2 * Copyright (c) 2016 Cisco Systems, Inc. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 package org.opendaylight.netconf.topology.singleton.impl;
10 import static com.google.common.base.Preconditions.checkState;
11 import static java.util.Objects.requireNonNull;
13 import com.google.common.annotations.VisibleForTesting;
14 import com.google.common.collect.Lists;
15 import com.google.common.util.concurrent.FutureCallback;
16 import com.google.common.util.concurrent.Futures;
17 import com.google.common.util.concurrent.ListenableFuture;
18 import com.google.common.util.concurrent.MoreExecutors;
19 import java.math.BigDecimal;
20 import java.net.InetSocketAddress;
22 import java.util.ArrayList;
23 import java.util.List;
25 import java.util.Optional;
26 import org.opendaylight.aaa.encrypt.AAAEncryptionService;
27 import org.opendaylight.netconf.api.NetconfMessage;
28 import org.opendaylight.netconf.client.NetconfClientSessionListener;
29 import org.opendaylight.netconf.client.conf.NetconfClientConfiguration;
30 import org.opendaylight.netconf.client.conf.NetconfReconnectingClientConfiguration;
31 import org.opendaylight.netconf.client.conf.NetconfReconnectingClientConfigurationBuilder;
32 import org.opendaylight.netconf.nettyutil.ReconnectStrategyFactory;
33 import org.opendaylight.netconf.nettyutil.TimedReconnectStrategyFactory;
34 import org.opendaylight.netconf.nettyutil.handler.ssh.authentication.AuthenticationHandler;
35 import org.opendaylight.netconf.nettyutil.handler.ssh.authentication.LoginPasswordHandler;
36 import org.opendaylight.netconf.sal.connect.api.DeviceActionFactory;
37 import org.opendaylight.netconf.sal.connect.api.RemoteDevice;
38 import org.opendaylight.netconf.sal.connect.api.RemoteDeviceHandler;
39 import org.opendaylight.netconf.sal.connect.netconf.LibraryModulesSchemas;
40 import org.opendaylight.netconf.sal.connect.netconf.NetconfDevice;
41 import org.opendaylight.netconf.sal.connect.netconf.NetconfDeviceBuilder;
42 import org.opendaylight.netconf.sal.connect.netconf.SchemalessNetconfDevice;
43 import org.opendaylight.netconf.sal.connect.netconf.auth.DatastoreBackedPublicKeyAuth;
44 import org.opendaylight.netconf.sal.connect.netconf.listener.NetconfDeviceCapabilities;
45 import org.opendaylight.netconf.sal.connect.netconf.listener.NetconfDeviceCommunicator;
46 import org.opendaylight.netconf.sal.connect.netconf.listener.NetconfSessionPreferences;
47 import org.opendaylight.netconf.sal.connect.netconf.listener.UserPreferences;
48 import org.opendaylight.netconf.sal.connect.netconf.sal.KeepaliveSalFacade;
49 import org.opendaylight.netconf.sal.connect.netconf.sal.NetconfKeystoreAdapter;
50 import org.opendaylight.netconf.sal.connect.netconf.schema.YangLibrarySchemaYangSourceProvider;
51 import org.opendaylight.netconf.sal.connect.util.RemoteDeviceId;
52 import org.opendaylight.netconf.sal.connect.util.SslHandlerFactoryImpl;
53 import org.opendaylight.netconf.topology.singleton.api.RemoteDeviceConnector;
54 import org.opendaylight.netconf.topology.singleton.impl.utils.NetconfConnectorDTO;
55 import org.opendaylight.netconf.topology.singleton.impl.utils.NetconfTopologySetup;
56 import org.opendaylight.netconf.topology.singleton.impl.utils.NetconfTopologyUtils;
57 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Host;
58 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpAddress;
59 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Uri;
60 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.NetconfNode;
61 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.OdlHelloMessageCapabilities;
62 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.Protocol;
63 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.status.available.capabilities.AvailableCapability.CapabilityOrigin;
64 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.Credentials;
65 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.KeyAuth;
66 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.LoginPw;
67 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.LoginPwUnencrypted;
68 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.key.auth.KeyBased;
69 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.login.pw.LoginPassword;
70 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.login.pw.unencrypted.LoginPasswordUnencrypted;
71 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NodeId;
72 import org.opendaylight.yangtools.yang.model.repo.api.SourceIdentifier;
73 import org.opendaylight.yangtools.yang.model.repo.api.YangTextSchemaSource;
74 import org.opendaylight.yangtools.yang.model.repo.spi.PotentialSchemaSource;
75 import org.opendaylight.yangtools.yang.model.repo.spi.SchemaSourceRegistration;
76 import org.slf4j.Logger;
77 import org.slf4j.LoggerFactory;
79 public class RemoteDeviceConnectorImpl implements RemoteDeviceConnector {
81 private static final Logger LOG = LoggerFactory.getLogger(RemoteDeviceConnectorImpl.class);
83 // Initializes default constant instances for the case when the default schema repository
84 // directory cache/schema is used.
