aboutsummaryrefslogtreecommitdiffstats
path: root/config-provisioning
diff options
context:
space:
mode:
Diffstat (limited to 'config-provisioning')
-rw-r--r--config-provisioning/src/main/java/com/yahoo/config/provision/ApplicationId.java9
-rw-r--r--config-provisioning/src/main/java/com/yahoo/config/provision/ClusterSpec.java2
-rw-r--r--config-provisioning/src/main/java/com/yahoo/config/provision/WireguardKeyWithTimestamp.java39
-rw-r--r--config-provisioning/src/main/java/com/yahoo/config/provision/ZoneEndpoint.java13
4 files changed, 59 insertions, 4 deletions
diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/ApplicationId.java b/config-provisioning/src/main/java/com/yahoo/config/provision/ApplicationId.java
index 49e0b0f478d..dd971ec5108 100644
--- a/config-provisioning/src/main/java/com/yahoo/config/provision/ApplicationId.java
+++ b/config-provisioning/src/main/java/com/yahoo/config/provision/ApplicationId.java
@@ -102,6 +102,10 @@ public class ApplicationId implements Comparable<ApplicationId> {
return tenant.value() + ":" + application.value() + ":" + instance.value();
}
+ public String toSerializedFormWithoutInstance() {
+ return tenant.value() + ":" + application.value();
+ }
+
@Override
public String toString() { return toShortString(); }
@@ -119,6 +123,11 @@ public class ApplicationId implements Comparable<ApplicationId> {
return new ApplicationId(TenantName.defaultName(), ApplicationName.defaultName(), InstanceName.defaultName());
}
+ /** Returns a serialized form of tenant:application to be used with e.g Flags */
+ public static String toSerializedForm(TenantName tenant, ApplicationName application) {
+ return tenant.value() + ":" + application.value();
+ }
+
// TODO: kill this
/** Returns a very special application id, which is not equal to any other id. */
public static ApplicationId global() {
diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterSpec.java b/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterSpec.java
index 830e47aa549..51fe16fb232 100644
--- a/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterSpec.java
+++ b/config-provisioning/src/main/java/com/yahoo/config/provision/ClusterSpec.java
@@ -19,7 +19,7 @@ public final class ClusterSpec {
private final Type type;
private final Id id;
- /** The group id of these hosts, or empty if this is represents a request for hosts */
+ /** The group id of these hosts, or empty if this represents a request for hosts */
private final Optional<Group> groupId;
private final Version vespaVersion;
diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/WireguardKeyWithTimestamp.java b/config-provisioning/src/main/java/com/yahoo/config/provision/WireguardKeyWithTimestamp.java
new file mode 100644
index 00000000000..ecc1cf71113
--- /dev/null
+++ b/config-provisioning/src/main/java/com/yahoo/config/provision/WireguardKeyWithTimestamp.java
@@ -0,0 +1,39 @@
+package com.yahoo.config.provision;
+
+import com.yahoo.jdisc.Timer;
+
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
+import java.util.Random;
+
+/**
+ * @author gjoranv
+ */
+public record WireguardKeyWithTimestamp(WireguardKey key, Instant timestamp) {
+
+ public static final int KEY_ROTATION_BASE = 60;
+ public static final int KEY_ROTATION_VARIANCE = 10;
+ public static final int KEY_EXPIRY = KEY_ROTATION_BASE + KEY_ROTATION_VARIANCE + 5;
+
+ public WireguardKeyWithTimestamp {
+ if (key == null) throw new IllegalArgumentException("Wireguard key cannot be null");
+ if (timestamp == null) timestamp = Instant.EPOCH;
+ }
+
+ public static WireguardKeyWithTimestamp from(String key, long msTimestamp) {
+ return new WireguardKeyWithTimestamp(WireguardKey.from(key), Instant.ofEpochMilli(msTimestamp));
+ }
+
+ public boolean isDueForRotation(Timer timer, ChronoUnit unit, Random random) {
+ return timer.currentTime().isAfter(keyRotationDueAt(unit, random));
+ }
+
+ public boolean hasExpired(Timer timer, ChronoUnit unit) {
+ return timer.currentTime().isAfter(timestamp.plus(KEY_EXPIRY, unit));
+ }
+
+ private Instant keyRotationDueAt(ChronoUnit unit, Random random) {
+ return timestamp.plus(KEY_ROTATION_BASE + random.nextInt(KEY_ROTATION_VARIANCE), unit);
+ }
+
+}
diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/ZoneEndpoint.java b/config-provisioning/src/main/java/com/yahoo/config/provision/ZoneEndpoint.java
index 5d5757ec79a..2959815dd28 100644
--- a/config-provisioning/src/main/java/com/yahoo/config/provision/ZoneEndpoint.java
+++ b/config-provisioning/src/main/java/com/yahoo/config/provision/ZoneEndpoint.java
@@ -14,9 +14,16 @@ public class ZoneEndpoint {
/**
* Endpoint service generation.
- * Bump this to provision new services, whenever we change regional endpoint names.
- * This will cause new endpoint services to be provisioned, with new domain names.
- * TODO: wire multiple service IDs to and through the controller.
+ * <p>
+ * This is used to transition to a new set of endpoint services, with new domain names.
+ * The procedure is:
+ * <ol>
+ * <li>Start using new endpoint names (in controller code), for <em>all</em> applications.</li>
+ * <li>Bump the generation counter here; this causes new services to be provisioned.</li>
+ * <li>Controller configures the new services with the new endpoint names.</li>
+ * <li>Let users migrate to the new endpoint names.</li>
+ * <li>Currently missing: clean up obsolete, unused endpoint services.</li>
+ * </ol>
*/
public static final int generation = 0;
public static final ZoneEndpoint defaultEndpoint = new ZoneEndpoint(true, false, List.of());