import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.controller.md.sal.binding.api.WriteTransaction;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
+import org.opendaylight.groupbasedpolicy.renderer.util.AddressEndpointUtils;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.config.ConfigUtil;
import org.opendaylight.groupbasedpolicy.renderer.vpp.event.NodeOperEvent;
import org.opendaylight.groupbasedpolicy.renderer.vpp.event.RendererPolicyConfEvent;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AclManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.KeyFactory;
import org.opendaylight.groupbasedpolicy.util.IidFactory;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.endpoints.address.endpoints.AddressEndpointKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.absolute.location.location.type.ExternalLocationCase;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.has.rule.group.with.renderer.endpoint.participation.RuleGroupWithRendererEndpointParticipation;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.RendererPolicy;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.RendererPolicyBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.RendererForwarding;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.endpoints.AddressEndpointWithLocation;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.renderer.endpoints.RendererEndpointKey;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.renderer.endpoints.renderer.endpoint.PeerEndpoint;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.rule.groups.RuleGroupKey;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NodeId;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.Node;
import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
import com.google.common.util.concurrent.FutureCallback;
import com.google.common.util.concurrent.Futures;
+
public class VppRendererPolicyManager {
private static final Logger LOG = LoggerFactory.getLogger(VppRendererPolicyManager.class);
private final DataBroker dataProvider;
private ForwardingManager fwManager;
+ private final AclManager aclManager;
- public VppRendererPolicyManager(@Nonnull ForwardingManager fwManager, @Nonnull DataBroker dataProvider) {
+ public VppRendererPolicyManager(@Nonnull ForwardingManager fwManager, @Nonnull AclManager aclManager,
+ @Nonnull DataBroker dataProvider) {
this.fwManager = Preconditions.checkNotNull(fwManager);
this.dataProvider = Preconditions.checkNotNull(dataProvider);
+ this.aclManager = Preconditions.checkNotNull(aclManager);
}
@Subscribe
@Override
public void onSuccess(Void result) {
- LOG.debug("Renderer updated renderer policy {}", response);
+ LOG.info("Renderer updated renderer policy to version {}", response.getVersion());
}
@Override
public void onFailure(Throwable t) {
- LOG.warn("Renderer DIDN'T update renderer-policy {}", response);
+ LOG.warn("Renderer failed to update renderer-policy to version {}", response.getVersion());
}
});
}
private void rendererPolicyUpdated(RendererPolicy rPolicyBefore, RendererPolicy rPolicyAfter) {
+ LOG.trace("VPP renderer policy updated");
PolicyContext policyCtxBefore = new PolicyContext(rPolicyBefore);
PolicyContext policyCtxAfter = new PolicyContext(rPolicyAfter);
-
+ aclManager.cacheMultiInterfaces(policyCtxAfter);
MapDifference<String, Collection<NodeId>> vppNodesByL2FlDiff =
createDiffForVppNodesByL2Fd(policyCtxBefore, policyCtxAfter);
SetMultimap<String, NodeId> removedVppNodesByL2Fd = HashMultimap.create();
SetMultimap<String, NodeId> createdVppNodesByL2Fd = HashMultimap.create();
for (Entry<String, ValueDifference<Collection<NodeId>>> entry : vppNodesByL2FlDiff.entriesDiffering()
- .entrySet()) {
+ .entrySet()) {
String bridgeDomain = entry.getKey();
Collection<NodeId> beforeNodes = entry.getValue().leftValue();
Collection<NodeId> afterNodes = entry.getValue().rightValue();
LOG.debug("Removed renderer endpoints {}", removedRendEps);
removedRendEps.forEach(rEpKey -> fwManager.removeForwardingForEndpoint(rEpKey, policyCtxBefore));
- LOG.debug("Removed bridge domains on nodes {}", removedVppNodesByL2Fd);
- LOG.debug("Created bridge domains on nodes {}", createdVppNodesByL2Fd);
- fwManager.removeBridgeDomainOnNodes(removedVppNodesByL2Fd);
- fwManager.createBridgeDomainOnNodes(createdVppNodesByL2Fd);
+ if (!ConfigUtil.getInstance().isL3FlatEnabled()) {
+ LOG.debug("Removing bridge domains on nodes {}", removedVppNodesByL2Fd);
+ fwManager.removeBridgeDomainOnNodes(removedVppNodesByL2Fd);
+ LOG.debug("Creating bridge domains on nodes {}", createdVppNodesByL2Fd);
+ fwManager.createBridgeDomainOnNodes(createdVppNodesByL2Fd);
+ } else {
+ if (rPolicyBefore.getConfiguration() != null) {
+ RendererForwarding rendererForwardingBefore = rPolicyBefore.getConfiguration().getRendererForwarding();
+
+ SetMultimap<String, NodeId> vppNodesByL2FdBefore =
+ resolveVppNodesByL2Fd(policyCtxBefore.getPolicyTable().rowKeySet(), policyCtxBefore);
+ if (!vppNodesByL2FdBefore.isEmpty()) {
+ LOG.debug("Deleting DhcpRelay for forwarding: {}, on VPP nodes: {}", rendererForwardingBefore,
+ vppNodesByL2FdBefore);
+ fwManager.deleteDhcpRelay(rendererForwardingBefore, vppNodesByL2FdBefore);
+ }
+ }
+
+ if (rPolicyAfter.getConfiguration() != null) {
+ RendererForwarding rendererForwardingAfter = rPolicyAfter.getConfiguration().getRendererForwarding();
+ SetMultimap<String, NodeId> vppNodesByL2FdAfter =
+ resolveVppNodesByL2Fd(policyCtxAfter.getPolicyTable().rowKeySet(), policyCtxAfter);
+ if (!vppNodesByL2FdAfter.isEmpty()) {
+ LOG.debug("Creating DhcpRelay for forwarding: {}, on VPP nodes: {}", rendererForwardingAfter,
+ vppNodesByL2FdAfter);
+ fwManager.createDhcpRelay(rendererForwardingAfter, vppNodesByL2FdAfter);
+ }
+ }
+ }
+
+ fwManager.syncNatEntries(policyCtxAfter);
+
+ fwManager.deleteRouting(policyCtxBefore);
+ fwManager.syncRouting(policyCtxAfter);
SetView<RendererEndpointKey> createdRendEps = Sets.difference(rendEpsAfter, rendEpsBefore);
LOG.debug("Created renderer endpoints {}", createdRendEps);
fwManager.createForwardingForEndpoint(rEpKey, policyCtxAfter);
}
});
+ updatePolicy(policyCtxBefore, policyCtxAfter);
+ }
+
+ /**
+ * Looks for changed rule groups in {@code policyCtxBefore} and {@code policyCtxAfter}.
+ * Access lists are updated for endpoints in {@code policyCtxAfter} affected by changed rule
+ * groups.
+ *
+ * @param policyCtxBefore policy before
+ * @param policyCtxAfter policy after
+ */
+ private void updatePolicy(PolicyContext policyCtxBefore, PolicyContext policyCtxAfter) {
+ LOG.info("Updating policy by rule groups.");
+ Set<RuleGroupKey> diffRuleGroups = new HashSet<>();
+ diffRuleGroups.addAll(Sets.difference(policyCtxBefore.getRuleGroupByKey().keySet(),
+ policyCtxAfter.getRuleGroupByKey().keySet()));
+ diffRuleGroups.addAll(Sets.difference(policyCtxAfter.getRuleGroupByKey().keySet(), policyCtxBefore.getRuleGroupByKey().keySet()));
+ LOG.trace("Rule groups changed: {} ", diffRuleGroups.size());
+ Set<RendererEndpointKey> updates = new HashSet<>();
+ for (PolicyContext policy : new PolicyContext[] {policyCtxBefore, policyCtxAfter}) {
+ if (policy.getPolicy().getConfiguration() == null
+ || policy.getPolicy().getConfiguration().getRendererEndpoints() == null
+ || policy.getPolicy().getConfiguration().getRendererEndpoints().getRendererEndpoint() == null) {
+ continue;
+ }
+ policy.getPolicy()
+ .getConfiguration()
+ .getRendererEndpoints()
+ .getRendererEndpoint()
+ .stream()
+ .filter(rEp -> !updates.contains(rEp.getKey()))
+ .forEach(rEp -> {
+ for (PeerEndpoint pEp : rEp.getPeerEndpoint()) {
+ for (RuleGroupWithRendererEndpointParticipation rg : pEp
+ .getRuleGroupWithRendererEndpointParticipation()) {
+ if (!diffRuleGroups.contains(
+ new RuleGroupKey(rg.getContractId(), rg.getSubjectName(), rg.getTenantId()))) {
+ continue;
+ }
+ if (!policy.equals(policyCtxBefore)) {
+ updates.add(rEp.getKey());
+ AddressEndpointKey k1 = AddressEndpointUtils.fromPeerEpKey(pEp.getKey());
+ updates.add(AddressEndpointUtils.toRendererEpKey(k1));
+ }
+ }
+ }
+ });
+ }
+ for (RendererEndpointKey rEpKey : updates) {
+ aclManager.updateAclsForRendEp(rEpKey, policyCtxAfter);
+ }
}
private static boolean isLocationChanged(AddressEndpointWithLocation before, AddressEndpointWithLocation after) {
ExternalLocationCase locationBefore = ForwardingManager.resolveAndValidateLocation(before);
