From 83b51daa3b9a979d202ebea537f29132783ea476 Mon Sep 17 00:00:00 2001 From: gjoranv Date: Fri, 17 Feb 2023 13:41:16 +0100 Subject: Implement getting exclave nodes in node repo client. --- .../noderepository/NodeRepository.java | 2 + .../noderepository/RealNodeRepository.java | 22 +++++++++-- .../bindings/NodeRepositoryNode.java | 6 +++ .../node/admin/wireguard/ConfigserverPeer.java | 6 ++- .../noderepository/RealNodeRepositoryTest.java | 44 +++++++++++++++------- .../node/admin/integration/NodeRepoMock.java | 5 +++ 6 files changed, 67 insertions(+), 18 deletions(-) (limited to 'node-admin/src') diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/NodeRepository.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/NodeRepository.java index b423eb5dbdf..c06c9328998 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/NodeRepository.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/NodeRepository.java @@ -24,6 +24,8 @@ public interface NodeRepository { Map getAcls(String hostname); + List getExclavePeers(); + List getConfigserverPeers(); void updateNodeAttributes(String hostName, NodeAttributes nodeAttributes); diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/RealNodeRepository.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/RealNodeRepository.java index e092cc15145..6199d7c30f3 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/RealNodeRepository.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/RealNodeRepository.java @@ -129,11 +129,21 @@ public class RealNodeRepository implements NodeRepository { trustedNetworks.get(hostname)))); } + @Override + public List getExclavePeers() { + String path = "/nodes/v2/node/?recursive=true&enclave=true"; + final GetNodesResponse response = configServerApi.get(path, GetNodesResponse.class); + + return response.nodes.stream() + .map(RealNodeRepository::createTenantPeer) + .sorted(Comparator.comparing(ConfigserverPeer::hostname)) + .toList(); + } + @Override public List getConfigserverPeers() { - GetWireguardResponse nodeResponse = configServerApi.get("/nodes/v2/wireguard", - GetWireguardResponse.class); - return nodeResponse.configservers.stream() + GetWireguardResponse response = configServerApi.get("/nodes/v2/wireguard", GetWireguardResponse.class); + return response.configservers.stream() .map(RealNodeRepository::createConfigserverPeer) .sorted(Comparator.comparing(ConfigserverPeer::hostname)) .toList(); @@ -340,6 +350,12 @@ public class RealNodeRepository implements NodeRepository { return node; } + private static ConfigserverPeer createTenantPeer(NodeRepositoryNode node) { + return new ConfigserverPeer(HostName.of(node.hostname), + node.ipAddresses.stream().map(VersionedIpAddress::from).toList(), + node.wireguardKey()); + } + private static ConfigserverPeer createConfigserverPeer(GetWireguardResponse.Configserver configServer) { return new ConfigserverPeer(HostName.of(configServer.hostname), configServer.ipAddresses.stream().map(VersionedIpAddress::from).toList(), diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/bindings/NodeRepositoryNode.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/bindings/NodeRepositoryNode.java index eb7ceab6021..1c6cb5224de 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/bindings/NodeRepositoryNode.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/bindings/NodeRepositoryNode.java @@ -5,9 +5,11 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.databind.JsonNode; +import com.yahoo.config.provision.WireguardKey; import java.util.List; import java.util.Map; +import java.util.Optional; import java.util.Set; /** @@ -94,6 +96,10 @@ public class NodeRepositoryNode { @JsonInclude(JsonInclude.Include.NON_EMPTY) public String wireguardPubkey; + public Optional wireguardKey() { + return (wireguardPubkey == null || wireguardPubkey.isEmpty()) ? Optional.empty() : Optional.of(new WireguardKey(wireguardPubkey)); + } + @JsonProperty("reports") public Map reports = null; diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/ConfigserverPeer.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/ConfigserverPeer.java index 63ddc2f3dd2..b1c1e83dedd 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/ConfigserverPeer.