diff options
Diffstat (limited to 'controller-server/src/main/java/com')
21 files changed, 109 insertions, 91 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/Application.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/Application.java index ae2de96f511..b75f80917a9 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/Application.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/Application.java @@ -7,7 +7,7 @@ import com.yahoo.config.application.api.DeploymentSpec; import com.yahoo.config.application.api.ValidationOverrides; import com.yahoo.config.provision.ApplicationId; import com.yahoo.config.provision.Environment; -import com.yahoo.config.provision.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; import com.yahoo.vespa.hosted.controller.api.integration.MetricsService.ApplicationMetrics; import com.yahoo.vespa.hosted.controller.api.integration.organization.IssueId; import com.yahoo.vespa.hosted.controller.application.ApplicationRotation; diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java index ec1051a3674..28fa311b841 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java @@ -7,7 +7,7 @@ import com.yahoo.config.application.api.ValidationId; import com.yahoo.config.provision.ApplicationId; import com.yahoo.config.provision.Environment; import com.yahoo.config.provision.TenantName; -import com.yahoo.config.provision.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; import com.yahoo.vespa.curator.Lock; import com.yahoo.vespa.hosted.controller.api.ActivateResult; import com.yahoo.vespa.hosted.controller.api.InstanceEndpoints; diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/Controller.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/Controller.java index f50958f0e66..44e4cf0740f 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/Controller.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/Controller.java @@ -7,12 +7,13 @@ import com.yahoo.component.AbstractComponent; import com.yahoo.component.Version; import com.yahoo.component.Vtag; import com.yahoo.config.provision.SystemName; -import com.yahoo.config.provision.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; import com.yahoo.vespa.hosted.controller.api.identifiers.AthenzDomain; import com.yahoo.vespa.hosted.controller.api.identifiers.DeploymentId; import com.yahoo.vespa.hosted.controller.api.identifiers.Property; import com.yahoo.vespa.hosted.controller.api.identifiers.PropertyId; import com.yahoo.vespa.hosted.controller.api.integration.MetricsService; +import com.yahoo.vespa.hosted.controller.api.integration.athenz.AthenzClientFactory; import com.yahoo.vespa.hosted.controller.api.integration.chef.Chef; import com.yahoo.vespa.hosted.controller.api.integration.configserver.ConfigServerClient; import com.yahoo.vespa.hosted.controller.api.integration.dns.NameService; @@ -23,7 +24,6 @@ import com.yahoo.vespa.hosted.controller.api.integration.routing.GlobalRoutingSe import com.yahoo.vespa.hosted.controller.api.integration.routing.RotationStatus; import com.yahoo.vespa.hosted.controller.api.integration.routing.RoutingGenerator; import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneRegistry; -import com.yahoo.vespa.hosted.controller.api.integration.athenz.AthenzClientFactory; import com.yahoo.vespa.hosted.controller.persistence.ControllerDb; import com.yahoo.vespa.hosted.controller.persistence.CuratorDb; import com.yahoo.vespa.hosted.controller.versions.VersionStatus; @@ -156,9 +156,17 @@ public class Controller extends AbstractComponent { return zoneRegistry.getLogServerUri(deploymentId); } + /** + * @deprecated Use {@link #getSecureConfigServerUris(ZoneId)} instead + */ + @Deprecated public List<URI> getConfigServerUris(ZoneId zoneId) { return zoneRegistry.getConfigServerUris(zoneId); } + + public List<URI> getSecureConfigServerUris(ZoneId zoneId) { + return zoneRegistry.getConfigServerSecureUris(zoneId); + } public ZoneRegistry zoneRegistry() { return zoneRegistry; } diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/LockedApplication.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/LockedApplication.java index 72ed1a42435..5fa5b8c318b 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/LockedApplication.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/LockedApplication.java @@ -5,8 +5,7 @@ import com.yahoo.config.application.api.DeploymentSpec; import com.yahoo.config.application.api.ValidationOverrides; import com.yahoo.config.provision.ApplicationId; import com.yahoo.config.provision.ClusterSpec; -import com.yahoo.config.provision.Zone; -import com.yahoo.config.provision.