diff options
Diffstat (limited to 'configserver/src/main')
11 files changed, 81 insertions, 106 deletions
diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/GlobalComponentRegistry.java b/configserver/src/main/java/com/yahoo/vespa/config/server/GlobalComponentRegistry.java index 1eb18773898..49a61eb8dee 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/GlobalComponentRegistry.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/GlobalComponentRegistry.java @@ -1,4 +1,4 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +// Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.config.server; import com.yahoo.cloud.config.ConfigserverConfig; @@ -9,7 +9,7 @@ import com.yahoo.config.provision.TenantName; import com.yahoo.config.provision.Zone; import com.yahoo.container.jdisc.secretstore.SecretStore; import com.yahoo.vespa.config.server.application.PermanentApplicationPackage; -import com.yahoo.vespa.config.server.host.HostRegistries; +import com.yahoo.vespa.config.server.host.HostRegistry; import com.yahoo.vespa.config.server.modelfactory.ModelFactoryRegistry; import com.yahoo.vespa.config.server.monitoring.Metrics; import com.yahoo.vespa.config.server.session.SessionPreparer; @@ -38,7 +38,6 @@ public interface GlobalComponentRegistry { ReloadListener getReloadListener(); ConfigDefinitionRepo getStaticConfigDefinitionRepo(); PermanentApplicationPackage getPermanentApplicationPackage(); - HostRegistries getHostRegistries(); ModelFactoryRegistry getModelFactoryRegistry(); Optional<Provisioner> getHostProvisioner(); Zone getZone(); diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/InjectedGlobalComponentRegistry.java b/configserver/src/main/java/com/yahoo/vespa/config/server/InjectedGlobalComponentRegistry.java index 9badd19009f..5760eae866c 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/InjectedGlobalComponentRegistry.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/InjectedGlobalComponentRegistry.java @@ -1,4 +1,4 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +// Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.config.server; import com.google.inject.Inject; @@ -11,7 +11,7 @@ import com.yahoo.config.provision.TenantName; import com.yahoo.config.provision.Zone; import com.yahoo.container.jdisc.secretstore.SecretStore; import com.yahoo.vespa.config.server.application.PermanentApplicationPackage; -import com.yahoo.vespa.config.server.host.HostRegistries; +import com.yahoo.vespa.config.server.host.HostRegistry; import com.yahoo.vespa.config.server.modelfactory.ModelFactoryRegistry; import com.yahoo.vespa.config.server.monitoring.Metrics; import com.yahoo.vespa.config.server.provision.HostProvisionerProvider; @@ -44,7 +44,6 @@ public class InjectedGlobalComponentRegistry implements GlobalComponentRegistry private final ConfigserverConfig configserverConfig; private final ConfigDefinitionRepo staticConfigDefinitionRepo; private final PermanentApplicationPackage permanentApplicationPackage; - private final HostRegistries hostRegistries; private final Optional<Provisioner> hostProvisioner; private final Zone zone; private final ConfigServerDB configServerDB; @@ -52,6 +51,7 @@ public class InjectedGlobalComponentRegistry implements GlobalComponentRegistry private final SecretStore secretStore; private final StripedExecutor<TenantName> zkWatcherExecutor; private final ExecutorService zkCacheExecutor; + private final HostRegistry hostRegistry; @SuppressWarnings("WeakerAccess") @Inject @@ -62,15 +62,14 @@ public class InjectedGlobalComponentRegistry implements GlobalComponentRegistry SessionPreparer sessionPreparer, RpcServer rpcServer, ConfigserverConfig configserverConfig, - SuperModelGenerationCounter superModelGenerationCounter, ConfigDefinitionRepo staticConfigDefinitionRepo, PermanentApplicationPackage permanentApplicationPackage, - HostRegistries hostRegistries, HostProvisionerProvider hostProvisionerProvider, Zone zone, ConfigServerDB configServerDB, FlagSource flagSource, - SecretStore secretStore) { + SecretStore secretStore, + HostRegistry hostRegistry) { this.curator = curator; this.configCurator = configCurator; this.metrics = metrics; @@ -80,7 +79,6 @@ public class InjectedGlobalComponentRegistry implements GlobalComponentRegistry