This patch sticks more to the architecture.
In OPNFV scenarios, Openstack metadata service may be reached
via DHCP port which acts as a GW to metadata server. VMs have
a route configured to metadata server via DHCP port.
Metadata IP and port are specified in blueprint cfg file and
processed by neutron-mapper bundle. An ip-prefix endpoint is
registered by neutron-mapper, it points to the same mac- address
endpoint as DHCP ip-prefix endpoint, i.e. DHCP ip-prefix EP &
Metadata ip-prefix EP point to the same mac address endpoint.
This configuration is supported by VPP renderer's implementation
of location resolver. In this case both DHCP and Metadata have
the same absolute location.
When ACL manager recongnizes this fact, it will build ACL for
both endpoints behind the same interface.
Remote IP prefix is revisioned here too. Remote IP prefix is
mapped to GBP as external ip-prefix endpoint. Location resolver
then looks for external interfaces and on nodes and create a
relative location for this endpoint.
Change-Id: Id72d5646fbd7af1a8094749e58ba714bb3d84959
Signed-off-by: Tomas Cechvala <tcechval@cisco.com>
} else {
priority = provider.getPriority();
}
- realLocations.get(epKey).remove(priority);
+ if (realLocations.get(epKey) != null) {
+ realLocations.get(epKey).remove(priority);
+ }
AbsoluteLocation newAbsoluteLocation = getBestAbsoluteLocation(epKey);
if (newAbsoluteLocation == null) {
InstanceIdentifier<AbsoluteLocation> iid = IidFactory.absoluteLocationIid(epKey);
if (relLocations == null) {
return false;
}
- List<InternalLocation> locs = relLocations.getInternalLocation();
- if (locs == null) {
+ if (relLocations.getInternalLocation() == null && relLocations.getExternalLocation() == null) {
return false;
}
return true;
package org.opendaylight.groupbasedpolicy.renderer.util;
+import java.util.Optional;
+
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.endpoints.address.endpoints.AddressEndpointKey;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.absolute.location.LocationType;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.absolute.location.location.type.ExternalLocationCase;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.endpoints.AddressEndpointWithLocation;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.endpoints.AddressEndpointWithLocationKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.renderer.endpoints.RendererEndpointKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.renderer.endpoints.renderer.endpoint.PeerEndpointKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.renderer.endpoints.renderer.endpoint.PeerExternalEndpointKey;
peerEpKey.getContextType());
}
+ public static AddressEndpointKey fromAddressEndpointWithLocationKey(AddressEndpointWithLocationKey key) {
+ return new AddressEndpointKey(key.getAddress(), key.getAddressType(), key.getContextId(), key.getContextType());
+ }
+
public static AddressEndpointKey fromPeerExtEpKey(PeerExternalEndpointKey peerExtEpKey) {
return new AddressEndpointKey(peerExtEpKey.getAddress(), peerExtEpKey.getAddressType(),
peerExtEpKey.getContextId(), peerExtEpKey.getContextType());
}
+
+ /**
+ * Compares absolute external locations of address end-points in the arguments.
+ */
+ public static boolean sameExternalLocationCase(AddressEndpointWithLocation ae0, AddressEndpointWithLocation ae1) {
+ if (ae0.getAbsoluteLocation() == null || ae1.getAbsoluteLocation() == null) {
+ return false;
+ }
+ Optional<LocationType> loc0Type = Optional.ofNullable(ae0.getAbsoluteLocation().getLocationType());
+ Optional<LocationType> loc1Type = Optional.ofNullable(ae1.getAbsoluteLocation().getLocationType());
+ if (!(loc0Type.isPresent() && loc0Type.get() instanceof ExternalLocationCase)
+ || !(loc1Type.isPresent() && loc1Type.get() instanceof ExternalLocationCase)) {
+ return false;
+ }
+ ExternalLocationCase loc0 = (ExternalLocationCase) loc0Type.get();
+ ExternalLocationCase loc1 = (ExternalLocationCase) loc1Type.get();
+ return (loc0.getExternalNodeMountPoint() == null || loc1.getExternalNodeMountPoint() == null
+ || loc0.getExternalNodeConnector() == null || loc1.getExternalNodeConnector() == null) ? false : loc0
+ .getExternalNodeMountPoint().toString().equals(loc1.getExternalNodeMountPoint().toString())
+ && loc0.getExternalNodeConnector().equals(loc1.getExternalNodeConnector());
+ }
}
@Override
public void close() {
+ closeRegisteredListener();
+ }
+
+ /**
+ * For child classes which override close() method.
