Method Detail

• getInstance

  public static JcloudsLocationSecurityGroupCustomizer getInstance(java.lang.String applicationId)

  Gets the customizer for the given applicationId. Multiple calls to this method with the same application context will return the same JcloudsLocationSecurityGroupCustomizer instance.

  Parameters:

  applicationId - An identifier for the application the customizer is to be used for

  Returns:

  the unique customizer for the given context

• getInstance

  public static JcloudsLocationSecurityGroupCustomizer getInstance(Entity entity)

  Gets a customizer for the given entity's application. Multiple calls to this method with entities in the same application will return the same JcloudsLocationSecurityGroupCustomizer instance.

  Parameters:

  entity - The entity the customizer is to be used for

  Returns:

  the unique customizer for the entity's owning application

• setRetryExceptionPredicate

  public JcloudsLocationSecurityGroupCustomizer setRetryExceptionPredicate( predicate)

  Parameters:

  predicate - A predicate whose return value indicates whether a request to add a security group or permission may be retried after its input Exception was thrown.

  Returns:

  this

• setSshCidrSupplier

  public JcloudsLocationSecurityGroupCustomizer setSshCidrSupplier( cidrSupplier)

  Parameters:

  cidrSupplier - A supplier returning a CIDR for hosts that are allowed to SSH to locations.

• addPermissionsToLocation

  public JcloudsLocationSecurityGroupCustomizer addPermissionsToLocation(JcloudsMachineLocation location,
                                                                org.jclouds.net.domain.IpPermission... permissions)

  See Also:

  #addPermissionsToLocation(JcloudsSshMachineLocation, java.lang.Iterable)

• addPermissionsToLocation

  public JcloudsLocationSecurityGroupCustomizer addPermissionsToLocation(JcloudsMachineLocation location,
                                                                SecurityGroupDefinition securityGroupDefinition)

  See Also:

  #addPermissionsToLocation(JcloudsSshMachineLocation, java.lang.Iterable)

• addPermissionsToLocation

  public JcloudsLocationSecurityGroupCustomizer addPermissionsToLocation(JcloudsMachineLocation location,
                                                                java.lang.Iterable<org.jclouds.net.domain.IpPermission> permissions)

  Applies the given security group permissions to the given location.

  Takes no action if the location's compute service does not have a security group extension.

  The synchronized block is to serialize the permission changes, preventing race conditions in some clouds. If multiple customizations of the same group are done in parallel the changes may not be picked up by later customizations, meaning the same rule could possibly be added twice, which would fail. A finer grained mechanism would be preferable here, but we have no access to the information required, so this brute force serializing is required.

  Parameters:

  location - Location to gain permissions

  permissions - The set of permissions to be applied to the location

• removePermissionsFromLocation

  public void removePermissionsFromLocation(JcloudsMachineLocation location,
                                   java.lang.Iterable<org.jclouds.net.domain.IpPermission> permissions)

  Removes the given security group permissions from the given node with the given compute service.

  Takes no action if the compute service does not have a security group extension.

  Parameters:

  permissions - The set of permissions to be removed from the location

  location - Location to remove permissions from

• customize

  public void customize(JcloudsLocation location,
               org.jclouds.compute.ComputeService computeService,
               org.jclouds.compute.domain.Template template)

  Replaces security groups configured on the given template with one that allows SSH access on port 22 and allows communication on all ports between machines in the same group. Security groups are reused when templates have equal locations.

  This method is called by Brooklyn when obtaining machines, as part of the JcloudsLocationCustomizer contract. It should not be called from anywhere else.

  Specified by:

  customize in interface JcloudsLocationCustomizer

  Overrides:

  customize in class BasicJcloudsLocationCustomizer

  Parameters:

  location - The Brooklyn location that has called this method while obtaining a machine

  computeService - The compute service being used by the location argument to provision a machine

  template - The machine template created by the location argument

• getBrooklynCidrBlock

  public java.lang.String getBrooklynCidrBlock()

  Returns:

  the CIDR block used to configure Brooklyn's in security groups

• newAwsExceptionRetryPredicate

  public static  newAwsExceptionRetryPredicate()

  Returns:

  A predicate that is true if an exception contains an AWSResponseException whose error code is either InvalidGroup.InUse, DependencyViolation or RequestLimitExceeded.