Example 6 with NetworkSecurityGroup
use of com.microsoft.azure.management.network.NetworkSecurityGroup in project azure-sdk-for-java by Azure.
the class ManageVirtualMachinesInParallelWithNetwork method runSample.
/**
* Main function which runs the actual sample.
* @param azure instance of the azure client
* @return true if sample runs successfully
*/
public static boolean runSample(Azure azure) {
final int frontendVMCount = 10;
final int backendVMCount = 10;
final String rgName = SdkContext.randomResourceName("rgNEPP", 24);
final String frontEndNsgName = SdkContext.randomResourceName("fensg", 24);
final String backEndNsgName = SdkContext.randomResourceName("bensg", 24);
final String networkName = SdkContext.randomResourceName("vnetCOMV", 24);
final String storageAccountName = SdkContext.randomResourceName("stgCOMV", 20);
final String userName = "tirekicker";
final String password = "12NewPA$$w0rd!";
try {
// Create a resource group [Where all resources gets created]
ResourceGroup resourceGroup = azure.resourceGroups().define(rgName).withRegion(Region.US_EAST).create();
//============================================================
// Define a network security group for the front end of a subnet
// front end subnet contains two rules
// - ALLOW-SSH - allows SSH traffic into the front end subnet
// - ALLOW-WEB- allows HTTP traffic into the front end subnet
Creatable<NetworkSecurityGroup> frontEndNSGCreatable = azure.networkSecurityGroups().define(frontEndNsgName).withRegion(Region.US_EAST).withExistingResourceGroup(resourceGroup).defineRule("ALLOW-SSH").allowInbound().fromAnyAddress().fromAnyPort().toAnyAddress().toPort(22).withProtocol(SecurityRuleProtocol.TCP).withPriority(100).withDescription("Allow SSH").attach().defineRule("ALLOW-HTTP").allowInbound().fromAnyAddress().fromAnyPort().toAnyAddress().toPort(80).withProtocol(SecurityRuleProtocol.TCP).withPriority(101).withDescription("Allow HTTP").attach();
//============================================================
// Define a network security group for the back end of a subnet
// back end subnet contains two rules
// - ALLOW-SQL - allows SQL traffic only from the front end subnet
// - DENY-WEB - denies all outbound internet traffic from the back end subnet
Creatable<NetworkSecurityGroup> backEndNSGCreatable = azure.networkSecurityGroups().define(backEndNsgName).withRegion(Region.US_EAST).withExistingResourceGroup(resourceGroup).defineRule("ALLOW-SQL").allowInbound().fromAddress("172.16.1.0/24").fromAnyPort().toAnyAddress().toPort(1433).withProtocol(SecurityRuleProtocol.TCP).withPriority(100).withDescription("Allow SQL").attach().defineRule("DENY-WEB").denyOutbound().fromAnyAddress().fromAnyPort().toAnyAddress().toAnyPort().withAnyProtocol().withDescription("Deny Web").withPriority(200).attach();
System.out.println("Creating security group for the front ends - allows SSH and HTTP");
System.out.println("Creating security group for the back ends - allows SSH and denies all outbound internet traffic");
@SuppressWarnings("unchecked") Collection<NetworkSecurityGroup> networkSecurityGroups = azure.networkSecurityGroups().create(frontEndNSGCreatable, backEndNSGCreatable).values();
NetworkSecurityGroup frontendNSG = null;
NetworkSecurityGroup backendNSG = null;
for (NetworkSecurityGroup nsg : networkSecurityGroups) {
if (nsg.name().equalsIgnoreCase(frontEndNsgName)) {
frontendNSG = nsg;
}
if (nsg.name().equalsIgnoreCase(backEndNsgName)) {
backendNSG = nsg;
}
}
System.out.println("Created a security group for the front end: " + frontendNSG.id());
Utils.print(frontendNSG);
System.out.println("Created a security group for the back end: " + backendNSG.id());
Utils.print(backendNSG);
// Create Network [Where all the virtual machines get added to]
Network network = azure.networks().define(networkName).withRegion(Region.US_EAST).withExistingResourceGroup(resourceGroup).withAddressSpace("172.16.0.0/16").defineSubnet("Front-end").withAddressPrefix("172.16.1.0/24").withExistingNetworkSecurityGroup(frontendNSG).attach().defineSubnet("Back-end").withAddressPrefix("172.16.2.0/24").withExistingNetworkSecurityGroup(backendNSG).attach().create();
// Prepare Creatable Storage account definition [For storing VMs disk]
Creatable<StorageAccount> creatableStorageAccount = azure.storageAccounts().define(storageAccountName).withRegion(Region.US_EAST).withExistingResourceGroup(resourceGroup);
// Prepare a batch of Creatable Virtual Machines definitions
List<Creatable<VirtualMachine>> frontendCreatableVirtualMachines = new ArrayList<>();
for (int i = 0; i < frontendVMCount; i++) {
Creatable<VirtualMachine> creatableVirtualMachine = azure.virtualMachines().define("VM-FE-" + i).withRegion(Region.US_EAST).withExistingResourceGroup(resourceGroup).withExistingPrimaryNetwork(network).withSubnet("Front-end").withPrimaryPrivateIPAddressDynamic().withoutPrimaryPublicIPAddress().withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS).withRootUsername(userName).withRootPassword(password).withSize(VirtualMachineSizeTypes.STANDARD_D3_V2).withNewStorageAccount(creatableStorageAccount);
frontendCreatableVirtualMachines.add(creatableVirtualMachine);
}
List<Creatable<VirtualMachine>> backendCreatableVirtualMachines = new ArrayList<>();
for (int i = 0; i < backendVMCount; i++) {
Creatable<VirtualMachine> creatableVirtualMachine = azure.virtualMachines().define("VM-BE-" + i).withRegion(Region.US_EAST).withExistingResourceGroup(resourceGroup).withExistingPrimaryNetwork(network).withSubnet("Back-end").withPrimaryPrivateIPAddressDynamic().withoutPrimaryPublicIPAddress().withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS).withRootUsername(userName).withRootPassword(password).withSize(VirtualMachineSizeTypes.STANDARD_D3_V2).withNewStorageAccount(creatableStorageAccount);
backendCreatableVirtualMachines.add(creatableVirtualMachine);
}
System.out.println("Creating the virtual machines");
List<Creatable<VirtualMachine>> allCreatableVirtualMachines = new ArrayList<>();
allCreatableVirtualMachines.addAll(frontendCreatableVirtualMachines);
allCreatableVirtualMachines.addAll(backendCreatableVirtualMachines);
StopWatch stopwatch = new StopWatch();
stopwatch.start();
Collection<VirtualMachine> virtualMachines = azure.virtualMachines().create(allCreatableVirtualMachines).values();
stopwatch.stop();
System.out.println("Created virtual machines");
for (VirtualMachine virtualMachine : virtualMachines) {
System.out.println(virtualMachine.id());
}
System.out.println("Virtual Machines create: (took " + (stopwatch.getTime() / 1000) + " seconds) ");
return true;
} catch (Exception f) {
System.out.println(f.getMessage());
f.printStackTrace();
} finally {
try {
System.out.println("Deleting Resource Group: " + rgName);
azure.resourceGroups().deleteByName(rgName);
System.out.println("Deleted Resource Group: " + rgName);
} catch (NullPointerException npe) {
System.out.println("Did not create any resources in Azure. No clean up is necessary");
} catch (Exception g) {
g.printStackTrace();
}
}
return false;
}
Also used :
NetworkSecurityGroup(com.microsoft.azure.management.network.NetworkSecurityGroup)
ArrayList(java.util.ArrayList)
StopWatch(org.apache.commons.lang3.time.StopWatch)
StorageAccount(com.microsoft.azure.management.storage.StorageAccount)
Network(com.microsoft.azure.management.network.Network)
Creatable(com.microsoft.azure.management.resources.fluentcore.model.Creatable)
ResourceGroup(com.microsoft.azure.management.resources.ResourceGroup)
VirtualMachine(com.microsoft.azure.management.compute.VirtualMachine)
Example 7 with NetworkSecurityGroup
use of com.microsoft.azure.management.network.NetworkSecurityGroup in project azure-sdk-for-java by Azure.
the class ManageVirtualNetwork method runSample.
/**
* Main function which runs the actual sample.
