summaryrefslogtreecommitdiffstats
path: root/node-repository
diff options
context:
space:
mode:
authorgjoranv <gv@verizonmedia.com>2022-11-14 14:19:18 +0100
committergjoranv <gv@verizonmedia.com>2022-11-15 10:37:19 +0100
commitbc24031511038576f304dcc37974e2058d93a390 (patch)
tree1b8a79dc4d5393054ba8d90e4615485194208f50 /node-repository
parentd9394d9c527ff1ef36729861eb29a2da76768fde (diff)
Add 'wireguardPubKey' field to Node
Diffstat (limited to 'node-repository')
-rw-r--r--node-repository/src/main/java/com/yahoo/vespa/hosted/provision/Node.java57
-rw-r--r--node-repository/src/main/java/com/yahoo/vespa/hosted/provision/persistence/CuratorDatabaseClient.java2
-rw-r--r--node-repository/src/main/java/com/yahoo/vespa/hosted/provision/persistence/NodeSerializer.java6
-rw-r--r--node-repository/src/main/java/com/yahoo/vespa/hosted/provision/provisioning/Activator.java2
4 files changed, 44 insertions, 23 deletions
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/Node.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/Node.java
index de1f9e65415..79461b33476 100644
--- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/Node.java
+++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/Node.java
@@ -10,6 +10,7 @@ import com.yahoo.config.provision.Flavor;
import com.yahoo.config.provision.NodeResources;
import com.yahoo.config.provision.NodeType;
import com.yahoo.config.provision.TenantName;
+import com.yahoo.config.provision.WireguardKey;
import com.yahoo.vespa.hosted.provision.lb.LoadBalancers;
import com.yahoo.vespa.hosted.provision.node.Agent;
import com.yahoo.vespa.hosted.provision.node.Allocation;
@@ -57,6 +58,9 @@ public final class Node implements Nodelike {
private final List<TrustStoreItem> trustStoreItems;
private final CloudAccount cloudAccount;
+ // Only set for enclave nodes
+ private final Optional<WireguardKey> wireguardPubKey;
+
/** Record of the last event of each type happening to this node */
private final History history;
@@ -86,7 +90,7 @@ public final class Node implements Nodelike {
Reports reports, Optional<String> modelName, Optional<TenantName> reservedTo,
Optional<ApplicationId> exclusiveToApplicationId, Optional<ClusterSpec.Type> exclusiveToClusterType,
Optional<String> switchHostname, List<TrustStoreItem> trustStoreItems,
- CloudAccount cloudAccount) {
+ CloudAccount cloudAccount, Optional<WireguardKey> wireguardPubKey) {
this.id = Objects.requireNonNull(id, "A node must have an ID");
this.hostname = requireNonEmptyString(hostname, "A node must have a hostname");
this.ipConfig = Objects.requireNonNull(ipConfig, "A node must a have an IP config");
@@ -105,6 +109,7 @@ public final class Node implements Nodelike {
this.switchHostname = requireNonEmptyString(switchHostname, "switchHostname cannot be null");
this.trustStoreItems = Objects.requireNonNull(trustStoreItems).stream().distinct().toList();
this.cloudAccount = Objects.requireNonNull(cloudAccount);
+ this.wireguardPubKey = Objects.requireNonNull(wireguardPubKey);
if (state == State.active)
requireNonEmpty(ipConfig.primary(), "Active node " + hostname + " must have at least one valid IP address");
@@ -226,6 +231,11 @@ public final class Node implements Nodelike {
return cloudAccount;
}
+ /** Returns the wireguard public key of this node. Only relevant for enclave nodes. */
+ public Optional<WireguardKey> wireguardPubKey() {
+ return wireguardPubKey;
+ }
+
/**
* Returns a copy of this where wantToFail is set to true and history is updated to reflect this.
