added VAppNetworksLiveTest

This commit is contained in:
Andrea Turli 2012-08-13 23:12:59 +02:00
parent 758e01a4d2
commit e92b370d51
4 changed files with 465 additions and 38 deletions

View File

@ -73,9 +73,9 @@ public class NetworkConnection {
@XmlType @XmlType
@XmlEnum(String.class) @XmlEnum(String.class)
public static enum IpAddressAllocationMode { public static enum IpAddressAllocationMode {
@XmlEnumValue("pool") POOL("pool"), @XmlEnumValue("POOL") POOL("pool"),
@XmlEnumValue("dhcp") DHCP("dhcp"), @XmlEnumValue("DHCP") DHCP("dhcp"),
@XmlEnumValue("manual") MANUAL("manual"), @XmlEnumValue("MANUAL") MANUAL("manual"),
@XmlEnumValue("NONE") NONE("none"), @XmlEnumValue("NONE") NONE("none"),
@XmlEnumValue("") UNRECOGNIZED("unrecognized"); @XmlEnumValue("") UNRECOGNIZED("unrecognized");
@ -222,8 +222,8 @@ public class NetworkConnection {
this.externalIpAddress = externalIpAddress; this.externalIpAddress = externalIpAddress;
this.isConnected = connected; this.isConnected = connected;
this.macAddress = macAddress; this.macAddress = macAddress;
this.ipAddressAllocationMode = checkNotNull(ipAddressAllocationMode, "ipAddressAllocationMode"); this.ipAddressAllocationMode = ipAddressAllocationMode;
this.network = checkNotNull(network, "network"); this.network = network;
this.needsCustomization = needsCustomization; this.needsCustomization = needsCustomization;
} }

View File

@ -32,6 +32,7 @@ import java.io.IOException;
import java.math.BigInteger; import java.math.BigInteger;
import java.net.URI; import java.net.URI;
import java.util.List; import java.util.List;
import java.util.Set;
import org.jclouds.dmtf.cim.CimBoolean; import org.jclouds.dmtf.cim.CimBoolean;
import org.jclouds.dmtf.cim.CimString; import org.jclouds.dmtf.cim.CimString;
@ -47,6 +48,8 @@ import org.jclouds.vcloud.director.v1_5.domain.VAppTemplate;
import org.jclouds.vcloud.director.v1_5.domain.Vdc; import org.jclouds.vcloud.director.v1_5.domain.Vdc;
import org.jclouds.vcloud.director.v1_5.domain.Vm; import org.jclouds.vcloud.director.v1_5.domain.Vm;
import org.jclouds.vcloud.director.v1_5.domain.dmtf.RasdItem; import org.jclouds.vcloud.director.v1_5.domain.dmtf.RasdItem;
import org.jclouds.vcloud.director.v1_5.domain.network.NetworkConnection;
import org.jclouds.vcloud.director.v1_5.domain.network.VAppNetworkConfiguration;
import org.jclouds.vcloud.director.v1_5.domain.params.UndeployVAppParams; import org.jclouds.vcloud.director.v1_5.domain.params.UndeployVAppParams;
import org.jclouds.vcloud.director.v1_5.domain.section.GuestCustomizationSection; import org.jclouds.vcloud.director.v1_5.domain.section.GuestCustomizationSection;
import org.jclouds.vcloud.director.v1_5.domain.section.NetworkConnectionSection; import org.jclouds.vcloud.director.v1_5.domain.section.NetworkConnectionSection;
@ -372,4 +375,26 @@ public abstract class AbstractVAppApiLiveTest extends BaseVCloudDirectorApiLiveT
Throwables.propagate(ioe); Throwables.propagate(ioe);
} }
} }
protected VAppNetworkConfiguration getVAppNetworkConfig(VApp vApp) {
Set<VAppNetworkConfiguration> vAppNetworkConfigs = vAppApi.getNetworkConfigSection(vApp.getHref()).getNetworkConfigs();
return Iterables.tryFind(vAppNetworkConfigs, Predicates.notNull()).orNull();
}
protected boolean vAppHasNetworkConfigured(VApp vApp) {
return getVAppNetworkConfig(vApp) != null;
}
