private InstanceType determineType(NetworkInterface iface) { String ownerId; if(iface.getAssociation() != null) { ownerId = iface.getAssociation().getIpOwnerId(); } else if(iface.getRequesterId().equals("amazon-rds")) { ownerId = "amazon-rds"; } else { LOG.debug("AWS network interface with no association: [{}]", iface.getDescription()); return InstanceType.UNKNOWN; } // not using switch here because it might become nasty complicated for other instance types if("amazon".equals(ownerId)) { return InstanceType.EC2; } else if("amazon-elb".equals(ownerId)) { return InstanceType.ELB; } else if("amazon-rds".equals(ownerId)) { return InstanceType.RDS; } else { return InstanceType.UNKNOWN; } }
@Override @SuppressWarnings("rawtypes") protected boolean isEqual(AbstractResource newResource) { NetworkInterface oldNetworkInterface = this.getResource(); Ec2NetworkInterface newEc2NetworkInterface = (Ec2NetworkInterface) newResource; NetworkInterface newNetworkInterface = newEc2NetworkInterface.getResource(); if (notEqual(oldNetworkInterface.getNetworkInterfaceId(), newNetworkInterface.getNetworkInterfaceId())) return false; if (notEqual(oldNetworkInterface.getOwnerId(), newNetworkInterface.getOwnerId())) return false; if (notEqual(oldNetworkInterface.getRequesterId(), newNetworkInterface.getRequesterId())) return false; if (notEqual(oldNetworkInterface.getRequesterManaged(), newNetworkInterface.getRequesterManaged())) return false; if (notEqual(oldNetworkInterface.getStatus(), newNetworkInterface.getStatus())) return false; if (notEqual(oldNetworkInterface.getMacAddress(), newNetworkInterface.getMacAddress())) return false; if (notEqual(oldNetworkInterface.getPrivateIpAddress(), newNetworkInterface.getPrivateIpAddress())) return false; if (notEqual(oldNetworkInterface.getPrivateDnsName(), newNetworkInterface.getPrivateDnsName())) return false; if (notEqual(oldNetworkInterface.getSourceDestCheck(), newNetworkInterface.getSourceDestCheck())) return false; if (notEqualCollection(oldNetworkInterface.getGroups(), newNetworkInterface.getGroups())) return false; if (notEqual(oldNetworkInterface.getAttachment(), newNetworkInterface.getAttachment())) return false; if (notEqual(oldNetworkInterface.getAssociation(), newNetworkInterface.getAssociation())) return false; if (notEqualCollection(oldNetworkInterface.getTagSet(), newNetworkInterface.getTagSet())) return false; if (notEqualCollection(oldNetworkInterface.getPrivateIpAddresses(), newNetworkInterface.getPrivateIpAddresses())) return false; return true; }
@Override protected void update(List<Event> result, Ec2NetworkInterface oldResource, Ec2NetworkInterface newResource) { NetworkInterface oldNI = oldResource.getResource(); NetworkInterface newNI = newResource.getResource(); if (notEqual(oldNI.getStatus(), newNI.getStatus())) { if (newNI.getStatus().equals("available")) { result.add(createEvent(oldResource, newResource, EventType.Ec2_Network_Interface_Detached)); } else if (newNI.getStatus().equals("in-use")) { result.add(createEvent(oldResource, newResource, EventType.Ec2_Network_Interface_Attached, newNI.getAttachment().getInstanceId())); } else { throw new ClouckUnexpectedConditionException("status should only be available or in-use, but got:" + newNI.getStatus()); } } if (notEqual(oldNI.getSourceDestCheck(), newNI.getSourceDestCheck())) { result.add(createEvent(oldResource, newResource, newNI.getSourceDestCheck() ? EventType.Ec2_Network_Interface_Source_Dest_Check_Enabled : EventType.Ec2_Network_Interface_Source_Dest_Check_Disabled)); } if (notEqual(oldNI.getDescription(), newNI.getDescription())) { result.add(createEvent(oldResource, newResource, EventType.Ec2_Network_Interface_Description_Updated, newNI.getDescription())); } compareSecurityGroups(result, oldNI.getGroups(), newNI.getGroups(), oldResource, newResource); // compareNetworkInterfaceSecondaryPrivateIpAddress(result, oldNI.getPrivateIpAddresses(), newNI.getPrivateIpAddresses(), newResource, oldVersion, newVersion); compareTags(result, oldNI.getTagSet(), newNI.getTagSet(), oldResource, newResource); }
