private void validateFirewall(Firewall firewall, Network network) { if (firewall == null || !firewall.network().equals(network.selfLink())) { throw new IllegalArgumentException(String.format("Can't find firewall %s in network %s.", firewall.name(), network)); } }
private void validateFirewall(Firewall firewall, Network network) { if (firewall == null || !firewall.network().equals(network.selfLink())) { throw new IllegalArgumentException(String.format("Can't find firewall %s in network %s.", firewall.name(), network)); } }
private void validateFirewall(Firewall firewall, Network network) { if (firewall == null || !firewall.network().equals(network.selfLink())) { throw new IllegalArgumentException(String.format("Can't find firewall %s in network %s.", firewall.name(), network)); } }
List<String> ports = ImmutableList.of(String.valueOf(port)); List<Rule> rules = ImmutableList.of(Rule.create("tcp", ports), Rule.create("udp", ports)); FirewallOptions firewallOptions = new FirewallOptions().name(name).network(network.selfLink()) .allowedRules(rules).sourceTags(templateOptions.getTags()) .sourceRanges(of(DEFAULT_INTERNAL_NETWORK_RANGE, EXTERIOR_RANGE)).targetTags(ImmutableList.of(name)); AtomicReference<Operation> operation = Atomics.newReference(firewallApi.createInNetwork( firewallOptions.name(), network.selfLink(), firewallOptions)); operations.add(operation);
networkName, region); network = api.networks().get(networkName); options.networks(ImmutableSet.of(network.selfLink().toString())); logger.debug(">> attaching nodes to legacy network(%s)", network.name());
networkName, region); network = api.networks().get(networkName); options.networks(ImmutableSet.of(network.selfLink().toString())); logger.debug(">> attaching nodes to legacy network(%s)", network.name());
private void cleanUpNetworksAndFirewallsForGroup(final String groupName) { String resourceName = namingConvention.create().sharedNameForGroup(groupName); Network network = api.networks().get(resourceName); FirewallApi firewallApi = api.firewalls(); if (network != null) { for (Firewall firewall : concat(firewallApi.list())) { if (firewall == null || firewall.network() == null || !firewall.network().equals(network.selfLink())) { continue; } AtomicReference<Operation> operation = Atomics.newReference(firewallApi.delete(firewall.name())); operationDone.apply(operation); if (operation.get().httpErrorStatusCode() != null) { logger.warn("delete orphaned firewall %s failed. Http Error Code: %d HttpError: %s", operation.get().targetId(), operation.get().httpErrorStatusCode(), operation.get().httpErrorMessage()); } } AtomicReference<Operation> operation = Atomics.newReference(api.networks().delete(resourceName)); operationDone.apply(operation); if (operation.get().httpErrorStatusCode() != null) { logger.warn("delete orphaned network failed. Http Error Code: " + operation.get().httpErrorStatusCode() + " HttpError: " + operation.get().httpErrorMessage()); } } }
FirewallOptions firewallOptions = new FirewallOptions().name(name).network(network.selfLink()) .allowedRules(rules).sourceTags(templateOptions.getTags()) .sourceRanges(of(interiorRange, EXTERIOR_RANGE)).targetTags(ImmutableList.of(name)); operation = Atomics.newReference(firewallApi.createInNetwork(firewallOptions.name(), network.selfLink(), firewallOptions));
FirewallOptions firewallOptions = new FirewallOptions().name(name).network(network.selfLink()) .allowedRules(rules).sourceTags(templateOptions.getTags()) .sourceRanges(of(interiorRange, EXTERIOR_RANGE)).targetTags(ImmutableList.of(name)); operation = Atomics.newReference(firewallApi.createInNetwork(firewallOptions.name(), network.selfLink(), firewallOptions));
