Example 1 with EC2TemplateOptions
use of org.jclouds.ec2.compute.options.EC2TemplateOptions in project acceptance-test-harness by jenkinsci.
the class TSREc2Provider method getTemplate.
@Override
public Template getTemplate() throws IOException {
if (config.getSecurityGroups().size() > 0) {
EC2Api client = contextBuilder.buildApi(EC2Api.class);
for (String sg : config.getSecurityGroups()) {
try {
client.getSecurityGroupApi().get().createSecurityGroupInRegion(config.getRegion(), sg, sg);
client.getSecurityGroupApi().get().authorizeSecurityGroupIngressInRegion(config.getRegion(), sg, IpProtocol.TCP, config.getInboundPorts()[0], config.getInboundPorts()[config.getInboundPorts().length - 1], "0.0.0.0/0");
client.getSecurityGroupApi().get().authorizeSecurityGroupIngressInRegion(config.getRegion(), sg, IpProtocol.TCP, 22, 22, "0.0.0.0/0");
} catch (IllegalStateException e) {
// Lets ignore it, most likely its due to existing security roles, it might fail
logger.error("Failed to create and authorize IP ports in security group" + e.getMessage());
}
}
}
Template template = computeService.templateBuilder().imageId(config.getRegion() + "/" + config.getImageId()).locationId(config.getRegion()).hardwareId(config.getInstanceType()).build();
String publicKey = keyPair.readPublicKey();
EC2TemplateOptions options = template.getOptions().as(EC2TemplateOptions.class);
options.authorizePublicKey(publicKey).securityGroups(config.getSecurityGroups()).inboundPorts(config.getInboundPorts()).overrideLoginUser(config.getUser());
// fixme: the key pair name we set here just doesn't get used at all. as of 1.6.0
// in CreateKeyPairPlacementAndSecurityGroupsAsNeededAndReturnRunOptions
// #createNewKeyPairUnlessUserSpecifiedOtherwise
// it goes through "and(hasPublicKeyMaterial, or(doesntNeedSshAfterImportingPublicKey, hasLoginCredential))"
// check, which evaluates to true (because doesntNeedSshAfterImportingPublicKey is true), and it ends up going
// through importExistingKeyPair.apply(...) that doesn't look at the key pair name we prefer.
String kn = config.getKeyPairName();
if (kn == null) {
try {
kn = "jenkins-test-" + keyPair.getFingerprint().substring(0, 11);
} catch (GeneralSecurityException e) {
throw new IOException("Failed to compute key fingerprint of", e);
}
}
options.keyPair(kn);
return template;
}
Also used :
EC2Api(org.jclouds.ec2.EC2Api)
GeneralSecurityException(java.security.GeneralSecurityException)
IOException(java.io.IOException)
EC2TemplateOptions(org.jclouds.ec2.compute.options.EC2TemplateOptions)
Template(org.jclouds.compute.domain.Template)
Example 2 with EC2TemplateOptions
use of org.jclouds.ec2.compute.options.EC2TemplateOptions in project acceptance-test-harness by jenkinsci.
the class Ec2Provider method getTemplate.
@Override
public Template getTemplate() throws IOException {
if (config.getSecurityGroups().size() > 0) {
EC2Api client = contextBuilder.buildApi(EC2Api.class);
for (String sg : config.getSecurityGroups()) {
try {
client.getSecurityGroupApi().get().createSecurityGroupInRegion(config.getRegion(), sg, sg);
client.getSecurityGroupApi().get().authorizeSecurityGroupIngressInRegion(config.getRegion(), sg, IpProtocol.TCP, config.getInboundPorts()[0], config.getInboundPorts()[config.getInboundPorts().length - 1], "0.0.0.0/0");
client.getSecurityGroupApi().get().authorizeSecurityGroupIngressInRegion(config.getRegion(), sg, IpProtocol.TCP, 22, 22, "0.0.0.0/0");
} catch (IllegalStateException e) {
// Lets ignore it, most likely its due to existing security roles, it might fail
logger.error("Failed to create and authorize IP ports in security group" + e.getMessage());
}
}
}
Template template = computeService.templateBuilder().imageId(config.getRegion() + "/" + config.getImageId()).locationId(config.getRegion()).hardwareId(config.getInstanceType()).build();
String publicKey = keyPair.readPublicKey();
EC2TemplateOptions options = template.getOptions().as(EC2TemplateOptions.class);
options.authorizePublicKey(publicKey).securityGroups(config.getSecurityGroups()).inboundPorts(config.getInboundPorts()).overrideLoginUser(config.getUser());
// FIXME: the key pair name we set here just doesn't get used at all. as of 1.6.0
// in CreateKeyPairPlacementAndSecurityGroupsAsNeededAndReturnRunOptions
// #createNewKeyPairUnlessUserSpecifiedOtherwise
// it goes through "and(hasPublicKeyMaterial, or(doesntNeedSshAfterImportingPublicKey, hasLoginCredential))"
// check, which evaluates to true (because doesntNeedSshAfterImportingPublicKey is true), and it ends up going
// through importExistingKeyPair.apply(...) that doesn't look at the key pair name we prefer.
String kn = config.getKeyPairName();
if (kn == null) {
try {
kn = "jenkins-test-" + keyPair.getFingerprint().substring(0, 11);
} catch (GeneralSecurityException e) {
throw new IOException("Failed to compute key fingerprint of", e);
}
}
options.keyPair(kn);
return template;
}
Also used :
EC2Api(org.jclouds.ec2.EC2Api)
GeneralSecurityException(java.security.GeneralSecurityException)
IOException(java.io.IOException)
EC2TemplateOptions(org.jclouds.ec2.compute.options.EC2TemplateOptions)
Template(org.jclouds.compute.domain.Template)
Aggregations
IOException (java.io.IOException)2
GeneralSecurityException (java.security.GeneralSecurityException)2
Template (org.jclouds.compute.domain.Template)2
EC2Api (org.jclouds.ec2.EC2Api)2
EC2TemplateOptions (org.jclouds.ec2.compute.options.EC2TemplateOptions)2