86 private final NetconfTopologySetup netconfTopologyDeviceSetup;
87 private final RemoteDeviceId remoteDeviceId;
88 private final String privateKeyPath;
89 private final String privateKeyPassphrase;
90 private final AAAEncryptionService encryptionService;
91 private final NetconfKeystoreAdapter keystoreAdapter;
92 private final DeviceActionFactory deviceActionFactory;
94 // FIXME: this seems to be a builder-like transition between {start,stop}RemoteDeviceConnection. More documentation
95 // is needed, as to what the lifecycle is here.
96 private NetconfConnectorDTO deviceCommunicatorDTO;
98 public RemoteDeviceConnectorImpl(final NetconfTopologySetup netconfTopologyDeviceSetup,
99 final RemoteDeviceId remoteDeviceId, final DeviceActionFactory deviceActionFactory) {
100 this.netconfTopologyDeviceSetup = requireNonNull(netconfTopologyDeviceSetup);
101 this.remoteDeviceId = remoteDeviceId;
102 this.deviceActionFactory = requireNonNull(deviceActionFactory);
103 this.privateKeyPath = netconfTopologyDeviceSetup.getPrivateKeyPath();
104 this.privateKeyPassphrase = netconfTopologyDeviceSetup.getPrivateKeyPassphrase();
105 this.encryptionService = netconfTopologyDeviceSetup.getEncryptionService();
106 keystoreAdapter = new NetconfKeystoreAdapter(netconfTopologyDeviceSetup.getDataBroker());
110 public void startRemoteDeviceConnection(final RemoteDeviceHandler<NetconfSessionPreferences> deviceHandler) {
112 final NetconfNode netconfNode = netconfTopologyDeviceSetup.getNode().augmentation(NetconfNode.class);
113 final NodeId nodeId = netconfTopologyDeviceSetup.getNode().getNodeId();
114 requireNonNull(netconfNode.getHost());
115 requireNonNull(netconfNode.getPort());
117 this.deviceCommunicatorDTO = createDeviceCommunicator(nodeId, netconfNode, deviceHandler);
118 final NetconfDeviceCommunicator deviceCommunicator = deviceCommunicatorDTO.getCommunicator();
119 final NetconfClientSessionListener netconfClientSessionListener = deviceCommunicatorDTO.getSessionListener();
120 final NetconfReconnectingClientConfiguration clientConfig =
121 getClientConfig(netconfClientSessionListener, netconfNode);
122 final ListenableFuture<NetconfDeviceCapabilities> future = deviceCommunicator
123 .initializeRemoteConnection(netconfTopologyDeviceSetup.getNetconfClientDispatcher(), clientConfig);
125 Futures.addCallback(future, new FutureCallback<NetconfDeviceCapabilities>() {
127 public void onSuccess(final NetconfDeviceCapabilities result) {
128 LOG.debug("{}: Connector started successfully", remoteDeviceId);
132 public void onFailure(final Throwable throwable) {
133 LOG.error("{}: Connector failed", remoteDeviceId, throwable);
135 }, MoreExecutors.directExecutor());
138 @SuppressWarnings("checkstyle:IllegalCatch")
140 public void stopRemoteDeviceConnection() {
141 if (deviceCommunicatorDTO != null) {
143 deviceCommunicatorDTO.close();
144 } catch (final Exception e) {
145 LOG.error("{}: Error at closing device communicator.", remoteDeviceId, e);
151 NetconfConnectorDTO createDeviceCommunicator(final NodeId nodeId, final NetconfNode node,
152 final RemoteDeviceHandler<NetconfSessionPreferences> deviceHandler) {
153 //setup default values since default value is not supported in mdsal
154 final long defaultRequestTimeoutMillis = node.getDefaultRequestTimeoutMillis() == null
155 ? NetconfTopologyUtils.DEFAULT_REQUEST_TIMEOUT_MILLIS : node.getDefaultRequestTimeoutMillis().toJava();
