jclouds-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ken <run2obt...@gmail.com>
Subject Re: FWaaS examples
Date Wed, 26 Oct 2016 15:24:56 GMT
Hi ,

I have tried to get the example above to work using a basic openstack
installation.
However, I get the error below  :

Exception in thread "main" java.lang.IllegalArgumentException: requested
location [Ljava.lang.String;@2631f68c, which is not in the configured
locations: {RegionOne=Suppliers.ofInstance(http://172.16.18.171:9696/)}.

I used the string "RegionOne" since I couldn't figure out how to get the
region_id , maybe this is the problem ?

My code example is :

public static void main(String[] args) {
>
> neutronApi = ContextBuilder.newBuilder(new NeutronApiMetadata())
>
> .endpoint("http:/xx.xx.xx.xx:5000/v2.0")
>
>         .credentials(identity,credential )
>>
>         .modules(ImmutableSet.<Module>of(
>
>                 new SshjSshClientModule(),
>
>                 new SLF4JLoggingModule(),
>
>                 new BouncyCastleCryptoModule()))
>
>         .buildApi(NeutronApi.class);
>
> regions = neutronApi.getConfiguredRegions();
>
>
>
> System.out.println("Connected !!");
>
> System.out.println("regions" + regions);
>
> regionNow = regions.toArray(new String[regions.size()]);
>
> System.out.println("the region : " + regionNow[0]);
>
> createFireWall();
>
> }
>
> public static void createFireWall() {
>
> String [] addresses = {"172.24.4.3", "1.2.3.4"};
>
> String [] ports = {"80", "23"};
>
> FWaaSApi fWaaSApi = neutronApi.getFWaaSApi(regionNow.toString()).get();
>
> System.out.println(fWaaSApi);
>
> FirewallPolicy firewallPolicy =
>> fWaaSApi.createFirewallPolicy(CreateFirewallPolicy.builder()
>
>        .name(String.format(JCLOUDS_FW_POLICY_PATTERN, name))
>
>        .build());
>
> for (String address : addresses) {
>
>  for (String inboundPort : ports) {
>
>     FirewallRule firewallRule =
>> fWaaSApi.createFirewallRule(CreateFirewallRule.builder()
>
>             .name(ruleName)
>
>             .destinationIpAddress(address)
>
>             .destinationPort(inboundPort)
>
>             .enabled(true)
>
>             .action("allow")
>
>             .protocol("tcp")
>
>             .build());
>
>     fWaaSApi.insertFirewallRuleToPolicy(firewallPolicy.getId(),
>> firewallRule.getId());
>
>  }
>
> }
>
> }
>
>
Many thanks in advance.

Regards,

Ken..



On Sun, Oct 23, 2016 at 11:19 PM, Ken <run2obtain@gmail.com> wrote:

> Hi Andrea & Ignasi,
>
> Many thanks for quickly responding to my enquiries.
> Sorry, I didn't make it very clear that my focus was more in the direction
> of OpenStack yet Andrea provided an apt response.
> Also, the Ignasi's  information about security groups is very useful
> because this equally falls within my purview.
>
> I am already reading though the references ....
>
>
> Many thanks !!
>
> Regards,
>
> Kennedy
>
>
> On Sun, Oct 23, 2016 at 8:51 PM, Andrea Turli <andrea.turli@gmail.com>
> wrote:
>
>> Hi Ken,
>>
>> in addition to Ignasi' suggestions I can add also the following
>> (hopefully) useful links for FWaaS API, presuming you are in the context of
>> Openstack.
>>
>> Recently we add the support for those API to Openstack Neutron [4]. As
>> usual you can create instantiate a NeutronApi with something like
>>
>> NeutronApi neutronApi = ContextBuilder.newBuilder(new
>> NeutronApiMetadata())
>>          .endpoint(endpoint)
>>          .credentials(credentials)
>>          .modules(ImmutableSet.<Module>of(
>>                  new SshjSshClientModule(),
>>                  new SLF4JLoggingModule(),
>>                  new BouncyCastleCryptoModule()))
>>          .buildApi(NeutronApi.class)
>>
>> and for example use it to create a firewall and add a rule like
>>
>> FWaaSApi fWaaSApi = neutronApi.getFWaaSApi(regionId).get();
>> FirewallPolicy firewallPolicy = fWaaSApi.createFirewallPolicy(
>> CreateFirewallPolicy.builder()
>>         .name(String.format(JCLOUDS_FW_POLICY_PATTERN, name))
>>         .build());
>>
>> for (String address : addresses) {
>>   for (String inboundPort : ports) {
>>      FirewallRule firewallRule = fWaaSApi.createFirewallRule(Cr
>> eateFirewallRule.builder()
>>              .name(ruleName)
>>              .destinationIpAddress(address)
>>              .destinationPort(inboundPort)
>>              .enabled(true)
>>              .action("allow")
>>              .protocol("tcp")
>>              .build());
>>      fWaaSApi.insertFirewallRuleToPolicy(firewallPolicy.getId(),
>> firewallRule.getId());
>>   }
>> }
>>
>>
>> HTH,
>> Andrea
>>
>> [4]: https://github.com/jclouds/jclouds-labs-openstack/pull/196
>>
>> On Sun, Oct 23, 2016 at 6:07 PM, Ignasi Barrera <nacx@apache.org> wrote:
>>
>>> Hi Ken,
>>>
>>> Not all providers have an API to effectively manage firewalls, but
>>> most that do, implement the jclouds SecurityGroupExtension [1]. You
>>> can get it by calling:
>>>
>>> context.getComputeService().getSecurityGroupExtension();
>>>
>>> That will return an optional that will be present if the extension is
>>> supported by the provider. You'll see in the javadocs that it has
>>> methods to create and manage security groups, and also to configure
>>> the ruleset set for each. Once you have configured the security
>>> groups, you can create nodes and assign them to the desired security
>>> groups by using the TemplateOptions#securityGroups() method [2].
>>>
>>> Alternatively, in some providers that don't support the security
>>> groups extension, you can still use the TemplateOptions#inboundPorts
>>> [3] to open ports in the nodes you create.
>>>
>>>
>>> HTH!
>>>
>>> I.
>>>
>>>
>>> [1] http://jclouds-javadocs.elasticbeanstalk.com/org/jclouds/com
>>> pute/extensions/SecurityGroupExtension.html
>>> [2] http://jclouds-javadocs.elasticbeanstalk.com/org/jclouds/com
>>> pute/options/TemplateOptions.html#securityGroups(java.lang.Iterable)
>>> [3] http://jclouds-javadocs.elasticbeanstalk.com/org/jclouds/com
>>> pute/options/TemplateOptions.html#inboundPorts(int...)
>>>
>>> On 22 October 2016 at 21:40, Ken <run2obtain@gmail.com> wrote:
>>> > Hi, I am trying to use jclouds FWaaS API, I cannot find examples like
>>> there
>>> > are for swift etc. Can someone point me to where such is available or
>>> maybe
>>> > give me a basic examples....e.g creating a firewall.
>>> >
>>> > Many thanks.
>>>
>>
>>
>

Mime
View raw message