diff options
author | Jon Marius Venstad <jonmv@users.noreply.github.com> | 2023-06-27 14:33:38 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-06-27 14:33:38 +0200 |
commit | ba76ac718571412b22662a8429fa8b31510d48a2 (patch) | |
tree | aad3b1f9424d54e3ce538f925bdccb45e6cebc0f | |
parent | 3a066100ef96ffd3ac73d1d06096c98da077f296 (diff) | |
parent | e37214ce7fb389b8703b301e3e1facd198f8a30e (diff) |
Merge pull request #27557 from vespa-engine/jonmv/misc-3
Short-cut re-acquiring ordered locks, avoid unnecessary tenant-host-lock during prepare [MERGEOK]
3 files changed, 16 insertions, 25 deletions
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/Nodes.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/Nodes.java index 490e7b9ac33..d3ea1a3def7 100644 --- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/Nodes.java +++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/Nodes.java @@ -164,8 +164,7 @@ public class Nodes { * with the history of that node. */ public List<Node> addNodes(List<Node> nodes, Agent agent) { - try (NodeMutexes existingNodesLocks = lockAndGetAll(nodes, Optional.empty()); // Locks for any existing nodes we may remove. - Mutex allocationLock = lockUnallocated()) { + try (Mutex allocationLock = lockUnallocated()) { List<Node> nodesToAdd = new ArrayList<>(); List<Node> nodesToRemove = new ArrayList<>(); for (int i = 0; i < nodes.size(); i++) { @@ -984,7 +983,8 @@ public class Nodes { for (NodeMutex node : outOfOrder) unlocked.add(node.node()); outOfOrder.clear(); - Mutex lock = lock(next, budget.timeLeftOrThrow()); + boolean nextLockSameAsPrevious = ! locked.isEmpty() && applicationIdForLock(locked.last().node()).equals(applicationIdForLock(next)); + Mutex lock = nextLockSameAsPrevious ? () -> { } : lock(next, budget.timeLeftOrThrow()); try { Optional<Node> fresh = node(next.hostname()); if (fresh.isEmpty()) { diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/provisioning/InfraDeployerImpl.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/provisioning/InfraDeployerImpl.java index 35b2fef2c78..1f424a1e1d5 100644 --- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/provisioning/InfraDeployerImpl.java +++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/provisioning/InfraDeployerImpl.java @@ -89,23 +89,20 @@ public class InfraDeployerImpl implements InfraDeployer { public void prepare() { if (prepared) return; - try (Mutex lock = nodeRepository.applications().lock(application.getApplicationId())) { - NodeType nodeType = application.getCapacity().type(); - Version targetVersion = infrastructureVersions.getTargetVersionFor(nodeType); - hostSpecs = provisioner.prepare(application.getApplicationId(), - application.getClusterSpecWithVersion(targetVersion), - application.getCapacity(), - logger::log); - - prepared = true; - } + NodeType nodeType = application.getCapacity().type(); + Version targetVersion = infrastructureVersions.getTargetVersionFor(nodeType); + hostSpecs = provisioner.prepare(application.getApplicationId(), + application.getClusterSpecWithVersion(targetVersion), + application.getCapacity(), + logger::log); + + prepared = true; } @Override public long activate() { + prepare(); try (var lock = provisioner.lock(application.getApplicationId())) { - prepare(); - if (hostSpecs.isEmpty()) { logger.log(Level.FINE, () -> "No nodes to provision for " + application.getCapacity().type() + ", removing application"); removeApplication(application.getApplicationId()); diff --git a/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java b/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java index d0e1a33fcac..7c798eddab1 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/PeerAuthorizer.java @@ -58,16 +58,10 @@ public class PeerAuthorizer { } private static boolean matchesRequiredCredentials(RequiredPeerCredential requiredCredential, String cn, List<String> sans) { - switch (requiredCredential.field()) { - case CN: - return cn != null && requiredCredential.pattern().matches(cn); - case SAN_DNS: - case SAN_URI: - return sans.stream() - .anyMatch(san -> requiredCredential.pattern().matches(san)); - default: - throw new RuntimeException("Unknown field: " + requiredCredential.field()); - } + return switch (requiredCredential.field()) { + case CN -> cn != null && requiredCredential.pattern().matches(cn); + case SAN_DNS, SAN_URI -> sans.stream().anyMatch(san -> requiredCredential.pattern().matches(san)); + }; } private static List<String> getSubjectAlternativeNames(X509Certificate peerCertificate) { |