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; import com.yahoo.vespa.curator.Lock; import com.yahoo.vespa.hosted.controller.api.integration.MetricsService; import com.yahoo.vespa.hosted.controller.api.integration.MetricsService.ApplicationMetrics; diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/ApplicationList.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/ApplicationList.java index 4d1a009806f..07d51b2b9c7 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/ApplicationList.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/ApplicationList.java @@ -121,9 +121,9 @@ public class ApplicationList { return listOf(list.stream().filter(a -> !a.productionDeployments().isEmpty())); } - /** Returns the subset of applications which started failing after the given instant */ - public ApplicationList startedFailingOnVersionAfter(Version version, Instant instant) { - return listOf(list.stream().filter(application -> JobList.from(application).firstFailing().on(version).firstFailing().after(instant).anyMatch())); + /** Returns the subset of applications which started failing on the given version */ + public ApplicationList startedFailingOn(Version version) { + return listOf(list.stream().filter(application -> ! JobList.from(application).firstFailing().on(version).isEmpty())); } /** Returns the subset of applications which has the given upgrade policy */ @@ -209,32 +209,32 @@ public class ApplicationList { } private static boolean failingOn(Version version, Application application) { - return JobList.from(application) + return ! JobList.from(application) .failing() .lastCompleted().on(version) - .anyMatch(); + .isEmpty(); } private static boolean currentlyUpgrading(Change.VersionChange change, Application application, Instant jobTimeoutLimit) { - return JobList.from(application) + return ! JobList.from(application) .running(jobTimeoutLimit) .lastTriggered().on(change.version()) - .anyMatch(); + .isEmpty(); } private static boolean failingUpgradeToVersionSince(Application application, Version version, Instant threshold) { - return JobList.from(application) + return ! JobList.from(application) .not().failingApplicationChange() .firstFailing().before(threshold) .lastCompleted().on(version) - .anyMatch(); + .isEmpty(); } private static boolean failingApplicationChangeSince(Application application, Instant threshold) { - return JobList.from(application) + return ! JobList.from(application) .failingApplicationChange() .firstFailing().before(threshold) - .anyMatch(); + .isEmpty(); } /** Convenience converter from a stream to an ApplicationList */ diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/Deployment.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/Deployment.java index b9d07249cb2..2364e87b345 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/Deployment.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/Deployment.java @@ -3,8 +3,7 @@ package com.yahoo.vespa.hosted.controller.application; import com.yahoo.component.Version; import com.yahoo.config.provision.ClusterSpec.Id; -import com.yahoo.config.provision.Zone; -import com.yahoo.config.provision.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; import java.time.Instant; import java.util.HashMap; diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/DeploymentJobs.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/DeploymentJobs.java index ec8b2d6d019..eea94411109 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/DeploymentJobs.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/DeploymentJobs.java @@ -7,7 +7,7 @@ import com.yahoo.config.provision.ApplicationId; import com.yahoo.config.provision.Environment; import com.yahoo.config.provision.RegionName; import com.yahoo.config.provision.SystemName; -import com.yahoo.config.provision.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; import com.yahoo.vespa.hosted.controller.Controller; import com.yahoo.vespa.hosted.controller.api.integration.organization.IssueId; @@ -101,12 +101,12 @@ public class DeploymentJobs { /** Returns whether this has some job status which is not a success */ public boolean hasFailures() { - return JobList.from(status.values()).failing().anyMatch(); + return ! JobList.from(status.values()).failing().isEmpty(); } /** Returns whether any job is currently in progress */ public boolean isRunning(Instant timeoutLimit) { - return JobList.from(status.values()).running(timeoutLimit).anyMatch(); + return ! JobList.from(status.values()).running(timeoutLimit).isEmpty(); } /** Returns whether the given job type is currently running and was started after timeoutLimit */ diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/JobList.