use of com.google.api.services.compute.model.Firewall in project cloudbreak by hortonworks.
the class GcpFirewallInternalResourceBuilder method build.
@Override
public CloudResource build(GcpContext context, AuthenticatedContext auth, Network network, Security security, CloudResource buildableResource) throws Exception {
String projectId = context.getProjectId();
Firewall firewall = new Firewall();
Allowed allowed1 = new Allowed();
allowed1.setIPProtocol("tcp");
allowed1.setPorts(Collections.singletonList("1-65535"));
Allowed allowed2 = new Allowed();
allowed2.setIPProtocol("icmp");
Allowed allowed3 = new Allowed();
allowed3.setIPProtocol("udp");
allowed3.setPorts(Collections.singletonList("1-65535"));
firewall.setTargetTags(Collections.singletonList(GcpStackUtil.getClusterTag(auth.getCloudContext())));
firewall.setAllowed(Arrays.asList(allowed1, allowed2, allowed3));
firewall.setName(buildableResource.getName());
if (isLegacyNetwork(network)) {
Networks.Get networkRequest = context.getCompute().networks().get(projectId, getCustomNetworkId(network));
com.google.api.services.compute.model.Network existingNetwork = networkRequest.execute();
firewall.setSourceRanges(Collections.singletonList(existingNetwork.getIPv4Range()));
} else if (isNewNetworkAndSubnet(network) || isNewSubnetInExistingNetwork(network)) {
firewall.setSourceRanges(Collections.singletonList(network.getSubnet().getCidr()));
} else {
Get sn = context.getCompute().subnetworks().get(projectId, context.getLocation().getRegion().value(), getSubnetId(network));
com.google.api.services.compute.model.Subnetwork existingSubnet = sn.execute();
firewall.setSourceRanges(Collections.singletonList(existingSubnet.getIpCidrRange()));
}
firewall.setNetwork(String.format("https://www.googleapis.com/compute/v1/projects/%s/global/networks/%s", projectId, context.getParameter(GcpNetworkResourceBuilder.NETWORK_NAME, String.class)));
Insert firewallInsert = context.getCompute().firewalls().insert(projectId, firewall);
try {
Operation operation = firewallInsert.execute();
if (operation.getHttpErrorStatusCode() != null) {
throw new GcpResourceException(operation.getHttpErrorMessage(), resourceType(), buildableResource.getName());
}
return createOperationAwareCloudResource(buildableResource, operation);
} catch (GoogleJsonResponseException e) {
throw new GcpResourceException(checkException(e), resourceType(), buildableResource.getName());
}
}
use of com.google.api.services.compute.model.Firewall in project cloudbreak by hortonworks.
the class GcpFirewallInResourceBuilder method update.
@Override
public CloudResourceStatus update(GcpContext context, AuthenticatedContext auth, Group group, Network network, Security security, CloudResource resource) {
String projectId = context.getProjectId();
Compute compute = context.getCompute();
String resourceName = resource.getName();
try {
Firewall fireWall = compute.firewalls().get(projectId, resourceName).execute();
List<String> sourceRanges = getSourceRanges(security);
fireWall.setSourceRanges(sourceRanges);
Operation operation = compute.firewalls().update(projectId, resourceName, fireWall).execute();
CloudResource cloudResource = createOperationAwareCloudResource(resource, operation);
return checkResources(context, auth, Collections.singletonList(cloudResource)).get(0);
} catch (IOException e) {
throw new GcpResourceException("Failed to update resource!", GCP_FIREWALL_IN, resourceName, e);
}
}
use of com.google.api.services.compute.model.Firewall in project platformlayer by platformlayer.
the class GoogleComputeClient method getInstanceFirewallRules.
public List<Firewall> getInstanceFirewallRules(String instanceUrl) throws OpsException {
List<Firewall> ret = Lists.newArrayList();
FirewallList firewalls;
try {
log.debug("Listing firewall rules");
firewalls = compute.firewalls().list(projectId).execute();
} catch (IOException e) {
throw new OpsException("Error listing firewalls", e);
}
if (firewalls.getItems() != null) {
for (Firewall firewall : firewalls.getItems()) {
if (firewall.getTargetTags() != null && firewall.getTargetTags().contains(instanceUrl)) {
ret.add(firewall);
}
}
}
return ret;
}
Aggregations