public async Task <List <VmRuleDto> > GetRules(int vmId, CancellationToken cancellationToken = default)
{
var vm = await GetVirtualMachineResourceEntry(vmId, UserOperation.Study_Read);
//Get config string
var vmSettings = CloudResourceConfigStringSerializer.VmSettings(vm.ConfigString);
return(vmSettings.Rules != null ? vmSettings.Rules : new List <VmRuleDto>());
}
public static string GetOsName(CloudResource resource)
{
var vmSettings = CloudResourceConfigStringSerializer.VmSettings(resource.ConfigString);
if (vmSettings != null)
{
return(vmSettings.OperatingSystem);
}
return(null);
}
public async Task <ResourceProvisioningResult> Update(ResourceProvisioningParameters parameters, CancellationToken cancellationToken = default)
{
_logger.LogInformation($"Updating VM {parameters.Name}");
var vm = await GetInternalAsync(parameters.ResourceGroupName, parameters.Name);
var primaryNic = await _azure.NetworkInterfaces.GetByIdAsync(vm.PrimaryNetworkInterfaceId, cancellationToken);
var vmSettings = CloudResourceConfigStringSerializer.VmSettings(parameters.ConfigurationString);
await UpdateVmRules(parameters, vmSettings, primaryNic.PrimaryPrivateIP, cancellationToken);
var result = CreateCRUDResult(vm);
return(result);
}
async Task DeleteInternalAsync(string resourceGroupName, string virtualMachineName, string networkSecurityGroupName, string configString)
{
var vm = await GetInternalAsync(resourceGroupName, virtualMachineName, false);
if (vm == null)
{
_logger.LogWarning($"Virtual Machine {virtualMachineName} appears to be deleted allready");
return;
}
//Ensure resource is is managed by this instance
EnsureResourceIsManagedByThisIEnvironmentThrowIfNot(resourceGroupName, vm.Tags);
await _azure.VirtualMachines.DeleteByResourceGroupAsync(resourceGroupName, virtualMachineName);
//Delete all the disks
await DeleteDiskById(vm.OSDiskId);
foreach (var curNic in vm.NetworkInterfaceIds)
{
await DeleteNic(curNic);
}
foreach (var curDiskKvp in vm.DataDisks)
{
await DeleteDiskById(curDiskKvp.Value.Id);
}
//Delete VM rules
var vmSettings = CloudResourceConfigStringSerializer.VmSettings(configString);
foreach (var curRule in vmSettings.Rules)
{
try
{
await _azureNetworkSecurityGroupRuleService.DeleteRule(resourceGroupName, networkSecurityGroupName, curRule.Name);
}
catch (Exception)
{
_logger.LogWarning($"Delete VM: Failed to delete NSG rule {curRule.Name} for vm {virtualMachineName}. Assuming it has allready been deleted");
}
}
}
public async Task <VmRuleDto> GetRuleById(int vmId, string ruleId, CancellationToken cancellationToken = default)
{
var vm = await GetVirtualMachineResourceEntry(vmId, UserOperation.Study_Read);
//Get config string
var vmSettings = CloudResourceConfigStringSerializer.VmSettings(vm.ConfigString);
if (vmSettings.Rules != null)
{
foreach (var curExistingRule in vmSettings.Rules)
{
if (curExistingRule.Name == ruleId)
{
return(curExistingRule);
}
}
}
throw new NotFoundException($"Rule with id {ruleId} does not exist");
}
public static VmRuleDto GetInternetRule(CloudResource vmResource)
{
if (!String.IsNullOrWhiteSpace(vmResource.ConfigString))
{
var vmSettings = CloudResourceConfigStringSerializer.VmSettings(vmResource.ConfigString);
if (vmSettings != null && vmSettings.Rules != null)
{
foreach (var curRule in vmSettings.Rules)
{
if (curRule.Direction == RuleDirection.Outbound)
{
if (curRule.Name.Contains(AzureVmConstants.RulePresets.OPEN_CLOSE_INTERNET))
{
return(curRule);
}
}
}
}
}
return(null);
}
public async Task <VmRuleDto> GetInternetRule(int vmId)
{
var vm = await GetVirtualMachineResourceEntry(vmId, UserOperation.Study_Crud_Sandbox);
//Get config string
var vmSettings = CloudResourceConfigStringSerializer.VmSettings(vm.ConfigString);
if (vmSettings.Rules != null)
{
foreach (var curRule in vmSettings.Rules)
{
if (curRule.Direction == RuleDirection.Outbound)
{
if (curRule.Name.Contains(AzureVmConstants.RulePresets.OPEN_CLOSE_INTERNET))
{
return(curRule);
}
}
}
}
return(null);
}
public async Task <ResourceProvisioningResult> EnsureCreated(ResourceProvisioningParameters parameters, CancellationToken cancellationToken = default)
{