156 final long keepaliveDelay = node.getKeepaliveDelay() == null
157 ? NetconfTopologyUtils.DEFAULT_KEEPALIVE_DELAY : node.getKeepaliveDelay().toJava();
158 final boolean reconnectOnChangedSchema = node.isReconnectOnChangedSchema() == null
159 ? NetconfTopologyUtils.DEFAULT_RECONNECT_ON_CHANGED_SCHEMA : node.isReconnectOnChangedSchema();
161 RemoteDeviceHandler<NetconfSessionPreferences> salFacade = requireNonNull(deviceHandler);
162 if (keepaliveDelay > 0) {
163 LOG.info("{}: Adding keepalive facade.", remoteDeviceId);
164 salFacade = new KeepaliveSalFacade(remoteDeviceId, salFacade,
165 netconfTopologyDeviceSetup.getKeepaliveExecutor(), keepaliveDelay,
166 defaultRequestTimeoutMillis);
169 final NetconfDevice.SchemaResourcesDTO schemaResourcesDTO = netconfTopologyDeviceSetup.getSchemaResourcesDTO();
171 // pre register yang library sources as fallback schemas to schema registry
172 // FIXME: this list not used anywhere. Should it be retained or discarded? (why?)
173 // it would seem those registrations should be bound to NetconfConnectorDTO
174 final List<SchemaSourceRegistration<YangTextSchemaSource>> registeredYangLibSources = Lists.newArrayList();
175 if (node.getYangLibrary() != null) {
176 final String yangLibURL = node.getYangLibrary().getYangLibraryUrl().getValue();
177 final String yangLibUsername = node.getYangLibrary().getUsername();
178 final String yangLigPassword = node.getYangLibrary().getPassword();
180 final LibraryModulesSchemas libraryModulesSchemas;
181 if (yangLibURL != null) {
182 if (yangLibUsername != null && yangLigPassword != null) {
183 libraryModulesSchemas = LibraryModulesSchemas.create(yangLibURL, yangLibUsername, yangLigPassword);
185 libraryModulesSchemas = LibraryModulesSchemas.create(yangLibURL);
188 for (final Map.Entry<SourceIdentifier, URL> sourceIdentifierURLEntry :
189 libraryModulesSchemas.getAvailableModels().entrySet()) {
190 registeredYangLibSources
191 .add(schemaResourcesDTO.getSchemaRegistry().registerSchemaSource(
192 new YangLibrarySchemaYangSourceProvider(remoteDeviceId,
193 libraryModulesSchemas.getAvailableModels()),
194 PotentialSchemaSource
195 .create(sourceIdentifierURLEntry.getKey(), YangTextSchemaSource.class,
196 PotentialSchemaSource.Costs.REMOTE_IO.getValue())));
201 final RemoteDevice<NetconfSessionPreferences, NetconfMessage, NetconfDeviceCommunicator> device;
202 if (node.isSchemaless()) {
203 device = new SchemalessNetconfDevice(netconfTopologyDeviceSetup.getBaseSchemas(), remoteDeviceId,
206 device = new NetconfDeviceBuilder()
207 .setReconnectOnSchemasChange(reconnectOnChangedSchema)
208 .setSchemaResourcesDTO(schemaResourcesDTO)
209 .setGlobalProcessingExecutor(netconfTopologyDeviceSetup.getProcessingExecutor())
210 .setBaseSchemas(netconfTopologyDeviceSetup.getBaseSchemas())
211 .setId(remoteDeviceId)
212 .setDeviceActionFactory(deviceActionFactory)
213 .setSalFacade(salFacade)
217 final Optional<NetconfSessionPreferences> userCapabilities = getUserCapabilities(node);
218 final int rpcMessageLimit =
219 node.getConcurrentRpcLimit() == null
220 ? NetconfTopologyUtils.DEFAULT_CONCURRENT_RPC_LIMIT : node.getConcurrentRpcLimit().toJava();
222 if (rpcMessageLimit < 1) {
223 LOG.info("{}: Concurrent rpc limit is smaller than 1, no limit will be enforced.", remoteDeviceId);
226 NetconfDeviceCommunicator netconfDeviceCommunicator =
227 userCapabilities.isPresent() ? new NetconfDeviceCommunicator(remoteDeviceId, device,
