diff options
author | Jon Bratseth <jonbratseth@yahoo.com> | 2016-12-01 08:14:34 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-12-01 08:14:34 -0800 |
commit | 3681f6df10945f3bbffc010ddee66b0070aed8ff (patch) | |
tree | 50440c694b282a325e66b1a4b1f496479c8c2405 /node-repository | |
parent | ec7b5cea529fa2c7f2b0c06dbf4767e141336fb0 (diff) | |
parent | 99eaa3039959a29ce6990042bbbd530fda6f9668 (diff) |
Merge pull request #1232 from yahoo/mpolden/allow-proxy-to-proxy-traffic
Allow proxy to proxy traffic
Diffstat (limited to 'node-repository')
2 files changed, 10 insertions, 5 deletions
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/NodeRepository.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/NodeRepository.java index 066f4b5742e..a9c7ea7a029 100644 --- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/NodeRepository.java +++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/NodeRepository.java @@ -22,6 +22,7 @@ import java.time.Clock; import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; +import java.util.Comparator; import java.util.List; import java.util.Map; import java.util.Optional; @@ -144,9 +145,10 @@ public class NodeRepository extends AbstractComponent { break; case proxy: - // Proxy nodes only trust config servers. They also trust any traffic to ports 4080/4443, but these - // static rules are configured by the node itself + // Proxy nodes only trust config servers and other proxy nodes. They also trust any traffic to ports + // 4080/4443, but these static rules are configured by the node itself trustedNodes.addAll(getConfigNodes()); + trustedNodes.addAll(getNodes(NodeType.proxy)); break; default: @@ -155,6 +157,9 @@ public class NodeRepository extends AbstractComponent { node.hostname(), node.type())); } + // Sort by hostname so that the resulting list is always the same if trusted nodes don't change + trustedNodes.sort(Comparator.comparing(Node::hostname)); + return Collections.unmodifiableList(trustedNodes); } diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java index f11599ca46c..78728dd3f49 100644 --- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java +++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java @@ -113,10 +113,10 @@ public class AclProvisioningTest { // Get trusted nodes for first proxy node Node node = proxyNodes.get(0); List<Node> trustedNodes = tester.nodeRepository().getTrustedNodes(node); - assertEquals(configServers.size(), trustedNodes.size()); + assertEquals(configServers.size() + proxyNodes.size(), trustedNodes.size()); - // Trusted nodes contains all config servers - assertContainsOnly(toHostNames(trustedNodes), configServers); + // Trusted nodes contains all config servers and all proxy nodes + assertContainsOnly(toHostNames(trustedNodes), flatten(Arrays.asList(toHostNames(proxyNodes), configServers))); } @Test |