Repository: incubator-brooklyn
Updated Branches:
refs/heads/master b97370b14 -> e6235d9bc
Ported some Clocker changes back to brooklyn.
It is now possible to remove security groups permissions
Also added some error handling to JcloudsLocationSecurityGroupCustomizer
Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo
Commit:
http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/a4de7439
Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/a4de7439
Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/a4de7439
Branch: refs/heads/master
Commit: a4de7439b51ff5b98340c4ecf39c78934b930b77
Parents: b39ef3a
Author: Graeme-Miller
Authored: Thu Dec 10 15:37:01 2015 +
Committer: Graeme-Miller
Committed: Tue Dec 15 11:32:03 2015 +
--
.../JcloudsLocationSecurityGroupCustomizer.java | 103 ---
...oudsLocationSecurityGroupCustomizerTest.java | 55 ++
2 files changed, 141 insertions(+), 17 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a4de7439/locations/jclouds/src/main/java/org/apache/brooklyn/location/jclouds/networking/JcloudsLocationSecurityGroupCustomizer.java
--
diff --git
a/locations/jclouds/src/main/java/org/apache/brooklyn/location/jclouds/networking/JcloudsLocationSecurityGroupCustomizer.java
b/locations/jclouds/src/main/java/org/apache/brooklyn/location/jclouds/networking/JcloudsLocationSecurityGroupCustomizer.java
index 8ab6c16..3d6bc22 100644
---
a/locations/jclouds/src/main/java/org/apache/brooklyn/location/jclouds/networking/JcloudsLocationSecurityGroupCustomizer.java
+++
b/locations/jclouds/src/main/java/org/apache/brooklyn/location/jclouds/networking/JcloudsLocationSecurityGroupCustomizer.java
@@ -72,6 +72,7 @@ import com.google.common.collect.FluentIterable;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
+import com.google.common.util.concurrent.UncheckedExecutionException;
/**
* Configures custom security groups on Jclouds locations.
@@ -179,6 +180,33 @@ public class JcloudsLocationSecurityGroupCustomizer
extends BasicJcloudsLocation
return this;
}
+private SecurityGroup getSecurityGroup(final String nodeId, final
SecurityGroupExtension securityApi, final String locationId) {
+// Expect to have two security groups on the node: one shared between
all nodes in the location,
+// that is cached in sharedGroupCache, and one created by Jclouds that
is unique to the node.
+// Relies on customize having been called before. This should be safe
because the arguments
+// needed to call this method are not available until post-instance
creation.
+SecurityGroup machineUniqueSecurityGroup;
+Tasks.setBlockingDetails("Loading unique security group for node: " +
nodeId);
+try {
+machineUniqueSecurityGroup = uniqueGroupCache.get(nodeId, new
Callable() {
+@Override public SecurityGroup call() throws Exception {
+SecurityGroup sg =
getUniqueSecurityGroupForNodeCachingSharedGroupIfPreviouslyUnknown(nodeId,
locationId, securityApi);
+if (sg == null) {
+throw new IllegalStateException("Failed to find
machine-unique group on node: " + nodeId);
+}
+return sg;
+}
+});
+} catch (UncheckedExecutionException e) {
+throw Throwables.propagate(new Exception(e.getCause()));
+} catch (ExecutionException e) {
+throw Throwables.propagate(new Exception(e.getCause()));
+} finally {
+Tasks.resetBlockingDetails();
+}
+return machineUniqueSecurityGroup;
+}
+
/**
* Applies the given security group permissions to the given location.
*
@@ -201,6 +229,47 @@ public class JcloudsLocationSecurityGroupCustomizer
extends BasicJcloudsLocation
return this;
}
}
+/**
+ * Removes the given security group permissions from the given node with
the given compute service.
+ *
+ * Takes no action if the compute service does not have a security group
extension.
+ * @param permissions The set of permissions to be removed from the
location
+ * @param location Location to remove permissions from
+ */
+public void removePermissionsFromLocation(final JcloudsMachineLocation
location, final Iterable permissions) {
+synchronized (JcloudsLocationSecurityGroupCustomizer.class) {
+ComputeService computeService =