+ */
+ protected void closeRegisteredListener() {
registeredListener.close();
}
package org.opendaylight.groupbasedpolicy.util;
+import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
+import java.util.concurrent.ExecutionException;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
+import org.opendaylight.controller.md.sal.binding.api.DataBroker;
+import org.opendaylight.controller.md.sal.binding.api.ReadOnlyTransaction;
+import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.endpoints.address.endpoints.AddressEndpoint;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.endpoints.address.endpoints.AddressEndpointKey;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.absolute.location.location.type.ExternalLocationCase;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.child.endpoints.ChildEndpoint;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.parent.child.endpoints.ParentEndpointChoice;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.parent.child.endpoints.parent.endpoint.choice.ParentContainmentEndpointCase;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.parent.child.endpoints.parent.endpoint.choice.ParentEndpointCase;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.parent.child.endpoints.parent.endpoint.choice.parent.containment.endpoint._case.ParentContainmentEndpoint;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.parent.child.endpoints.parent.endpoint.choice.parent.endpoint._case.ParentEndpoint;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.EndpointGroupId;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.ExternalImplicitGroup;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.endpoints.AddressEndpointWithLocation;
+
+import com.google.common.base.Function;
+import com.google.common.base.Optional;
+import com.google.common.util.concurrent.Futures;
+import com.google.common.util.concurrent.ListenableFuture;
public class EndpointUtils {
}
return Collections.emptyList();
}
+
+ public static boolean isExternalEndpoint(@Nonnull DataBroker dataBroker, @Nonnull AddressEndpoint addrEp) {
+ ReadOnlyTransaction rTx = dataBroker.newReadOnlyTransaction();
+ List<ListenableFuture<Boolean>> results = new ArrayList<>();
+ for (EndpointGroupId epgId : addrEp.getEndpointGroup()) {
+ results.add(Futures.transform(
+ rTx.read(LogicalDatastoreType.CONFIGURATION,
+ IidFactory.externalImplicitGroupIid(addrEp.getTenant(), epgId)),
+ new Function<Optional<ExternalImplicitGroup>, Boolean>() {
+
+ @Override
+ public Boolean apply(Optional<ExternalImplicitGroup> input) {
+ return input.isPresent();
+ }
+ }));
+ }
+ rTx.close();
+ try {
+ List<Boolean> list = Futures.allAsList(results).get();
+ return list.stream().anyMatch(Boolean::booleanValue);
+ } catch (InterruptedException | ExecutionException e) {
+ return false;
+ }
+ }
+
+ public static Optional<ExternalLocationCase> getExternalLocationFrom(AddressEndpointWithLocation input) {
+ if (input.getAbsoluteLocation() != null && input.getAbsoluteLocation().getLocationType() != null
+ && input.getAbsoluteLocation().getLocationType() instanceof ExternalLocationCase) {
+ return Optional.of((ExternalLocationCase) input.getAbsoluteLocation().getLocationType());
+ }
+ return Optional.absent();
+ }
}
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.statistics.store.rev151215.statistics.store.StatisticRecord;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.statistics.store.rev151215.statistics.store.StatisticRecordKey;
import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
+import org.opendaylight.yangtools.yang.binding.InstanceIdentifier.InstanceIdentifierBuilder;
public class IidFactory {
return InstanceIdentifier.builder(Tenants.class).child(Tenant.class, new TenantKey(id)).build();
}
- public static InstanceIdentifier<EndpointGroup> endpointGroupIid(TenantId tenantId, EndpointGroupId epgId) {
+ public static InstanceIdentifierBuilder<Policy> policyIid(TenantId tenantId) {
return InstanceIdentifier.builder(Tenants.class)
.child(Tenant.class, new TenantKey(tenantId))
- .child(Policy.class)
- .child(EndpointGroup.class, new EndpointGroupKey(epgId))
- .build();
+ .child(Policy.class);
+ }
+
+ public static InstanceIdentifier<EndpointGroup> endpointGroupIid(TenantId tenantId, EndpointGroupId epgId) {
+ return policyIid(tenantId).child(EndpointGroup.class, new EndpointGroupKey(epgId)).build();
}
public static InstanceIdentifier<Contract> contractIid(TenantId tenantId, ContractId contractId) {
