Github user geomacy commented on a diff in the pull request: https://github.com/apache/brooklyn-server/pull/529#discussion_r97512096 --- Diff: locations/jclouds/src/main/java/org/apache/brooklyn/location/jclouds/BasicLocationNetworkInfoCustomizer.java --- @@ -0,0 +1,473 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.brooklyn.location.jclouds; + +import java.lang.reflect.InvocationTargetException; +import java.util.Iterator; +import java.util.Map; + +import org.apache.brooklyn.api.entity.Entity; +import org.apache.brooklyn.api.entity.EntityLocal; +import org.apache.brooklyn.api.sensor.AttributeSensor; +import org.apache.brooklyn.config.ConfigKey; +import org.apache.brooklyn.core.config.ConfigKeys; +import org.apache.brooklyn.core.config.ConfigUtils; +import org.apache.brooklyn.core.entity.Attributes; +import org.apache.brooklyn.core.entity.BrooklynConfigKeys; +import org.apache.brooklyn.core.location.LocationConfigKeys; +import org.apache.brooklyn.core.mgmt.BrooklynTaskTags; +import org.apache.brooklyn.core.sensor.Sensors; +import org.apache.brooklyn.location.winrm.WinRmMachineLocation; +import org.apache.brooklyn.util.collections.MutableMap; +import org.apache.brooklyn.util.core.config.ConfigBag; +import org.apache.brooklyn.util.core.task.Tasks; +import org.apache.brooklyn.util.exceptions.Exceptions; +import org.apache.brooklyn.util.guava.Maybe; +import org.apache.brooklyn.util.net.Networking; +import org.apache.brooklyn.util.time.Duration; +import org.jclouds.compute.domain.NodeMetadata; +import org.jclouds.domain.LoginCredentials; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.google.common.annotations.Beta; +import com.google.common.base.MoreObjects; +import com.google.common.base.Optional; +import com.google.common.base.Predicate; +import com.google.common.base.Stopwatch; +import com.google.common.base.Supplier; +import com.google.common.base.Suppliers; +import com.google.common.collect.ImmutableList; +import com.google.common.collect.Iterables; +import com.google.common.net.HostAndPort; + +/** + * The default location network info customizer. + * <p> + * When used as an {@link org.apache.brooklyn.api.entity.EntityInitializer} the + * instance inserts itself into the entity's provisioning properties under the + * {@link JcloudsLocationConfig#LOCATION_NETWORK_INFO_CUSTOMIZER} subkey. + * <p> + * This class is annotated @Beta and is likely to change in the future. + */ +@Beta +public class BasicLocationNetworkInfoCustomizer extends BasicJcloudsLocationCustomizer implements LocationNetworkInfoCustomizer { + + private static final Logger LOG = LoggerFactory.getLogger(BasicLocationNetworkInfoCustomizer.class); + + public enum NetworkMode { + /** + * Check each node's {@link NodeMetadata#getPublicAddresses() public addresses} + * for reachability before its {@link NodeMetadata#getPrivateAddresses() private addresses}. + */ + PREFER_PUBLIC, + /** + * Check each node's {@link NodeMetadata#getPrivateAddresses() private addresses} + * for reachability before its {@link NodeMetadata#getPublicAddresses() public addresses}. + */ + PREFER_PRIVATE, + /** + * Check only a node's {@link NodeMetadata#getPublicAddresses() public addresses} for reachability. + */ + ONLY_PUBLIC, + /** + * Check only a node's {@link NodeMetadata#getPrivateAddresses()} private addresses} for reachability. + */ + ONLY_PRIVATE + } + + public static final ConfigKey<NetworkMode> MODE = ConfigKeys.newConfigKey(NetworkMode.class, + "mode", "Operation mode", NetworkMode.PREFER_PUBLIC); + + @Beta + public static final ConfigKey<Boolean> TEST_CREDENTIALS = ConfigKeys.newBooleanConfigKey( + "testCredentials", + "Indicates that credentials should be tested when determining endpoint reachability.", + Boolean.TRUE); + + public static final ConfigKey<Boolean> PUBLISH_NETWORKS = ConfigKeys.newBooleanConfigKey( + "publishNetworks", + "Indicates that the customiser should publish addresses as sensors on each entity", + Boolean.TRUE); + + // -------------------------------------------------------------------------------------- + + public BasicLocationNetworkInfoCustomizer() { + super(); + } + + public BasicLocationNetworkInfoCustomizer(Map<?, ?