* @param azure instance of the azure client
* @return true if sample runs successfully
*/
public static boolean runSample(Azure azure) {
final String vnetName1 = SdkContext.randomResourceName("vnet1", 20);
final String vnetName2 = SdkContext.randomResourceName("vnet2", 20);
final String vnet1FrontEndSubnetName = "frontend";
final String vnet1BackEndSubnetName = "backend";
final String vnet1FrontEndSubnetNsgName = "frontendnsg";
final String vnet1BackEndSubnetNsgName = "backendnsg";
final String frontEndVMName = SdkContext.randomResourceName("fevm", 24);
final String backEndVMName = SdkContext.randomResourceName("bevm", 24);
final String publicIPAddressLeafDnsForFrontEndVM = SdkContext.randomResourceName("pip1", 24);
final String userName = "tirekicker";
final String sshKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCfSPC2K7LZcFKEO+/t3dzmQYtrJFZNxOsbVgOVKietqHyvmYGHEC0J2wPdAqQ/63g/hhAEFRoyehM+rbeDri4txB3YFfnOK58jqdkyXzupWqXzOrlKY4Wz9SKjjN765+dqUITjKRIaAip1Ri137szRg71WnrmdP3SphTRlCx1Bk2nXqWPsclbRDCiZeF8QOTi4JqbmJyK5+0UqhqYRduun8ylAwKKQJ1NJt85sYIHn9f1Rfr6Tq2zS0wZ7DHbZL+zB5rSlAr8QyUdg/GQD+cmSs6LvPJKL78d6hMGk84ARtFo4A79ovwX/Fj01znDQkU6nJildfkaolH2rWFG/qttD azjava@javalib.com";
final String rgName = SdkContext.randomResourceName("rgNEMV", 24);
try {
//============================================================
// Create a virtual network with specific address-space and two subnet
// Creates a network security group for backend subnet
System.out.println("Creating a network security group for virtual network backend subnet...");
NetworkSecurityGroup backEndSubnetNsg = azure.networkSecurityGroups().define(vnet1BackEndSubnetNsgName).withRegion(Region.US_EAST).withNewResourceGroup(rgName).defineRule("DenyInternetInComing").denyInbound().fromAddress("INTERNET").fromAnyPort().toAnyAddress().toAnyPort().withAnyProtocol().attach().defineRule("DenyInternetOutGoing").denyOutbound().fromAnyAddress().fromAnyPort().toAddress("INTERNET").toAnyPort().withAnyProtocol().attach().create();
System.out.println("Created network security group");
// Print the network security group
Utils.print(backEndSubnetNsg);
// Create the virtual network with frontend and backend subnets, with
// network security group rule applied to backend subnet]
System.out.println("Creating virtual network #1...");
Network virtualNetwork1 = azure.networks().define(vnetName1).withRegion(Region.US_EAST).withExistingResourceGroup(rgName).withAddressSpace("192.168.0.0/16").withSubnet(vnet1FrontEndSubnetName, "192.168.1.0/24").defineSubnet(vnet1BackEndSubnetName).withAddressPrefix("192.168.2.0/24").withExistingNetworkSecurityGroup(backEndSubnetNsg).attach().create();
System.out.println("Created a virtual network");
// Print the virtual network details
Utils.print(virtualNetwork1);
//============================================================
// Update a virtual network
// Creates a network security group for frontend subnet
System.out.println("Creating a network security group for virtual network backend subnet...");
NetworkSecurityGroup frontEndSubnetNsg = azure.networkSecurityGroups().define(vnet1FrontEndSubnetNsgName).withRegion(Region.US_EAST).withExistingResourceGroup(rgName).defineRule("AllowHttpInComing").allowInbound().fromAddress("INTERNET").fromAnyPort().toAnyAddress().toPort(80).withProtocol(SecurityRuleProtocol.TCP).attach().defineRule("DenyInternetOutGoing").denyOutbound().fromAnyAddress().fromAnyPort().toAddress("INTERNET").toAnyPort().withAnyProtocol().attach().create();
System.out.println("Created network security group");
// Print the network security group
Utils.print(frontEndSubnetNsg);
// Update the virtual network frontend subnet by associating it with network security group
System.out.println("Associating network security group rule to frontend subnet");
virtualNetwork1.update().updateSubnet(vnet1FrontEndSubnetName).withExistingNetworkSecurityGroup(frontEndSubnetNsg).parent().apply();
System.out.println("Network security group rule associated with the frontend subnet");
// Print the virtual network details
Utils.print(virtualNetwork1);
//============================================================
// Create a virtual machine in each subnet
// Creates the first virtual machine in frontend subnet