ExternalLocationCase locationAfter = ForwardingManager.resolveAndValidateLocation(after);
+ if(locationBefore == null && locationAfter == null) {
+ return false;
+ }
+ if(locationBefore == null || locationAfter == null) {
+ return true;
+ }
return !locationBefore.equals(locationAfter);
}
private static MapDifference<String, Collection<NodeId>> createDiffForVppNodesByL2Fd(PolicyContext policyCtxBefore,
- PolicyContext policyCtxAfter) {
+ PolicyContext policyCtxAfter) {
ImmutableSet<RendererEndpointKey> rendEpsBefore = policyCtxBefore.getPolicyTable().rowKeySet();
ImmutableSet<RendererEndpointKey> rendEpsAfter = policyCtxAfter.getPolicyTable().rowKeySet();
SetMultimap<String, NodeId> vppNodesByL2FdBefore = resolveVppNodesByL2Fd(rendEpsBefore, policyCtxBefore);
}
private void rendererPolicyCreated(RendererPolicy rPolicy) {
+ LOG.trace("VPP renderer policy version {} created", rPolicy.getVersion());
PolicyContext policyCtx = new PolicyContext(rPolicy);
+ aclManager.cacheMultiInterfaces(policyCtx);
ImmutableSet<RendererEndpointKey> rEpKeys = policyCtx.getPolicyTable().rowKeySet();
-
SetMultimap<String, NodeId> vppNodesByL2Fd = resolveVppNodesByL2Fd(rEpKeys, policyCtx);
- fwManager.createBridgeDomainOnNodes(vppNodesByL2Fd);
+ if (!ConfigUtil.getInstance().isL3FlatEnabled()) {
+ fwManager.createBridgeDomainOnNodes(vppNodesByL2Fd);
+ } else {
+ RendererForwarding rendererForwarding = rPolicy.getConfiguration().getRendererForwarding();
+ fwManager.createDhcpRelay(rendererForwarding, vppNodesByL2Fd);
+ }
+ fwManager.syncNatEntries(policyCtx);
+ fwManager.syncRouting(policyCtx);
rEpKeys.forEach(rEpKey -> fwManager.createForwardingForEndpoint(rEpKey, policyCtx));
}
private void rendererPolicyDeleted(RendererPolicy rendererPolicy) {
+ LOG.trace("VPP renderer policy version {} deleted", rendererPolicy.getVersion());
PolicyContext policyCtx = new PolicyContext(rendererPolicy);
+ aclManager.cacheMultiInterfaces(policyCtx);
ImmutableSet<RendererEndpointKey> rEpKeys = policyCtx.getPolicyTable().rowKeySet();
rEpKeys.forEach(rEpKey -> fwManager.removeForwardingForEndpoint(rEpKey, policyCtx));
-
SetMultimap<String, NodeId> vppNodesByL2Fd = resolveVppNodesByL2Fd(rEpKeys, policyCtx);
- fwManager.removeBridgeDomainOnNodes(vppNodesByL2Fd);
+ if (!ConfigUtil.getInstance().isL3FlatEnabled()) {
+ fwManager.removeBridgeDomainOnNodes(vppNodesByL2Fd);
+ } else {
+ RendererForwarding rendererForwarding = rendererPolicy.getConfiguration().getRendererForwarding();
+ fwManager.deleteDhcpRelay(rendererForwarding, vppNodesByL2Fd);
+ }
+ fwManager.deleteNatEntries(policyCtx);
+ fwManager.deleteRouting(policyCtx);
}
private static SetMultimap<String, NodeId> resolveVppNodesByL2Fd(Set<RendererEndpointKey> rEpKeys,
- PolicyContext policyCtx) {
+ PolicyContext policyCtx) {
SetMultimap<String, NodeId> vppNodesByL2Fd = HashMultimap.create();
rEpKeys.stream()
- .map(rEpKey -> KeyFactory.addressEndpointKey(rEpKey))
- .map(addrEpKey -> policyCtx.getAddrEpByKey().get(addrEpKey))
- .collect(Collectors.toSet())
- .forEach(addrEpWithLoc -> {
- java.util.Optional<String> optL2Fd = ForwardingManager.resolveL2FloodDomain(addrEpWithLoc, policyCtx);
- if (optL2Fd.isPresent()) {
- ExternalLocationCase rEpLoc = ForwardingManager.resolveAndValidateLocation(addrEpWithLoc);
- InstanceIdentifier<?> externalNodeMountPoint = rEpLoc.getExternalNodeMountPoint();
- NodeId vppNode = externalNodeMountPoint.firstKeyOf(Node.class).getNodeId();
- vppNodesByL2Fd.put(optL2Fd.get(), vppNode);
- }
- });
+ .map(rEpKey -> KeyFactory.addressEndpointKey(rEpKey))
+ .map(addrEpKey -> policyCtx.getAddrEpByKey().get(addrEpKey))
+ .collect(Collectors.toSet())
+ .forEach(addrEpWithLoc -> {
+ java.util.Optional<String> optL2Fd = ForwardingManager.resolveL2FloodDomain(addrEpWithLoc, policyCtx);
+ if (optL2Fd.isPresent()) {
+ ExternalLocationCase rEpLoc = ForwardingManager.resolveAndValidateLocation(addrEpWithLoc);
+ if (rEpLoc != null) {
+ InstanceIdentifier<?> externalNodeMountPoint = rEpLoc.getExternalNodeMountPoint();
+ NodeId vppNode = externalNodeMountPoint.firstKeyOf(Node.class).getNodeId();
+ vppNodesByL2Fd.put(optL2Fd.get(), vppNode);
+ }
+ }
+ });
return vppNodesByL2Fd;
}
Code Review / groupbasedpolicy.git / blobdiff