@Override public String apply(@Nullable org.jclouds.compute.domain.SecurityGroup input) { return input.getName(); } });
@Override public String apply(@Nullable org.jclouds.compute.domain.SecurityGroup input) { return input.getName(); } });
@Override public boolean apply(SecurityGroup input) { if (input.getName().contains(clusterSpec.getClusterName()) || input.getId().contains(clusterSpec.getClusterName())) { return true; } return false; //To change body of implemented methods use File | Settings | File Templates. } });
@Override public boolean removeSecurityGroup(String id) { checkNotNull(id, "id"); RegionAndId regionAndId = RegionAndId.fromSlashEncoded(id); String region = regionAndId.getRegion(); String groupId = regionAndId.getId(); SecurityGroupApi securityGroupApi = getSecurityGroupApi(region); // Would be nice to delete the group and invalidate the cache atomically - i.e. use a mutex. // Will make sure that a create operation in parallel won't see inconsistent state. boolean deleted = securityGroupApi.deleteSecurityGroup(groupId); for (SecurityGroup cachedSg : groupCreator.asMap().values()) { if (id.equals(cachedSg.getId())) { String groupName = cachedSg.getName(); groupCreator.invalidate(new RegionSecurityGroupNameAndPorts(region, groupName, ImmutableSet.<Integer>of())); break; } } return deleted; }
@Override public SecurityGroup removeIpPermission(IpPermission ipPermission, SecurityGroup group) { checkNotNull(group, "group"); checkNotNull(ipPermission, "ipPermission"); checkNotNull(api.getNetworkApiForProject(userProject.get()).get(group.getId()) == null, "network for group is null"); ListOptions options = new ListOptions.Builder().filter("network eq .*/" + group.getName()); FluentIterable<Firewall> fws = api.getFirewallApiForProject(userProject.get()).list(options).concat(); for (Firewall fw : fws) { if (equalsIpPermission(ipPermission).apply(fw)) { AtomicReference<Operation> operation = Atomics.newReference(api.getFirewallApiForProject(userProject.get()) .delete(fw.getName())); retry(operationDonePredicate, operationCompleteCheckTimeout, operationCompleteCheckInterval, MILLISECONDS).apply(operation); checkState(!operation.get().getHttpError().isPresent(), "Could not delete firewall, operation failed" + operation); } } return getSecurityGroupById(group.getId()); }
@Override public SecurityGroup removeIpPermission(IpPermission ipPermission, SecurityGroup group) { checkNotNull(group, "group"); checkNotNull(ipPermission, "ipPermission"); checkNotNull(api.getNetworkApiForProject(userProject.get()).get(group.getId()) == null, "network for group is null"); ListOptions options = new ListOptions.Builder().filter("network eq .*/" + group.getName()); FluentIterable<Firewall> fws = api.getFirewallApiForProject(userProject.get()).list(options).concat(); for (Firewall fw : fws) { if (equalsIpPermission(ipPermission).apply(fw)) { AtomicReference<Operation> operation = Atomics.newReference(api.getFirewallApiForProject(userProject.get()) .delete(fw.getName())); retry(operationDonePredicate, operationCompleteCheckTimeout, operationCompleteCheckInterval, MILLISECONDS).apply(operation); checkState(!operation.get().getHttpError().isPresent(), "Could not delete firewall, operation failed" + operation); } } return getSecurityGroupById(group.getId()); }
NovaApi novaApi = ContextBuilder .newBuilder("openstack-nova") .credentials("username", "api_key") .buildApi(NovaApi.class); Ingress ingress = Ingress.builder().fromPort(80).toPort(80).ipProtocol(IpProtocol.TCP).build(); SecurityGroupApi securityGroupApi = novaApi.getSecurityGroupExtensionForZone("RegionOne").get(); SecurityGroup securityGroup = securityGroupApi.createWithDescription("name", "description"); SecurityGroupRule rule = securityGroupApi.createRuleAllowingCidrBlock(securityGroup.getName(), ingress, "0.0.0.0/0"); securityGroupApi.delete(securityGroup.getId());
@Override public SecurityGroup addIpPermission(final IpPermission ipPermission, final SecurityGroup group) { checkNotNull(group, "group"); checkNotNull(ipPermission, "ipPermission"); final String id = checkNotNull(group.getId(), "group.getId()"); final int priority = NetworkSecurityGroups.getFirstAvailablePriority( NetworkSecurityGroups.getCustomRules(api.getNetworkSecurityGroupApi().getFullDetails(group.getName()))); final String ruleName = NetworkSecurityGroups.createRuleName( azureComputeConstants.tcpRuleFormat(), ipPermission.getFromPort(), ipPermission.getToPort()); // add rule to NSG addRuleToNetworkSecurityGroup(id, ruleName, priority, ipPermission); return transformNetworkSecurityGroupToSecurityGroup(id); }
