@Override public int compareTo(SecurityGroup o) { return id.compareTo(o.getId()); } }
@Override public int compareTo(SecurityGroup o) { return id.compareTo(o.getId()); } }
@Override public int compareTo(SecurityGroup o) { return id.compareTo(o.getId()); } }
private void invalidateCache(String id) { for (Map.Entry<ZoneAndName, org.jclouds.cloudstack.domain.SecurityGroup> sg : groupCreator.asMap().entrySet()) { if (id.equals(sg.getValue().getId())) { groupCreator.invalidate(sg.getKey()); break; } } }
public static void deleteByName(CloudStackClient cloudStackClient, String securityGroupName) { try { SecurityGroup securityGroup = getByName(cloudStackClient, securityGroupName); LOG.info("Deleting SecurityGroup {}", securityGroup.getName()); cloudStackClient.getSecurityGroupClient().deleteSecurityGroup(securityGroup.getId()); } catch (NoSuchElementException e) { LOG.warn("Exception retrieving SecurityGroup (most likely it does not yet exist){}: {}", securityGroupName, e); } }
private void authorizeGroupToItselfAndToTCPPortAndCidr(CloudStackApi client, SecurityGroup securityGroup, int port, Set<String> cidrs) { for (String cidr : cidrs) { logger.debug(">> authorizing securityGroup(%s) permission to %s on port %d", securityGroup, cidr, port); if (!portInRangeForCidr(port, cidr).apply(securityGroup)) { jobComplete.apply(client.getSecurityGroupApi().authorizeIngressPortsToCIDRs(securityGroup.getId(), "TCP", port, port, ImmutableSet.of(cidr))); logger.debug("<< authorized securityGroup(%s) permission to %s on port %d", securityGroup, cidr, port); } } } }
@Override public SecurityGroup apply(org.jclouds.cloudstack.domain.SecurityGroup group) { SecurityGroupBuilder builder = new SecurityGroupBuilder(); builder.id(group.getId()); builder.providerId(group.getId()); builder.name(group.getName()); builder.ownerId(group.getAccount()); builder.ipPermissions(transform(group.getIngressRules(), ruleToPermission)); return builder.build(); } }
private void cleanupOrphanedSecurityGroupsInZone(Set<String> groups, String zoneId) { Zone zone = zoneIdToZone.get().getUnchecked(zoneId); if (supportsSecurityGroups().apply(zone)) { for (String group : groups) { for (SecurityGroup securityGroup : Iterables.filter(client.getSecurityGroupApi().listSecurityGroups(), SecurityGroupPredicates.nameMatches(namingConvention.create().containsGroup(group)))) { ZoneAndName zoneAndName = ZoneAndName.fromZoneAndName(zoneId, securityGroup.getName()); logger.debug(">> deleting securityGroup(%s)", zoneAndName); client.getSecurityGroupApi().deleteSecurityGroup(securityGroup.getId()); // TODO: test this clear happens securityGroupMap.invalidate(zoneAndName); logger.debug("<< deleted securityGroup(%s)", zoneAndName); } } } }
public static void applyNetworkRules(CloudStackClient cloudStackClient, SecurityGroup securityGroup, Network network) { SecurityGroupClient securityGroupClient = cloudStackClient.getSecurityGroupClient(); for (Rule rule : network.getIngress()) { if (rule.getProtocol() == Protocol.ICMP) { securityGroupClient.authorizeIngressICMPToCIDRs(securityGroup.getId(), DEFAULT_ICMP_CODE, DEFAULT_ICMP_TYPE, ImmutableList.of(rule.getCidr())); } else { securityGroupClient.authorizeIngressPortsToCIDRs(securityGroup.getId(), rule.getProtocol().name(), rule.getPorts().lowerEndpoint(), rule.getPorts().upperEndpoint(), Lists.newArrayList(rule.getCidr())); } } } }
protected void checkGroup(SecurityGroup group) { // http://bugs.cloud.com/show_bug.cgi?id=8968 if (group.getIngressRules().size() <= 1) assertEquals(group, client.getSecurityGroupClient().getSecurityGroup(group.getId())); assert group.getId() != null : group; assert group.getName() != null : group; assert group.getAccount() != null : group; assert group.getDomain() != null : group; assert group.getDomainId() != null : group; assert group.getIngressRules() != null : group; }
