aboutsummaryrefslogtreecommitdiffstats
path: root/node-admin
Commit message (Collapse)AuthorAgeFilesLines
* Revert "Re-create container if wanted create command changes"Valerij Fredriksen2022-11-258-52/+20
|
* Re-create container if wanted create command changesMartin Polden2022-11-248-20/+52
|
* Merge pull request #24902 from vespa-engine/enclaves-apigjoranv2022-11-171-1/+2
|\ | | | | Enclaves api
| * Add test for enclave nodes, and necessary supporting infrastructuregjoranv2022-11-161-1/+2
| |
* | Use BouncyCastle AES GCM cipher and I/O streams instead of JCATor Brede Vekterli2022-11-161-3/+1
|/ | | | | | | | | | | | | | | | | | This resolves two issues: * `javax.crypto.OutputCipherStream` swallows MAC tag mismatch exceptions when the stream is closed, which means that corruptions (intentional or not) are not caught. This is documented behavior, but still very surprising and a rather questionable default. BC's interchangeable `CipherOutputStream` throws as expected. To avoid regressions, add an explicit test that both ciphertext and MAC tag corruptions are propagated. * The default-provided `AES/GCM/NoPadding` `Cipher` instance will not emit decrypted plaintext per `update()` chunk, but buffer everything until `doFinal()` is invoked when the stream is closed. This means that decrypting very large ciphertexts can blow up memory usage since internal output buffers are reallocated and increased per iteration...! Instead use an explicit BC `GCMBlockCipher` which has the expected behavior (and actually lets cipher streams, well, _stream_). Add an `AeadCipher` abstraction to avoid leaking BC APIs outside the security module.
* Revert "Revert "Revert "Revert "Move $VESPA_HOME/tmp to $VESPA_HOME/var/tmp ↵Eirik Nygaard2022-11-072-6/+6
| | | | [run-systemtest]""""
* Revert "Revert "Revert "Move $VESPA_HOME/tmp to $VESPA_HOME/var/tmp ↵Eirik Nygaard2022-11-072-6/+6
| | | | [run-systemtest]"""
* Revert "Revert "Move $VESPA_HOME/tmp to $VESPA_HOME/var/tmp [run-systemtest]""Eirik Nygaard2022-11-042-6/+6
|
* Revert "Move $VESPA_HOME/tmp to $VESPA_HOME/var/tmp [run-systemtest]"Arnstein Ressem2022-11-042-6/+6
|
* Move $VESPA_HOME/tmp to $VESPA_HOME/var/tmpEirk Nygaard2022-11-042-6/+6
| | | | | Prepare to support immutable container image where only var and logs directories must be writable. Create symlink from old tmp directory to $VESPA_HOME/var/tmp
* Wire core dump encryption public key ID to core dump handler logicTor Brede Vekterli2022-11-043-9/+67
|
* Merge pull request #24715 from vespa-engine/vekterli/encapsulate-key-idTor Brede Vekterli2022-11-021-1/+2
|\ | | | | Encapsulate key identifier in own object
| * Encapsulate key identifier in own objectTor Brede Vekterli2022-11-021-1/+2
| | | | | | | | Enforces invariants and avoids having to pass raw byte arrays around.
* | Log core dump processingHåkon Hallingstad2022-11-025-20/+164
|/
* Write absolute path of fileHåkon Hallingstad2022-11-011-1/+1
|
* Merge pull request #24689 from ↵Valerij Fredriksen2022-11-018-33/+265
|\ | | | | | | | | vespa-engine/hakonhall/guard-core-dump-upload-via-cfg Guard core dump upload via cfg
| * Guard core dump upload via cfgHåkon Hallingstad2022-11-018-33/+265
| |
* | Let token key IDs be UTF-8 byte strings instead of just an integerTor Brede Vekterli2022-11-011-1/+1
|/ | | | | | | | | | | | | | This makes key IDs vastly more expressive. Max size is 255 bytes, and UTF-8 form is enforced by checking that the byte sequence can be identity-transformed to and from a string with UTF-8 encoding. In addition, we now protect the integrity of the key ID by supplying it as the AAD parameter to the key sealing and opening operations. Reduce v1 token max length of `enc` part to 255, since this is always an X25519 public key, which is never bigger than 32 bytes (but may be _less_ if the random `BigInteger` is small enough, so we still have to encode the length).
