package org.opendaylight.groupbasedpolicy.renderer.vpp.iface;
+import java.util.List;
+import java.util.Set;
+
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
-import java.util.concurrent.ExecutionException;
-import com.google.common.base.Optional;
-import com.google.common.base.Preconditions;
-import com.google.common.base.Strings;
+
import com.google.common.eventbus.Subscribe;
import com.google.common.util.concurrent.AsyncFunction;
+import com.google.common.util.concurrent.FutureCallback;
import com.google.common.util.concurrent.Futures;
import com.google.common.util.concurrent.ListenableFuture;
+
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
-import org.opendaylight.controller.md.sal.binding.api.ReadWriteTransaction;
+import org.opendaylight.controller.md.sal.binding.api.ReadOnlyTransaction;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
import org.opendaylight.groupbasedpolicy.renderer.vpp.commands.ConfigCommand;
import org.opendaylight.groupbasedpolicy.renderer.vpp.commands.LoopbackCommand;
import org.opendaylight.groupbasedpolicy.renderer.vpp.commands.VhostUserCommand.VhostUserCommandBuilder;
import org.opendaylight.groupbasedpolicy.renderer.vpp.event.NodeOperEvent;
import org.opendaylight.groupbasedpolicy.renderer.vpp.event.VppEndpointConfEvent;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AccessListWrapper;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.GbpNetconfTransaction;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.General.Operations;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.MountedDataBrokerProvider;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.absolute.location.location.type.ExternalLocationCase;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.absolute.location.location.type.ExternalLocationCaseBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.endpoints.AddressEndpointWithLocation;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.vpp_renderer.rev160425.ExcludeFromPolicy;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.vpp_renderer.rev160425._interface.attributes.InterfaceTypeChoice;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.vpp_renderer.rev160425._interface.attributes._interface.type.choice.LoopbackCase;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.vpp_renderer.rev160425._interface.attributes._interface.type.choice.TapCase;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.v3po.rev161214.l2.base.attributes.Interconnection;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.v3po.rev161214.l2.base.attributes.interconnection.BridgeBased;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.v3po.rev161214.l2.base.attributes.interconnection.BridgeBasedBuilder;
+import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NodeId;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.Node;
import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import com.google.common.base.Optional;
+import com.google.common.base.Preconditions;
+import com.google.common.base.Strings;
+import com.google.common.collect.HashMultimap;
+import com.google.common.collect.SetMultimap;
+
public class InterfaceManager implements AutoCloseable {
private static final Logger LOG = LoggerFactory.getLogger(InterfaceManager.class);
private final MountedDataBrokerProvider mountDataProvider;
private final VppEndpointLocationProvider vppEndpointLocationProvider;
+ private final SetMultimap<NodeId, String> excludedFromPolicy = HashMultimap.create();
