Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

proxy: stub the VPC config cache and invalidation code #10073

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

knz
Copy link
Contributor

@knz knz commented Dec 10, 2024

This commit defines cache entries for projects:

  • the two "block public or VPC connections" booleans. This is implemented (for now) as a pair of bools because they are always delivered together from the project settings in cplane. The corresponding fields in the /get_endpoint_access_control response are block_public_connections and block_vpc_connections.

    We will use the redis broadcast channel /block_public_or_vpc_access_updated for this. It will be notified when the project settings are changed in the control plane.

  • the VPC endpoint ID list. The corresponding field in the /get_endpoint_access_control response is allowed_vpc_endpoint_ids.

    We will use the 2 redis broadcast channels
    /allowed_vpc_endpoint_ids_updated_for_projects and
    /allowed_vpc_endpoint_ids_updated_for_org for this. It will be
    notified when the VPC config service detects a configuration
    change for the project or all projects under an org.

Informs https://github.com/neondatabase/cloud/issues/21426.

Copy link

github-actions bot commented Dec 10, 2024

No tests were run or test report is not available

Test coverage report is not available

The comment gets automatically updated with the latest test results
2e79c47 at 2024-12-13T09:21:40.544Z :recycle:

This commit defines cache entries for projects:

- the two "block public or VPC connections" booleans.
  This is implemented (for now) as a pair of `bools` because
  they are always delivered together from the project
  settings in cplane. The corresponding fields in the
  `/get_endpoint_access_control` response are
  `block_public_connections` and `block_vpc_connections`.

  We will use the redis broadcast channel
  `/block_public_or_vpc_access_updated`` for this. It will be notified
  when the **project settings** are changed in the control plane.

- the VPC endpoint ID list. The corresponding field
  in the `/get_endpoint_access_control` response is
  `allowed_vpc_endpoint_ids`.

  We will use the 2 redis broadcast channels
  `/allowed_vpc_endpoint_ids_updated_for_projects` and
  `/allowed_vpc_endpoint_ids_updated_for_org` for this. It will be
  notified when the **VPC config service** detects a configuration
  change for the project or all projects under an org.
@knz knz force-pushed the knz/vpc_cache_and_invalidation branch from 8560ab2 to 2e79c47 Compare December 13, 2024 09:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant