Examples with SecurityGroupState com.vmware.photon.controller.model.resources.SecurityGroupService.SecurityGroupState used on opensource projects

Search in sources :

Example 36 with SecurityGroupState

use of com.vmware.photon.controller.model.resources.SecurityGroupService.SecurityGroupState in project photon-model by vmware.

the class AWSLoadBalancerService method createSecurityGroupState.

private DeferredResult<AWSLoadBalancerContext> createSecurityGroupState(AWSLoadBalancerContext context) {
    SecurityGroupState state = new SecurityGroupState();
    state.authCredentialsLink = context.credentials.documentSelfLink;
    state.endpointLink = context.loadBalancerStateExpanded.endpointLink;
    if (state.endpointLinks == null) {
        state.endpointLinks = new HashSet<>();
    }
    state.endpointLinks.add(context.loadBalancerStateExpanded.endpointLink);
    state.instanceAdapterReference = UriUtils.buildUri(getHost(), AWSSecurityGroupService.SELF_LINK);
    state.resourcePoolLink = context.loadBalancerStateExpanded.endpointState.resourcePoolLink;
    state.customProperties = new HashMap<>(2);
    state.customProperties.put(ComputeProperties.INFRASTRUCTURE_USE_PROP_NAME, Boolean.TRUE.toString());
    state.customProperties.put(AWSConstants.AWS_LOAD_BALANCER_SECURITY_GROUP, Boolean.TRUE.toString());
    state.tenantLinks = context.loadBalancerStateExpanded.tenantLinks;
    state.regionId = context.loadBalancerStateExpanded.regionId;
    state.name = context.loadBalancerStateExpanded.name + "_SG";
    state.ingress = context.loadBalancerStateExpanded.routes.stream().map(routeConfiguration -> buildRule(routeConfiguration.port)).collect(Collectors.toList());
    state.egress = context.loadBalancerStateExpanded.routes.stream().map(routeConfiguration -> buildRule(routeConfiguration.instancePort)).collect(Collectors.toList());
    state.computeHostLink = context.loadBalancerStateExpanded.computeHostLink;
    Operation operation = Operation.createPost(this, FACTORY_LINK).setBody(state);
    return this.sendWithDeferredResult(operation, SecurityGroupState.class).thenApply(securityGroupState -> {
        context.provisionedSecurityGroupState = securityGroupState;
        return context;
    });
}
Also used : SecurityGroupState(com.vmware.photon.controller.model.resources.SecurityGroupService.SecurityGroupState) Operation(com.vmware.xenon.common.Operation)

Example 37 with SecurityGroupState

use of com.vmware.photon.controller.model.resources.SecurityGroupService.SecurityGroupState in project photon-model by vmware.

the class TestProvisionAWSSecurityGroup method testDeleteAWSSecurityGroupWithDependency.