228 new UserPreferences(userCapabilities.get(),
229 node.getYangModuleCapabilities() == null ? false : node.getYangModuleCapabilities().isOverride(),
230 node.getNonModuleCapabilities() == null ? false : node.getNonModuleCapabilities().isOverride()),
232 : new NetconfDeviceCommunicator(remoteDeviceId, device, rpcMessageLimit);
234 if (salFacade instanceof KeepaliveSalFacade) {
235 ((KeepaliveSalFacade)salFacade).setListener(netconfDeviceCommunicator);
237 return new NetconfConnectorDTO(netconfDeviceCommunicator, salFacade);
240 private static Optional<NetconfSessionPreferences> getUserCapabilities(final NetconfNode node) {
241 if (node.getYangModuleCapabilities() == null && node.getNonModuleCapabilities() == null) {
242 return Optional.empty();
244 final List<String> capabilities = new ArrayList<>();
246 if (node.getYangModuleCapabilities() != null) {
247 capabilities.addAll(node.getYangModuleCapabilities().getCapability());
250 //non-module capabilities should not exist in yang module capabilities
251 final NetconfSessionPreferences netconfSessionPreferences = NetconfSessionPreferences.fromStrings(capabilities);
252 checkState(netconfSessionPreferences.getNonModuleCaps().isEmpty(),
253 "List yang-module-capabilities/capability should contain only module based capabilities. "
254 + "Non-module capabilities used: " + netconfSessionPreferences.getNonModuleCaps());
256 if (node.getNonModuleCapabilities() != null) {
257 capabilities.addAll(node.getNonModuleCapabilities().getCapability());
260 return Optional.of(NetconfSessionPreferences.fromStrings(capabilities, CapabilityOrigin.UserDefined));
263 //TODO: duplicate code
264 private static InetSocketAddress getSocketAddress(final Host host, final int port) {
265 if (host.getDomainName() != null) {
266 return new InetSocketAddress(host.getDomainName().getValue(), port);
268 final IpAddress ipAddress = host.getIpAddress();
269 final String ip = ipAddress.getIpv4Address() != null ? ipAddress.getIpv4Address().getValue() :
270 ipAddress.getIpv6Address().getValue();
271 return new InetSocketAddress(ip, port);
276 NetconfReconnectingClientConfiguration getClientConfig(final NetconfClientSessionListener listener,
277 final NetconfNode node) {
279 //setup default values since default value is not supported in mdsal
280 final long clientConnectionTimeoutMillis = node.getConnectionTimeoutMillis() == null
281 ? NetconfTopologyUtils.DEFAULT_CONNECTION_TIMEOUT_MILLIS : node.getConnectionTimeoutMillis().toJava();
282 final long maxConnectionAttempts = node.getMaxConnectionAttempts() == null
283 ? NetconfTopologyUtils.DEFAULT_MAX_CONNECTION_ATTEMPTS : node.getMaxConnectionAttempts().toJava();
284 final int betweenAttemptsTimeoutMillis = node.getBetweenAttemptsTimeoutMillis() == null
285 ? NetconfTopologyUtils.DEFAULT_BETWEEN_ATTEMPTS_TIMEOUT_MILLIS
286 : node.getBetweenAttemptsTimeoutMillis().toJava();
287 final boolean isTcpOnly = node.isTcpOnly() == null
288 ? NetconfTopologyUtils.DEFAULT_IS_TCP_ONLY : node.isTcpOnly();
289 final BigDecimal sleepFactor = node.getSleepFactor() == null
290 ? NetconfTopologyUtils.DEFAULT_SLEEP_FACTOR : node.getSleepFactor();
292 final InetSocketAddress socketAddress = getSocketAddress(node.getHost(), node.getPort().getValue().toJava());
294 final ReconnectStrategyFactory sf =
295 new TimedReconnectStrategyFactory(netconfTopologyDeviceSetup.getEventExecutor(), maxConnectionAttempts,