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/JobList.java index 6223b07d27a..161035b1164 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/JobList.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/JobList.java @@ -57,8 +57,6 @@ public class JobList { public boolean isEmpty() { return list.isEmpty(); } - public boolean anyMatch() { return ! isEmpty(); } - public int size() { return list.size(); } // ----------------------------------- Basic filters diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentOrder.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentOrder.java index 2bf64571bdf..dd7befb6d63 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentOrder.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentOrder.java @@ -2,7 +2,7 @@ package com.yahoo.vespa.hosted.controller.deployment; import com.yahoo.config.application.api.DeploymentSpec; -import com.yahoo.config.provision.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; import com.yahoo.vespa.hosted.controller.Application; import com.yahoo.vespa.hosted.controller.Controller; import com.yahoo.vespa.hosted.controller.LockedApplication; diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentTrigger.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentTrigger.java index 192901165be..90237a17fb9 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentTrigger.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentTrigger.java @@ -4,7 +4,7 @@ package com.yahoo.vespa.hosted.controller.deployment; import com.yahoo.component.Version; import com.yahoo.config.provision.ApplicationId; import com.yahoo.config.provision.SystemName; -import com.yahoo.config.provision.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; import com.yahoo.vespa.hosted.controller.Application; import com.yahoo.vespa.hosted.controller.ApplicationController; import com.yahoo.vespa.hosted.controller.Controller; @@ -344,10 +344,10 @@ public class DeploymentTrigger { } private boolean isRunningProductionJob(Application application) { - return JobList.from(application) + return ! JobList.from(application) .production() .running(jobTimeoutLimit()) - .anyMatch(); + .isEmpty(); } /** diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/ClusterInfoMaintainer.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/ClusterInfoMaintainer.java index ad7fa90967b..cf0600f87bd 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/ClusterInfoMaintainer.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/ClusterInfoMaintainer.java @@ -2,9 +2,7 @@ package com.yahoo.vespa.hosted.controller.maintenance; import com.yahoo.config.provision.ClusterSpec; -import com.yahoo.config.provision.Flavor; -import com.yahoo.config.provision.Zone; -import com.yahoo.config.provision.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; import com.yahoo.vespa.hosted.controller.Application; import com.yahoo.vespa.hosted.controller.Controller; import com.yahoo.vespa.hosted.controller.api.identifiers.DeploymentId; @@ -18,7 +16,6 @@ import java.time.Duration; import java.util.HashMap; import java.util.List; import java.util.Map; -import java.util.Optional; import java.util.logging.Level; import java.util.logging.Logger; import java.util.stream.Collectors; diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/ClusterUtilizationMaintainer.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/ClusterUtilizationMaintainer.java index 58e32344372..b889179750e 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/ClusterUtilizationMaintainer.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/ClusterUtilizationMaintainer.java @@ -3,7 +3,7 @@ package com.yahoo.vespa.hosted.controller.maintenance; import com.yahoo.config.provision.ApplicationId; import com.yahoo.config.provision.ClusterSpec; -import com.yahoo.config.provision.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; import com.yahoo.vespa.hosted.controller.Application; import com.yahoo.vespa.hosted.controller.Controller; import com.yahoo.vespa.hosted.controller.api.integration.MetricsService; diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/DeploymentIssueReporter.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/DeploymentIssueReporter.java index 324868878af..e30ccbe7950 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/DeploymentIssueReporter.