+ if (neutronPort == null) {
+ LOG.error("getIpAddress: neutron port of {} is not found", neutronPortId);
+ return null;
+ }
+ return neutronPort.getFixedIPs();
+ }
+
+ @Override
+ public List<Neutron_IPs> getVmListForSecurityGroup(String portUuid, String securityGroupUuid) {
+ List<Neutron_IPs> vmListForSecurityGroup = new ArrayList<Neutron_IPs>();
+ /*For every port check whether security grouplist contains the current
+ * security group.*/
+ try {
+ for (NeutronPort neutronPort:neutronPortCache.getAllPorts()) {
+ if (!neutronPort.getDeviceOwner().contains("compute")) {
+ LOG.debug("getVMListForSecurityGroup : the port {} is not "
+ + "compute port belongs to {}", neutronPort.getID(), neutronPort.getDeviceOwner());
+ continue;
+ }
+ if (portUuid.equals(neutronPort.getID())) {
+ continue;
+ }
+ List<NeutronSecurityGroup> securityGroups = neutronPort.getSecurityGroups();
+ if (null != securityGroups) {
+ for (NeutronSecurityGroup securityGroup:securityGroups) {
+ if (securityGroup.getSecurityGroupUUID().equals(securityGroupUuid)) {
+ LOG.debug("getVMListForSecurityGroup : adding ports with ips {} "
+ + "compute port", neutronPort.getFixedIPs());
+ vmListForSecurityGroup.addAll(neutronPort.getFixedIPs());
+ }
+ }
+ }
+
+ }
+ } catch (Exception e) {
+ LOG.error("getVMListForSecurityGroup: getVMListForSecurityGroup"
+ + " failed due to ", e);
+ return null;
+ }
+ return vmListForSecurityGroup;
+
+ }
+
+ @Override
+ public void syncSecurityGroup(NeutronPort port, List<NeutronSecurityGroup> securityGroupList, boolean write) {
+ LOG.trace("syncSecurityGroup:" + securityGroupList + " Write:" + Boolean.valueOf(write));
+ if (null != port && null != port.getSecurityGroups()) {
+ Node node = getNode(port);
+ NeutronNetwork neutronNetwork = neutronNetworkCache.getNetwork(port.getNetworkUUID());
+ String segmentationId = neutronNetwork.getProviderSegmentationID();
+ OvsdbTerminationPointAugmentation intf = getInterface(node, port);
+ long localPort = southbound.getOFPort(intf);
+ String attachedMac = southbound.getInterfaceExternalIdsValue(intf, Constants.EXTERNAL_ID_VM_MAC);
+ if (attachedMac == null) {
+ LOG.debug("programVlanRules: No AttachedMac seen in {}", intf);
+ return;
+ }
+ long dpid = getDpidOfIntegrationBridge(node);
+ String neutronPortId = southbound.getInterfaceExternalIdsValue(intf,
+ Constants.EXTERNAL_ID_INTERFACE_ID);
+ for (NeutronSecurityGroup securityGroupInPort:securityGroupList) {
+ ingressAclProvider.programPortSecurityGroup(dpid, segmentationId, attachedMac, localPort,
+ securityGroupInPort, neutronPortId, write);
+ egressAclProvider.programPortSecurityGroup(dpid, segmentationId, attachedMac, localPort,
+ securityGroupInPort, neutronPortId, write);
+ }
+ }
+ }
+
+ @Override
+ public void syncSecurityRule(NeutronPort port, NeutronSecurityRule securityRule,Neutron_IPs vmIp, boolean write) {
+ LOG.trace("syncSecurityGroup:" + securityRule + " Write:" + Boolean.valueOf(write));
+ if (null != port && null != port.getSecurityGroups()) {
+ Node node = getNode(port);
+ NeutronNetwork neutronNetwork = neutronNetworkCache.getNetwork(port.getNetworkUUID());
+ String segmentationId = neutronNetwork.getProviderSegmentationID();
+ OvsdbTerminationPointAugmentation intf = getInterface(node, port);
+ long localPort = southbound.getOFPort(intf);
+ String attachedMac = southbound.getInterfaceExternalIdsValue(intf, Constants.EXTERNAL_ID_VM_MAC);
+ if (attachedMac == null) {
+ LOG.debug("programVlanRules: No AttachedMac seen in {}", intf);
+ return;
+ }
+ long dpid = getDpidOfIntegrationBridge(node);
+ if ("IPv4".equals(securityRule.getSecurityRuleEthertype())
+ && "ingress".equals(securityRule.getSecurityRuleDirection())) {
+
+ ingressAclProvider.programPortSecurityRule(dpid, segmentationId, attachedMac, localPort,
+ securityRule, vmIp, write);
+ } else if (securityRule.getSecurityRuleEthertype().equals("IPv4")
+ && securityRule.getSecurityRuleDirection().equals("egress")) {
+ egressAclProvider.programPortSecurityRule(dpid, segmentationId, attachedMac, localPort,
+ securityRule, vmIp, write);
+ }
+ }
+ }
+
+ private long getDpidOfIntegrationBridge(Node node) {
+ LOG.trace("getDpidOfIntegrationBridge:" + node);
+ long dpid = 0L;
+ if (southbound.getBridgeName(node).equals(configurationService.getIntegrationBridgeName())) {
+ dpid = getDpid(node);
+ }
+ return dpid;
+ }
+
+ private long getDpid(Node node) {
+ LOG.trace("getDpid" + node);
+ long dpid = southbound.getDataPathId(node);
+ if (dpid == 0) {
+ LOG.warn("getDpid: dpid not found: {}", node);
+ }
+ return dpid;
+ }
+
+ private Node getNode(NeutronPort port) {
+ LOG.trace("getNode:Port" + port);
+ List<Node> toplogyNodes = southbound.readOvsdbTopologyNodes();
+
+ for (Node topologyNode : toplogyNodes) {
+ try {
+ Node node = southbound.getBridgeNode(topologyNode,Constants.INTEGRATION_BRIDGE);
+ List<OvsdbTerminationPointAugmentation> ovsdbPorts = southbound.getTerminationPointsOfBridge(node);
+ for (OvsdbTerminationPointAugmentation ovsdbPort : ovsdbPorts) {
+ String uuid = southbound.getInterfaceExternalIdsValue(ovsdbPort,
+ Constants.EXTERNAL_ID_INTERFACE_ID);
+ if (null != uuid && uuid.equals(port.getID())) {
+ return node;
+ }
+ }
+ } catch (Exception e) {
+ LOG.error("Exception during handlingNeutron network delete", e);
+ }
+ }
+ return null;
+ }
+
+ private OvsdbTerminationPointAugmentation getInterface(Node node, NeutronPort port) {
+ LOG.trace("getInterface:Node:" + node + " Port:" + port);
+ try {
+ List<OvsdbTerminationPointAugmentation> ovsdbPorts = southbound.getTerminationPointsOfBridge(node);
+ for (OvsdbTerminationPointAugmentation ovsdbPort : ovsdbPorts) {
+ String uuid = southbound.getInterfaceExternalIdsValue(ovsdbPort,
+ Constants.EXTERNAL_ID_INTERFACE_ID);
+ if (null != uuid && uuid.equals(port.getID())) {
+ return ovsdbPort;
+ }
+ }
+ } catch (Exception e) {
+ LOG.error("Exception during handlingNeutron network delete", e);
+ }
+ return null;