Skip to content
Permalink
Browse files
JCLOUDS-1231: Implement the SecurityGroupExtension in ARM
  • Loading branch information
danielestevez authored and nacx committed Jan 26, 2017
1 parent a91ff3b commit 867ddef6e9355aac624bf0981e46de45bb42843c
Show file tree
Hide file tree
Showing 18 changed files with 1,100 additions and 135 deletions.
@@ -16,11 +16,12 @@
*/
package org.jclouds.azurecompute.arm.compute;

import static com.google.common.base.Preconditions.checkNotNull;
import static org.jclouds.compute.config.ComputeServiceProperties.TIMEOUT_NODE_RUNNING;
import static org.jclouds.compute.config.ComputeServiceProperties.TIMEOUT_NODE_SUSPENDED;
import static org.jclouds.compute.config.ComputeServiceProperties.TIMEOUT_NODE_TERMINATED;

import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import java.util.concurrent.atomic.AtomicReference;

@@ -30,6 +31,8 @@
import javax.inject.Singleton;

import org.jclouds.Constants;
import org.jclouds.azurecompute.arm.compute.functions.LocationToResourceGroupName;
import org.jclouds.azurecompute.arm.functions.CleanupResources;
import org.jclouds.collect.Memoized;
import org.jclouds.compute.ComputeServiceContext;
import org.jclouds.compute.callables.RunScriptOnNode;
@@ -54,51 +57,74 @@
import org.jclouds.compute.strategy.SuspendNodeStrategy;
import org.jclouds.domain.Credentials;
import org.jclouds.domain.Location;
import org.jclouds.azurecompute.arm.functions.CleanupResources;
import org.jclouds.scriptbuilder.functions.InitAdminAccess;

import com.google.common.base.Optional;
import com.google.common.base.Predicate;
import com.google.common.base.Supplier;
import com.google.common.collect.ImmutableMultimap;
import com.google.common.collect.ImmutableSet;
import com.google.common.util.concurrent.ListeningExecutorService;

@Singleton
public class AzureComputeService extends BaseComputeService {
protected final CleanupResources cleanupResources;
private final CleanupResources cleanupResources;
private final LocationToResourceGroupName locationToResourceGroupName;

