groupbasedpolicy/src/main/yang/renderermanager/resolved-policy.yang

   1 /*
   2  * Copyright (c) 2015 Huawei Technologies and others.  All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8
   9 module resolved-policy {
  10     yang-version 1;
  11
  12     namespace "urn:opendaylight:groupbasedpolicy:resolved-policy";
  13     prefix "resolved-policy";
  14
  15     import ietf-inet-types { prefix "inet"; revision-date 2010-09-24; }
  16
  17     import gbp-common { prefix gbp-common; }
  18     import endpoint { prefix endpoint; }
  19     import policy { prefix policy; }
  20
  21     description
  22         "This module defines the resolved policy for all tenants in interest
  23         for renderers.";
  24
  25     revision "2015-08-28" {
  26         description
  27                 "Initial revision.";
  28     }
  29
  30     grouping has-endpoint-conditions {
  31         container endpoint-conditions {
  32             description "A set of conditions for endpoint.";
  33             list all-condition {
  34                 description "All specified conditions must match.";
  35                 key name;
  36                 leaf name {
  37                     description "A user-visible name for the condition.";
  38                     type gbp-common:condition-name;
  39                 }
  40             }
  41             list none-condition {
  42                 description "None of the specified conditions can match.";
  43                 key name;
  44                 leaf name {
  45                     description "A user-visible name for the condition.";
  46                     type gbp-common:condition-name;
  47                 }
  48             }
  49             list any-condition {
  50                 description "At least one of the specified conditions must match.";
  51                 leaf name {
  52                     description "A user-visible name for the condition.";
  53                     type gbp-common:condition-name;
  54                 }
  55             }
  56         }
  57     }
  58
  59     grouping has-endpoint-constraints {
  60         description "Constraints for an endpoint.";
  61         uses has-endpoint-conditions;
  62         uses policy:has-endpoint-identification-constraints;
  63     }
  64
  65     grouping has-classifiers {
  66         list classifier {
  67             key name;
  68             leaf name {
  69                 description "A name for the classifier instance";
  70                 type gbp-common:classifier-name;
  71                 mandatory true;
  72             }
  73             leaf classifier-definition-id {
  74                 type leafref {
  75                     path "/policy:subject-feature-definitions/policy:classifier-definition/policy:id";
  76                 }
  77             }
  78             leaf connection-tracking {
  79                 description
  80                     "Set up connection tracking for this classifier,
  81                      which allows the traffic in the reverse direction
  82                      as connections are established.  This enables
  83                      rules that allow connections to be initiated only
  84                      from one side, but once initiated the two sides
  85                      can communicate for that connection.";
  86
  87                 default normal;
  88                 type enumeration {
  89                     enum normal {
  90                         description
  91                             "Match only traffic matching the classifier
  92                              strictly";
  93                     }
  94                     enum reflexive {
  95                         description
  96                             "Additionally match reverse traffic for
  97                              connections";
  98                     }
  99                 }
 100             }
 101             uses policy:has-direction;
 102             uses policy:subject-feature-instance;
 103         }
 104     }
 105
 106     grouping has-actions {
 107         list action {
 108             key "name";
 109             leaf name {
 110                 description "A name for the action.";
 111                 type gbp-common:action-name;
 112                 mandatory true;
 113             }
 114             leaf action-definition-id {
 115                 type leafref {
 116                     path "/policy:subject-feature-definitions/policy:action-definition/policy:id";
 117                 }
 118             }
 119             uses policy:has-order;
 120             uses policy:subject-feature-instance;
 121         }
 122     }
 123
 124     grouping has-consumer-epg-key {
 125         leaf consumer-tenant-id {
 126             description "The consumer tenant id";
 127             mandatory true;
 128             type gbp-common:tenant-id;
 129         }
 130
 131         leaf consumer-epg-id {
 132             description "The consumer endpoint group id";
 133             mandatory true;
 134             type gbp-common:endpoint-group-id;
 135         }
 136     }
 137
 138     grouping has-provider-epg-key {
 139         leaf provider-tenant-id {
 140             description "The provider tenant id";
 141             mandatory true;
 142             type gbp-common:tenant-id;
 143         }
 144
 145         leaf provider-epg-id {
 146             description "The provider endpoint group id";
 147             mandatory true;
 148             type gbp-common:endpoint-group-id;
 149         }
 150     }
 151
 152     grouping has-resolved-rules {
 153         list resolved-rule {
 154             key name;
 155             leaf name {
 156                 description "A name for the rule";
 157                 type gbp-common:rule-name;
 158                  mandatory true;
 159              }
 160              uses has-classifiers;
 161              uses has-actions;
 162              uses policy:has-order;
 163         }
 164     }
 165
 166     grouping has-contract-key {
 167         leaf tenant-id {
 168             description "Related tenant id";
 169             type gbp-common:tenant-id;
 170         }
 171
 172         leaf contract-id {
 173             description "Related contract id";
 174             type gbp-common:contract-id;
 175         }
 176     }
 177
 178     grouping has-subject-key {
 179         uses has-contract-key;
 180
 181         leaf subject-name {
 182             description "Related subject name.";
 183             type gbp-common:subject-name;
 184         }
 185     }
 186
 187     container resolved-policies {
 188         config false;
 189         list resolved-policy {
 190             description "Policies between consumer endpoint groups and provider
 191                          endpoint groups";
 192             key "consumer-tenant-id consumer-epg-id provider-tenant-id provider-epg-id";
 193             uses has-consumer-epg-key;
 194             uses has-provider-epg-key;
 195
 196             leaf external-implicit-group {
 197                 description "If present, denotes which EPG in key is an external implicit group.";
 198                 type enumeration {
 199                     enum consumer-epg;
 200                     enum provider-epg;
 201                 }
 202             }
 203
 204             list policy-rule-group-with-endpoint-constraints {
 205                description "The policy rule groups that apply to a single pair of endpoint
 206                             groups";
 207
 208                container consumer-endpoint-constraints {
 209                    description "Constraints for consumer endpoints";
 210                    uses has-endpoint-constraints;
 211                }
 212
 213                container provider-endpoint-constraints {
 214                    description "Constraints for provider endpoints";
 215                    uses has-endpoint-constraints;
 216                }
 217
 218                list policy-rule-group {
 219                    description "A specific policy rule group that apply to each pair of endpoints meeting constraints.
 220                        The policy rule group represents the subject with resolved rules.";
 221                    key "tenant-id contract-id subject-name";
 222                    uses has-subject-key;
 223                    uses policy:has-order;
 224                    uses has-resolved-rules;
 225                }
 226            }
 227        }
 228    }
 229 }