private void disableSrcDestCheck(List<VPNEndpoint> vpnEndpoints) { for (VPNEndpoint vpnEndpoint : vpnEndpoints) { ec2Client.setEndpoint(vpnEndpoint.getRegion().getEndpoint()); Instance instance = vpnEndpoint.getInstance(); List<NetworkInterface> networkInterfaces = ec2Client.describeNetworkInterfaces().getNetworkInterfaces(); for (NetworkInterface nic : networkInterfaces) { if (nic.getAttachment().getInstanceId().equals(instance.getInstanceId())) { ModifyNetworkInterfaceAttributeRequest modifyNicAttribute = new ModifyNetworkInterfaceAttributeRequest(); modifyNicAttribute.setNetworkInterfaceId(nic.getNetworkInterfaceId()); modifyNicAttribute.setSourceDestCheck(false); ec2Client.modifyNetworkInterfaceAttribute(modifyNicAttribute); LOG.debug("Disabled Src/Dest check on " + instance.getInstanceId()); } } } }
private void addNetworks(Project project, Cloud cloud, String region, Api api) { try { Map<String, Network> networks = api.listNetworks().stream() .collect(Collectors.toMap( NetworkInterface::getSubnetId, n -> new Network() { { setId(n.getNetworkInterfaceId()); setName(n.getDescription()); setState(n.getStatus()); setIsShared(true); } } )); api.listSubnets().forEach(s -> { String subnetId = s.getSubnetId(); if (networks.containsKey(subnetId)) { Network network = networks.get(subnetId); Subnet subnet = processSubnet(s); network.setSubnets(Collections.singletonList(subnet)); } }); project.getNetworks().addAll(networks.values()); } catch (Exception e) { LOG.debug("Failed to fetch networks information for cloud = {}, region = {}", cloud.getName(), region); } }
public DiscoveredInstance findByIp(String ip) { try { // Let's see if this is an EC2 instance maybe? if (ec2Instances.containsKey(ip)) { Instance instance = ec2Instances.get(ip); LOG.debug("Found IP [{}] in EC2 instance lookup table.", ip); return new DiscoveredEC2Instance(instance.getInstanceId(), getNameOfInstance(instance)); } // If it's not an EC2 instance, we might still find it in our list of network interfaces. if(networkInterfaces.containsKey(ip)) { NetworkInterface iface = networkInterfaces.get(ip); switch (determineType(iface)) { case RDS: return new DiscoveredRDSInstance(null, null); case EC2: // handled directly via separate EC2 table above break; case ELB: return new DiscoveredELBInstance(getELBNameFromInterface(iface), null); case UNKNOWN: LOG.debug("IP [{}] in table of network interfaces but of unknown instance type.", ip); return DiscoveredInstance.UNDISCOVERED; } } // The IP address is not known to us. This most likely means it is an external public IP. return DiscoveredInstance.UNDISCOVERED; } catch(Exception e) { LOG.error("Error when trying to match IP to AWS instance. Marking as undiscovered.", e); return DiscoveredInstance.UNDISCOVERED; } }
private String getELBNameFromInterface(NetworkInterface iface) { try { String[] parts = iface.getDescription().split(" "); if (parts.length == 2) { return parts[1]; } else { LOG.warn("Unexpected ELB name in network interface description: [{}]", iface.getDescription()); return "unknown-name"; } } catch(Exception e) { LOG.warn("Could not get ELB name from network interface description. Description was [{}]", iface.getDescription(), e); return "unknown-name"; } }
public List<AbstractResource<?>> toEc2NetworkInterfaces(List<NetworkInterface> networkInterfaces, String accountId, Region region, DateTime dt) { List<AbstractResource<?>> resources = new ArrayList<>(); for (NetworkInterface networkInterface : networkInterfaces) { Ec2NetworkInterface ec2NetworkInterface = new Ec2NetworkInterface(); conf(ec2NetworkInterface, accountId, region, dt); ec2NetworkInterface.setResource(networkInterface); resources.add(ec2NetworkInterface); } log.debug("{} network interfaces found via api and converted to Ec2NetworkInterface", resources.size()); return resources; }