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/ConfigserverPeer.java @@ -8,6 +8,8 @@ import java.util.List; import java.util.Optional; /** + * A wireguard peer. + * * @author gjoranv */ public record ConfigserverPeer(HostName hostname, @@ -15,8 +17,8 @@ public record ConfigserverPeer(HostName hostname, Optional publicKey) { public ConfigserverPeer { - if (ipAddresses.isEmpty()) throw new IllegalArgumentException("No IP addresses for configserver " + hostname.value()); - ipAddresses = List.copyOf(ipAddresses); + if (ipAddresses.isEmpty()) throw new IllegalArgumentException("No IP addresses for peer node " + hostname.value()); + ipAddresses = ipAddresses.stream().sorted().toList(); } } diff --git a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/RealNodeRepositoryTest.java b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/RealNodeRepositoryTest.java index 9c33db0355f..8ed7eac6a41 100644 --- a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/RealNodeRepositoryTest.java +++ b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/configserver/noderepository/RealNodeRepositoryTest.java @@ -199,24 +199,42 @@ public class RealNodeRepositoryTest { } @Test - void wireguard_peer_config_for_configservers_can_be_retrieved() { + void wireguard_peer_config_can_be_retrieved_for_configservers_and_exclave_nodes() { + + //// Configservers //// + List cfgPeers = nodeRepositoryApi.getConfigserverPeers(); assertEquals(2, cfgPeers.size()); - var cfg1 = cfgPeers.get(0); - assertEquals("cfg1.yahoo.com", cfg1.hostname().value()); - assertEquals(2, cfg1.ipAddresses().size()); - assertIp(cfg1.ipAddresses().get(0), "127.0.201.1", 4); - assertIp(cfg1.ipAddresses().get(1), "::201:1", 6); - assertEquals("lololololololololololololololololololololoo=", cfg1.publicKey().get().value()); + assertWireguardPeer(cfgPeers.get(0), "cfg1.yahoo.com", + "::201:1", "127.0.201.1", + "lololololololololololololololololololololoo="); + + assertWireguardPeer(cfgPeers.get(1), "cfg2.yahoo.com", + "::202:1", "127.0.202.1", + "olololololololololololololololololololololo="); + + //// Exclave nodes //// - var cfg2 = cfgPeers.get(1); - assertEquals("cfg2.yahoo.com", cfg2.hostname().value()); - assertEquals(2, cfg1.ipAddresses().size()); - assertIp(cfg2.ipAddresses().get(0), "127.0.202.1", 4); - assertIp(cfg2.ipAddresses().get(1), "::202:1", 6); - assertEquals("olololololololololololololololololololololo=", cfg2.publicKey().get().value()); + List exclavePeers = nodeRepositoryApi.getExclavePeers(); + System.out.println(exclavePeers); + assertEquals(2, exclavePeers.size()); + + assertWireguardPeer(exclavePeers.get(0), "dockerhost2.yahoo.com", + "::101:1", "127.0.101.1", + "000011112222333344445555666677778888999900c="); + + assertWireguardPeer(exclavePeers.get(0), "host3.yahoo.com", + "::3:1", "127.0.3.1", + "333344445555666677778888999900001111222211c="); + } + private void assertWireguardPeer(ConfigserverPeer peer, String hostname, String ipv6, String ipv4, String publicKey) { + assertEquals(hostname, peer.hostname().value()); + assertEquals(2, peer.ipAddresses().size()); + assertIp(peer.ipAddresses().get(0), ipv6, 6); + assertIp(peer.ipAddresses().get(1), ipv4, 4); + assertEquals(publicKey, peer.publicKey().get().value()); } private void assertIp(VersionedIpAddress ip, String expectedIp, int expectedVersion) { diff --git a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/integration/NodeRepoMock.java b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/integration/NodeRepoMock.java index 06729083494..11033681177 100644 --- a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/integration/NodeRepoMock.java +++ b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/integration/NodeRepoMock.java @@ -47,6 +47,11 @@ public class NodeRepoMock implements NodeRepository { return aclByHostname; } + @Override + public List getExclavePeers() { + throw new UnsupportedOperationException(); + } + @Override public List getConfigserverPeers() { throw new UnsupportedOperationException(); -- cgit v1.2.3