Merge pull request #23892 from vespa-engine/hakonhall/disallow-gcp-endpoints-in-global-routing

Disallow GCP endpoints in global routing
author: Martin Polden <mpolden@mpolden.no> 2022-09-05 11:41:07 +0200
committer: GitHub <noreply@github.com> 2022-09-05 11:41:07 +0200
commit: 8702571fbdd28c75bb96ce3d388dff3d4917bd91 (patch)
tree: 0194bb25e08c06d88c74868698fe2b097c89291d /controller-server
parent: a811c1aac1f31e367932975c747305d00cc573be (diff)
parent: 03e1df4c936fd34490294834885a5d5f78787bad (diff)
12 files changed, 52 insertions, 15 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageValidator.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageValidator.java
index b3df417bd80..5a131ba4a29 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageValidator.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageValidator.java
@@ -116,13 +116,18 @@ public class ApplicationPackageValidator {
                 var clouds = new HashSet<CloudName>();
                 for (var region : endpoint.regions()) {
                     for (ZoneApi zone : controller.zoneRegistry().zones().all().in(Environment.prod).in(region).zones()) {
+                        if (zone.getCloudName().equals(CloudName.GCP)) {
+                            throw new IllegalArgumentException("Endpoint '" + endpoint.endpointId() + "' in " + instance +
+                                                               " contains a Google Cloud region (" + region +
+                                                               "), which is not yet supported");
+                        }
                         clouds.add(zone.getCloudName());
                     }
                 }
                 if (clouds.size() != 1) {
                     throw new IllegalArgumentException("Endpoint '" + endpoint.endpointId() + "' in " + instance +
                                                        " cannot contain regions in different clouds: " +
-                                                       endpoint.regions().stream().sorted().collect(Collectors.toList()));
+                                                       endpoint.regions().stream().sorted().toList());
                 }
             }
         }
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificates.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificates.java
index 0df70cd9c53..4c869a5aabe 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificates.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificates.java
@@ -63,7 +63,7 @@ public class EndpointCertificates {
         if (duration.toSeconds() > 30)
             log.log(Level.INFO, Text.format("Getting endpoint certificate metadata for %s took %d seconds!", instance.id().serializedForm(), duration.toSeconds()));
 
-        if (controller.zoneRegistry().zones().all().in(CloudName.from("gcp")).ids().contains(zone)) { // Until CKMS is available from GCP
+        if (controller.zoneRegistry().zones().all().in(CloudName.GCP).ids().contains(zone)) { // Until CKMS is available from GCP
             if(metadata.isPresent()) {
                 // Validate metadata before copying cert to GCP. This will ensure we don't bug out on the first deployment, but will take more time
                 certificateValidator.validate(metadata.get(), instance.id().serializedForm(), zone, controller.routing().certificateDnsNames(new DeploymentId(instance.id(), zone), deploymentSpec));
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/ResourceTagMaintainer.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/ResourceTagMaintainer.java
index 3588ae53a74..705abd9ed56 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/ResourceTagMaintainer.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/ResourceTagMaintainer.java
@@ -35,7 +35,7 @@ public class ResourceTagMaintainer extends ControllerMaintainer {
     public double maintain() {
         controller().zoneRegistry().zones()
                 .reachable()
-                .in(CloudName.from("aws"))
+                .in(CloudName.AWS)
                 .zones().forEach(zone -> {
                     Map<HostName, ApplicationId> applicationOfHosts = getTenantOfParentHosts(zone.getId());
                     int taggedResources = resourceTagger.tagResources(zone, applicationOfHosts);
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTest.java
index 6c193e9b539..10940e631f3 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTest.java
@@ -874,7 +874,7 @@ public class ControllerTest {
                 ZoneApiMock.fromId("test.us-west-1"),
                 ZoneApiMock.fromId("staging.us-west-1"),
                 ZoneApiMock.fromId("prod.us-west-1"),
-                ZoneApiMock.newBuilder().with(CloudName.from("aws")).withId("prod.aws-us-east-1").build()
+                ZoneApiMock.newBuilder().with(CloudName.AWS).withId("prod.aws-us-east-1").build()
         );
         var context = tester.newDeploymentContext();
         var applicationPackage = new ApplicationPackageBuilder()
@@ -905,6 +905,38 @@ public class ControllerTest {
     }
 
