2 * Copyright (c) 2016 Red Hat, Inc. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 package org.opendaylight.netvirt.aclservice.listeners;
10 import java.util.ArrayList;
11 import java.util.Collections;
12 import java.util.List;
13 import java.util.SortedSet;
14 import javax.annotation.PreDestroy;
15 import javax.inject.Inject;
16 import javax.inject.Singleton;
17 import org.opendaylight.genius.interfacemanager.interfaces.IInterfaceManager;
18 import org.opendaylight.infrautils.jobcoordinator.JobCoordinator;
19 import org.opendaylight.infrautils.utils.concurrent.Executors;
20 import org.opendaylight.mdsal.binding.api.ClusteredDataTreeChangeListener;
21 import org.opendaylight.mdsal.binding.api.DataBroker;
22 import org.opendaylight.mdsal.common.api.LogicalDatastoreType;
23 import org.opendaylight.netvirt.aclservice.api.AclInterfaceCache;
24 import org.opendaylight.netvirt.aclservice.api.AclServiceManager;
25 import org.opendaylight.netvirt.aclservice.api.AclServiceManager.Action;
26 import org.opendaylight.netvirt.aclservice.api.utils.AclInterface;
27 import org.opendaylight.netvirt.aclservice.utils.AclClusterUtil;
28 import org.opendaylight.netvirt.aclservice.utils.AclDataUtil;
29 import org.opendaylight.netvirt.aclservice.utils.AclServiceUtils;
30 import org.opendaylight.serviceutils.srm.RecoverableListener;
31 import org.opendaylight.serviceutils.srm.ServiceRecoveryRegistry;
32 import org.opendaylight.serviceutils.tools.listener.AbstractAsyncDataTreeChangeListener;
33 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana._if.type.rev170119.L2vlan;
34 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.InterfacesState;
35 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.state.Interface;
36 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
37 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionEgress;
38 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionIngress;
39 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAcl;
40 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs;
41 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.SubnetInfo;
42 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
43 import org.slf4j.Logger;
44 import org.slf4j.LoggerFactory;
47 public class AclInterfaceStateListener extends AbstractAsyncDataTreeChangeListener<Interface>
48 implements ClusteredDataTreeChangeListener<Interface>, RecoverableListener {
50 private static final Logger LOG = LoggerFactory.getLogger(AclInterfaceStateListener.class);
52 /** Our registration. */
53 private final AclServiceManager aclServiceManger;
54 private final AclClusterUtil aclClusterUtil;
55 private final DataBroker dataBroker;
56 private final AclDataUtil aclDataUtil;
57 private final IInterfaceManager interfaceManager;
58 private final AclInterfaceCache aclInterfaceCache;
59 private final AclServiceUtils aclServiceUtils;
60 protected final JobCoordinator jobCoordinator;
63 public AclInterfaceStateListener(AclServiceManager aclServiceManger, AclClusterUtil aclClusterUtil,
64 DataBroker dataBroker, AclDataUtil aclDataUtil, IInterfaceManager interfaceManager,
65 AclInterfaceCache aclInterfaceCache, AclServiceUtils aclServicUtils, JobCoordinator jobCoordinator,
66 ServiceRecoveryRegistry serviceRecoveryRegistry) {
67 super(dataBroker, LogicalDatastoreType.OPERATIONAL,
68 InstanceIdentifier.create(InterfacesState.class).child(Interface.class),
69 Executors.newListeningSingleThreadExecutor("AclInterfaceStateListener", LOG));
70 this.aclServiceManger = aclServiceManger;
71 this.aclClusterUtil = aclClusterUtil;
72 this.dataBroker = dataBroker;
73 this.aclDataUtil = aclDataUtil;
74 this.interfaceManager = interfaceManager;
75 this.aclInterfaceCache = aclInterfaceCache;
76 this.aclServiceUtils = aclServicUtils;
77 this.jobCoordinator = jobCoordinator;
78 serviceRecoveryRegistry.addRecoverableListener(AclServiceUtils.getRecoverServiceRegistryKey(), this);
82 LOG.info("{} start", getClass().getSimpleName());
86 public void registerListener() {
91 public void deregisterListener() {
96 public void remove(InstanceIdentifier<Interface> key, Interface deleted) {
97 if (!L2vlan.class.equals(deleted.getType())) {
100 String interfaceId = deleted.getName();
101 AclInterface aclInterface = aclInterfaceCache.remove(interfaceId);
102 if (AclServiceUtils.isOfInterest(aclInterface)) {
103 List<Uuid> aclList = aclInterface.getSecurityGroups();
104 if (aclClusterUtil.isEntityOwner()) {
105 LOG.debug("On remove event, notify ACL service manager to remove ACL from interface: {}", aclInterface);
106 aclServiceManger.notify(aclInterface, null, Action.UNBIND);
107 aclServiceManger.notify(aclInterface, null, Action.REMOVE);
109 if (aclList != null) {
110 aclServiceUtils.deleteAclPortsLookup(aclInterface, aclList, aclInterface.getAllowedAddressPairs());
113 if (aclList != null) {
114 for (Uuid acl : aclList) {
115 jobCoordinator.enqueueJob(acl.getValue(), () -> {
116 aclDataUtil.removeAclInterfaceMap(acl, aclInterface);
117 return Collections.emptyList();
125 public void update(InstanceIdentifier<Interface> key, Interface before, Interface after) {
127 * The update is not of interest as the attributes populated from this listener will not change.