*/
@@ -319,14 +329,14 @@ public final class Node implements Nodelike {
public Node with(Status status) {
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state, allocation, history, type,
reports, modelName, reservedTo, exclusiveToApplicationId, exclusiveToClusterType, switchHostname,
- trustStoreItems, cloudAccount);
+ trustStoreItems, cloudAccount, wireguardPubKey);
}
/** Returns a node with the type assigned to the given value */
public Node with(NodeType type) {
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state, allocation, history, type,
reports, modelName, reservedTo, exclusiveToApplicationId, exclusiveToClusterType, switchHostname,
- trustStoreItems, cloudAccount);
+ trustStoreItems, cloudAccount, wireguardPubKey);
}
/** Returns a node with the flavor assigned to the given value */
@@ -335,28 +345,28 @@ public final class Node implements Nodelike {
History updateHistory = history.with(new History.Event(History.Event.Type.resized, agent, instant));
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state, allocation, updateHistory, type,
reports, modelName, reservedTo, exclusiveToApplicationId, exclusiveToClusterType, switchHostname,
- trustStoreItems, cloudAccount);
+ trustStoreItems, cloudAccount, wireguardPubKey);
}
/** Returns a copy of this with the reboot generation set to generation */
public Node withReboot(Generation generation) {
return new Node(id, ipConfig, hostname, parentHostname, flavor, status.withReboot(generation), state,
allocation, history, type, reports, modelName, reservedTo, exclusiveToApplicationId,
- exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount);
+ exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount, wireguardPubKey);
}
/** Returns a copy of this with given id set */
public Node withId(String id) {
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state,
allocation, history, type, reports, modelName, reservedTo, exclusiveToApplicationId,
- exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount);
+ exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount, wireguardPubKey);
}
/** Returns a copy of this with model name set to given value */
public Node withModelName(String modelName) {
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state,
allocation, history, type, reports, Optional.of(modelName), reservedTo, exclusiveToApplicationId,
- exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount);
+ exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount, wireguardPubKey);
}
/** Returns a copy of this with model name cleared */
@@ -364,7 +374,7 @@ public final class Node implements Nodelike {
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state,
allocation, history, type, reports, Optional.empty(), reservedTo,
exclusiveToApplicationId, exclusiveToClusterType, switchHostname, trustStoreItems,
- cloudAccount);
+ cloudAccount, wireguardPubKey);
}
/** Returns a copy of this with a history record saying it was detected to be down at this instant */
@@ -398,21 +408,21 @@ public final class Node implements Nodelike {
public Node with(Allocation allocation) {
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state,
Optional.of(allocation), history, type, reports, modelName, reservedTo, exclusiveToApplicationId,
- exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount);
+ exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount, wireguardPubKey);
}
/** Returns a copy of this node with IP config set to the given value. */
public Node with(IP.Config ipConfig) {
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state,
allocation, history, type, reports, modelName, reservedTo, exclusiveToApplicationId,
- exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount);
+ exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount, wireguardPubKey);
}
/** Returns a copy of this node with the parent hostname assigned to the given value. */
public Node withParentHostname(String parentHostname) {
return new Node(id, ipConfig, hostname, Optional.of(parentHostname), flavor, status, state,
allocation, history, type, reports, modelName, reservedTo, exclusiveToApplicationId,
- exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount);
+ exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount, wireguardPubKey);
}
public Node withReservedTo(TenantName tenant) {
@@ -420,7 +430,7 @@ public final class Node implements Nodelike {
throw new IllegalArgumentException("Only host nodes can be reserved, " + hostname + " has type " + type);
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state,
allocation, history, type, reports, modelName, Optional.of(tenant), exclusiveToApplicationId,
- exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount);
+ exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount, wireguardPubKey);
}
/** Returns a copy of this node which is not reserved to a tenant */
@@ -428,26 +438,27 @@ public final class Node implements Nodelike {
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state,
allocation, history, type, reports, modelName, Optional.empty(),
exclusiveToApplicationId, exclusiveToClusterType, switchHostname, trustStoreItems,
- cloudAccount);
+ cloudAccount, wireguardPubKey);
}
public Node withExclusiveToApplicationId(ApplicationId exclusiveTo) {
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state,
allocation, history, type, reports, modelName, reservedTo, Optional.ofNullable(exclusiveTo),
- exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount);
+ exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount, wireguardPubKey);
}
public Node withExclusiveToClusterType(ClusterSpec.Type exclusiveTo) {
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state,
allocation, history, type, reports, modelName, reservedTo, exclusiveToApplicationId,
- Optional.ofNullable(exclusiveTo), switchHostname, trustStoreItems, cloudAccount);
+ Optional.ofNullable(exclusiveTo), switchHostname, trustStoreItems, cloudAccount, wireguardPubKey);
}
/** Returns a copy of this node with switch hostname set to given value */
public Node withSwitchHostname(String switchHostname) {
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state,
allocation, history, type, reports, modelName, reservedTo, exclusiveToApplicationId,
- exclusiveToClusterType, Optional.ofNullable(switchHostname), trustStoreItems, cloudAccount);