if (firewall == null) { List<Rule> rules = ImmutableList.of(Rule.create("tcp", ports), Rule.create("udp", ports)); FirewallOptions firewallOptions = new FirewallOptions().name(name).network(network.selfLink()) .allowedRules(rules).sourceTags(templateOptions.getTags()) .sourceRanges(of(DEFAULT_INTERNAL_NETWORK_RANGE, EXTERIOR_RANGE)) .createInNetwork(firewallOptions.name(), network.selfLink(), firewallOptions));
@Override public Map<?, ListenableFuture<Void>> execute(String group, int count, Template template, Set<NodeMetadata> goodNodes, Map<NodeMetadata, Exception> badNodes, Multimap<NodeMetadata, CustomizationResponse> customizationResponses) { Template mutableTemplate = template.clone(); GoogleComputeEngineTemplateOptions templateOptions = GoogleComputeEngineTemplateOptions.class .cast(mutableTemplate.getOptions()); assert template.getOptions().equals(templateOptions) : "options didn't clone properly"; // Get Network Network network = getNetwork(templateOptions.getNetworks()); // Setup Firewall rules getOrCreateFirewalls(templateOptions, network, firewallTagNamingConvention.get(group)); templateOptions.networks(ImmutableSet.of(network.selfLink().toString())); templateOptions.userMetadata(ComputeServiceConstants.NODE_GROUP_KEY, group); // Configure the default credentials, if needed if (templateOptions.autoCreateKeyPair() && Strings.isNullOrEmpty(templateOptions.getPublicKey())) { logger.debug(">> creating default keypair..."); Map<String, String> defaultKeys = keyGenerator.get(); templateOptions.authorizePublicKey(defaultKeys.get("public")); templateOptions.overrideLoginPrivateKey(defaultKeys.get("private")); } if (templateOptions.getRunScript() != null && templateOptions.getLoginPrivateKey() == null) { logger.warn(">> A runScript has been configured but no SSH key has been provided." + " Authentication will delegate to the ssh-agent"); } return super.execute(group, count, mutableTemplate, goodNodes, badNodes, customizationResponses); }
@Override public Map<?, ListenableFuture<Void>> execute(String group, int count, Template template, Set<NodeMetadata> goodNodes, Map<NodeMetadata, Exception> badNodes, Multimap<NodeMetadata, CustomizationResponse> customizationResponses) { String sharedResourceName = namingConvention.create().sharedNameForGroup(group); Template mutableTemplate = template.clone(); GoogleComputeEngineTemplateOptions templateOptions = GoogleComputeEngineTemplateOptions.class .cast(mutableTemplate.getOptions()); assert template.getOptions().equals(templateOptions) : "options didn't clone properly"; // get or insert the network and insert a firewall with the users // configuration Network network = getOrCreateNetwork(templateOptions, sharedResourceName); getOrCreateFirewalls(templateOptions, network, firewallTagNamingConvention.get(group)); templateOptions.network(network.selfLink()); templateOptions.userMetadata(ComputeServiceConstants.NODE_GROUP_KEY, group); // Configure the default credentials, if needed if (templateOptions.autoCreateKeyPair() && Strings.isNullOrEmpty(templateOptions.getPublicKey())) { logger.debug(">> creating default keypair..."); Map<String, String> defaultKeys = keyGenerator.get(); templateOptions.authorizePublicKey(defaultKeys.get("public")); templateOptions.overrideLoginPrivateKey(defaultKeys.get("private")); } if (templateOptions.getRunScript() != null && templateOptions.getLoginPrivateKey() == null) { logger.warn(">> A runScript has been configured but no SSH key has been provided." + " Authentication will delegate to the ssh-agent"); } return super.execute(group, count, mutableTemplate, goodNodes, badNodes, customizationResponses); }
@Test public void testInsertSubnetwork() { assertOperationDoneSuccessfully(api.networks().createCustom(SUBNETWORK_NAME)); Network network = api.networks().get(SUBNETWORK_NAME); assertNotNull(network); SubnetworkCreationOptions opts = SubnetworkCreationOptions.create(SUBNETWORK_NAME, SUBNETWORK_NAME, network.selfLink(), SUBNETWORK_RANGE, getDefaultRegionUrl(), false); assertOperationDoneSuccessfully(api().createInNetwork(opts)); }