- return InstanceIdentifier.builder(Tenants.class)
- .child(Tenant.class, new TenantKey(tenantId))
- .child(Policy.class)
- .child(Contract.class, new ContractKey(contractId))
- .build();
+ return policyIid(tenantId).child(Contract.class, new ContractKey(contractId)).build();
}
public static InstanceIdentifier<Contract> contractWildcardIid(TenantId tenantId) {
- return InstanceIdentifier.builder(Tenants.class)
- .child(Tenant.class, new TenantKey(tenantId))
- .child(Policy.class)
- .child(Contract.class)
- .build();
+ return policyIid(tenantId).child(Contract.class).build();
}
public static InstanceIdentifier<Subject> subjectIid(TenantId tenantId, ContractId contractId,
SubjectName subjectName) {
- return InstanceIdentifier.builder(Tenants.class)
- .child(Tenant.class, new TenantKey(tenantId))
- .child(Policy.class)
- .child(Contract.class, new ContractKey(contractId))
+ return policyIid(tenantId).child(Contract.class, new ContractKey(contractId))
.child(Subject.class, new SubjectKey(subjectName))
.build();
}
public static InstanceIdentifier<ProviderNamedSelector> providerNamedSelectorIid(TenantId tenantId,
EndpointGroupId epgId, SelectorName providerSelectorName) {
- return InstanceIdentifier.builder(Tenants.class)
- .child(Tenant.class, new TenantKey(tenantId))
- .child(Policy.class)
- .child(EndpointGroup.class, new EndpointGroupKey(epgId))
+ return policyIid(tenantId).child(EndpointGroup.class, new EndpointGroupKey(epgId))
.child(ProviderNamedSelector.class, new ProviderNamedSelectorKey(providerSelectorName))
.build();
}
public static InstanceIdentifier<ConsumerNamedSelector> consumerNamedSelectorIid(TenantId tenantId,
EndpointGroupId epgId, SelectorName consumerSelectorName) {
- return InstanceIdentifier.builder(Tenants.class)
- .child(Tenant.class, new TenantKey(tenantId))
- .child(Policy.class)
- .child(EndpointGroup.class, new EndpointGroupKey(epgId))
+ return policyIid(tenantId).child(EndpointGroup.class, new EndpointGroupKey(epgId))
.child(ConsumerNamedSelector.class, new ConsumerNamedSelectorKey(consumerSelectorName))
.build();
}
public static InstanceIdentifier<Clause> clauseIid(TenantId tenantId, ContractId contractId,
ClauseName clauseName) {
- return InstanceIdentifier.builder(Tenants.class)
- .child(Tenant.class, new TenantKey(tenantId))
- .child(Policy.class)
- .child(Contract.class, new ContractKey(contractId))
+ return policyIid(tenantId).child(Contract.class, new ContractKey(contractId))
.child(Clause.class, new ClauseKey(clauseName))
.build();
}
public static InstanceIdentifier<Rule> ruleIid(TenantId tenantId, ContractId contractId, SubjectName subjectName,
RuleName ruleName) {
- return InstanceIdentifier.builder(Tenants.class)
- .child(Tenant.class, new TenantKey(tenantId))
- .child(Policy.class)
- .child(Contract.class, new ContractKey(contractId))
+ return policyIid(tenantId).child(Contract.class, new ContractKey(contractId))
.child(Subject.class, new SubjectKey(subjectName))
.child(Rule.class, new RuleKey(ruleName))
.build();
}
public static InstanceIdentifier<ActionInstance> actionInstanceIid(TenantId tenantId, ActionName actionName) {
- return InstanceIdentifier.builder(Tenants.class)
- .child(Tenant.class, new TenantKey(tenantId))
- .child(Policy.class)
- .child(SubjectFeatureInstances.class)
+ return policyIid(tenantId).child(SubjectFeatureInstances.class)
.child(ActionInstance.class, new ActionInstanceKey(actionName))
.build();
}
public static InstanceIdentifier<ClassifierInstance> classifierInstanceIid(TenantId tenantId,
ClassifierName classifierName) {
- return InstanceIdentifier.builder(Tenants.class)
- .child(Tenant.class, new TenantKey(tenantId))
- .child(Policy.class)
- .child(SubjectFeatureInstances.class)
+ return policyIid(tenantId).child(SubjectFeatureInstances.class)
.child(ClassifierInstance.class, new ClassifierInstanceKey(classifierName))
.build();
}
public static InstanceIdentifier<ClassifierRef> classifierRefIid(TenantId tenantId, ContractId contractId,
SubjectName subjectName, RuleName ruleName, ClassifierName classifierRefName) {
- return InstanceIdentifier.builder(Tenants.class)
- .child(Tenant.class, new TenantKey(tenantId))
- .child(Policy.class)
- .child(Contract.class, new ContractKey(contractId))
+ return policyIid(tenantId).child(Contract.class, new ContractKey(contractId))
.child(Subject.class, new SubjectKey(subjectName))
.child(Rule.class, new RuleKey(ruleName))