System.out.println("Creating a Linux virtual machine in the frontend subnet");
Date t1 = new Date();
VirtualMachine frontEndVM = azure.virtualMachines().define(frontEndVMName).withRegion(Region.US_EAST).withExistingResourceGroup(rgName).withExistingPrimaryNetwork(virtualNetwork1).withSubnet(vnet1FrontEndSubnetName).withPrimaryPrivateIPAddressDynamic().withNewPrimaryPublicIPAddress(publicIPAddressLeafDnsForFrontEndVM).withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS).withRootUsername(userName).withSsh(sshKey).withSize(VirtualMachineSizeTypes.STANDARD_D3_V2).create();
Date t2 = new Date();
System.out.println("Created Linux VM: (took " + ((t2.getTime() - t1.getTime()) / 1000) + " seconds) " + frontEndVM.id());
// Print virtual machine details
Utils.print(frontEndVM);
// Creates the second virtual machine in the backend subnet
System.out.println("Creating a Linux virtual machine in the backend subnet");
Date t3 = new Date();
VirtualMachine backEndVM = azure.virtualMachines().define(backEndVMName).withRegion(Region.US_EAST).withExistingResourceGroup(rgName).withExistingPrimaryNetwork(virtualNetwork1).withSubnet(vnet1BackEndSubnetName).withPrimaryPrivateIPAddressDynamic().withoutPrimaryPublicIPAddress().withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS).withRootUsername(userName).withSsh(sshKey).withSize(VirtualMachineSizeTypes.STANDARD_D3_V2).create();
Date t4 = new Date();
System.out.println("Created Linux VM: (took " + ((t4.getTime() - t3.getTime()) / 1000) + " seconds) " + backEndVM.id());
// Print virtual machine details
Utils.print(backEndVM);
//============================================================
// Create a virtual network with default address-space and one default subnet
System.out.println("Creating virtual network #2...");
Network virtualNetwork2 = azure.networks().define(vnetName2).withRegion(Region.US_EAST).withNewResourceGroup(rgName).create();
System.out.println("Created a virtual network");
// Print the virtual network details
Utils.print(virtualNetwork2);
for (Network virtualNetwork : azure.networks().listByResourceGroup(rgName)) {
Utils.print(virtualNetwork);
}
//============================================================
// Delete a virtual network
System.out.println("Deleting the virtual network");
azure.networks().deleteById(virtualNetwork2.id());
System.out.println("Deleted the virtual network");
return true;
} catch (Exception e) {
System.err.println(e.getMessage());
} finally {
try {
System.out.println("Deleting Resource Group: " + rgName);
azure.resourceGroups().deleteByName(rgName);
System.out.println("Deleted Resource Group: " + rgName);
} catch (NullPointerException npe) {
System.out.println("Did not create any resources in Azure. No clean up is necessary");
} catch (Exception g) {
g.printStackTrace();
}
}
return false;
}
Also used :
NetworkSecurityGroup(com.microsoft.azure.management.network.NetworkSecurityGroup)
Network(com.microsoft.azure.management.network.Network)
Date(java.util.Date)
VirtualMachine(com.microsoft.azure.management.compute.VirtualMachine)
Example 8 with NetworkSecurityGroup
use of com.microsoft.azure.management.network.NetworkSecurityGroup in project azure-sdk-for-java by Azure.
the class ManageVirtualNetworkAsync method runSample.
/**
* Main function which runs the actual sample.
* @param azure instance of the azure client
* @return true if sample runs successfully
*/
public static boolean runSample(final Azure azure) {
final String vnetName1 = SdkContext.randomResourceName("vnet1", 20);
final String vnetName2 = SdkContext.randomResourceName("vnet2", 20);
final String vnet1FrontEndSubnetName = "frontend";
final String vnet1BackEndSubnetName = "backend";
final String vnet1FrontEndSubnetNsgName = "frontendnsg";
final String vnet1BackEndSubnetNsgName = "backendnsg";
final String frontEndVMName = SdkContext.randomResourceName("fevm", 24);
final String backEndVMName = SdkContext.randomResourceName("bevm", 24);
final String publicIPAddressLeafDnsForFrontEndVM = SdkContext.randomResourceName("pip1", 24);
final String userName = "tirekicker";
