diff options
author | Henning Baldersheim <balder@yahoo-inc.com> | 2024-04-03 00:07:46 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-04-03 00:07:46 +0200 |
commit | f5fa9ab6b35ecebc86cdb4c5dfaf0e4b59847972 (patch) | |
tree | 66e9594efd2f5a97b664d6df6a2c3bb4d8aa4aa9 /config-model | |
parent | 9bd91f0de45277ccf7974862fa3edd00a916e5cb (diff) | |
parent | 67c47ed770ac44fe6ca7171f3f002e83aae7066c (diff) |
Merge pull request #30787 from vespa-engine/revert-30785-hakonhall/certificate-expiry-checker-depends-on-proxy-protocol
Revert "Move useProxyProtocol to Cloud'"
Diffstat (limited to 'config-model')
-rw-r--r-- | config-model/src/main/java/com/yahoo/vespa/model/container/xml/ContainerModelBuilder.java | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/xml/ContainerModelBuilder.java b/config-model/src/main/java/com/yahoo/vespa/model/container/xml/ContainerModelBuilder.java index db848d13f5a..20a16f7c7a4 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/container/xml/ContainerModelBuilder.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/container/xml/ContainerModelBuilder.java @@ -25,6 +25,7 @@ import com.yahoo.config.model.producer.TreeConfigProducer; import com.yahoo.config.provision.AthenzDomain; import com.yahoo.config.provision.AthenzService; import com.yahoo.config.provision.Capacity; +import com.yahoo.config.provision.CloudName; import com.yahoo.config.provision.ClusterMembership; import com.yahoo.config.provision.ClusterSpec; import com.yahoo.config.provision.DataplaneToken; @@ -598,7 +599,7 @@ public class ContainerModelBuilder extends ConfigModelBuilder<ContainerModel> { // If the deployment contains certificate/private key reference, setup TLS port var builder = HostedSslConnectorFactory.builder(serverName, getMtlsDataplanePort(state)) - .proxyProtocol(state.zone().cloud().useProxyProtocol()) + .proxyProtocol(useProxyProtocol(state.zone())) .tlsCiphersOverride(state.getProperties().tlsCiphersOverride()) .endpointConnectionTtl(state.getProperties().endpointConnectionTtl()); var endpointCert = state.endpointCertificateSecrets().orElse(null); @@ -633,6 +634,10 @@ public class ContainerModelBuilder extends ConfigModelBuilder<ContainerModel> { server.addConnector(connectorFactory); } + private static boolean useProxyProtocol(Zone zone) { + return !zone.cloud().name().equals(CloudName.AZURE); + } + private void addCloudTokenSupport(DeployState state, ApplicationContainerCluster cluster) { var server = cluster.getHttp().getHttpServer().get(); if (!enableTokenSupport(state)) return; @@ -657,7 +662,7 @@ public class ContainerModelBuilder extends ConfigModelBuilder<ContainerModel> { // Setup dedicated connector var connector = HostedSslConnectorFactory.builder(server.getComponentId().getName()+"-token", tokenPort) .tokenEndpoint(true) - .proxyProtocol(state.zone().cloud().useProxyProtocol()) + .proxyProtocol(useProxyProtocol(state.zone())) .endpointCertificate(endpointCert) .remoteAddressHeader("X-Forwarded-For") .remotePortHeader("X-Forwarded-Port") |