@Inject
protected AzureComputeService(ComputeServiceContext context, Map<String, Credentials> credentialStore,
@Memoized Supplier<Set<? extends Image>> images, @Memoized Supplier<Set<? extends Hardware>> sizes,
@Memoized Supplier<Set<? extends Location>> locations, ListNodesStrategy listNodesStrategy,
GetImageStrategy getImageStrategy, GetNodeMetadataStrategy getNodeMetadataStrategy,
CreateNodesInGroupThenAddToSet runNodesAndAddToSetStrategy, RebootNodeStrategy rebootNodeStrategy,
DestroyNodeStrategy destroyNodeStrategy, ResumeNodeStrategy startNodeStrategy,
SuspendNodeStrategy stopNodeStrategy, Provider<TemplateBuilder> templateBuilderProvider,
@Named("DEFAULT") Provider<TemplateOptions> templateOptionsProvider,
@Named(TIMEOUT_NODE_RUNNING) Predicate<AtomicReference<NodeMetadata>> nodeRunning,
@Named(TIMEOUT_NODE_TERMINATED) Predicate<AtomicReference<NodeMetadata>> nodeTerminated,
@Named(TIMEOUT_NODE_SUSPENDED) Predicate<AtomicReference<NodeMetadata>> nodeSuspended,
InitializeRunScriptOnNodeOrPlaceInBadMap.Factory initScriptRunnerFactory,
RunScriptOnNode.Factory runScriptOnNodeFactory, InitAdminAccess initAdminAccess,
PersistNodeCredentials persistNodeCredentials, Timeouts timeouts,
@Named(Constants.PROPERTY_USER_THREADS) ListeningExecutorService userExecutor,
CleanupResources cleanupResources,
Optional<ImageExtension> imageExtension,
Optional<SecurityGroupExtension> securityGroupExtension) {
@Memoized Supplier<Set<? extends Image>> images, @Memoized Supplier<Set<? extends Hardware>> sizes,
@Memoized Supplier<Set<? extends Location>> locations, ListNodesStrategy listNodesStrategy,
GetImageStrategy getImageStrategy, GetNodeMetadataStrategy getNodeMetadataStrategy,
CreateNodesInGroupThenAddToSet runNodesAndAddToSetStrategy, RebootNodeStrategy rebootNodeStrategy,
DestroyNodeStrategy destroyNodeStrategy, ResumeNodeStrategy startNodeStrategy,
SuspendNodeStrategy stopNodeStrategy, Provider<TemplateBuilder> templateBuilderProvider,
@Named("DEFAULT") Provider<TemplateOptions> templateOptionsProvider,
@Named(TIMEOUT_NODE_RUNNING) Predicate<AtomicReference<NodeMetadata>> nodeRunning,
@Named(TIMEOUT_NODE_TERMINATED) Predicate<AtomicReference<NodeMetadata>> nodeTerminated,
@Named(TIMEOUT_NODE_SUSPENDED) Predicate<AtomicReference<NodeMetadata>> nodeSuspended,
InitializeRunScriptOnNodeOrPlaceInBadMap.Factory initScriptRunnerFactory,
RunScriptOnNode.Factory runScriptOnNodeFactory, InitAdminAccess initAdminAccess,
PersistNodeCredentials persistNodeCredentials, Timeouts timeouts,
@Named(Constants.PROPERTY_USER_THREADS) ListeningExecutorService userExecutor,
CleanupResources cleanupResources, Optional<ImageExtension> imageExtension,
Optional<SecurityGroupExtension> securityGroupExtension,
LocationToResourceGroupName locationToResourceGroupName) {
super(context, credentialStore, images, sizes, locations, listNodesStrategy, getImageStrategy,
getNodeMetadataStrategy, runNodesAndAddToSetStrategy, rebootNodeStrategy, destroyNodeStrategy,
startNodeStrategy, stopNodeStrategy, templateBuilderProvider, templateOptionsProvider, nodeRunning,
nodeTerminated, nodeSuspended, initScriptRunnerFactory, initAdminAccess, runScriptOnNodeFactory,
persistNodeCredentials, timeouts, userExecutor, imageExtension, securityGroupExtension);
this.cleanupResources = checkNotNull(cleanupResources, "cleanupResources");

getNodeMetadataStrategy, runNodesAndAddToSetStrategy, rebootNodeStrategy, destroyNodeStrategy,
startNodeStrategy, stopNodeStrategy, templateBuilderProvider, templateOptionsProvider, nodeRunning,
nodeTerminated, nodeSuspended, initScriptRunnerFactory, initAdminAccess, runScriptOnNodeFactory,
persistNodeCredentials, timeouts, userExecutor, imageExtension, securityGroupExtension);
this.cleanupResources = cleanupResources;
this.locationToResourceGroupName = locationToResourceGroupName;
}

@Override
protected void cleanUpIncidentalResourcesOfDeadNodes(Set<? extends NodeMetadata> deadNodes) {
ImmutableMultimap.Builder<String, String> regionGroups = ImmutableMultimap.builder();
ImmutableSet.Builder<String> resourceGroups = ImmutableSet.builder();

for (NodeMetadata deadNode : deadNodes) {
cleanupResources.apply(deadNode.getId());
String resourceGroup = locationToResourceGroupName.apply(deadNode.getLocation().getId());

resourceGroups.add(resourceGroup);
if (deadNode.getGroup() != null) {
regionGroups.put(resourceGroup, deadNode.getGroup());
}

try {
cleanupResources.cleanupNode(deadNode.getId());
} catch (Exception ex) {
logger.warn(ex, "Error cleaning up resources for node %s", deadNode);
}
}

for (Entry<String, String> regionGroup : regionGroups.build().entries()) {
cleanupResources.cleanupSecurityGroupIfOrphaned(regionGroup.getKey(), regionGroup.getValue());
}
}