.child(ClassifierRef.class, new ClassifierRefKey(classifierRefName))
public static InstanceIdentifier<ExternalImplicitGroup> externalImplicitGroupIid(TenantId tenantId,
EndpointGroupId epgId) {
- return InstanceIdentifier.builder(Tenants.class)
- .child(Tenant.class, new TenantKey(tenantId))
- .child(Policy.class)
- .child(ExternalImplicitGroup.class, new ExternalImplicitGroupKey(epgId))
- .build();
+ return policyIid(tenantId).child(ExternalImplicitGroup.class, new ExternalImplicitGroupKey(epgId)).build();
}
public static InstanceIdentifier<ContainmentEndpoint> containmentEndpointIid(ContainmentEndpointKey key) {
package org.opendaylight.controller.config.yang.config.neutron_mapper.impl;
-import java.util.regex.Pattern;
+import java.net.Inet4Address;
+import java.net.Inet6Address;
+import java.net.InetAddress;
import com.google.common.base.Preconditions;
import com.google.common.util.concurrent.Futures;
import org.opendaylight.mdsal.singleton.common.api.ServiceGroupIdentifier;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpPrefix;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Prefix;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv6Prefix;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.BaseEndpointService;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.EndpointService;
import org.slf4j.Logger;
this.rpcBroker = Preconditions.checkNotNull(rpcBroker);
this.clusterSingletonService = Preconditions.checkNotNull(clusterSingletonService);
try {
- this.metadataIpPrefix = new IpPrefix(new Ipv4Prefix(Preconditions.checkNotNull(metadataIp)));
+ InetAddress inetAddr = InetAddress.getByName(metadataIp);
+ if (inetAddr instanceof Inet4Address) {
+ this.metadataIpPrefix = new IpPrefix(new Ipv4Prefix(Preconditions.checkNotNull(metadataIp) + "/32"));
+ } else if (inetAddr instanceof Inet6Address) {
+ this.metadataIpPrefix = new IpPrefix(new Ipv6Prefix(Preconditions.checkNotNull(metadataIp) + "/128"));
+ }
this.metadataPort = Integer.parseInt(Preconditions.checkNotNull(metadataPort));
- LOG.trace("Resolved Metadata IP prefix: {}", metadataIpPrefix);
+ LOG.info("Resolved Metadata CIDR: {} and port {}.", metadataIpPrefix, metadataPort);
} catch (Exception ex) {
-
if (ex instanceof NumberFormatException) {
LOG.warn("Metadata port cannot be resolved. Provided value: {}. Continue without support for metadata.",
metadataPort);
}
this.metadataIpPrefix = null;
}
-
}
public void instantiate() {
private Neutron neutronAfter;
public NeutronMapper(DataBroker dataProvider, EndpointService epService, BaseEndpointService baseEpService,
- @Nullable IpPrefix metadataIpPrefix, long metadataPort) {
+ @Nullable IpPrefix metadataIpPrefix, long metadataTcpPort) {
EndpointRegistrator epRegistrator = new EndpointRegistrator(epService, baseEpService);
- networkAware = new NeutronNetworkAware(dataProvider, metadataIpPrefix, metadataPort);
- securityRuleAware = new NeutronSecurityRuleAware(dataProvider);
+ networkAware = new NeutronNetworkAware(dataProvider, metadataTcpPort);
+ securityRuleAware = new NeutronSecurityRuleAware(dataProvider, epRegistrator);
securityGroupAware = new NeutronSecurityGroupAware(dataProvider, securityRuleAware);
subnetAware = new NeutronSubnetAware(dataProvider, epRegistrator);
- portAware = new NeutronPortAware(dataProvider, epRegistrator);
+ portAware = new NeutronPortAware(dataProvider, epRegistrator, metadataIpPrefix);
routerAware = new NeutronRouterAware(dataProvider, epRegistrator);
floatingIpAware = new NeutronFloatingIpAware(dataProvider);
registerDataTreeChangeListener =
--- /dev/null
+/*
+ * Copyright (c) 2017 Cisco Systems, Inc. and others. All rights reserved.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ * and is available at http://www.eclipse.org/legal/epl-v10.html
+ */
+
+package org.opendaylight.groupbasedpolicy.neutron.mapper.infrastructure;
+
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.annotation.Nullable;
+
+import org.opendaylight.controller.md.sal.binding.api.WriteTransaction;
+import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
+import org.opendaylight.groupbasedpolicy.api.sf.EtherTypeClassifierDefinition;
+import org.opendaylight.groupbasedpolicy.api.sf.IpProtoClassifierDefinition;
+import org.opendaylight.groupbasedpolicy.api.sf.L4ClassifierDefinition;
+import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;
