diff options
author | Ola Aunronning <olaa@yahooinc.com> | 2023-04-21 11:39:56 +0200 |
---|---|---|
committer | Ola Aunronning <olaa@yahooinc.com> | 2023-04-21 11:48:07 +0200 |
commit | 5c09a92e7e3846d11640a910fec5a4f92ce875aa (patch) | |
tree | 19f25ec5672eea6b565b022d55d313c0d950432e | |
parent | ee11975355ecbe2d0ba250e2a86cf2774013609c (diff) |
Add splunk role config
7 files changed, 51 insertions, 12 deletions
diff --git a/config-model/src/main/java/com/yahoo/vespa/model/admin/LogForwarder.java b/config-model/src/main/java/com/yahoo/vespa/model/admin/LogForwarder.java index 6284c0bc625..beb96ab8cc8 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/admin/LogForwarder.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/admin/LogForwarder.java @@ -14,24 +14,30 @@ public class LogForwarder extends AbstractService implements LogforwarderConfig. public final String clientName; public final String splunkHome; public final Integer phoneHomeInterval; + public final String role; - private Config(String ds, String cn, String sh, Integer phi) { + private Config(String ds, String cn, String sh, Integer phi, String role) { this.deploymentServer = ds; this.clientName = cn; this.splunkHome = sh; this.phoneHomeInterval = phi; + this.role = role; } public Config withDeploymentServer(String ds) { - return new Config(ds, clientName, splunkHome, phoneHomeInterval); + return new Config(ds, clientName, splunkHome, phoneHomeInterval, role); } public Config withClientName(String cn) { - return new Config(deploymentServer, cn, splunkHome, phoneHomeInterval); + return new Config(deploymentServer, cn, splunkHome, phoneHomeInterval, role); } public Config withSplunkHome(String sh) { - return new Config(deploymentServer, clientName, sh, phoneHomeInterval); + return new Config(deploymentServer, clientName, sh, phoneHomeInterval, role); } public Config withPhoneHomeInterval(Integer phi) { - return new Config(deploymentServer, clientName, splunkHome, phi); + return new Config(deploymentServer, clientName, splunkHome, phi, role); + } + + public Config withRole(String role) { + return new Config(deploymentServer, clientName, splunkHome, phoneHomeInterval, role); } } @@ -49,7 +55,7 @@ public class LogForwarder extends AbstractService implements LogforwarderConfig. } public static Config cfg() { - return new Config(null, null, null, null); + return new Config(null, null, null, null, null); } // LogForwarder does not need any ports. @@ -79,6 +85,9 @@ public class LogForwarder extends AbstractService implements LogforwarderConfig. if (config.phoneHomeInterval != null) { builder.phoneHomeInterval(config.phoneHomeInterval); } + if (config.role != null) { + builder.role(config.role); + } } @Override diff --git a/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminBuilderBase.java b/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminBuilderBase.java index 9280f0ceb9a..7d7c89b51cb 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminBuilderBase.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminBuilderBase.java @@ -21,6 +21,9 @@ import com.yahoo.vespa.model.admin.monitoring.builder.Metrics; import com.yahoo.vespa.model.admin.monitoring.builder.PredefinedMetricSets; import com.yahoo.vespa.model.admin.monitoring.builder.xml.MetricsBuilder; import org.w3c.dom.Element; + +import java.net.URI; +import java.net.URISyntaxException; import java.util.ArrayList; import java.util.List; import java.util.Optional; @@ -98,7 +101,7 @@ public abstract class DomAdminBuilderBase extends VespaDomBuilder.DomConfigProdu return Optional.empty(); } - void addLogForwarders(ModelElement logForwardingElement, Admin admin) { + void addLogForwarders(ModelElement logForwardingElement, Admin admin, DeployState deployState) { if (logForwardingElement == null) return; boolean alsoForAdminCluster = logForwardingElement.booleanAttribute("include-admin"); for (ModelElement e : logForwardingElement.children("splunk")) { @@ -106,7 +109,8 @@ public abstract class DomAdminBuilderBase extends VespaDomBuilder.DomConfigProdu .withSplunkHome(e.stringAttribute("splunk-home")) .withDeploymentServer(e.stringAttribute("deployment-server")) .withClientName(e.stringAttribute("client-name")) - .withPhoneHomeInterval(e.integerAttribute("phone-home-interval")); + .withPhoneHomeInterval(e.integerAttribute("phone-home-interval")) + .withRole(parseLogforwarderRole(e.stringAttribute("role"), deployState)); admin.setLogForwarderConfig(cfg, alsoForAdminCluster); } } @@ -130,4 +134,26 @@ public abstract class DomAdminBuilderBase extends VespaDomBuilder.DomConfigProdu } } + private String parseLogforwarderRole(String role, DeployState deployState) { + if (role == null) + return null; + if (deployState.zone().system().isPublic()) + throw new