff) |
Add 443 and 8443 as trusted ports for controller
2 files changed, 5 insertions, 2 deletions
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/NodeRepository.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/NodeRepository.java index 5060510be20..ca6865300ee 100644 --- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/NodeRepository.java +++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/NodeRepository.java @@ -224,8 +224,11 @@ public class NodeRepository extends AbstractComponent { case controller: // Controllers: - // - port 4443 (HTTPS) from the world + // - port 4443 (HTTPS + Athenz) from the world + // - port 443+8443 (HTTPS + Okta) from the world. NOTE: controller host has 443->8443 iptable mapping. trustedPorts.add(4443); + trustedPorts.add(443); + trustedPorts.add(8443); break; default: diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java index 5d8bde960d8..e2f3df97314 100644 --- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java +++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java @@ -161,7 +161,7 @@ public class AclProvisioningTest { // Controllers and hosts all trust each other List<NodeAcl> controllerAcls = tester.nodeRepository().getNodeAcls(controllers.get(0), false); assertAcls(Collections.singletonList(controllers), controllerAcls); - assertEquals(ImmutableSet.of(22, 4443), controllerAcls.get(0).trustedPorts()); + assertEquals(ImmutableSet.of(22, 4443, 443, 8443), controllerAcls.get(0).trustedPorts()); } @Test |