protected boolean vmHasNetworkConnectionConfigured(Vm vm) {
return listNetworkConnections(vm).size() > 0;
}
protected Set<NetworkConnection> listNetworkConnections(Vm vm) {
return vmApi.getNetworkConnectionSection(vm.getHref()).getNetworkConnections();
}
protected Set<VAppNetworkConfiguration> listVappNetworkConfigurations(VApp vApp) {
Set<VAppNetworkConfiguration> vAppNetworkConfigs = vAppApi.getNetworkConfigSection(vApp.getHref()).getNetworkConfigs();
return vAppNetworkConfigs;
}
} }

View File

@ -80,6 +80,7 @@ import org.jclouds.vcloud.director.v1_5.domain.VAppTemplate;
import org.jclouds.vcloud.director.v1_5.domain.Vm; import org.jclouds.vcloud.director.v1_5.domain.Vm;
import org.jclouds.vcloud.director.v1_5.domain.network.NetworkAssignment; import org.jclouds.vcloud.director.v1_5.domain.network.NetworkAssignment;
import org.jclouds.vcloud.director.v1_5.domain.network.NetworkConnection; import org.jclouds.vcloud.director.v1_5.domain.network.NetworkConnection;
import org.jclouds.vcloud.director.v1_5.domain.network.NetworkConnection.IpAddressAllocationMode;
import org.jclouds.vcloud.director.v1_5.domain.network.VAppNetworkConfiguration; import org.jclouds.vcloud.director.v1_5.domain.network.VAppNetworkConfiguration;
import org.jclouds.vcloud.director.v1_5.domain.params.ComposeVAppParams; import org.jclouds.vcloud.director.v1_5.domain.params.ComposeVAppParams;
import org.jclouds.vcloud.director.v1_5.domain.params.ControlAccessParams; import org.jclouds.vcloud.director.v1_5.domain.params.ControlAccessParams;
@ -612,7 +613,8 @@ public class VAppApiLiveTest extends AbstractVAppApiLiveTest {
public void testModifyNetworkConfigSection() { public void testModifyNetworkConfigSection() {
// Copy existing section and update fields // Copy existing section and update fields
NetworkConfigSection oldSection = vAppApi.getNetworkConfigSection(vApp.getHref()); NetworkConfigSection oldSection = vAppApi.getNetworkConfigSection(vApp.getHref());
NetworkConfigSection newSection = oldSection.toBuilder() VAppNetworkConfiguration networkConfig = VAppNetworkConfiguration.builder().build();
NetworkConfigSection newSection = oldSection.toBuilder().networkConfigs(ImmutableSet.of(networkConfig))
.build(); .build();
// The method under test // The method under test
@ -848,27 +850,55 @@ public class VAppApiLiveTest extends AbstractVAppApiLiveTest {
InstantiationParams vmInstantiationParams = null; InstantiationParams vmInstantiationParams = null;
Set<NetworkAssignment> networkAssignments = Sets.newLinkedHashSet();
// if the vm contains a network connection and the vApp does not contain any configured network // if the vm contains a network connection and the vApp does not contain any configured network
if (vmHasNetworkConnectionConfigured(vm) && vAppHasNetworkConfigured(vApp)) { if (vmHasNetworkConnectionConfigured(vm)) {
// creating empty network connection section for the vm. if (!vAppHasNetworkConfigured(vApp)) {
NetworkConnectionSection networkConnectionSection = NetworkConnectionSection.builder() // create a new network connection section for the vm.
.info("Empty network configuration parameters") NetworkConnectionSection networkConnectionSection = NetworkConnectionSection.builder()
.build(); .info("Empty network configuration parameters").build();
// adding the network connection section to the instantiation params of the vapp.
