use of org.openstack4j.api.compute.ComputeSecurityGroupService in project cloudbreak by hortonworks.
the class OpenStackSecurityGroupResourceBuilder method build.
@Override
public CloudResource build(OpenStackContext context, AuthenticatedContext auth, Group group, Network network, Security security, CloudResource resource) {
try {
OSClient<?> osClient = createOSClient(auth);
ComputeSecurityGroupService securityGroupService = osClient.compute().securityGroups();
SecGroupExtension securityGroup = securityGroupService.create(resource.getName(), "");
String securityGroupId = securityGroup.getId();
for (SecurityRule rule : security.getRules()) {
IPProtocol osProtocol = getProtocol(rule.getProtocol());
String cidr = rule.getCidr();
for (PortDefinition portStr : rule.getPorts()) {
int from = Integer.parseInt(portStr.getFrom());
int to = Integer.parseInt(portStr.getTo());
securityGroupService.createRule(createRule(securityGroupId, osProtocol, cidr, from, to));
}
}
NeutronNetworkView neutronView = new NeutronNetworkView(network);
String subnetCidr = neutronView.isExistingSubnet() ? utils.getExistingSubnetCidr(auth, neutronView) : network.getSubnet().getCidr();
securityGroupService.createRule(createRule(securityGroupId, IPProtocol.TCP, subnetCidr, MIN_PORT, MAX_PORT));
securityGroupService.createRule(createRule(securityGroupId, IPProtocol.UDP, subnetCidr, MIN_PORT, MAX_PORT));
securityGroupService.createRule(createRule(securityGroupId, IPProtocol.ICMP, "0.0.0.0/0"));
return createPersistedResource(resource, group.getName(), securityGroup.getId());
} catch (OS4JException ex) {
throw new OpenStackResourceException("SecurityGroup creation failed", resourceType(), resource.getName(), ex);
}
}
Aggregations