jclouds-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrea Turli <andrea.tu...@gmail.com>
Subject Re: FWaaS examples
Date Sun, 23 Oct 2016 18:51:11 GMT
Hi Ken,

in addition to Ignasi' suggestions I can add also the following (hopefully)
useful links for FWaaS API, presuming you are in the context of Openstack.

Recently we add the support for those API to Openstack Neutron [4]. As
usual you can create instantiate a NeutronApi with something like

NeutronApi neutronApi = ContextBuilder.newBuilder(new NeutronApiMetadata())
         .endpoint(endpoint)
         .credentials(credentials)
         .modules(ImmutableSet.<Module>of(
                 new SshjSshClientModule(),
                 new SLF4JLoggingModule(),
                 new BouncyCastleCryptoModule()))
         .buildApi(NeutronApi.class)

and for example use it to create a firewall and add a rule like

FWaaSApi fWaaSApi = neutronApi.getFWaaSApi(regionId).get();
FirewallPolicy firewallPolicy = fWaaSApi.createFirewallPolicy(
CreateFirewallPolicy.builder()
        .name(String.format(JCLOUDS_FW_POLICY_PATTERN, name))
        .build());

for (String address : addresses) {
  for (String inboundPort : ports) {
     FirewallRule firewallRule = fWaaSApi.createFirewallRule(
CreateFirewallRule.builder()
             .name(ruleName)
             .destinationIpAddress(address)
             .destinationPort(inboundPort)
             .enabled(true)
             .action("allow")
             .protocol("tcp")
             .build());
     fWaaSApi.insertFirewallRuleToPolicy(firewallPolicy.getId(),
firewallRule.getId());
  }
}


HTH,
Andrea

[4]: https://github.com/jclouds/jclouds-labs-openstack/pull/196

On Sun, Oct 23, 2016 at 6:07 PM, Ignasi Barrera <nacx@apache.org> wrote:

> Hi Ken,
>
> Not all providers have an API to effectively manage firewalls, but
> most that do, implement the jclouds SecurityGroupExtension [1]. You
> can get it by calling:
>
> context.getComputeService().getSecurityGroupExtension();
>
> That will return an optional that will be present if the extension is
> supported by the provider. You'll see in the javadocs that it has
> methods to create and manage security groups, and also to configure
> the ruleset set for each. Once you have configured the security
> groups, you can create nodes and assign them to the desired security
> groups by using the TemplateOptions#securityGroups() method [2].
>
> Alternatively, in some providers that don't support the security
> groups extension, you can still use the TemplateOptions#inboundPorts
> [3] to open ports in the nodes you create.
>
>
> HTH!
>
> I.
>
>
> [1] http://jclouds-javadocs.elasticbeanstalk.com/org/jclouds/
> compute/extensions/SecurityGroupExtension.html
> [2] http://jclouds-javadocs.elasticbeanstalk.com/org/jclouds/
> compute/options/TemplateOptions.html#securityGroups(java.lang.Iterable)
> [3] http://jclouds-javadocs.elasticbeanstalk.com/org/jclouds/
> compute/options/TemplateOptions.html#inboundPorts(int...)
>
> On 22 October 2016 at 21:40, Ken <run2obtain@gmail.com> wrote:
> > Hi, I am trying to use jclouds FWaaS API, I cannot find examples like
> there
> > are for swift etc. Can someone point me to where such is available or
> maybe
> > give me a basic examples....e.g creating a firewall.
> >
> > Many thanks.
>

Mime
View raw message