+import org.opendaylight.groupbasedpolicy.util.IidFactory;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpPrefix;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClassifierName;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ContractId;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.Description;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.EndpointGroupId;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.Name;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.SubjectName;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.TenantId;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.HasDirection.Direction;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.endpoint.identification.constraints.L3EndpointIdentificationConstraints;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.Contract;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.EndpointGroup;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.Clause;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.Subject;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.SubjectBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.clause.ConsumerMatchers;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.clause.ProviderMatchers;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.subject.Rule;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ConsumerNamedSelector;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ProviderNamedSelector;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ActionInstance;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ClassifierInstance;
+
+import com.google.common.collect.ImmutableList;
+
+public class MetadataService extends ServiceUtil {
+
+ private static final ClassifierName METADATA_SERVER_TO_CLIENT_NAME =
+ new ClassifierName("METADATA_FROM_SERVER_TO_CLIENT");
+ private static final ClassifierName METADATA_CLIENT_TO_SERVER_NAME =
+ new ClassifierName("METADATA_FROM_CLIENT_TO_SERVER");
+ private static final SubjectName METADATA_SUBJECT_NAME = new SubjectName("ALLOW_METADATA");
+ private static final Description METADATA_CONTRACT_DESC =
+ new Description("Allow METADATA management communication between server and client.");
+
+ /**
+ * Id of {@link #METADATA_CONTRACT}
+ */
+ public static final ContractId METADATA_CONTRACT_ID = new ContractId("be0675b7-b0d6-46cc-acf1-247ed31cf572");
+ /**
+ * Contains rules with action {@link MappingUtils#ACTION_REF_ALLOW} matching ICMP and SSH
+ * communication
+ * between Client and Server.
+ */
+ public static final Contract METADATA_CONTRACT;
+ /**
+ * {@link ConsumerNamedSelector} pointing to {@link #METADATA_CONTRACT}
+ */
+ public static final ConsumerNamedSelector METADATA_CONTRACT_CONSUMER_SELECTOR;
+
+ // ########### NETWORK-SERVICE ENDPOINT-GROUP
+ private static final Name METADATA_SERVICE_EPG_NAME = new Name("NETWORK_SERVICE");
+ private static final Description METADATA_SERVICE_EPG_DESC = new Description("Represents DHCP and DNS servers.");
+ /**
+ * ID of {@link #EPG}
+ */
+ public static final EndpointGroupId EPG_ID = new EndpointGroupId("ffff1111-dfe5-11e4-8a00-1681e6b88ec1");
+ /**
+ * Network-service endpoint-group providing {@link #METADATA_CONTRACT}
+ */
+ public static final EndpointGroup EPG;
+
+ static {
+ METADATA_CONTRACT = createContractMetadata();
+ METADATA_CONTRACT_CONSUMER_SELECTOR = createConsumerSelector(METADATA_CONTRACT);
+ EPG = createNetworkServiceEpg();
+ }
+
+ private static EndpointGroup createNetworkServiceEpg() {
+ ProviderNamedSelector metadataProviderSelector = createProviderSelector(METADATA_CONTRACT);
+ return createEpgBuilder(EPG_ID, METADATA_SERVICE_EPG_NAME, METADATA_SERVICE_EPG_DESC)
+ .setProviderNamedSelector(ImmutableList.of(metadataProviderSelector))
+ .build();
+ }
+
+ private static Contract createContractMetadata() {
+ Rule serverClientMetadataIpv4Rule = createRuleAllow(METADATA_SERVER_TO_CLIENT_NAME, Direction.Out);
+ Rule clientServerMetadataIpv4Rule = createRuleAllow(METADATA_CLIENT_TO_SERVER_NAME, Direction.In);
+ Subject subject = new SubjectBuilder().setName(METADATA_SUBJECT_NAME)
+ .setOrder(0)
+ .setRule(ImmutableList.of(serverClientMetadataIpv4Rule, clientServerMetadataIpv4Rule))
+ .build();
+ return createContract(METADATA_CONTRACT_ID, ImmutableList.of(subject), METADATA_CONTRACT_DESC);
+ }
+
+ /**
+ * puts clause with {@link L3EndpointIdentificationConstraints} in {@link ConsumerMatchers}
+ * and {@link ProviderMatchers}. This clause points to subject in {@link #METADATA_CONTRACT}.
