use of org.openstack.model.compute.SecurityGroup in project platformlayer by platformlayer.
the class OpenstackCloudContext method createInstance.
public Server createInstance(OpenstackCloud cloud, String serverName, MachineCreationRequest request) throws OpsException {
OpenstackComputeClient computeClient = getComputeClient(cloud);
try {
Image foundImage = null;
CloudBehaviours cloudBehaviours = new CloudBehaviours(cloud);
if (!cloudBehaviours.canUploadImages()) {
// For now, we presume this is the HP cloud and hard-code the name
// if (!cloudBehaviours.isHpCloud()) {
// throw new UnsupportedOperationException();
// }
DiskImageRecipe recipe = null;
if (request.recipeId != null) {
recipe = platformLayerClient.getItem(request.recipeId, DiskImageRecipe.class);
}
OperatingSystemRecipe operatingSystem = null;
if (recipe != null) {
operatingSystem = recipe.getOperatingSystem();
}
log.info("Listing images to pick best image");
Iterable<Image> images = computeClient.root().images().list();
if (cloudBehaviours.isHpCloud()) {
// TODO: We need a better solution here!!
Set<String> imageNames = Sets.newHashSet("Debian Squeeze 6.0.3 Server 64-bit 20120123");
log.warn("Hard coding image name (presuming HP cloud)");
// TODO: Match OS
for (Image image : images) {
if (imageNames.contains(image.getName())) {
foundImage = image;
break;
}
}
} else if (cloudBehaviours.isRackspaceCloud()) {
if (operatingSystem == null) {
operatingSystem = new OperatingSystemRecipe();
operatingSystem.setDistribution("debian");
operatingSystem.setVersion("squeeze");
}
for (Image image : images) {
boolean matchesDistribution = false;
boolean matchesVersion = false;
for (Image.ImageMetadata.ImageMetadataItem item : image.getMetadata()) {
if (item.getKey().equals("os_distro")) {
if (operatingSystem != null && operatingSystem.getDistribution() != null) {
if (Comparisons.equalsIgnoreCase(operatingSystem.getDistribution(), item.getValue())) {
matchesDistribution = true;
}
}
}
if (item.getKey().equals("os_version")) {
if (operatingSystem != null && operatingSystem.getVersion() != null) {
if (Comparisons.equalsIgnoreCase(operatingSystem.getVersion(), item.getValue())) {
matchesVersion = true;
} else if (Comparisons.equalsIgnoreCase(operatingSystem.getDistribution(), "debian")) {
if (Comparisons.equalsIgnoreCase(operatingSystem.getVersion(), "squeeze") && Comparisons.equalsIgnoreCase(item.getValue(), "6")) {
matchesVersion = true;
} else {
matchesVersion = false;
}
} else if (Comparisons.equalsIgnoreCase(operatingSystem.getDistribution(), "ubuntu")) {
if (Comparisons.equalsIgnoreCase(operatingSystem.getVersion(), "lucid") && Comparisons.equalsIgnoreCase(item.getValue(), "10.04LTS")) {
matchesVersion = true;
} else {
matchesVersion = false;
}
} else {
matchesVersion = false;
}
}
}
}
if (matchesDistribution && matchesVersion) {
foundImage = image;
break;
}
}
} else {
for (Image image : images) {
boolean isMatch = false;
for (Image.ImageMetadata.ImageMetadataItem item : image.getMetadata()) {
if (item.getKey().equals(Tag.IMAGE_OS_DISTRIBUTION)) {
if (operatingSystem != null && operatingSystem.getDistribution() != null) {
if (!Comparisons.equalsIgnoreCase(operatingSystem.getDistribution(), item.getValue())) {
isMatch = false;
}
}
}
if (item.getKey().equals(Tag.IMAGE_OS_VERSION)) {
if (operatingSystem != null && operatingSystem.getVersion() != null) {
if (!Comparisons.equalsIgnoreCase(operatingSystem.getVersion(), item.getValue())) {
isMatch = false;
}
}
}
}
if (isMatch) {
foundImage = image;
break;
}
}
}
if (foundImage == null) {
throw new IllegalArgumentException("Could not find image");
}
} else {
