diff options
author | Jon Marius Venstad <jonmv@users.noreply.github.com> | 2023-01-18 18:32:50 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-01-18 18:32:50 +0100 |
commit | ce73e7681cf25865bf6f417f176eea1c85f5efba (patch) | |
tree | bd83cefec54d52788217abddcac020dbc59ba0df /config-provisioning | |
parent | e0191b4d49048f9398395dc8c1c60dfcb383f705 (diff) |
Revert "Jonmv/private endpoints"
Diffstat (limited to 'config-provisioning')
6 files changed, 53 insertions, 197 deletions
diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterMembership.java b/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterMembership.java index 9e8388b6442..213166447ca 100644 --- a/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterMembership.java +++ b/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterMembership.java @@ -20,7 +20,7 @@ public class ClusterMembership { private final String stringValue; private ClusterMembership(String stringValue, Version vespaVersion, Optional<DockerImage> dockerImageRepo, - ZoneEndpoint zoneEndpoint) { + LoadBalancerSettings loadBalancerSettings) { String[] components = stringValue.split("/"); if (components.length < 4) throw new RuntimeException("Could not parse '" + stringValue + "' to a cluster membership. " + @@ -49,7 +49,7 @@ public class ClusterMembership { .exclusive(exclusive) .combinedId(combinedId.map(ClusterSpec.Id::from)) .dockerImageRepository(dockerImageRepo) - .loadBalancerSettings(zoneEndpoint) + .loadBalancerSettings(loadBalancerSettings) .stateful(stateful) .build(); this.index = Integer.parseInt(components[3]); @@ -125,12 +125,12 @@ public class ClusterMembership { public String toString() { return stringValue(); } public static ClusterMembership from(String stringValue, Version vespaVersion, Optional<DockerImage> dockerImageRepo) { - return from(stringValue, vespaVersion, dockerImageRepo, ZoneEndpoint.defaultEndpoint); + return from(stringValue, vespaVersion, dockerImageRepo, LoadBalancerSettings.empty); } public static ClusterMembership from(String stringValue, Version vespaVersion, Optional<DockerImage> dockerImageRepo, - ZoneEndpoint zoneEndpoint) { - return new ClusterMembership(stringValue, vespaVersion, dockerImageRepo, zoneEndpoint); + LoadBalancerSettings loadBalancerSettings) { + return new ClusterMembership(stringValue, vespaVersion, dockerImageRepo, loadBalancerSettings); } public static ClusterMembership from(ClusterSpec cluster, int index) { diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterSpec.java b/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterSpec.java index 196255a8342..153b305dc01 100644 --- a/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterSpec.java +++ b/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterSpec.java @@ -24,12 +24,12 @@ public final class ClusterSpec { private final boolean exclusive; private final Optional<Id> combinedId; private final Optional<DockerImage> dockerImageRepo; - private final ZoneEndpoint zoneEndpoint; + private final LoadBalancerSettings loadBalancerSettings; private final boolean stateful; private ClusterSpec(Type type, Id id, Optional<Group> groupId, Version vespaVersion, boolean exclusive, Optional<Id> combinedId, Optional<DockerImage> dockerImageRepo, - ZoneEndpoint zoneEndpoint, boolean stateful) { + LoadBalancerSettings loadBalancerSettings, boolean stateful) { this.type = type; this.id = id; this.groupId = groupId; @@ -47,7 +47,7 @@ public final class ClusterSpec { if (type.isContent() && !stateful) { throw new IllegalArgumentException("Cluster of type " + type + " must be stateful"); } - this.zoneEndpoint = Objects.requireNonNull(zoneEndpoint); + this.loadBalancerSettings = Objects.requireNonNull(loadBalancerSettings); this.stateful = stateful; } @@ -63,8 +63,8 @@ public final class ClusterSpec { /** Returns the docker image (repository + vespa version) we want this cluster to run */ public Optional<String> dockerImage() { return dockerImageRepo.map(repo -> repo.withTag(vespaVersion).asString()); } - /** Returns any additional zone endpoint settings for application container clusters. */ - public ZoneEndpoint zoneEndpoint() { return zoneEndpoint; } + /** Returns any additional load balancer settings for application container clusters. */ + public LoadBalancerSettings loadBalancerSettings() { return loadBalancerSettings; } /** Returns the version of Vespa that we want this cluster to run */ public Version vespaVersion() { return vespaVersion; } @@ -87,15 +87,15 @@ public final class ClusterSpec { public boolean isStateful() { return stateful; } public ClusterSpec with(Optional<Group> newGroup) { - return new ClusterSpec(type, id, newGroup, vespaVersion, exclusive, combinedId, dockerImageRepo, zoneEndpoint, stateful); + return new ClusterSpec(type, id, newGroup, vespaVersion, exclusive, combinedId, dockerImageRepo, loadBalancerSettings, stateful); } public ClusterSpec withExclusivity(boolean exclusive) { - return new ClusterSpec(type, id, groupId, vespaVersion, exclusive, combinedId, dockerImageRepo, zoneEndpoint, stateful); + return new ClusterSpec(type, id, groupId, vespaVersion, exclusive, combinedId, dockerImageRepo, loadBalancerSettings, stateful); } public ClusterSpec exclusive(boolean exclusive) { - return new ClusterSpec(type, id, groupId, vespaVersion, exclusive, combinedId, dockerImageRepo, zoneEndpoint, stateful); + return new ClusterSpec(type, id, groupId, vespaVersion, exclusive, combinedId, dockerImageRepo, loadBalancerSettings, stateful); } /** Creates a ClusterSpec when requesting a cluster */ @@ -119,7 +119,7 @@ public final class ClusterSpec { private Version vespaVersion; private boolean exclusive = false; private Optional<Id> combinedId = Optional.empty(); - private ZoneEndpoint zoneEndpoint = ZoneEndpoint.defaultEndpoint; + private LoadBalancerSettings loadBalancerSettings = LoadBalancerSettings.empty; private boolean stateful; private Builder(Type type, Id id, boolean specification) { @@ -135,7 +135,7 @@ public final class ClusterSpec { if (vespaVersion == null) throw new IllegalArgumentException("vespaVersion is required to be set when creating a ClusterSpec with specification()"); } else if (groupId.isPresent()) throw new IllegalArgumentException("groupId is not allowed to be set when creating a ClusterSpec with request()"); - return new ClusterSpec(type, id, groupId, vespaVersion, exclusive, combinedId, dockerImageRepo, zoneEndpoint, stateful); + return new ClusterSpec(type, id, groupId, vespaVersion, exclusive, combinedId, dockerImageRepo, loadBalancerSettings, stateful); } public Builder group(Group groupId) { @@ -168,8 +168,8 @@ public final class ClusterSpec { return this; } - public Builder loadBalancerSettings(ZoneEndpoint zoneEndpoint) { - this.zoneEndpoint = zoneEndpoint; + public Builder loadBalancerSettings(LoadBalancerSettings loadBalancerSettings) { + this.loadBalancerSettings = loadBalancerSettings; return this; } @@ -198,12 +198,12 @@ public final class ClusterSpec { vespaVersion.equals(that.vespaVersion) && combinedId.equals(that.combinedId) && dockerImageRepo.equals(that.dockerImageRepo) && - zoneEndpoint.equals(that.zoneEndpoint); + loadBalancerSettings.equals(that.loadBalancerSettings); } @Override public int hashCode() { - return Objects.hash(type, id, groupId, vespaVersion, exclusive, combinedId, dockerImageRepo, zoneEndpoint, stateful); + return Objects.hash(type, id, groupId, vespaVersion, exclusive, combinedId, dockerImageRepo, loadBalancerSettings, stateful); } /** diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/LoadBalancerSettings.java