for (String resourceGroup : resourceGroups.build()) {
cleanupResources.deleteResourceGroupIfEmpty(resourceGroup);
}
}
}
@@ -20,6 +20,7 @@
import static com.google.common.collect.Iterables.contains;
import static com.google.common.collect.Iterables.filter;
import static com.google.common.collect.Iterables.find;
import static com.google.common.collect.Iterables.getOnlyElement;
import static org.jclouds.azurecompute.arm.compute.extensions.AzureComputeImageExtension.CONTAINER_NAME;
import static org.jclouds.azurecompute.arm.compute.extensions.AzureComputeImageExtension.CUSTOM_IMAGE_OFFER;
import static org.jclouds.azurecompute.arm.compute.functions.VMImageToImage.decodeFieldsFromUniqueId;
@@ -81,6 +82,7 @@
import org.jclouds.compute.domain.Image;
import org.jclouds.compute.domain.OsFamily;
import org.jclouds.compute.domain.Template;
import org.jclouds.compute.options.TemplateOptions;
import org.jclouds.compute.reference.ComputeServiceConstants;
import org.jclouds.location.Region;
import org.jclouds.logging.Logger;
@@ -137,11 +139,10 @@ public NodeAndInitialCredentials<VirtualMachine> createNodeWithGroupEncodedIntoN

// TODO ARM specific options
// TODO network ids => create one nic in each network
// TODO inbound ports

String locationName = template.getLocation().getId();
String subnetId = templateOptions.getSubnetId();
NetworkInterfaceCard nic = createNetworkInterfaceCard(subnetId, name, locationName, azureGroup);
NetworkInterfaceCard nic = createNetworkInterfaceCard(subnetId, name, locationName, azureGroup, template.getOptions());
StorageProfile storageProfile = createStorageProfile(name, template.getImage(), templateOptions.getBlob());
HardwareProfile hardwareProfile = HardwareProfile.builder().vmSize(template.getHardware().getId()).build();
OSProfile osProfile = createOsProfile(name, template);
@@ -341,7 +342,7 @@ public VirtualMachine getNode(final String id) {

@Override
public void destroyNode(final String id) {
checkState(cleanupResources.apply(id), "server(%s) and its resources still there after deleting!?", id);
checkState(cleanupResources.cleanupNode(id), "server(%s) and its resources still there after deleting!?", id);
}

@Override
@@ -405,7 +406,7 @@ private OSProfile createOsProfile(String computerName, Template template) {
}

private NetworkInterfaceCard createNetworkInterfaceCard(String subnetId, String name, String locationName,
String azureGroup) {
String azureGroup, TemplateOptions options) {
final PublicIPAddressApi ipApi = api.getPublicIPAddressApi(azureGroup);

PublicIPAddressProperties properties = PublicIPAddressProperties.builder().publicIPAllocationMethod("Static")
@@ -418,7 +419,7 @@ private NetworkInterfaceCard createNetworkInterfaceCard(String subnetId, String
checkState(publicIpAvailable.create(azureGroup).apply(publicIpAddressName),
"Public IP was not provisioned in the configured timeout");

final NetworkInterfaceCardProperties networkInterfaceCardProperties = NetworkInterfaceCardProperties
final NetworkInterfaceCardProperties.Builder networkInterfaceCardProperties = NetworkInterfaceCardProperties
.builder()
.ipConfigurations(
ImmutableList.of(IpConfiguration
@@ -427,11 +428,16 @@ private NetworkInterfaceCard createNetworkInterfaceCard(String subnetId, String
.properties(
IpConfigurationProperties.builder().privateIPAllocationMethod("Dynamic")
.publicIPAddress(IdReference.create(ip.id())).subnet(IdReference.create(subnetId))
.build()).build())).build();
.build()).build()));

String securityGroup = getOnlyElement(options.getGroups(), null);
if (securityGroup != null) {
networkInterfaceCardProperties.networkSecurityGroup(IdReference.create(securityGroup));
}

String networkInterfaceCardName = "jc-nic-" + name;
return api.getNetworkInterfaceCardApi(azureGroup).createOrUpdate(networkInterfaceCardName, locationName,
networkInterfaceCardProperties, ImmutableMap.of("jclouds", name));
networkInterfaceCardProperties.build(), ImmutableMap.of("jclouds", name));
}

private StorageProfile createStorageProfile(String name, Image image, String blob) {

0 comments on commit 867ddef

Please sign in to comment.