From 7c8a9b36620b2072f69852e3ecd91e4c981a9ddf Mon Sep 17 00:00:00 2001 From: Benjamin Weder Date: Sat, 18 Nov 2023 13:01:05 +0100 Subject: [PATCH] Add functionality to open ports in OpenStack IA (#43) --- .../OpenStack_CloudProviderInterface.war | 4 +- ...enStackCloudProviderInterfaceEndpoint.java | 48 ++++++++++++------- .../main/resources/cloudProviderInterface.xsd | 2 +- 3 files changed, 34 insertions(+), 20 deletions(-) diff --git a/artifacttemplates/http%3A%2F%2Fopentosca.org%2Fartifacttemplates/OpenStack_CloudProviderInterfaceIA-w2/files/OpenStack_CloudProviderInterface.war b/artifacttemplates/http%3A%2F%2Fopentosca.org%2Fartifacttemplates/OpenStack_CloudProviderInterfaceIA-w2/files/OpenStack_CloudProviderInterface.war index 778351c..e534e5d 100644 --- a/artifacttemplates/http%3A%2F%2Fopentosca.org%2Fartifacttemplates/OpenStack_CloudProviderInterfaceIA-w2/files/OpenStack_CloudProviderInterface.war +++ b/artifacttemplates/http%3A%2F%2Fopentosca.org%2Fartifacttemplates/OpenStack_CloudProviderInterfaceIA-w2/files/OpenStack_CloudProviderInterface.war @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:ae1f7f61fa89a5992743457a8147702d4ff55e9a3b483148b2083739bddcfc4a -size 34360016 +oid sha256:5b4fffd6c8bb816ca186d2e10f991fa48014de1ff88f9f87b9c0448f1b234f2c +size 34360551 diff --git a/artifacttemplates/http%3A%2F%2Fopentosca.org%2Fartifacttemplates/OpenStack_CloudProviderInterfaceIA-w2/source/src/main/java/org/opentosca/artifacttemplates/openstack/OpenStackCloudProviderInterfaceEndpoint.java b/artifacttemplates/http%3A%2F%2Fopentosca.org%2Fartifacttemplates/OpenStack_CloudProviderInterfaceIA-w2/source/src/main/java/org/opentosca/artifacttemplates/openstack/OpenStackCloudProviderInterfaceEndpoint.java index c4ff205..c88d99f 100644 --- a/artifacttemplates/http%3A%2F%2Fopentosca.org%2Fartifacttemplates/OpenStack_CloudProviderInterfaceIA-w2/source/src/main/java/org/opentosca/artifacttemplates/openstack/OpenStackCloudProviderInterfaceEndpoint.java +++ b/artifacttemplates/http%3A%2F%2Fopentosca.org%2Fartifacttemplates/OpenStack_CloudProviderInterfaceIA-w2/source/src/main/java/org/opentosca/artifacttemplates/openstack/OpenStackCloudProviderInterfaceEndpoint.java @@ -17,7 +17,9 @@ import org.openstack4j.model.compute.Address; import org.openstack4j.model.compute.Flavor; import org.openstack4j.model.compute.FloatingIP; +import org.openstack4j.model.compute.IPProtocol; import org.openstack4j.model.compute.Image; +import org.openstack4j.model.compute.SecGroupExtension; import org.openstack4j.model.compute.Server; import org.openstack4j.model.compute.Server.Status; import org.openstack4j.model.compute.ServerCreate; @@ -102,15 +104,6 @@ public void createVM(@RequestPayload CreateVMRequest request, MessageContext mes } } - String securityGroup = "default"; - if (request.getVMSecurityGroup() != null && !request.getVMSecurityGroup().isEmpty()) { - securityGroup = request.getVMSecurityGroup(); - if (!securityGroup.contains("default")) { - securityGroup = "default," + securityGroup; - } - } - logger.info("Received security groups {}", securityGroup); - // Create OpenStack client OSClient osClient = authenticate(request); @@ -160,6 +153,34 @@ public void createVM(@RequestPayload CreateVMRequest request, MessageContext mes return; } + // add defined security group or create new security group with defined open ports + String securityGroup; + if (request.getVMSecurityGroup() != null && !request.getVMSecurityGroup().isEmpty()) { + logger.info("Adding configured security group: {}", request.getVMSecurityGroup()); + securityGroup = request.getVMSecurityGroup(); + } else{ + logger.info("Creating new security group to open ports: {}", request.getVMOpenPorts()); + + // create security group + SecGroupExtension group = osClient.compute().securityGroups().create("OpenTOSCA-" + System.currentTimeMillis(), "OpenTOSCA security group"); + securityGroup = group.getName(); + logger.info("Created new security group with name: {}", securityGroup); + + // open ports within security group + String[] ports = request.getVMOpenPorts().split(","); + logger.info("Opening {} ports...", ports.length); + for (String port :ports){ + logger.info("Opening port: {}", port); + osClient.compute().securityGroups() + .createRule(Builders.secGroupRule() + .parentGroupId(group.getId()) + .protocol(IPProtocol.TCP) + .cidr("0.0.0.0/0") + .range(Integer.parseInt(port), Integer.parseInt(port)).build()); + } + } + logger.info("Resulting security group: {}", securityGroup); + // Get Networks based on Type String List availableNetworks = osClient.networking().network().list(); logger.info("Found "+ availableNetworks.size() + " Networks"); @@ -231,16 +252,9 @@ public void createVM(@RequestPayload CreateVMRequest request, MessageContext mes .flavor(flavor) .image(image) .networks(availableNetworksIds) + .addSecurityGroup(securityGroup) .keypairName(request.getVMKeyPairName()); - for (String secGroup : securityGroup.split(",")) { - String trim = secGroup.trim(); - if (!trim.isEmpty()) { - serverCreateBuilder.addSecurityGroup(trim); - logger.info("Added security group {}", trim); - } - } - ServerCreate sc = serverCreateBuilder.build(); // Start Server diff --git a/artifacttemplates/http%3A%2F%2Fopentosca.org%2Fartifacttemplates/OpenStack_CloudProviderInterfaceIA-w2/source/src/main/resources/cloudProviderInterface.xsd b/artifacttemplates/http%3A%2F%2Fopentosca.org%2Fartifacttemplates/OpenStack_CloudProviderInterfaceIA-w2/source/src/main/resources/cloudProviderInterface.xsd index 5a3c11b..41f3a00 100644 --- a/artifacttemplates/http%3A%2F%2Fopentosca.org%2Fartifacttemplates/OpenStack_CloudProviderInterfaceIA-w2/source/src/main/resources/cloudProviderInterface.xsd +++ b/artifacttemplates/http%3A%2F%2Fopentosca.org%2Fartifacttemplates/OpenStack_CloudProviderInterfaceIA-w2/source/src/main/resources/cloudProviderInterface.xsd @@ -40,6 +40,7 @@ + @@ -63,5 +64,4 @@ -