b/config-provisioning/src/main/java/com/yahoo/config/provision/LoadBalancerSettings.java new file mode 100644 index 00000000000..723de25fa87 --- /dev/null +++ b/config-provisioning/src/main/java/com/yahoo/config/provision/LoadBalancerSettings.java @@ -0,0 +1,20 @@ +package com.yahoo.config.provision; + +import java.util.List; + +/** + * Settings for a load balancer provisioned for an application container cluster. + * + * @author jonmv + */ +public record LoadBalancerSettings(List<String> allowedUrns) { + + public static final LoadBalancerSettings empty = new LoadBalancerSettings(List.of()); + + public LoadBalancerSettings(List<String> allowedUrns) { + this.allowedUrns = List.copyOf(allowedUrns); + } + + public boolean isEmpty() { return allowedUrns.isEmpty(); } + +} diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/ZoneEndpoint.java b/config-provisioning/src/main/java/com/yahoo/config/provision/ZoneEndpoint.java deleted file mode 100644 index 10e22f8df06..00000000000 --- a/config-provisioning/src/main/java/com/yahoo/config/provision/ZoneEndpoint.java +++ /dev/null @@ -1,132 +0,0 @@ -package com.yahoo.config.provision; - -import ai.vespa.validation.Validation; - -import java.util.List; -import java.util.Objects; - -/** - * Settings for a zone endpoint of a deployment. - * - * TODO: Fix isEmpty - * Inline empty and constructor - * - * @author jonmv - */ -public class ZoneEndpoint { - - public static final ZoneEndpoint defaultEndpoint = new ZoneEndpoint(true, false, List.of()); - - private final boolean isPublicEndpoint; - private final boolean isPrivateEndpoint; - private final List<AllowedUrn> allowedUrns; - - public ZoneEndpoint(List<String> allowedUrns) { - this(true, true, allowedUrns.stream().map(arn -> new AllowedUrn(AccessType.awsPrivateLink, arn)).toList()); - } - - public ZoneEndpoint(boolean isPublicEndpoint, boolean isPrivateEndpoint, List<AllowedUrn> allowedUrns) { - if ( ! allowedUrns.isEmpty() && ! isPrivateEndpoint) - throw new IllegalArgumentException("cannot list allowed urns, without also enabling private visibility"); - this.isPublicEndpoint = isPublicEndpoint; - this.isPrivateEndpoint = isPrivateEndpoint; - this.allowedUrns = List.copyOf(allowedUrns); - } - - /** Whether this has an endpoint which is visible from the public internet. */ - public boolean isPublicEndpoint() { - return isPublicEndpoint; - } - - /** Whether this has an endpoint which is visible through private DNS of the cloud. */ - public boolean isPrivateEndpoint() { - return isPrivateEndpoint; - } - - /** List of allowed URNs, for specified private access types. */ - public List<AllowedUrn> allowedUrns() { - return allowedUrns; - } - - /** List of URNs for the given access type. */ - public List<String> allowedUrnsWith(AccessType type) { - return allowedUrns.stream().filter(urn -> urn.type == type).map(AllowedUrn::urn).toList(); - } - - public boolean isDefault() { - return equals(defaultEndpoint); - } - - @Override - public boolean equals(Object o) { - if (this == o) return true; - if (o == null || getClass() != o.getClass()) return false; - ZoneEndpoint that = (ZoneEndpoint) o; - return isPublicEndpoint == that.isPublicEndpoint && isPrivateEndpoint == that.isPrivateEndpoint && allowedUrns.equals(that.allowedUrns); - } - - @Override - public int hashCode() { - return Objects.hash(isPublicEndpoint, isPrivateEndpoint, allowedUrns); - } - - @Override - public String toString() { - return "ZoneEndpoint{" + - "isPublicEndpoint=" + isPublicEndpoint + - ", isPrivateEndpoint=" + isPrivateEndpoint + - ", allowedUrns=" + allowedUrns + - '}'; - } - - public enum AccessType { - awsPrivateLink, - gcpServiceConnect, - } - - /** A