296 betweenAttemptsTimeoutMillis, sleepFactor);
299 final NetconfReconnectingClientConfigurationBuilder reconnectingClientConfigurationBuilder;
300 final Protocol protocol = node.getProtocol();
302 reconnectingClientConfigurationBuilder = NetconfReconnectingClientConfigurationBuilder.create()
303 .withProtocol(NetconfClientConfiguration.NetconfClientProtocol.TCP)
304 .withAuthHandler(getHandlerFromCredentials(node.getCredentials()));
305 } else if (protocol == null || protocol.getName() == Protocol.Name.SSH) {
306 reconnectingClientConfigurationBuilder = NetconfReconnectingClientConfigurationBuilder.create()
307 .withProtocol(NetconfClientConfiguration.NetconfClientProtocol.SSH)
308 .withAuthHandler(getHandlerFromCredentials(node.getCredentials()));
309 } else if (protocol.getName() == Protocol.Name.TLS) {
310 reconnectingClientConfigurationBuilder = NetconfReconnectingClientConfigurationBuilder.create()
311 .withSslHandlerFactory(new SslHandlerFactoryImpl(keystoreAdapter, protocol.getSpecification()))
312 .withProtocol(NetconfClientConfiguration.NetconfClientProtocol.TLS);
314 throw new IllegalStateException("Unsupported protocol type: " + protocol.getName());
317 final List<Uri> odlHelloCapabilities = getOdlHelloCapabilities(node);
318 if (odlHelloCapabilities != null) {
319 reconnectingClientConfigurationBuilder.withOdlHelloCapabilities(odlHelloCapabilities);
322 return reconnectingClientConfigurationBuilder
323 .withAddress(socketAddress)
324 .withConnectionTimeoutMillis(clientConnectionTimeoutMillis)
325 .withReconnectStrategy(sf.createReconnectStrategy())
326 .withConnectStrategyFactory(sf)
327 .withSessionListener(listener)
331 private static List<Uri> getOdlHelloCapabilities(final NetconfNode node) {
332 final OdlHelloMessageCapabilities helloCapabilities = node.getOdlHelloMessageCapabilities();
333 return helloCapabilities != null ? helloCapabilities.getCapability() : null;
336 private AuthenticationHandler getHandlerFromCredentials(final Credentials credentials) {
337 if (credentials instanceof org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology
338 .rev150114.netconf.node.credentials.credentials.LoginPassword) {
339 final org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology
340 .rev150114.netconf.node.credentials.credentials.LoginPassword loginPassword
341 = (org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology
342 .rev150114.netconf.node.credentials.credentials.LoginPassword) credentials;
343 return new LoginPasswordHandler(loginPassword.getUsername(), loginPassword.getPassword());
345 if (credentials instanceof LoginPwUnencrypted) {
346 final LoginPasswordUnencrypted loginPassword =
347 ((LoginPwUnencrypted) credentials).getLoginPasswordUnencrypted();
348 return new LoginPasswordHandler(loginPassword.getUsername(), loginPassword.getPassword());
350 if (credentials instanceof LoginPw) {
351 final LoginPassword loginPassword = ((LoginPw) credentials).getLoginPassword();
352 return new LoginPasswordHandler(loginPassword.getUsername(),
353 encryptionService.decrypt(loginPassword.getPassword()));
355 if (credentials instanceof KeyAuth) {
356 final KeyBased keyPair = ((KeyAuth) credentials).getKeyBased();
357 return new DatastoreBackedPublicKeyAuth(keyPair.getUsername(), keyPair.getKeyId(),
358 keystoreAdapter, encryptionService);
360 throw new IllegalStateException("Unsupported credential type: " + credentials.getClass());