diff options
| author | Håkon Hallingstad <hakon@oath.com> | 2018-11-07 14:57:49 +0100 |
|---|---|---|
| committer | Håkon Hallingstad <hakon@oath.com> | 2018-11-07 14:57:49 +0100 |
| commit | e996a8a04bcf3d244975eb1b2c91180a25626bff (patch) | |
| tree | 8eb259b672228d27f5b2f5a7d238a12b9abb3e55 /node-admin | |
| parent | 7a140990e36f5199ea04f188ea19dea6de59be24 (diff) | |
Set the user for vespa checks to yahoo
Diffstat (limited to 'node-admin')
3 files changed, 14 insertions, 2 deletions
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/StorageMaintainer.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/StorageMaintainer.java index 8b8294d530a..faa28d745fe 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/StorageMaintainer.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/StorageMaintainer.java @@ -9,12 +9,12 @@ import com.yahoo.vespa.hosted.dockerapi.Container; import com.yahoo.vespa.hosted.node.admin.component.TaskContext; import com.yahoo.vespa.hosted.node.admin.configserver.noderepository.NodeSpec; import com.yahoo.vespa.hosted.node.admin.docker.DockerOperations; +import com.yahoo.vespa.hosted.node.admin.maintenance.coredump.CoredumpHandler; import com.yahoo.vespa.hosted.node.admin.nodeagent.NodeAgentContext; import com.yahoo.vespa.hosted.node.admin.task.util.file.FileFinder; import com.yahoo.vespa.hosted.node.admin.task.util.file.UnixPath; import com.yahoo.vespa.hosted.node.admin.task.util.process.Terminal; import com.yahoo.vespa.hosted.node.admin.util.SecretAgentCheckConfig; -import com.yahoo.vespa.hosted.node.admin.maintenance.coredump.CoredumpHandler; import java.nio.file.Files; import java.nio.file.Path; @@ -96,11 +96,14 @@ public class StorageMaintainer { if (context.nodeType() != NodeType.config) { // vespa-health Path vespaHealthCheckPath = context.pathInNodeUnderVespaHome("libexec/yms/yms_check_vespa_health"); - configs.add(new SecretAgentCheckConfig("vespa-health", 60, vespaHealthCheckPath, "all").withTags(tags)); + configs.add(new SecretAgentCheckConfig("vespa-health", 60, vespaHealthCheckPath, "all") + .withRunAsUser(context.vespaUser()) + .withTags(tags)); // vespa Path vespaCheckPath = context.pathInNodeUnderVespaHome("libexec/yms/yms_check_vespa"); SecretAgentCheckConfig vespaSchedule = new SecretAgentCheckConfig("vespa", 60, vespaCheckPath, "all"); + vespaSchedule.withRunAsUser(context.vespaUser()); if (isConfigserverLike(context.nodeType())) { Map<String, Object> tagsWithoutNameSpace = new LinkedHashMap<>(tags); tagsWithoutNameSpace.remove("namespace"); diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContext.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContext.java index 2025d422331..58436edbf20 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContext.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContext.java @@ -25,6 +25,7 @@ public interface NodeAgentContext extends TaskContext { ZoneId zoneId(); + String vespaUser(); /** * This method is the inverse of {@link #pathInNodeFromPathOnHost(Path)}} diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContextImpl.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContextImpl.java index d1b5ec77c6a..3e4e751f611 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContextImpl.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContextImpl.java @@ -6,6 +6,7 @@ import com.yahoo.config.provision.NodeType; import com.yahoo.config.provision.RegionName; import com.yahoo.config.provision.SystemName; import com.yahoo.vespa.athenz.api.AthenzService; +import com.yahoo.vespa.defaults.Defaults; import com.yahoo.vespa.hosted.dockerapi.ContainerName; import com.yahoo.vespa.hosted.node.admin.component.ZoneId; import com.yahoo.vespa.hosted.node.admin.docker.DockerNetworking; @@ -33,6 +34,7 @@ public class NodeAgentContextImpl implements NodeAgentContext { private final ZoneId zoneId; private final Path pathToNodeRootOnHost; private final Path pathToVespaHome; + private final String vespaUser; public NodeAgentContextImpl(String hostname, NodeType nodeType, AthenzService identity, DockerNetworking dockerNetworking, ZoneId zoneId, @@ -46,6 +48,7 @@ public class NodeAgentContextImpl implements NodeAgentContext { this.pathToNodeRootOnHost = Objects.requireNonNull(pathToContainerStorage).resolve(containerName.asString()); this.pathToVespaHome = Objects.requireNonNull(pathToVespaHome); this.logPrefix = containerName.asString() + ": "; + this.vespaUser = Defaults.getDefaults().vespaUser(); } @Override @@ -79,6 +82,11 @@ public class NodeAgentContextImpl implements NodeAgentContext { } @Override + public String vespaUser() { + return vespaUser; + } + + @Override public Path pathOnHostFromPathInNode(Path pathInNode) { if (! pathInNode.isAbsolute()) throw new IllegalArgumentException("Expected an absolute path in the container, got: " + pathInNode); |