openstack/net-virt/src/main/java/org/opendaylight/ovsdb/openstack/netvirt/impl/SecurityServicesImpl.java

   1 /*
   2  * Copyright (C) 2014 Red Hat, Inc.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8 package org.opendaylight.ovsdb.openstack.netvirt.impl;
   9
  10 import java.util.List;
  11
  12 import org.opendaylight.neutron.spi.INeutronPortCRUD;
  13 import org.opendaylight.neutron.spi.INeutronSubnetCRUD;
  14 import org.opendaylight.neutron.spi.NeutronPort;
  15 import org.opendaylight.neutron.spi.NeutronSecurityGroup;
  16 import org.opendaylight.neutron.spi.NeutronSubnet;
  17 import org.opendaylight.neutron.spi.Neutron_IPs;
  18 import org.opendaylight.ovsdb.openstack.netvirt.ConfigInterface;
  19 import org.opendaylight.ovsdb.openstack.netvirt.api.Constants;
  20 import org.opendaylight.ovsdb.openstack.netvirt.api.SecurityServicesManager;
  21 import org.opendaylight.ovsdb.openstack.netvirt.api.Southbound;
  22 import org.opendaylight.ovsdb.utils.servicehelper.ServiceHelper;
  23 import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.ovsdb.rev150105.*;
  24 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.Node;
  25 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.node.TerminationPoint;
  26 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.node.attributes.SupportingNode;
  27 import org.opendaylight.yangtools.yang.binding.DataContainer;
  28 import org.osgi.framework.BundleContext;
  29 import org.osgi.framework.ServiceReference;
  30 import org.slf4j.Logger;
  31 import org.slf4j.LoggerFactory;
  32
  33 public class SecurityServicesImpl implements ConfigInterface, SecurityServicesManager {
  34     static final Logger logger = LoggerFactory.getLogger(TenantNetworkManagerImpl.class);
  35     private volatile INeutronPortCRUD neutronPortCache;
  36     private volatile INeutronSubnetCRUD neutronSubnetCache;
  37     private volatile Southbound southbound;
  38
  39     /**
  40      * Is security group ready.
  41      *
  42      * @param terminationPointAugmentation the intf
  43      * @return the boolean
  44      */
  45     public boolean isPortSecurityReady(OvsdbTerminationPointAugmentation terminationPointAugmentation) {
  46         if (neutronPortCache == null) {
  47             logger.error("neutron port is null");
  48             return false;
  49         }
  50         logger.trace("isPortSecurityReady for {}", terminationPointAugmentation.getName());
  51         String neutronPortId = southbound.getInterfaceExternalIdsValue(terminationPointAugmentation,
  52                 Constants.EXTERNAL_ID_INTERFACE_ID);
  53         if (neutronPortId == null) {
  54             return false;
  55         }
  56         NeutronPort neutronPort = neutronPortCache.getPort(neutronPortId);
  57         if (neutronPort == null) {
  58             return false;
  59         }
  60         String deviceOwner = neutronPort.getDeviceOwner();
  61         if (!deviceOwner.contains("compute")) {
  62             logger.debug("Port {} is not a compute host, it is a: {}", neutronPortId, deviceOwner);
  63         }
  64         logger.debug("isPortSecurityReady() is a {} ", deviceOwner);
  65         List<NeutronSecurityGroup> securityGroups = neutronPort.getSecurityGroups();
  66         if (securityGroups.isEmpty()) {
  67             logger.debug("Check for device: {} does not contain a Security Group for port: {}", deviceOwner,
  68                     neutronPortId);
  69             return false;
  70         }
  71         String vmPort = southbound.getInterfaceExternalIdsValue(terminationPointAugmentation,
  72                 Constants.EXTERNAL_ID_VM_MAC);
  73         logger.debug("Security Group Check {} DOES contain a Neutron Security Group", neutronPortId);
  74         return true;
  75     }
  76
  77     /**
  78      * Gets security group in port.