128 * The northbound updates are handled in AclInterfaceListener.
130 * We're only interested in update in cases where IfType got filled after creation.
132 if (before.getType() == null && L2vlan.class.equals(after.getType())) {
135 LOG.trace("Update event for AclInterfaceStateListener is not of interest.");
140 public void add(InstanceIdentifier<Interface> key, Interface added) {
141 if (!L2vlan.class.equals(added.getType())) {
145 if (aclInterfaceCache.get(added.getName()) == null) {
146 org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces
147 .Interface iface = interfaceManager.getInterfaceInfoFromConfigDataStore(added.getName());
149 LOG.error("No interface with name {} available in interfaceConfig, servicing interfaceState ADD"
150 + "for ACL failed", added.getName());
153 InterfaceAcl aclInPort = iface.augmentation(InterfaceAcl.class);
154 if (aclInPort == null) {
155 LOG.trace("Interface {} is not an ACL Interface, ignoring ADD interfaceState event",
159 aclInterfaceCache.addOrUpdate(added.getName(), (prevAclInterface, builder) -> {
160 builder.portSecurityEnabled(aclInPort.isPortSecurityEnabled())
161 .interfaceType(aclInPort.getInterfaceType()).securityGroups(aclInPort.getSecurityGroups())
162 .allowedAddressPairs(new ArrayList<AllowedAddressPairs>(aclInPort
163 .getAllowedAddressPairs().values())).subnetInfo(new ArrayList<SubnetInfo>(aclInPort
164 .getSubnetInfo().values()));
167 AclInterface aclInterface = aclInterfaceCache.addOrUpdate(added.getName(), (prevAclInterface, builder) -> {
168 builder.dpId(AclServiceUtils.getDpIdFromIterfaceState(added)).lPortTag(added.getIfIndex())
169 .isMarkedForDelete(false);
170 if (AclServiceUtils.isOfInterest(prevAclInterface)) {
171 SortedSet<Integer> ingressRemoteAclTags =
172 aclServiceUtils.getRemoteAclTags(prevAclInterface.getSecurityGroups(), DirectionIngress.class);
173 SortedSet<Integer> egressRemoteAclTags =
174 aclServiceUtils.getRemoteAclTags(prevAclInterface.getSecurityGroups(), DirectionEgress.class);
175 builder.ingressRemoteAclTags(ingressRemoteAclTags).egressRemoteAclTags(egressRemoteAclTags);
179 if (AclServiceUtils.isOfInterest(aclInterface)) {
180 List<Uuid> aclList = aclInterface.getSecurityGroups();
181 if (aclList != null) {
182 aclDataUtil.addOrUpdateAclInterfaceMap(aclList, aclInterface);
184 if (aclInterface.getElanId() == null) {
185 LOG.debug("On Add event, skip ADD since ElanId is not updated");
188 if (aclClusterUtil.isEntityOwner()) {
189 LOG.debug("On add event, notify ACL service manager to add ACL for interface: {}", aclInterface);
190 aclServiceManger.notify(aclInterface, null, Action.BIND);
191 if (aclList != null) {
192 aclServiceUtils.addAclPortsLookup(aclInterface, aclList, aclInterface.getAllowedAddressPairs());
194 aclServiceManger.notify(aclInterface, null, Action.ADD);
201 public void close() {
203 Executors.shutdownAndAwaitTermination(getExecutorService());