// adding the network connection section to the instantiation params of the vapp. vmInstantiationParams = InstantiationParams.builder().sections(ImmutableSet.of(networkConnectionSection))
vmInstantiationParams = InstantiationParams.builder().sections(ImmutableSet.of(networkConnectionSection)).build(); .build();
}
// if the vm already contains a network connection section and if the vapp contains a
// configured network -> vm could be mapped to that network.
else {
Set<VAppNetworkConfiguration> vAppNetworkConfigurations = listVappNetworkConfigurations(vApp);
Set<NetworkConnection> listVmNetworkConnections = listNetworkConnections(vm);
for (NetworkConnection networkConnection : listVmNetworkConnections) {
for (VAppNetworkConfiguration vAppNetworkConfiguration : vAppNetworkConfigurations) {
NetworkAssignment networkAssignment = NetworkAssignment.builder()
.innerNetwork(vAppNetworkConfiguration.getNetworkName())
.containerNetwork(vAppNetworkConfiguration.getNetworkName()).build();
networkAssignments.add(networkAssignment);
}
}
}
} }
// if the vm already contains a network connection section and if the vapp contains a configured network -> vm could be mapped to that network. // if the vm does not contain any network connection sections and if the
NetworkAssignment networkAssignment = null; // vapp contains a network configuration. we should add the vm to this
if (vmHasNetworkConnectionConfigured(vm) && !vAppHasNetworkConfigured(vApp)) { // vapp network
for (NetworkConnection networkConnection : vmApi.getNetworkConnectionSection(vm.getHref()) else {
.getNetworkConnections()) { if (vAppHasNetworkConfigured(vApp)) {
if (networkConnection.getNetworkConnectionIndex() == vmApi.getNetworkConnectionSection(vm.getHref())
.getPrimaryNetworkConnectionIndex()) { VAppNetworkConfiguration vAppNetworkConfiguration = getVAppNetworkConfig(vApp);
networkAssignment = NetworkAssignment.builder().innerNetwork(networkConnection.getNetwork()) System.out.println(vAppNetworkConfiguration.getNetworkName());
.containerNetwork(getVAppNetworkConfig(vApp).getNetworkName()).build(); System.out.println(vAppNetworkConfiguration.getDescription());
}
NetworkConnection networkConnection = NetworkConnection.builder()
.network(vAppNetworkConfiguration.getNetworkName())
.ipAddressAllocationMode(IpAddressAllocationMode.DHCP).build();
NetworkConnectionSection networkConnectionSection = NetworkConnectionSection.builder().info("networkInfo")
.primaryNetworkConnectionIndex(0).networkConnection(networkConnection).build();
// adding the network connection section to the instantiation params of the vapp.
vmInstantiationParams = InstantiationParams.builder().sections(ImmutableSet.of(networkConnectionSection))
.build();
} }
} }
@ -877,27 +907,15 @@ public class VAppApiLiveTest extends AbstractVAppApiLiveTest {
.instantiationParams(vmInstantiationParams) .instantiationParams(vmInstantiationParams)
.build(); .build();
if (networkAssignment != null) if (networkAssignments != null)
vmItem = SourcedCompositionItemParam.builder().fromSourcedCompositionItemParam(vmItem) vmItem = SourcedCompositionItemParam.builder().fromSourcedCompositionItemParam(vmItem)
.networkAssignment(ImmutableSet.of(networkAssignment)) .networkAssignment(networkAssignments)
.build(); .build();
return RecomposeVAppParams.builder().name(name("recompose-")) return RecomposeVAppParams.builder().name(name("recompose-"))
// adding the vm item. // adding the vm item.
