diff options
author | jonmv <venstad@gmail.com> | 2023-01-10 14:07:01 +0100 |
---|---|---|
committer | jonmv <venstad@gmail.com> | 2023-01-10 14:07:01 +0100 |
commit | 1185ba938abc797e2bf1f06b845cc8c767c026fb (patch) | |
tree | c9d3c070647afa0c07c4ff67110019a915e7f404 /controller-server | |
parent | ee0401a8567ff0420137a64d494ff1b47873a54c (diff) |
Use cloud account of stored LB when checking for DNS challenges
Diffstat (limited to 'controller-server')
-rw-r--r-- | controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/RoutingPolicies.java | 52 |
1 files changed, 28 insertions, 24 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/RoutingPolicies.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/RoutingPolicies.java index d721528f13b..fe55f018655 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/RoutingPolicies.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/RoutingPolicies.java @@ -374,30 +374,34 @@ public class RoutingPolicies { } private void setPrivateDns(Endpoint endpoint, LoadBalancerAllocation allocation) { - controller.serviceRegistry().vpcEndpointService() - .setPrivateDns(DomainName.of(endpoint.dnsName()), - new ClusterId(allocation.deployment, endpoint.cluster()), - controller.applications().decideCloudAccountOf(allocation.deployment, allocation.deploymentSpec)) - .ifPresent(challenge -> { - try { - nameServiceForwarderIn(allocation.deployment.zoneId()).createTxt(challenge.name(), List.of(challenge.data()), Priority.high); - Instant doom = controller.clock().instant().plusSeconds(30); - while (controller.clock().instant().isBefore(doom)) { - try (Mutex lock = controller.curator().lockNameServiceQueue()) { - if (controller.curator().readNameServiceQueue().requests().stream() - .noneMatch(request -> request.name().equals(Optional.of(challenge.name())))) { - challenge.trigger().run(); - return; - } - } - Thread.sleep(100); - } - throw new UncheckedTimeoutException("timed out waiting for DNS challenge to be processed"); - } - catch (InterruptedException e) { - throw new UncheckedInterruptedException("interrupted waiting for DNS challenge to be processed", e, true); - } - }); + allocation.loadBalancers.stream() + .filter(lb -> lb.service().isPresent()) + .findFirst() + .flatMap(lbWithPrivateService -> + controller.serviceRegistry().vpcEndpointService() + .setPrivateDns(DomainName.of(endpoint.dnsName()), + new ClusterId(allocation.deployment, endpoint.cluster()), + lbWithPrivateService.cloudAccount())) + .ifPresent(challenge -> { + try { + nameServiceForwarderIn(allocation.deployment.zoneId()).createTxt(challenge.name(), List.of(challenge.data()), Priority.high); + Instant doom = controller.clock().instant().plusSeconds(30); + while (controller.clock().instant().isBefore(doom)) { + try (Mutex lock = controller.curator().lockNameServiceQueue()) { + if (controller.curator().readNameServiceQueue().requests().stream() + .noneMatch(request -> request.name().equals(Optional.of(challenge.name())))) { + challenge.trigger().run(); + return; + } + } + Thread.sleep(100); + } + throw new UncheckedTimeoutException("timed out waiting for DNS challenge to be processed"); + } + catch (InterruptedException e) { + throw new UncheckedInterruptedException("interrupted waiting for DNS challenge to be processed", e, true); + } + }); } /** |