Code Review / netvirt.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Fix to suppress severity
[netvirt.git] / neutronvpn / impl / src / main / java / org / opendaylight / netvirt / neutronvpn / NeutronPortChangeListener.java
diff --git a/neutronvpn/impl/src/main/java/org/opendaylight/netvirt/neutronvpn/NeutronPortChangeListener.java b/neutronvpn/impl/src/main/java/org/opendaylight/netvirt/neutronvpn/NeutronPortChangeListener.java
index 85564d2bf7b27dd0ce8e1b2f2ec6f3ec39cedcb4..b62774984dc26240791a97e8ef7a6d7aabaf1905 100644 (file)
--- a/neutronvpn/impl/src/main/java/org/opendaylight/netvirt/neutronvpn/NeutronPortChangeListener.java
+++ b/neutronvpn/impl/src/main/java/org/opendaylight/netvirt/neutronvpn/NeutronPortChangeListener.java
@@ -25,10 +25,10 @@ import java.util.Locale;
 import java.util.Map;
 import java.util.Set;
 import java.util.stream.Collectors;
-import javax.annotation.Nullable;
 import javax.annotation.PostConstruct;
 import javax.inject.Singleton;
 import org.apache.commons.lang3.ObjectUtils;
+import org.eclipse.jdt.annotation.Nullable;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
 import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
 import org.opendaylight.controller.md.sal.common.api.data.ReadFailedException;
@@ -52,6 +52,11 @@ import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.
 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
 import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rev160406.IfL2vlan;
 import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rev160406.IfL2vlanBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rev160406.ParentRefs;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rev160406.ParentRefsBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rev160406.SplitHorizon;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rev160406.SplitHorizonBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.l2.types.rev130827.VlanId;
 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAcl;
 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAclBuilder;
 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs;
@@ -64,6 +69,8 @@ import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev16011
 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.ext.routers.RoutersBuilder;
 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.floating.ip.port.info.FloatingIpIdToPortMappingBuilder;
 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.floating.ip.port.info.FloatingIpIdToPortMappingKey;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.neutronvpn.config.rev160806.NeutronvpnConfig;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.neutronvpn.rev150602.neutron.vpn.port.id.subport.data.PortIdToSubport;
 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.neutronvpn.rev150602.subnetmaps.Subnetmap;
 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.binding.rev150712.PortBindingExtension;
 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.hostconfig.rev150712.hostconfig.attributes.hostconfigs.Hostconfig;
@@ -90,6 +97,7 @@ public class NeutronPortChangeListener extends AsyncDataTreeChangeListenerBase<P
     private final NeutronvpnUtils neutronvpnUtils;
     private final HostConfigCache hostConfigCache;
     private final DataTreeEventCallbackRegistrar eventCallbacks;
+    private final NeutronvpnConfig neutronvpnConfig;
 
     public NeutronPortChangeListener(final DataBroker dataBroker,
                                      final NeutronvpnManager neutronvpnManager,
@@ -99,7 +107,8 @@ public class NeutronPortChangeListener extends AsyncDataTreeChangeListenerBase<P
                                      final JobCoordinator jobCoordinator,
                                      final NeutronvpnUtils neutronvpnUtils,
                                      final HostConfigCache hostConfigCache,
-                                     final DataTreeEventCallbackRegistrar dataTreeEventCallbackRegistrar) {
+                                     final DataTreeEventCallbackRegistrar dataTreeEventCallbackRegistrar,
+                                     final NeutronvpnConfig neutronvpnConfig) {
         super(Port.class, NeutronPortChangeListener.class);
         this.dataBroker = dataBroker;
         this.txRunner = new ManagedNewTransactionRunnerImpl(dataBroker);
@@ -111,6 +120,8 @@ public class NeutronPortChangeListener extends AsyncDataTreeChangeListenerBase<P
         this.neutronvpnUtils = neutronvpnUtils;
         this.hostConfigCache = hostConfigCache;
         this.eventCallbacks = dataTreeEventCallbackRegistrar;
+        this.neutronvpnConfig = neutronvpnConfig;
+
     }
 
