コード例 #1
0
  /**
   * Main entry point.
   *
   * @param args the parameters
   */
  public static void main(String[] args) {

    final String frontEndNSGName = ResourceNamer.randomResourceName("fensg", 24);
    final String backEndNSGName = ResourceNamer.randomResourceName("bensg", 24);
    final String rgName = ResourceNamer.randomResourceName("rgNEMS", 24);
    final String vnetName = ResourceNamer.randomResourceName("vnet", 24);
    final String networkInterfaceName1 = ResourceNamer.randomResourceName("nic1", 24);
    final String networkInterfaceName2 = ResourceNamer.randomResourceName("nic2", 24);
    final String publicIpAddressLeafDNS1 = ResourceNamer.randomResourceName("pip1", 24);
    final String frontEndVMName = ResourceNamer.randomResourceName("fevm", 24);
    final String backEndVMName = ResourceNamer.randomResourceName("bevm", 24);
    final String userName = "******";
    final String password = "******";
    final String sshKey =
        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCfSPC2K7LZcFKEO+/t3dzmQYtrJFZNxOsbVgOVKietqHyvmYGHEC0J2wPdAqQ/63g/hhAEFRoyehM+rbeDri4txB3YFfnOK58jqdkyXzupWqXzOrlKY4Wz9SKjjN765+dqUITjKRIaAip1Ri137szRg71WnrmdP3SphTRlCx1Bk2nXqWPsclbRDCiZeF8QOTi4JqbmJyK5+0UqhqYRduun8ylAwKKQJ1NJt85sYIHn9f1Rfr6Tq2zS0wZ7DHbZL+zB5rSlAr8QyUdg/GQD+cmSs6LvPJKL78d6hMGk84ARtFo4A79ovwX/Fj01znDQkU6nJildfkaolH2rWFG/qttD [email protected]";

    try {

      // =============================================================
      // Authenticate

      final File credFile = new File(System.getenv("AZURE_AUTH_LOCATION"));

      Azure azure =
          Azure.configure()
              .withLogLevel(HttpLoggingInterceptor.Level.BASIC)
              .authenticate(credFile)
              .withDefaultSubscription();

      // Print selected subscription
      System.out.println("Selected subscription: " + azure.subscriptionId());

      try {

        // Define a virtual network for VMs in this availability set

        System.out.println("Creating a virtual network ...");

        Network network =
            azure
                .networks()
                .define(vnetName)
                .withRegion(Region.US_EAST)
                .withNewResourceGroup(rgName)
                .withAddressSpace("172.16.0.0/16")
                .defineSubnet("Front-end")
                .withAddressPrefix("172.16.1.0/24")
                .attach()
                .defineSubnet("Back-end")
                .withAddressPrefix("172.16.2.0/24")
                .attach()
                .create();

        System.out.println("Created a virtual network: " + network.id());
        Utils.print(network);

        // ============================================================
        // Create a network security group for the front end of a subnet
        // front end subnet contains two rules
        // - ALLOW-SSH - allows SSH traffic into the front end subnet
        // - ALLOW-WEB- allows HTTP traffic into the front end subnet

        System.out.println("Creating a security group for the front end - allows SSH and HTTP");
        NetworkSecurityGroup frontEndNSG =
            azure
                .networkSecurityGroups()
                .define(frontEndNSGName)
                .withRegion(Region.US_EAST)
                .withNewResourceGroup(rgName)
                .defineRule("ALLOW-SSH")
                .allowInbound()
                .fromAnyAddress()
                .fromAnyPort()
                .toAnyAddress()
                .toPort(22)
                .withProtocol(SecurityRuleProtocol.TCP)
                .withPriority(100)
                .withDescription("Allow SSH")
                .attach()
                .defineRule("ALLOW-HTTP")
                .allowInbound()
                .fromAnyAddress()
                .fromAnyPort()
                .toAnyAddress()
                .toPort(80)
                .withProtocol(SecurityRuleProtocol.TCP)
                .withPriority(101)
                .withDescription("Allow HTTP")
                .attach()
                .create();

        System.out.println("Created a security group for the front end: " + frontEndNSG.id());
        Utils.print(frontEndNSG);

        // ============================================================
        // Create a network security group for the back end of a subnet
        // back end subnet contains two rules
        // - ALLOW-SQL - allows SQL traffic only from the front end subnet
        // - DENY-WEB - denies all outbound internet traffic from the back end subnet

        System.out.println(
            "Creating a security group for the front end - allows SSH and "
                + "denies all outbound internet traffic  ");

        NetworkSecurityGroup backEndNSG =
            azure
                .networkSecurityGroups()
                .define(backEndNSGName)
                .withRegion(Region.US_EAST)
                .withExistingResourceGroup(rgName)
                .defineRule("ALLOW-SQL")
                .allowInbound()
                .fromAddress("172.16.1.0/24")
                .fromAnyPort()
                .toAnyAddress()
                .toPort(1433)
                .withProtocol(SecurityRuleProtocol.TCP)
                .withPriority(100)
                .withDescription("Allow SQL")
                .attach()
                .defineRule("DENY-WEB")
                .denyOutbound()
                .fromAnyAddress()
                .fromAnyPort()
                .toAnyAddress()
                .toAnyPort()
                .withAnyProtocol()
                .withDescription("Deny Web")
                .withPriority(200)
                .attach()
                .create();