public InterfaceManager(@Nonnull MountedDataBrokerProvider mountDataProvider, @Nonnull DataBroker dataProvider) {
this.mountDataProvider = Preconditions.checkNotNull(mountDataProvider);
@Subscribe
@SuppressWarnings("OptionalGetWithoutIsPresent")
public synchronized void vppEndpointChanged(VppEndpointConfEvent event) {
- try {
- switch (event.getDtoModificationType()) {
- case CREATED: {
- vppEndpointCreated(event.getAfter().get()).get();
- }
- break;
- case UPDATED:
- vppEndpointUpdated(event.getBefore().get(), event.getAfter().get()).get();
- break;
- case DELETED:
- vppEndpointDeleted(event.getBefore().get()).get();
- break;
+ ListenableFuture<Void> modificationFuture;
+ ListenableFuture<Boolean> policyExcludedFuture;
+ String message;
+ final VppEndpoint oldVppEndpoint = event.getBefore().orNull();
+ final VppEndpoint newVppEndpoint = event.getAfter().orNull();
+ switch (event.getDtoModificationType()) {
+ case CREATED: {
+ Preconditions.checkNotNull(newVppEndpoint);
+ modificationFuture = vppEndpointCreated(newVppEndpoint);
+ message = String.format("Vpp endpoint %s on node %s and interface %s created",
+ newVppEndpoint.getAddress(), newVppEndpoint.getVppNodeId().getValue(),
+ newVppEndpoint.getVppInterfaceName());
+ policyExcludedFuture = updatePolicyExcludedEndpoints(newVppEndpoint, true);
+ }
+ break;
+ case UPDATED: {
+ Preconditions.checkNotNull(oldVppEndpoint);
+ Preconditions.checkNotNull(newVppEndpoint);
+ modificationFuture = vppEndpointUpdated(oldVppEndpoint, newVppEndpoint);
+ message = String.format("Vpp endpoint %s on node %s and interface %s updated",
+ newVppEndpoint.getAddress(), newVppEndpoint.getVppNodeId().getValue(),
+ newVppEndpoint.getVppInterfaceName());
+ final ListenableFuture<Boolean> partialOldPolicyExcludedFuture =
+ updatePolicyExcludedEndpoints(oldVppEndpoint, false);
+ policyExcludedFuture =
+ Futures.transform(partialOldPolicyExcludedFuture, (AsyncFunction<Boolean, Boolean>) input ->
+ updatePolicyExcludedEndpoints(newVppEndpoint, true));
+ }
+ break;
+ case DELETED: {
+ Preconditions.checkNotNull(oldVppEndpoint);
+ modificationFuture = vppEndpointDeleted(oldVppEndpoint);
+ message = String.format("Vpp endpoint %s on node %s and interface %s removed",
+ oldVppEndpoint.getAddress(), oldVppEndpoint.getVppNodeId().getValue(),
+ oldVppEndpoint.getVppInterfaceName());
+ policyExcludedFuture = updatePolicyExcludedEndpoints(event.getBefore().get(), false);
+ }
+ break;
+ default: {
+ message = "Unknown event modification type: " + event.getDtoModificationType();
+ modificationFuture = Futures.immediateFailedFuture(new VppRendererProcessingException(message));
+ policyExcludedFuture = Futures.immediateFailedFuture(new VppRendererProcessingException(message));
}
- } catch (InterruptedException | ExecutionException e) {
- LOG.warn("Failed to update Vpp Endpoint. {}", event, e);
}
+ // Modification
+ Futures.addCallback(modificationFuture, new FutureCallback<Void>() {
+ @Override
+ public void onSuccess(@Nullable Void result) {
+ LOG.info(message);
+ }
+
+ @Override
+ public void onFailure(@Nonnull Throwable t) {
+ LOG.warn("Vpp endpoint change event failed. Old ep: {}, new ep: {}", oldVppEndpoint, newVppEndpoint);
+ }
+ });
+
+ // Excluded policy
+ Futures.addCallback(policyExcludedFuture, new FutureCallback<Boolean>() {
+ @Override
+ public void onSuccess(@Nullable Boolean input) {
+ // NO-OP
+ }
+
+ @Override
+ public void onFailure(@Nonnull Throwable throwable) {