List<ImageFormat> formats = Collections.singletonList(ImageFormat.DiskQcow2);
CloudImage image = imageFactory.getOrCreateImageId(cloud, formats, request.recipeId);
String imageId = image.getId();
log.info("Getting image details for image: " + imageId);
foundImage = computeClient.root().images().image(imageId).show();
if (foundImage == null) {
throw new IllegalArgumentException("Could not find image: " + imageId);
}
}
SecurityGroup createdSecurityGroup = null;
if (cloudBehaviours.supportsSecurityGroups()) {
SecurityGroup createTemplate = new SecurityGroup();
createTemplate.setName(SECURITY_GROUP_PREFIX + serverName);
createTemplate.setDescription("Security group for instance: " + serverName);
try {
log.info("Creating security group: " + createTemplate.getName());
createdSecurityGroup = computeClient.root().securityGroups().create(createTemplate);
} catch (OpenstackException e) {
for (SecurityGroup candidate : computeClient.root().securityGroups().list()) {
if (Objects.equal(candidate.getName(), createTemplate.getName())) {
createdSecurityGroup = candidate;
break;
}
}
if (createdSecurityGroup != null) {
// Ignore
log.warn("Ignoring 'security group already exists' error: " + e.getMessage());
} else {
throw new OpsException("Error creating security group", e);
}
}
{
CreateSecurityGroupRuleRequest newRule = new CreateSecurityGroupRuleRequest();
newRule.setCidr("0.0.0.0/0");
newRule.setFromPort(22);
newRule.setToPort(22);
newRule.setIpProtocol("tcp");
newRule.setParentGroupId(createdSecurityGroup.getId());
try {
log.info("Creating security group rule for port: " + newRule.getToPort());
SecurityGroupRule createdRule = computeClient.root().securityGroupRules().create(newRule);
} catch (OpenstackException e) {
String message = e.getMessage();
if (message != null && message.contains("This rule already exists")) {
log.warn("Ignoring 'rule already exists': " + e.getMessage());
} else {
throw new OpsException("Error creating security group access", e);
}
}
}
}
AsyncServerOperation createServerOperation;
{
ServerForCreate create = new ServerForCreate();
create.setName(serverName);
if (request.sshPublicKey != null) {
if (cloudBehaviours.supportsPublicKeys()) {
OpenstackCloudHelpers cloudHelpers = new OpenstackCloudHelpers();
KeyPair keyPair = cloudHelpers.ensurePublicKeyUploaded(computeClient, request.sshPublicKeyName, request.sshPublicKey);
create.setKeyName(keyPair.getName());
} else if (cloudBehaviours.supportsFileInjection()) {
String fileContents = SshKeys.serialize(request.sshPublicKey);
create.addUploadFile("/root/.ssh/authorized_keys", Utf8.getBytes(fileContents));
} else {
throw new OpsException("No supported SSH key mechanism on cloud");
}
}
create.setImageRef(foundImage.getId());
Flavor flavor = getClosestInstanceType(computeClient, request);
if (flavor == null) {
throw new OpsException("Cannot determine instance type for request");
}
create.setFlavorRef(flavor.getId());
if (request.securityGroups != null) {
// TODO: Reimplement if needed
throw new UnsupportedOperationException();
}
if (createdSecurityGroup != null) {
ServerForCreate.SecurityGroup serverSecurityGroup = new ServerForCreate.SecurityGroup();
serverSecurityGroup.setName(createdSecurityGroup.getName());
create.getSecurityGroups().add(serverSecurityGroup);
}
create.setConfigDrive(cloudBehaviours.useConfigDrive());
log.info("Launching new server: " + create.getName());
createServerOperation = computeClient.createServer(create);
}
log.info("Waiting for server to be ready");
Server server = createServerOperation.waitComplete();
Server instanceInfo = null;
String stateName = null;
while (true) {
instanceInfo = getInstanceInfo(computeClient, server.getId());
