package org.opendaylight.groupbasedpolicy.renderer.vpp.policy;
+import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
+import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.controller.md.sal.binding.api.WriteTransaction;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
-import org.opendaylight.groupbasedpolicy.renderer.util.AddressEndpointUtils;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.commands.DhcpRelayCommand;
import org.opendaylight.groupbasedpolicy.renderer.vpp.config.ConfigUtil;
import org.opendaylight.groupbasedpolicy.renderer.vpp.event.NodeOperEvent;
import org.opendaylight.groupbasedpolicy.renderer.vpp.event.RendererPolicyConfEvent;
import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AclManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.KeyFactory;
import org.opendaylight.groupbasedpolicy.util.IidFactory;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.endpoints.address.endpoints.AddressEndpointKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.absolute.location.location.type.ExternalLocationCase;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.has.rule.group.with.renderer.endpoint.participation.RuleGroupWithRendererEndpointParticipation;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.RendererPolicy;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.RendererPolicyBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.RendererForwarding;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.endpoints.AddressEndpointWithLocation;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.renderer.endpoints.RendererEndpointKey;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.renderer.endpoints.renderer.endpoint.PeerEndpoint;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.rule.groups.RuleGroupKey;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NodeId;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.Node;
import com.google.common.collect.Sets;
import com.google.common.collect.Sets.SetView;
import com.google.common.eventbus.Subscribe;
-import com.google.common.util.concurrent.FutureCallback;
-import com.google.common.util.concurrent.Futures;
-
public class VppRendererPolicyManager {
private final AclManager aclManager;
public VppRendererPolicyManager(@Nonnull ForwardingManager fwManager, @Nonnull AclManager aclManager,
- @Nonnull DataBroker dataProvider) {
+ @Nonnull DataBroker dataProvider) {
this.fwManager = Preconditions.checkNotNull(fwManager);
this.dataProvider = Preconditions.checkNotNull(dataProvider);
this.aclManager = Preconditions.checkNotNull(aclManager);
RendererPolicy response = responseBuilder.build();
wTx.put(LogicalDatastoreType.OPERATIONAL, IidFactory.rendererIid(VppRenderer.NAME).child(RendererPolicy.class),
response, true);
- Futures.addCallback(wTx.submit(), new FutureCallback<Void>() {
-
- @Override
- public void onSuccess(Void result) {
- LOG.info("Renderer updated renderer policy to version {}", response.getVersion());
- }
-
- @Override
- public void onFailure(Throwable t) {
- LOG.warn("Renderer failed to update renderer-policy to version {}", response.getVersion());
- }
- });
+ try {
+ wTx.submit().get();
+ } catch (Exception ex) {
+ LOG.trace("Got Exception in renderer policy update. Exception: {}", ex);
+ }
}
private void rendererPolicyUpdated(RendererPolicy rPolicyBefore, RendererPolicy rPolicyAfter) {
LOG.trace("VPP renderer policy updated");
PolicyContext policyCtxBefore = new PolicyContext(rPolicyBefore);
PolicyContext policyCtxAfter = new PolicyContext(rPolicyAfter);
- aclManager.cacheMultiInterfaces(policyCtxAfter);
+ aclManager.cacheEndpointsByInterfaces(policyCtxAfter);