@Test
public void testDeleteAWSSecurityGroupWithDependency() throws Throwable {
    // create credentials
    Operation authResponse = new Operation();
    TestUtils.postCredentials(this.host, authResponse, this.privateKey, this.privateKeyId);
    AuthCredentialsServiceState creds = authResponse.getBody(AuthCredentialsServiceState.class);
    // create resource pool
    Operation poolResponse = new Operation();
    TestUtils.postResourcePool(this.host, poolResponse);
    ResourcePoolState pool = poolResponse.getBody(ResourcePoolState.class);
    // create sg service
    Operation securityGroupResponse = new Operation();
    SecurityGroupState initialSecurityGroupState = buildSecurityGroupState(creds, pool);
    TestUtils.postSecurityGroup(this.host, initialSecurityGroupState, securityGroupResponse);
    SecurityGroupState securityGroupState = securityGroupResponse.getBody(SecurityGroupState.class);
    // set up security group task state
    ProvisionSecurityGroupTaskState task = new ProvisionSecurityGroupTaskState();
    task.requestType = SecurityGroupInstanceRequest.InstanceRequestType.CREATE;
    task.securityGroupDescriptionLinks = Stream.of(securityGroupState.documentSelfLink).collect(Collectors.toSet());
    task.customProperties = new HashMap<>();
    task.customProperties.put(NETWORK_STATE_ID_PROP_NAME, this.vpcId);
    Operation provision = new Operation();
    provisionSecurityGroup(task, provision);
    ProvisionSecurityGroupTaskState ps = provision.getBody(ProvisionSecurityGroupTaskState.class);
    waitForTaskCompletion(this.host, UriUtils.buildUri(this.host, ps.documentSelfLink));
    securityGroupState = getServiceSynchronously(securityGroupState.documentSelfLink, SecurityGroupState.class);
    // provision machine on the newly created SG
    String vm = provisionAWSVMWithEC2Client(this.host, this.ec2client, EC2_LINUX_AMI, this.subnetId, securityGroupState.id);
    // reuse previous task, but switch to a delete
    task.requestType = SecurityGroupInstanceRequest.InstanceRequestType.DELETE;
    Operation remove = new Operation();
    provisionSecurityGroup(task, remove);
    // delete the newly provisioned machine after a small delay
    Runnable deleteMachine = () -> {
        try {
            Thread.sleep(2000);
            deleteVMsUsingEC2Client(this.ec2client, this.host, Collections.singletonList(vm));
        } catch (Throwable t) {
            assertNotNull(t);
        }
    };
    deleteMachine.run();
    ProvisionSecurityGroupTaskState removeTask = remove.getBody(ProvisionSecurityGroupTaskState.class);
    waitForTaskCompletion(this.host, UriUtils.buildUri(this.host, removeTask.documentSelfLink));
    // verify security group state is gone
    try {
        getSecurityGroupState(securityGroupState.documentSelfLink);
    } catch (Exception ex) {
        assertTrue(ex instanceof ServiceNotFoundException);
    }
}
Also used : AuthCredentialsServiceState(com.vmware.xenon.services.common.AuthCredentialsService.AuthCredentialsServiceState) ResourcePoolState(com.vmware.photon.controller.model.resources.ResourcePoolService.ResourcePoolState) ProvisionSecurityGroupTaskState(com.vmware.photon.controller.model.tasks.ProvisionSecurityGroupTaskService.ProvisionSecurityGroupTaskState) SecurityGroupState(com.vmware.photon.controller.model.resources.SecurityGroupService.SecurityGroupState) ServiceNotFoundException(com.vmware.xenon.common.ServiceHost.ServiceNotFoundException) Operation(com.vmware.xenon.common.Operation) TimeoutException(java.util.concurrent.TimeoutException) ServiceNotFoundException(com.vmware.xenon.common.ServiceHost.ServiceNotFoundException) CompletionException(java.util.concurrent.CompletionException) BaseModelTest(com.vmware.photon.controller.model.helpers.BaseModelTest) Test(org.junit.Test)

Example 38 with SecurityGroupState

use of com.vmware.photon.controller.model.resources.SecurityGroupService.SecurityGroupState in project photon-model by vmware.

the class TestProvisionAWSSecurityGroup method validateAWSArtifacts.

private void validateAWSArtifacts(String securityGroupDescriptionLink, AuthCredentialsServiceState creds) throws Throwable {
    SecurityGroupState securityGroup = getSecurityGroupState(securityGroupDescriptionLink);
    AWSSecurityGroupClient client = new AWSSecurityGroupClient(AWSUtils.getAsyncClient(creds, this.region, getExecutor()));
    // if any artifact is not present then an error will be thrown
    SecurityGroup sg = client.getSecurityGroupById(securityGroup.customProperties.get(AWSSecurityGroupService.SECURITY_GROUP_ID));
    assertNotNull(sg);
    assertNotNull(sg.getIpPermissions());
    assertTrue(sg.getIpPermissions().size() == 2);
    // check that there is a rule that enables internal communication
    assertTrue(isInternalRule(sg.getGroupId(), sg.getIpPermissions()));
    assertNotNull(sg.getIpPermissionsEgress());
    // there are two egress rules (one that was added as part of this test, and the default one)
    assertTrue(sg.getIpPermissionsEgress().size() == 2);
    // check that there is a rule that enables internal communication
    assertTrue(isInternalRule(sg.getGroupId(), sg.getIpPermissionsEgress()));
}
Also used : SecurityGroupState(com.vmware.photon.controller.model.resources.SecurityGroupService.SecurityGroupState) AWSSecurityGroupClient(com.vmware.photon.controller.model.adapters.awsadapter.util.AWSSecurityGroupClient) SecurityGroup(com.amazonaws.services.ec2.model.SecurityGroup)

