Search in sources :

Example 1 with SecurityGroupExtension

use of org.jclouds.compute.extensions.SecurityGroupExtension in project whirr by apache.

the class FirewallManager method authorizeIngress.

public static void authorizeIngress(ComputeServiceContext computeServiceContext, Set<Instance> instances, final ClusterSpec clusterSpec, List<String> cidrs, int... ports) {
    try {
        if (computeServiceContext.getComputeService().getSecurityGroupExtension().isPresent()) {
            SecurityGroupExtension securityGroupExtension = computeServiceContext.getComputeService().getSecurityGroupExtension().get();
            Instance instance = Iterables.getFirst(instances, null);
            if (instance != null) {
                SecurityGroup group = Iterables.find(securityGroupExtension.listSecurityGroupsForNode(instance.getNodeMetadata().getId()), new Predicate<SecurityGroup>() {

                    @Override
                    public boolean apply(SecurityGroup input) {
                        if (input.getName().contains(clusterSpec.getClusterName()) || input.getId().contains(clusterSpec.getClusterName())) {
                            return true;
                        }
                        // To change body of implemented methods use File | Settings | File Templates.
                        return false;
                    }
                });
                if (group == null) {
                    group = securityGroupExtension.createSecurityGroup(clusterSpec.getClusterName(), instance.getNodeMetadata().getLocation());
                }
                for (int port : ports) {
                    IpPermission.Builder builder = IpPermission.builder();
                    builder.cidrBlocks(cidrs);
                    builder.ipProtocol(IpProtocol.TCP);
                    builder.fromPort(port);
                    builder.toPort(port);
                    securityGroupExtension.addIpPermission(builder.build(), group);
                }
            } else {
                LOG.warn("Cannot find any instance for group, so cannot determine security group.");
            }
        } else {
            LOG.warn("No security group extension present for provider, so cannot set up security group.");
        }
    } catch (Exception e) {
        LOG.error("Error setting up security groups: {}", e);
    }
}
Also used : SecurityGroupExtension(org.jclouds.compute.extensions.SecurityGroupExtension) Instance(org.apache.whirr.Cluster.Instance) IpPermission(org.jclouds.net.domain.IpPermission) SecurityGroup(org.jclouds.compute.domain.SecurityGroup) IOException(java.io.IOException)

Aggregations

IOException (java.io.IOException)1 Instance (org.apache.whirr.Cluster.Instance)1 SecurityGroup (org.jclouds.compute.domain.SecurityGroup)1 SecurityGroupExtension (org.jclouds.compute.extensions.SecurityGroupExtension)1 IpPermission (org.jclouds.net.domain.IpPermission)1