+ exclusiveToClusterType, Optional.ofNullable(switchHostname), trustStoreItems, cloudAccount,
+ wireguardPubKey);
}
/** Returns a copy of this node with switch hostname unset */
@@ -500,19 +511,19 @@ public final class Node implements Nodelike {
public Node with(History history) {
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state,
allocation, history, type, reports, modelName, reservedTo, exclusiveToApplicationId,
- exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount);
+ exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount, wireguardPubKey);
}
public Node with(Reports reports) {
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state,
allocation, history, type, reports, modelName, reservedTo, exclusiveToApplicationId,
- exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount);
+ exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount, wireguardPubKey);
}
public Node with(List<TrustStoreItem> trustStoreItems) {
return new Node(id, ipConfig, hostname, parentHostname, flavor, status, state,
allocation, history, type, reports, modelName, reservedTo, exclusiveToApplicationId,
- exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount);
+ exclusiveToClusterType, switchHostname, trustStoreItems, cloudAccount, wireguardPubKey);
}
private static Optional<String> requireNonEmptyString(Optional<String> value, String message) {
@@ -654,6 +665,7 @@ public final class Node implements Nodelike {
private History history;
private List<TrustStoreItem> trustStoreItems;
private CloudAccount cloudAccount = CloudAccount.empty;
+ private WireguardKey wireguardPubKey;
private Builder(String id, String hostname, Flavor flavor, State state, NodeType type) {
this.id = id;
@@ -733,6 +745,11 @@ public final class Node implements Nodelike {
return this;
}
+ public Builder wireguardPubKey(WireguardKey wireguardPubKey) {
+ this.wireguardPubKey = wireguardPubKey;
+ return this;
+ }
+
public Node build() {
return new Node(id, Optional.ofNullable(ipConfig).orElse(IP.Config.EMPTY), hostname, Optional.ofNullable(parentHostname),
flavor, Optional.ofNullable(status).orElseGet(Status::initial), state, Optional.ofNullable(allocation),
@@ -740,7 +757,7 @@ public final class Node implements Nodelike {
Optional.ofNullable(modelName), Optional.ofNullable(reservedTo), Optional.ofNullable(exclusiveToApplicationId),
Optional.ofNullable(exclusiveToClusterType), Optional.ofNullable(switchHostname),
Optional.ofNullable(trustStoreItems).orElseGet(List::of),
- cloudAccount);
+ cloudAccount, Optional.ofNullable(wireguardPubKey));
}
}
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/persistence/CuratorDatabaseClient.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/persistence/CuratorDatabaseClient.java
index e5f02b38d29..7f24f5e862b 100644
--- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/persistence/CuratorDatabaseClient.java
+++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/persistence/CuratorDatabaseClient.java
@@ -210,7 +210,7 @@ public class CuratorDatabaseClient {
node.history().recordStateTransition(node.state(), toState, agent, clock.instant()),
node.type(), node.reports(), node.modelName(), node.reservedTo(),
node.exclusiveToApplicationId(), node.exclusiveToClusterType(), node.switchHostname(),
- node.trustedCertificates(), node.cloudAccount());
+ node.trustedCertificates(), node.cloudAccount(), node.wireguardPubKey());
writeNode(toState, curatorTransaction, node, newNode);
writtenNodes.add(newNode);
}
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/persistence/NodeSerializer.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/persistence/NodeSerializer.java
index ccc2f1e565e..3ee25c23f13 100644
--- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/persistence/NodeSerializer.java
+++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/persistence/NodeSerializer.java
@@ -19,6 +19,7 @@ import com.yahoo.config.provision.NodeFlavors;
import com.yahoo.config.provision.NodeResources;
import com.yahoo.config.provision.NodeType;
import com.yahoo.config.provision.TenantName;
+import com.yahoo.config.provision.WireguardKey;
import com.yahoo.config.provision.host.FlavorOverrides;
import com.yahoo.config.provision.serialization.NetworkPortsSerializer;
import com.yahoo.slime.ArrayTraverser;
@@ -100,6 +101,7 @@ public class NodeSerializer {
private static final String switchHostnameKey = "switchHostname";
private static final String trustedCertificatesKey = "trustedCertificates";
private static final String cloudAccountKey = "cloudAccount";
+ private static final String wireguardPubKeyKey = "wireguardPubkey";
// Node resource fields
private static final String flavorKey = "flavor";
@@ -197,6 +199,7 @@ public class NodeSerializer {
if (!node.cloudAccount().isUnspecified()) {
object.setString(cloudAccountKey, node.cloudAccount().value());
}
+ node.wireguardPubKey().ifPresent(pubKey -> object.setString(wireguardPubKeyKey, pubKey.value()));
}
private void toSlime(Flavor flavor, Cursor object) {
@@ -295,7 +298,8 @@ public class NodeSerializer {
SlimeUtils.optionalString(object.field(exclusiveToClusterTypeKey)).map(ClusterSpec.Type::from),
SlimeUtils.optionalString(object.field(switchHostnameKey)),
trustedCertificatesFromSlime(object),
- SlimeUtils.optionalString(object.field(cloudAccountKey)).map(CloudAccount::from).orElse(CloudAccount.empty));
+ SlimeUtils.optionalString(object.field(cloudAccountKey)).map(CloudAccount::from).orElse(CloudAccount.empty),
+ SlimeUtils.optionalString(object.field(wireguardPubKeyKey)).map(WireguardKey::from));
}
private Status statusFromSlime(Inspector object) {
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/provisioning/Activator.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/provisioning/Activator.java
index c2a6e4658f3..d7cd42f5c96 100644
--- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/provisioning/Activator.java
+++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/provisioning/Activator.java
@@ -257,7 +257,7 @@ class Activator {
node.parentHostname(), node.flavor(), node.status(), node.state(), node.allocation(), node.history(),
node.type(), node.reports(), node.modelName(), node.reservedTo(),
node.exclusiveToApplicationId(), node.exclusiveToClusterType(), node.switchHostname(),
- node.trustedCertificates(), cloudAccount);
+ node.trustedCertificates(), cloudAccount, node.wireguardPubKey());
}
}