> params) { + super(params); + } + + public BasicLocationNetworkInfoCustomizer(final ConfigBag params) { + super(params); + } + + // -------------------------------------------------------------------------------------- + + /** + * Overrides the behaviour of {@link BasicJcloudsLocationCustomizer#apply(EntityLocal)} to set + * the instance as the value of {@link JcloudsLocationConfig#LOCATION_NETWORK_INFO_CUSTOMIZER}, + * rather than in its provisioning properties. + */ + @Override + public void apply(EntityLocal entity) { + ConfigKey<Object> subkey = BrooklynConfigKeys.PROVISIONING_PROPERTIES.subKey(JcloudsLocationConfig.LOCATION_NETWORK_INFO_CUSTOMIZER.getName()); + entity.config().set(subkey, this); + LOG.debug("{} set itself as the location network info customizer on {}", this, entity); + } + + // -------------------------------------------------------------------------------------- + + /** + * Combines the given resolve options with the customiser's configuration to determine the + * best address and credential pair for management. In particular, if the resolve options + * allow it will check that the credential is actually valid for the address. + */ + @Override + public ManagementAddressResolveResult resolve( + JcloudsLocation location, NodeMetadata node, ConfigBag config, ManagementAddressResolveOptions options) { + LOG.debug("{} resolving management parameters for {}, node={}, config={}, options={}", + new Object[]{this, location, node, config, options}); + Stopwatch timer = Stopwatch.createStarted(); + // Should only be null in tests. + final Entity contextEntity = getContextEntity(config); + if (shouldPublishNetworks() && options.publishNetworkSensors() && contextEntity != null) { + publishNetworks(node, contextEntity); + } + HostAndPort hapChoice = null; + LoginCredentials credChoice = null; + + Iterable<HostAndPort> managementCandidates = getManagementCandidates(location, node, config, options); + Iterable<LoginCredentials> credentialCandidates = getCredentialCandidates(location, node, options, config); + + // Try each pair of address and credential until one succeeds. + if (options.expectReachable() && options.pollForFirstReachableAddress() && shouldTestCredentials()) { + for (HostAndPort hap : managementCandidates) { + for (LoginCredentials cred : credentialCandidates) { + LOG.trace("Testing host={} with credential={}", hap, cred); + if (testCredential(location, hap, cred, config, options.isWindows())) { + hapChoice = hap; + credChoice = cred; + break; + } + } + if (hapChoice != null) break; + } + } + + if (hapChoice == null) { + LOG.trace("Choosing first management candidate given node={} and mode={}", node, getMode()); + hapChoice = Iterables.getFirst(managementCandidates, null); + } + if (hapChoice == null) { + LOG.trace("Choosing first address of node={} in mode={}", node, getMode()); + final Iterator<String> hit = getNodeAddressesWithMode(node).iterator(); + if (hit.hasNext()) HostAndPort.fromHost(hit.next()); + } + if (hapChoice == null) { + throw new IllegalStateException("Exhausted all options when determining address for " + location); + } + + if (credChoice == null) { + credChoice = Iterables.getFirst(credentialCandidates, null); + if (credChoice == null) { + throw new IllegalStateException("Exhausted all options when determining credential for " + location); + } + } + + if (contextEntity != null) { + contextEntity.sensors().set(Attributes.ADDRESS, hapChoice.getHostText()); + } + ManagementAddressResolveResult result = new ManagementAddressResolveResult(hapChoice, credChoice); + LOG.debug("{} resolved management parameters for {} in {}: {}", + new Object[]{this, location, Duration.of(timer), result}); + return result; + } + + private boolean shouldPublishNetworks() { + return Boolean.TRUE.equals(config().get(PUBLISH_NETWORKS)); + } + + // TODO: Separate this into second part? + void publishNetworks(NodeMetadata node, Entity entity) { + // todo hostnames? + int i = 0; + for (String address : node.getPrivateAddresses()) { + final AttributeSensor<String> sensor = Sensors.newStringSensor("host.address.private." + i++); + if (entity.sensors().get(sensor) == null) { + entity.sensors().set(sensor, address); + } + } + i = 0; + for (String address : node.getPublicAddresses()) { + final AttributeSensor<String> sensor = Sensors.newStringSensor("host.address.public." + i++); + if (entity.sensors().get(sensor) == null) { + entity.sensors().set(sensor, address); + } + } + } + + // -------------------------------------------------------------------------------------- + + /** + * Returns the hosts and ports that should be considered when determining the address + * to use when connecting to the location by assessing the following criteria: + * <ol> + * <li>Use the hostAndPortOverride set in options.