stateName = instanceInfo.getStatus();
log.info("Instance state: " + stateName);
//
if (stateName.equals("BUILD")) {
break;
}
if (stateName.equals("ACTIVE")) {
break;
}
Thread.sleep(1000);
}
// Even if the machine is in 'error' state, we still want to associate it with us
if (request.tags != null) {
Server newServerInfo = new Server();
Metadata metadata = new Metadata();
for (Tag tag : request.tags) {
Metadata.Item meta = new Metadata.Item();
meta.setKey(tag.getKey());
meta.setValue(tag.getValue());
metadata.getItems().add(meta);
}
newServerInfo.setMetadata(metadata);
log.info("Tagging server: " + server.getId());
computeClient.root().servers().server(server.getId()).update(newServerInfo);
}
return server;
} catch (InterruptedException e) {
ExceptionUtils.handleInterrupted(e);
throw new OpsException("Error building server", e);
} catch (OpenstackException e) {
throw new OpsException("Error building server", e);
}
}
use of org.openstack.model.compute.SecurityGroup in project platformlayer by platformlayer.
the class OpenstackCloudHelpers method getMachineSecurityGroup.
public SecurityGroup getMachineSecurityGroup(OpenstackComputeClient openstackComputeClient, Server server) throws OpsException {
// SecurityGroupList securityGroups;
// try {
// securityGroups = openstackComputeClient.root().servers().server(server.getId()).listSecurityGroups();
// } catch (OpenstackException e) {
// throw new OpsException("Error getting security groups for server", e);
// }
SecurityGroupList securityGroups;
try {
log.info("Listing security groups");
securityGroups = openstackComputeClient.root().securityGroups().list();
} catch (OpenstackException e) {
throw new OpsException("Error getting security groups for server", e);
}
SecurityGroup securityGroup = null;
if (securityGroups != null && securityGroups.getList() != null) {
for (SecurityGroup candidate : securityGroups.getList()) {
if (candidate.getName() == null) {
continue;
}
if (candidate.getName().equals(OpenstackCloudContext.SECURITY_GROUP_PREFIX + server.getName())) {
securityGroup = candidate;
break;
}
// if (candidate.getName().startsWith(OpenstackCloudContext.SECURITY_GROUP_PREFIX)) {
// securityGroup = candidate;
// break;
// }
}
}
if (securityGroup == null) {
throw new OpsException("Could not find platform layer security group for server: " + server);
}
return securityGroup;
}
use of org.openstack.model.compute.SecurityGroup in project platformlayer by platformlayer.
the class CloudInstanceMapper method doOperation.
@Handler
public void doOperation() throws OpsException, IOException {
Tags instanceTags = instance.getTags();
OpenstackCloud cloud = findCloud();
if (cloud == null) {
throw new OpsException("Could not find cloud");
}
OpenstackComputeClient computeClient = openstack.getComputeClient(cloud);
getRecursionState().pushChildScope(cloud);
List<String> assignedInstanceIds = instanceTags.findAll(Tag.ASSIGNED);
if (assignedInstanceIds.isEmpty()) {
if (createInstance && !OpsContext.isDelete()) {
MachineCreationRequest request = buildMachineCreationRequest();
PlatformLayerKey instanceKey = instance.getKey();
request.tags.add(Tag.buildParentTag(instanceKey));
String serverName = buildServerName();
Server created = openstack.createInstance(cloud, serverName, request);
{
Tag instanceTag = Tag.build(Tag.ASSIGNED, created.getId());
platformLayer.addTag(instance.getKey(), instanceTag);
}
assignedInstanceIds.add(created.getId());
}
}
if (assignedInstanceIds.isEmpty() && !OpsContext.isDelete()) {
throw new OpsException("Instance not yet assigned");
}
Machine machine = null;
OpsTarget target = null;
if (!assignedInstanceIds.isEmpty()) {