  79      *
  80      * @param terminationPointAugmentation the intf
  81      * @return the security group in port
  82      */
  83     public NeutronSecurityGroup getSecurityGroupInPort(OvsdbTerminationPointAugmentation terminationPointAugmentation) {
  84         if (neutronPortCache == null) {
  85             logger.error("neutron port is null");
  86             return null;
  87         }
  88         logger.trace("isPortSecurityReady for {}", terminationPointAugmentation.getName());
  89         String neutronPortId = southbound.getInterfaceExternalIdsValue(terminationPointAugmentation,
  90                 Constants.EXTERNAL_ID_INTERFACE_ID);
  91         if (neutronPortId == null) {
  92             return null;
  93         }
  94         NeutronPort neutronPort = neutronPortCache.getPort(neutronPortId);
  95         if (neutronPort == null) {
  96             return null;
  97         }
  98
  99         List<NeutronSecurityGroup> neutronSecurityGroups = neutronPort.getSecurityGroups();
 100         if (neutronSecurityGroups != null) {
 101             NeutronSecurityGroup neutronSecurityGroup = (NeutronSecurityGroup) neutronSecurityGroups.toArray()[0];
 102             return neutronSecurityGroup;
 103         } else {
 104             return null;
 105         }
 106     }
 107
 108     @Override
 109     public NeutronPort getDHCPServerPort(
 110             OvsdbTerminationPointAugmentation terminationPointAugmentation) {
 111         if (neutronPortCache == null) {
 112             logger.error("getDHCPServerPort: neutron port is null");
 113             return null;
 114         }
 115         logger.trace("getDHCPServerPort for {}",
 116                 terminationPointAugmentation.getName());
 117         String neutronPortId = southbound.getInterfaceExternalIdsValue(
 118                 terminationPointAugmentation,
 119                 Constants.EXTERNAL_ID_INTERFACE_ID);
 120         if (neutronPortId == null) {
 121             return null;
 122         }
 123         NeutronPort neutronPort = neutronPortCache.getPort(neutronPortId);
 124         //Since all the fixed ip assigned to a port should be from the same network, first port is sufficient.
 125         List<Neutron_IPs> fixedIps = neutronPort.getFixedIPs();
 126         if(null==fixedIps || 0 == fixedIps.size() )
 127         {
 128             logger.error("getDHCPServerPort: No fixed ip is assigned");
 129             return null;
 130         }
 131         String subnetUUID = fixedIps.iterator().next().getSubnetUUID();
 132         NeutronSubnet neutronSubnet = neutronSubnetCache.getSubnet(subnetUUID);
 133         List<NeutronPort> ports = neutronSubnet.getPortsInSubnet();
 134         for (NeutronPort port : ports) {
 135             if (port.getDeviceOwner().contains("dhcp")) {
 136                 return port;
 137             }
 138         }
 139
 140         return null;
 141
 142     }
 143
 144     @Override
 145     public boolean isComputePort(OvsdbTerminationPointAugmentation terminationPointAugmentation) {
 146         if (neutronPortCache == null) {
 147             logger.error("neutron port is null");
 148             return false;
 149         }
 150         logger.trace("isComputePort for {}", terminationPointAugmentation.getName());
 151         String neutronPortId = southbound.getInterfaceExternalIdsValue(terminationPointAugmentation,
 152                 Constants.EXTERNAL_ID_INTERFACE_ID);
 153         if (neutronPortId == null) {
 154             return false;
 155         }
 156         NeutronPort neutronPort = neutronPortCache.getPort(neutronPortId);
 157         if (neutronPort == null) {
 158             return false;
 159         }
 160         String deviceOwner = neutronPort.getDeviceOwner();
 161         if (!deviceOwner.contains("compute")) {
 162             logger.debug("isComputePort : Port {} is not a DHCP server port", neutronPortId,deviceOwner);
 163             return false;
 164         }
 165         return true;
 166     }
 167
 168     @Override
 169     public boolean isLastPortinSubnet(Node node, OvsdbTerminationPointAugmentation terminationPointAugmentation) {
 170         if (neutronPortCache == null) {
 171             logger.error("isLastPortinSubnet: neutron port is null");
 172             return false;
 173         }
 174         logger.trace("isLastPortinSubnet: for {}", terminationPointAugmentation.getName());
 175         String neutronPortId = southbound.getInterfaceExternalIdsValue(terminationPointAugmentation,
 176                                                                        Constants.EXTERNAL_ID_INTERFACE_ID);
 177         if (neutronPortId == null) {
 178             return false;
 179         }
 180         NeutronPort neutronPort = neutronPortCache.getPort(neutronPortId);
 181         List<Neutron_IPs> neutronPortFixedIp = neutronPort.getFixedIPs();
 182         if(null == neutronPortFixedIp || neutronPortFixedIp.isEmpty()) {
 183             return false;
 184         }
 185         List<TerminationPoint> terminationPoints = node.getTerminationPoint();
 186         if(terminationPoints != null && !terminationPoints.isEmpty()) {
 187             for(TerminationPoint tp : terminationPoints) {
 188                 OvsdbTerminationPointAugmentation ovsdbTerminationPointAugmentation =
 189                         tp.getAugmentation(OvsdbTerminationPointAugmentation.class);
 190                 if (ovsdbTerminationPointAugmentation != null && !ovsdbTerminationPointAugmentation.
