Search in sources :

Example 1 with IpsecForPort

use of org.platformlayer.ops.vpn.IpsecForPort in project platformlayer by platformlayer.

the class ZookeeperServerController method addChildren.

@Override
protected void addChildren() throws OpsException {
    int port = ZookeeperConstants.ZK_PUBLIC_PORT;
    // A per-instance name (for convenience)
    String dnsName = ZookeeperUtils.buildDnsName(model);
    InstanceBuilder vm = InstanceBuilder.build(dnsName, this, model.getTags());
    // vm.publicPorts.add(port);
    // vm.publicPorts.add(ZookeeperConstants.ZK_SYSTEM_PORT_1);
    // vm.publicPorts.add(ZookeeperConstants.ZK_SYSTEM_PORT_2);
    vm.hostPolicy.configureSpread(template.getClusterGroupId());
    vm.addChild(IpsecInstall.class);
    {
        IpsecPresharedKey psk = vm.addChild(IpsecPresharedKey.class);
        psk.id = IpsecPresharedKey.SHAREDKEY_USER_FQDN;
        psk.secret = ipsec.getIpsecSecret();
    }
    // so need to be opened early
    for (int systemPort : ZookeeperConstants.SYSTEM_PORTS) {
        PublicEndpoint endpoint = injected(PublicEndpoint.class);
        // endpoint.network = null;
        endpoint.publicPort = systemPort;
        endpoint.backendPort = systemPort;
        endpoint.dnsName = dnsName;
        // We expect this to be used by IPv6 capable client
        endpoint.transport = Transport.Ipv6;
        endpoint.tagItem = model.getKey();
        endpoint.parentItem = model.getKey();
        vm.addChild(endpoint);
        {
            IpsecForPort ipsecForPort = vm.addChild(IpsecForPort.class);
            ipsecForPort.port = systemPort;
        }
    }
    vm.hostPolicy.allowRunInContainer = true;
    // TODO: This needs to be configurable...
    vm.minimumMemoryMb = 2048;
    addChild(vm);
    {
        ZookeeperInstall install = vm.addChild(ZookeeperInstall.class);
    }
    {
        ZookeeperInstance service = vm.addChild(ZookeeperInstance.class);
    }
    {
        PublicEndpoint endpoint = vm.addChild(PublicEndpoint.class);
        // endpoint.network = null;
        endpoint.publicPort = port;
        endpoint.backendPort = port;
        endpoint.dnsName = dnsName;
        // We expect this to be used by IPv6 capable client
        endpoint.transport = Transport.Ipv6;
        endpoint.tagItem = model.getKey();
        endpoint.parentItem = model.getKey();
        {
            IpsecForPort ipsecForPort = vm.addChild(IpsecForPort.class);
            ipsecForPort.port = port;
        }
    }
    vm.addChild(ZookeeperStatusChecker.class);
// TODO: Establish round-robin style DNS on clusterDnsName
// TODO: Is some form of geo-direction possible?
}
Also used : IpsecForPort(org.platformlayer.ops.vpn.IpsecForPort) PublicEndpoint(org.platformlayer.ops.networks.PublicEndpoint) IpsecPresharedKey(org.platformlayer.ops.vpn.IpsecPresharedKey) PublicEndpoint(org.platformlayer.ops.networks.PublicEndpoint) InstanceBuilder(org.platformlayer.ops.instances.InstanceBuilder)

Aggregations

InstanceBuilder (org.platformlayer.ops.instances.InstanceBuilder)1 PublicEndpoint (org.platformlayer.ops.networks.PublicEndpoint)1 IpsecForPort (org.platformlayer.ops.vpn.IpsecForPort)1 IpsecPresharedKey (org.platformlayer.ops.vpn.IpsecPresharedKey)1