コード例 #1
0
  @Test
  public void testApply() {
    IpPermissions authorization = IpPermissions.permitAnyProtocol();

    org.jclouds.ec2.domain.SecurityGroup origGroup =
        org.jclouds.ec2.domain.SecurityGroup.builder()
            .region("us-east-1")
            .id("some-id")
            .name("some-group")
            .ownerId("some-owner")
            .description("some-description")
            .ipPermission(authorization)
            .build();

    AWSEC2SecurityGroupToSecurityGroup parser = createGroupParser(ImmutableSet.of(provider));

    SecurityGroup group = parser.apply(origGroup);

    assertEquals(group.getLocation(), provider);
    assertEquals(group.getId(), provider.getId() + "/" + origGroup.getId());
    assertEquals(group.getProviderId(), origGroup.getId());
    assertEquals(group.getName(), origGroup.getName());
    assertEquals(group.getIpPermissions(), (Set<IpPermission>) origGroup);
    assertEquals(group.getOwnerId(), origGroup.getOwnerId());
  }
  /**
   * Loads the security groups attached to the node with the given ID and returns the group that is
   * unique to the node, per the application context. This method will also update {@link
   * #sharedGroupCache} if no mapping for the shared group's location previously existed (e.g.
   * Brooklyn was restarted and rebound to an existing application).
   *
   * <p>Notice that jclouds will attach 2 securityGroups to the node if the locationId is `aws-ec2`
   * so it needs to look for the uniqueSecurityGroup rather than the shared securityGroup.
   *
   * @param nodeId The id of the node in question
   * @param locationId The id of the location in question
   * @param securityApi The API to use to list security groups
   * @return the security group unique to the given node, or null if one could not be determined.
   */
  private SecurityGroup getUniqueSecurityGroupForNodeCachingSharedGroupIfPreviouslyUnknown(
      String nodeId, String locationId, SecurityGroupExtension securityApi) {
    Set<SecurityGroup> groupsOnNode = securityApi.listSecurityGroupsForNode(nodeId);

    if (groupsOnNode == null || groupsOnNode.isEmpty()) {
      return null;
    }

    SecurityGroup unique;
    if (locationId.equals("aws-ec2")) {
      if (groupsOnNode.size() == 2) {
        String expectedSharedName = getNameForSharedSecurityGroup();
        Iterator<SecurityGroup> it = groupsOnNode.iterator();
        SecurityGroup shared = it.next();
        if (shared.getName().endsWith(expectedSharedName)) {
          unique = it.next();
        } else {
          unique = shared;
          shared = it.next();
        }
        if (!shared.getName().endsWith(expectedSharedName)) {
          LOG.warn(
              "Couldn't determine which security group is shared between instances in app {}. Expected={}, found={}",
              new Object[] {applicationId, expectedSharedName, groupsOnNode});
          return null;
        }
        // Shared entry might be missing if Brooklyn has rebound to an application
        SecurityGroup old = sharedGroupCache.asMap().putIfAbsent(shared.getLocation(), shared);
        LOG.info(
            "Loaded unique security group for node {} (in {}): {}",
            new Object[] {nodeId, applicationId, unique});
        if (old == null) {
          LOG.info("Proactively set shared group for app {} to: {}", applicationId, shared);
        }
        return unique;
      } else {
        LOG.warn(
            "Expected to find two security groups on node {} in app {} (one shared, one unique). Found {}: {}",
            new Object[] {nodeId, applicationId, groupsOnNode.size(), groupsOnNode});
      }
    }
    return Iterables.getOnlyElement(groupsOnNode);
  }
  @Test
  public void testApplyWithGroup() {
    NovaSecurityGroupInZoneToSecurityGroup parser = createGroupParser();

    SecurityGroupInZone origGroup = new SecurityGroupInZone(securityGroupWithGroup(), zone.getId());

    SecurityGroup newGroup = parser.apply(origGroup);

    assertEquals(
        newGroup.getId(), origGroup.getZone() + "/" + origGroup.getSecurityGroup().getId());
    assertEquals(newGroup.getProviderId(), origGroup.getSecurityGroup().getId());
    assertEquals(newGroup.getName(), origGroup.getSecurityGroup().getName());
    assertEquals(newGroup.getOwnerId(), origGroup.getSecurityGroup().getTenantId());
    assertEquals(
        newGroup.getIpPermissions(),
        ImmutableSet.copyOf(
            transform(
                origGroup.getSecurityGroup().getRules(),
                NovaSecurityGroupToSecurityGroupTest.ruleConverter)));
    assertEquals(newGroup.getLocation().getId(), origGroup.getZone());
  }