diff options
| author | Morten Tokle <mortent@verizonmedia.com> | 2020-03-17 15:07:25 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-03-17 15:07:25 +0100 |
| commit | b2d5ec8958eaed2d5ab0bd6b52fd8450abc0d24a (patch) | |
| tree | 8d3a32e0aad84692a73eba8d392182a1bba571ad /configserver | |
| parent | 2d1582792110f24f2599ccd35641485285fc81bd (diff) | |
| parent | d7b11233343e4b966b3f904b48fa6d5fee8e0356 (diff) | |
Merge pull request #12591 from vespa-engine/mortent/deploy-with-athenzdomain
deploy with athenzdomain
Diffstat (limited to 'configserver')
6 files changed, 60 insertions, 14 deletions
diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/deploy/ModelContextImpl.java b/configserver/src/main/java/com/yahoo/vespa/config/server/deploy/ModelContextImpl.java index 55a1482cde8..930bdaadcea 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/deploy/ModelContextImpl.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/deploy/ModelContextImpl.java @@ -14,6 +14,7 @@ import com.yahoo.config.model.api.ModelContext; import com.yahoo.config.model.api.EndpointCertificateSecrets; import com.yahoo.config.model.api.TlsSecrets; import com.yahoo.config.provision.ApplicationId; +import com.yahoo.config.provision.AthenzDomain; import com.yahoo.config.provision.HostName; import com.yahoo.config.provision.Zone; import com.yahoo.vespa.flags.FetchVector; @@ -144,6 +145,7 @@ public class ModelContextImpl implements ModelContext { private final boolean useNewAthenzFilter; private final boolean usePhraseSegmenting; private final String proxyProtocol; + private final Optional<AthenzDomain> athenzDomain; public Properties(ApplicationId applicationId, boolean multitenantFromConfig, @@ -157,7 +159,8 @@ public class ModelContextImpl implements ModelContext { boolean isBootstrap, boolean isFirstTimeDeployment, FlagSource flagSource, - Optional<EndpointCertificateSecrets> endpointCertificateSecrets) { + Optional<EndpointCertificateSecrets> endpointCertificateSecrets, + Optional<AthenzDomain> athenzDomain) { this.applicationId = applicationId; this.multitenant = multitenantFromConfig || hostedVespa || Boolean.getBoolean("multitenant"); this.configServerSpecs = configServerSpecs; @@ -182,6 +185,7 @@ public class ModelContextImpl implements ModelContext { .with(FetchVector.Dimension.APPLICATION_ID, applicationId.serializedForm()).value(); this.proxyProtocol = Flags.PROXY_PROTOCOL.bindTo(flagSource) .with(FetchVector.Dimension.APPLICATION_ID, applicationId.serializedForm()).value(); + this.athenzDomain = athenzDomain; } @Override @@ -244,6 +248,9 @@ public class ModelContextImpl implements ModelContext { @Override public String proxyProtocol() { return proxyProtocol; } + + @Override + public Optional<AthenzDomain> athenzDomain() { return athenzDomain; } } } diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/modelfactory/ActivatedModelsBuilder.java b/configserver/src/main/java/com/yahoo/vespa/config/server/modelfactory/ActivatedModelsBuilder.java index 70faf3ff36f..46a0c44674b 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/modelfactory/ActivatedModelsBuilder.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/modelfactory/ActivatedModelsBuilder.java @@ -140,7 +140,8 @@ public class ActivatedModelsBuilder extends ModelsBuilder<Application> { flagSource, new EndpointCertificateMetadataStore(curator, TenantRepository.getTenantPath(tenant)) .readEndpointCertificateMetadata(applicationId) - .flatMap(new EndpointCertificateRetriever(secretStore)::readEndpointCertificateSecrets)); + .flatMap(new EndpointCertificateRetriever(secretStore)::readEndpointCertificateSecrets), + zkClient.readAthenzDomain()); } diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/session/PrepareParams.java b/configserver/src/main/java/com/yahoo/vespa/config/server/session/PrepareParams.java index e217bb39b39..6a671648b27 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/session/PrepareParams.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/session/PrepareParams.java @@ -5,6 +5,7 @@ import com.yahoo.component.Version; import com.yahoo.config.model.api.ContainerEndpoint; import com.yahoo.config.model.api.EndpointCertificateMetadata; import com.yahoo.config.provision.ApplicationId; +import com.yahoo.config.provision.AthenzDomain; import com.yahoo.config.provision.TenantName; import com.yahoo.container.jdisc.HttpRequest; import com.yahoo.slime.Slime; @@ -36,6 +37,7 @@ public final class PrepareParams { static final String TLS_SECRETS_KEY_NAME_PARAM_NAME = "tlsSecretsKeyName"; static final String ENDPOINT_CERTIFICATE_METADATA_PARAM_NAME = "endpointCertificateMetadata"; static final String DOCKER_IMAGE_REPOSITORY = "dockerImageRepository"; + static final String