     @Test
+    void testDeployWithGlobalEndpointsInGcp() {
+        tester.controllerTester().zoneRegistry().setZones(
+                ZoneApiMock.fromId("test.us-west-1"),
+                ZoneApiMock.fromId("staging.us-west-1"),
+                ZoneApiMock.newBuilder().with(CloudName.GCP).withId("prod.gcp-us-east1-b").build()
+        );
+        var context = tester.newDeploymentContext();
+        var applicationPackage = new ApplicationPackageBuilder()
+                .region("gcp-us-east1-b")
+                .endpoint("default", "default") // Contains all regions by default
+                .build();
+
+        try {
+            context.submit(applicationPackage);
+            fail("Expected exception");
+        } catch (IllegalArgumentException e) {
+            assertEquals("Endpoint 'default' in instance 'default' contains a Google Cloud region (gcp-us-east1-b), which is not yet supported", e.getMessage());
+        }
+
+        var applicationPackage2 = new ApplicationPackageBuilder()
+                .region("gcp-us-east1-b")
+                .endpoint("gcp", "default", "gcp-us-east1-b")
+                .build();
+        try {
+            context.submit(applicationPackage2);
+            fail("Expected exception");
+        } catch (IllegalArgumentException e) {
+            assertEquals("Endpoint 'gcp' in instance 'default' contains a Google Cloud region (gcp-us-east1-b), which is not yet supported", e.getMessage());
+        }
+    }
+
+    @Test
     void testDeployWithoutSourceRevision() {
         var context = tester.newDeploymentContext();
         var applicationPackage = new ApplicationPackageBuilder()
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentTriggerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentTriggerTest.java
index fda1f5f0b77..ffb787e9699 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentTriggerTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentTriggerTest.java
@@ -2417,7 +2417,7 @@ public class DeploymentTriggerTest {
         existing.add(ZoneApiMock.newBuilder().withCloud("pink-clouds").withId("test.zone").build());
         zones.setZones(existing);
 
-        JobType defaultSystemTest = JobType.systemTest(zones, CloudName.defaultName());
+        JobType defaultSystemTest = JobType.systemTest(zones, CloudName.DEFAULT);
         JobType pinkSystemTest = JobType.systemTest(zones, CloudName.from("pink-clouds"));
 
         // Job name is identity, used for looking up run history, etc..
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ZoneApiMock.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ZoneApiMock.java
index 4bb35d748db..528ef6d6192 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ZoneApiMock.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ZoneApiMock.java
@@ -86,7 +86,7 @@ public class ZoneApiMock implements ZoneApi {
         private SystemName systemName = SystemName.defaultSystem();
         private ZoneId id = ZoneId.defaultId();
         private ZoneId virtualId = null;
-        private CloudName cloudName = CloudName.defaultName();
+        private CloudName cloudName = CloudName.DEFAULT;
         private String cloudNativeRegionName = id.region().value();
 
         public Builder with(ZoneId id) {
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/ArtifactExpirerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/ArtifactExpirerTest.java
index 6280725794c..e79793bab61 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/ArtifactExpirerTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/ArtifactExpirerTest.java
@@ -23,7 +23,7 @@ public class ArtifactExpirerTest {
     void maintain() {
         DeploymentTester tester = new DeploymentTester();
         ArtifactExpirer expirer = new ArtifactExpirer(tester.controller(), Duration.ofDays(1));
-        ArtifactRegistryMock registry = tester.controllerTester().serviceRegistry().artifactRegistry(CloudName.defaultName()).orElseThrow();
+        ArtifactRegistryMock registry = tester.controllerTester().serviceRegistry().artifactRegistry(CloudName.DEFAULT).orElseThrow();
 
         Instant instant = tester.clock().instant();
         Artifact image0 = new Artifact("image0", "registry.example.com", "vespa/vespa", "7.1", instant, Version.fromString("7.1"));
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/MetricsReporterTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/MetricsReporterTest.java
index b41c17fcd33..4a8956e196b 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/MetricsReporterTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/MetricsReporterTest.java
@@ -356,9 +356,9 @@ public class MetricsReporterTest {
         var tester = new ControllerTester();
         var reporter = createReporter(tester.controller());
         var zone = ZoneId.from("prod.eu-west-1");
-        var cloud = CloudName.defaultName();
+        var cloud = CloudName.DEFAULT;
         tester.zoneRegistry().setOsUpgradePolicy(cloud, UpgradePolicy.builder().upgrade(ZoneApiMock.from(zone)).build());
-        var osUpgrader = new OsUpgrader(tester.controller(), Duration.ofDays(1), CloudName.defaultName());
+        var osUpgrader = new OsUpgrader(tester.controller(), Duration.ofDays(1), CloudName.DEFAULT);
         var statusUpdater = new OsVersionStatusUpdater(tester.controller(), Duration.ofDays(1)
         );
         tester.configServer().bootstrap(List.of(zone), SystemApplication.configServerHost, SystemApplication.tenantHost);
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/OsVersionStatusUpdaterTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/OsVersionStatusUpdaterTest.java
index 0bd3810e9a4..2608a722e49 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/OsVersionStatusUpdaterTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/OsVersionStatusUpdaterTest.java
@@ -32,14 +32,14 @@ public class OsVersionStatusUpdaterTest {
         for (ZoneApi zone : tester.zoneRegistry().zones().controllerUpgraded().zones()) {
             upgradePolicy = upgradePolicy.upgrade(zone);
         }
-        tester.zoneRegistry().setOsUpgradePolicy(CloudName.defaultName(), upgradePolicy.build());
+        tester.zoneRegistry().setOsUpgradePolicy(CloudName.DEFAULT, upgradePolicy.build());
 
         // Initially empty
         assertSame(OsVersionStatus.empty, tester.controller().osVersionStatus());
 
         // Setting a new target adds it to current status
         Version version1 = Version.fromString("7.1");
-        CloudName cloud = CloudName.defaultName();
+        CloudName cloud = CloudName.DEFAULT;
         tester.controller().upgradeOsIn(cloud, version1, Duration.ZERO, false);
         statusUpdater.maintain();
 
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/OsVersionSerializerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/OsVersionSerializerTest.java
index 568b17817a1..7f988f08a89 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/OsVersionSerializerTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/OsVersionSerializerTest.java
@@ -20,7 +20,7 @@ public class OsVersionSerializerTest {
     void test_serialization() {
         OsVersionSerializer serializer = new OsVersionSerializer();
         Set<OsVersion> osVersions = ImmutableSet.of(
-                new OsVersion(Version.fromString("7.1"), CloudName.defaultName()),
+                new OsVersion(Version.fromString("7.1"), CloudName.DEFAULT),
                 new OsVersion(Version.fromString("7.1"), CloudName.from("foo"))
         );
         Set<OsVersion> serialized = serializer.fromSlime(serializer.toSlime(osVersions));
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/OsVersionStatusSerializerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/OsVersionStatusSerializerTest.java
index 7461bf6516c..e552dfe94e1 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/OsVersionStatusSerializerTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/OsVersionStatusSerializerTest.java
@@ -29,11 +29,11 @@ public class OsVersionStatusSerializerTest {
         Version version2 = Version.fromString("7.2");
         Map<OsVersion, List<NodeVersion>> versions = new LinkedHashMap<>();
 
-        versions.put(new OsVersion(version1, CloudName.defaultName()), List.of(
+        versions.put(new OsVersion(version1, CloudName.DEFAULT), List.of(
                 new NodeVersion(HostName.of("node1"), ZoneId.from("prod", "us-west"), version1, version2, Optional.of(Instant.ofEpochMilli(11))),
                 new NodeVersion(HostName.of("node2"), ZoneId.from("prod", "us-east"), version1, version2, Optional.of(Instant.ofEpochMilli(22)))
         ));
-        versions.put(new OsVersion(version2, CloudName.defaultName()), List.of(
+        versions.put(new OsVersion(version2, CloudName.DEFAULT), List.of(
                 new NodeVersion(HostName.of("node3"), ZoneId.from("prod", "us-west"), version2, version2, Optional.of(Instant.ofEpochMilli(33))),
                 new NodeVersion(HostName.of("node4"), ZoneId.from("prod", "us-east"), version2, version2, Optional.of(Instant.ofEpochMilli(44)))
         ));
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/OsVersionTargetSerializerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/OsVersionTargetSerializerTest.java
index 654703b36c0..0f8a1c1b056 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/OsVersionTargetSerializerTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/OsVersionTargetSerializerTest.java
@@ -23,7 +23,7 @@ public class OsVersionTargetSerializerTest {
     void serialization() {
         OsVersionTargetSerializer serializer = new OsVersionTargetSerializer(new OsVersionSerializer());
         Set<OsVersionTarget> targets = ImmutableSet.of(
-                new OsVersionTarget(new OsVersion(Version.fromString("7.1"), CloudName.defaultName()), Duration.ZERO, Instant.ofEpochMilli(123)),
+                new OsVersionTarget(new OsVersion(Version.fromString("7.1"), CloudName.DEFAULT), Duration.ZERO, Instant.ofEpochMilli(123)),
                 new OsVersionTarget(new OsVersion(Version.fromString("7.1"), CloudName.from("foo")), Duration.ofDays(1), Instant.ofEpochMilli(456))
         );
         Set<OsVersionTarget> serialized = serializer.fromSlime(serializer.toSlime(targets));
author	Martin Polden <mpolden@mpolden.no>	2022-09-05 11:41:07 +0200
committer	GitHub <noreply@github.com>	2022-09-05 11:41:07 +0200
commit	8702571fbdd28c75bb96ce3d388dff3d4917bd91 (patch)
tree	0194bb25e08c06d88c74868698fe2b097c89291d /controller-server
parent	a811c1aac1f31e367932975c747305d00cc573be (diff)
parent	03e1df4c936fd34490294834885a5d5f78787bad (diff)