_logger.LogInformation($"Ensuring VM exists: {parameters.Name} in resource Group: {parameters.ResourceGroupName}");
var vmSettings = CloudResourceConfigStringSerializer.VmSettings(parameters.ConfigurationString);
var virtualMachine = await GetInternalAsync(parameters.ResourceGroupName, parameters.Name, false);
if (virtualMachine == null)
{
_logger.LogInformation($"VM {parameters.Name} did not exist in resource Group: {parameters.ResourceGroupName}, creating!");
var passwordReference = vmSettings.Password;
string password = await GetPasswordFromKeyVault(passwordReference);
string vmSize = vmSettings.Size;
virtualMachine = await CreateInternalAsync(GetRegionFromString(parameters.Region),
parameters.ResourceGroupName,
parameters.Name,
vmSettings.NetworkName, vmSettings.SubnetName,
vmSettings.Username, password,
vmSize, vmSettings.OperatingSystem, vmSettings.OperatingSystemCategory, parameters.Tags,
vmSettings.DiagnosticStorageAccountName, cancellationToken);
await DeletePasswordFromKeyVault(passwordReference);
if (vmSettings.DataDisks != null && vmSettings.DataDisks.Count > 0)
{
foreach (var curDisk in vmSettings.DataDisks)
{
var sizeAsInt = Convert.ToInt32(curDisk);
if (sizeAsInt == 0)
{
throw new Exception($"Illegal data disk size: {curDisk}");
}
await ApplyVmDataDisksInternalAsync(parameters.ResourceGroupName, parameters.Name, sizeAsInt, parameters.Tags);
}
}
_logger.LogInformation($"Done creating Virtual Machine for sandbox with Id: {parameters.SandboxId}! Id: {virtualMachine.Id}");
}
else
{
//Validate data disks
if (vmSettings.DataDisks != null && vmSettings.DataDisks.Count > 0)
{
if (virtualMachine.DataDisks.Count != vmSettings.DataDisks.Count)
{
throw new Exception($"Data disk(s) not created properly. Expected count of {vmSettings.DataDisks}, saw {vmSettings.DataDisks.Count} on VM");
}
}
}
var primaryNic = await _azure.NetworkInterfaces.GetByIdAsync(virtualMachine.PrimaryNetworkInterfaceId, cancellationToken);
//Add tags to NIC
await primaryNic.UpdateTags().WithTags(parameters.Tags).ApplyTagsAsync();
await UpdateVmRules(parameters, vmSettings, primaryNic.PrimaryPrivateIP, cancellationToken);
var result = CreateCRUDResult(virtualMachine);
return(result);
}
public async Task <List <VmRuleDto> > SetRules(int vmId, List <VmRuleDto> updatedRuleSet, CancellationToken cancellationToken = default)
{
var vm = await GetVirtualMachineResourceEntry(vmId, UserOperation.Study_Crud_Sandbox);
//Get config string
var vmSettings = CloudResourceConfigStringSerializer.VmSettings(vm.ConfigString);
await ValidateRuleUpdateInputThrowIfNot(vm, vmSettings.Rules, updatedRuleSet);
bool saveAfterwards = false;
if (updatedRuleSet == null || updatedRuleSet != null && updatedRuleSet.Count == 0) //Easy, all rules should be deleted
{
vmSettings.Rules = null;
saveAfterwards = true;
}
else
{
var newRules = updatedRuleSet.Where(r => String.IsNullOrWhiteSpace(r.Name)).ToList();
var rulesThatShouldExistAllready = updatedRuleSet.Where(r => !String.IsNullOrWhiteSpace(r.Name)).ToList();
//Check that the new rules does not have a duplicate in existing rules
foreach (var curNew in newRules)
{
ThrowIfRuleExists(rulesThatShouldExistAllready, curNew);
}
foreach (var curRule in updatedRuleSet)
{
if (curRule.Direction == RuleDirection.Inbound)
{
if (curRule.Action == RuleAction.Deny)
{
throw new ArgumentException("Inbound rules can only have Action: Allow");
}
if (String.IsNullOrWhiteSpace(curRule.Name))
{
curRule.Name = AzureResourceNameUtil.NsgRuleNameForVm(vmId);
//curRule.Priority = AzureVmUtil.GetNextVmRulePriority(updatedRuleSet, curRule.Direction);
}
}
else
{
if (String.IsNullOrWhiteSpace(curRule.Name) || !curRule.Name.Contains(AzureVmConstants.RulePresets.OPEN_CLOSE_INTERNET))
{
throw new ArgumentException("Custom outbound rules are not allowed");
}
}
}
vmSettings.Rules = updatedRuleSet;
saveAfterwards = true;
}
if (saveAfterwards)
{
vm.ConfigString = CloudResourceConfigStringSerializer.Serialize(vmSettings);
await _db.SaveChangesAsync();
await CreateUpdateOperationAndAddQueueItem(vm, "Updated rules");
}
return(updatedRuleSet != null ? updatedRuleSet : new List <VmRuleDto>());
}