2 * Copyright (c) 2016 Red Hat, Inc. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 package org.opendaylight.netvirt.aclservice.listeners;
10 import java.util.Collections;
11 import java.util.List;
12 import java.util.SortedSet;
13 import javax.annotation.PreDestroy;
14 import javax.inject.Inject;
15 import javax.inject.Singleton;
16 import org.opendaylight.genius.interfacemanager.interfaces.IInterfaceManager;
17 import org.opendaylight.infrautils.jobcoordinator.JobCoordinator;
18 import org.opendaylight.infrautils.utils.concurrent.Executors;
19 import org.opendaylight.mdsal.binding.api.ClusteredDataTreeChangeListener;
20 import org.opendaylight.mdsal.binding.api.DataBroker;
21 import org.opendaylight.mdsal.common.api.LogicalDatastoreType;
22 import org.opendaylight.netvirt.aclservice.api.AclInterfaceCache;
23 import org.opendaylight.netvirt.aclservice.api.AclServiceManager;
24 import org.opendaylight.netvirt.aclservice.api.AclServiceManager.Action;
25 import org.opendaylight.netvirt.aclservice.api.utils.AclInterface;
26 import org.opendaylight.netvirt.aclservice.utils.AclClusterUtil;
27 import org.opendaylight.netvirt.aclservice.utils.AclDataUtil;
28 import org.opendaylight.netvirt.aclservice.utils.AclServiceUtils;
29 import org.opendaylight.serviceutils.srm.RecoverableListener;
30 import org.opendaylight.serviceutils.srm.ServiceRecoveryRegistry;
31 import org.opendaylight.serviceutils.tools.listener.AbstractAsyncDataTreeChangeListener;
32 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana._if.type.rev170119.L2vlan;
33 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.InterfacesState;
34 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.state.Interface;
35 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
36 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionEgress;
37 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionIngress;
38 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAcl;
39 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
40 import org.slf4j.Logger;
41 import org.slf4j.LoggerFactory;
44 public class AclInterfaceStateListener extends AbstractAsyncDataTreeChangeListener<Interface>
45 implements ClusteredDataTreeChangeListener<Interface>, RecoverableListener {
47 private static final Logger LOG = LoggerFactory.getLogger(AclInterfaceStateListener.class);
49 /** Our registration. */
50 private final AclServiceManager aclServiceManger;
51 private final AclClusterUtil aclClusterUtil;
52 private final DataBroker dataBroker;
53 private final AclDataUtil aclDataUtil;
54 private final IInterfaceManager interfaceManager;
55 private final AclInterfaceCache aclInterfaceCache;
56 private final AclServiceUtils aclServiceUtils;
57 protected final JobCoordinator jobCoordinator;
60 public AclInterfaceStateListener(AclServiceManager aclServiceManger, AclClusterUtil aclClusterUtil,
61 DataBroker dataBroker, AclDataUtil aclDataUtil, IInterfaceManager interfaceManager,
62 AclInterfaceCache aclInterfaceCache, AclServiceUtils aclServicUtils, JobCoordinator jobCoordinator,
63 ServiceRecoveryRegistry serviceRecoveryRegistry) {
64 super(dataBroker, LogicalDatastoreType.OPERATIONAL,
65 InstanceIdentifier.create(InterfacesState.class).child(Interface.class),
66 Executors.newListeningSingleThreadExecutor("AclInterfaceStateListener", LOG));
67 this.aclServiceManger = aclServiceManger;
68 this.aclClusterUtil = aclClusterUtil;
69 this.dataBroker = dataBroker;
70 this.aclDataUtil = aclDataUtil;
71 this.interfaceManager = interfaceManager;
72 this.aclInterfaceCache = aclInterfaceCache;
73 this.aclServiceUtils = aclServicUtils;
74 this.jobCoordinator = jobCoordinator;
75 serviceRecoveryRegistry.addRecoverableListener(AclServiceUtils.getRecoverServiceRegistryKey(), this);
79 LOG.info("{} start", getClass().getSimpleName());
83 public void registerListener() {
88 public void deregisterListener() {
93 public void remove(InstanceIdentifier<Interface> key, Interface deleted) {
94 if (!L2vlan.class.equals(deleted.getType())) {
97 String interfaceId = deleted.getName();
98 AclInterface aclInterface = aclInterfaceCache.remove(interfaceId);
99 if (AclServiceUtils.isOfInterest(aclInterface)) {
100 List<Uuid> aclList = aclInterface.getSecurityGroups();
101 if (aclClusterUtil.isEntityOwner()) {
102 LOG.debug("On remove event, notify ACL service manager to remove ACL from interface: {}", aclInterface);
103 aclServiceManger.notify(aclInterface, null, Action.UNBIND);
104 aclServiceManger.notify(aclInterface, null, Action.REMOVE);
106 if (aclList != null) {
107 aclServiceUtils.deleteAclPortsLookup(aclInterface, aclList, aclInterface.getAllowedAddressPairs());
110 if (aclList != null) {
111 for (Uuid acl : aclList) {
112 jobCoordinator.enqueueJob(acl.getValue(), () -> {
113 aclDataUtil.removeAclInterfaceMap(acl, aclInterface);
114 return Collections.emptyList();
122 public void update(InstanceIdentifier<Interface> key, Interface before, Interface after) {
124 * The update is not of interest as the attributes populated from this listener will not change.