.sourcedItems(ImmutableList.of(vmItem)).build(); .sourcedItems(ImmutableList.of(vmItem)).build();
}
private VAppNetworkConfiguration getVAppNetworkConfig(VApp vApp) {
Set<VAppNetworkConfiguration> vAppNetworkConfigs = vAppApi.getNetworkConfigSection(vApp.getHref()).getNetworkConfigs();
return Iterables.tryFind(vAppNetworkConfigs, Predicates.notNull()).orNull();
}
private boolean vAppHasNetworkConfigured(VApp vApp) {
return getVAppNetworkConfig(vApp) != null;
}
private boolean vmHasNetworkConnectionConfigured(Vm vm) {
return vmApi.getNetworkConnectionSection(vm.getHref()).getNetworkConnections().size() > 0;
} }
} }

View File

@ -0,0 +1,384 @@
/*
* Licensed to jclouds, Inc. (jclouds) under one or more
* contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. jclouds licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.jclouds.vcloud.director.v1_5.features;
import static org.jclouds.vcloud.director.v1_5.VCloudDirectorLiveTestConstants.ENTITY_NON_NULL;
import static org.jclouds.vcloud.director.v1_5.VCloudDirectorLiveTestConstants.TASK_COMPLETE_TIMELY;
import static org.jclouds.vcloud.director.v1_5.domain.Checks.checkNetworkConfigSection;
import static org.testng.Assert.assertNotNull;
import static org.testng.Assert.assertTrue;
import static org.testng.Assert.fail;
import java.net.URI;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.jclouds.vcloud.director.v1_5.AbstractVAppApiLiveTest;
import org.jclouds.vcloud.director.v1_5.domain.Reference;
import org.jclouds.vcloud.director.v1_5.domain.Task;
import org.jclouds.vcloud.director.v1_5.domain.Vdc;
import org.jclouds.vcloud.director.v1_5.domain.Vm;
import org.jclouds.vcloud.director.v1_5.domain.network.FirewallRule;
import org.jclouds.vcloud.director.v1_5.domain.network.FirewallRuleProtocols;
import org.jclouds.vcloud.director.v1_5.domain.network.FirewallService;
import org.jclouds.vcloud.director.v1_5.domain.network.IpRange;
import org.jclouds.vcloud.director.v1_5.domain.network.IpRanges;
import org.jclouds.vcloud.director.v1_5.domain.network.IpScope;
import org.jclouds.vcloud.director.v1_5.domain.network.NatService;
import org.jclouds.vcloud.director.v1_5.domain.network.Network.FenceMode;
import org.jclouds.vcloud.director.v1_5.domain.network.NetworkConfiguration;
import org.jclouds.vcloud.director.v1_5.domain.network.NetworkConnection;
import org.jclouds.vcloud.director.v1_5.domain.network.NetworkConnection.IpAddressAllocationMode;
import org.jclouds.vcloud.director.v1_5.domain.network.NetworkFeatures;
import org.jclouds.vcloud.director.v1_5.domain.network.NetworkServiceType;
import org.jclouds.vcloud.director.v1_5.domain.network.VAppNetworkConfiguration;
import org.jclouds.vcloud.director.v1_5.domain.section.NetworkConfigSection;
import org.jclouds.vcloud.director.v1_5.domain.section.NetworkConnectionSection;
import org.testng.annotations.AfterClass;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import com.google.common.base.Joiner;
import com.google.common.base.Optional;
import com.google.common.base.Predicate;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
/**
* Tests the request/response behavior of {@link VAppTemplateApi}
*
* NOTE The environment MUST have at least one template configured
*
* @author Andrea Turli
*/
@Test(groups = { "live", "user" }, singleThreaded = true, testName = "VAppNetworksLiveTest")
public class VAppNetworksLiveTest extends AbstractVAppApiLiveTest {
private static final String HTTP_SECURITY_GROUP = "http";
private static final String DEFAULT_SECURITY_GROUP = "default";
