diff options
3 files changed, 8 insertions, 28 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/RoutingController.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/RoutingController.java index 46c4d9d22b2..04209c8ea07 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/RoutingController.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/RoutingController.java @@ -72,7 +72,6 @@ public class RoutingController { private final RoutingPolicies routingPolicies; private final RotationRepository rotationRepository; private final BooleanFlag hideSharedRoutingEndpoint; - private final BooleanFlag legacyEndpointInCertificate; public RoutingController(Controller controller, RotationsConfig rotationsConfig) { this.controller = Objects.requireNonNull(controller, "controller must be non-null"); @@ -81,7 +80,6 @@ public class RoutingController { controller.applications(), controller.curator()); this.hideSharedRoutingEndpoint = Flags.HIDE_SHARED_ROUTING_ENDPOINT.bindTo(controller.flagSource()); - this.legacyEndpointInCertificate = Flags.LEGACY_ENDPOINT_IN_CERTIFICATE.bindTo(controller.flagSource()); } public RoutingPolicies policies() { @@ -178,13 +176,9 @@ public class RoutingController { // Build all endpoints for (var builder : builders) { - builder = builder.routingMethod(RoutingMethod.exclusive) - .on(Port.tls()); - Endpoint endpoint = builder.in(controller.system()); - if (includeLegacyEndpoint(deployment.applicationId(), controller.system())) { - Endpoint legacyEndpoint = builder.legacy().in(controller.system()); - endpointDnsNames.add(legacyEndpoint.dnsName()); - } + Endpoint endpoint = builder.routingMethod(RoutingMethod.exclusive) + .on(Port.tls()) + .in(controller.system()); endpointDnsNames.add(endpoint.dnsName()); } return Collections.unmodifiableList(endpointDnsNames); @@ -394,13 +388,7 @@ public class RoutingController { private String commonNameHashOf(ApplicationId application, SystemName system) { HashCode sha1 = Hashing.sha1().hashString(application.serializedForm(), StandardCharsets.UTF_8); String base32 = BaseEncoding.base32().omitPadding().lowerCase().encode(sha1.asBytes()); - return 'v' + base32 + Endpoint.internalDnsSuffix(system, includeLegacyEndpoint(application, system)); - } - - private boolean includeLegacyEndpoint(ApplicationId application, SystemName system) { - return system.isPublic() && legacyEndpointInCertificate.with(FetchVector.Dimension.APPLICATION_ID, - application.serializedForm()) - .value(); + return 'v' + base32 + Endpoint.internalDnsSuffix(system); } /** Returns direct routing endpoints if any exist and feature flag is set for given application */ diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/Endpoint.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/Endpoint.java index a98e88210d2..f07df0bb501 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/Endpoint.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/Endpoint.java @@ -250,7 +250,7 @@ public class Endpoint { } /** Returns the DNS suffix used for endpoints in given system */ - public static String dnsSuffix(SystemName system, boolean legacy) { + private static String dnsSuffix(SystemName system, boolean legacy) { switch (system) { case cd: case main: @@ -267,10 +267,9 @@ public class Endpoint { } /** Returns the DNS suffix used for internal names (i.e. names not exposed to tenants) in given system */ - public static String internalDnsSuffix(SystemName system, boolean legacy) { - // TODO(mpolden): Stop exposing legacy parameter after legacy endpoints in public are completely removed - String suffix = dnsSuffix(system, legacy); - if (system.isPublic() && !legacy) { + public static String internalDnsSuffix(SystemName system) { + String suffix = dnsSuffix(system, false); + if (system.isPublic()) { // Certificate provider requires special approval for three-level DNS names, e.g. foo.vespa-app.cloud. // To avoid this in public we always add an extra level. return ".internal" + suffix; diff --git a/flags/src/main/java/com/yahoo/vespa/flags/Flags.java b/flags/src/main/java/com/yahoo/vespa/flags/Flags.java index 67c4d3d4218..c1feadf2d43 100644 --- a/flags/src/main/java/com/yahoo/vespa/flags/Flags.java +++ b/flags/src/main/java/com/yahoo/vespa/flags/Flags.java @@ -346,13 +346,6 @@ public class Flags { "Takes effect on restart of Docker container", APPLICATION_ID); - public static final UnboundBooleanFlag LEGACY_ENDPOINT_IN_CERTIFICATE = defineFeatureFlag( - "legacy-endpoint-in-certificate", false, - List.of("mpolden"), "2021-10-26", "2021-12-01", - "Whether to include legacy endpoint names in issued certificates", - "Takes effect on deployment through controller", - APPLICATION_ID); - /** WARNING: public for testing: All flags should be defined in {@link Flags}. */ public static UnboundBooleanFlag defineFeatureFlag(String flagId, boolean defaultValue, List<String> owners, String createdAt, String expiresAt, String description, |