renderers/vpp/src/main/java/org/opendaylight/groupbasedpolicy/renderer/vpp/iface/AclManager.java

   1 /*
   2  * Copyright (c) 2017 Cisco Systems, Inc. and others. All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8
   9 package org.opendaylight.groupbasedpolicy.renderer.vpp.iface;
  10
  11 import java.util.stream.Collectors;
  12
  13 import javax.annotation.Nonnull;
  14
  15 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
  16 import org.opendaylight.groupbasedpolicy.renderer.util.AddressEndpointUtils;
  17 import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.PolicyContext;
  18 import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AccessListUtil;
  19 import org.opendaylight.groupbasedpolicy.renderer.vpp.util.KeyFactory;
  20 import org.opendaylight.groupbasedpolicy.renderer.vpp.util.MountedDataBrokerProvider;
  21 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.Interface;
  22 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.absolute.location.location.type.ExternalLocationCase;
  23 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.endpoints.AddressEndpointWithLocation;
  24 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.renderer.endpoints.RendererEndpointKey;
  25 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.renderer.endpoints.renderer.endpoint.PeerEndpointKey;
  26 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
  27 import org.slf4j.Logger;
  28 import org.slf4j.LoggerFactory;
  29
  30 import com.google.common.base.Optional;
  31 import com.google.common.base.Preconditions;
  32 import com.google.common.collect.ImmutableSet;
  33
  34 public class AclManager {
  35
  36     private static final Logger LOG = LoggerFactory.getLogger(AclManager.class);
  37     private final MountedDataBrokerProvider mountDataProvider;
  38
  39     public AclManager(@Nonnull MountedDataBrokerProvider mountDataProvider) {
  40         this.mountDataProvider = Preconditions.checkNotNull(mountDataProvider);
  41     }
  42
  43     public void updateAclsForPeers(PolicyContext policyCtx, RendererEndpointKey rEpKey) {
  44         ImmutableSet<PeerEndpointKey> peers = policyCtx.getPolicyTable().row(rEpKey).keySet();
  45         for (RendererEndpointKey peerRendEp : peers.stream()
  46             .map(AddressEndpointUtils::fromPeerEpKey)
  47             .collect(Collectors.toList())
  48             .stream()
  49             .map(AddressEndpointUtils::toRendererEpKey)
  50             .collect(Collectors.toList())) {
  51             updateAclsForRendEp(peerRendEp, policyCtx);
  52         }
  53     }
  54
  55     public void updateAclsForRendEp(RendererEndpointKey rEpKey, PolicyContext policyCtx) {
  56         LOG.info("Updating policy for endpoint {}", rEpKey);
  57         AddressEndpointWithLocation peerAddrEp = policyCtx.getAddrEpByKey().get(KeyFactory.addressEndpointKey(rEpKey));
  58         ExternalLocationCase epLoc;
  59         try {
  60             epLoc = InterfaceManager.resolveAndValidateLocation(peerAddrEp);
  61         } catch (NullPointerException | IllegalArgumentException e) {
  62             //TODO investigate, don't just move on.
  63             LOG.warn("Peer {} has no location. Moving on...", peerAddrEp, e.getMessage());
  64             return;
  65         }
  66         InstanceIdentifier<?> vppNodeIid = epLoc.getExternalNodeMountPoint();
  67         Optional<InstanceIdentifier<Interface>> optInterfaceIid =
  68                 VppPathMapper.interfaceToInstanceIdentifier(epLoc.getExternalNodeConnector());
  69         if (!optInterfaceIid.isPresent()) {
  70             LOG.warn("Cannot  find interface for endpoint {}. ACLs for endpoint not updated {}. ", rEpKey);
  71             return;
  72         }
  73         Optional<DataBroker> optMountPoint = mountDataProvider.getDataBrokerForMountPoint(vppNodeIid);
  74         AccessListUtil.resolveAclsOnInterface(rEpKey, policyCtx).forEach(aclWrapper -> aclWrapper
  75             .writeAcl(optMountPoint.get(), optInterfaceIid.get().firstKeyOf(Interface.class)));
  76     }
  77 }