final String sshKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCfSPC2K7LZcFKEO+/t3dzmQYtrJFZNxOsbVgOVKietqHyvmYGHEC0J2wPdAqQ/63g/hhAEFRoyehM+rbeDri4txB3YFfnOK58jqdkyXzupWqXzOrlKY4Wz9SKjjN765+dqUITjKRIaAip1Ri137szRg71WnrmdP3SphTRlCx1Bk2nXqWPsclbRDCiZeF8QOTi4JqbmJyK5+0UqhqYRduun8ylAwKKQJ1NJt85sYIHn9f1Rfr6Tq2zS0wZ7DHbZL+zB5rSlAr8QyUdg/GQD+cmSs6LvPJKL78d6hMGk84ARtFo4A79ovwX/Fj01znDQkU6nJildfkaolH2rWFG/qttD azjava@javalib.com";
final String rgName = SdkContext.randomResourceName("rgNEMV", 24);
try {
//============================================================
// Create a virtual network with specific address-space and two subnet
// Creates a network security group for backend subnet
System.out.println("Creating a network security group for virtual network backend subnet...");
// Creates a network security group for frontend subnet
System.out.println("Creating a network security group for virtual network backend subnet...");
final Map<String, Indexable> createdResources = new TreeMap<>();
Observable.merge(azure.networkSecurityGroups().define(vnet1BackEndSubnetNsgName).withRegion(Region.US_EAST).withNewResourceGroup(rgName).defineRule("DenyInternetInComing").denyInbound().fromAddress("INTERNET").fromAnyPort().toAnyAddress().toAnyPort().withAnyProtocol().attach().defineRule("DenyInternetOutGoing").denyOutbound().fromAnyAddress().fromAnyPort().toAddress("INTERNET").toAnyPort().withAnyProtocol().attach().createAsync().flatMap(new Func1<Indexable, Observable<Indexable>>() {
@Override
public Observable<Indexable> call(Indexable indexable) {
if (indexable instanceof NetworkSecurityGroup) {
NetworkSecurityGroup backEndNsg = (NetworkSecurityGroup) indexable;
System.out.println("Creating virtual network #1...");
return Observable.merge(Observable.just(indexable), azure.networks().define(vnetName1).withRegion(Region.US_EAST).withExistingResourceGroup(rgName).withAddressSpace("192.168.0.0/16").withSubnet(vnet1FrontEndSubnetName, "192.168.1.0/24").defineSubnet(vnet1BackEndSubnetName).withAddressPrefix("192.168.2.0/24").withExistingNetworkSecurityGroup(backEndNsg).attach().createAsync());
}
return Observable.just(indexable);
}
}), azure.networkSecurityGroups().define(vnet1FrontEndSubnetNsgName).withRegion(Region.US_EAST).withExistingResourceGroup(rgName).defineRule("AllowHttpInComing").allowInbound().fromAddress("INTERNET").fromAnyPort().toAnyAddress().toPort(80).withProtocol(SecurityRuleProtocol.TCP).attach().defineRule("DenyInternetOutGoing").denyOutbound().fromAnyAddress().fromAnyPort().toAddress("INTERNET").toAnyPort().withAnyProtocol().attach().createAsync()).map(new Func1<Indexable, Indexable>() {
@Override
public Indexable call(Indexable indexable) {
if (indexable instanceof NetworkSecurityGroup) {
NetworkSecurityGroup nsg = (NetworkSecurityGroup) indexable;
System.out.println("Created network security group");
// Print the network security group
Utils.print(nsg);
createdResources.put(nsg.name(), nsg);
} else if (indexable instanceof Network) {
Network vn = (Network) indexable;
System.out.println("Created a virtual network");
// Print the virtual network details
Utils.print(vn);
createdResources.put(vn.name(), vn);
}
return indexable;
}
}).toBlocking().subscribe();
NetworkSecurityGroup frontEndSubnetNsg = (NetworkSecurityGroup) createdResources.get(vnet1FrontEndSubnetNsgName);
Network virtualNetwork1 = (Network) createdResources.get(vnetName1);
//============================================================
// Update a virtual network
// Update the virtual network frontend subnet by associating it with network security group
System.out.println("Associating network security group rule to frontend subnet");
virtualNetwork1.update().updateSubnet(vnet1FrontEndSubnetName).withExistingNetworkSecurityGroup(frontEndSubnetNsg).parent().applyAsync().toCompletable().await();
System.out.println("Network security group rule associated with the frontend subnet");
// Print the virtual network details
Utils.print(virtualNetwork1);
//============================================================
// Create a virtual machine in each subnet and another virtual network
// Creates the first virtual machine in frontend subnet
System.out.println("Creating a Linux virtual machine in the frontend subnet");
// Creates the second virtual machine in the backend subnet
System.out.println("Creating a Linux virtual machine in the backend subnet");