        System.out.println("Created a security group for the back end: " + backEndNSG.id());
        Utils.print(backEndNSG);

        System.out.println("Creating multiple network interfaces");
        System.out.println("Creating network interface 1");

        // ========================================================
        // Create a network interface and apply the
        // front end network security group

        System.out.println("Creating a network interface for the front end");

        NetworkInterface networkInterface1 =
            azure
                .networkInterfaces()
                .define(networkInterfaceName1)
                .withRegion(Region.US_EAST)
                .withExistingResourceGroup(rgName)
                .withExistingPrimaryNetwork(network)
                .withSubnet("Front-end")
                .withPrimaryPrivateIpAddressDynamic()
                .withNewPrimaryPublicIpAddress(publicIpAddressLeafDNS1)
                .withIpForwarding()
                .withExistingNetworkSecurityGroup(frontEndNSG)
                .create();

        System.out.println("Created network interface for the front end");

        Utils.print(networkInterface1);

        // ========================================================
        // Create a network interface and apply the
        // back end network security group

        System.out.println("Creating a network interface for the back end");

        NetworkInterface networkInterface2 =
            azure
                .networkInterfaces()
                .define(networkInterfaceName2)
                .withRegion(Region.US_EAST)
                .withExistingResourceGroup(rgName)
                .withExistingPrimaryNetwork(network)
                .withSubnet("Back-end")
                .withPrimaryPrivateIpAddressDynamic()
                .withExistingNetworkSecurityGroup(backEndNSG)
                .create();

        Utils.print(networkInterface2);

        // =============================================================
        // Create a virtual machine (for the front end)
        // with the network interface that has the network security group for the front end

        System.out.println(
            "Creating a Linux virtual machine (for the front end) - "
                + "with the network interface that has the network security group for the front end");

        Date t1 = new Date();

        VirtualMachine frontEndVM =
            azure
                .virtualMachines()
                .define(frontEndVMName)
                .withRegion(Region.US_EAST)
                .withExistingResourceGroup(rgName)
                .withExistingPrimaryNetworkInterface(networkInterface1)
                .withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS)
                .withRootUserName(userName)
                .withSsh(sshKey)
                .withSize(VirtualMachineSizeTypes.STANDARD_D3_V2)
                .create();

        Date t2 = new Date();
        System.out.println(
            "Created Linux VM: (took "
                + ((t2.getTime() - t1.getTime()) / 1000)
                + " seconds) "
                + frontEndVM.id());
        // Print virtual machine details
        Utils.print(frontEndVM);

        // =============================================================
        // Create a virtual machine (for the back end)
        // with the network interface that has the network security group for the back end

        System.out.println(
            "Creating a Linux virtual machine (for the back end) - "
                + "with the network interface that has the network security group for the back end");

        t1 = new Date();

        VirtualMachine backEndVM =
            azure
                .virtualMachines()
                .define(backEndVMName)
                .withRegion(Region.US_EAST)
                .withExistingResourceGroup(rgName)
                .withExistingPrimaryNetworkInterface(networkInterface2)
                .withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS)
                .withRootUserName(userName)
                .withSsh(sshKey)
                .withSize(VirtualMachineSizeTypes.STANDARD_D3_V2)
                .create();

        t2 = new Date();
        System.out.println(
            "Created a Linux VM: (took "
                + ((t2.getTime() - t1.getTime()) / 1000)
                + " seconds) "
                + backEndVM.id());
        Utils.print(backEndVM);

        // ========================================================
        // List network security groups

        System.out.println("Walking through network security groups");
        List<NetworkSecurityGroup> networkSecurityGroups =
            azure.networkSecurityGroups().listByGroup(rgName);

        for (NetworkSecurityGroup networkSecurityGroup : networkSecurityGroups) {
          Utils.print(networkSecurityGroup);
        }

        // ========================================================
        // Update a network security group

        System.out.println("Updating the front end network security group to allow FTP");

        frontEndNSG
            .update()
            .defineRule("ALLOW-FTP")
            .allowInbound()
            .fromAnyAddress()
            .fromAnyPort()
            .toAnyAddress()
            .toPortRange(20, 21)
            .withProtocol(SecurityRuleProtocol.TCP)
            .withDescription("Allow FTP")
            .withPriority(200)
            .attach()
            .apply();

        System.out.println("Updated the front end network security group");
        Utils.print(frontEndNSG);
      } catch (Exception f) {

        System.out.println(f.getMessage());
        f.printStackTrace();

      } finally {

        try {
          System.out.println("Deleting Resource Group: " + rgName);
          azure.resourceGroups().delete(rgName);
          System.out.println("Deleted Resource Group: " + rgName);
        } catch (NullPointerException npe) {
          System.out.println("Did not create any resources in Azure. No clean up is necessary");
        } catch (Exception g) {
          g.printStackTrace();
        }
      }
    } catch (Exception e) {
      System.out.println(e.getMessage());
      e.printStackTrace();
    }
  }