private String key;
private Reference parentNetworkRef;
private Map<String, NetworkConfiguration> securityGroupToNetworkConfig;
private String orgNetworkName;
@AfterClass(alwaysRun = true, dependsOnMethods = { "cleanUpEnvironment" })
protected void tidyUp() {
if (key != null) {
try {
Task delete = vAppTemplateApi.getMetadataApi().deleteMetadataEntry(vAppTemplateURI, key);
taskDoneEventually(delete);
} catch (Exception e) {
logger.warn(e, "Error when deleting metadata entry '%s'", key);
}
}
}
@BeforeClass
void setUp() {
parentNetworkRef = lookUpNewtorkInVdc(networkURI);
securityGroupToNetworkConfig = createSecurityGroupToNetworkConfiguration(parentNetworkRef);
orgNetworkName = parentNetworkRef.getName();
}
@AfterMethod
void cleanUpVmNetworks() {
disconnectVmFromVAppNetwork(vm);
}
@Test(description = "Create a vApp Network based on an org network with `default` firewall rules applied")
public void testCreateVAppNetworkWithDefaultSecurityGroup() {
ImmutableList<String> securityGroups = ImmutableList.of(DEFAULT_SECURITY_GROUP);
createVAppNetworkWithSecurityGroupOnVApp(securityGroups, vAppURI);
// Retrieve the modified section
NetworkConfigSection modified = vAppApi.getNetworkConfigSection(vAppURI);
// Check the retrieved object is well formed
checkNetworkConfigSection(modified);
/*
* TODO
* powerOn machine, ssh to it, run sshd on a port, trying to connect
* `which sshd` -p 22
*
*/
}
@Test(description = "Create a vApp Network based on an org network with `http` firewall rules applied")
public void testCreateVAppNetworkWithHttpSecurityGroup() {
ImmutableList<String> securityGroups = ImmutableList.of(HTTP_SECURITY_GROUP);
createVAppNetworkWithSecurityGroupOnVApp(securityGroups, vAppURI);
// Retrieve the modified section
NetworkConfigSection modified = vAppApi.getNetworkConfigSection(vAppURI);
// Check the retrieved object is well formed
checkNetworkConfigSection(modified);
/*
* TODO
* powerOn machine, ssh to it, run sshd on a port, trying to connect
* `which sshd` -p 22
*
*/
}
@Test(description = "Create a vApp Network based on an org network with both `defautl` and `http` firewall rules applied")
public void testCreateVAppNetworkWithDefaultAndHttpSecurityGroup() {
ImmutableList<String> securityGroups = ImmutableList.of(DEFAULT_SECURITY_GROUP, HTTP_SECURITY_GROUP);
createVAppNetworkWithSecurityGroupOnVApp(securityGroups, vAppURI);
// Retrieve the modified section
NetworkConfigSection modified = vAppApi.getNetworkConfigSection(vAppURI);
// Check the retrieved object is well formed
checkNetworkConfigSection(modified);
/*
* TODO
* powerOn machine, ssh to it, run sshd on a port, trying to connect
* `which sshd` -p 22
*
*/
}
private void createVAppNetworkWithSecurityGroupOnVApp(ImmutableList<String> securityGroups, URI vAppURI) {
String newVAppNetworkName = generateVAppNetworkName(orgNetworkName, securityGroups);
// Create a vAppNetwork with firewall rules
NetworkConfigSection newSection = generateNetworkConfigSection(securityGroups, newVAppNetworkName);
Task modifyNetworkConfigSection = vAppApi.modifyNetworkConfigSection(vAppURI, newSection);
assertTrue(retryTaskSuccess.apply(modifyNetworkConfigSection), String.format(TASK_COMPLETE_TIMELY, "modifyNetworkConfigSection"));
attachVmToVAppNetwork(vm, newVAppNetworkName);
}
private NetworkConfigSection generateNetworkConfigSection(List<String> securityGroups, String newVAppNetworkName) {
Set<FirewallRule> firewallRules = Sets.newLinkedHashSet();
for (String securityGroup : securityGroups) {