+ *
+ * @param tenantId location of {@link #METADATA_CONTRACT}
+ * @param ipPrefix used in {@link L3EndpointIdentificationConstraints}
+ * @param wTx transaction where entities are written
+ */
+ public static void writeMetadataClauseWithConsProvEic(TenantId tenantId, @Nullable IpPrefix ipPrefix,
+ WriteTransaction wTx) {
+ Clause clause = createClauseWithConsProvEic(ipPrefix, METADATA_SUBJECT_NAME);
+ wTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.clauseIid(tenantId, METADATA_CONTRACT_ID, clause.getName()),
+ clause, true);
+ }
+
+ /**
+ * Puts network service entities (classifier-instances, {@link #METADATA_CONTRACT},
+ * and {@link #EPG}) to {@link LogicalDatastoreType#CONFIGURATION}
+ *
+ * @param tenantId location of network-service entities
+ * @param wTx transaction where network-service entities are written
+ */
+ public static void writeNetworkServiceEntitiesToTenant(TenantId tenantId, WriteTransaction wTx, long metadataPort) {
+ Set<ClassifierInstance> classifierInstances = getAllClassifierInstances(metadataPort);
+ for (ClassifierInstance ci : classifierInstances) {
+ wTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.classifierInstanceIid(tenantId, ci.getName()), ci,
+ true);
+ }
+ for (ActionInstance ai : Collections.singleton(MappingUtils.ACTION_ALLOW)) {
+ wTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.actionInstanceIid(tenantId, ai.getName()), ai, true);
+ }
+ wTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.contractIid(tenantId, METADATA_CONTRACT_ID), METADATA_CONTRACT,
+ true);
+ wTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.endpointGroupIid(tenantId, EPG_ID), EPG, true);
+ }
+
+ /**
+ * @return All classifier-instances used in {@link #METADATA_CONTRACT}
+ */
+ public static Set<ClassifierInstance> getAllClassifierInstances(long metadataPort) {
+ HashSet<ClassifierInstance> cis = new HashSet<>();
+ // METADATA
+ cis.add(createMetadataIpv4ClientServer(metadataPort));
+ cis.add(createMetadataIpv4ServerClient(metadataPort));
+ return cis;
+ }
+
+ private static ClassifierInstance createMetadataIpv4ClientServer(long dstPort) {
+ return createClassifInstance(METADATA_CLIENT_TO_SERVER_NAME,
+ L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv4_VALUE,
+ IpProtoClassifierDefinition.TCP_VALUE, null, dstPort));
+ }
+
+ private static ClassifierInstance createMetadataIpv4ServerClient(long srcPort) {
+ return createClassifInstance(METADATA_SERVER_TO_CLIENT_NAME,
+ L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv4_VALUE,
+ IpProtoClassifierDefinition.TCP_VALUE, srcPort, null));
+ }
+}
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.Name;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.TenantId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.EndpointGroup;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.EndpointGroup.IntraGroupPolicy;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.EndpointGroupBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ConsumerNamedSelector;
import com.google.common.base.Preconditions;
-public class NetworkClient {
+public class NetworkClient extends ServiceUtil {
private static final Name NETWORK_CLIENT_EPG_NAME = new Name("NETWORK_CLIENT");
private static final Description NETWORK_CLIENT_EPG_DESC = new Description("Represents DHCP and DNS clients.");
}
private static EndpointGroup createNetworkClientEpg() {
- return new EndpointGroupBuilder().setId(EPG_ID)
- .setName(NETWORK_CLIENT_EPG_NAME)
- .setIntraGroupPolicy(IntraGroupPolicy.RequireContract)
- .setDescription(NETWORK_CLIENT_EPG_DESC)
- .build();
+ return createEpgBuilder(EPG_ID, NETWORK_CLIENT_EPG_NAME, NETWORK_CLIENT_EPG_DESC).build();
}
/**
package org.opendaylight.groupbasedpolicy.neutron.mapper.infrastructure;
-import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
-import java.util.List;
import java.util.Set;
import javax.annotation.Nullable;
import org.opendaylight.groupbasedpolicy.api.sf.IpProtoClassifierDefinition;
import org.opendaylight.groupbasedpolicy.api.sf.L4ClassifierDefinition;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;
-import org.opendaylight.groupbasedpolicy.neutron.mapper.util.Utils;