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/DeploymentIssueReporter.java @@ -1,6 +1,7 @@ // Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.hosted.controller.maintenance; +import com.yahoo.component.Version; import com.yahoo.config.provision.ApplicationId; import com.yahoo.vespa.hosted.controller.Application; import com.yahoo.vespa.hosted.controller.Controller; @@ -75,17 +76,21 @@ public class DeploymentIssueReporter extends Maintainer { * longer than the set grace period, or update this list if the issue already exists. */ private void maintainPlatformIssue(List<Application> applications) { - if ( ! (controller().versionStatus().version(controller().systemVersion()).confidence() == broken)) + Version systemVersion = controller().systemVersion(); + + if ((controller().versionStatus().version(systemVersion).confidence() != broken)) + return; + + if (ApplicationList.from(applications) + .failingUpgradeToVersionSince(systemVersion, controller().clock().instant().minus(upgradeGracePeriod)) + .isEmpty()) return; List<ApplicationId> failingApplications = ApplicationList.from(applications) - .failingUpgradeToVersionSince(controller().systemVersion(), controller().clock().instant().minus(upgradeGracePeriod)) - .asList().stream() - .map(Application::id) - .collect(Collectors.toList()); + .failingUpgradeToVersionSince(systemVersion, controller().clock().instant()) + .idList(); - if ( ! failingApplications.isEmpty()) - deploymentIssues.fileUnlessOpen(failingApplications, controller().systemVersion()); + deploymentIssues.fileUnlessOpen(failingApplications, systemVersion); } private Tenant ownerOf(ApplicationId applicationId) { diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/ApplicationSerializer.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/ApplicationSerializer.java index 762f12c3e8a..9c77ebc4bc3 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/ApplicationSerializer.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/ApplicationSerializer.java @@ -6,9 +6,7 @@ import com.yahoo.config.application.api.DeploymentSpec; import com.yahoo.config.application.api.ValidationOverrides; import com.yahoo.config.provision.ApplicationId; import com.yahoo.config.provision.ClusterSpec; -import com.yahoo.config.provision.Environment; -import com.yahoo.config.provision.RegionName; -import com.yahoo.config.provision.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; import com.yahoo.slime.ArrayTraverser; import com.yahoo.slime.Cursor; import com.yahoo.slime.Inspector; diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java index e67b96c22ad..7d06bbde081 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java @@ -3,11 +3,14 @@ package com.yahoo.vespa.hosted.controller.proxy; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; +import com.google.inject.Inject; import com.yahoo.config.provision.Environment; -import com.yahoo.config.provision.RegionName; -import com.yahoo.config.provision.ZoneId; import com.yahoo.io.IOUtils; import com.yahoo.jdisc.http.HttpRequest.Method; +import com.yahoo.vespa.hosted.controller.api.integration.athenz.AthenzIdentityVerifier; +import com.yahoo.vespa.hosted.controller.api.integration.athenz.AthenzSslContextProvider; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneList; import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneRegistry; import org.apache.http.Header; import org.apache.http.client.config.RequestConfig; @@ -34,8 +37,11 @@ import java.util.Map; import java.util.Optional; import java.util.Set; +import static java.util.Collections.singleton; + /** * @author Haakon Dybdahl + * @author bjorncs */ @SuppressWarnings("unused") // Injected public class ConfigServerRestExecutorImpl implements ConfigServerRestExecutor { @@ -43,9 +49,13 @@ public class ConfigServerRestExecutorImpl implements ConfigServerRestExecutor { private static final Duration PROXY_REQUEST_TIMEOUT = Duration.ofSeconds(10); private final ZoneRegistry zoneRegistry; + private final AthenzSslContextProvider sslContextProvider; - public ConfigServerRestExecutorImpl(ZoneRegistry zoneRegistry) { + @Inject + public ConfigServerRestExecutorImpl(ZoneRegistry zoneRegistry, + AthenzSslContextProvider sslContextProvider) { this.zoneRegistry = zoneRegistry; + this.sslContextProvider = sslContextProvider; } @Override @@ -57,10 +67,10 @@ public class ConfigServerRestExecutorImpl implements ConfigServerRestExecutor { ZoneId zoneId = ZoneId.from(proxyRequest.getEnvironment(), proxyRequest.getRegion()); // Make a local copy of the list as we want to manipulate it in case of ping problems. - List<URI> allServers = new ArrayList<>(zoneRegistry.getConfigServerUris(zoneId)); + List<URI> allServers = new ArrayList<>(zoneRegistry.getConfigServerSecureUris(zoneId)); StringBuilder errorBuilder = new StringBuilder(); - if (queueFirstServerIfDown(allServers)) { + if (queueFirstServerIfDown(allServers, proxyRequest)) { errorBuilder.append("Change ordering due to failed ping."); } for (URI uri : allServers) { @@ -81,15 +91,15 @@ public class ConfigServerRestExecutorImpl implements ConfigServerRestExecutor { private ProxyResponse createDiscoveryResponse(ProxyRequest proxyRequest) { ObjectMapper mapper = new ObjectMapper(); DiscoveryResponseStructure responseStructure = new DiscoveryResponseStructure(); + String environmentName = proxyRequest.getEnvironment(); - List<ZoneId> zones = zoneRegistry.zones(); - for (ZoneId zone : zones) { - if (!"".equals(proxyRequest.getEnvironment()) && - !proxyRequest.getEnvironment().equals(zone.environment().value())) { - continue; - } + ZoneList zones = zoneRegistry.zones().all(); + if ( ! environmentName.isEmpty()) + zones = zones.in(Environment.from(environmentName)); + + for (ZoneId zoneId : zones.ids()) { responseStructure.uris.add(proxyRequest.getScheme() + "://" + proxyRequest.getControllerPrefix() + - zone.environment().name() + "/" + zone.region().value()); + zoneId.environment().name() + "/" + zoneId.region().value()); } JsonNode node = mapper.valueToTree(responseStructure); return new ProxyResponse(proxyRequest, node.toString(), 200, Optional.empty(), "application/json"); @@ -111,17 +121,17 @@ public class ConfigServerRestExecutorImpl implements ConfigServerRestExecutor { copyHeaders(proxyRequest.getHeaders(), requestBase, new HashSet<>()); RequestConfig config = RequestConfig.custom() - .setConnectTimeout((int) PROXY_REQUEST_TIMEOUT.toMillis()) - .setConnectionRequestTimeout((int) PROXY_REQUEST_TIMEOUT.toMillis()) - .setSocketTimeout((int) PROXY_REQUEST_TIMEOUT.toMillis()).build(); + .setConnectTimeout((int) PROXY_REQUEST_TIMEOUT.toMillis()) + .setConnectionRequestTimeout((int) PROXY_REQUEST_TIMEOUT.toMillis()) + .setSocketTimeout((int) PROXY_REQUEST_TIMEOUT.toMillis()).build(); try ( - CloseableHttpClient client = createHttpClient(config); + CloseableHttpClient client = createHttpClient(config, sslContextProvider, zoneRegistry, proxyRequest); CloseableHttpResponse response = client.execute(requestBase); ) { if (response.getStatusLine().getStatusCode() / 100 == 5) { errorBuilder.append("Talking to server ").append(uri.getHost()); errorBuilder.append(", got ").append(response.getStatusLine().getStatusCode()).append(" ") - .append(streamToString(response.getEntity().getContent())).append("\n"); + .append(streamToString(response.getEntity().getContent())).append("\n"); return Optional.empty(); } final Header contentHeader = response.getLastHeader("Content-Type"); @@ -202,7 +212,7 @@ public class ConfigServerRestExecutorImpl implements ConfigServerRestExecutor { * if it is not responding, we try the other servers first. False positive/negatives are not critical, * but will increase latency to some extent. */ - private boolean queueFirstServerIfDown(List<URI> allServers) { + private boolean queueFirstServerIfDown(List<URI> allServers, ProxyRequest proxyRequest) { if (allServers.size() < 2) { return false; } @@ -215,7 +225,7 @@ public class ConfigServerRestExecutorImpl implements ConfigServerRestExecutor { .setConnectionRequestTimeout(timeout) .setSocketTimeout(timeout).build(); try ( - CloseableHttpClient client = createHttpClient(config); + CloseableHttpClient client = createHttpClient(config, sslContextProvider, zoneRegistry, proxyRequest); CloseableHttpResponse response = client.execute(httpget); ) { @@ -232,9 +242,19 @@ public class ConfigServerRestExecutorImpl implements ConfigServerRestExecutor { return true; } - private static CloseableHttpClient createHttpClient(RequestConfig config) { + private static CloseableHttpClient createHttpClient(RequestConfig config, + AthenzSslContextProvider sslContextProvider, + ZoneRegistry zoneRegistry, + ProxyRequest proxyRequest) { + AthenzIdentityVerifier hostnameVerifier = + new AthenzIdentityVerifier( + singleton( + zoneRegistry.getConfigserverAthenzService( + ZoneId.from(proxyRequest.getEnvironment(), proxyRequest.getRegion())))); return HttpClientBuilder.create() .setUserAgent("config-server-client") + .setSslcontext(sslContextProvider.get()) + .setHostnameVerifier(hostnameVerifier) .setDefaultRequestConfig(config) .build(); } diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java index d15686077c6..a7d072d1dae 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java @@ -10,7 +10,7 @@ import com.yahoo.config.provision.ApplicationName; import com.yahoo.config.provision.Environment; import com.yahoo.config.provision.RegionName; import com.yahoo.config.provision.TenantName; -import com.yahoo.config.provision.