this.configserverConfig = configserverConfig; this.staticConfigDefinitionRepo = staticConfigDefinitionRepo; this.permanentApplicationPackage = permanentApplicationPackage; - this.hostRegistries = hostRegistries; this.hostProvisioner = hostProvisionerProvider.getHostProvisioner(); this.zone = zone; this.configServerDB = configServerDB; @@ -88,6 +86,7 @@ public class InjectedGlobalComponentRegistry implements GlobalComponentRegistry this.secretStore = secretStore; this.zkWatcherExecutor = new StripedExecutor<>(); this.zkCacheExecutor = Executors.newFixedThreadPool(1, ThreadFactoryFactory.getThreadFactory(TenantRepository.class.getName())); + this.hostRegistry = hostRegistry; } @Override @@ -109,8 +108,6 @@ public class InjectedGlobalComponentRegistry implements GlobalComponentRegistry @Override public PermanentApplicationPackage getPermanentApplicationPackage() { return permanentApplicationPackage; } @Override - public HostRegistries getHostRegistries() { return hostRegistries; } - @Override public ModelFactoryRegistry getModelFactoryRegistry() { return modelFactoryRegistry; } @Override @@ -146,4 +143,5 @@ public class InjectedGlobalComponentRegistry implements GlobalComponentRegistry public SecretStore getSecretStore() { return secretStore; } + } diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/ReloadListener.java b/configserver/src/main/java/com/yahoo/vespa/config/server/ReloadListener.java index 773a4862033..7cdb596780a 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/ReloadListener.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/ReloadListener.java @@ -1,8 +1,7 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +// Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.config.server; import com.yahoo.config.provision.ApplicationId; -import com.yahoo.config.provision.TenantName; import com.yahoo.vespa.config.server.application.ApplicationSet; import java.util.Collection; @@ -17,21 +16,21 @@ import java.util.Collection; public interface ReloadListener { /** - * Signal the listener that hosts used by by a particular tenant. + * Signals the listener that hosts used by a particular tenant. * - * @param tenant Name of tenant. + * @param applicationId application id * @param newHosts a {@link Collection} of hosts used by tenant. */ - void hostsUpdated(TenantName tenant, Collection<String> newHosts); + void hostsUpdated(ApplicationId applicationId, Collection<String> newHosts); /** - * Verify that given hosts are available for use by tenant. + * Verifies that given hosts are available for use by tenant. * - * @param tenant tenant that wants to allocate hosts. + * @param applicationId application id * @param newHosts a {@link java.util.Collection} of hosts that tenant wants to allocate. * @throws java.lang.IllegalArgumentException if one or more of the hosts are in use by another tenant. */ - void verifyHostsAreAvailable(TenantName tenant, Collection<String> newHosts); + void verifyHostsAreAvailable(ApplicationId applicationId, Collection<String> newHosts); /** * Configs has been activated for an application: Either an application diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/application/TenantApplications.java b/configserver/src/main/java/com/yahoo/vespa/config/server/application/TenantApplications.java index 5a34217dbdd..0e5315c0dcc 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/application/TenantApplications.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/application/TenantApplications.java @@ -27,7 +27,6 @@ import com.yahoo.vespa.curator.Curator; import com.yahoo.vespa.curator.Lock; import com.yahoo.vespa.curator.transaction.CuratorTransaction; import org.apache.curator.framework.CuratorFramework; -import org.apache.curator.framework.recipes.cache.ChildData; import org.apache.curator.framework.recipes.cache.PathChildrenCacheEvent; import java.nio.file.Files; @@ -62,7 +61,7 @@ public class TenantApplications implements RequestHandler, HostValidator<Applica private final TenantName tenant; private final ReloadListener reloadListener; private final ConfigResponseFactory responseFactory; - private final HostRegistry<ApplicationId> hostRegistry; + private final HostRegistry hostRegistry; private final ApplicationMapper