import org.opendaylight.groupbasedpolicy.util.IidFactory;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpPrefix;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClassifierName;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClauseName;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ContractId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.Description;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.EndpointGroupId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.Name;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ParameterName;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.RuleName;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.SelectorName;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.SubjectName;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.TenantId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.HasDirection.Direction;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.action.refs.ActionRef;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.classifier.refs.ClassifierRef;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.classifier.refs.ClassifierRefBuilder;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.EndpointIdentificationConstraintsBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.endpoint.identification.constraints.L3EndpointIdentificationConstraints;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.endpoint.identification.constraints.L3EndpointIdentificationConstraintsBuilder;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.endpoint.identification.constraints.l3.endpoint.identification.constraints.PrefixConstraintBuilder;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValue;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValueBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.Contract;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.ContractBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.EndpointGroup;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.EndpointGroup.IntraGroupPolicy;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.EndpointGroupBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.Clause;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.ClauseBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.Subject;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.SubjectBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.clause.ConsumerMatchers;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.clause.ConsumerMatchersBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.clause.ProviderMatchers;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.clause.ProviderMatchersBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.subject.Rule;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.subject.RuleBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ConsumerNamedSelector;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ConsumerNamedSelectorBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ProviderNamedSelector;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ProviderNamedSelectorBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ActionInstance;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ClassifierInstance;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ClassifierInstanceBuilder;
import com.google.common.collect.ImmutableList;
-public class NetworkService {
+public class NetworkService extends ServiceUtil {
/**
* Unit tests {@link NetworkServiceTest}
*/
public static final ConsumerNamedSelector MGMT_CONTRACT_CONSUMER_SELECTOR;
- // ########### METADATA management
- private static final ClassifierName METADATA_SERVER_TO_CLIENT_NAME =
- new ClassifierName("METADATA_FROM_SERVER_TO_CLIENT");
- private static final ClassifierName METADATA_CLIENT_TO_SERVER_NAME =
- new ClassifierName("METADATA_FROM_CLIENT_TO_SERVER");
- private static final SubjectName METADATA_SUBJECT_NAME = new SubjectName("ALLOW_METADATA");
- private static final Description METADATA_CONTRACT_DESC =
- new Description("Allow METADATA management communication between server and client.");
-
- /**
- * Id of {@link #METADATA_CONTRACT}
- */
- public static final ContractId METADATA_CONTRACT_ID = new ContractId("be0675b7-b0d6-46cc-acf1-247ed31cf572");
- /**
- * Contains rules with action {@link MappingUtils#ACTION_REF_ALLOW} matching ICMP and SSH
- * communication
- * between Client and Server.