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; import com.yahoo.container.jdisc.HttpRequest; import com.yahoo.container.jdisc.HttpResponse; import com.yahoo.container.jdisc.LoggingRequestHandler; diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ServiceApiResponse.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ServiceApiResponse.java index 0b0a2c3ad52..2429565350c 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ServiceApiResponse.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ServiceApiResponse.java @@ -2,7 +2,7 @@ package com.yahoo.vespa.hosted.controller.restapi.application; import com.yahoo.config.provision.ApplicationId; -import com.yahoo.config.provision.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; import com.yahoo.container.jdisc.HttpResponse; import com.yahoo.slime.Cursor; import com.yahoo.slime.JsonFormat; diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/zone/v1/ZoneApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/zone/v1/ZoneApiHandler.java index 83b725ae4c4..282dd79b317 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/zone/v1/ZoneApiHandler.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/zone/v1/ZoneApiHandler.java @@ -3,7 +3,7 @@ package com.yahoo.vespa.hosted.controller.restapi.zone.v1; import com.yahoo.config.provision.Environment; import com.yahoo.config.provision.RegionName; -import com.yahoo.config.provision.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; import com.yahoo.container.jdisc.HttpRequest; import com.yahoo.container.jdisc.HttpResponse; import com.yahoo.container.jdisc.LoggingRequestHandler; @@ -69,7 +69,7 @@ public class ZoneApiHandler extends LoggingRequestHandler { } private HttpResponse root(HttpRequest request) { - List<Environment> environments = zoneRegistry.zones().stream() + List<Environment> environments = zoneRegistry.zones().all().ids().stream() .map(ZoneId::environment) .distinct() .sorted(Comparator.comparing(Environment::value)) @@ -89,9 +89,7 @@ public class ZoneApiHandler extends LoggingRequestHandler { } private HttpResponse environment(HttpRequest request, Environment environment) { - List<ZoneId> zones = zoneRegistry.zones().stream() - .filter(zone -> zone.environment() == environment) - .collect(Collectors.toList()); + List<ZoneId> zones = zoneRegistry.zones().all().in(environment).ids(); Slime slime = new Slime(); Cursor root = slime.setArray(); zones.forEach(zone -> { diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/zone/v2/ZoneApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/zone/v2/ZoneApiHandler.java index 772dd1f6cb1..68dc2325687 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/zone/v2/ZoneApiHandler.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/zone/v2/ZoneApiHandler.java @@ -1,9 +1,7 @@ // Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.hosted.controller.restapi.zone.v2; -import com.yahoo.config.provision.Environment; -import com.yahoo.config.provision.RegionName; -import com.yahoo.config.provision.ZoneId; +import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneId; import com.yahoo.container.jdisc.HttpRequest; import com.yahoo.container.jdisc.HttpResponse; import com.yahoo.container.jdisc.LoggingRequestHandler; @@ -20,7 +18,6 @@ import com.yahoo.vespa.hosted.controller.restapi.SlimeJsonResponse; import com.yahoo.yolean.Exceptions; import java.io.IOException; -import java.util.Optional; import java.util.concurrent.Executor; import java.util.logging.Level; @@ -94,16 +91,16 @@ public class ZoneApiHandler extends LoggingRequestHandler { Slime slime = new Slime(); Cursor root = slime.setObject(); Cursor uris = root.setArray("uris"); - zoneRegistry.zones().forEach(zone -> uris.addString(request.getUri() + zoneRegistry.zones().all().ids().forEach(zoneId -> uris.addString(request.getUri() .resolve("/zone/v2/") - .resolve(zone.environment().value() + "/") - .resolve(zone.region().value()) + .resolve(zoneId.environment().value() + "/") + .resolve(zoneId.region().value()) .toString())); Cursor zones = root.setArray("zones"); - zoneRegistry.zones().forEach(zone -> { + zoneRegistry.zones().all().ids().forEach(zoneId -> { Cursor object = zones.addObject(); - object.setString("environment", zone.environment().value()); - object.setString("region", zone.region().value()); + object.setString("environment", zoneId.environment().value()); + object.setString("region", zoneId.region().value()); }); return new SlimeJsonResponse(slime); } diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/versions/VersionStatus.