+ LOG.warn("Vpp endpoint exclusion failed. Odl ep: {}, new ep: {}", oldVppEndpoint, newVppEndpoint);
+ }
+ });
+ }
+
+ private ListenableFuture<Boolean> updatePolicyExcludedEndpoints(VppEndpoint vppEndpoint, boolean created) {
+ if (vppEndpoint == null || vppEndpoint.getAugmentation(ExcludeFromPolicy.class) == null) {
+ return Futures.immediateFuture(true);
+ }
+ if (created) {
+ excludedFromPolicy.put(vppEndpoint.getVppNodeId(), vppEndpoint.getVppInterfaceName());
+ return Futures.immediateFuture(true);
+ }
+ return Futures.immediateFuture(excludedFromPolicy.remove(vppEndpoint.getVppNodeId(),
+ vppEndpoint.getVppInterfaceName()));
}
private ListenableFuture<Void> vppEndpointCreated(VppEndpoint vppEndpoint) {
} else if (interfaceTypeChoice instanceof LoopbackCase){
potentialIfaceCommand = createLoopbackWithoutBdCommand(vppEndpoint, Operations.PUT);
}
-
if (!potentialIfaceCommand.isPresent()) {
LOG.debug("Interface/PUT command was not created for VppEndpoint point {}", vppEndpoint);
return Futures.immediateFuture(null);
public ListenableFuture<Void> createInterfaceOnVpp(final ConfigCommand createIfaceWithoutBdCommand,
final DataBroker vppDataBroker) {
- final boolean transactionState = GbpNetconfTransaction.write(vppDataBroker, createIfaceWithoutBdCommand,
+ final boolean transactionState = GbpNetconfTransaction.netconfSyncedWrite(vppDataBroker, createIfaceWithoutBdCommand,
GbpNetconfTransaction.RETRY_COUNT);
if (transactionState) {
LOG.trace("Creating Interface on VPP: {}", createIfaceWithoutBdCommand);
final DataBroker vppDataBroker,
final VppEndpoint vppEndpoint,
final InstanceIdentifier<?> vppNodeIid) {
- final boolean transactionState = GbpNetconfTransaction.write(vppDataBroker, createIfaceWithoutBdCommand,
+ final boolean transactionState = GbpNetconfTransaction.netconfSyncedWrite(vppDataBroker, createIfaceWithoutBdCommand,
GbpNetconfTransaction.RETRY_COUNT);
if (transactionState) {
LOG.debug("Create interface on VPP command was successful. VPP: {} Command: {}", vppNodeIid,
}
private ListenableFuture<Void> vppEndpointUpdated(@Nonnull final VppEndpoint oldVppEndpoint,
- @Nonnull final VppEndpoint newVppEndpoint)
- throws ExecutionException, InterruptedException {
+ @Nonnull final VppEndpoint newVppEndpoint) {
if(!oldVppEndpoint.equals(newVppEndpoint)) {
LOG.debug("Updating vpp endpoint, old EP: {} new EP: {}", oldVppEndpoint, newVppEndpoint);
return Futures.transform(vppEndpointDeleted(oldVppEndpoint),
private ListenableFuture<Void> deleteIfaceOnVpp(ConfigCommand deleteIfaceWithoutBdCommand,
DataBroker vppDataBroker, VppEndpoint vppEndpoint, InstanceIdentifier<?> vppNodeIid) {
- final boolean transactionState = GbpNetconfTransaction.deleteIfExists(vppDataBroker, deleteIfaceWithoutBdCommand,
- GbpNetconfTransaction.RETRY_COUNT);
+ final boolean transactionState = GbpNetconfTransaction.netconfSyncedDelete(vppDataBroker,
+ deleteIfaceWithoutBdCommand, GbpNetconfTransaction.RETRY_COUNT);
if (transactionState) {
LOG.debug("Delete interface on VPP command was successful: VPP: {} Command: {}", vppNodeIid,
deleteIfaceWithoutBdCommand);
}
}
- public static Optional<ConfigCommand> createInterfaceWithoutBdCommand(@Nonnull VppEndpoint vppEp,
+ private Optional<ConfigCommand> createInterfaceWithoutBdCommand(@Nonnull VppEndpoint vppEp,
@Nonnull Operations operations) {
if (!hasNodeAndInterface(vppEp)) {
LOG.debug("Interface command is not created for {}", vppEp);
return Optional.of(vhostUserCommand);
}