Set<FirewallRule> securityGroupFirewallRules = retrieveAllFirewallRules(securityGroupToNetworkConfig.get(securityGroup).getNetworkFeatures());
firewallRules.addAll(securityGroupFirewallRules);
}
FirewallService firewallService = createFirewallService(firewallRules);
NatService natService = createNatService();
IpScope ipScope = createNewIpScope();
NetworkConfiguration newConfiguration = NetworkConfiguration.builder()
.ipScope(ipScope)
.parentNetwork(parentNetworkRef)
.fenceMode(FenceMode.NAT_ROUTED)
.retainNetInfoAcrossDeployments(false)
.features(createNetworkFeatures(ImmutableSet.of(firewallService, natService)))
.build();
VAppNetworkConfiguration newVAppNetworkConfiguration = VAppNetworkConfiguration.builder().networkName(newVAppNetworkName).configuration(newConfiguration).build();
return NetworkConfigSection.builder()
.info("modified")
.networkConfigs(ImmutableSet.of(newVAppNetworkConfiguration))
.build();
}
private void attachVmToVAppNetwork(Vm vm, String vAppNetworkName) {
Set<NetworkConnection> networkConnections = vmApi.getNetworkConnectionSection(vm.getHref())
.getNetworkConnections();
NetworkConnectionSection section = NetworkConnectionSection.builder()
.info("info")
.primaryNetworkConnectionIndex(0)
.build();
for (NetworkConnection networkConnection : networkConnections) {
NetworkConnection newNetworkConnection = networkConnection.toBuilder()
.network(vAppNetworkName)
.isConnected(true)
.networkConnectionIndex(0)
.ipAddressAllocationMode(IpAddressAllocationMode.POOL)
.build();
section = section.toBuilder().networkConnection(newNetworkConnection).build();
}
Task configureNetwork = vmApi.modifyNetworkConnectionSection(vm.getHref(), section);
assertTaskSucceedsLong(configureNetwork);
}
private IpScope createNewIpScope() {
IpRange newIpRange = createIpRange();
IpRanges newIpRanges = IpRanges.builder()
.ipRange(newIpRange)
.build();
return IpScope.builder()
.isInherited(false)
.gateway("192.168.2.1")
.netmask("255.255.0.0")
.ipRanges(newIpRanges).build();
}
private IpRange createIpRange() {
IpRange newIpRange = IpRange.builder()
.startAddress("192.168.2.100")
.endAddress("192.168.2.199")
.build();
return newIpRange;
}
private Reference lookUpNewtorkInVdc(final URI networkURI) {
Vdc vdc = context.getApi().getVdcApi().getVdc(vdcURI);
assertNotNull(vdc, String.format(ENTITY_NON_NULL, VDC));
Set<Reference> networks = vdc.getAvailableNetworks();
// Look up the network in the Vdc with the id configured for the tests
Optional<Reference> parentNetwork = Iterables.tryFind(networks, new Predicate<Reference>() {
@Override
public boolean apply(Reference reference) {
return reference.getHref().equals(networkURI);
}
});
if (!parentNetwork.isPresent()) {
fail(String.format("Could not find network %s in vdc", networkURI.toASCIIString()));
}
return parentNetwork.get();
}
private Set<FirewallRule> retrieveAllFirewallRules(NetworkFeatures networkFeatures) {
Set<FirewallRule> firewallRules = Sets.newLinkedHashSet();
for (NetworkServiceType<?> networkServiceType : networkFeatures.getNetworkServices()) {
if (networkServiceType instanceof FirewallService) {
firewallRules.addAll(((FirewallService) networkServiceType).getFirewallRules());
}
}
return firewallRules;
}
private NetworkFeatures createNetworkFeatures(Set<? extends NetworkServiceType<?>> networkServices) {
NetworkFeatures networkFeatures = NetworkFeatures.builder()
.services(networkServices)
.build();
return networkFeatures;
}
private Set<FirewallRule> createDefaultFirewallRules() {
FirewallRuleProtocols protocols = FirewallRuleProtocols.builder()
.any(true)
.build();