applicationMapper = new ApplicationMapper(); private final MetricUpdater tenantMetricUpdater; private final Clock clock; @@ -70,7 +69,7 @@ public class TenantApplications implements RequestHandler, HostValidator<Applica public TenantApplications(TenantName tenant, Curator curator, StripedExecutor<TenantName> zkWatcherExecutor, ExecutorService zkCacheExecutor, Metrics metrics, ReloadListener reloadListener, - ConfigserverConfig configserverConfig, HostRegistry<ApplicationId> hostRegistry, + ConfigserverConfig configserverConfig, HostRegistry hostRegistry, TenantFileSystemDirs tenantFileSystemDirs, Clock clock) { this.database = new ApplicationCuratorDatabase(tenant, curator); this.tenant = tenant; @@ -88,7 +87,7 @@ public class TenantApplications implements RequestHandler, HostValidator<Applica } // For testing only - public static TenantApplications create(GlobalComponentRegistry componentRegistry, TenantName tenantName) { + public static TenantApplications create(GlobalComponentRegistry componentRegistry, HostRegistry hostRegistry, TenantName tenantName) { return new TenantApplications(tenantName, componentRegistry.getCurator(), componentRegistry.getZkWatcherExecutor(), @@ -96,7 +95,7 @@ public class TenantApplications implements RequestHandler, HostValidator<Applica componentRegistry.getMetrics(), componentRegistry.getReloadListener(), componentRegistry.getConfigserverConfig(), - componentRegistry.getHostRegistries().createApplicationHostRegistry(tenantName), + hostRegistry, new TenantFileSystemDirs(componentRegistry.getConfigServerDB(), tenantName), componentRegistry.getClock()); } @@ -222,7 +221,10 @@ public class TenantApplications implements RequestHandler, HostValidator<Applica } private void notifyReloadListeners(ApplicationSet applicationSet) { - reloadListener.hostsUpdated(tenant, hostRegistry.getAllHosts()); + if (applicationSet.getAllApplications().isEmpty()) throw new IllegalArgumentException("application set cannot be empty"); + + reloadListener.hostsUpdated(applicationSet.getAllApplications().get(0).toApplicationInfo().getApplicationId(), + applicationSet.getAllHosts()); reloadListener.configActivated(applicationSet); } @@ -271,7 +273,7 @@ public class TenantApplications implements RequestHandler, HostValidator<Applica } private void reloadListenersOnRemove(ApplicationId applicationId) { - reloadListener.hostsUpdated(tenant, hostRegistry.getAllHosts()); + reloadListener.hostsUpdated(applicationId, hostRegistry.getHostsForKey(applicationId)); reloadListener.applicationRemoved(applicationId); } @@ -382,9 +384,9 @@ public class TenantApplications implements RequestHandler, HostValidator<Applica } @Override - public void verifyHosts(ApplicationId key, Collection<String> newHosts) { - hostRegistry.verifyHosts(key, newHosts); - reloadListener.verifyHostsAreAvailable(tenant, newHosts); + public void verifyHosts(ApplicationId applicationId, Collection<String> newHosts) { + hostRegistry.verifyHosts(applicationId, newHosts); + reloadListener.verifyHostsAreAvailable(applicationId, newHosts); } public HostValidator<ApplicationId> getHostValidator() { diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/host/HostRegistries.java b/configserver/src/main/java/com/yahoo/vespa/config/server/host/HostRegistries.java deleted file mode 100644 index c25ab0315a3..00000000000 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/host/HostRegistries.java +++ /dev/null @@ -1,34 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.config.server.host; - -import com.yahoo.config.provision.ApplicationId; -import com.yahoo.config.provision.TenantName; - -import java.util.Map; -import java.util.concurrent.ConcurrentHashMap; - -/** - * Component to hold host registries. - * - * @author hmusum - */ -public class HostRegistries { - - private final HostRegistry<TenantName> tenantHostRegistry = new HostRegistry<>(); - private final Map<TenantName, HostRegistry<ApplicationId>> applicationHostRegistries = new ConcurrentHashMap<>(); - - public HostRegistry<TenantName> getTenantHostRegistry() { - return tenantHostRegistry; - } - - public HostRegistry<ApplicationId> getApplicationHostRegistry(TenantName tenant) { - return applicationHostRegistries.get(tenant); - } - - public HostRegistry<ApplicationId> createApplicationHostRegistry(TenantName tenant) { - HostRegistry<ApplicationId> applicationIdHostRegistry = new HostRegistry<>(); - applicationHostRegistries.put(tenant, applicationIdHostRegistry); - return applicationIdHostRegistry; - } - -} diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/host/HostRegistry.java b/configserver/src/main/java/com/yahoo/vespa/config/server/host/HostRegistry.java index ec37f2598e0..d45764295dd 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/host/HostRegistry.