IllegalArgumentException("Logforwarder role not supported in public systems"); + + try { + // Currently only support athenz roles on format athenz://<domain>/role/<role> + var roleUri = new URI(role); + if (!"athenz".equals(roleUri.getScheme())) + throw new IllegalArgumentException("Unsupported role type: " + roleUri.getScheme()); + var domain = roleUri.getAuthority(); + var path = roleUri.getPath().split("/"); + if (path.length != 3) + throw new IllegalArgumentException("Invalid role path: " + roleUri.getPath()); + var roleName = path[2]; + return domain + ":role." + roleName; + } catch (URISyntaxException e) { + throw new IllegalArgumentException("Invalid logforwarder role format: " + role); + } + } + } diff --git a/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV2Builder.java b/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV2Builder.java index 7a7092b04dd..152f7e03a4c 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV2Builder.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV2Builder.java @@ -47,7 +47,7 @@ public class DomAdminV2Builder extends DomAdminBuilderBase { if ( ! admin.multitenant()) admin.setClusterControllers(addConfiguredClusterControllers(deployState, admin, adminE), deployState); - addLogForwarders(new ModelElement(adminE).child("logforwarding"), admin); + addLogForwarders(new ModelElement(adminE).child("logforwarding"), admin, deployState); addLoggingSpecs(new ModelElement(adminE).child("logging"), admin); } diff --git a/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV4Builder.java b/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV4Builder.java index 80000e54b1b..4990ddc9a53 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV4Builder.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV4Builder.java @@ -55,7 +55,7 @@ public class DomAdminV4Builder extends DomAdminBuilderBase { assignSlobroks(deployState, requestedSlobroks.orElse(NodesSpecification.nonDedicated(3, context)), admin); assignLogserver(deployState, requestedLogservers.orElse(createNodesSpecificationForLogserver()), admin); - addLogForwarders(adminElement.child("logforwarding"), admin); + addLogForwarders(adminElement.child("logforwarding"), admin, deployState); addLoggingSpecs(adminElement.child("logging"), admin); } diff --git a/config-model/src/main/resources/schema/admin.rnc b/config-model/src/main/resources/schema/admin.rnc index 392572e1f12..98ab2e61783 100644 --- a/config-model/src/main/resources/schema/admin.rnc +++ b/config-model/src/main/resources/schema/admin.rnc @@ -112,7 +112,8 @@ LogForwarding = element logforwarding { attribute splunk-home { xsd:string }? & attribute deployment-server { xsd:string } & attribute client-name { xsd:string } & - attribute phone-home-interval { xsd:positiveInteger }? + attribute phone-home-interval { xsd:positiveInteger }? & + attribute role { xsd:string }? } } diff --git a/config-model/src/test/java/com/yahoo/vespa/model/admin/DedicatedAdminV4Test.java b/config-model/src/test/java/com/yahoo/vespa/model/admin/DedicatedAdminV4Test.java index a8ffc625ee6..b809f25ced2 100644 --- a/config-model/src/test/java/com/yahoo/vespa/model/admin/DedicatedAdminV4Test.java +++ b/config-model/src/test/java/com/yahoo/vespa/model/admin/DedicatedAdminV4Test.java @@ -146,7 +146,7 @@ public class DedicatedAdminV4Test { " <slobroks><nodes count='2' dedicated='true'/></slobroks>" + " <logservers><nodes count='1' dedicated='true'/></logservers>" + " <logforwarding include-admin='true'>" + - " <splunk deployment-server='foo:123' client-name='foocli' phone-home-interval='900'/>" + + " <splunk deployment-server='foo:123' client-name='foocli' phone-home-interval='900' role='athenz://some-domain/role/role-name'/>" + " </logforwarding>" + " </admin>" + "</services>"; @@ -176,6 +176,7 @@ public class DedicatedAdminV4Test { assertEquals("foocli", config.clientName()); assertEquals("/opt/splunkforwarder", config.splunkHome()); assertEquals(900, config.phoneHomeInterval()); + assertEquals("some-domain:role.role-name", config.role()); } // Other host's forwarder @@ -188,6 +189,7 @@ public class DedicatedAdminV4Test { assertEquals("foocli", config.clientName()); assertEquals("/opt/splunkforwarder", config.splunkHome()); assertEquals(900, config.phoneHomeInterval()); + assertEquals("some-domain:role.role-name", config.role()); } } diff --git a/configdefinitions/src/vespa/logforwarder.def b/configdefinitions/src/vespa/logforwarder.def index 60a607098e0..4f6b3fc61a7 100644 --- a/configdefinitions/src/vespa/logforwarder.def +++ b/configdefinitions/src/vespa/logforwarder.def @@ -7,3 +7,4 @@ deploymentServer string default="" clientName string default="" splunkHome string default="/opt/splunkforwarder" phoneHomeInterval int default=60 +role string default="" |