@Test public void testSharedGroupLoadedWhenItExistsButIsNotCached() { Template template = mock(Template.class); TemplateOptions templateOptions = mock(TemplateOptions.class); when(template.getLocation()).thenReturn(location); when(template.getOptions()).thenReturn(templateOptions); JcloudsLocation jcloudsLocation = new JcloudsLocation(MutableMap.of("deferConstruction", true)); SecurityGroup shared = newGroup(customizer.getNameForSharedSecurityGroup()); SecurityGroup irrelevant = newGroup("irrelevant"); when(securityApi.createSecurityGroup(shared.getName(), location)).thenReturn(shared); when(securityApi.createSecurityGroup(irrelevant.getName(), location)).thenReturn(irrelevant); when(securityApi.listSecurityGroupsInLocation(location)).thenReturn(ImmutableSet.of(irrelevant, shared)); when(securityApi.addIpPermission(any(IpPermission.class), eq(shared))).thenReturn(shared); when(securityApi.addIpPermission(any(IpPermission.class), eq(irrelevant))).thenReturn(irrelevant); customizer.customize(jcloudsLocation, computeService, template); verify(securityApi).listSecurityGroupsInLocation(location); verify(securityApi, never()).createSecurityGroup(anyString(), any(Location.class)); }
@Test(groups = { "integration", "live" }, singleThreaded = true, dependsOnMethods = "testCreateSecurityGroup") public void testGetSecurityGroupById() throws RunNodesException, InterruptedException, ExecutionException { skipIfSecurityGroupsNotSupported(); ComputeService computeService = view.getComputeService(); Location location = getNodeTemplate().getLocation(); Optional<SecurityGroupExtension> securityGroupExtension = computeService.getSecurityGroupExtension(); assertTrue(securityGroupExtension.isPresent(), "security extension was not present"); SecurityGroup group = securityGroupExtension.get().getSecurityGroupById(groupId); logger.info("Group found: %s", group); assertTrue(group.getName().contains(secGroupName)); }
@Test(groups = { "integration", "live" }, singleThreaded = true) public void testCreateSecurityGroup() throws RunNodesException, InterruptedException, ExecutionException { skipIfSecurityGroupsNotSupported(); ComputeService computeService = view.getComputeService(); Location location = getNodeTemplate().getLocation(); Optional<SecurityGroupExtension> securityGroupExtension = computeService.getSecurityGroupExtension(); assertTrue(securityGroupExtension.isPresent(), "security extension was not present"); SecurityGroup group = securityGroupExtension.get().createSecurityGroup(secGroupName, location); logger.info("Group created: %s", group); assertTrue(group.getName().contains(secGroupName)); groupId = group.getId(); }
@Test public void testGroupAddIsIdempotent() { SecurityGroupDefinition sgDef = new SecurityGroupDefinition() .allowingInternalPorts(8097, 8098) .allowingInternalPortRange(6000, 7999) .allowingPublicPort(8099); final String securityGroupName = Identifiers.makeRandomLowercaseId(15); final SecurityGroupEditor editor = makeEditor(); SecurityGroup group1 = createTestGroup(securityGroupName, editor); assertEquals(group1.getName(), "jclouds#" + securityGroupName); group1 = editor.addPermissions(group1, sgDef.getPermissions()); final SecurityGroup group2 = createTestGroup(securityGroupName, editor); assertEquals(group2.getName(), group1.getName()); assertPermissionsEqual(group2.getIpPermissions(), group1.getIpPermissions()); editor.removeSecurityGroup(group2); final Optional<SecurityGroup> afterRemove = editor.findSecurityGroupByName(securityGroupName); assertFalse(afterRemove.isPresent()); }
@Test public void testCreateGroupAddPermissionsAndDelete() { SecurityGroupDefinition sgDef = new SecurityGroupDefinition() .allowingInternalPorts(8097, 8098) .allowingInternalPortRange(6000, 7999) .allowingPublicPort(8099); final String securityGroupName = Identifiers.makeRandomLowercaseId(15); final SecurityGroupEditor editor = makeEditor(); final SecurityGroup testGroup = createTestGroup(securityGroupName, editor); assertEquals(testGroup.getName(), "jclouds#" + securityGroupName); final SecurityGroup updated = editor.addPermissions(testGroup, sgDef.getPermissions()); final Optional<SecurityGroup> fromCloud = editor.findSecurityGroupByName(securityGroupName); assertTrue(fromCloud.isPresent()); final SecurityGroup cloudGroup = fromCloud.get(); assertPermissionsEqual(updated.getIpPermissions(), cloudGroup.getIpPermissions()); editor.removeSecurityGroup(updated); final Optional<SecurityGroup> afterRemove = editor.findSecurityGroupByName(securityGroupName); assertFalse(afterRemove.isPresent()); }