</li> + * <li>If the machine is connectable, user credentials are given and the machine is provisioned + * in AWS then use {@link JcloudsLocation#getHostnameAws(NodeMetadata, Optional, Supplier, ConfigBag)}.</li> + * <li>If the machine is connectable and pollForFirstReachableAddress is set in options then use all + * {@link #getReachableAddresses reachable} addresses.</li> + * <li>Use the first address that is resolvable with {@link #isAddressResolvable}.</li> + * <li>Use the first address in the node's public then private addresses.</li> + * </ol> + */ + protected Iterable<HostAndPort> getManagementCandidates( + JcloudsLocation location, NodeMetadata node, ConfigBag config, ManagementAddressResolveOptions options) { + final Optional<HostAndPort> hostAndPortOverride = options.getHostAndPortOverride(); + boolean lookupAwsHostname = Boolean.TRUE.equals(config.get(JcloudsLocation.LOOKUP_AWS_HOSTNAME)); + String provider = config.get(JcloudsLocation.CLOUD_PROVIDER); + if (provider == null) provider = location.getProvider(); + int defaultPort; + if (options.isWindows()) { + defaultPort = config.get(WinRmMachineLocation.USE_HTTPS_WINRM) ? 5986 : 5985; + } else { + defaultPort = node.getLoginPort(); + } + + // Will normally have come from port forwarding. + if (hostAndPortOverride.isPresent()) { + // Don't try to resolve it; just use it + int port = hostAndPortOverride.get().hasPort() + ? hostAndPortOverride.get().getPort() + : defaultPort; + final HostAndPort override = HostAndPort.fromParts(hostAndPortOverride.get().getHostText(), port); + LOG.debug("Using host and port override for management candidates of {}: {}", location, override); + return ImmutableList.of(override); + } + + // Treat AWS as a special case because the DNS fully qualified hostname in AWS is + // (normally?!) a good way to refer to the VM from both inside and outside of the region. + // TODO This is a bit weird: if the statement below is true then getHostnameAws will find the first + // reachable address, which repeats if case after this one. + if (options.expectReachable() && options.getUserCredentials().isPresent() && "aws-ec2".equals(provider) && lookupAwsHostname) { + // getHostnameAws sshes to the machine and curls 169.254.169.254/latest/meta-data/public-hostname. + Maybe<String> result = location.getHostnameAws( + node, Optional.<HostAndPort>absent(), Suppliers.ofInstance(options.getUserCredentials().get()), config); + if (result.isPresent()) { + LOG.debug("Resolved AWS hostname for management candidates of {}: {}", location, result.get()); + return ImmutableList.of(HostAndPort.fromParts(result.get(), defaultPort)); + } + } + if (options.expectReachable() && options.pollForFirstReachableAddress()) { + LOG.debug("Using reachable addresses for management candidates of {}", location); + try { + return getReachableAddresses(node, config, options.getPollTimeout()); + } catch (RuntimeException e) { + if (options.propagatePollForReachableFailure()) { + throw Exceptions.propagate(e); + } else { + LOG.warn("No reachable address ({}/{}); falling back to any advertised address; may cause future failures", + location.getCreationString(config), node); + } + } + } + + Iterable<String> addresses = getNodeAddressesWithMode(node); + LOG.debug("Using first resolvable address in {} for management candidates of {}", Iterables.toString(addresses), location); + for (String address : addresses) { + if (isAddressResolvable(address)) { + return ImmutableList.of(HostAndPort.fromParts(address, defaultPort)); + } + } + + LOG.warn("No resolvable address in {} ({}/{}); using first; may cause future failures", + new Object[]{addresses, location.getCreationString(config), node}); + String host = Iterables.getFirst(addresses, null); + if (host != null) { + return ImmutableList.of(HostAndPort.fromParts(host, defaultPort)); + } else { + return ImmutableList.of(); + } + } + + /** + * Returns all reachable addresses according to {@link #getReachableAddressesPredicate}. + * Iterators are ordered according to the configured {@link #getMode() mode}. + */ + protected