/** * Adds a firewall rule to the default network so that we can connect to our clients externally. */ private void createFirewall() throws IOException { Firewall firewallRule = new Firewall() .setName("cloud-loadtest-framework-firewall-rule") .setDescription("A firewall rule to allow the driver to coordinate load test instances.") .setAllowed(ImmutableList.of( new Firewall.Allowed() .setIPProtocol("tcp") .setPorts(Collections.singletonList("5000")))); try { compute.firewalls().insert(projectName, firewallRule).execute(); } catch (GoogleJsonResponseException e) { if (e.getStatusCode() != ALREADY_EXISTS) { throw e; } compute.firewalls() .update(projectName, "cloud-loadtest-framework-firewall-rule", firewallRule).execute(); } }
int idx = firewall.getNetwork().lastIndexOf('/'); String networkName = idx >= 0 ? firewall.getNetwork().substring(idx + 1) : firewall.getNetwork(); if (!networkName.equals(network)) { continue; String direction = firewall.getDirection(); if (!"INGRESS".equals(direction) || firewall.getAllowed() == null) { continue; for (Firewall.Allowed allowed : firewall.getAllowed()) { String protocol = allowed.getIPProtocol(); boolean addTag = false; if (addTag && firewall.getTargetTags() != null && !firewall.getTargetTags().isEmpty()) { tags.add(firewall.getTargetTags().iterator().next());
.setIPProtocol("tcp"); Firewall firewallSsh = new Firewall() .setNetwork(networkUrl) .setAllowed(Collections.singletonList(allowSsh)) .setName(networkName + "-allow-ssh") .setSourceRanges(Collections.singletonList("0.0.0.0/0")); allowInteral.add(allowInternalIcmp); Firewall firewallInternal = new Firewall() .setNetwork(networkUrl) .setAllowed(allowInteral) .setName(networkName + "-allow-internal") .setSourceRanges(Collections.singletonList("10.0.0.0/8"));
.setIPProtocol("tcp"); Firewall firewallSsh = new Firewall() .setNetwork(networkUrl) .setAllowed(Collections.singletonList(allowSsh)) .setName(networkName + "-allow-ssh") .setSourceRanges(Collections.singletonList("0.0.0.0/0")); allowInteral.add(allowInternalIcmp); Firewall firewallInternal = new Firewall() .setNetwork(networkUrl) .setAllowed(allowInteral) .setName(networkName + "-allow-internal") .setSourceRanges(Collections.singletonList("10.0.0.0/8"));