MapDifference<String, Collection<NodeId>> vppNodesByL2FlDiff =
createDiffForVppNodesByL2Fd(policyCtxBefore, policyCtxAfter);
SetMultimap<String, NodeId> removedVppNodesByL2Fd = HashMultimap.create();
SetMultimap<String, NodeId> createdVppNodesByL2Fd = HashMultimap.create();
for (Entry<String, ValueDifference<Collection<NodeId>>> entry : vppNodesByL2FlDiff.entriesDiffering()
- .entrySet()) {
+ .entrySet()) {
String bridgeDomain = entry.getKey();
Collection<NodeId> beforeNodes = entry.getValue().leftValue();
Collection<NodeId> afterNodes = entry.getValue().rightValue();
ImmutableSet<RendererEndpointKey> rendEpsAfter = policyCtxAfter.getPolicyTable().rowKeySet();
SetView<RendererEndpointKey> removedRendEps = Sets.difference(rendEpsBefore, rendEpsAfter);
- LOG.debug("Removed renderer endpoints {}", removedRendEps);
removedRendEps.forEach(rEpKey -> fwManager.removeForwardingForEndpoint(rEpKey, policyCtxBefore));
if (!ConfigUtil.getInstance().isL3FlatEnabled()) {
LOG.debug("Creating bridge domains on nodes {}", createdVppNodesByL2Fd);
fwManager.createBridgeDomainOnNodes(createdVppNodesByL2Fd);
} else {
+ List<DhcpRelayCommand> deletedDhcpRelays = new ArrayList<>();
+ List<DhcpRelayCommand> createdDhcpRelays = new ArrayList<>();
if (rPolicyBefore.getConfiguration() != null) {
RendererForwarding rendererForwardingBefore = rPolicyBefore.getConfiguration().getRendererForwarding();
SetMultimap<String, NodeId> vppNodesByL2FdBefore =
- resolveVppNodesByL2Fd(policyCtxBefore.getPolicyTable().rowKeySet(), policyCtxBefore);
+ resolveVppNodesByL2Fd(policyCtxBefore.getPolicyTable().rowKeySet(), policyCtxBefore);
if (!vppNodesByL2FdBefore.isEmpty()) {
- LOG.debug("Deleting DhcpRelay for forwarding: {}, on VPP nodes: {}", rendererForwardingBefore,
- vppNodesByL2FdBefore);
- fwManager.deleteDhcpRelay(rendererForwardingBefore, vppNodesByL2FdBefore);
+ deletedDhcpRelays = fwManager.deleteDhcpRelay(rendererForwardingBefore, vppNodesByL2FdBefore);
}
}
if (rPolicyAfter.getConfiguration() != null) {
RendererForwarding rendererForwardingAfter = rPolicyAfter.getConfiguration().getRendererForwarding();
SetMultimap<String, NodeId> vppNodesByL2FdAfter =
- resolveVppNodesByL2Fd(policyCtxAfter.getPolicyTable().rowKeySet(), policyCtxAfter);
+ resolveVppNodesByL2Fd(policyCtxAfter.getPolicyTable().rowKeySet(), policyCtxAfter);
if (!vppNodesByL2FdAfter.isEmpty()) {
- LOG.debug("Creating DhcpRelay for forwarding: {}, on VPP nodes: {}", rendererForwardingAfter,
- vppNodesByL2FdAfter);
- fwManager.createDhcpRelay(rendererForwardingAfter, vppNodesByL2FdAfter);
+ createdDhcpRelays = fwManager.createDhcpRelay(rendererForwardingAfter, vppNodesByL2FdAfter);
}
}
+
+ fwManager.syncDhcpRelay(createdDhcpRelays, deletedDhcpRelays);
}
fwManager.syncNatEntries(policyCtxAfter);
fwManager.syncRouting(policyCtxAfter);
SetView<RendererEndpointKey> createdRendEps = Sets.difference(rendEpsAfter, rendEpsBefore);
- LOG.debug("Created renderer endpoints {}", createdRendEps);
createdRendEps.forEach(rEpKey -> fwManager.createForwardingForEndpoint(rEpKey, policyCtxAfter));
SetView<RendererEndpointKey> updatedRendEps = Sets.intersection(rendEpsBefore, rendEpsAfter);
- LOG.debug("Updated renderer endpoints {}", updatedRendEps);
// update forwarding for endpoint
updatedRendEps.forEach(rEpKey -> {
AddressEndpointWithLocation addrEpWithLocBefore =
fwManager.createForwardingForEndpoint(rEpKey, policyCtxAfter);
}
});
- updatePolicy(policyCtxBefore, policyCtxAfter);
- }
-
- /**
- * Looks for changed rule groups in {@code policyCtxBefore} and {@code policyCtxAfter}.
- * Access lists are updated for endpoints in {@code policyCtxAfter} affected by changed rule
- * groups.
- *
- * @param policyCtxBefore policy before
- * @param policyCtxAfter policy after
- */
- private void updatePolicy(PolicyContext policyCtxBefore, PolicyContext policyCtxAfter) {
- LOG.info("Updating policy by rule groups.");
- Set<RuleGroupKey> diffRuleGroups = new HashSet<>();
- diffRuleGroups.addAll(Sets.difference(policyCtxBefore.getRuleGroupByKey().keySet(),
- policyCtxAfter.getRuleGroupByKey().keySet()));
- diffRuleGroups.addAll(Sets.difference(policyCtxAfter.getRuleGroupByKey().keySet(), policyCtxBefore.getRuleGroupByKey().keySet()));
- LOG.trace("Rule groups changed: {} ", diffRuleGroups.size());
- Set<RendererEndpointKey> updates = new HashSet<>();
- for (PolicyContext policy : new PolicyContext[] {policyCtxBefore, policyCtxAfter}) {
- if (policy.getPolicy().getConfiguration() == null
- || policy.getPolicy().getConfiguration().getRendererEndpoints() == null
- || policy.getPolicy().getConfiguration().getRendererEndpoints().getRendererEndpoint() == null) {
- continue;
- }
- policy.getPolicy()
- .getConfiguration()
- .getRendererEndpoints()
- .getRendererEndpoint()
- .stream()
- .filter(rEp -> !updates.contains(rEp.getKey()))
- .forEach(rEp -> {
- for (PeerEndpoint pEp : rEp.getPeerEndpoint()) {
- for (RuleGroupWithRendererEndpointParticipation rg : pEp
- .getRuleGroupWithRendererEndpointParticipation()) {
- if (!diffRuleGroups.contains(
- new RuleGroupKey(rg.getContractId(), rg.getSubjectName(), rg.getTenantId()))) {
- continue;
- }
- LOG.debug("Updated resolved rule group: {}. Affected endpoints {} and {}.", rg.getKey(), rEp.getKey(), pEp.getKey());
- updates.add(rEp.getKey());
- AddressEndpointKey k1 = AddressEndpointUtils.fromPeerEpKey(pEp.getKey());
- updates.add(AddressEndpointUtils.toRendererEpKey(k1));
- }
- }
- });
- }
- for (RendererEndpointKey rEpKey : updates) {
- aclManager.updateAclsForRendEp(rEpKey, policyCtxAfter);
- }
+ ImmutableSet<RuleGroupKey> rulesBefore = policyCtxAfter.getRuleGroupByKey().keySet();
+ ImmutableSet<RuleGroupKey> rulesAfter = policyCtxBefore.getRuleGroupByKey().keySet();
+ SetView<RuleGroupKey> removedRules = Sets.difference(rulesAfter, rulesBefore);
+ SetView<RuleGroupKey> createdRules = Sets.difference(rulesBefore, rulesAfter);
+ LOG.debug("Updated rules: {}", Sets.intersection(rulesBefore, rulesAfter));
+ LOG.debug("Removed rules {}", removedRules);
+ LOG.debug("Created rules {}", createdRules);
+ LOG.debug("Updated renderer endpoints {}", updatedRendEps);
+ LOG.debug("Created renderer endpoints {}", createdRendEps);
+ LOG.debug("Updated renderer endpoints {}", updatedRendEps);
+ aclManager.resolveRulesToConfigure(policyCtxBefore, removedRendEps, removedRules, false);
+ aclManager.resolveRulesToConfigure(policyCtxAfter, createdRendEps, createdRules, true);
}
private static boolean isLocationChanged(AddressEndpointWithLocation before, AddressEndpointWithLocation after) {
ExternalLocationCase locationBefore = ForwardingManager.resolveAndValidateLocation(before);
ExternalLocationCase locationAfter = ForwardingManager.resolveAndValidateLocation(after);
+ if (locationBefore == null && locationAfter == null) {
+ return false;
+ }
+ if (locationBefore == null || locationAfter == null) {
+ return true;
+ }
return !locationBefore.equals(locationAfter);
}
private static MapDifference<String, Collection<NodeId>> createDiffForVppNodesByL2Fd(PolicyContext policyCtxBefore,
- PolicyContext policyCtxAfter) {
+ PolicyContext policyCtxAfter) {
ImmutableSet<RendererEndpointKey> rendEpsBefore = policyCtxBefore.getPolicyTable().rowKeySet();
ImmutableSet<RendererEndpointKey> rendEpsAfter = policyCtxAfter.getPolicyTable().rowKeySet();
SetMultimap<String, NodeId> vppNodesByL2FdBefore = resolveVppNodesByL2Fd(rendEpsBefore, policyCtxBefore);
