diff options
Diffstat (limited to 'config-provisioning/src/main/java/com/yahoo/config')
4 files changed, 59 insertions, 4 deletions
diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/ApplicationId.java b/config-provisioning/src/main/java/com/yahoo/config/provision/ApplicationId.java index 49e0b0f478d..dd971ec5108 100644 --- a/config-provisioning/src/main/java/com/yahoo/config/provision/ApplicationId.java +++ b/config-provisioning/src/main/java/com/yahoo/config/provision/ApplicationId.java @@ -102,6 +102,10 @@ public class ApplicationId implements Comparable<ApplicationId> { return tenant.value() + ":" + application.value() + ":" + instance.value(); } + public String toSerializedFormWithoutInstance() { + return tenant.value() + ":" + application.value(); + } + @Override public String toString() { return toShortString(); } @@ -119,6 +123,11 @@ public class ApplicationId implements Comparable<ApplicationId> { return new ApplicationId(TenantName.defaultName(), ApplicationName.defaultName(), InstanceName.defaultName()); } + /** Returns a serialized form of tenant:application to be used with e.g Flags */ + public static String toSerializedForm(TenantName tenant, ApplicationName application) { + return tenant.value() + ":" + application.value(); + } + // TODO: kill this /** Returns a very special application id, which is not equal to any other id. */ public static ApplicationId global() { diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterSpec.java b/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterSpec.java index 830e47aa549..51fe16fb232 100644 --- a/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterSpec.java +++ b/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterSpec.java @@ -19,7 +19,7 @@ public final class ClusterSpec { private final Type type; private final Id id; - /** The group id of these hosts, or empty if this is represents a request for hosts */ + /** The group id of these hosts, or empty if this represents a request for hosts */ private final Optional<Group> groupId; private final Version vespaVersion; diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/WireguardKeyWithTimestamp.java b/config-provisioning/src/main/java/com/yahoo/config/provision/WireguardKeyWithTimestamp.java new file mode 100644 index 00000000000..ecc1cf71113 --- /dev/null +++ b/config-provisioning/src/main/java/com/yahoo/config/provision/WireguardKeyWithTimestamp.java @@ -0,0 +1,39 @@ +package com.yahoo.config.provision; + +import com.yahoo.jdisc.Timer; + +import java.time.Instant; +import java.time.temporal.ChronoUnit; +import java.util.Random; + +/** + * @author gjoranv + */ +public record WireguardKeyWithTimestamp(WireguardKey key, Instant timestamp) { + + public static final int KEY_ROTATION_BASE = 60; + public static final int KEY_ROTATION_VARIANCE = 10; + public static final int KEY_EXPIRY = KEY_ROTATION_BASE + KEY_ROTATION_VARIANCE + 5; + + public WireguardKeyWithTimestamp { + if (key == null) throw new IllegalArgumentException("Wireguard key cannot be null"); + if (timestamp == null) timestamp = Instant.EPOCH; + } + + public static WireguardKeyWithTimestamp from(String key, long msTimestamp) { + return new WireguardKeyWithTimestamp(WireguardKey.from(key), Instant.ofEpochMilli(msTimestamp)); + } + + public boolean isDueForRotation(Timer timer, ChronoUnit unit, Random random) { + return timer.currentTime().isAfter(keyRotationDueAt(unit, random)); + } + + public boolean hasExpired(Timer timer, ChronoUnit unit) { + return timer.currentTime().isAfter(timestamp.plus(KEY_EXPIRY, unit)); + } + + private Instant keyRotationDueAt(ChronoUnit unit, Random random) { + return timestamp.plus(KEY_ROTATION_BASE + random.nextInt(KEY_ROTATION_VARIANCE), unit); + } + +} diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/ZoneEndpoint.java b/config-provisioning/src/main/java/com/yahoo/config/provision/ZoneEndpoint.java index 5d5757ec79a..2959815dd28 100644 --- a/config-provisioning/src/main/java/com/yahoo/config/provision/ZoneEndpoint.java +++ b/config-provisioning/src/main/java/com/yahoo/config/provision/ZoneEndpoint.java @@ -14,9 +14,16 @@ public class ZoneEndpoint { /** * Endpoint service generation. - * Bump this to provision new services, whenever we change regional endpoint names. - * This will cause new endpoint services to be provisioned, with new domain names. - * TODO: wire multiple service IDs to and through the controller. + * <p> + * This is used to transition to a new set of endpoint services, with new domain names. + * The procedure is: + * <ol> + * <li>Start using new endpoint names (in controller code), for <em>all</em> applications.</li> + * <li>Bump the generation counter here; this causes new services to be provisioned.</li> + * <li>Controller configures the new services with the new endpoint names.</li> + * <li>Let users migrate to the new endpoint names.</li> + * <li>Currently missing: clean up obsolete, unused endpoint services.</li> + * </ol> */ public static final int generation = 0; public static final ZoneEndpoint defaultEndpoint = new ZoneEndpoint(true, false, List.of()); |