Hi Andrea & Ignasi,
Many thanks for quickly responding to my enquiries.
Sorry, I didn't make it very clear that my focus was more in the direction
of OpenStack yet Andrea provided an apt response.
Also, the Ignasi's information about security groups is very useful
because this equally falls within my purview.
I am already reading though the references ....
Many thanks !!
Regards,
Kennedy
On Sun, Oct 23, 2016 at 8:51 PM, Andrea Turli <andrea.tu...@gmail.com>
wrote:
> Hi Ken,
>
> in addition to Ignasi' suggestions I can add also the following
> (hopefully) useful links for FWaaS API, presuming you are in the context of
> Openstack.
>
> Recently we add the support for those API to Openstack Neutron [4]. As
> usual you can create instantiate a NeutronApi with something like
>
> NeutronApi neutronApi = ContextBuilder.newBuilder(new NeutronApiMetadata())
> .endpoint(endpoint)
> .credentials(credentials)
> .modules(ImmutableSet.<Module>of(
> new SshjSshClientModule(),
> new SLF4JLoggingModule(),
> new BouncyCastleCryptoModule()))
> .buildApi(NeutronApi.class)
>
> and for example use it to create a firewall and add a rule like
>
> FWaaSApi fWaaSApi = neutronApi.getFWaaSApi(regionId).get();
> FirewallPolicy firewallPolicy = fWaaSApi.createFirewallPolicy(
> CreateFirewallPolicy.builder()
> .name(String.format(JCLOUDS_FW_POLICY_PATTERN, name))
> .build());
>
> for (String address : addresses) {
> for (String inboundPort : ports) {
> FirewallRule firewallRule = fWaaSApi.createFirewallRule(Cr
> eateFirewallRule.builder()
> .name(ruleName)
> .destinationIpAddress(address)
> .destinationPort(inboundPort)
> .enabled(true)
> .action("allow")
> .protocol("tcp")
> .build());
> fWaaSApi.insertFirewallRuleToPolicy(firewallPolicy.getId(),
> firewallRule.getId());
> }
> }
>
>
> HTH,
> Andrea
>
> [4]: https://github.com/jclouds/jclouds-labs-openstack/pull/196
>
> On Sun, Oct 23, 2016 at 6:07 PM, Ignasi Barrera <n...@apache.org> wrote:
>
>> Hi Ken,
>>
>> Not all providers have an API to effectively manage firewalls, but
>> most that do, implement the jclouds SecurityGroupExtension [1]. You
>> can get it by calling:
>>
>> context.getComputeService().getSecurityGroupExtension();
>>
>> That will return an optional that will be present if the extension is
>> supported by the provider. You'll see in the javadocs that it has
>> methods to create and manage security groups, and also to configure
>> the ruleset set for each. Once you have configured the security
>> groups, you can create nodes and assign them to the desired security
>> groups by using the TemplateOptions#securityGroups() method [2].
>>
>> Alternatively, in some providers that don't support the security
>> groups extension, you can still use the TemplateOptions#inboundPorts
>> [3] to open ports in the nodes you create.
>>
>>
>> HTH!
>>
>> I.
>>
>>
>> [1] http://jclouds-javadocs.elasticbeanstalk.com/org/jclouds/com
>> pute/extensions/SecurityGroupExtension.html
>> [2] http://jclouds-javadocs.elasticbeanstalk.com/org/jclouds/com
>> pute/options/TemplateOptions.html#securityGroups(java.lang.Iterable)
>> [3] http://jclouds-javadocs.elasticbeanstalk.com/org/jclouds/com
>> pute/options/TemplateOptions.html#inboundPorts(int...)
>>
>> On 22 October 2016 at 21:40, Ken <run2obt...@gmail.com> wrote:
>> > Hi, I am trying to use jclouds FWaaS API, I cannot find examples like
>> there
>> > are for swift etc. Can someone point me to where such is available or
>> maybe
>> > give me a basic examples....e.g creating a firewall.
>> >
>> > Many thanks.
>>
>
>