@AfterGroups(groups = "live") @Override protected void tearDownContext() { if (vm != null) { assertTrue(jobComplete.apply(client.getVirtualMachineClient().destroyVirtualMachine(vm.getId()))); } if (group != null) { for (IngressRule rule : group.getIngressRules()) assertTrue(jobComplete.apply(client.getSecurityGroupClient().revokeIngressRule(rule.getId())), rule.toString()); client.getSecurityGroupClient().deleteSecurityGroup(group.getId()); assertEquals(client.getSecurityGroupClient().getSecurityGroup(group.getId()), null); } super.tearDownContext(); }
protected void checkGroup(SecurityGroup group) { // http://bugs.cloud.com/show_bug.cgi?id=8968 if (group.getIngressRules().size() <= 1) { assertEquals(group, client.getSecurityGroupApi().getSecurityGroup(group.getId())); assertEquals(group, client.getSecurityGroupApi().getSecurityGroupByName(group.getName())); } assert group.getId() != null : group; assert group.getName() != null : group; assert group.getAccount() != null : group; assert group.getDomain() != null : group; assert group.getDomainId() != null : group; assert group.getIngressRules() != null : group; }
@AfterGroups(groups = "live") @Override protected void tearDownContext() { if (vm != null) { assertTrue(jobComplete.apply(client.getVirtualMachineApi().destroyVirtualMachine(vm.getId()))); } if (group != null) { for (IngressRule rule : group.getIngressRules()) assertTrue(jobComplete.apply(client.getSecurityGroupApi().revokeIngressRule(rule.getId())), rule.toString()); client.getSecurityGroupApi().deleteSecurityGroup(group.getId()); assertEquals(client.getSecurityGroupApi().getSecurityGroup(group.getId()), null); } super.tearDownContext(); }
@Test(dependsOnMethods = "testCreateIngress") public void testCreateVMInSecurityGroup() throws Exception { skipIfSecurityGroupsNotSupported(); String defaultTemplate = templateBuilderSpec != null ? templateBuilderSpec.getImageId() : null; vm = VirtualMachineApiLiveTest.createVirtualMachineWithSecurityGroupInZone(zone.getId(), defaultTemplateOrPreferredInZone(defaultTemplate, client, zone.getId()), group.getId(), client, jobComplete, virtualMachineRunning); if (vm.getPassword() != null && !loginCredentials.getOptionalPassword().isPresent()) loginCredentials = loginCredentials.toBuilder().password(vm.getPassword()).build(); // ingress port 22 checkSSH(HostAndPort.fromParts(vm.getIPAddress(), 22)); // ingress icmp disabled as this is platform dependent and may actually // just try tcp port 7 // assert InetAddress.getByName(vm.getIPAddress()).isReachable(1000) : vm; }
public T fromSecurityGroup(SecurityGroup in) { return this .id(in.getId()) .account(in.getAccount()) .name(in.getName()) .description(in.getDescription()) .domain(in.getDomain()) .domainId(in.getDomainId()) .jobId(in.getJobId()) .jobStatus(in.getJobStatus()) .ingressRules(in.getIngressRules()); } }
@Test(dependsOnMethods = "testCreateIngress") public void testCreateVMInSecurityGroup() throws Exception { skipIfSecurityGroupsNotSupported(); String defaultTemplate = template != null ? template.getImageId() : null; vm = VirtualMachineClientLiveTest.createVirtualMachineWithSecurityGroupInZone(zone.getId(), defaultTemplateOrPreferredInZone(defaultTemplate, client, zone.getId()), group.getId(), client, jobComplete, virtualMachineRunning); if (vm.getPassword() != null && loginCredentials.getOptionalPassword() == null) loginCredentials = loginCredentials.toBuilder().password(vm.getPassword()).build(); // ingress port 22 checkSSH(HostAndPort.fromParts(vm.getIPAddress(), 22)); // ingress icmp disabled as this is platform dependent and may actually // just try tcp port 7 // assert InetAddress.getByName(vm.getIPAddress()).isReachable(1000) : vm; }
public T fromSecurityGroup(SecurityGroup in) { return this .id(in.getId()) .account(in.getAccount()) .name(in.getName()) .description(in.getDescription()) .domain(in.getDomain()) .domainId(in.getDomainId()) .jobId(in.getJobId()) .jobStatus(in.getJobStatus()) .ingressRules(in.getIngressRules()); } }
public T fromSecurityGroup(SecurityGroup in) { return this .id(in.getId()) .account(in.getAccount()) .name(in.getName()) .description(in.getDescription()) .domain(in.getDomain()) .domainId(in.getDomainId()) .jobId(in.getJobId()) .jobStatus(in.getJobStatus()) .ingressRules(in.getIngressRules()) .tags(in.getTags()); } }