- private static Optional<ConfigCommand> createTapInterfaceWithoutBdCommand(@Nonnull VppEndpoint vppEp,
+ private Optional<ConfigCommand> createTapInterfaceWithoutBdCommand(@Nonnull VppEndpoint vppEp,
@Nonnull Operations operation) {
if (!hasNodeAndInterface(vppEp)) {
LOG.debug("Interface command is not created for {}", vppEp);
return Optional.of(tapPortCommand);
}
- private static Optional<ConfigCommand> createLoopbackWithoutBdCommand(@Nonnull VppEndpoint vppEp,
+ private Optional<ConfigCommand> createLoopbackWithoutBdCommand(@Nonnull VppEndpoint vppEp,
@Nonnull Operations operation) {
if (!hasNodeAndInterface(vppEp)) {
LOG.debug("Interface command is not created for {}", vppEp);
*/
public synchronized ListenableFuture<Void> addBridgeDomainToInterface(@Nonnull String bridgeDomainName,
@Nonnull AddressEndpointWithLocation addrEpWithLoc,
+ @Nonnull List<AccessListWrapper> aclWrappers,
boolean enableBvi) {
ExternalLocationCase epLoc = resolveAndValidateLocation(addrEpWithLoc);
InstanceIdentifier<?> vppNodeIid = epLoc.getExternalNodeMountPoint();
.setBridgedVirtualInterface(enableBvi)
.build()).build();
LOG.debug("Adding bridge domain {} to interface {}", bridgeDomainName, interfacePath);
- final boolean transactionState = GbpNetconfTransaction.write(mountpoint, l2Iid, l2,
+ final boolean transactionState = GbpNetconfTransaction.netconfSyncedWrite(mountpoint, l2Iid, l2,
GbpNetconfTransaction.RETRY_COUNT);
if (transactionState) {
LOG.debug("Adding bridge domain {} to interface {} successful", bridgeDomainName, interfacePath);
+ Set<String> excludedIfaces = excludedFromPolicy.get(vppNodeIid.firstKeyOf(Node.class).getNodeId());
+ if(excludedIfaces == null || !excludedIfaces.contains(interfaceIid.firstKeyOf(Interface.class).getName())) {
+ // can apply ACLs on interfaces in bridge domains
+ aclWrappers.forEach(aclWrapper -> {
+ LOG.debug("Writing access list for interface {} on a node {}.", interfaceIid,
+ vppNodeIid);
+ aclWrapper.writeAcl(mountpoint, interfaceIid.firstKeyOf(Interface.class));
+ aclWrapper.writeAclRefOnIface(mountpoint, interfaceIid);
+ });
+ }
String bridgeDomainPath = VppPathMapper.bridgeDomainToRestPath(bridgeDomainName);
return vppEndpointLocationProvider.replaceLocationForEndpoint(new ExternalLocationCaseBuilder()
.setExternalNode(bridgeDomainPath)
.setBridgeDomain(bridgeDomainName)
.setBridgedVirtualInterface(enableBvi)
.build()).build();
- final boolean transactionState = GbpNetconfTransaction.write(mountPoint, VppIidFactory.getL2ForInterfaceIid(ifaceKey),
- l2, GbpNetconfTransaction.RETRY_COUNT);
+ final boolean transactionState = GbpNetconfTransaction.netconfSyncedWrite(mountPoint,
+ VppIidFactory.getL2ForInterfaceIid(ifaceKey), l2, GbpNetconfTransaction.RETRY_COUNT);
if (transactionState) {
LOG.debug("Adding bridge domain {} to interface {}", bridgeDomainName, VppIidFactory.getInterfaceIID(ifaceKey));
return Futures.immediateFuture(null);
LOG.warn("Interface already not in bridge domain {} ", ifaceKey);
return Futures.immediateFuture(null);
}
- final boolean transactionState = GbpNetconfTransaction.deleteIfExists(mountPoint,
+ final boolean transactionState = GbpNetconfTransaction.netconfSyncedDelete(mountPoint,
VppIidFactory.getL2ForInterfaceIid(ifaceKey), GbpNetconfTransaction.RETRY_COUNT);
if (transactionState) {
LOG.debug("Removing bridge domain from interface {}", VppIidFactory.getInterfaceIID(ifaceKey));
private L2Builder readL2ForInterface(DataBroker mountpoint, InterfaceKey ifaceKey) {
