diff options
author | Morten Tokle <mortent@yahooinc.com> | 2023-04-24 09:23:44 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-04-24 09:23:44 +0100 |
commit | e03b1e5d5a779e1f0be30db2ab73f0b600adcf3f (patch) | |
tree | 6d8875c303bb653472d197871630b3ab73524cff /config-model/src/main/java | |
parent | 29f4d37d8044fac4180ceb681971ea862aca1d28 (diff) | |
parent | 605c834b91bc65627fc9f7b76cef1095c44bb7bc (diff) |
Merge pull request #26806 from vespa-engine/olaa/splunk-role
Add splunk role config
Diffstat (limited to 'config-model/src/main/java')
4 files changed, 40 insertions, 10 deletions
diff --git a/config-model/src/main/java/com/yahoo/vespa/model/admin/LogForwarder.java b/config-model/src/main/java/com/yahoo/vespa/model/admin/LogForwarder.java index 6284c0bc625..beb96ab8cc8 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/admin/LogForwarder.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/admin/LogForwarder.java @@ -14,24 +14,30 @@ public class LogForwarder extends AbstractService implements LogforwarderConfig. public final String clientName; public final String splunkHome; public final Integer phoneHomeInterval; + public final String role; - private Config(String ds, String cn, String sh, Integer phi) { + private Config(String ds, String cn, String sh, Integer phi, String role) { this.deploymentServer = ds; this.clientName = cn; this.splunkHome = sh; this.phoneHomeInterval = phi; + this.role = role; } public Config withDeploymentServer(String ds) { - return new Config(ds, clientName, splunkHome, phoneHomeInterval); + return new Config(ds, clientName, splunkHome, phoneHomeInterval, role); } public Config withClientName(String cn) { - return new Config(deploymentServer, cn, splunkHome, phoneHomeInterval); + return new Config(deploymentServer, cn, splunkHome, phoneHomeInterval, role); } public Config withSplunkHome(String sh) { - return new Config(deploymentServer, clientName, sh, phoneHomeInterval); + return new Config(deploymentServer, clientName, sh, phoneHomeInterval, role); } public Config withPhoneHomeInterval(Integer phi) { - return new Config(deploymentServer, clientName, splunkHome, phi); + return new Config(deploymentServer, clientName, splunkHome, phi, role); + } + + public Config withRole(String role) { + return new Config(deploymentServer, clientName, splunkHome, phoneHomeInterval, role); } } @@ -49,7 +55,7 @@ public class LogForwarder extends AbstractService implements LogforwarderConfig. } public static Config cfg() { - return new Config(null, null, null, null); + return new Config(null, null, null, null, null); } // LogForwarder does not need any ports. @@ -79,6 +85,9 @@ public class LogForwarder extends AbstractService implements LogforwarderConfig. if (config.phoneHomeInterval != null) { builder.phoneHomeInterval(config.phoneHomeInterval); } + if (config.role != null) { + builder.role(config.role); + } } @Override diff --git a/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminBuilderBase.java b/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminBuilderBase.java index 9280f0ceb9a..df998e75268 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminBuilderBase.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminBuilderBase.java @@ -21,9 +21,11 @@ import com.yahoo.vespa.model.admin.monitoring.builder.Metrics; import com.yahoo.vespa.model.admin.monitoring.builder.PredefinedMetricSets; import com.yahoo.vespa.model.admin.monitoring.builder.xml.MetricsBuilder; import org.w3c.dom.Element; + import java.util.ArrayList; import java.util.List; import java.util.Optional; +import java.util.regex.Pattern; /** * A base class for admin model builders, to support common functionality across versions. @@ -98,7 +100,7 @@ public abstract class DomAdminBuilderBase extends VespaDomBuilder.DomConfigProdu return Optional.empty(); } - void addLogForwarders(ModelElement logForwardingElement, Admin admin) { + void addLogForwarders(ModelElement logForwardingElement, Admin admin, DeployState deployState) { if (logForwardingElement == null) return; boolean alsoForAdminCluster = logForwardingElement.booleanAttribute("include-admin"); for (ModelElement e : logForwardingElement.children("splunk")) { @@ -106,7 +108,8 @@ public abstract class DomAdminBuilderBase extends VespaDomBuilder.DomConfigProdu .withSplunkHome(e.stringAttribute("splunk-home")) .withDeploymentServer(e.stringAttribute("deployment-server")) .withClientName(e.stringAttribute("client-name")) - .withPhoneHomeInterval(e.integerAttribute("phone-home-interval")); + .withPhoneHomeInterval(e.integerAttribute("phone-home-interval")) + .withRole(parseLogforwarderRole(e.stringAttribute("role"), deployState)); admin.setLogForwarderConfig(cfg, alsoForAdminCluster); } } @@ -130,4 +133,22 @@ public abstract class DomAdminBuilderBase extends VespaDomBuilder.DomConfigProdu } } + private String parseLogforwarderRole(String role, DeployState deployState) { + if (role == null) + return null; + if (deployState.zone().system().isPublic()) + throw new IllegalArgumentException("Logforwarder role not supported in public systems"); + + // Currently only support athenz roles on format athenz://<domain>/role/<role> + var rolePattern = Pattern.compile("(?<scheme>athenz)://" + + "(?<domain>[a-zA-Z0-9_][a-zA-Z0-9_.-]*[a-zA-Z0-9_])" + + "/role/" + + "(?<role>[a-zA-Z0-9_][a-zA-Z0-9_.-]*[a-zA-Z0-9_])"); + var matcher = rolePattern.matcher(role); + if (!matcher.matches()) { + throw new IllegalArgumentException("Invalid role path " + role); + } + return matcher.group("domain") + ":role." + matcher.group("role"); + } + } diff --git a/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV2Builder.java b/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV2Builder.java index 7a7092b04dd..152f7e03a4c 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV2Builder.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV2Builder.java @@ -47,7 +47,7 @@ public class DomAdminV2Builder extends DomAdminBuilderBase { if ( ! admin.multitenant()) admin.setClusterControllers(addConfiguredClusterControllers(deployState, admin, adminE), deployState); - addLogForwarders(new ModelElement(adminE).child("logforwarding"), admin); + addLogForwarders(new ModelElement(adminE).child("logforwarding"), admin, deployState); addLoggingSpecs(new ModelElement(adminE).child("logging"), admin); } diff --git a/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV4Builder.java b/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV4Builder.java index 80000e54b1b..4990ddc9a53 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV4Builder.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/builder/xml/dom/DomAdminV4Builder.java @@ -55,7 +55,7 @@ public class DomAdminV4Builder extends DomAdminBuilderBase { assignSlobroks(deployState, requestedSlobroks.orElse(NodesSpecification.nonDedicated(3, context)), admin); assignLogserver(deployState, requestedLogservers.orElse(createNodesSpecificationForLogserver()), admin); - addLogForwarders(adminElement.child("logforwarding"), admin); + addLogForwarders(adminElement.child("logforwarding"), admin, deployState); addLoggingSpecs(adminElement.child("logging"), admin); } |