Example 39 with SecurityGroupState

use of com.vmware.photon.controller.model.resources.SecurityGroupService.SecurityGroupState in project photon-model by vmware.

the class TestProvisionAWSSecurityGroup method testProvisionAWSSecurityGroup.

@Test
public void testProvisionAWSSecurityGroup() throws Throwable {
    // create credentials
    Operation authResponse = new Operation();
    TestUtils.postCredentials(this.host, authResponse, this.privateKey, this.privateKeyId);
    AuthCredentialsServiceState creds = authResponse.getBody(AuthCredentialsServiceState.class);
    // create resource pool
    Operation poolResponse = new Operation();
    TestUtils.postResourcePool(this.host, poolResponse);
    ResourcePoolState pool = poolResponse.getBody(ResourcePoolState.class);
    // create sg service
    Operation securityGroupResponse = new Operation();
    SecurityGroupState initialSecurityGroupState = buildSecurityGroupState(creds, pool);
    TestUtils.postSecurityGroup(this.host, initialSecurityGroupState, securityGroupResponse);
    SecurityGroupState securityGroupState = securityGroupResponse.getBody(SecurityGroupState.class);
    // set up security group task state
    ProvisionSecurityGroupTaskState task = new ProvisionSecurityGroupTaskState();
    task.requestType = SecurityGroupInstanceRequest.InstanceRequestType.CREATE;
    task.securityGroupDescriptionLinks = Stream.of(securityGroupState.documentSelfLink).collect(Collectors.toSet());
    task.customProperties = new HashMap<>();
    task.customProperties.put(NETWORK_STATE_ID_PROP_NAME, this.vpcId);
    Operation provision = new Operation();
    provisionSecurityGroup(task, provision);
    ProvisionSecurityGroupTaskState ps = provision.getBody(ProvisionSecurityGroupTaskState.class);
    waitForTaskCompletion(this.host, UriUtils.buildUri(this.host, ps.documentSelfLink));
    validateAWSArtifacts(securityGroupState.documentSelfLink, creds);
    // reuse previous task, but switch to a delete
    task.requestType = SecurityGroupInstanceRequest.InstanceRequestType.DELETE;
    Operation remove = new Operation();
    provisionSecurityGroup(task, remove);
    ProvisionSecurityGroupTaskState removeTask = remove.getBody(ProvisionSecurityGroupTaskState.class);
    waitForTaskCompletion(this.host, UriUtils.buildUri(this.host, removeTask.documentSelfLink));
    // verify security group state is gone
    try {
        getSecurityGroupState(securityGroupState.documentSelfLink);
    } catch (Exception ex) {
        assertTrue(ex instanceof ServiceNotFoundException);
    }
}
Also used : AuthCredentialsServiceState(com.vmware.xenon.services.common.AuthCredentialsService.AuthCredentialsServiceState) ResourcePoolState(com.vmware.photon.controller.model.resources.ResourcePoolService.ResourcePoolState) ProvisionSecurityGroupTaskState(com.vmware.photon.controller.model.tasks.ProvisionSecurityGroupTaskService.ProvisionSecurityGroupTaskState) SecurityGroupState(com.vmware.photon.controller.model.resources.SecurityGroupService.SecurityGroupState) ServiceNotFoundException(com.vmware.xenon.common.ServiceHost.ServiceNotFoundException) Operation(com.vmware.xenon.common.Operation) TimeoutException(java.util.concurrent.TimeoutException) ServiceNotFoundException(com.vmware.xenon.common.ServiceHost.ServiceNotFoundException) CompletionException(java.util.concurrent.CompletionException) BaseModelTest(com.vmware.photon.controller.model.helpers.BaseModelTest) Test(org.junit.Test)