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/host/HostRegistry.java @@ -1,12 +1,18 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +// Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.config.server.host; -import java.util.*; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Collections; +import java.util.Map; import java.util.concurrent.ConcurrentHashMap; import java.util.logging.Logger; import java.util.stream.Collectors; import com.google.common.collect.Collections2; +import com.yahoo.config.provision.ApplicationId; +import com.yahoo.config.provision.TenantName; + import java.util.logging.Level; /** @@ -15,20 +21,20 @@ import java.util.logging.Level; * * @author Ulf Lilleengen */ -public class HostRegistry<T> implements HostValidator<T> { +public class HostRegistry implements HostValidator<ApplicationId> { private static final Logger log = Logger.getLogger(HostRegistry.class.getName()); - private final Map<String, T> host2KeyMap = new ConcurrentHashMap<>(); + private final Map<String, ApplicationId> host2KeyMap = new ConcurrentHashMap<>(); - public T getKeyForHost(String hostName) { + public ApplicationId getKeyForHost(String hostName) { return host2KeyMap.get(hostName); } - public synchronized void update(T key, Collection<String> newHosts) { + public synchronized void update(ApplicationId key, Collection<String> newHosts) { verifyHosts(key, newHosts); Collection<String> currentHosts = getHostsForKey(key); - log.log(Level.FINE, () -> "Setting hosts for key '" + key + "', " + + log.log(Level.INFO, () -> "Setting hosts for key '" + key + "', " + "newHosts: " + newHosts + ", " + "currentHosts: " + currentHosts); Collection<String> removedHosts = getRemovedHosts(newHosts, currentHosts); @@ -37,7 +43,7 @@ public class HostRegistry<T> implements HostValidator<T> { } @Override - public synchronized void verifyHosts(T key, Collection<String> newHosts) { + public synchronized void verifyHosts(ApplicationId key, Collection<String> newHosts) { for (String host : newHosts) { if (hostAlreadyTaken(host, key)) { throw new IllegalArgumentException("'" + key + "' tried to allocate host '" + host + @@ -46,22 +52,26 @@ public class HostRegistry<T> implements HostValidator<T> { } } - public synchronized void removeHostsForKey(T key) { + public synchronized void removeHostsForKey(ApplicationId key) { host2KeyMap.entrySet().removeIf(entry -> entry.getValue().equals(key)); } + public synchronized void removeHostsForKey(TenantName key) { + host2KeyMap.entrySet().removeIf(entry -> entry.getValue().tenant().equals(key)); + } + public synchronized Collection<String> getAllHosts() { return Collections.unmodifiableCollection(new ArrayList<>(host2KeyMap.keySet())); } - synchronized Collection<String> getHostsForKey(T key) { + public synchronized Collection<String> getHostsForKey(ApplicationId key) { return host2KeyMap.entrySet().stream() .filter(entry -> entry.getValue().equals(key)) .map(Map.Entry::getKey) .collect(Collectors.toSet()); } - private boolean hostAlreadyTaken(String host, T key) { + private boolean hostAlreadyTaken(String host, ApplicationId key) { return host2KeyMap.containsKey(host) && !key.equals(host2KeyMap.get(host)); } @@ -76,7 +86,7 @@ public class HostRegistry<T> implements HostValidator<T> { } } - private void addHosts(T key, Collection<String> newHosts) { + private void addHosts(ApplicationId key, Collection<String> newHosts) { for (String host : newHosts) { log.log(Level.FINE, () -> "Adding " + host); host2KeyMap.put(host, key); diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/RpcServer.java b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/RpcServer.java index e64859e7267..370ae72bbbd 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/RpcServer.