1
0
mirror of https://github.com/google/nomulus synced 2026-06-09 16:33:02 +00:00

78 Commits

Author SHA1 Message Date
Pavlo Tkach b17125ae9a Disable k8s whois routing (#2740) 2025-04-17 15:20:32 +00:00
Pavlo Tkach dfef733360 Incerase memory request for pubapi and frontend to 1Gi (#2743) 2025-04-11 16:17:43 +00:00
Pavlo Tkach 03872b508f Exclude prober endoint from sed command canary (#2739) 2025-04-07 21:13:13 +00:00
Pavlo Tkach 1096f201cd Add GKE readiness probe (#2735) 2025-04-04 21:33:43 +00:00
Lai Jiang af321fb65e Make frontend deployment auto scale (#2736)
Now that we have effective global sessions thanks to #2734, there is no
longer a need to keep the number of pods on the EPP service static.

We are also not vulnerable to random pod restarts. K8s never guarantees
perpetual pod lifetime anyway, and not having to be at its mercy is
certainly a relief.
2025-04-02 18:58:52 +00:00
Lai Jiang a64dc21f96 make the deploy task deploy to GKE (#2734)
Also always pulls the latest images from repos instead of relying on
local cases. This makes it so that a local docker build is always fresh.
2025-03-31 22:38:53 +00:00
Pavlo Tkach 0381533a35 Set grace period to 1s for immediate pods restart (#2733) 2025-03-31 19:15:13 +00:00
Lai Jiang 4999a72d96 Save session data directly in a cookie (#2732) 2025-03-31 16:21:50 +00:00
Pavlo Tkach 2d072c3844 Update jetty console static files cache policies (#2731) 2025-03-28 19:53:02 +00:00
Pavlo Tkach c15dec4419 Downgrade node type for pubapi and console, enable bursting for frontend and backend (#2723) 2025-03-28 19:14:33 +00:00
Lai Jiang 11702bc940 Revert "Add a redirect for the console bare domain (#2718)" (#2724)
This reverts commit 2a01c12b14.
2025-03-19 22:48:31 +00:00
Lai Jiang 2d82646421 Uncap Dagger version (#2721)
The latest version of Dagger (2.55) now supports jakarta.inject.
2025-03-17 14:51:04 +00:00
Lai Jiang 50260dca5f Upgrade to Gradle 8.13 (#2720) 2025-03-15 00:30:32 +00:00
Lai Jiang 2a01c12b14 Add a redirect for the console bare domain (#2718) 2025-03-14 18:16:25 +00:00
Lai Jiang 92ebd0dedb Build different console versions for different environments (#2715)
TESTED=deployed to alpha
2025-03-11 23:39:28 +00:00
Pavlo Tkach ea1e8d5cc5 Add console gzip compression to js,css and html files (#2696) 2025-02-27 22:52:10 +00:00
Lai Jiang bcf42bd287 Use static IPs for EPP endpoints (#2685)
These IPs are now provisioned by Terraform. Also delete the
get-endpoints.py script as it is no longer necessary.
2025-02-24 16:38:47 +00:00
Lai Jiang 97fc2c0b66 Add an annotation to the deployment (#2683)
This allows us to easily tell which tag was deployed.

Also set the gateway to use named address so they are stable, and so
that we can attach an IPv6 record to it. Auto-provisioned addresses are
IPv4 only.
2025-02-21 16:30:32 +00:00
Lai Jiang 3f2a42ab8d Expose EPP via saidcar proxy (#2680) 2025-02-19 18:57:25 +00:00
Lai Jiang 6f7ae1eabc Redirect HTTP to HTTPS (#2679)
This opens up port 80 on the load balancer IP and upgrades all HTTP
request to HTTPS.

TESTED=tested on alpha.
2025-02-18 16:57:18 +00:00
Lai Jiang eb978ebbd5 Let nomulus tool connect to sandbox GKE by default (#2674) 2025-02-16 18:10:03 +00:00
Lai Jiang 538260521b Update Nomulus deployment script (#2677)
We only deploy to the us-central1 cluster in order to minimize database
locality issue.
2025-02-14 17:31:18 +00:00
Lai Jiang a63812160e Upgrade to Gradle 8.12.1 (#2671) 2025-02-07 15:23:02 +00:00
Lai Jiang 8a36fb5f1f Update Cloud Scheduler and Cloud Tasks deployment process (#2666) 2025-02-06 18:53:50 +00:00
Lai Jiang b775e4a178 Pull credentials from fleet for all clusters (#2647)
All clusters have switched to using private APIs.
2025-01-22 16:58:56 +00:00
Lai Jiang 799f0449ad Only pull credential from the fleet on crash (#2645)
Only crash has the policy controller installed for now.
2025-01-21 18:40:52 +00:00
Lai Jiang 9f22f2e8ae Pull nomulus cluster credentials from the fleet (#2643)
After private endpoint is enabled, we cannot pull the credentials
directly via `gcloud containers cluster get-credentials`.
2025-01-16 15:06:02 +00:00
Lai Jiang cea3da01a0 Expose Web WHOIS redirects (#2634)
We are required to respond to HTTP(S) requests on port 80/443 on the
same domain where we serve port 43 WHOIS requests. The proxy already
does this by redirecting to the web WHOIS lookup page on the marketing
website.

