use of org.jclouds.compute.domain.SecurityGroup in project whirr by apache.
the class FirewallManager method authorizeIngress.
public static void authorizeIngress(ComputeServiceContext computeServiceContext, Set<Instance> instances, final ClusterSpec clusterSpec, List<String> cidrs, int... ports) {
try {
if (computeServiceContext.getComputeService().getSecurityGroupExtension().isPresent()) {
SecurityGroupExtension securityGroupExtension = computeServiceContext.getComputeService().getSecurityGroupExtension().get();
Instance instance = Iterables.getFirst(instances, null);
if (instance != null) {
SecurityGroup group = Iterables.find(securityGroupExtension.listSecurityGroupsForNode(instance.getNodeMetadata().getId()), new Predicate<SecurityGroup>() {
@Override
public boolean apply(SecurityGroup input) {
if (input.getName().contains(clusterSpec.getClusterName()) || input.getId().contains(clusterSpec.getClusterName())) {
return true;
}
// To change body of implemented methods use File | Settings | File Templates.
return false;
}
});
if (group == null) {
group = securityGroupExtension.createSecurityGroup(clusterSpec.getClusterName(), instance.getNodeMetadata().getLocation());
}
for (int port : ports) {
IpPermission.Builder builder = IpPermission.builder();
builder.cidrBlocks(cidrs);
builder.ipProtocol(IpProtocol.TCP);
builder.fromPort(port);
builder.toPort(port);
securityGroupExtension.addIpPermission(builder.build(), group);
}
} else {
LOG.warn("Cannot find any instance for group, so cannot determine security group.");
}
} else {
LOG.warn("No security group extension present for provider, so cannot set up security group.");
}
} catch (Exception e) {
LOG.error("Error setting up security groups: {}", e);
}
}
Aggregations