if (assignedInstanceIds.size() != 1) {
log.warn("Multiple instance ids found: " + assignedInstanceIds);
}
// We just take the first instance id
String assignedInstanceId = Iterables.getFirst(assignedInstanceIds, null);
Server server = openstack.findServerById(cloud, assignedInstanceId);
if (server == null) {
if (OpsContext.isConfigure()) {
throw new OpsException("Unable to find assigned server: " + assignedInstanceId);
}
} else {
server = openstack.ensureHasPublicIp(cloud, server);
AsyncServerOperation powerOnOperation = openstack.ensurePoweredOn(cloud, server);
if (powerOnOperation != null) {
waitOperation(powerOnOperation);
}
machine = new OpenstackComputeMachine(openstack, cloud, server);
SshKey sshKey = service.getSshKey();
target = machine.getTarget(sshKey);
}
}
if (!assignedInstanceIds.isEmpty() && OpsContext.isDelete()) {
CloudBehaviours cloudBehaviours = new CloudBehaviours(cloud);
boolean supportsSecurityGroups = cloudBehaviours.supportsSecurityGroups();
for (String instanceId : assignedInstanceIds) {
Server server = openstack.findServerById(cloud, instanceId);
if (server == null) {
log.warn("Could not find assigned server: " + instanceId + ", ignoring");
continue;
}
SecurityGroup securityGroup = null;
if (supportsSecurityGroups) {
securityGroup = openstackHelpers.getMachineSecurityGroup(computeClient, server);
}
AsyncServerOperation terminateOperation = openstack.terminateInstance(cloud, instanceId);
if (securityGroup != null) {
// We need to terminate the instance before we delete the security group it uses
if (terminateOperation != null) {
waitOperation(terminateOperation);
}
try {
log.info("Deleting security group: " + securityGroup.getId());
computeClient.root().securityGroups().securityGroup(securityGroup.getId()).delete();
} catch (OpenstackNotFoundException e) {
log.info("Ignoring not-found error while deleting security group: " + securityGroup.getId());
}
}
}
}
RecursionState recursion = getRecursionState();
if (OpsContext.isDelete() && machine == null) {
recursion.setPreventRecursion(true);
} else {
recursion.pushChildScope(machine);
recursion.pushChildScope(target);
}
}
use of org.openstack.model.compute.SecurityGroup in project platformlayer by platformlayer.
the class EnsureFirewallIngress method handler.
@Handler
public void handler(OpenstackCloud cloud, OpenstackComputeMachine machine) throws OpsException, OpenstackException {
CloudBehaviours cloudBehaviours = new CloudBehaviours(cloud);
OpenstackComputeClient openstackComputeClient = cloudContext.getComputeClient(cloud);
// Find the public address, although the OpenStack firewall may be blocking it
publicAddress = machine.getNetworkPoint().getBestAddress(NetworkPoint.forPublicInternet());
if (cloudBehaviours.supportsSecurityGroups()) {
Server server = machine.getServer();
SecurityGroup securityGroup = openstackHelpers.getMachineSecurityGroup(openstackComputeClient, server);
securityGroup = openstackComputeClient.root().securityGroups().securityGroup(securityGroup.getId()).show();
SecurityGroupRule matchingRule = findMatchingRule(securityGroup);
if (OpsContext.isConfigure()) {
if (matchingRule == null) {
CreateSecurityGroupRuleRequest rule = new CreateSecurityGroupRuleRequest();
rule.setCidr("0.0.0.0/0");
rule.setIpProtocol("tcp");
rule.setFromPort(model.publicPort);
rule.setToPort(model.publicPort);
rule.setParentGroupId(securityGroup.getId());
openstackComputeClient.root().securityGroupRules().create(rule);
}
}
if (OpsContext.isDelete()) {
if (matchingRule != null) {
openstackComputeClient.root().securityGroupRules().securityGroupRule(matchingRule.id).delete();
}
}
}
}
Aggregations