aboutsummaryrefslogtreecommitdiffstats
path: root/controller-server
diff options
context:
space:
mode:
authorjonmv <venstad@gmail.com>2023-01-10 14:07:01 +0100
committerjonmv <venstad@gmail.com>2023-01-10 14:07:01 +0100
commit1185ba938abc797e2bf1f06b845cc8c767c026fb (patch)
treec9d3c070647afa0c07c4ff67110019a915e7f404 /controller-server
parentee0401a8567ff0420137a64d494ff1b47873a54c (diff)
Use cloud account of stored LB when checking for DNS challenges
Diffstat (limited to 'controller-server')
-rw-r--r--controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/RoutingPolicies.java52
1 files changed, 28 insertions, 24 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/RoutingPolicies.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/RoutingPolicies.java
index d721528f13b..fe55f018655 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/RoutingPolicies.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/RoutingPolicies.java
@@ -374,30 +374,34 @@ public class RoutingPolicies {
}
private void setPrivateDns(Endpoint endpoint, LoadBalancerAllocation allocation) {
- controller.serviceRegistry().vpcEndpointService()
- .setPrivateDns(DomainName.of(endpoint.dnsName()),
- new ClusterId(allocation.deployment, endpoint.cluster()),
- controller.applications().decideCloudAccountOf(allocation.deployment, allocation.deploymentSpec))
- .ifPresent(challenge -> {
- try {
- nameServiceForwarderIn(allocation.deployment.zoneId()).createTxt(challenge.name(), List.of(challenge.data()), Priority.high);
- Instant doom = controller.clock().instant().plusSeconds(30);
- while (controller.clock().instant().isBefore(doom)) {
- try (Mutex lock = controller.curator().lockNameServiceQueue()) {
- if (controller.curator().readNameServiceQueue().requests().stream()
- .noneMatch(request -> request.name().equals(Optional.of(challenge.name())))) {
- challenge.trigger().run();
- return;
- }
- }
- Thread.sleep(100);
- }
- throw new UncheckedTimeoutException("timed out waiting for DNS challenge to be processed");
- }
- catch (InterruptedException e) {
- throw new UncheckedInterruptedException("interrupted waiting for DNS challenge to be processed", e, true);
- }
- });
+ allocation.loadBalancers.stream()
+ .filter(lb -> lb.service().isPresent())
+ .findFirst()
+ .flatMap(lbWithPrivateService ->
+ controller.serviceRegistry().vpcEndpointService()
+ .setPrivateDns(DomainName.of(endpoint.dnsName()),
+ new ClusterId(allocation.deployment, endpoint.cluster()),
+ lbWithPrivateService.cloudAccount()))
+ .ifPresent(challenge -> {
+ try {
+ nameServiceForwarderIn(allocation.deployment.zoneId()).createTxt(challenge.name(), List.of(challenge.data()), Priority.high);
+ Instant doom = controller.clock().instant().plusSeconds(30);
+ while (controller.clock().instant().isBefore(doom)) {
+ try (Mutex lock = controller.curator().lockNameServiceQueue()) {
+ if (controller.curator().readNameServiceQueue().requests().stream()
+ .noneMatch(request -> request.name().equals(Optional.of(challenge.name())))) {
+ challenge.trigger().run();
+ return;
+ }
+ }
+ Thread.sleep(100);
+ }
+ throw new UncheckedTimeoutException("timed out waiting for DNS challenge to be processed");
+ }
+ catch (InterruptedException e) {
+ throw new UncheckedInterruptedException("interrupted waiting for DNS challenge to be processed", e, true);
+ }
+ });
}
/**