Example 40 with SecurityGroupState

use of com.vmware.photon.controller.model.resources.SecurityGroupService.SecurityGroupState in project photon-model by vmware.

the class TestAWSEnumerationTask method validateSecurityGroupsInformation.

private void validateSecurityGroupsInformation(Set<String> securityGroupLinks) throws Throwable {
    if (this.isAwsClientMock) {
        return;
    }
    // Query all the SGs, enumerated in the system
    Map<String, SecurityGroupState> allSecurityGroupStatesMap = ProvisioningUtils.<SecurityGroupState>getResourceStates(this.host, SecurityGroupService.FACTORY_LINK, SecurityGroupState.class);
    // Assert that there are SGs enumerated in the system
    assertNotNull(allSecurityGroupStatesMap);
    if (securityGroupLinks == null) {
        return;
    }
    validateSecurityGroupTagLinks(allSecurityGroupStatesMap);
    List<URI> securityGroupURIs = new ArrayList<>();
    for (String sgLink : securityGroupLinks) {
        securityGroupURIs.add(UriUtils.buildUri(this.host, sgLink));
    }
    // Validate that the SecurityGroups for this VM are correctly described in SGStates
    Map<URI, SecurityGroupState> sgStatesToLinksMap = this.host.getServiceState(null, SecurityGroupState.class, securityGroupURIs);
    for (URI uri : securityGroupURIs) {
        // Assert the SG State exist
        assertNotNull(sgStatesToLinksMap.get(uri));
        // Assert that the security group rules are correctly added to the SG State
        // In the test setup there are both ingress and egress rules added
        assertTrue(sgStatesToLinksMap.get(uri).ingress.size() > 0);
        assertTrue(sgStatesToLinksMap.get(uri).egress.size() > 0);
        assertFalse(StringUtil.isNullOrEmpty(sgStatesToLinksMap.get(uri).customProperties.get(AWS_VPC_ID)));
    }
}
Also used : SecurityGroupState(com.vmware.photon.controller.model.resources.SecurityGroupService.SecurityGroupState) ArrayList(java.util.ArrayList) URI(java.net.URI)

Aggregations

SecurityGroupState (com.vmware.photon.controller.model.resources.SecurityGroupService.SecurityGroupState)41 Operation (com.vmware.xenon.common.Operation)16 Test (org.junit.Test)16 ArrayList (java.util.ArrayList)15 URI (java.net.URI)12 AzureTestUtil.getSecurityGroupState (com.vmware.photon.controller.model.adapters.azure.instance.AzureTestUtil.getSecurityGroupState)9 UriUtils (com.vmware.xenon.common.UriUtils)9 List (java.util.List)9 AuthCredentialsServiceState (com.vmware.xenon.services.common.AuthCredentialsService.AuthCredentialsServiceState)8 HashSet (java.util.HashSet)8 AzureBaseTest (com.vmware.photon.controller.model.adapters.azure.base.AzureBaseTest)7 NetworkInterfaceState (com.vmware.photon.controller.model.resources.NetworkInterfaceService.NetworkInterfaceState)7 StatelessService (com.vmware.xenon.common.StatelessService)7 HashMap (java.util.HashMap)7 AmazonEC2AsyncClient (com.amazonaws.services.ec2.AmazonEC2AsyncClient)6 NetworkSecurityGroupInner (com.microsoft.azure.management.network.implementation.NetworkSecurityGroupInner)6 ComputeState (com.vmware.photon.controller.model.resources.ComputeService.ComputeState)6 Map (java.util.Map)6 Collectors (java.util.stream.Collectors)6 ResourcePoolState (com.vmware.photon.controller.model.resources.ResourcePoolService.ResourcePoolState)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial