From b8405cdb6ecb2ca6c1be2e3f2627d9a29065a671 Mon Sep 17 00:00:00 2001 From: Konstantin Blagov Date: Tue, 28 Jun 2016 16:43:49 +0200 Subject: [PATCH] OF-overlay PolicyEnforcer tests, refactoring Change-Id: I59d42d2da28b4bfba00bdbced052dfb775fbecc2 Signed-off-by: Konstantin Blagov --- .../mapper/policyenforcer/PolicyEnforcer.java | 17 +- .../renderer/ofoverlay/sf/ChainAction.java | 8 +- .../ofoverlay/mapper/MapperUtilsTest.java | 304 +++++++------- .../policyenforcer/PolicyEnforcerTest.java | 379 ++++++++++-------- 4 files changed, 396 insertions(+), 312 deletions(-) diff --git a/renderers/ofoverlay/src/main/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/mapper/policyenforcer/PolicyEnforcer.java b/renderers/ofoverlay/src/main/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/mapper/policyenforcer/PolicyEnforcer.java index 11a872eff..6712cd455 100755 --- a/renderers/ofoverlay/src/main/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/mapper/policyenforcer/PolicyEnforcer.java +++ b/renderers/ofoverlay/src/main/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/mapper/policyenforcer/PolicyEnforcer.java @@ -56,6 +56,7 @@ import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.ta import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.FlowBuilder; import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.Match; import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.MatchBuilder; +import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.Instruction; import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.instruction.go.to.table._case.GoToTable; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClassifierDefinitionId; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ConditionName; @@ -144,9 +145,9 @@ import com.google.common.collect.Table.Cell; public class PolicyEnforcer extends FlowTable { private static final Logger LOG = LoggerFactory.getLogger(PolicyEnforcer.class); - public static short TABLE_ID; - private static org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.Instruction gotoEgressNatInstruction; - private static org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.Instruction gotoExternalInstruction; + private static short TABLE_ID; + private static Instruction gotoEgressNatInstruction; + private static Instruction gotoExternalInstruction; public PolicyEnforcer(OfContext ctx, short tableId) { super(ctx); @@ -598,8 +599,14 @@ public class PolicyEnforcer extends FlowTable { if ((!(actionRefList.indexOf(actionRef) == (actionRefList.size() - 1) && action.equals(SubjectFeatures.getAction(AllowActionDefinition.DEFINITION.getId())))) && actionBuilderList != null) { - actionBuilderList = action.updateAction(actionBuilderList, params, actionRef.getOrder(), - netElements, ofWriter, ctx, direction); + if (ctx.getDataBroker() != null) { + actionBuilderList = + action.updateAction(actionBuilderList, params, actionRef.getOrder(), netElements, ofWriter, ctx, direction); + } else { + LOG.error("DataBroket is null. Cannot update action {}", + action.getActionDef().getName().getValue()); + return null; + } } } } diff --git a/renderers/ofoverlay/src/main/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/sf/ChainAction.java b/renderers/ofoverlay/src/main/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/sf/ChainAction.java index f5bf7538a..b241ee6eb 100755 --- a/renderers/ofoverlay/src/main/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/sf/ChainAction.java +++ b/renderers/ofoverlay/src/main/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/sf/ChainAction.java @@ -286,9 +286,11 @@ public class ChainAction extends Action { public static ServiceFunctionPath getSfcPath(SfcName chainName) { ServiceFunctionPaths paths = SfcProviderServicePathAPI.readAllServiceFunctionPaths(); - for (ServiceFunctionPath path : paths.getServiceFunctionPath()) { - if (path.getServiceChainName().equals(chainName)) { - return path; + if (paths != null) { + for (ServiceFunctionPath path : paths.getServiceFunctionPath()) { + if (path.getServiceChainName().equals(chainName)) { + return path; + } } } return null; diff --git a/renderers/ofoverlay/src/test/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/mapper/MapperUtilsTest.java b/renderers/ofoverlay/src/test/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/mapper/MapperUtilsTest.java index fefcecd65..280f8434d 100644 --- a/renderers/ofoverlay/src/test/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/mapper/MapperUtilsTest.java +++ b/renderers/ofoverlay/src/test/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/mapper/MapperUtilsTest.java @@ -13,6 +13,7 @@ import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowTable; import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils; import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.node.SwitchManager; import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.sf.AllowAction; +import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.sf.ChainAction; import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.sf.Classifier; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpAddress; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpPrefix; @@ -50,6 +51,7 @@ import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.ofoverlay. import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValueBuilder; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.TenantBuilder; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.ForwardingContextBuilder; +import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.Policy; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.PolicyBuilder; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.forwarding.context.L2BridgeDomain; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.forwarding.context.L2BridgeDomainBuilder; @@ -65,6 +67,7 @@ import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.SubjectFeatureInstancesBuilder; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ConsumerNamedSelectorBuilder; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ProviderNamedSelectorBuilder; +import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ActionInstance; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ActionInstanceBuilder; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ClassifierInstanceBuilder; import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeConnectorId; @@ -106,6 +109,7 @@ public abstract class MapperUtilsTest { protected static final ContextId CONTEXT_ID = new L3ContextId("ctxId"); // Often used strings protected static final String ALLOW = "allow"; + protected static final String CHAIN = "chain"; protected static final String L2 = "L2"; protected static final String OPENFLOW = "openflow:"; protected static final String DROP_ALL = "dropAll"; @@ -121,35 +125,33 @@ public abstract class MapperUtilsTest { protected PolicyInfo policyInfo; protected FlowTable table; - protected FlowBuilder buildFlow(FlowId flowId, short tableId, Integer priority, Match match, Instructions instructions) { - FlowBuilder flowBuilder = FlowUtils.base(tableId); - flowBuilder.setId(flowId) - .setPriority(priority) - .setMatch(match) - .setInstructions(instructions); - return flowBuilder; + protected FlowBuilder buildFlow(FlowId flowId, short tableId, Integer priority, Match match, + Instructions instructions) { + return FlowUtils.base(tableId) + .setId(flowId) + .setPriority(priority) + .setMatch(match) + .setInstructions(instructions); } protected EndpointL3Builder buildL3Endpoint(Ipv4Address natIp, Ipv4Address ip, MacAddress mac, String l2bd) { Preconditions.checkNotNull(natIp); Preconditions.checkNotNull(ip); Preconditions.checkNotNull(mac); - EndpointL3Builder endpointL3Builder = new EndpointL3Builder(); - NatAddressBuilder natAddressBuilder = new NatAddressBuilder(); - natAddressBuilder.setNatAddress(new IpAddress(new Ipv4Address(natIp))); - endpointL3Builder.addAugmentation(NatAddress.class, natAddressBuilder.build()); - endpointL3Builder.setIpAddress(new IpAddress(ip)); - endpointL3Builder.setMacAddress(new MacAddress(mac)); + + NatAddress natAddress = new NatAddressBuilder().setNatAddress(new IpAddress(new Ipv4Address(natIp))).build(); + + EndpointL3Builder endpointL3Builder = new EndpointL3Builder().addAugmentation(NatAddress.class, natAddress) + .setIpAddress(new IpAddress(ip)) + .setMacAddress(new MacAddress(mac)); if (l2bd != null) { endpointL3Builder.setL2Context(new L2BridgeDomainId(l2bd)); } - if(ip.equals(IPV4_0)) { + if (ip.equals(IPV4_0)) { endpointL3Builder.setNetworkContainment(SUBNET_0); - } - else if(ip.equals(IPV4_1)) { + } else if (ip.equals(IPV4_1)) { endpointL3Builder.setNetworkContainment(SUBNET_1); - } - else if(ip.equals(IPV4_2)) { + } else if (ip.equals(IPV4_2)) { endpointL3Builder.setNetworkContainment(SUBNET_2); } return endpointL3Builder; @@ -159,13 +161,12 @@ public abstract class MapperUtilsTest { Preconditions.checkNotNull(natIp); Preconditions.checkNotNull(ip); Preconditions.checkNotNull(mac); - EndpointL3Builder endpointL3Builder = new EndpointL3Builder(); - NatAddressBuilder natAddressBuilder = new NatAddressBuilder(); - natAddressBuilder.setNatAddress(new IpAddress(new Ipv6Address(natIp))); - endpointL3Builder.addAugmentation(NatAddress.class, natAddressBuilder.build()); - endpointL3Builder.setIpAddress(new IpAddress(ip)); - endpointL3Builder.setMacAddress(new MacAddress(mac)); + NatAddress natAddress = new NatAddressBuilder().setNatAddress(new IpAddress(new Ipv6Address(natIp))).build(); + + EndpointL3Builder endpointL3Builder = new EndpointL3Builder().addAugmentation(NatAddress.class, natAddress) + .setIpAddress(new IpAddress(ip)) + .setMacAddress(new MacAddress(mac)); if (l2bd != null) { endpointL3Builder.setL2Context(new L2BridgeDomainId(l2bd)); } @@ -173,186 +174,201 @@ public abstract class MapperUtilsTest { } public SegmentationBuilder buildSegmentation() { - SegmentationBuilder segmentationBuilder = new SegmentationBuilder(); - segmentationBuilder.setSegmentationId(1); - return segmentationBuilder; + return new SegmentationBuilder().setSegmentationId(1); } protected TenantBuilder buildTenant() { - TenantBuilder tenantBuilder = new TenantBuilder(); - tenantBuilder.setId(TENANT_ID); - tenantBuilder.setForwardingContext(buildForwardingContext().build()); - PolicyBuilder policyBuilder = new PolicyBuilder(); - policyBuilder.setEndpointGroup(getEndpointGroups()); - policyBuilder.setSubjectFeatureInstances(getSubjectFeatureInstances()); - tenantBuilder.setPolicy(policyBuilder.build()); - return tenantBuilder; + Policy policy = new PolicyBuilder().setEndpointGroup(getEndpointGroups()) + .setSubjectFeatureInstances(getSubjectFeatureInstances()) + .build(); + + return new TenantBuilder().setId(TENANT_ID) + .setForwardingContext(buildForwardingContext().build()) + .setPolicy(policy); + } + + protected TenantBuilder buildTenant(ActionInstance actionInstance) { + Policy policy = new PolicyBuilder().setEndpointGroup(getEndpointGroups()) + .setSubjectFeatureInstances(getSubjectFeatureInstances(actionInstance)) + .build(); + + return new TenantBuilder().setId(TENANT_ID) + .setForwardingContext(buildForwardingContext().build()) + .setPolicy(policy); } protected IndexedTenant getTestIndexedTenant() { return new IndexedTenant(buildTenant().build()); } + protected IndexedTenant getTestIndexedTenant(ActionInstance actionInstance) { + return new IndexedTenant(buildTenant(actionInstance).build()); + } + protected ForwardingContextBuilder buildForwardingContext() { - ForwardingContextBuilder forwardingContextBuilder = new ForwardingContextBuilder(); - forwardingContextBuilder.setL2FloodDomain(getL2FloodDomainList(false)); - forwardingContextBuilder.setL2BridgeDomain(getL2BridgeDomainList()); - forwardingContextBuilder.setL3Context(getL3ContextList()); - forwardingContextBuilder.setSubnet(getSubnetList()); - return forwardingContextBuilder; + return new ForwardingContextBuilder().setL2FloodDomain(getL2FloodDomainList(false)) + .setL2BridgeDomain(getL2BridgeDomainList()) + .setL3Context(getL3ContextList()) + .setSubnet(getSubnetList()); } protected List getL3ContextList() { - List l3Contexts = new ArrayList<>(); - L3ContextBuilder l3ContextBuilder = new L3ContextBuilder(); - l3ContextBuilder.setId(L3C_ID); - l3Contexts.add(l3ContextBuilder.build()); - return l3Contexts; + L3Context l3Context = new L3ContextBuilder().setId(L3C_ID).build(); + return ImmutableList.of(l3Context); } protected List getL2BridgeDomainList() { - List l2BridgeDomains = new ArrayList<>(); - L2BridgeDomainBuilder l2BridgeDomainBuilder = new L2BridgeDomainBuilder(); - l2BridgeDomainBuilder.setId(L2BD_ID); - l2BridgeDomainBuilder.setParent(L3C_ID); - l2BridgeDomains.add(l2BridgeDomainBuilder.build()); - return l2BridgeDomains; + L2BridgeDomain l2BridgeDomain = new L2BridgeDomainBuilder().setId(L2BD_ID).setParent(L3C_ID).build(); + return ImmutableList.of(l2BridgeDomain); } protected List getL2FloodDomainList(boolean external) { - List l2FloodDomains = new ArrayList<>(); - L2FloodDomainBuilder l2FloodDomainBuilder = new L2FloodDomainBuilder(); - l2FloodDomainBuilder.setId(L2FD_ID); + L2FloodDomainBuilder l2FloodDomainBuilder = new L2FloodDomainBuilder().setId(L2FD_ID) + .setParent(new L2BridgeDomainId(L2BD_ID)) + .addAugmentation(Segmentation.class, buildSegmentation().build()); if (external) { l2FloodDomainBuilder.setId(L2_FD_ID_EXT); } - l2FloodDomainBuilder.setParent(new L2BridgeDomainId(L2BD_ID)); - l2FloodDomainBuilder.addAugmentation(Segmentation.class, buildSegmentation().build()); - l2FloodDomains.add(l2FloodDomainBuilder.build()); - return l2FloodDomains; + return ImmutableList.of(l2FloodDomainBuilder.build()); } protected List getL3AddressList(Ipv4Address l3IpAddress, L3ContextId l3ContextId) { - List l3Addresses = new ArrayList<>(); - L3AddressBuilder l3AddressBuilder = new L3AddressBuilder(); - l3AddressBuilder.setIpAddress(new IpAddress(l3IpAddress)); - l3AddressBuilder.setL3Context(new L3ContextId(l3ContextId)); - l3Addresses.add(l3AddressBuilder.build()); - return l3Addresses; + L3Address l3Address = new L3AddressBuilder().setIpAddress(new IpAddress(l3IpAddress)) + .setL3Context(new L3ContextId(l3ContextId)) + .build(); + return ImmutableList.of(l3Address); } protected List getL3AddressList(Ipv6Address l3IpAddress) { - List l3Addresses = new ArrayList<>(); - L3AddressBuilder l3AddressBuilder = new L3AddressBuilder(); - l3AddressBuilder.setIpAddress(new IpAddress(l3IpAddress)); - l3Addresses.add(l3AddressBuilder.build()); - return l3Addresses; + L3Address l3Address = new L3AddressBuilder().setIpAddress(new IpAddress(l3IpAddress)).build(); + return ImmutableList.of(l3Address); } protected OfOverlayContextBuilder getOfOverlayContext(NodeConnectorId connector) { - OfOverlayContextBuilder ofOverlayContextBuilder = new OfOverlayContextBuilder(); - ofOverlayContextBuilder.setNodeConnectorId(connector); - ofOverlayContextBuilder.setNodeId(NODE_ID); - return ofOverlayContextBuilder; + return new OfOverlayContextBuilder().setNodeConnectorId(connector).setNodeId(NODE_ID); } protected EndpointBuilder buildEndpoint(Ipv4Address l3IpAddress, MacAddress mac, NodeConnectorId connector) { - EndpointBuilder endpointBuilder = new EndpointBuilder(); - endpointBuilder.setTenant(TENANT_ID); - endpointBuilder.setL3Address(getL3AddressList(l3IpAddress, L3C_ID)); - endpointBuilder.setMacAddress(new MacAddress(mac)); - endpointBuilder.setL2Context(new L2BridgeDomainId(L2BD_ID)); - endpointBuilder.setEndpointGroup(ENDPOINT_GROUP_0); - endpointBuilder.addAugmentation(OfOverlayContext.class, getOfOverlayContext(connector).build()); - if(l3IpAddress.equals(IPV4_0)) { + EndpointBuilder endpointBuilder = new EndpointBuilder().setTenant(TENANT_ID) + .setL3Address(getL3AddressList(l3IpAddress, L3C_ID)) + .setMacAddress(new MacAddress(mac)) + .setL2Context(new L2BridgeDomainId(L2BD_ID)) + .setEndpointGroup(ENDPOINT_GROUP_0) + .addAugmentation(OfOverlayContext.class, getOfOverlayContext(connector).build()); + if (l3IpAddress.equals(IPV4_0)) { endpointBuilder.setNetworkContainment(SUBNET_0); - } - else if(l3IpAddress.equals(IPV4_1)) { + } else if (l3IpAddress.equals(IPV4_1)) { endpointBuilder.setNetworkContainment(SUBNET_1); - } - else if(l3IpAddress.equals(IPV4_2)) { + } else if (l3IpAddress.equals(IPV4_2)) { endpointBuilder.setNetworkContainment(SUBNET_2); } return endpointBuilder; } protected EndpointBuilder buildEndpoint(Ipv6Address l3IpAddress, MacAddress mac, NodeConnectorId connector) { - EndpointBuilder endpointBuilder = new EndpointBuilder(); - endpointBuilder.setTenant(TENANT_ID); - endpointBuilder.setL3Address(getL3AddressList(l3IpAddress)); - endpointBuilder.setMacAddress(new MacAddress(mac)); - endpointBuilder.setL2Context(new L2BridgeDomainId(L2BD_ID)); - endpointBuilder.setEndpointGroup(ENDPOINT_GROUP_0); - endpointBuilder.addAugmentation(OfOverlayContext.class, getOfOverlayContext(connector).build()); - endpointBuilder.setNetworkContainment(NET_DOMAIN_ID); - return endpointBuilder; + return new EndpointBuilder().setTenant(TENANT_ID) + .setL3Address(getL3AddressList(l3IpAddress)) + .setMacAddress(new MacAddress(mac)) + .setL2Context(new L2BridgeDomainId(L2BD_ID)) + .setEndpointGroup(ENDPOINT_GROUP_0) + .setNetworkContainment(NET_DOMAIN_ID) + .addAugmentation(OfOverlayContext.class, getOfOverlayContext(connector).build()); } public List getEndpointGroups() { return ImmutableList.of( new EndpointGroupBuilder().setId(ENDPOINT_GROUP_0) - .setNetworkDomain(SUBNET_0) - .setConsumerNamedSelector(ImmutableList.of(new ConsumerNamedSelectorBuilder() - .setName(new SelectorName("cns1")).setContract(ImmutableList.of(CONTRACT_ID)).build())) - .build(), + .setNetworkDomain(SUBNET_0) + .setConsumerNamedSelector(ImmutableList.of(new ConsumerNamedSelectorBuilder() + .setName(new SelectorName("cns1")).setContract(ImmutableList.of(CONTRACT_ID)).build())) + .build(), new EndpointGroupBuilder().setId(ENDPOINT_GROUP_1) - .setNetworkDomain(SUBNET_1) - .setProviderNamedSelector(ImmutableList.of(new ProviderNamedSelectorBuilder() - .setName(new SelectorName("pns1")).setContract(ImmutableList.of(CONTRACT_ID)).build())) - .build()); + .setNetworkDomain(SUBNET_1) + .setProviderNamedSelector(ImmutableList.of(new ProviderNamedSelectorBuilder() + .setName(new SelectorName("pns1")).setContract(ImmutableList.of(CONTRACT_ID)).build())) + .build()); } protected SubjectFeatureInstances getSubjectFeatureInstances() { SubjectFeatureInstancesBuilder builder = new SubjectFeatureInstancesBuilder(); - return builder.setClassifierInstance(ImmutableList.of(new ClassifierInstanceBuilder() - .setName(new ClassifierName("tcp_dst_80")) - .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId()) - .setParameterValue(ImmutableList.of(new ParameterValueBuilder().setName(new ParameterName("destport")) - .setIntValue(80L) // Endpoint - - .build(), new ParameterValueBuilder().setName(new ParameterName("proto")) - .setIntValue(6L) - .build())) - .build(), new ClassifierInstanceBuilder().setName(new ClassifierName(TCP_SRC)) - .setClassifierDefinitionId(Classifier.L4_CL.getId()) - .setParameterValue(ImmutableList.of(new ParameterValueBuilder().setName(new ParameterName("sourceport")) - .setIntValue(80L) - .build(), new ParameterValueBuilder().setName(new ParameterName("proto")) - .setIntValue(6L) - .build())) - .build(), new ClassifierInstanceBuilder().setName(new ClassifierName("ether_type")) - .setClassifierDefinitionId(Classifier.ETHER_TYPE_CL.getId()) - .setParameterValue(ImmutableList.of(new ParameterValueBuilder() - .setName(new ParameterName("ethertype")) - .setIntValue(FlowUtils.IPv4) - .build())) + return builder.setClassifierInstance(ImmutableList.of( + new ClassifierInstanceBuilder().setName(new ClassifierName("tcp_dst_80")) + .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId()) + .setParameterValue(ImmutableList.of( + new ParameterValueBuilder().setName(new ParameterName("destport")) + .setIntValue(80L) // Endpoint + + .build(), + new ParameterValueBuilder().setName(new ParameterName("proto")).setIntValue(6L).build())) + .build(), + new ClassifierInstanceBuilder().setName(new ClassifierName(TCP_SRC)) + .setClassifierDefinitionId(Classifier.L4_CL.getId()) + .setParameterValue(ImmutableList.of( + new ParameterValueBuilder().setName(new ParameterName("sourceport")) + .setIntValue(80L) + .build(), + new ParameterValueBuilder().setName(new ParameterName("proto")).setIntValue(6L).build())) + .build(), + new ClassifierInstanceBuilder().setName(new ClassifierName("ether_type")) + .setClassifierDefinitionId(Classifier.ETHER_TYPE_CL.getId()) + .setParameterValue(ImmutableList.of(new ParameterValueBuilder() + .setName(new ParameterName("ethertype")).setIntValue(FlowUtils.IPv4).build())) + .build())) + .setActionInstance(ImmutableList.of(new ActionInstanceBuilder().setName(new ActionName("allow")) + .setActionDefinitionId(new AllowAction().getId()) .build())) - .setActionInstance(ImmutableList.of(new ActionInstanceBuilder().setName(new ActionName("allow")) - .setActionDefinitionId(new AllowAction().getId()) - .build())) - .build(); + .build(); + } + + protected SubjectFeatureInstances getSubjectFeatureInstances(ActionInstance actionInstance) { + SubjectFeatureInstancesBuilder builder = new SubjectFeatureInstancesBuilder(); + return builder.setClassifierInstance(ImmutableList.of( + new ClassifierInstanceBuilder().setName(new ClassifierName("tcp_dst_80")) + .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId()) + .setParameterValue(ImmutableList.of( + new ParameterValueBuilder().setName(new ParameterName("destport")) + .setIntValue(80L) // Endpoint + + .build(), + new ParameterValueBuilder().setName(new ParameterName("proto")).setIntValue(6L).build())) + .build(), + new ClassifierInstanceBuilder().setName(new ClassifierName(TCP_SRC)) + .setClassifierDefinitionId(Classifier.L4_CL.getId()) + .setParameterValue(ImmutableList.of( + new ParameterValueBuilder().setName(new ParameterName("sourceport")) + .setIntValue(80L) + .build(), + new ParameterValueBuilder().setName(new ParameterName("proto")).setIntValue(6L).build())) + .build(), + new ClassifierInstanceBuilder().setName(new ClassifierName("ether_type")) + .setClassifierDefinitionId(Classifier.ETHER_TYPE_CL.getId()) + .setParameterValue(ImmutableList.of(new ParameterValueBuilder() + .setName(new ParameterName("ethertype")).setIntValue(FlowUtils.IPv4).build())) + .build())) + .setActionInstance(ImmutableList.of(actionInstance)) + .build(); } protected List getSubnetList() { return ImmutableList.of( new SubnetBuilder().setId(SUBNET_0) - .setParent(L2FD_ID) - .setIpPrefix(new IpPrefix(new Ipv4Prefix("10.0.1.0/24"))) - .setVirtualRouterIp(new IpAddress(new Ipv4Address("10.0.1.1"))) - .build(), + .setParent(L2FD_ID) + .setIpPrefix(new IpPrefix(new Ipv4Prefix("10.0.1.0/24"))) + .setVirtualRouterIp(new IpAddress(new Ipv4Address("10.0.1.1"))) + .build(), new SubnetBuilder().setId(SUBNET_1) - .setParent(L2FD_ID) - .setIpPrefix(new IpPrefix(new Ipv4Prefix("10.0.0.0/24"))) - .setVirtualRouterIp(new IpAddress(new Ipv4Address("10.0.0.1"))) - .build(), + .setParent(L2FD_ID) + .setIpPrefix(new IpPrefix(new Ipv4Prefix("10.0.0.0/24"))) + .setVirtualRouterIp(new IpAddress(new Ipv4Address("10.0.0.1"))) + .build(), new SubnetBuilder().setId(SUBNET_2) - .setParent(L2BD_ID) - .setIpPrefix(new IpPrefix(new Ipv4Prefix("10.0.2.0/24"))) - .setVirtualRouterIp(new IpAddress(new Ipv4Address("10.0.2.1"))) - .build(), + .setParent(L2BD_ID) + .setIpPrefix(new IpPrefix(new Ipv4Prefix("10.0.2.0/24"))) + .setVirtualRouterIp(new IpAddress(new Ipv4Address("10.0.2.1"))) + .build(), new SubnetBuilder().setId(SUBNET_EXT) - .setParent(L2_FD_ID_EXT) - .setIpPrefix(new IpPrefix(new Ipv4Prefix("192.168.111.0/24"))) - .build()); + .setParent(L2_FD_ID_EXT) + .setIpPrefix(new IpPrefix(new Ipv4Prefix("192.168.111.0/24"))) + .build()); } } diff --git a/renderers/ofoverlay/src/test/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/mapper/policyenforcer/PolicyEnforcerTest.java b/renderers/ofoverlay/src/test/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/mapper/policyenforcer/PolicyEnforcerTest.java index ca6c6eb9f..e11a76bfe 100755 --- a/renderers/ofoverlay/src/test/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/mapper/policyenforcer/PolicyEnforcerTest.java +++ b/renderers/ofoverlay/src/test/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/mapper/policyenforcer/PolicyEnforcerTest.java @@ -11,20 +11,23 @@ package org.opendaylight.groupbasedpolicy.renderer.ofoverlay.mapper.policyenforc import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotEquals; import static org.junit.Assert.assertTrue; +import static org.mockito.Mockito.when; import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.applyActionIns; import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.instructions; import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.nxOutputRegAction; import java.util.ArrayList; import java.util.Collections; -import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.Objects; +import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableMap; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; +import org.opendaylight.groupbasedpolicy.api.sf.ChainActionDefinition; import org.opendaylight.groupbasedpolicy.dto.ConditionGroup; import org.opendaylight.groupbasedpolicy.dto.EgKey; import org.opendaylight.groupbasedpolicy.dto.PolicyInfo; @@ -38,6 +41,15 @@ import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.RegMa import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.OrdinalFactory; import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.mapper.MapperUtilsTest; import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.node.MockSwitchManager; +import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.sf.AllowAction; +import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.sf.ChainAction; +import org.opendaylight.sfc.provider.api.SfcProviderServicePathAPI; +import org.opendaylight.yang.gen.v1.urn.cisco.params.xml.ns.yang.sfc.common.rev151017.SfcName; +import org.opendaylight.yang.gen.v1.urn.cisco.params.xml.ns.yang.sfc.common.rev151017.SfpName; +import org.opendaylight.yang.gen.v1.urn.cisco.params.xml.ns.yang.sfc.sfp.rev140701.ServiceFunctionPaths; +import org.opendaylight.yang.gen.v1.urn.cisco.params.xml.ns.yang.sfc.sfp.rev140701.ServiceFunctionPathsBuilder; +import org.opendaylight.yang.gen.v1.urn.cisco.params.xml.ns.yang.sfc.sfp.rev140701.service.function.paths.ServiceFunctionPath; +import org.opendaylight.yang.gen.v1.urn.cisco.params.xml.ns.yang.sfc.sfp.rev140701.service.function.paths.ServiceFunctionPathBuilder; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpAddress; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.Ipv4Address; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.PortNumber; @@ -48,6 +60,7 @@ import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClauseName; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ConditionMatcherName; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ConditionName; +import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ParameterName; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.SubjectName; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.endpoints.Endpoint; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.endpoints.EndpointBuilder; @@ -61,6 +74,8 @@ import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.condition.matchers.ConditionMatcherBuilder; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.conditions.Condition; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.conditions.ConditionBuilder; +import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValue; +import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValueBuilder; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.TenantBuilder; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.PolicyBuilder; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.ContractBuilder; @@ -71,6 +86,8 @@ import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.clause.ProviderMatchersBuilder; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.subject.Rule; import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.subject.RuleBuilder; +import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ActionInstance; +import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ActionInstanceBuilder; import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeConnectorId; import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._4.match.TcpMatch; import org.opendaylight.yang.gen.v1.urn.opendaylight.openflowjava.nx.match.rev140421.NxmNxReg0; @@ -90,201 +107,251 @@ import org.powermock.api.mockito.PowerMockito; import org.powermock.core.classloader.annotations.PrepareForTest; import org.powermock.modules.junit4.PowerMockRunner; -import com.google.common.collect.ImmutableList; -import com.google.common.collect.ImmutableMap; - @RunWith(PowerMockRunner.class) -@PrepareForTest({PolicyManager.class}) +@PrepareForTest({PolicyManager.class, SfcProviderServicePathAPI.class}) public class PolicyEnforcerTest extends MapperUtilsTest { - //TODO (att: kblagov) XXX needs redesign - private final int sameEpgFlows = 1; - private final int allowTunnelFlows = 1; - private final int layer4flowsIPv4 = 1; - private final int layer4flowsIPv6 = 1; + private static final String SFC_CHAIN = "sfc-chain"; private static final String TCP_DST = "tcp_dst_80"; + private static final int sameEpgFlows = 1; + private static final int allowTunnelFlows = 1; + private static final int layer4flowsIPv4 = 1; + private static final int layer4flowsIPv6 = 1; - private NodeConnectorId tunnelId = - new NodeConnectorId(NODE_ID.getValue() + ":42"); + private NodeConnectorId tunnelId = new NodeConnectorId(NODE_ID.getValue() + ":42"); private NodeConnectorId nodeConnector = new NodeConnectorId(NODE_ID.getValue() + CONNECTOR_0); + + // custom mock instances to avoid downcasting of parent's fields + private MockEndpointManager endpointManagerMock; + private MockPolicyManager policyManagerMock; + private MockSwitchManager switchManagerMock; + private MockOfContext ctxMock; + + private ActionInstance allowActionInstance; + private ActionInstance chainActionInstance; + @Before - public void setup() throws Exception { + public void init() { PowerMockito.stub(PowerMockito.method(PolicyManager.class, "setSfcTableOffset")).toReturn(true); - endpointManager = new MockEndpointManager(); - policyManager = new MockPolicyManager(endpointManager); - switchManager = new MockSwitchManager(); - ctx = new MockOfContext(null, - policyManager, - switchManager, - endpointManager, - null); - table = new PolicyEnforcer(ctx, ctx.getPolicyManager().getTABLEID_POLICY_ENFORCER()); - - ((MockSwitchManager)switchManager).addSwitch( - NODE_ID, - tunnelId, - Collections.emptySet(), - new OfOverlayNodeConfigBuilder().setTunnel( - ImmutableList.of(new TunnelBuilder().setIp(new IpAddress(new Ipv4Address("1.2.3.4"))) + endpointManagerMock = new MockEndpointManager(); + policyManagerMock = new MockPolicyManager(endpointManagerMock); + switchManagerMock = new MockSwitchManager(); + ctxMock = new MockOfContext(null, policyManagerMock, switchManagerMock, endpointManagerMock, null); + table = new PolicyEnforcer(ctxMock, ctxMock.getPolicyManager().getTABLEID_POLICY_ENFORCER()); + + ServiceFunctionPath path = new ServiceFunctionPathBuilder().setName(new SfpName("sfp-name")) + .setServiceChainName(new SfcName(SFC_CHAIN)) + .setSymmetric(true) + .build(); + ServiceFunctionPaths paths = + new ServiceFunctionPathsBuilder().setServiceFunctionPath(ImmutableList.of(path)).build(); + + PowerMockito.mockStatic(SfcProviderServicePathAPI.class); + when(SfcProviderServicePathAPI.readAllServiceFunctionPaths()).thenReturn(paths); + + allowActionInstance = new ActionInstanceBuilder().setName(new ActionName("allow")) + .setActionDefinitionId(new AllowAction().getId()) + .build(); + + ParameterValue pv = new ParameterValueBuilder().setName(new ParameterName(ChainActionDefinition.SFC_CHAIN_NAME)) + .setStringValue(SFC_CHAIN) + .build(); + chainActionInstance = new ActionInstanceBuilder().setName(new ActionName("chain")) + .setActionDefinitionId(new ChainAction().getId()) + .setParameterValue(ImmutableList.of(pv)) + .build(); + + switchManagerMock + .addSwitch(NODE_ID, tunnelId, + Collections + .emptySet(), + new OfOverlayNodeConfigBuilder() + .setTunnel(ImmutableList.of(new TunnelBuilder().setIp(new IpAddress(new Ipv4Address("1.2.3.4"))) .setTunnelType(TunnelTypeVxlan.class) .setNodeConnectorId(tunnelId) - .build())).build()); + .build())) + .build()); } @Test - public void testSameEg() throws Exception { + public void test_SameEg() throws Exception { EndpointBuilder ep1Builder = buildEndpoint(IPV4_0, MAC_0, nodeConnector); ep1Builder.setEndpointGroup(ENDPOINT_GROUP_0); ep1Builder.setL2Context(L2BD_ID); Endpoint ep1 = ep1Builder.build(); - ((MockEndpointManager)endpointManager).addEndpoint(ep1); - EndpointBuilder ep2Builder = buildEndpoint(IPV4_1,MAC_1, nodeConnector); + endpointManagerMock.addEndpoint(ep1); + EndpointBuilder ep2Builder = buildEndpoint(IPV4_1, MAC_1, nodeConnector); ep2Builder.setEndpointGroup(ENDPOINT_GROUP_1); ep2Builder.setL2Context(L2BD_ID); Endpoint ep2 = ep2Builder.build(); - ((MockEndpointManager)endpointManager).addEndpoint(ep2); - ((MockOfContext)ctx).addTenant(buildTenant().setPolicy(new PolicyBuilder(buildTenant().getPolicy()) + endpointManagerMock.addEndpoint(ep2); + ctxMock.addTenant(buildTenant().setPolicy(new PolicyBuilder(buildTenant().getPolicy()) .setContract(ImmutableList.of(baseContract(null).build())).build()).build()); ofWriter = new OfWriter(); table.sync(ep1, ofWriter); - assertTrue(!ofWriter.getTableForNode(NODE_ID, ctx.getPolicyManager().getTABLEID_POLICY_ENFORCER()) + + assertTrue(!ofWriter.getTableForNode(NODE_ID, ctxMock.getPolicyManager().getTABLEID_POLICY_ENFORCER()) .getFlow() .isEmpty()); + int count = 0; - HashMap flowMap = new HashMap<>(); - for (Flow f : ofWriter.getTableForNode(NODE_ID, ctx.getPolicyManager().getTABLEID_POLICY_ENFORCER()).getFlow()) { - flowMap.put(f.getId().getValue(), f); + for (Flow f : ofWriter.getTableForNode(NODE_ID, ctxMock.getPolicyManager().getTABLEID_POLICY_ENFORCER()) + .getFlow()) { if (isAllowSameEpg(f)) { - count += 1; + count++; } } assertEquals(sameEpgFlows, count); + int totalFlows = sameEpgFlows + allowTunnelFlows + layer4flowsIPv4 + layer4flowsIPv6; - assertEquals(totalFlows, ofWriter.getTableForNode(NODE_ID, ctx.getPolicyManager().getTABLEID_POLICY_ENFORCER()) - .getFlow() - .size()); + assertEquals(totalFlows, ofWriter + .getTableForNode(NODE_ID, ctxMock.getPolicyManager().getTABLEID_POLICY_ENFORCER()).getFlow().size()); } @Test - public void testDifferentEg() throws Exception { + public void test_DifferentEg() throws Exception { int totalFlows = sameEpgFlows + allowTunnelFlows; - assertEquals(totalFlows, doTestDifferentEg(ImmutableList.of(baseSubject(null).build()))); + assertEquals(totalFlows, doTestDifferentEg(ImmutableList.of(baseSubject(null).build()), allowActionInstance)); // one layer4 flow for each direction totalFlows = sameEpgFlows + allowTunnelFlows + (2 * layer4flowsIPv4) + (2 * layer4flowsIPv6); - assertEquals(totalFlows, doTestDifferentEg(ImmutableList.of(baseSubject(Direction.Bidirectional).build()))); + assertEquals(totalFlows, + doTestDifferentEg(ImmutableList.of(baseSubject(Direction.Bidirectional).build()), allowActionInstance)); totalFlows = sameEpgFlows + allowTunnelFlows + layer4flowsIPv4 + layer4flowsIPv6; - assertEquals(totalFlows, doTestDifferentEg(ImmutableList.of(baseSubject(Direction.In).build()))); - assertEquals(totalFlows, doTestDifferentEg(ImmutableList.of(baseSubject(Direction.Out).build()))); + assertEquals(totalFlows, + doTestDifferentEg(ImmutableList.of(baseSubject(Direction.In).build()), allowActionInstance)); + assertEquals(totalFlows, + doTestDifferentEg(ImmutableList.of(baseSubject(Direction.Out).build()), allowActionInstance)); } @Test - public void doTestRule() throws Exception { - Rule rule1 = new RuleBuilder().setActionRef( - ImmutableList.of(new ActionRefBuilder().setName(new ActionName(ALLOW)).build())) - .setClassifierRef( - createClassifierRefs(ImmutableMap.of(TCP_DST, Direction.In, TCP_SRC, - Direction.In))) + public void test_Rules() throws Exception { + Rule rule1 = new RuleBuilder() + .setActionRef(ImmutableList.of(new ActionRefBuilder().setName(new ActionName(ALLOW)).build())) + .setClassifierRef(createClassifierRefs(ImmutableMap.of(TCP_DST, Direction.In, TCP_SRC, Direction.In))) .build(); - Rule rule2 = new RuleBuilder().setActionRef( - ImmutableList.of(new ActionRefBuilder().setName(new ActionName(ALLOW)).build())) - .setClassifierRef( - createClassifierRefs(ImmutableMap.of(TCP_DST, Direction.In, TCP_SRC, - Direction.Out))) + Rule rule2 = new RuleBuilder() + .setActionRef(ImmutableList.of(new ActionRefBuilder().setName(new ActionName(ALLOW)).build())) + .setClassifierRef(createClassifierRefs(ImmutableMap.of(TCP_DST, Direction.In, TCP_SRC, Direction.Out))) .build(); - Rule rule3 = new RuleBuilder().setActionRef( - ImmutableList.of(new ActionRefBuilder().setName(new ActionName(ALLOW)).build())) - .setClassifierRef( - createClassifierRefs(ImmutableMap.of(TCP_DST, Direction.In, TCP_SRC, - Direction.Out, "ether_type", Direction.In))) + Rule rule3 = new RuleBuilder() + .setActionRef(ImmutableList.of(new ActionRefBuilder().setName(new ActionName(ALLOW)).build())) + .setClassifierRef(createClassifierRefs( + ImmutableMap.of(TCP_DST, Direction.In, TCP_SRC, Direction.Out, "ether_type", Direction.In))) .build(); - Rule rule4 = new RuleBuilder().setActionRef( - ImmutableList.of(new ActionRefBuilder().setName(new ActionName(ALLOW)).build())) - .setClassifierRef( - createClassifierRefs(ImmutableMap.of(TCP_DST, Direction.In, "tcp_dst_90", - Direction.In))) + Rule rule4 = new RuleBuilder() + .setActionRef(ImmutableList.of(new ActionRefBuilder().setName(new ActionName(ALLOW)).build())) + .setClassifierRef(createClassifierRefs(ImmutableMap.of(TCP_DST, Direction.In, "tcp_dst_90", Direction.In))) .build(); int totalFlows = sameEpgFlows + allowTunnelFlows + layer4flowsIPv4 + layer4flowsIPv6; assertEquals(totalFlows, - doTestDifferentEg(ImmutableList.of(createSubject("s1", ImmutableList.of(rule1))))); + doTestDifferentEg(ImmutableList.of(createSubject("s1", ImmutableList.of(rule1))), allowActionInstance)); // one layer4 flow for each direction totalFlows = sameEpgFlows + allowTunnelFlows + (2 * layer4flowsIPv4) + (2 * layer4flowsIPv6); assertEquals(totalFlows, - doTestDifferentEg(ImmutableList.of(createSubject("s2", ImmutableList.of(rule2))))); - // only one ether_type for out direction + doTestDifferentEg(ImmutableList.of(createSubject("s2", ImmutableList.of(rule2))), allowActionInstance)); + // only one ether_type for out direction totalFlows = sameEpgFlows + allowTunnelFlows + (2 * layer4flowsIPv4) + layer4flowsIPv6; assertEquals(totalFlows, - doTestDifferentEg(ImmutableList.of(createSubject("s3", ImmutableList.of(rule3))))); + doTestDifferentEg(ImmutableList.of(createSubject("s3", ImmutableList.of(rule3))), allowActionInstance)); totalFlows = sameEpgFlows + allowTunnelFlows; assertEquals(totalFlows, - doTestDifferentEg(ImmutableList.of(createSubject("s4", ImmutableList.of(rule4))))); + doTestDifferentEg(ImmutableList.of(createSubject("s4", ImmutableList.of(rule4))), allowActionInstance)); + } + + @Test + public void test_Rules_ChainAction() throws Exception { + Rule rule1 = new RuleBuilder() + .setActionRef(ImmutableList.of(new ActionRefBuilder().setName(new ActionName(CHAIN)).build())) + .setClassifierRef(createClassifierRefs(ImmutableMap.of(TCP_DST, Direction.In, TCP_SRC, Direction.In))) + .build(); + Rule rule2 = new RuleBuilder() + .setActionRef(ImmutableList.of(new ActionRefBuilder().setName(new ActionName(CHAIN)).build())) + .setClassifierRef(createClassifierRefs(ImmutableMap.of(TCP_DST, Direction.In, TCP_SRC, Direction.Out))) + .build(); + Rule rule3 = new RuleBuilder() + .setActionRef(ImmutableList.of(new ActionRefBuilder().setName(new ActionName(CHAIN)).build())) + .setClassifierRef(createClassifierRefs( + ImmutableMap.of(TCP_DST, Direction.In, TCP_SRC, Direction.Out, "ether_type", Direction.In))) + .build(); + Rule rule4 = new RuleBuilder() + .setActionRef(ImmutableList.of(new ActionRefBuilder().setName(new ActionName(CHAIN)).build())) + .setClassifierRef(createClassifierRefs(ImmutableMap.of(TCP_DST, Direction.In, "tcp_dst_90", Direction.In))) + .build(); + + assertEquals(2, + doTestDifferentEg(ImmutableList.of(createSubject("s1", ImmutableList.of(rule1))), chainActionInstance)); + assertEquals(2, + doTestDifferentEg(ImmutableList.of(createSubject("s2", ImmutableList.of(rule2))), chainActionInstance)); + assertEquals(2, + doTestDifferentEg(ImmutableList.of(createSubject("s3", ImmutableList.of(rule3))), chainActionInstance)); + assertEquals(2, + doTestDifferentEg(ImmutableList.of(createSubject("s4", ImmutableList.of(rule4))), chainActionInstance)); } - private int doTestDifferentEg(List subjects) throws Exception { + private int doTestDifferentEg(List subjects, ActionInstance actionInstance) throws Exception { EndpointBuilder ep1Builder = buildEndpoint(IPV4_0, MAC_0, nodeConnector); ep1Builder.setEndpointGroup(ENDPOINT_GROUP_0); ep1Builder.setL2Context(L2BD_ID); Endpoint ep1 = ep1Builder.build(); - ((MockEndpointManager)endpointManager).addEndpoint(ep1); + endpointManagerMock.addEndpoint(ep1); EndpointBuilder ep2Builder = buildEndpoint(IPV4_1, MAC_1, nodeConnector); ep2Builder.setEndpointGroup(ENDPOINT_GROUP_1); ep2Builder.setL2Context(L2BD_ID); Endpoint ep2 = ep2Builder.build(); - ((MockEndpointManager)endpointManager).addEndpoint(ep2); - ((MockOfContext)ctx).addTenant(buildTenant().setPolicy(new PolicyBuilder(buildTenant().getPolicy()) - .setContract(ImmutableList.of(baseContract(subjects).build())).build()).build()); + endpointManagerMock.addEndpoint(ep2); + + TenantBuilder tb = buildTenant(actionInstance); + ctxMock.addTenant(tb.setPolicy( + new PolicyBuilder(tb.getPolicy()).setContract(ImmutableList.of(baseContract(subjects).build())).build()) + .build()); ofWriter = new OfWriter(); table.sync(ep1, ofWriter); - assertTrue(!ofWriter.getTableForNode(NODE_ID, ctx.getPolicyManager().getTABLEID_POLICY_ENFORCER()) + + assertTrue(!ofWriter.getTableForNode(NODE_ID, ctxMock.getPolicyManager().getTABLEID_POLICY_ENFORCER()) .getFlow() .isEmpty()); + int count = 0; - for (Flow f : ofWriter.getTableForNode(NODE_ID, ctx.getPolicyManager().getTABLEID_POLICY_ENFORCER()).getFlow()) { + for (Flow f : ofWriter.getTableForNode(NODE_ID, ctxMock.getPolicyManager().getTABLEID_POLICY_ENFORCER()) + .getFlow()) { if (isAllowSameEpg(f)) { - count += 1; + count++; } else if (f.getMatch() != null && Objects.equals(tunnelId, f.getMatch().getInPort())) { assertEquals(instructions(applyActionIns(nxOutputRegAction(NxmNxReg7.class))), f.getInstructions()); - count += 1; - } else if (f.getMatch() != null - && f.getMatch().getEthernetMatch() != null - && Objects.equals(FlowUtils.IPv4, f.getMatch() - .getEthernetMatch() - .getEthernetType() - .getType() - .getValue()) + count++; + } else if (f.getMatch() != null && f.getMatch().getEthernetMatch() != null + && Objects.equals(FlowUtils.IPv4, + f.getMatch().getEthernetMatch().getEthernetType().getType().getValue()) && f.getMatch().getIpMatch() != null && Objects.equals((short) 6, f.getMatch().getIpMatch().getIpProtocol()) && f.getMatch().getLayer4Match() != null && (Objects.equals(new PortNumber(80), - ((TcpMatch) f.getMatch().getLayer4Match()).getTcpSourcePort()) || Objects.equals( - new PortNumber(80), - ((TcpMatch) f.getMatch().getLayer4Match()).getTcpDestinationPort()))) { - count += 1; - } else if (f.getMatch() != null - && f.getMatch().getEthernetMatch() != null - && Objects.equals(FlowUtils.IPv6, f.getMatch() - .getEthernetMatch() - .getEthernetType() - .getType() - .getValue()) + ((TcpMatch) f.getMatch().getLayer4Match()).getTcpSourcePort()) + || Objects.equals(new PortNumber(80), + ((TcpMatch) f.getMatch().getLayer4Match()).getTcpDestinationPort()))) { + count++; + } else if (f.getMatch() != null && f.getMatch().getEthernetMatch() != null + && Objects.equals(FlowUtils.IPv6, + f.getMatch().getEthernetMatch().getEthernetType().getType().getValue()) && f.getMatch().getIpMatch() != null && Objects.equals((short) 6, f.getMatch().getIpMatch().getIpProtocol()) && f.getMatch().getLayer4Match() != null && (Objects.equals(new PortNumber(80), - ((TcpMatch) f.getMatch().getLayer4Match()).getTcpSourcePort()) || Objects.equals( - new PortNumber(80), - ((TcpMatch) f.getMatch().getLayer4Match()).getTcpDestinationPort()))) { - count += 1; + ((TcpMatch) f.getMatch().getLayer4Match()).getTcpSourcePort()) + || Objects.equals(new PortNumber(80), + ((TcpMatch) f.getMatch().getLayer4Match()).getTcpDestinationPort()))) { + count++; } } return count; } @Test - public void testConditions() throws Exception { + public void test_Conditions() throws Exception { Condition cond1 = new ConditionBuilder().setName(new ConditionName("cond1")).build(); Condition cond2 = new ConditionBuilder().setName(new ConditionName("cond2")).build(); @@ -293,42 +360,41 @@ public class PolicyEnforcerTest extends MapperUtilsTest { ep1Builder.setL2Context(L2BD_ID); ep1Builder.setCondition(ImmutableList.of(cond1.getName())).build(); Endpoint ep1 = ep1Builder.build(); - ((MockEndpointManager)endpointManager).addEndpoint(ep1); - EndpointBuilder ep2Builder = buildEndpoint(IPV4_1,MAC_1, nodeConnector); + endpointManagerMock.addEndpoint(ep1); + EndpointBuilder ep2Builder = buildEndpoint(IPV4_1, MAC_1, nodeConnector); ep2Builder.setEndpointGroup(ENDPOINT_GROUP_1); ep2Builder.setL2Context(L2BD_ID); ep2Builder.setCondition(ImmutableList.of(cond1.getName(), cond2.getName())).build(); Endpoint ep2 = ep2Builder.build(); - ((MockEndpointManager)endpointManager).addEndpoint(ep2); - - TenantBuilder tb = buildTenant().setPolicy(new PolicyBuilder(buildTenant().getPolicy()).setContract( - ImmutableList.of(new ContractBuilder().setId(CONTRACT_ID) - .setSubject(ImmutableList.of(baseSubject(Direction.Out).build())) - .setClause( - ImmutableList.of(new ClauseBuilder().setName(new ClauseName("test")) - .setSubjectRefs(ImmutableList.of(new SubjectName("s1"))) - .setConsumerMatchers( - new ConsumerMatchersBuilder().setConditionMatcher( - ImmutableList.of(new ConditionMatcherBuilder().setName( - new ConditionMatcherName("m1")) - .setCondition(ImmutableList.of(cond1, cond2)) - .setMatchType(MatchType.Any) - .build())).build()) - .setProviderMatchers( - new ProviderMatchersBuilder().setConditionMatcher( - ImmutableList.of(new ConditionMatcherBuilder().setName( - new ConditionMatcherName("m2")) - .setCondition(ImmutableList.of(cond1, cond2)) - .setMatchType(MatchType.All) - .build())).build()) + endpointManagerMock.addEndpoint(ep2); + + TenantBuilder tb = buildTenant().setPolicy(new PolicyBuilder(buildTenant().getPolicy()) + .setContract(ImmutableList.of(new ContractBuilder().setId(CONTRACT_ID) + .setSubject(ImmutableList.of(baseSubject(Direction.Out).build())) + .setClause(ImmutableList.of(new ClauseBuilder().setName(new ClauseName("test")) + .setSubjectRefs(ImmutableList.of(new SubjectName("s1"))) + .setConsumerMatchers(new ConsumerMatchersBuilder().setConditionMatcher( + ImmutableList.of(new ConditionMatcherBuilder().setName(new ConditionMatcherName("m1")) + .setCondition(ImmutableList.of(cond1, cond2)) + .setMatchType(MatchType.Any) .build())) - .build())).build()); - ((MockOfContext)ctx).addTenant(tb.build()); + .build()) + .setProviderMatchers(new ProviderMatchersBuilder() + .setConditionMatcher( + ImmutableList.of(new ConditionMatcherBuilder().setName(new ConditionMatcherName("m2")) + .setCondition(ImmutableList.of(cond1, cond2)) + .setMatchType(MatchType.All) + .build())) + .build()) + .build())) + .build())) + .build()); + ctxMock.addTenant(tb.build()); - PolicyInfo policy = ctx.getCurrentPolicy(); - List ep1c = endpointManager.getConditionsForEndpoint(ep1); + PolicyInfo policy = ctxMock.getCurrentPolicy(); + List ep1c = endpointManagerMock.getConditionsForEndpoint(ep1); ConditionGroup cg1 = policy.getEgCondGroup(new EgKey(tb.getId(), ep1.getEndpointGroup()), ep1c); - List ep2c = endpointManager.getConditionsForEndpoint(ep2); + List ep2c = endpointManagerMock.getConditionsForEndpoint(ep2); ConditionGroup cg2 = policy.getEgCondGroup(new EgKey(tb.getId(), ep2.getEndpointGroup()), ep2c); int cg1Id = OrdinalFactory.getCondGroupOrdinal(cg1); int cg2Id = OrdinalFactory.getCondGroupOrdinal(cg2); @@ -348,17 +414,15 @@ public class PolicyEnforcerTest extends MapperUtilsTest { int dropAllFlow = 1; int arpFlows = 1; int totalFlows = sameEpgFlows + allowTunnelFlows + layer4flowsIPv4 + layer4flowsIPv6 + arpFlows + dropAllFlow; - assertEquals(totalFlows, ofWriter.getTableForNode(NODE_ID, ctx.getPolicyManager().getTABLEID_POLICY_ENFORCER()) - .getFlow() - .size()); - HashMap flowMap = new HashMap<>(); - for (Flow f : ofWriter.getTableForNode(NODE_ID, ctx.getPolicyManager().getTABLEID_POLICY_ENFORCER()).getFlow()) { - flowMap.put(f.getId().getValue(), f); + assertEquals(totalFlows, ofWriter + .getTableForNode(NODE_ID, ctxMock.getPolicyManager().getTABLEID_POLICY_ENFORCER()).getFlow().size()); + for (Flow f : ofWriter.getTableForNode(NODE_ID, ctxMock.getPolicyManager().getTABLEID_POLICY_ENFORCER()) + .getFlow()) { if (f.getMatch() != null && f.getMatch().getEthernetMatch() != null) { count++; } } - //flows with ether_type match + // flows with ether_type match totalFlows = layer4flowsIPv4 + layer4flowsIPv6 + arpFlows; assertEquals(totalFlows, count); } @@ -368,8 +432,8 @@ public class PolicyEnforcerTest extends MapperUtilsTest { // (these register values don't have to be equal) boolean res = false; if (flow != null && flow.getMatch() != null) { - GeneralAugMatchNodesNodeTableFlow genAug = flow.getMatch().getAugmentation( - GeneralAugMatchNodesNodeTableFlow.class); + GeneralAugMatchNodesNodeTableFlow genAug = + flow.getMatch().getAugmentation(GeneralAugMatchNodesNodeTableFlow.class); if (genAug != null) { List extensions = genAug.getExtensionList(); if (extensions != null && extensions.size() == 2) { @@ -379,7 +443,8 @@ public class PolicyEnforcerTest extends MapperUtilsTest { Class extensionKey = extensionList.getExtensionKey(); Extension extension = extensionList.getExtension(); if (extensionKey != null && extension != null) { - NxAugMatchNodesNodeTableFlow nxAugMatch = extension.getAugmentation(NxAugMatchNodesNodeTableFlow.class); + NxAugMatchNodesNodeTableFlow nxAugMatch = + extension.getAugmentation(NxAugMatchNodesNodeTableFlow.class); if (nxAugMatch != null && nxAugMatch.getNxmNxReg() != null) { if (extensionKey.equals(NxmNxReg0Key.class)) { reg0 = nxAugMatch.getNxmNxReg().getValue(); @@ -398,9 +463,8 @@ public class PolicyEnforcerTest extends MapperUtilsTest { return res; } - protected ContractBuilder baseContract(List subjects) { + private ContractBuilder baseContract(List subjects) { ContractBuilder contractBuilder = new ContractBuilder().setId(CONTRACT_ID).setSubject(subjects); - // TODO refactor if (subjects == null) { return contractBuilder.setClause(ImmutableList.of(new ClauseBuilder().setName(new ClauseName("test")) .setSubjectRefs(ImmutableList.of(new SubjectName("s1"))) @@ -410,31 +474,26 @@ public class PolicyEnforcerTest extends MapperUtilsTest { for (Subject subject : subjects) { subjectNames.add(subject.getName()); } - return contractBuilder.setClause(ImmutableList.of(new ClauseBuilder().setName(new ClauseName("test")) - .setSubjectRefs(subjectNames) - .build())); + return contractBuilder.setClause(ImmutableList + .of(new ClauseBuilder().setName(new ClauseName("test")).setSubjectRefs(subjectNames).build())); } - protected SubjectBuilder baseSubject(Direction direction) { - return new SubjectBuilder() - .setName(new SubjectName("s1")) + private SubjectBuilder baseSubject(Direction direction) { + return new SubjectBuilder().setName(new SubjectName("s1")) .setRule(ImmutableList.of(new RuleBuilder() - .setActionRef(ImmutableList.of(new ActionRefBuilder() - .setName(new ActionName(ALLOW)) - .build())) - .setClassifierRef(ImmutableList.of(new ClassifierRefBuilder() - .setName(new ClassifierName(TCP_DST)) + .setActionRef(ImmutableList.of(new ActionRefBuilder().setName(new ActionName(ALLOW)).build())) + .setClassifierRef(ImmutableList.of(new ClassifierRefBuilder().setName(new ClassifierName(TCP_DST)) .setDirection(direction) .setInstanceName(new ClassifierName(TCP_DST)) .build())) .build())); } - protected Subject createSubject(String name, List rules){ + private Subject createSubject(String name, List rules) { return new SubjectBuilder().setName(new SubjectName(name)).setRule(rules).build(); } - protected List createClassifierRefs(Map refNamesAndDirections) { + private List createClassifierRefs(Map refNamesAndDirections) { List refs = new ArrayList<>(); for (String refName : refNamesAndDirections.keySet()) { refs.add(new ClassifierRefBuilder().setName(new ClassifierName(refName)) -- 2.36.6