InstanceIdentifier<L2> l2Iid = VppIidFactory.getL2ForInterfaceIid(ifaceKey);
- final ReadWriteTransaction rwTxRead = mountpoint.newReadWriteTransaction();
+ final ReadOnlyTransaction rwTxRead = mountpoint.newReadOnlyTransaction();
Optional<L2> optL2 = DataStoreHelper.readFromDs(LogicalDatastoreType.CONFIGURATION, l2Iid, rwTxRead);
+ rwTxRead.close();
return (optL2.isPresent()) ? new L2Builder(optL2.get()) : new L2Builder();
}
* and {@link ExternalLocationCase#getExternalNodeConnector()} MUST NOT be {@code null}
* @return {@link ListenableFuture}
*/
- public synchronized
- @Nonnull
- ListenableFuture<Void> deleteBridgeDomainFromInterface(
+ public synchronized @Nonnull ListenableFuture<Void> deleteBridgeDomainFromInterface(
@Nonnull AddressEndpointWithLocation addrEpWithLoc) {
+ // TODO update ACLs for peers
ExternalLocationCase epLoc = resolveAndValidateLocation(addrEpWithLoc);
InstanceIdentifier<?> vppNodeIid = epLoc.getExternalNodeMountPoint();
String interfacePath = epLoc.getExternalNodeConnector();
LOG.debug("Bridge domain does not exist therefore it is considered as deleted for interface {}",
interfacePath);
// bridge domain does not exist on interface so we consider job done
- return vppEndpointLocationProvider.replaceLocationForEndpoint(new ExternalLocationCaseBuilder()
- .setExternalNode(null)
- .setExternalNodeMountPoint(vppNodeIid)
- .setExternalNodeConnector(interfacePath)
- .build(), addrEpWithLoc.getKey());
+ return vppEndpointLocationProvider.replaceLocationForEndpoint(
+ new ExternalLocationCaseBuilder().setExternalNode(null)
+ .setExternalNodeMountPoint(vppNodeIid)
+ .setExternalNodeConnector(interfacePath)
+ .build(),
+ addrEpWithLoc.getKey());
}
InstanceIdentifier<L2> l2Iid =
interfaceIid.builder().augmentation(VppInterfaceAugmentation.class).child(L2.class).build();
LOG.debug("Deleting bridge domain from interface {}", interfacePath);
- final boolean transactionState = GbpNetconfTransaction.deleteIfExists(mountpoint, l2Iid,
- GbpNetconfTransaction.RETRY_COUNT);
+ final boolean transactionState =
+ GbpNetconfTransaction.netconfSyncedDelete(mountpoint, l2Iid, GbpNetconfTransaction.RETRY_COUNT);
if (transactionState) {
- return vppEndpointLocationProvider.replaceLocationForEndpoint(new ExternalLocationCaseBuilder()
- .setExternalNode(null)
- .setExternalNodeMountPoint(vppNodeIid)
- .setExternalNodeConnector(interfacePath)
- .build(), addrEpWithLoc.getKey());
+ AccessListWrapper.removeAclRefFromIface(mountpoint, interfaceIid.firstKeyOf(Interface.class));
+ AccessListWrapper.removeAclsForInterface(mountpoint, interfaceIid.firstKeyOf(Interface.class));
+ return vppEndpointLocationProvider.replaceLocationForEndpoint(
+ new ExternalLocationCaseBuilder().setExternalNode(null)
+ .setExternalNodeMountPoint(vppNodeIid)
+ .setExternalNodeConnector(interfacePath)
+ .build(),
+ addrEpWithLoc.getKey());
} else {
final String message = "Failed to delete bridge domain from interface " + interfacePath;
LOG.warn(message);
}
}
- private static ExternalLocationCase resolveAndValidateLocation(AddressEndpointWithLocation addrEpWithLoc) {
+ static ExternalLocationCase resolveAndValidateLocation(AddressEndpointWithLocation addrEpWithLoc) {
LocationType locationType = addrEpWithLoc.getAbsoluteLocation().getLocationType();
if (!(locationType instanceof ExternalLocationCase)) {
throw new IllegalArgumentException("Endpoint does not have external location " + addrEpWithLoc);
Code Review / groupbasedpolicy.git / blobdiff