How to use

insertIptablesRule

method

in

org.apache.brooklyn.util.ssh.IptablesCommands

private List<String> createIptablesRulesForNetworkInterface(Iterable<Integer> ports) {
  List<String> iptablesRules = Lists.newArrayList();
  for (Integer port : ports) {
    iptablesRules.add(IptablesCommands.insertIptablesRule(Chain.INPUT, Protocol.TCP, port, Policy.ACCEPT));
  }
  return iptablesRules;
 }

/** @deprecated since 0.7.0; use {@link #insertIptablesRule(Chain, String, org.apache.brooklyn.util.net.Protocol, int, Policy)} */
@Deprecated
public static String insertIptablesRule(Chain chain, String networkInterface, Protocol protocol, int port, Policy policy) {
  return insertIptablesRule(chain, networkInterface, protocol.convert(), port, policy);
}

/** @deprecated since 0.7.0; use {@link #insertIptablesRule(Chain, org.apache.brooklyn.util.net.Protocol, int, Policy)} */
@Deprecated
public static String insertIptablesRule(Chain chain, Protocol protocol, int port, Policy policy) {
  return insertIptablesRule(chain, protocol.convert(), port, policy);
}

@Test
public void testInsertIptablesRulesForAllInterfaces() {
  Assert.assertEquals(IptablesCommands.insertIptablesRule(Chain.INPUT, Protocol.TCP, 3306, Policy.ACCEPT),
      insertIptablesRuleAll);
}

@Test
public void testInsertIptablesRules() {
  Assert.assertEquals(IptablesCommands.insertIptablesRule(Chain.INPUT, "eth0", Protocol.TCP, 3306, Policy.ACCEPT),
      insertIptablesRule);
}

private void addIptablesRule(Integer port) {
  if (getOwner().config().get(DockerHost.OPEN_IPTABLES)) {
    LOG.debug("Using iptables to add access for TCP/{} to {}", port, hostMachine);
    List<String> commands = ImmutableList.of(
        sudo("iptables -L INPUT -nv | grep -q 'tcp dpt:"+port+"'"),
        format("if [ $? -eq 0 ]; then ( %s ); else ( %s ); fi",
            sudo("iptables -C INPUT -s 0/0 -p tcp --dport "+port+" -j ACCEPT"),
            IptablesCommands.insertIptablesRule(Chain.INPUT, Protocol.TCP, port, Policy.ACCEPT)));
    int result = hostMachine.execCommands(format("Open iptables TCP/%d", port), commands);
    if (result != 0) {
      String msg = format("Error running iptables update for TCP/%d on %s", port, hostMachine);
      LOG.error(msg);
      throw new RuntimeException(msg);
    }
  }
}

  public void test(String osRegex) throws Exception {
    MariaDbNode mariadb = app.createAndManageChild(EntitySpec.create(MariaDbNode.class)
        .configure(DatastoreCommon.CREATION_SCRIPT_CONTENTS, CREATION_SCRIPT));

    BrooklynProperties brooklynProperties = mgmt.getBrooklynProperties();
    brooklynProperties.put("brooklyn.location.jclouds.rackspace-cloudservers-uk.imageNameRegex", osRegex);
    brooklynProperties.remove("brooklyn.location.jclouds.rackspace-cloudservers-uk.image-id");
    brooklynProperties.remove("brooklyn.location.jclouds.rackspace-cloudservers-uk.imageId");
    brooklynProperties.put("brooklyn.location.jclouds.rackspace-cloudservers-uk.inboundPorts", Arrays.asList(22, 3306));
    JcloudsLocation jcloudsLocation = (JcloudsLocation) mgmt.getLocationRegistry().getLocationManaged("jclouds:rackspace-cloudservers-uk");

    app.start(ImmutableList.of(jcloudsLocation));

    SshMachineLocation l = (SshMachineLocation) mariadb.getLocations().iterator().next();
    l.execCommands("add iptables rule", ImmutableList.of(IptablesCommands.insertIptablesRule(Chain.INPUT, Protocol.TCP, 3306, Policy.ACCEPT)));

    new VogellaExampleAccess("com.mysql.jdbc.Driver", mariadb.getAttribute(DatastoreCommon.DATASTORE_URL)).readModifyAndRevertDataBase();
  } 
}

  public void test(String osRegex) throws Exception {
    MySqlNode mysql = app.createAndManageChild(EntitySpec.create(MySqlNode.class)
        .configure(DatastoreCommon.CREATION_SCRIPT_CONTENTS, CREATION_SCRIPT)
        .configure("test.table.name", "COMMENTS"));