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/RpcServer.java @@ -34,7 +34,6 @@ import com.yahoo.vespa.config.server.RequestHandler; import com.yahoo.vespa.config.server.SuperModelRequestHandler; import com.yahoo.vespa.config.server.application.ApplicationSet; import com.yahoo.vespa.config.server.filedistribution.FileServer; -import com.yahoo.vespa.config.server.host.HostRegistries; import com.yahoo.vespa.config.server.host.HostRegistry; import com.yahoo.vespa.config.server.monitoring.MetricUpdater; import com.yahoo.vespa.config.server.monitoring.MetricUpdaterFactory; @@ -92,7 +91,7 @@ public class RpcServer implements Runnable, ReloadListener, TenantListener { private final DelayedConfigResponses delayedConfigResponses; - private final HostRegistry<TenantName> hostRegistry; + private final HostRegistry hostRegistry; private final Map<TenantName, Tenant> tenants = new ConcurrentHashMap<>(); private final Map<ApplicationId, ApplicationState> applicationStateMap = new ConcurrentHashMap<>(); private final SuperModelRequestHandler superModelRequestHandler; @@ -122,7 +121,7 @@ public class RpcServer implements Runnable, ReloadListener, TenantListener { */ @Inject public RpcServer(ConfigserverConfig config, SuperModelRequestHandler superModelRequestHandler, - MetricUpdaterFactory metrics, HostRegistries hostRegistries, + MetricUpdaterFactory metrics, HostRegistry hostRegistry, HostLivenessTracker hostLivenessTracker, FileServer fileServer, RpcAuthorizer rpcAuthorizer, RpcRequestHandlerProvider handlerProvider) { this.superModelRequestHandler = superModelRequestHandler; @@ -136,7 +135,7 @@ public class RpcServer implements Runnable, ReloadListener, TenantListener { 0, TimeUnit.SECONDS, workQueue, ThreadFactoryFactory.getDaemonThreadFactory(THREADPOOL_NAME)); delayedConfigResponses = new DelayedConfigResponses(this, config.numDelayedResponseThreads()); spec = new Spec(null, config.rpcport()); - hostRegistry = hostRegistries.getTenantHostRegistry(); + this.hostRegistry = hostRegistry; this.useRequestVersion = config.useVespaVersionInRequest(); this.hostedVespa = config.hostedVespa(); this.canReturnEmptySentinelConfig = config.canReturnEmptySentinelConfig(); @@ -303,14 +302,14 @@ public class RpcServer implements Runnable, ReloadListener, TenantListener { } @Override - public void hostsUpdated(TenantName tenant, Collection<String> newHosts) { + public void hostsUpdated(ApplicationId applicationId, Collection<String> newHosts) { log.log(Level.FINE, "Updating hosts in tenant host registry '" + hostRegistry + "' with " + newHosts); - hostRegistry.update(tenant, newHosts); + hostRegistry.update(applicationId, newHosts); } @Override - public void verifyHostsAreAvailable(TenantName tenant, Collection<String> newHosts) { - hostRegistry.verifyHosts(tenant, newHosts); + public void verifyHostsAreAvailable(ApplicationId applicationId, Collection<String> newHosts) { + hostRegistry.verifyHosts(applicationId, newHosts); } @Override @@ -334,8 +333,8 @@ public class RpcServer implements Runnable, ReloadListener, TenantListener { Optional<TenantName> resolveTenant(JRTServerConfigRequest request, Trace trace) { if ("*".equals(request.getConfigKey().getConfigId())) return Optional.of(ApplicationId.global().tenant()); String hostname = request.getClientHostName(); - TenantName tenant = hostRegistry.getKeyForHost(hostname); - if (tenant == null) { + ApplicationId applicationId = hostRegistry.getKeyForHost(hostname); + if (applicationId == null) { if (GetConfigProcessor.logDebug(trace)) { String message = "Did not find tenant for host '" + hostname + "', using " + TenantName.defaultName(); log.log(Level.FINE, message); @@ -344,7 +343,7 @@ public class RpcServer implements Runnable, ReloadListener, TenantListener { } return Optional.empty(); } - return Optional.of(tenant); + return Optional.of(applicationId.tenant()); } public ConfigResponse resolveConfig(JRTServerConfigRequest request, GetConfigContext context, Optional<Version> vespaVersion) { @@ -425,7 +424,8 @@ public class RpcServer implements Runnable, ReloadListener, TenantListener { @Override public void onTenantDelete(TenantName tenant) { - log.log(Level.FINE, TenantRepository.logPre(tenant)+"Tenant