// Create a virtual network with default address-space and one default subnet
System.out.println("Creating virtual network #2...");
final Date t1 = new Date();
Observable.merge(azure.virtualMachines().define(frontEndVMName).withRegion(Region.US_EAST).withExistingResourceGroup(rgName).withExistingPrimaryNetwork(virtualNetwork1).withSubnet(vnet1FrontEndSubnetName).withPrimaryPrivateIPAddressDynamic().withNewPrimaryPublicIPAddress(publicIPAddressLeafDnsForFrontEndVM).withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS).withRootUsername(userName).withSsh(sshKey).withSize(VirtualMachineSizeTypes.STANDARD_D3_V2).createAsync(), azure.virtualMachines().define(backEndVMName).withRegion(Region.US_EAST).withExistingResourceGroup(rgName).withExistingPrimaryNetwork(virtualNetwork1).withSubnet(vnet1BackEndSubnetName).withPrimaryPrivateIPAddressDynamic().withoutPrimaryPublicIPAddress().withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS).withRootUsername(userName).withSsh(sshKey).withSize(VirtualMachineSizeTypes.STANDARD_D3_V2).createAsync(), azure.networks().define(vnetName2).withRegion(Region.US_EAST).withNewResourceGroup(rgName).createAsync()).map(new Func1<Indexable, Indexable>() {
@Override
public Indexable call(Indexable indexable) {
Date t2 = new Date();
long duration = ((t2.getTime() - t1.getTime()) / 1000);
if (indexable instanceof VirtualMachine) {
VirtualMachine vm = (VirtualMachine) indexable;
System.out.println("Created Linux VM: (took " + duration + " seconds) " + vm.id());
// Print virtual machine details
Utils.print(vm);
} else if (indexable instanceof Network) {
Network vn = (Network) indexable;
System.out.println("Created a virtual network: took " + duration + " seconds) " + vn.id());
// Print the virtual network details
Utils.print(vn);
}
return indexable;
}
});
//============================================================
// List virtual networks and print details
azure.networks().listByResourceGroupAsync(rgName).map(new Func1<Network, Network>() {
@Override
public Network call(Network network) {
Utils.print(network);
return network;
}
}).toBlocking().subscribe();
return true;
} catch (Exception e) {
System.err.println(e.getMessage());
} finally {
try {
System.out.println("Deleting Resource Group: " + rgName);
azure.resourceGroups().deleteByNameAsync(rgName).await();
System.out.println("Deleted Resource Group: " + rgName);
} catch (NullPointerException npe) {
System.out.println("Did not create any resources in Azure. No clean up is necessary");
} catch (Exception g) {
g.printStackTrace();
}
}
return false;
}
Also used :
NetworkSecurityGroup(com.microsoft.azure.management.network.NetworkSecurityGroup)
TreeMap(java.util.TreeMap)
Observable(rx.Observable)
Date(java.util.Date)
Network(com.microsoft.azure.management.network.Network)
Indexable(com.microsoft.azure.management.resources.fluentcore.model.Indexable)
VirtualMachine(com.microsoft.azure.management.compute.VirtualMachine)
Example 9 with NetworkSecurityGroup
use of com.microsoft.azure.management.network.NetworkSecurityGroup in project azure-sdk-for-java by Azure.
the class NetworkInterfaceImpl method beforeCreating.
@Override
protected void beforeCreating() {
NetworkSecurityGroup networkSecurityGroup = null;
if (creatableNetworkSecurityGroupKey != null) {
networkSecurityGroup = (NetworkSecurityGroup) this.createdResource(creatableNetworkSecurityGroupKey);
} else if (existingNetworkSecurityGroupToAssociate != null) {
networkSecurityGroup = existingNetworkSecurityGroupToAssociate;
}
// Associate an NSG if needed
if (networkSecurityGroup != null) {
this.inner().withNetworkSecurityGroup(new SubResource().withId(networkSecurityGroup.id()));
}
NicIPConfigurationImpl.ensureConfigurations(this.nicIPConfigurations.values());
// Reset and update IP configs
this.inner().withIpConfigurations(innersFromWrappers(this.nicIPConfigurations.values()));
}
Also used :
SubResource(com.microsoft.azure.SubResource)
NetworkSecurityGroup(com.microsoft.azure.management.network.NetworkSecurityGroup)
Example 10 with NetworkSecurityGroup
use of com.microsoft.azure.management.network.NetworkSecurityGroup in project azure-sdk-for-java by Azure.
the class ManageNetworkSecurityGroup method runSample.
/**
* Main function which runs the actual sample.
* @param azure instance of the azure client
* @return true if sample runs successfully
*/
public static boolean runSample(Azure azure) {
final Region region = Region.US_NORTH_CENTRAL;
final String frontEndNSGName = SdkContext.randomResourceName("fensg", 24);
final String backEndNSGName = SdkContext.randomResourceName("bensg", 24);
final String rgName = SdkContext.randomResourceName("rgNEMS", 24);
final String vnetName = SdkContext.randomResourceName("vnet", 24);
final String networkInterfaceName1 = SdkContext.randomResourceName("nic1", 24);
final String networkInterfaceName2 = SdkContext.randomResourceName("nic2", 24);
final String publicIPAddressLeafDNS1 = SdkContext.randomResourceName("pip1", 24);
final String frontEndVMName = SdkContext.randomResourceName("fevm", 24);
final String backEndVMName = SdkContext.randomResourceName("bevm", 24);
final String userName = "tirekicker";
final String sshKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCfSPC2K7LZcFKEO+/t3dzmQYtrJFZNxOsbVgOVKietqHyvmYGHEC0J2wPdAqQ/63g/hhAEFRoyehM+rbeDri4txB3YFfnOK58jqdkyXzupWqXzOrlKY4Wz9SKjjN765+dqUITjKRIaAip1Ri137szRg71WnrmdP3SphTRlCx1Bk2nXqWPsclbRDCiZeF8QOTi4JqbmJyK5+0UqhqYRduun8ylAwKKQJ1NJt85sYIHn9f1Rfr6Tq2zS0wZ7DHbZL+zB5rSlAr8QyUdg/GQD+cmSs6LvPJKL78d6hMGk84ARtFo4A79ovwX/Fj01znDQkU6nJildfkaolH2rWFG/qttD azjava@javalib.com";
try {
// Define a virtual network for VMs in this availability set
System.out.println("Creating a virtual network ...");
Network network = azure.networks().define(vnetName).withRegion(region).withNewResourceGroup(rgName).withAddressSpace("172.16.0.0/16").defineSubnet("Front-end").withAddressPrefix("172.16.1.0/24").attach().defineSubnet("Back-end").withAddressPrefix("172.16.2.0/24").attach().create();
System.out.println("Created a virtual network: " + network.id());
Utils.print(network);
//============================================================
// Create a network security group for the front end of a subnet
// front end subnet contains two rules
// - ALLOW-SSH - allows SSH traffic into the front end subnet
// - ALLOW-WEB- allows HTTP traffic into the front end subnet
System.out.println("Creating a security group for the front end - allows SSH and HTTP");
NetworkSecurityGroup frontEndNSG = azure.networkSecurityGroups().define(frontEndNSGName).withRegion(region).withNewResourceGroup(rgName).defineRule("ALLOW-SSH").allowInbound().fromAnyAddress().fromAnyPort().toAnyAddress().toPort(22).withProtocol(SecurityRuleProtocol.TCP).withPriority(100).withDescription("Allow SSH").attach().defineRule("ALLOW-HTTP").allowInbound().fromAnyAddress().fromAnyPort().toAnyAddress().toPort(80).withProtocol(SecurityRuleProtocol.TCP).withPriority(101).withDescription("Allow HTTP").attach().create();
System.out.println("Created a security group for the front end: " + frontEndNSG.id());
Utils.print(frontEndNSG);
//============================================================
// Create a network security group for the back end of a subnet
// back end subnet contains two rules
// - ALLOW-SQL - allows SQL traffic only from the front end subnet
// - DENY-WEB - denies all outbound internet traffic from the back end subnet
System.out.println("Creating a security group for the front end - allows SSH and " + "denies all outbound internet traffic ");
NetworkSecurityGroup backEndNSG = azure.networkSecurityGroups().define(backEndNSGName).withRegion(region).withExistingResourceGroup(rgName).defineRule("ALLOW-SQL").allowInbound().fromAddress("172.16.1.0/24").fromAnyPort().toAnyAddress().toPort(1433).withProtocol(SecurityRuleProtocol.TCP).withPriority(100).withDescription("Allow SQL").attach().defineRule("DENY-WEB").denyOutbound().fromAnyAddress().fromAnyPort().toAnyAddress().toAnyPort().withAnyProtocol().withDescription("Deny Web").withPriority(200).attach().create();
System.out.println("Created a security group for the back end: " + backEndNSG.id());
Utils.print(backEndNSG);
System.out.println("Creating multiple network interfaces");
System.out.println("Creating network interface 1");
//========================================================
// Create a network interface and apply the
// front end network security group
System.out.println("Creating a network interface for the front end");
NetworkInterface networkInterface1 = azure.networkInterfaces().define(networkInterfaceName1).withRegion(region).withExistingResourceGroup(rgName).withExistingPrimaryNetwork(network).withSubnet("Front-end").withPrimaryPrivateIPAddressDynamic().withNewPrimaryPublicIPAddress(publicIPAddressLeafDNS1).withIPForwarding().withExistingNetworkSecurityGroup(frontEndNSG).create();
System.out.println("Created network interface for the front end");
Utils.print(networkInterface1);
//========================================================
// Create a network interface and apply the
// back end network security group
System.out.println("Creating a network interface for the back end");
