aboutsummaryrefslogtreecommitdiffstats
path: root/node-repository/src/test/java/com/yahoo/vespa
diff options
context:
space:
mode:
authorHåkon Hallingstad <hakon@yahooinc.com>2023-07-25 14:14:51 +0200
committerHåkon Hallingstad <hakon@yahooinc.com>2023-07-25 14:14:51 +0200
commit6b430b2131113d242a8089f8328577636ed24a71 (patch)
tree586f78f1ce6294f572f1c0dcd16df78107acd324 /node-repository/src/test/java/com/yahoo/vespa
parent771cb1ce516231fca8b90c450d6fa017566483fe (diff)
Inclave IPs are shared
Diffstat (limited to 'node-repository/src/test/java/com/yahoo/vespa')
-rw-r--r--node-repository/src/test/java/com/yahoo/vespa/hosted/provision/NodeRepositoryTest.java12
-rw-r--r--node-repository/src/test/java/com/yahoo/vespa/hosted/provision/NodeRepositoryTester.java6
-rw-r--r--node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java17
-rw-r--r--node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/NodesV2ApiTest.java2
-rw-r--r--node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/responses/acl-config-server.json18
-rw-r--r--node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/responses/acl-tenant-node.json12
6 files changed, 57 insertions, 10 deletions
diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/NodeRepositoryTest.java b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/NodeRepositoryTest.java
index 605bf514f03..5148d2a635c 100644
--- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/NodeRepositoryTest.java
+++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/NodeRepositoryTest.java
@@ -1,8 +1,14 @@
// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
package com.yahoo.vespa.hosted.provision;
+import com.yahoo.config.provision.Cloud;
import com.yahoo.config.provision.CloudAccount;
+import com.yahoo.config.provision.CloudName;
+import com.yahoo.config.provision.Environment;
import com.yahoo.config.provision.NodeType;
+import com.yahoo.config.provision.RegionName;
+import com.yahoo.config.provision.SystemName;
+import com.yahoo.config.provision.Zone;
import com.yahoo.vespa.hosted.provision.node.Agent;
import com.yahoo.vespa.hosted.provision.node.History;
import com.yahoo.vespa.hosted.provision.node.IP;
@@ -53,7 +59,11 @@ public class NodeRepositoryTest {
@Test
public void test_ip_conflicts() {
- NodeRepositoryTester tester = new NodeRepositoryTester();
+ var zone = new Zone(Cloud.builder().name(CloudName.AWS).account(CloudAccount.from("aws:123456789012")).allowEnclave(true).build(),
+ SystemName.Public,
+ Environment.prod,
+ RegionName.from("aws-us-east-1a"));
+ NodeRepositoryTester tester = new NodeRepositoryTester(zone);
IP.Config ipConfig = IP.Config.of(Set.of("1.2.3.4", "10.2.3.4"), Set.of("1.2.3.4", "10.2.3.4"));
IP.Config publicIpConfig = IP.Config.of(Set.of("1.2.3.4"), Set.of("1.2.3.4"));
IP.Config privateIpConfig = IP.Config.of(Set.of("10.2.3.4"), Set.of("10.2.3.4"));
diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/NodeRepositoryTester.java b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/NodeRepositoryTester.java
index 00c4d95b0da..49702a7d4c1 100644
--- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/NodeRepositoryTester.java
+++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/NodeRepositoryTester.java
@@ -33,6 +33,10 @@ public class NodeRepositoryTester {
private final MockCurator curator;
public NodeRepositoryTester() {
+ this(Zone.defaultZone());
+ }
+
+ public NodeRepositoryTester(Zone zone) {
nodeFlavors = new NodeFlavors(createConfig());
clock = new ManualClock();
curator = new MockCurator();
@@ -41,7 +45,7 @@ public class NodeRepositoryTester {
new EmptyProvisionServiceProvider(),
curator,
clock,
- Zone.defaultZone(),
+ zone,
new MockNameResolver().mockAnyLookup(),
DockerImage.fromString("docker-registry.domain.tld:8080/dist/vespa"),
Optional.empty(),
diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java
index 2c9da89d8af..26925372b93 100644
--- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java
+++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java
@@ -15,6 +15,7 @@ import com.yahoo.config.provision.SystemName;
import com.yahoo.config.provision.Zone;
import com.yahoo.vespa.hosted.provision.Node;
import com.yahoo.vespa.hosted.provision.NodeList;
+import com.yahoo.vespa.hosted.provision.node.IP;
import com.yahoo.vespa.hosted.provision.node.NodeAcl;
import com.yahoo.vespa.hosted.provision.node.NodeAcl.TrustedNode;
import org.junit.Test;
@@ -112,10 +113,11 @@ public class AclProvisioningTest {
// Trusted nodes is all tenant nodes, all proxy nodes, all config servers and load balancer subnets
// All tenant hosts because nodes are IPv6 and cfg are IPv4, so traffic is NATed.