private void rendererPolicyCreated(RendererPolicy rPolicy) {
LOG.trace("VPP renderer policy version {} created", rPolicy.getVersion());
PolicyContext policyCtx = new PolicyContext(rPolicy);
- aclManager.cacheMultiInterfaces(policyCtx);
+ aclManager.cacheEndpointsByInterfaces(policyCtx);
ImmutableSet<RendererEndpointKey> rEpKeys = policyCtx.getPolicyTable().rowKeySet();
SetMultimap<String, NodeId> vppNodesByL2Fd = resolveVppNodesByL2Fd(rEpKeys, policyCtx);
if (!ConfigUtil.getInstance().isL3FlatEnabled()) {
fwManager.createBridgeDomainOnNodes(vppNodesByL2Fd);
} else {
RendererForwarding rendererForwarding = rPolicy.getConfiguration().getRendererForwarding();
- fwManager.createDhcpRelay(rendererForwarding, vppNodesByL2Fd);
+ List<DhcpRelayCommand> createdDhcpRelays = fwManager.createDhcpRelay(rendererForwarding, vppNodesByL2Fd);
+ fwManager.syncDhcpRelay(createdDhcpRelays, new ArrayList<>());
}
+ rEpKeys.forEach(rEpKey -> fwManager.createForwardingForEndpoint(rEpKey, policyCtx));
fwManager.syncNatEntries(policyCtx);
fwManager.syncRouting(policyCtx);
- rEpKeys.forEach(rEpKey -> fwManager.createForwardingForEndpoint(rEpKey, policyCtx));
}
private void rendererPolicyDeleted(RendererPolicy rendererPolicy) {
LOG.trace("VPP renderer policy version {} deleted", rendererPolicy.getVersion());
PolicyContext policyCtx = new PolicyContext(rendererPolicy);
- aclManager.cacheMultiInterfaces(policyCtx);
+ aclManager.cacheEndpointsByInterfaces(policyCtx);
ImmutableSet<RendererEndpointKey> rEpKeys = policyCtx.getPolicyTable().rowKeySet();
rEpKeys.forEach(rEpKey -> fwManager.removeForwardingForEndpoint(rEpKey, policyCtx));
fwManager.removeBridgeDomainOnNodes(vppNodesByL2Fd);
} else {
RendererForwarding rendererForwarding = rendererPolicy.getConfiguration().getRendererForwarding();
- fwManager.deleteDhcpRelay(rendererForwarding, vppNodesByL2Fd);
+ List<DhcpRelayCommand> deletedDhcpRelays = fwManager.deleteDhcpRelay(rendererForwarding, vppNodesByL2Fd);
+ fwManager.syncDhcpRelay(new ArrayList<>(), deletedDhcpRelays);
}
fwManager.deleteNatEntries(policyCtx);
fwManager.deleteRouting(policyCtx);
}
private static SetMultimap<String, NodeId> resolveVppNodesByL2Fd(Set<RendererEndpointKey> rEpKeys,
- PolicyContext policyCtx) {
+ PolicyContext policyCtx) {
SetMultimap<String, NodeId> vppNodesByL2Fd = HashMultimap.create();
rEpKeys.stream()
- .map(rEpKey -> KeyFactory.addressEndpointKey(rEpKey))
- .map(addrEpKey -> policyCtx.getAddrEpByKey().get(addrEpKey))
- .collect(Collectors.toSet())
- .forEach(addrEpWithLoc -> {
- java.util.Optional<String> optL2Fd = ForwardingManager.resolveL2FloodDomain(addrEpWithLoc, policyCtx);
- if (optL2Fd.isPresent()) {
- ExternalLocationCase rEpLoc = ForwardingManager.resolveAndValidateLocation(addrEpWithLoc);
- InstanceIdentifier<?> externalNodeMountPoint = rEpLoc.getExternalNodeMountPoint();
- NodeId vppNode = externalNodeMountPoint.firstKeyOf(Node.class).getNodeId();
- vppNodesByL2Fd.put(optL2Fd.get(), vppNode);
- }
- });
+ .map(rEpKey -> KeyFactory.addressEndpointKey(rEpKey))
+ .map(addrEpKey -> policyCtx.getAddrEpByKey().get(addrEpKey))
+ .collect(Collectors.toSet())
+ .forEach(addrEpWithLoc -> {
+ java.util.Optional<String> optL2Fd = ForwardingManager.resolveL2FloodDomain(addrEpWithLoc, policyCtx);
+ if (optL2Fd.isPresent()) {
+ ExternalLocationCase rEpLoc = ForwardingManager.resolveAndValidateLocation(addrEpWithLoc);
+ if (rEpLoc != null) {
+ InstanceIdentifier<?> externalNodeMountPoint = rEpLoc.getExternalNodeMountPoint();
+ NodeId vppNode = externalNodeMountPoint.firstKeyOf(Node.class).getNodeId();
+ vppNodesByL2Fd.put(optL2Fd.get(), vppNode);
+ }
+ }
+ });
return vppNodesByL2Fd;
}