This PR makes it so that requests to port 80/443 can be routed to the
proxy for redirect.

TESTED=tested on crash and the redirect works.
2025-01-10 17:25:16 +00:00
Lai Jiang 1cbbc660d2 Explicity specify deployment order for queues and scheduler tasks (#2631)
If we deploy Nomulus, we should do that before queues and the scheduler
tasks are updated.
2025-01-08 21:11:24 +00:00
Lai Jiang e0bbff827e Upgrade to Gradle 8.12 (#2630) 2025-01-08 18:43:10 +00:00
Lai Jiang 7641b05f12 Expose EPP and WHOIS endpoints on reginal load balancers (#2627)
k8s does not have a way to expose a global load balancer with TCP
endpoints, and setting up node port-based routing is a chore, even with
Terraform (which is what we did with the standalone proxy).

We will use Cloud DNS's geolocation routing policy to ensure that
clients connect to the endpoint closest to them.
2024-12-26 15:25:02 +00:00
Lai Jiang c9c61e4f17 Write GKE metrics with the apprioate labels (#2626)
Also makes preperations to expose the sidecar proxy.
2024-12-18 16:15:54 +00:00
Lai Jiang da8df1f4d9 Make GKE the default in alpha and qa (#2624) 2024-12-17 17:40:03 +00:00
Lai Jiang f9d2839590 Add necessary changes to provision QA with Terraform (#2618)
Also programmatically determine backend service IDs.
2024-12-12 18:39:18 +00:00
Lai Jiang cb3738d540 Upgrade to Gradle 8.11.1 (#2619) 2024-12-09 18:29:57 +00:00
Lai Jiang a9ba770bfa Add canary service to GKE (#2594) 2024-10-22 17:12:00 +00:00
Lai Jiang 4d96e5a6b1 Remove cap on soy (#2592)
We still need to cap the protobuf version that soy depends on, but the
rest of nomulus can use the latest version of protobuf.
2024-10-18 17:21:26 +00:00
Lai Jiang 1171c5cfcb Delete legacy console (#2579) 2024-10-17 20:48:10 +00:00
Lai Jiang 5e41e84b8d Upgrade avro version (#2587)
Per b/371714822.
2024-10-07 15:43:53 +00:00
Lai Jiang 72dd8658cf Upgrade to Gradle 8.10.2 (#2571) 2024-09-26 17:53:45 +00:00
Lai Jiang 5c35811eb9 Upgrade protobuf (#2565)
Patched from https://github.com/google/nomulus/pull/2564.

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-20 17:56:53 +00:00
Lai Jiang b07769bdee Switch to new jaxb runtime (#2558) 2024-09-16 22:39:59 +00:00
Lai Jiang 352618b3b7 Use Jcommander 2.0 (#2552) 2024-09-13 16:06:50 +00:00
Lai Jiang 0389b0d2d9 Upgrade to Gradle 8.10.1 (#2533) 2024-09-11 21:36:12 +00:00
gbrodman 8906a82e3b Update dependencies esp. antlr+jcommander (#2550) 2024-09-11 15:49:54 +00:00
Weimin Yu f6e42896c3 Build uber jars as multi-release (#2549)
Several jars in our dependencies are now multi-release, including
dnsjava and snakeyaml, and a few more. Such jars include
jvm-version-specific classes that will only be loaded by the vm that can
handle them. All it takes is a new manifest attribute.

This change allows us to upgrade to dnsjava3.6+: the base (java 8) version of
this jar breaks java21. The correct manifest allows java21 to find the
classes it needs.
2024-09-10 18:12:25 +00:00
Weimin Yu d9ad39cdad Upgrade to Hibernate6 and Jaxb4 (#2526)
* Rebase

* Addressing commetns

* Addressing comments

* Auto convert Duration and Money
2024-09-03 18:02:53 +00:00
Pavlo Tkach ab5f6cc229 Add environment support to the console build (#2539) 2024-08-30 18:31:28 +00:00
Lai Jiang 4e013603be Make GKE networking work more properly (#2531) 2024-08-22 13:10:56 +00:00
Lai Jiang 2fd9b062df Make Nomulus work on GKE with external load balancer (#2527)
This will create a multi-cluster external load balancer exposing HTTP
traffic to nomulus running in clusters in the fleet.
2024-08-14 14:32:39 +00:00