// NOT proxy hosts because proxies are dual-stacked so no NAT is needed
- assertAcls(List.of(TrustedNode.of(tenantHosts, Set.of(19070), node.cloudAccount(), true),
- TrustedNode.of(tenantNodes, Set.of(19070), node.cloudAccount(), true),
- TrustedNode.of(proxyNodes, Set.of(19070), node.cloudAccount(), true),
- TrustedNode.of(configNodes, node.cloudAccount(), true)),
+ IP.Space ipSpace = IP.Space.of(tester.nodeRepository().zone(), node.cloudAccount());
+ assertAcls(List.of(TrustedNode.of(tenantHosts, Set.of(19070), ipSpace),
+ TrustedNode.of(tenantNodes, Set.of(19070), ipSpace),
+ TrustedNode.of(proxyNodes, Set.of(19070), ipSpace),
+ TrustedNode.of(configNodes, ipSpace)),
Set.of("10.2.3.0/24", "10.4.5.0/24"),
List.of(nodeAcl));
assertEquals(Set.of(22, 4443), nodeAcl.trustedPorts());
@@ -240,11 +242,12 @@ public class AclProvisioningTest {
nodeAcl.trustedNodes().stream().map(TrustedNode::ipAddresses).toList());
}
- private static List<List<TrustedNode>> trustedNodesOf(List<List<Node>> nodes, Set<Integer> ports, CloudAccount cloudAccount) {
- return nodes.stream().map(node -> TrustedNode.of(node, ports, cloudAccount, true)).toList();
+ private List<List<TrustedNode>> trustedNodesOf(List<List<Node>> nodes, Set<Integer> ports, CloudAccount cloudAccount) {
+ IP.Space ipSpace = IP.Space.of(tester.nodeRepository().zone(), cloudAccount);
+ return nodes.stream().map(node -> TrustedNode.of(node, ports, ipSpace)).toList();
}
- private static List<List<TrustedNode>> trustedNodesOf(List<List<Node>> nodes, CloudAccount cloudAccount) {
+ private List<List<TrustedNode>> trustedNodesOf(List<List<Node>> nodes, CloudAccount cloudAccount) {
return trustedNodesOf(nodes, Set.of(), cloudAccount);
}
diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/NodesV2ApiTest.java b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/NodesV2ApiTest.java
index e910d562d53..7769523f3d6 100644
--- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/NodesV2ApiTest.java
+++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/NodesV2ApiTest.java
@@ -459,7 +459,7 @@ public class NodesV2ApiTest {
}
@Test
- public void acls_for_exclave_tenant_host() throws Exception {
+ public void acls_for_inclave_tenant_host() throws Exception {
assertFile(new Request("http://localhost:8080/nodes/v2/acl/host5.yahoo.com"), "acl-tenant-node.json");
}
diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/responses/acl-config-server.json b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/responses/acl-config-server.json
index a4afe470ce9..e3b487325f8 100644
--- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/responses/acl-config-server.json
+++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/responses/acl-config-server.json
@@ -135,6 +135,15 @@
{
"hostname": "host3.yahoo.com",
"type": "tenant",
+ "ipAddress": "127.0.3.1",
+ "ports": [
+ 19070
+ ],
+ "trustedBy": "cfg1.yahoo.com"
+ },
+ {
+ "hostname": "host3.yahoo.com",
+ "type": "tenant",
"ipAddress": "::3:1",
"ports": [
19070
@@ -169,6 +178,15 @@
"trustedBy": "cfg1.yahoo.com"
},
{
+ "hostname": "host5.yahoo.com",
+ "type": "tenant",
+ "ipAddress": "127.0.5.1",
+ "ports": [
+ 19070
+ ],
+ "trustedBy": "cfg1.yahoo.com"
+ },
+ {
"hostname": "host55.yahoo.com",
"type": "tenant",
"ipAddress": "::55:1",
diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/responses/acl-tenant-node.json b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/responses/acl-tenant-node.json
index 2ca385a26b6..98a7c5f9036 100644
--- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/responses/acl-tenant-node.json
+++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/responses/acl-tenant-node.json
@@ -7,12 +7,24 @@
"trustedBy": "host5.yahoo.com"
},
{
+ "hostname": "cfg1.yahoo.com",
+ "type": "config",
+ "ipAddress": "127.0.201.1",
+ "trustedBy": "host5.yahoo.com"
+ },
+ {
"hostname": "cfg2.yahoo.com",
"type": "config",
"ipAddress": "::202:1",
"trustedBy": "host5.yahoo.com"
},
{
+ "hostname": "cfg2.yahoo.com",
+ "type": "config",
+ "ipAddress": "127.0.202.1",
+ "trustedBy": "host5.yahoo.com"
+ },
+ {
"hostname": "dockerhost2.yahoo.com",
"type": "host",
"ipAddress": "::101:1",