github.com/axw/juju@v0.0.0-20161005053422-4bd6544d08d4/provider/gce/google/network.go (about)

     1  // Copyright 2014 Canonical Ltd.
     2  // Licensed under the AGPLv3, see LICENCE file for details.
     3  
     4  package google
     5  
     6  import (
     7  	"google.golang.org/api/compute/v1"
     8  
     9  	"github.com/juju/juju/network"
    10  )
    11  
    12  const (
    13  	networkDefaultName = "default"
    14  	networkPathRoot    = "global/networks/"
    15  )
    16  
    17  // The different kinds of network access.
    18  const (
    19  	NetworkAccessOneToOneNAT = "ONE_TO_ONE_NAT" // the default
    20  )
    21  
    22  // NetworkSpec holds all the information needed to identify and create
    23  // a GCE network.
    24  type NetworkSpec struct {
    25  	// Name is the unqualified name of the network.
    26  	Name string
    27  	// TODO(ericsnow) support a CIDR for internal IP addr range?
    28  }
    29  
    30  // Path returns the qualified name of the network.
    31  func (ns *NetworkSpec) Path() string {
    32  	name := ns.Name
    33  	if name == "" {
    34  		name = networkDefaultName
    35  	}
    36  	return networkPathRoot + name
    37  }
    38  
    39  // newInterface builds up all the data needed by the GCE API to create
    40  // a new interface connected to the network.
    41  func (ns *NetworkSpec) newInterface(name string) *compute.NetworkInterface {
    42  	var access []*compute.AccessConfig
    43  	if name != "" {
    44  		// This interface has an internet connection.
    45  		access = append(access, &compute.AccessConfig{
    46  			Name: name,
    47  			Type: NetworkAccessOneToOneNAT,
    48  			// NatIP (only set if using a reserved public IP)
    49  		})
    50  		// TODO(ericsnow) Will we need to support more access configs?
    51  	}
    52  	return &compute.NetworkInterface{
    53  		Network:       ns.Path(),
    54  		AccessConfigs: access,
    55  	}
    56  }
    57  
    58  // firewallSpec expands a port range set in to compute.FirewallAllowed
    59  // and returns a compute.Firewall for the provided name.
    60  func firewallSpec(name string, ps network.PortSet) *compute.Firewall {
    61  	firewall := compute.Firewall{
    62  		// Allowed is set below.
    63  		// Description is not set.
    64  		Name: name,
    65  		// Network: (defaults to global)
    66  		// SourceTags is not set.
    67  		TargetTags:   []string{name},
    68  		SourceRanges: []string{"0.0.0.0/0"},
    69  	}
    70  
    71  	for _, protocol := range ps.Protocols() {
    72  		allowed := compute.FirewallAllowed{
    73  			IPProtocol: protocol,
    74  			Ports:      ps.PortStrings(protocol),
    75  		}
    76  		firewall.Allowed = append(firewall.Allowed, &allowed)
    77  	}
    78  	return &firewall
    79  }
    80  
    81  func extractAddresses(interfaces ...*compute.NetworkInterface) []network.Address {
    82  	var addresses []network.Address
    83  
    84  	for _, netif := range interfaces {
    85  		// Add public addresses.
    86  		for _, accessConfig := range netif.AccessConfigs {
    87  			if accessConfig.NatIP == "" {
    88  				continue
    89  			}
    90  			address := network.Address{
    91  				Value: accessConfig.NatIP,
    92  				Type:  network.IPv4Address,
    93  				Scope: network.ScopePublic,
    94  			}
    95  			addresses = append(addresses, address)
    96  
    97  		}
    98  
    99  		// Add private address.
   100  		if netif.NetworkIP == "" {
   101  			continue
   102  		}
   103  		address := network.Address{
   104  			Value: netif.NetworkIP,
   105  			Type:  network.IPv4Address,
   106  			Scope: network.ScopeCloudLocal,
   107  		}
   108  		addresses = append(addresses, address)
   109  	}
   110  
   111  	return addresses
   112  }