 191                         getName().equals(Constants.INTEGRATION_BRIDGE)) {
 192                     String portId = southbound.getInterfaceExternalIdsValue(ovsdbTerminationPointAugmentation,
 193                                                                             Constants.EXTERNAL_ID_INTERFACE_ID);
 194                     if(null!=portId) {
 195                         NeutronPort port = neutronPortCache.getPort(portId);
 196                         if(null!=port) {
 197                             if(!(port.getID().equals(neutronPort.getID())) && port.getDeviceOwner().contains("compute")) {
 198                                 List<Neutron_IPs> portFixedIp = port.getFixedIPs();
 199                                 if(null == portFixedIp || portFixedIp.isEmpty()) {
 200                                     return false;
 201                                 }
 202                                 if(portFixedIp.iterator().next().getSubnetUUID().equals
 203                                         (neutronPort.getFixedIPs().iterator().next().getSubnetUUID())) {
 204                                     return false;
 205                                 }
 206                             }
 207                         }
 208                     }
 209                 }
 210             }
 211         }
 212         return true;
 213     }
 214
 215     @Override
 216     public boolean isLastPortinBridge(Node node, OvsdbTerminationPointAugmentation terminationPointAugmentation) {
 217         logger.trace("isLastPortinBridge: for {}", terminationPointAugmentation.getName());
 218         List<TerminationPoint> terminationPoints = node.getTerminationPoint();
 219         if(terminationPoints != null && !terminationPoints.isEmpty()){
 220             for(TerminationPoint tp : terminationPoints){
 221                 OvsdbTerminationPointAugmentation ovsdbTerminationPointAugmentation =
 222                         tp.getAugmentation(OvsdbTerminationPointAugmentation.class);
 223                 if(null!=ovsdbTerminationPointAugmentation)
 224                 {
 225                     if(!(ovsdbTerminationPointAugmentation.getName().equals(Constants.INTEGRATION_BRIDGE))
 226                             && !(terminationPointAugmentation.getInterfaceUuid().equals
 227                                     (ovsdbTerminationPointAugmentation.getInterfaceUuid()))) {
 228                         return false;
 229                     }
 230                 }
 231             }
 232         }
 233         return true;
 234     }
 235
 236     @Override
 237     public List<Neutron_IPs> getIpAddress(Node node,
 238                                 OvsdbTerminationPointAugmentation terminationPointAugmentation) {
 239         if (neutronPortCache == null) {
 240             logger.error("getIpAddress: neutron port is null");
 241             return null;
 242         }
 243         logger.trace("getIpAddress: for {}", terminationPointAugmentation.getName());
 244         String neutronPortId = southbound.getInterfaceExternalIdsValue(terminationPointAugmentation,
 245                 Constants.EXTERNAL_ID_INTERFACE_ID);
 246         if (neutronPortId == null) {
 247             return null;
 248         }
 249         NeutronPort neutronPort = neutronPortCache.getPort(neutronPortId);
 250         List<Neutron_IPs> fixedIps = neutronPort.getFixedIPs();
 251         return fixedIps;
 252     }
 253
 254     @Override
 255     public void setDependencies(BundleContext bundleContext, ServiceReference serviceReference) {
 256         southbound =
 257                 (Southbound) ServiceHelper.getGlobalInstance(Southbound.class, this);
 258     }
 259
 260     @Override
 261     public void setDependencies(Object impl) {
 262         if (impl instanceof INeutronPortCRUD) {
 263             neutronPortCache = (INeutronPortCRUD)impl;
 264         }
 265         else if (impl instanceof INeutronSubnetCRUD) {
 266             neutronSubnetCache = (INeutronSubnetCRUD) impl;
 267         }
 268     }
 269 }