FirewallRule egressAll = createFirewallRule(FirewallRuleProtocols.builder().tcp(true).build(), "allow ssh ingoing traffic", -1, 22, "in");
FirewallRule sshIngoing = createFirewallRule(protocols, "allow all outgoing traffic", -1, -1, "out");
return ImmutableSet.of(egressAll, sshIngoing);
}
private Set<FirewallRule> createHttpIngoingFirewallRule() {
FirewallRuleProtocols protocols = FirewallRuleProtocols.builder().tcp(true).build();
FirewallRule httpIngoing = createFirewallRule(protocols , "allow http ingoing traffic", 80, 80, "in");
FirewallRule httpsIngoing = createFirewallRule(protocols , "allow https ingoing traffic", 443, 443, "in");
return ImmutableSet.of(httpIngoing, httpsIngoing);
}
private FirewallRule createFirewallRule(FirewallRuleProtocols protocols, String description, int sourcePort, int outPort, String direction) {
return FirewallRule.builder()
.isEnabled(true)
.description(description)
.policy("allow")
.protocols(protocols)
.port(outPort)
.destinationIp("Any")
.sourcePort(sourcePort)
.sourceIp("Any")
.direction(direction)
.enableLogging(false)
.build();
}
private FirewallService createFirewallService(Set<FirewallRule> firewallRules) {
FirewallService firewallService = FirewallService.builder()
.enabled(true)
.defaultAction("drop")
.logDefaultAction(false)
.firewallRules(firewallRules)
.build();
return firewallService;
}
private NatService createNatService() {
NatService natService = NatService.builder()
.enabled(true)
.natType("ipTranslation")
.policy("allowTraffic")
.build();
return natService;
}
private Map<String, NetworkConfiguration> createSecurityGroupToNetworkConfiguration(Reference parentNetworkRef) {
Set<FirewallRule> defaultFirewallRules = createDefaultFirewallRules();
Set<FirewallRule> httpFirewallRules = createHttpIngoingFirewallRule();
Map<String, NetworkConfiguration> securityGroupToNetworkConfigurations = Maps.newHashMap();
securityGroupToNetworkConfigurations.put(DEFAULT_SECURITY_GROUP, createNetworkConfiguration(parentNetworkRef, defaultFirewallRules));
securityGroupToNetworkConfigurations.put(HTTP_SECURITY_GROUP, createNetworkConfiguration(parentNetworkRef, httpFirewallRules));
return securityGroupToNetworkConfigurations;
}
private NetworkConfiguration createNetworkConfiguration(Reference parentNetworkRef, Set<FirewallRule> newFirewallRules) {
FirewallService firewallService = createFirewallService(newFirewallRules);
IpScope ipScope = createNewIpScope();
NetworkConfiguration newConfiguration = NetworkConfiguration.builder()
.ipScope(ipScope)
.parentNetwork(parentNetworkRef)
.fenceMode(FenceMode.NAT_ROUTED)
.retainNetInfoAcrossDeployments(false)
.features(createNetworkFeatures(ImmutableSet.of(firewallService)))
.build();
return newConfiguration;
}
private static String generateVAppNetworkName(String orgNetworkName, List<String> securityGroupNames) {
return orgNetworkName + "-" + Joiner.on("+").join(securityGroupNames);
}
private void disconnectVmFromVAppNetwork(Vm vm) {
Set<NetworkConnection> networkConnections = vmApi.getNetworkConnectionSection(vm.getHref())
.getNetworkConnections();
NetworkConnectionSection section = NetworkConnectionSection.builder()
.info("info")
.primaryNetworkConnectionIndex(0)
.build();
for (NetworkConnection networkConnection : networkConnections) {
section = section
.toBuilder()
.networkConnection(networkConnection.toBuilder()
.network("none")
.ipAddressAllocationMode(IpAddressAllocationMode.NONE)
.build())
.build();
}
Task cleanUpNetworks = vmApi.modifyNetworkConnectionSection(vm.getHref(), section);
assertTaskSucceedsLong(cleanUpNetworks);
}
}