* zst is the extension for std compressed files.Henning Baldersheim2022-11-012-5/+5
|
* Add encryption capabilities to core dump handlerTor Brede Vekterli2022-11-012-35/+132
| | | | | | | | | | | | | Once wired in (not currently the case), a Supplier of non-null `SecretSharedKey` instances will trigger: 1. Wrapping the output stream with an encrypting output stream using the secret component of the supplied key. Zstd compression is handled on the input stream, so this should transparently encrypt compressed data. To disambiguate, encrypted core dumps are suffixed with an additional `.enc` file extension. 2. Emitting a public decryption token as part of the metadata using the shared component of the supplied key.
* Add missing suffix newlineHåkon Hallingstad2022-11-011-1/+1
|
* Export com.yahoo.vespa.hosted.node.admin.configserver.coresHåkon Hallingstad2022-11-012-1/+9
|
* Revert "Revert "New cores client in node-admin""Håkon Hallingstad2022-11-0112-43/+297
|
* Revert "New cores client in node-admin"Håkon Hallingstad2022-11-0112-297/+43
|
* New cores client in node-adminHåkon Hallingstad2022-10-3112-43/+297
|
* * apply new common bootstrapArne Juul2022-10-241-0/+3
| | | | | * remove now-duplicated code * prefer using ${VESPA_HOME} environment variable
* Allow suffix of base name of filename for upload URIHåkon Hallingstad2022-10-201-8/+20
|
* Start wireguard on configserver hosts (#24345)gjoranv2022-10-134-6/+24
| | | Co-authored-by: gjoranv <gv@verizonmedia.com>
* Use UnixPath::existsHåkon Hallingstad2022-10-121-1/+1
|
* Don't ignore exit codeOla Aunronning2022-09-301-1/+0
|
* Get systemctl service propertyOla Aunronning2022-09-302-0/+12
|
* Remove pem-trust-store flagHåkon Hallingstad2022-09-291-14/+6
|
* Add wantToRebuild fieldMartin Polden2022-09-283-47/+71
|
* Trust store path is associated with ZTSHåkon Hallingstad2022-09-231-9/+9
|
* Merge pull request #24130 from ↵Harald Musum2022-09-201-17/+15
|\ | | | | | | | | vespa-engine/hakonhall/refresh-identity-from-pem-trust-store Refresh identity from PEM trust store
| * Refresh identity from PEM trust storeHåkon Hallingstad2022-09-191-17/+15
| |
* | Dont fail coredump reports if /proc/cpuinfo is missing microcode information.Arnstein Ressem2022-09-161-1/+1
| |
* | Fail service dump request gracefully if JSON is invalidBjørn Christian Seime2022-09-153-10/+52
|/
* Support censoring of command argumentsMartin Polden2022-09-083-14/+46
|
* Merge pull request #23892 from ↵Martin Polden2022-09-052-2/+3
|\ | | | | | | | | vespa-engine/hakonhall/disallow-gcp-endpoints-in-global-routing Disallow GCP endpoints in global routing
| * Disallow GCP endpoints in global routingHåkon Hallingstad2022-09-012-2/+3
| |
* | Simplify record constructorValerij Fredriksen2022-09-021-3/+3
| | | | | | Co-authored-by: Håkon Hallingstad <hakon.hallingstad@gmail.com>
* | Simplify record constructorValerij Fredriksen2022-09-021-3/+3
| | | | | | Co-authored-by: Håkon Hallingstad <hakon.hallingstad@gmail.com>
* | Remove unnecessary indirectionValerij Fredriksen2022-09-012-16/+22
| |
* | Non-functional changes: Use recordsValerij Fredriksen2022-09-014-76/+4
| |
* | Non-functional changes: Use new switch styleValerij Fredriksen2022-09-017-78/+62
| |
* | Non-functional cleanupValerij Fredriksen2022-09-0116-30/+23
|/
* Consider trusted node ports in ACL rulesMartin Polden2022-08-298-94/+93
|
* Merge pull request #23764 from ↵Valerij Fredriksen2022-08-243-30/+15
|\ | | | | | | | | vespa-engine/hakonhall/purge-old-containers-dimension-value Purge old containers dimension value
| * Purge old containers dimension valueHåkon Hallingstad2022-08-243-30/+15
| |