     @Override
@@ -214,7 +225,6 @@ public class NeutronPortChangeListener extends AsyncDataTreeChangeListenerBase<P
         }
         final String portName = update.getUuid().getValue();
         Network network = neutronvpnUtils.getNeutronNetwork(update.getNetworkId());
-        LOG.info("Update port {} from network {}", portName, update.getNetworkId().toString());
         if (network == null || !NeutronvpnUtils.isNetworkTypeSupported(network)) {
             LOG.warn("neutron vpn received a port update() for a network without a provider extension augmentation "
                     + "or with an unsupported network type for the port {} which is part of network {}",
@@ -246,8 +256,9 @@ public class NeutronPortChangeListener extends AsyncDataTreeChangeListenerBase<P
         // check if port security enabled/disabled as part of port update
         boolean origSecurityEnabled = NeutronvpnUtils.getPortSecurityEnabled(original);
         boolean updatedSecurityEnabled = NeutronvpnUtils.getPortSecurityEnabled(update);
-
-        if (origSecurityEnabled || updatedSecurityEnabled) {
+        boolean isDhcpServerPort = neutronvpnConfig.isLimitBumtrafficToDhcpserver()
+                               && NeutronvpnUtils.isDhcpServerPort(update);
+        if (origSecurityEnabled || updatedSecurityEnabled || isDhcpServerPort) {
             InstanceIdentifier<Interface>  interfaceIdentifier = NeutronvpnUtils.buildVlanInterfaceIdentifier(portName);
             jobCoordinator.enqueueJob("PORT- " + portName,
                 () -> Collections.singletonList(txRunner.callWithNewReadWriteTransactionAndSubmit(CONFIGURATION,
@@ -256,9 +267,18 @@ public class NeutronPortChangeListener extends AsyncDataTreeChangeListenerBase<P
                                 confTx.read(interfaceIdentifier).get();
                         if (optionalInf.isPresent()) {
                             InterfaceBuilder interfaceBuilder = new InterfaceBuilder(optionalInf.get());
-                            InterfaceAcl infAcl = handlePortSecurityUpdated(original, update,
-                                    origSecurityEnabled, updatedSecurityEnabled, interfaceBuilder).build();
-                            interfaceBuilder.addAugmentation(InterfaceAcl.class, infAcl);
+                            if (origSecurityEnabled || updatedSecurityEnabled) {
+                                InterfaceAcl infAcl = handlePortSecurityUpdated(original, update, origSecurityEnabled,
+                                        updatedSecurityEnabled, interfaceBuilder).build();
+                                interfaceBuilder.addAugmentation(InterfaceAcl.class, infAcl);
+                            } else if (isDhcpServerPort) {
+                                Set<FixedIps> oldIPs = getFixedIpSet(original.getFixedIps());
+                                Set<FixedIps> newIPs = getFixedIpSet(update.getFixedIps());
+                                if (!oldIPs.equals(newIPs)) {
+                                    InterfaceAcl infAcl = neutronvpnUtils.getDhcpInterfaceAcl(update);
+                                    interfaceBuilder.addAugmentation(InterfaceAcl.class, infAcl);
+                                }
+                            }
                             LOG.info("update: Of-port-interface updation for port {}", portName);
                             // Update OFPort interface for this neutron port
                             confTx.put(interfaceIdentifier, interfaceBuilder.build());
@@ -270,8 +290,8 @@ public class NeutronPortChangeListener extends AsyncDataTreeChangeListenerBase<P
     }
 
     private void handleFloatingIpPortUpdated(@Nullable Port original, Port update) {
-        if ((original == null || NeutronConstants.FLOATING_IP_DEVICE_ID_PENDING.equals(original.getDeviceId()))
-            && !NeutronConstants.FLOATING_IP_DEVICE_ID_PENDING.equals(update.getDeviceId())) {
+        if ((original == null || NeutronConstants.FLOATING_IP_DEVICE_ID_PENDING.equals(original.getDeviceId())
+                && !NeutronConstants.FLOATING_IP_DEVICE_ID_PENDING.equals(update.getDeviceId()))) {
             // populate floating-ip uuid and floating-ip port attributes (uuid, mac and subnet id for the ONLY
             // fixed IP) to be used by NAT, depopulated in NATService once mac is retrieved in the removal path
             addToFloatingIpPortInfo(new Uuid(update.getDeviceId()), update.getUuid(), update.getFixedIps().get(0)
@@ -549,7 +569,7 @@ public class NeutronPortChangeListener extends AsyncDataTreeChangeListenerBase<P
             return false;
         }
         String vnicType = portBinding.getVnicType().trim().toLowerCase(Locale.getDefault());
-        return vnicType.equals(NeutronConstants.VNIC_TYPE_DIRECT);
+        return NeutronConstants.VNIC_TYPE_DIRECT.equals(vnicType);
     }
 
     private boolean isSupportedVnicTypeByHost(final Port port, final String vnicType) {
@@ -880,6 +900,18 @@ public class NeutronPortChangeListener extends AsyncDataTreeChangeListenerBase<P
         Boolean isVlanTransparent = network.isVlanTransparent();
         if (isVlanTransparent != null && isVlanTransparent) {
             l2VlanMode = IfL2vlan.L2vlanMode.Transparent;
+        } else {
+            PortIdToSubport portIdToSubport = neutronvpnUtils.getPortIdToSubport(port.getUuid());
+            if (portIdToSubport != null) {
+                l2VlanMode = IfL2vlan.L2vlanMode.TrunkMember;
+                ifL2vlanBuilder.setVlanId(new VlanId(portIdToSubport.getVlanId().intValue()));
+                String parentRefName = portIdToSubport.getTrunkPortId().getValue();
+                ParentRefsBuilder parentRefsBuilder = new ParentRefsBuilder().setParentInterface(parentRefName);
+                interfaceBuilder.addAugmentation(ParentRefs.class, parentRefsBuilder.build());
+                SplitHorizon splitHorizon =
+                        new SplitHorizonBuilder().setOverrideSplitHorizonProtection(true).build();
+                interfaceBuilder.addAugmentation(SplitHorizon.class, splitHorizon);
+            }
         }
 
         ifL2vlanBuilder.setL2vlanMode(l2VlanMode);
@@ -892,6 +924,8 @@ public class NeutronPortChangeListener extends AsyncDataTreeChangeListenerBase<P
             interfaceAclBuilder.setPortSecurityEnabled(true);
             neutronvpnUtils.populateInterfaceAclBuilder(interfaceAclBuilder, port);
             interfaceBuilder.addAugmentation(InterfaceAcl.class, interfaceAclBuilder.build());
+        } else if (neutronvpnConfig.isLimitBumtrafficToDhcpserver() && NeutronvpnUtils.isDhcpServerPort(port)) {
+            interfaceBuilder.addAugmentation(InterfaceAcl.class, neutronvpnUtils.getDhcpInterfaceAcl(port));
         }
         return interfaceBuilder.build();
     }
NetVirt - Archived