public T fromSecurityGroup(SecurityGroup in) { return this .id(in.getId()) .tenantId(in.getTenantId()) .name(in.getName()) .description(in.getDescription()) .rules(in.getRules()); } }
public SecurityGroup build() { return new SecurityGroup(id, tenantId, name, description, rules); }
@Override public String toString() { return string().toString(); }
private void cleanupOrphanedSecurityGroupsInZone(Set<String> groups, String zoneId) { Optional<? extends SecurityGroupApi> securityGroupApi = novaApi.getSecurityGroupExtensionForZone(zoneId); if (securityGroupApi.isPresent()) { for (String group : groups) { for (SecurityGroup securityGroup : Iterables.filter(securityGroupApi.get().list(), SecurityGroupPredicates.nameMatches(namingConvention.create().containsGroup(group)))) { ZoneAndName zoneAndName = ZoneAndName.fromZoneAndName(zoneId, securityGroup.getName()); logger.debug(">> deleting securityGroup(%s)", zoneAndName); securityGroupApi.get().delete(securityGroup.getId()); // TODO: test this clear happens securityGroupMap.invalidate(zoneAndName); logger.debug("<< deleted securityGroup(%s)", zoneAndName); } } } }
public SecurityGroupInZone(SecurityGroup securityGroup, String zoneId) { super(zoneId, checkNotNull(securityGroup, "securityGroup").getName()); this.securityGroup = securityGroup; }
@Override public SecurityGroup apply(SecurityGroupInRegion group) { SecurityGroupBuilder builder = SecurityGroupBuilder.fromSecurityGroup(baseConverter.apply(group.getSecurityGroup())); Location region = locationIndex.get().get(group.getRegion()); checkState(region != null, "location %s not in locationIndex: %s", group.getRegion(), locationIndex.get()); builder.location(region); builder.id(group.getRegion() + "/" + group.getSecurityGroup().getId()); return builder.build(); } }
@Test public void testApplyWithGroup() { NovaSecurityGroupInRegionToSecurityGroup parser = createGroupParser(); final org.jclouds.openstack.nova.v2_0.domain.SecurityGroup otherGroup = securityGroupWithCidr(); SecurityGroupInRegion origGroup = new SecurityGroupInRegion(securityGroupWithGroup(), region.getId(), allGroups); SecurityGroup newGroup = parser.apply(origGroup); assertEquals(newGroup.getId(), origGroup.getRegion() + "/" + origGroup.getSecurityGroup().getId()); assertEquals(newGroup.getProviderId(), origGroup.getSecurityGroup().getId()); assertEquals(newGroup.getName(), origGroup.getSecurityGroup().getName()); assertEquals(newGroup.getOwnerId(), origGroup.getSecurityGroup().getTenantId()); final IpPermission permission = Iterables.getOnlyElement(newGroup.getIpPermissions()); assertEquals(Iterables.getOnlyElement(permission.getGroupIds()), region.getId() + "/" + otherGroup.getId()); assertEquals(permission.getFromPort(), 10); assertEquals(permission.getToPort(), 20); assertTrue(permission.getCidrBlocks().isEmpty()); assertEquals(newGroup.getLocation().getId(), origGroup.getRegion()); }
public SecurityGroupInRegion(SecurityGroup securityGroup, String regionId, Iterable<SecurityGroup> allGroupsInRegion) { super(regionId, checkNotNull(securityGroup, "securityGroup").getName()); this.securityGroup = securityGroup; this.groupsByName = HashMultimap.create(); for (SecurityGroup groupInRegion : allGroupsInRegion) { final TenantIdAndName tenantIdAndName = TenantIdAndName.builder() .tenantId(groupInRegion.getTenantId()) .name(groupInRegion.getName()) .build(); this.groupsByName.put(tenantIdAndName, groupInRegion); } }
/** * Returns all the {@link SecurityGroup} rule that match the specified source and ports */ private static Iterable<SecurityGroupRule> getAllRuleMatching(SecurityGroup securityGroup, final String source, final int... ports) { return Iterables.filter(securityGroup.getRules(), new Predicate<SecurityGroupRule>() { @Override public boolean apply(@Nullable SecurityGroupRule input) { if(!rangeFulfilled(input.getFromPort(), input.getToPort(), ports)) { return false; } else if (!input.getIpRange().equals(source)) { return false; } return true; } }); }
private void cleanupOrphanedSecurityGroupsInZone(Set<String> groups, String zoneId) { Optional<? extends SecurityGroupApi> securityGroupApi = novaApi.getSecurityGroupExtensionForZone(zoneId); if (securityGroupApi.isPresent()) { for (String group : groups) { for (SecurityGroup securityGroup : Iterables.filter(securityGroupApi.get().list(), SecurityGroupPredicates.nameMatches(namingConvention.create().containsGroup(group)))) { ZoneAndName zoneAndName = ZoneAndName.fromZoneAndName(zoneId, securityGroup.getName()); logger.debug(">> deleting securityGroup(%s)", zoneAndName); securityGroupApi.get().delete(securityGroup.getId()); // TODO: test this clear happens securityGroupMap.invalidate(zoneAndName); logger.debug("<< deleted securityGroup(%s)", zoneAndName); } } } }
@Override public boolean apply(SecurityGroup secGrp) { return secGrp.getName().equals(groupName); } });