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/versions/VersionStatus.java index 876bd5fe029..13eec52b97a 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/versions/VersionStatus.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/versions/VersionStatus.java @@ -119,10 +119,10 @@ public class VersionStatus { } private static ListMap<Version, String> findConfigServerVersions(Controller controller) { - List<URI> configServers = controller.zoneRegistry().zones().stream() - // TODO: Filter properly. - .filter(zone -> ! zone.region().equals(RegionName.from("us-east-2a"))) - .flatMap(zone -> controller.getConfigServerUris(zone).stream()) + List<URI> configServers = controller.zoneRegistry().zones() + .controllerManaged() + .ids().stream() + .flatMap(zoneId -> controller.getSecureConfigServerUris(zoneId).stream()) .collect(Collectors.toList()); ListMap<Version, String> versions = new ListMap<>(); @@ -184,11 +184,11 @@ public class VersionStatus { VespaVersion.Confidence confidence; // Always compute confidence for system version if (isSystemVersion) { - confidence = VespaVersion.confidenceFrom(statistics, controller, releasedAt); + confidence = VespaVersion.confidenceFrom(statistics, controller); } else { // Keep existing confidence for non-system versions if already computed confidence = confidenceFor(statistics.version(), controller) - .orElse(VespaVersion.confidenceFrom(statistics, controller, releasedAt)); + .orElse(VespaVersion.confidenceFrom(statistics, controller)); } return new VespaVersion(statistics, gitSha.sha, releasedAt, diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/versions/VespaVersion.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/versions/VespaVersion.java index 4bcee5782ee..ea89a70543c 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/versions/VespaVersion.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/versions/VespaVersion.java @@ -42,8 +42,7 @@ public class VespaVersion implements Comparable<VespaVersion> { this.confidence = confidence; } - public static Confidence confidenceFrom(DeploymentStatistics statistics, Controller controller, - Instant releasedAt) { + public static Confidence confidenceFrom(DeploymentStatistics statistics, Controller controller) { // 'production on this': All deployment jobs upgrading to this version have completed without failure ApplicationList productionOnThis = ApplicationList.from(statistics.production(), controller.applications()) .notUpgradingTo(statistics.version()) @@ -58,7 +57,7 @@ public class VespaVersion implements Comparable<VespaVersion> { return Confidence.broken; // 'broken' if 4 non-canary was broken by this, and that is at least 10% of all - if (nonCanaryApplicationsBroken(statistics.version(), failingOnThis, productionOnThis, releasedAt, controller.curator())) + if (nonCanaryApplicationsBroken(statistics.version(), failingOnThis, productionOnThis, controller.curator())) return Confidence.broken; // 'low' unless all canary applications are upgraded @@ -145,9 +144,8 @@ public class VespaVersion implements Comparable<VespaVersion> { private static boolean nonCanaryApplicationsBroken(Version version, ApplicationList failingOnThis, ApplicationList productionOnThis, - Instant releasedAt, CuratorDb curator) { - ApplicationList failingNonCanaries = failingOnThis.without(UpgradePolicy.canary).startedFailingOnVersionAfter(version, releasedAt); + ApplicationList failingNonCanaries = failingOnThis.without(UpgradePolicy.canary).startedFailingOn(version); ApplicationList productionNonCanaries = productionOnThis.without(UpgradePolicy.canary); if (productionNonCanaries.size() + failingNonCanaries.size() == 0 || curator.readIgnoreConfidence()) return false; @@ -156,4 +154,5 @@ public class VespaVersion implements Comparable<VespaVersion> { int brokenByThisVersion = failingNonCanaries.size(); return brokenByThisVersion >= 4 && brokenByThisVersion >= productionOnThis.size() * 0.1; } + } |