125 * The northbound updates are handled in AclInterfaceListener.
127 * We're only interested in update in cases where IfType got filled after creation.
129 if (before.getType() == null && L2vlan.class.equals(after.getType())) {
132 LOG.trace("Update event for AclInterfaceStateListener is not of interest.");
137 public void add(InstanceIdentifier<Interface> key, Interface added) {
138 if (!L2vlan.class.equals(added.getType())) {
142 if (aclInterfaceCache.get(added.getName()) == null) {
143 org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces
144 .Interface iface = interfaceManager.getInterfaceInfoFromConfigDataStore(added.getName());
146 LOG.error("No interface with name {} available in interfaceConfig, servicing interfaceState ADD"
147 + "for ACL failed", added.getName());
150 InterfaceAcl aclInPort = iface.augmentation(InterfaceAcl.class);
151 if (aclInPort == null) {
152 LOG.trace("Interface {} is not an ACL Interface, ignoring ADD interfaceState event",
156 aclInterfaceCache.addOrUpdate(added.getName(), (prevAclInterface, builder) -> {
157 builder.portSecurityEnabled(aclInPort.isPortSecurityEnabled())
158 .interfaceType(aclInPort.getInterfaceType()).securityGroups(aclInPort.getSecurityGroups())
159 .allowedAddressPairs(aclInPort.getAllowedAddressPairs()).subnetInfo(aclInPort.getSubnetInfo());
162 AclInterface aclInterface = aclInterfaceCache.addOrUpdate(added.getName(), (prevAclInterface, builder) -> {
163 builder.dpId(AclServiceUtils.getDpIdFromIterfaceState(added)).lPortTag(added.getIfIndex())
164 .isMarkedForDelete(false);
165 if (AclServiceUtils.isOfInterest(prevAclInterface)) {
166 SortedSet<Integer> ingressRemoteAclTags =
167 aclServiceUtils.getRemoteAclTags(prevAclInterface.getSecurityGroups(), DirectionIngress.class);
168 SortedSet<Integer> egressRemoteAclTags =
169 aclServiceUtils.getRemoteAclTags(prevAclInterface.getSecurityGroups(), DirectionEgress.class);
170 builder.ingressRemoteAclTags(ingressRemoteAclTags).egressRemoteAclTags(egressRemoteAclTags);
174 if (AclServiceUtils.isOfInterest(aclInterface)) {
175 List<Uuid> aclList = aclInterface.getSecurityGroups();
176 if (aclList != null) {
177 aclDataUtil.addOrUpdateAclInterfaceMap(aclList, aclInterface);
179 if (aclInterface.getElanId() == null) {
180 LOG.debug("On Add event, skip ADD since ElanId is not updated");
183 if (aclClusterUtil.isEntityOwner()) {
184 LOG.debug("On add event, notify ACL service manager to add ACL for interface: {}", aclInterface);
185 aclServiceManger.notify(aclInterface, null, Action.BIND);
186 if (aclList != null) {
187 aclServiceUtils.addAclPortsLookup(aclInterface, aclList, aclInterface.getAllowedAddressPairs());
189 aclServiceManger.notify(aclInterface, null, Action.ADD);
196 public void close() {
198 Executors.shutdownAndAwaitTermination(getExecutorService());