NetworkInterface networkInterface2 = azure.networkInterfaces().define(networkInterfaceName2).withRegion(region).withExistingResourceGroup(rgName).withExistingPrimaryNetwork(network).withSubnet("Back-end").withPrimaryPrivateIPAddressDynamic().withExistingNetworkSecurityGroup(backEndNSG).create();
Utils.print(networkInterface2);
//=============================================================
// Create a virtual machine (for the front end)
// with the network interface that has the network security group for the front end
System.out.println("Creating a Linux virtual machine (for the front end) - " + "with the network interface that has the network security group for the front end");
Date t1 = new Date();
VirtualMachine frontEndVM = azure.virtualMachines().define(frontEndVMName).withRegion(region).withExistingResourceGroup(rgName).withExistingPrimaryNetworkInterface(networkInterface1).withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS).withRootUsername(userName).withSsh(sshKey).withSize(VirtualMachineSizeTypes.STANDARD_D3_V2).create();
Date t2 = new Date();
System.out.println("Created Linux VM: (took " + ((t2.getTime() - t1.getTime()) / 1000) + " seconds) " + frontEndVM.id());
// Print virtual machine details
Utils.print(frontEndVM);
//=============================================================
// Create a virtual machine (for the back end)
// with the network interface that has the network security group for the back end
System.out.println("Creating a Linux virtual machine (for the back end) - " + "with the network interface that has the network security group for the back end");
t1 = new Date();
VirtualMachine backEndVM = azure.virtualMachines().define(backEndVMName).withRegion(region).withExistingResourceGroup(rgName).withExistingPrimaryNetworkInterface(networkInterface2).withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS).withRootUsername(userName).withSsh(sshKey).withSize(VirtualMachineSizeTypes.STANDARD_D3_V2).create();
t2 = new Date();
System.out.println("Created a Linux VM: (took " + ((t2.getTime() - t1.getTime()) / 1000) + " seconds) " + backEndVM.id());
Utils.print(backEndVM);
//========================================================
// List network security groups
System.out.println("Walking through network security groups");
List<NetworkSecurityGroup> networkSecurityGroups = azure.networkSecurityGroups().listByResourceGroup(rgName);
for (NetworkSecurityGroup networkSecurityGroup : networkSecurityGroups) {
Utils.print(networkSecurityGroup);
}
//========================================================
// Update a network security group
System.out.println("Updating the front end network security group to allow FTP");
frontEndNSG.update().defineRule("ALLOW-FTP").allowInbound().fromAnyAddress().fromAnyPort().toAnyAddress().toPortRange(20, 21).withProtocol(SecurityRuleProtocol.TCP).withDescription("Allow FTP").withPriority(200).attach().apply();
System.out.println("Updated the front end network security group");
Utils.print(frontEndNSG);
return true;
} catch (Exception f) {
System.out.println(f.getMessage());
f.printStackTrace();
} finally {
try {
System.out.println("Deleting Resource Group: " + rgName);
azure.resourceGroups().deleteByName(rgName);
System.out.println("Deleted Resource Group: " + rgName);
} catch (NullPointerException npe) {
System.out.println("Did not create any resources in Azure. No clean up is necessary");
} catch (Exception g) {
g.printStackTrace();
}
}
return false;
}
Also used :
NetworkSecurityGroup(com.microsoft.azure.management.network.NetworkSecurityGroup)
Network(com.microsoft.azure.management.network.Network)
Region(com.microsoft.azure.management.resources.fluentcore.arm.Region)
NetworkInterface(com.microsoft.azure.management.network.NetworkInterface)
Date(java.util.Date)
VirtualMachine(com.microsoft.azure.management.compute.VirtualMachine)
Aggregations
NetworkSecurityGroup (com.microsoft.azure.management.network.NetworkSecurityGroup)10
VirtualMachine (com.microsoft.azure.management.compute.VirtualMachine)4
Network (com.microsoft.azure.management.network.Network)4
Date (java.util.Date)3
NetworkInterface (com.microsoft.azure.management.network.NetworkInterface)2
Subnet (com.microsoft.azure.management.network.Subnet)2
Region (com.microsoft.azure.management.resources.fluentcore.arm.Region)2
Indexable (com.microsoft.azure.management.resources.fluentcore.model.Indexable)2
SubResource (com.microsoft.azure.SubResource)1
RouteTable (com.microsoft.azure.management.network.RouteTable)1
GenericResource (com.microsoft.azure.management.resources.GenericResource)1
ResourceGroup (com.microsoft.azure.management.resources.ResourceGroup)1
Creatable (com.microsoft.azure.management.resources.fluentcore.model.Creatable)1
StorageAccount (com.microsoft.azure.management.storage.StorageAccount)1
ArrayList (java.util.ArrayList)1
TreeMap (java.util.TreeMap)1
StopWatch (org.apache.commons.lang3.time.StopWatch)1
SelectionAdapter (org.eclipse.swt.events.SelectionAdapter)1
SelectionEvent (org.eclipse.swt.events.SelectionEvent)1
Test (org.junit.Test)1