@Override public SecurityGroup apply(SecurityGroupInZone group) { SecurityGroupBuilder builder = SecurityGroupBuilder.fromSecurityGroup(baseConverter.apply(group.getSecurityGroup())); Location zone = locationIndex.get().get(group.getZone()); checkState(zone != null, "location %s not in locationIndex: %s", group.getZone(), locationIndex.get()); builder.location(zone); builder.id(group.getZone() + "/" + group.getSecurityGroup().getId()); return builder.build(); } }
@Test public void testApplyWithCidr() { NovaSecurityGroupInRegionToSecurityGroup parser = createGroupParser(); SecurityGroupInRegion origGroup = new SecurityGroupInRegion(securityGroupWithCidr(), region.getId(), allGroups); SecurityGroup newGroup = parser.apply(origGroup); assertEquals(newGroup.getId(), origGroup.getRegion() + "/" + origGroup.getSecurityGroup().getId()); assertEquals(newGroup.getProviderId(), origGroup.getSecurityGroup().getId()); assertEquals(newGroup.getName(), origGroup.getSecurityGroup().getName()); assertEquals(newGroup.getOwnerId(), origGroup.getSecurityGroup().getTenantId()); final IpPermission permission = Iterables.getOnlyElement(newGroup.getIpPermissions()); assertEquals(permission.getFromPort(), 10); assertEquals(permission.getToPort(), 20); assertEquals(Iterables.getOnlyElement(permission.getCidrBlocks()), IP_RANGE); assertTrue(permission.getGroupIds().isEmpty()); assertEquals(newGroup.getLocation().getId(), origGroup.getRegion()); }
public SecurityGroupInRegion(SecurityGroup securityGroup, String regionId, Iterable<SecurityGroup> allGroupsInRegion) { super(regionId, checkNotNull(securityGroup, "securityGroup").getName()); this.securityGroup = securityGroup; this.groupsByName = HashMultimap.create(); for (SecurityGroup groupInRegion : allGroupsInRegion) { final TenantIdAndName tenantIdAndName = TenantIdAndName.builder() .tenantId(groupInRegion.getTenantId()) .name(groupInRegion.getName()) .build(); this.groupsByName.put(tenantIdAndName, groupInRegion); } }
/** * Removes all rules. */ @Override public void flush(ComputeService service, NodeMetadata node) { String region = AWSUtils.parseHandle(node.getId())[0]; Optional<? extends SecurityGroupApi> securityGroupApi = getSecurityGroup(service, region); if (securityGroupApi.isPresent()) { String groupName = "jclouds-" + node.getGroup(); Optional<? extends SecurityGroup> securityGroup = getSecurityGroupForGroup(securityGroupApi.get(), groupName); if (securityGroup.isPresent()) { try { for (SecurityGroupRule rule : securityGroup.get().getRules()) { securityGroupApi.get().deleteRule(rule.getId()); } } catch (IllegalStateException e) { //noop } } } authorize(service, node, "0.0.0.0", 22); }
public T fromSecurityGroup(SecurityGroup in) { return this .id(in.getId()) .tenantId(in.getTenantId()) .name(in.getName()) .description(in.getDescription()) .rules(in.getRules()); } }
private void cleanupOrphanedSecurityGroupsInZone(Set<String> groups, String zoneId) { Optional<? extends SecurityGroupApi> securityGroupApi = novaApi.getSecurityGroupExtensionForZone(zoneId); if (securityGroupApi.isPresent()) { for (String group : groups) { for (SecurityGroup securityGroup : Iterables.filter(securityGroupApi.get().list(), SecurityGroupPredicates.nameMatches(namingConvention.create().containsGroup(group)))) { ZoneAndName zoneAndName = ZoneAndName.fromZoneAndName(zoneId, securityGroup.getName()); logger.debug(">> deleting securityGroup(%s)", zoneAndName); securityGroupApi.get().delete(securityGroup.getId()); // TODO: test this clear happens securityGroupMap.invalidate(zoneAndName); logger.debug("<< deleted securityGroup(%s)", zoneAndName); } } } }
@Override public boolean apply(org.jclouds.openstack.nova.v2_0.domain.SecurityGroup secGrp) { return secGrp.getName().equals(group); } });
@Override public SecurityGroupInZone apply(ZoneSecurityGroupNameAndPorts zoneSecurityGroupNameAndPorts) { checkNotNull(zoneSecurityGroupNameAndPorts, "zoneSecurityGroupNameAndPorts"); String zoneId = zoneSecurityGroupNameAndPorts.getZone(); Optional<? extends SecurityGroupApi> api = novaApi.getSecurityGroupExtensionForZone(zoneId); checkArgument(api.isPresent(), "Security groups are required, but the extension is not availablein zone %s!", zoneId); logger.debug(">> creating securityGroup %s", zoneSecurityGroupNameAndPorts); try { SecurityGroup securityGroup = api.get().createWithDescription( zoneSecurityGroupNameAndPorts.getName(), zoneSecurityGroupNameAndPorts.getName()); logger.debug("<< created securityGroup(%s)", securityGroup); for (int port : zoneSecurityGroupNameAndPorts.getPorts()) { authorizeGroupToItselfAndAllIPsToTCPPort(api.get(), securityGroup, port); } return new SecurityGroupInZone(api.get().get(securityGroup.getId()), zoneId); } catch (IllegalStateException e) { logger.trace("<< trying to find securityGroup(%s): %s", zoneSecurityGroupNameAndPorts, e.getMessage()); SecurityGroup group = find(api.get().list(), nameEquals(zoneSecurityGroupNameAndPorts .getName())); logger.debug("<< reused securityGroup(%s)", group.getId()); return new SecurityGroupInZone(group, zoneId); } }