URN allowed to access this (private) endpoint, through a {@link AccessType} method. */ - public static class AllowedUrn { - - private final AccessType type; - private final String urn; - - public AllowedUrn(AccessType type, String urn) { - this.type = Objects.requireNonNull(type); - this.urn = Validation.requireNonBlank(urn, "URN"); - } - - /** Type of private connection. */ - public AccessType type() { - return type; - } - - /** URN allowed to access this private endpoint. */ - public String urn() { - return urn; - } - - @Override - public boolean equals(Object o) { - if (this == o) return true; - if (o == null || getClass() != o.getClass()) return false; - AllowedUrn that = (AllowedUrn) o; - return type == that.type && urn.equals(that.urn); - } - - @Override - public int hashCode() { - return Objects.hash(type, urn); - } - - @Override - public String toString() { - return "'" + urn + "' through '" + - switch (type) { - case awsPrivateLink -> "aws-private-link"; - case gcpServiceConnect -> "gcp-service-connect"; - } + "'"; - } - - } - -} diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/serialization/AllocatedHostsSerializer.java b/config-provisioning/src/main/java/com/yahoo/config/provision/serialization/AllocatedHostsSerializer.java index 64e8a7feb94..01bb0ca45ff 100644 --- a/config-provisioning/src/main/java/com/yahoo/config/provision/serialization/AllocatedHostsSerializer.java +++ b/config-provisioning/src/main/java/com/yahoo/config/provision/serialization/AllocatedHostsSerializer.java @@ -6,10 +6,8 @@ import com.yahoo.config.provision.AllocatedHosts; import com.yahoo.config.provision.ClusterMembership; import com.yahoo.config.provision.DockerImage; import com.yahoo.config.provision.HostSpec; +import com.yahoo.config.provision.LoadBalancerSettings; import com.yahoo.config.provision.NodeResources; -import com.yahoo.config.provision.ZoneEndpoint; -import com.yahoo.config.provision.ZoneEndpoint.AllowedUrn; -import com.yahoo.config.provision.ZoneEndpoint.AccessType; import com.yahoo.slime.ArrayTraverser; import com.yahoo.slime.Cursor; import com.yahoo.slime.Inspector; @@ -42,12 +40,8 @@ public class AllocatedHostsSerializer { private static final String hostSpecKey = "hostSpec"; private static final String hostSpecHostNameKey = "hostName"; private static final String hostSpecMembershipKey = "membership"; - private static final String loadBalancerSettingsKey = "zoneEndpoint"; - private static final String publicField = "public"; - private static final String privateField = "private"; - private static final String allowedUrnsField = "allowedUrns"; - private static final String accessTypeField = "type"; - private static final String urnField = "urn"; + private static final String loadBalancerSettingsKey = "loadBalancerSettings"; + private static final String allowedUrnsKey = "allowedUrns"; private static final String realResourcesKey = "realResources"; private static final String advertisedResourcesKey = "advertisedResources"; @@ -91,8 +85,9 @@ public class AllocatedHostsSerializer { host.membership().ifPresent(membership -> { object.setString(hostSpecMembershipKey, membership.stringValue()); object.setString(hostSpecVespaVersionKey, membership.cluster().vespaVersion().toFullString()); - if ( ! membership.cluster().zoneEndpoint().isDefault()) - toSlime(object.setObject(loadBalancerSettingsKey), membership.cluster().zoneEndpoint()); + if ( ! membership.cluster().loadBalancerSettings().isEmpty()) + membership.cluster().loadBalancerSettings().allowedUrns() + .forEach(object.setObject(loadBalancerSettingsKey).setArray(allowedUrnsKey)::addString); membership.cluster().dockerImageRepo().ifPresent(repo -> object.setString(hostSpecDockerImageRepoKey, repo.untagged())); }); toSlime(host.realResources(), object.setObject(realResourcesKey)); @@ -227,41 +222,13 @@ public class AllocatedHostsSerializer { object.field(hostSpecDockerImageRepoKey).valid() ? Optional.of(DockerImage.fromString(object.field(hostSpecDockerImageRepoKey).asString())) : Optional.empty(), - zoneEndpoint(object.field(loadBalancerSettingsKey))); + object.field(loadBalancerSettingsKey).valid() + ? new LoadBalancerSettings(SlimeUtils.entriesStream(object.field(loadBalancerSettingsKey).field(allowedUrnsKey)) + .map(Inspector::asString) + .toList()) + : LoadBalancerSettings.empty); } - private static void toSlime(Cursor settingsObject, ZoneEndpoint settings) { - settingsObject.setBool(publicField, settings.isPublicEndpoint()); - settingsObject.setBool(privateField, settings.isPrivateEndpoint()); - if (settings.isPrivateEndpoint()) { - Cursor allowedUrnsArray = settingsObject.setArray(allowedUrnsField); - for (AllowedUrn urn : settings.allowedUrns()) { - Cursor urnObject = allowedUrnsArray.addObject(); - urnObject.setString(urnField, urn.urn()); - urnObject.setString(accessTypeField, - switch (urn.type()) { - case awsPrivateLink -> "awsPrivateLink"; - case gcpServiceConnect -> "gcpServiceConnect"; - }); - } - } - } - - private static ZoneEndpoint zoneEndpoint(Inspector settingsObject) { - if ( ! settingsObject.valid()) return ZoneEndpoint.defaultEndpoint; - return new ZoneEndpoint(settingsObject.field(publicField).asBool(), - settingsObject.field(privateField).asBool(), - SlimeUtils.entriesStream(settingsObject.field(allowedUrnsField)) - .map(urnObject -> new AllowedUrn(switch (urnObject.field(accessTypeField).asString()) { - case "awsPrivateLink" -> AccessType.awsPrivateLink; - case "gcpServiceConnect" -> AccessType.gcpServiceConnect; - default -> throw new IllegalArgumentException("unknown service access type in '" + urnObject + "'"); - }, - urnObject.field(urnField).asString())) - .toList()); - } - - private static Optional<String> optionalString(Inspector inspector) { if ( ! inspector.valid()) return Optional.empty(); return Optional.of(inspector.asString()); diff --git a/config-provisioning/src/test/java/com/yahoo/config/provision/serialization/AllocatedHostsSerializerTest.java b/config-provisioning/src/test/java/com/yahoo/config/provision/serialization/AllocatedHostsSerializerTest.java index 3404d7ed55e..bcb3b8cd4aa 100644 --- a/config-provisioning/src/test/java/com/yahoo/config/provision/serialization/AllocatedHostsSerializerTest.java +++ b/config-provisioning/src/test/java/com/yahoo/config/provision/serialization/AllocatedHostsSerializerTest.java @@ -6,9 +6,9 @@ import com.yahoo.config.provision.AllocatedHosts; import com.yahoo.config.provision.ClusterMembership; import com.yahoo.config.provision.DockerImage; import com.yahoo.config.provision.HostSpec; +import com.yahoo.config.provision.LoadBalancerSettings; import com.yahoo.config.provision.NetworkPorts; import com.yahoo.config.provision.NodeResources; -import com.yahoo.config.provision.ZoneEndpoint; import org.junit.jupiter.api.Test; import java.io.IOException; @@ -20,6 +20,7 @@ import java.util.Set; import static com.yahoo.config.provision.serialization.AllocatedHostsSerializer.fromJson; import static com.yahoo.config.provision.serialization.AllocatedHostsSerializer.toJson; import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.fail; /** * @author bratseth @@ -68,7 +69,7 @@ public class AllocatedHostsSerializerTest { bigSlowDiskSpeedNode, anyDiskSpeedNode, ClusterMembership.from("container/test/0/0", Version.fromString("6.73.1"), - Optional.empty(), new ZoneEndpoint(List.of("burn"))), + Optional.empty(), new LoadBalancerSettings(List.of("burn"))), Optional.empty(), Optional.empty(), Optional.empty())); |