ATHENZ_DOMAIN = "athenzDomain"; private final ApplicationId applicationId; private final TimeoutBudget timeoutBudget; @@ -48,12 +50,13 @@ public final class PrepareParams { private final Optional<String> tlsSecretsKeyName; private final Optional<EndpointCertificateMetadata> endpointCertificateMetadata; private final Optional<String> dockerImageRepository; + private final Optional<AthenzDomain> athenzDomain; private PrepareParams(ApplicationId applicationId, TimeoutBudget timeoutBudget, boolean ignoreValidationErrors, boolean dryRun, boolean verbose, boolean isBootstrap, Optional<Version> vespaVersion, List<ContainerEndpoint> containerEndpoints, Optional<String> tlsSecretsKeyName, Optional<EndpointCertificateMetadata> endpointCertificateMetadata, - Optional<String> dockerImageRepository) { + Optional<String> dockerImageRepository, Optional<AthenzDomain> athenzDomain) { this.timeoutBudget = timeoutBudget; this.applicationId = applicationId; this.ignoreValidationErrors = ignoreValidationErrors; @@ -65,6 +68,7 @@ public final class PrepareParams { this.tlsSecretsKeyName = tlsSecretsKeyName; this.endpointCertificateMetadata = endpointCertificateMetadata; this.dockerImageRepository = dockerImageRepository; + this.athenzDomain = athenzDomain; } public static class Builder { @@ -80,6 +84,7 @@ public final class PrepareParams { private Optional<String> tlsSecretsKeyName = Optional.empty(); private Optional<EndpointCertificateMetadata> endpointCertificateMetadata = Optional.empty(); private Optional<String> dockerImageRepository = Optional.empty(); + private Optional<AthenzDomain> athenzDomain = Optional.empty(); public Builder() { } @@ -153,10 +158,15 @@ public final class PrepareParams { return this; } + public Builder athenzDomain(String athenzDomain) { + this.athenzDomain = Optional.ofNullable(athenzDomain).map(AthenzDomain::from); + return this; + } + public PrepareParams build() { return new PrepareParams(applicationId, timeoutBudget, ignoreValidationErrors, dryRun, verbose, isBootstrap, vespaVersion, containerEndpoints, tlsSecretsKeyName, - endpointCertificateMetadata, dockerImageRepository); + endpointCertificateMetadata, dockerImageRepository, athenzDomain); } } @@ -172,6 +182,7 @@ public final class PrepareParams { .tlsSecretsKeyName(request.getProperty(TLS_SECRETS_KEY_NAME_PARAM_NAME)) .endpointCertificateMetadata(request.getProperty(ENDPOINT_CERTIFICATE_METADATA_PARAM_NAME)) .dockerImageRepository(request.getProperty(DOCKER_IMAGE_REPOSITORY)) + .athenzDomain(request.getProperty(ATHENZ_DOMAIN)) .build(); } @@ -237,4 +248,6 @@ public final class PrepareParams { return dockerImageRepository; } + public Optional<AthenzDomain> athenzDomain() { return athenzDomain; } + } diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/session/SessionPreparer.java b/configserver/src/main/java/com/yahoo/vespa/config/server/session/SessionPreparer.java index c65af076e54..b88fdc90316 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/session/SessionPreparer.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/session/SessionPreparer.java @@ -17,6 +17,7 @@ import com.yahoo.config.model.api.ModelContext; import com.yahoo.config.model.api.EndpointCertificateSecrets; import com.yahoo.config.provision.AllocatedHosts; import com.yahoo.config.provision.ApplicationId; +import com.yahoo.config.provision.AthenzDomain; import com.yahoo.config.provision.HostName; import com.yahoo.config.provision.Zone; import com.yahoo.container.jdisc.secretstore.SecretStore; @@ -152,6 +153,7 @@ public class SessionPreparer { private final EndpointCertificateRetriever endpointCertificateRetriever; private final Optional<EndpointCertificateMetadata> endpointCertificateMetadata; private final Optional<EndpointCertificateSecrets> endpointCertificateSecrets; + private final Optional<AthenzDomain> athenzDomain; private ApplicationPackage applicationPackage; private List<PreparedModelsBuilder.PreparedModelResult> modelResultList; @@ -182,6 +184,7 @@ public class SessionPreparer { .flatMap(endpointCertificateRetriever::readEndpointCertificateSecrets); this.endpointsSet = getEndpoints(params.containerEndpoints()); + this.athenzDomain = params.athenzDomain(); this.properties = new ModelContextImpl.Properties(params.getApplicationId(), configserverConfig.multitenant(), @@ -195,7 +198,8 @@ public class SessionPreparer { params.isBootstrap(), ! currentActiveApplicationSet.isPresent(), context.getFlagSource(), - endpointCertificateSecrets); + endpointCertificateSecrets, + athenzDomain); this.preparedModelsBuilder = new PreparedModelsBuilder(modelFactoryRegistry, permanentApplicationPackage, configDefinitionRepo, @@ -247,7 +251,8 @@ public class SessionPreparer { vespaVersion, logger, prepareResult.getFileRegistries(), - prepareResult.allocatedHosts()); + prepareResult.allocatedHosts(), + athenzDomain); checkTimeout("write state to zookeeper"); } @@ -290,13 +295,15 @@ public class SessionPreparer { Version vespaVersion, DeployLogger deployLogger, Map<Version, FileRegistry> fileRegistryMap, - AllocatedHosts allocatedHosts) { + AllocatedHosts allocatedHosts, + Optional<AthenzDomain> athenzDomain) { ZooKeeperDeployer zkDeployer = zooKeeperClient.createDeployer(deployLogger); try { zkDeployer.deploy(applicationPackage, fileRegistryMap, allocatedHosts); zooKeeperClient.writeApplicationId(applicationId); zooKeeperClient.writeVespaVersion(vespaVersion); zooKeeperClient.writeDockerImageRepository(dockerImageRepository); + zooKeeperClient.writeAthenzDomain(athenzDomain); } catch (RuntimeException | IOException e) { zkDeployer.cleanup(); throw new RuntimeException("Error preparing session", e); diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/session/SessionZooKeeperClient.java b/configserver/src/main/java/com/yahoo/vespa/config/server/session/SessionZooKeeperClient.java index 4c64bdd380f..44cf3cec1b7 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/session/SessionZooKeeperClient.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/session/SessionZooKeeperClient.java @@ -5,23 +5,24 @@ import com.yahoo.component.Version; import com.yahoo.component.Vtag; import com.yahoo.config.application.api.ApplicationPackage; import com.yahoo.config.application.api.DeployLogger; -import com.yahoo.config.provision.NodeFlavors; +import com.yahoo.config.model.api.ConfigDefinitionRepo; import com.yahoo.config.provision.AllocatedHosts; -import com.yahoo.transaction.NestedTransaction; -import com.yahoo.transaction.Transaction; +import com.yahoo.config.provision.ApplicationId; +import com.yahoo.config.provision.AthenzDomain; +import com.yahoo.config.provision.NodeFlavors; import com.yahoo.log.LogLevel; import com.yahoo.path.Path; -import com.yahoo.config.model.api.ConfigDefinitionRepo; import com.yahoo.text.Utf8; -import com.yahoo.config.provision.ApplicationId; +import com.yahoo.transaction.NestedTransaction; +import com.yahoo.transaction.Transaction; import com.yahoo.vespa.config.server.UserConfigDefinitionRepo; import com.yahoo.vespa.config.server.deploy.ZooKeeperClient; import com.yahoo.vespa.config.server.deploy.ZooKeeperDeployer; +import com.yahoo.vespa.config.server.zookeeper.ConfigCurator; import com.yahoo.vespa.config.server.zookeeper.ZKApplicationPackage; import com.yahoo.vespa.curator.Curator; import com.yahoo.vespa.curator.transaction.CuratorOperations; import com.yahoo.vespa.curator.transaction.CuratorTransaction; -import com.yahoo.vespa.config.server.zookeeper.ConfigCurator; import java.util.Optional; import java.util.concurrent.TimeUnit; @@ -42,6 +43,7 @@ public class SessionZooKeeperClient { private static final String VERSION_PATH = "version"; private static final String CREATE_TIME_PATH = "createTime"; private static final String DOCKER_IMAGE_REPOSITORY_PATH = "dockerImageRepository"; + private static final String ATHENZ_DOMAIN = "athenzDomain"; private final Curator curator; private final ConfigCurator configCurator; private final Path sessionPath; @@ -170,6 +172,10 @@ public class SessionZooKeeperClient { return sessionPath.append(DOCKER_IMAGE_REPOSITORY_PATH).getAbsolute(); } + private String athenzDomainPath() { + return sessionPath.append(ATHENZ_DOMAIN).getAbsolute(); + } + public void writeVespaVersion(Version version) { configCurator.putData(versionPath(), version.toString()); } @@ -221,6 +227,17 @@ public class SessionZooKeeperClient { return transaction; } + public void writeAthenzDomain(Optional<AthenzDomain> athenzDomain) { + athenzDomain.ifPresent(domain -> configCurator.putData(athenzDomainPath(), domain.toString())); + } + + public Optional<AthenzDomain> readAthenzDomain() { + if ( ! configCurator.exists(athenzDomainPath())) return Optional.empty(); + return Optional.ofNullable(configCurator.getData(athenzDomainPath())) + .filter(domain -> ! domain.isBlank()) + .map(AthenzDomain::from); + } + /** * Create necessary paths atomically for a new session. * diff --git a/configserver/src/test/java/com/yahoo/vespa/config/server/ModelContextImplTest.java b/configserver/src/test/java/com/yahoo/vespa/config/server/ModelContextImplTest.java index 339c676000b..c3124fd3ed6 100644 --- a/configserver/src/test/java/com/yahoo/vespa/config/server/ModelContextImplTest.java +++ b/configserver/src/test/java/com/yahoo/vespa/config/server/ModelContextImplTest.java @@ -59,7 +59,8 @@ public class ModelContextImplTest { false, false, flagSource, - null), + null, + Optional.empty()), Optional.empty(), Optional.empty(), new Version(7), |