@Test public void testApplyWithCidr() { NovaSecurityGroupInRegionToSecurityGroup parser = createGroupParser(); SecurityGroupInRegion origGroup = new SecurityGroupInRegion(securityGroupWithCidr(), region.getId(), allGroups); SecurityGroup newGroup = parser.apply(origGroup); assertEquals(newGroup.getId(), origGroup.getRegion() + "/" + origGroup.getSecurityGroup().getId()); assertEquals(newGroup.getProviderId(), origGroup.getSecurityGroup().getId()); assertEquals(newGroup.getName(), origGroup.getSecurityGroup().getName()); assertEquals(newGroup.getOwnerId(), origGroup.getSecurityGroup().getTenantId()); final IpPermission permission = Iterables.getOnlyElement(newGroup.getIpPermissions()); assertEquals(permission.getFromPort(), 10); assertEquals(permission.getToPort(), 20); assertEquals(Iterables.getOnlyElement(permission.getCidrBlocks()), IP_RANGE); assertTrue(permission.getGroupIds().isEmpty()); assertEquals(newGroup.getLocation().getId(), origGroup.getRegion()); }
@Test public void testApplyWithGroup() { NovaSecurityGroupInRegionToSecurityGroup parser = createGroupParser(); final org.jclouds.openstack.nova.v2_0.domain.SecurityGroup otherGroup = securityGroupWithCidr(); SecurityGroupInRegion origGroup = new SecurityGroupInRegion(securityGroupWithGroup(), region.getId(), allGroups); SecurityGroup newGroup = parser.apply(origGroup); assertEquals(newGroup.getId(), origGroup.getRegion() + "/" + origGroup.getSecurityGroup().getId()); assertEquals(newGroup.getProviderId(), origGroup.getSecurityGroup().getId()); assertEquals(newGroup.getName(), origGroup.getSecurityGroup().getName()); assertEquals(newGroup.getOwnerId(), origGroup.getSecurityGroup().getTenantId()); final IpPermission permission = Iterables.getOnlyElement(newGroup.getIpPermissions()); assertEquals(Iterables.getOnlyElement(permission.getGroupIds()), region.getId() + "/" + otherGroup.getId()); assertEquals(permission.getFromPort(), 10); assertEquals(permission.getToPort(), 20); assertTrue(permission.getCidrBlocks().isEmpty()); assertEquals(newGroup.getLocation().getId(), origGroup.getRegion()); }
@Test public void testApply() { IpPermissions authorization = IpPermissions.permitAnyProtocol(); org.jclouds.ec2.domain.SecurityGroup origGroup = org.jclouds.ec2.domain.SecurityGroup.builder() .region("us-east-1") .id("some-id") .name("some-group") .ownerId("some-owner") .description("some-description") .ipPermission(authorization) .build(); EC2SecurityGroupToSecurityGroup parser = createGroupParser(ImmutableSet.of(provider)); SecurityGroup group = parser.apply(origGroup); assertEquals(group.getLocation(), provider); assertEquals(group.getId(), provider.getId() + "/" + origGroup.getName()); assertEquals(group.getProviderId(), origGroup.getId()); assertEquals(group.getName(), origGroup.getName()); assertEquals(group.getIpPermissions(), (Set<IpPermission>)origGroup); assertEquals(group.getOwnerId(), origGroup.getOwnerId()); }
public static SecurityGroupBuilder fromSecurityGroup(SecurityGroup group) { return new SecurityGroupBuilder().providerId(group.getProviderId()) .name(group.getName()) .id(group.getId()) .location(group.getLocation()) .uri(group.getUri()) .userMetadata(group.getUserMetadata()) .tags(group.getTags()) .ipPermissions(group.getIpPermissions()) .ownerId(group.getOwnerId()); }
public static SecurityGroupBuilder fromSecurityGroup(SecurityGroup group) { return new SecurityGroupBuilder().providerId(group.getProviderId()) .name(group.getName()) .id(group.getId()) .location(group.getLocation()) .uri(group.getUri()) .userMetadata(group.getUserMetadata()) .tags(group.getTags()) .ipPermissions(group.getIpPermissions()) .ownerId(group.getOwnerId()); }
public static SecurityGroupBuilder fromSecurityGroup(SecurityGroup group) { return new SecurityGroupBuilder().providerId(group.getProviderId()) .name(group.getName()) .id(group.getId()) .location(group.getLocation()) .uri(group.getUri()) .userMetadata(group.getUserMetadata()) .tags(group.getTags()) .ipPermissions(group.getIpPermissions()) .ownerId(group.getOwnerId()); }