    BrooklynProperties brooklynProperties = mgmt.getBrooklynProperties();
    brooklynProperties.put("brooklyn.location.jclouds.rackspace-cloudservers-uk.imageNameRegex", osRegex);
    brooklynProperties.remove("brooklyn.location.jclouds.rackspace-cloudservers-uk.image-id");
    brooklynProperties.remove("brooklyn.location.jclouds.rackspace-cloudservers-uk.imageId");
    brooklynProperties.put("brooklyn.location.jclouds.rackspace-cloudservers-uk.inboundPorts", Arrays.asList(22, 3306));
    JcloudsLocation jcloudsLocation = (JcloudsLocation) mgmt.getLocationRegistry().getLocationManaged("jclouds:rackspace-cloudservers-uk");

    app.start(ImmutableList.of(jcloudsLocation));

    SshMachineLocation l = (SshMachineLocation) mysql.getLocations().iterator().next();
    l.execCommands("add iptables rule", ImmutableList.of(IptablesCommands.insertIptablesRule(Chain.INPUT, Protocol.TCP, 3306, Policy.ACCEPT)));

    new VogellaExampleAccess("com.mysql.jdbc.Driver", mysql.getAttribute(DatastoreCommon.DATASTORE_URL)).readModifyAndRevertDataBase();
  } 
}

  public void test(String osRegex) throws Exception {
    PostgreSqlNode psql = app.createAndManageChild(EntitySpec.create(PostgreSqlNode.class)
        .configure(DatastoreCommon.CREATION_SCRIPT_CONTENTS, CREATION_SCRIPT)
        .configure(PostgreSqlNode.POSTGRESQL_PORT, PortRanges.fromInteger(5432))
        .configure(PostgreSqlNode.SHARED_MEMORY, "32MB"));

    mgmt.getBrooklynProperties().put("brooklyn.location.jclouds.rackspace-cloudservers-uk.imageNameRegex", osRegex);
    mgmt.getBrooklynProperties().remove("brooklyn.location.jclouds.rackspace-cloudservers-uk.image-id");
    mgmt.getBrooklynProperties().remove("brooklyn.location.jclouds.rackspace-cloudservers-uk.imageId");
    mgmt.getBrooklynProperties().put("brooklyn.location.jclouds.rackspace-cloudservers-uk.inboundPorts", Arrays.asList(22, 5432));
    JcloudsLocation jcloudsLocation = (JcloudsLocation) mgmt.getLocationRegistry().getLocationManaged("jclouds:rackspace-cloudservers-uk");

    app.start(ImmutableList.of(jcloudsLocation));

    SshMachineLocation l = (SshMachineLocation) psql.getLocations().iterator().next();
    l.execCommands("add iptables rule", ImmutableList.of(IptablesCommands.insertIptablesRule(Chain.INPUT, Protocol.TCP, 5432, Policy.ACCEPT)));

    String url = psql.getAttribute(DatastoreCommon.DATASTORE_URL);
    new VogellaExampleAccess("org.postgresql.Driver", url).readModifyAndRevertDataBase();
  }
}

public void test(String osRegex) throws Exception {
  PostgreSqlNode db1 = app.createAndManageChild(EntitySpec.create(PostgreSqlNode.class)
      .configure(DatastoreCommon.CREATION_SCRIPT_CONTENTS, PostgreSqlIntegrationTest.CREATION_SCRIPT)
      .configure(PostgreSqlNode.POSTGRESQL_PORT, PortRanges.fromInteger(9111)));
  PostgreSqlNode db2 = app.createAndManageChild(EntitySpec.create(PostgreSqlNode.class)
      .configure(DatastoreCommon.CREATION_SCRIPT_CONTENTS, PostgreSqlIntegrationTest.CREATION_SCRIPT)
      .configure(PostgreSqlNode.POSTGRESQL_PORT, PortRanges.fromInteger(9111)));
  BrooklynProperties brooklynProperties = mgmt.getBrooklynProperties();
  brooklynProperties.put("brooklyn.location.jclouds.rackspace-cloudservers-uk.imageNameRegex", osRegex);
  brooklynProperties.remove("brooklyn.location.jclouds.rackspace-cloudservers-uk.image-id");
  brooklynProperties.remove("brooklyn.location.jclouds.rackspace-cloudservers-uk.imageId");
  brooklynProperties.put("brooklyn.location.jclouds.rackspace-cloudservers-uk.inboundPorts", Arrays.asList(22, 9111));
  Location loc = mgmt.getLocationRegistry().getLocationManaged("jclouds:rackspace-cloudservers-uk");
  
  startInLocation(app, db1, db2, loc);
  //hack to get the port for mysql open; is the inbounds property not respected on rackspace??
  for (DatastoreCommon node : ImmutableSet.of(db1, db2)) {
    SshMachineLocation l = (SshMachineLocation) node.getLocations().iterator().next();
    l.execCommands("add iptables rule", ImmutableList.of(IptablesCommands.insertIptablesRule(Chain.INPUT, Protocol.TCP, 9111, Policy.ACCEPT)));
  }
  testReplication(db1, db2);
}