Iterable<HostAndPort> getReachableAddresses(NodeMetadata node, ConfigBag setup, Duration timeout) { + if (timeout == null) timeout = Duration.FIVE_MINUTES; + Iterable<String> candidates = getNodeAddressesWithMode(node); + Predicate<? super HostAndPort> pollForFirstReachableHostAndPortPredicate = getReachableAddressesPredicate(setup); + return JcloudsUtil.getReachableAddresses(candidates, node.getLoginPort(), timeout, pollForFirstReachableHostAndPortPredicate); + } + + protected Iterable<String> getNodeAddressesWithMode(NodeMetadata node) { + switch (getMode()) { + case ONLY_PRIVATE: + return node.getPrivateAddresses(); + case ONLY_PUBLIC: + return node.getPublicAddresses(); + case PREFER_PRIVATE: + return Iterables.concat(node.getPrivateAddresses(), node.getPublicAddresses()); + case PREFER_PUBLIC: + default: + return Iterables.concat(node.getPublicAddresses(), node.getPrivateAddresses()); + } + } + + protected boolean isAddressResolvable(String addr) { + try { + Networking.getInetAddressWithFixedName(addr); + return true; // fine, it resolves + } catch (RuntimeException e) { + Exceptions.propagateIfFatal(e); + return false; + } + } + + protected Predicate<? super HostAndPort> getReachableAddressesPredicate(ConfigBag setup) { + if (setup.get(JcloudsLocation.POLL_FOR_FIRST_REACHABLE_ADDRESS_PREDICATE) != null) { + LOG.debug("{} polling for first reachable address with {}", + this, setup.get(JcloudsLocation.POLL_FOR_FIRST_REACHABLE_ADDRESS_PREDICATE)); + return setup.get(JcloudsLocation.POLL_FOR_FIRST_REACHABLE_ADDRESS_PREDICATE); + } else { + LOG.debug("{} polling for first reachable address with instance of {}", + this, JcloudsLocation.POLL_FOR_FIRST_REACHABLE_ADDRESS_PREDICATE_TYPE.getName()); + + Class<? extends Predicate<? super HostAndPort>> predicateType = + setup.get(JcloudsLocation.POLL_FOR_FIRST_REACHABLE_ADDRESS_PREDICATE_TYPE); + + Map<String, Object> args = MutableMap.of(); + ConfigUtils.addUnprefixedConfigKeyInConfigBack( + JcloudsLocation.POLL_FOR_FIRST_REACHABLE_ADDRESS_PREDICATE.getName() + ".", setup, args); + try { + return predicateType.getConstructor(Map.class).newInstance(args); + } catch (NoSuchMethodException | IllegalAccessException e) { + try { + return predicateType.newInstance(); + } catch (IllegalAccessException | InstantiationException newInstanceException) { + throw Exceptions.propagate("Instantiating " + predicateType + " failed.", newInstanceException); + } + } catch (InvocationTargetException | InstantiationException e) { + throw Exceptions.propagate("Problem trying to instantiate " + predicateType + " with Map constructor.", e); + } + } + } + + // -------------------------------------------------------------------------------------- + + protected boolean shouldTestCredentials() { + return Boolean.TRUE.equals(config().get(TEST_CREDENTIALS)); + } + + protected boolean testCredential( + JcloudsLocation location, HostAndPort hostAndPort, LoginCredentials credentials, + ConfigBag config, boolean isWindows) { + try { + if (isWindows) { + location.waitForWinRmAvailable(credentials, hostAndPort, config); + } else { + location.waitForSshable(hostAndPort, ImmutableList.of(credentials), config); + } + return true; + } catch (IllegalStateException e) { + return false; + } + } + + protected Iterable<LoginCredentials> getCredentialCandidates( + JcloudsLocation location, NodeMetadata node, ManagementAddressResolveOptions options, ConfigBag setup) { + LoginCredentials userCredentials = null; + // Figure out which login credentials to use. We only make a connection with + // initialCredentials when jclouds didn't do any sshing and wait for connectable is true. + // 0. if jclouds didn't do anything and we should wait for the machine then initial credentials is + // whatever waitForSshable determines and then create the user ourselves. + if (options.skipJcloudsSshing() && options.expectReachable()) { + if (options.isWindows()) { + return ImmutableList.of(options.getInitialCredentials()); + } else { + return location.generateCredentials(node.getCredentials(), setup.get(JcloudsLocationConfig.LOGIN_USER)); + } + } + + // 1. Were they configured by the user? + LoginCredentials customCredentials = setup.get(JcloudsLocation.CUSTOM_CREDENTIALS); --- End diff -- Is it worth some validation here for non-blank?
--- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---