deleted, removing request handler and cleaning host registry"); + log.log(Level.FINE, TenantRepository.logPre(tenant) + + "Tenant deleted, removing request handler and cleaning host registry"); tenants.remove(tenant); hostRegistry.removeHostsForKey(tenant); } diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java index 8d1d4f58e37..b00b6db4226 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java @@ -1,4 +1,4 @@ -// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +// Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.config.server.rpc.security; import com.google.inject.Inject; @@ -6,7 +6,7 @@ import com.yahoo.cloud.config.ConfigserverConfig; import com.yahoo.config.provision.security.NodeIdentifier; import com.yahoo.container.di.componentgraph.Provider; import com.yahoo.security.tls.TransportSecurityUtils; -import com.yahoo.vespa.config.server.host.HostRegistries; +import com.yahoo.vespa.config.server.host.HostRegistry; import com.yahoo.vespa.config.server.rpc.RequestHandlerProvider; /** @@ -21,13 +21,13 @@ public class DefaultRpcAuthorizerProvider implements Provider<RpcAuthorizer> { @Inject public DefaultRpcAuthorizerProvider(ConfigserverConfig config, NodeIdentifier nodeIdentifier, - HostRegistries hostRegistries, + HostRegistry hostRegistry, RequestHandlerProvider handlerProvider) { boolean useMultiTenantAuthorizer = TransportSecurityUtils.isTransportSecurityEnabled() && config.multitenant() && config.hostedVespa(); this.rpcAuthorizer = useMultiTenantAuthorizer - ? new MultiTenantRpcAuthorizer(nodeIdentifier, hostRegistries, handlerProvider, getThreadPoolSize(config)) + ? new MultiTenantRpcAuthorizer(nodeIdentifier, hostRegistry, handlerProvider, getThreadPoolSize(config)) : new NoopRpcAuthorizer(); } diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java index 49a8df3d0e4..8353e3fab1f 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java @@ -1,4 +1,4 @@ -// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +// Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.config.server.rpc.security; import com.yahoo.cloud.config.SentinelConfig; @@ -16,7 +16,6 @@ import com.yahoo.security.tls.TransportSecurityUtils; import com.yahoo.vespa.config.ConfigKey; import com.yahoo.vespa.config.protocol.JRTServerConfigRequestV3; import com.yahoo.vespa.config.server.RequestHandler; -import com.yahoo.vespa.config.server.host.HostRegistries; import com.yahoo.vespa.config.server.host.HostRegistry; import com.yahoo.vespa.config.server.rpc.RequestHandlerProvider; @@ -34,7 +33,6 @@ import java.util.logging.Logger; import static com.yahoo.vespa.config.server.rpc.security.AuthorizationException.Type; import static com.yahoo.yolean.Exceptions.throwUnchecked; - /** * A {@link RpcAuthorizer} that perform access control for configserver RPC methods when TLS and multi-tenant mode are enabled. * @@ -45,22 +43,22 @@ public class MultiTenantRpcAuthorizer implements RpcAuthorizer { private static final Logger log = Logger.getLogger(MultiTenantRpcAuthorizer.class.getName()); private final NodeIdentifier nodeIdentifier; - private final HostRegistry<TenantName> hostRegistry; + private final HostRegistry hostRegistry; private final RequestHandlerProvider handlerProvider; private final Executor executor; public MultiTenantRpcAuthorizer(NodeIdentifier nodeIdentifier, - HostRegistries hostRegistries, + HostRegistry hostRegistry, RequestHandlerProvider handlerProvider, int threadPoolSize) { this(nodeIdentifier, - hostRegistries.getTenantHostRegistry(), + hostRegistry, handlerProvider, Executors.newFixedThreadPool(threadPoolSize, new DaemonThreadFactory("multi-tenant-rpc-authorizer-"))); } MultiTenantRpcAuthorizer(NodeIdentifier nodeIdentifier, - HostRegistry<TenantName> hostRegistry, + HostRegistry hostRegistry, RequestHandlerProvider handlerProvider, Executor executor) { this.nodeIdentifier = nodeIdentifier; @@ -108,14 +106,14 @@ public class MultiTenantRpcAuthorizer implements RpcAuthorizer { return; // global config access ok } else { String hostname = configRequest.getClientHostName(); - Optional<TenantName> tenantName = Optional.ofNullable(hostRegistry.getKeyForHost(hostname)); - if (tenantName.isEmpty()) { + ApplicationId applicationId = hostRegistry.getKeyForHost(hostname); + if (applicationId == null) { if (isConfigKeyForSentinelConfig(configKey)) { return; // config processor will return empty sentinel config for unknown nodes } throw new AuthorizationException(Type.SILENT, String.format("Host '%s' not found in host registry for [%s]", hostname, configKey)); } - RequestHandler tenantHandler = getTenantHandler(tenantName.get()); + RequestHandler tenantHandler = getTenantHandler(applicationId.tenant()); ApplicationId resolvedApplication = tenantHandler.resolveApplicationId(hostname); ApplicationId peerOwner = applicationId(peerIdentity); if (peerOwner.equals(resolvedApplication)) { diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/tenant/TenantRepository.java b/configserver/src/main/java/com/yahoo/vespa/config/server/tenant/TenantRepository.java index 5c15b72eaac..a2fa7851173 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/tenant/TenantRepository.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/tenant/TenantRepository.java @@ -1,4 +1,4 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +// Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.config.server.tenant; import com.google.common.collect.ImmutableSet; @@ -14,6 +14,7 @@ import com.yahoo.transaction.Transaction; import com.yahoo.vespa.config.server.GlobalComponentRegistry; import com.yahoo.vespa.config.server.application.TenantApplications; import com.yahoo.vespa.config.server.deploy.TenantFileSystemDirs; +import com.yahoo.vespa.config.server.host.HostRegistry; import com.yahoo.vespa.config.server.monitoring.MetricUpdater; import com.yahoo.vespa.config.server.session.SessionRepository; import com.yahoo.vespa.curator.Curator; @@ -78,6 +79,7 @@ public class TenantRepository { private final Map<TenantName, Tenant> tenants = Collections.synchronizedMap(new LinkedHashMap<>()); private final GlobalComponentRegistry componentRegistry; + private final HostRegistry hostRegistry; private final List<TenantListener> tenantListeners = Collections.synchronizedList(new ArrayList<>()); private final Curator curator; @@ -95,8 +97,9 @@ public class TenantRepository { * @param componentRegistry a {@link com.yahoo.vespa.config.server.GlobalComponentRegistry} */ @Inject - public TenantRepository(GlobalComponentRegistry componentRegistry) { + public TenantRepository(GlobalComponentRegistry componentRegistry, HostRegistry hostRegistry) { this.componentRegistry = componentRegistry; + this.hostRegistry = hostRegistry; ConfigserverConfig configserverConfig = componentRegistry.getConfigserverConfig(); this.bootstrapExecutor = Executors.newFixedThreadPool(configserverConfig.numParallelTenantLoaders(), new DaemonThreadFactory("bootstrap tenants")); @@ -228,7 +231,7 @@ public class TenantRepository { componentRegistry.getMetrics(), componentRegistry.getReloadListener(), componentRegistry.getConfigserverConfig(), - componentRegistry.getHostRegistries().createApplicationHostRegistry(tenantName), + hostRegistry, new TenantFileSystemDirs(componentRegistry.getConfigServerDB(), tenantName), componentRegistry.getClock()); SessionRepository sessionRepository = new SessionRepository(tenantName, diff --git a/configserver/src/main/resources/configserver-app/services.xml b/configserver/src/main/resources/configserver-app/services.xml index dac10ac4e59..00c65644e47 100644 --- a/configserver/src/main/resources/configserver-app/services.xml +++ b/configserver/src/main/resources/configserver-app/services.xml @@ -27,7 +27,7 @@ <component id="com.yahoo.vespa.config.server.InjectedGlobalComponentRegistry" bundle="configserver" /> <component id="com.yahoo.vespa.config.server.tenant.TenantRepository" bundle="configserver" /> <component id="com.yahoo.vespa.config.server.application.PermanentApplicationPackage" bundle="configserver" /> - <component id="com.yahoo.vespa.config.server.host.HostRegistries" bundle="configserver" /> + <component id="com.yahoo.vespa.config.server.host.HostRegistry" bundle="configserver" /> <component id="com.yahoo.vespa.config.server.ApplicationRepository" bundle="configserver" /> <component id="com.yahoo.vespa.config.server.version.VersionState" bundle="configserver" /> <component id="com.yahoo.vespa.config.server.zookeeper.ConfigCurator" bundle="configserver" /> |