- */
- public static final Contract METADATA_CONTRACT;
- /**
- * {@link ConsumerNamedSelector} pointing to {@link #METADATA_CONTRACT}
- */
- public static final ConsumerNamedSelector METADATA_CONTRACT_CONSUMER_SELECTOR;
-
// ########### NETWORK-SERVICE ENDPOINT-GROUP
private static final Name NETWORK_SERVICE_EPG_NAME = new Name("NETWORK_SERVICE");
private static final Description NETWORK_SERVICE_EPG_DESC = new Description("Represents DHCP and DNS servers.");
DNS_CONTRACT_CONSUMER_SELECTOR = createConsumerSelector(DNS_CONTRACT);
MGMT_CONTRACT = createContractMgmt();
MGMT_CONTRACT_CONSUMER_SELECTOR = createConsumerSelector(MGMT_CONTRACT);
- METADATA_CONTRACT = createContractMetadata();
- METADATA_CONTRACT_CONSUMER_SELECTOR = createConsumerSelector(METADATA_CONTRACT);
EPG = createNetworkServiceEpg();
}
ProviderNamedSelector dhcpProviderSelector = createProviderSelector(DHCP_CONTRACT);
ProviderNamedSelector dnsProviderSelector = createProviderSelector(DNS_CONTRACT);
ProviderNamedSelector mgmtProviderSelector = createProviderSelector(MGMT_CONTRACT);
- ProviderNamedSelector metadataProviderSelector = createProviderSelector(METADATA_CONTRACT);
- return new EndpointGroupBuilder().setId(EPG_ID)
- .setName(NETWORK_SERVICE_EPG_NAME)
- .setProviderNamedSelector(ImmutableList.of(dhcpProviderSelector, dnsProviderSelector, mgmtProviderSelector,
- metadataProviderSelector))
- .setIntraGroupPolicy(IntraGroupPolicy.RequireContract)
- .setDescription(NETWORK_SERVICE_EPG_DESC)
- .build();
- }
-
- private static ProviderNamedSelector createProviderSelector(Contract contract) {
- SelectorName selectorName = new SelectorName(contract.getSubject().get(0).getName().getValue());
- return new ProviderNamedSelectorBuilder().setName(selectorName)
- .setContract(ImmutableList.of(contract.getId()))
- .build();
- }
-
- private static ConsumerNamedSelector createConsumerSelector(Contract contract) {
- SelectorName selectorName = new SelectorName(contract.getSubject().get(0).getName().getValue());
- return new ConsumerNamedSelectorBuilder().setName(selectorName)
- .setContract(ImmutableList.of(contract.getId()))
+ return createEpgBuilder(EPG_ID, NETWORK_SERVICE_EPG_NAME, NETWORK_SERVICE_EPG_DESC)
+ .setProviderNamedSelector(ImmutableList.of(dhcpProviderSelector, dnsProviderSelector, mgmtProviderSelector))
.build();
}
.setRule(ImmutableList.of(clientServerIpv4Rule, serverClientIpv4Rule, clientServerIpv6Rule,
serverClientIpv6Rule))
.build();
- return new ContractBuilder().setId(DHCP_CONTRACT_ID)
- .setSubject(ImmutableList.of(subject))
- .setDescription(DHCP_CONTRACT_DESC)
- .build();
+ return createContract(DHCP_CONTRACT_ID, ImmutableList.of(subject), DHCP_CONTRACT_DESC);
}
private static Contract createContractDns() {
serverClientUdpIpv6Rule, clientServerTcpIpv4Rule, serverClientTcpIpv4Rule, clientServerTcpIpv6Rule,
serverClientTcpIpv6Rule))
.build();
- return new ContractBuilder().setId(DNS_CONTRACT_ID)
- .setSubject(ImmutableList.of(subject))
- .setDescription(DNS_CONTRACT_DESC)
- .build();
+ return createContract(DNS_CONTRACT_ID, ImmutableList.of(subject), DNS_CONTRACT_DESC);
}
private static Contract createContractMgmt() {
clientServerSshIpv6Rule, clientServerIcmpIpv4Rule, clientServerIcmpIpv6Rule,
serverClientIcmpIpv4Rule, serverClientIcmpIpv6Rule))
.build();
- return new ContractBuilder().setId(MGMT_CONTRACT_ID)
- .setSubject(ImmutableList.of(subject))
- .setDescription(MGMT_CONTRACT_DESC)
- .build();
- }
-
- private static Contract createContractMetadata() {
- Rule serverClientMetadataIpv4Rule = createRuleAllow(METADATA_SERVER_TO_CLIENT_NAME, Direction.Out);
- Rule clientServerMetadataIpv4Rule = createRuleAllow(METADATA_CLIENT_TO_SERVER_NAME, Direction.In);
- Rule serverClientIcmpIpv4Rule = createRuleAllow(ICMP_IPV4_BETWEEN_SERVER_CLIENT_NAME, Direction.Out);
- Rule serverClientIcmpIpv6Rule = createRuleAllow(ICMP_IPV6_BETWEEN_SERVER_CLIENT_NAME, Direction.Out);
- Rule clientServerIcmpIpv4Rule = createRuleAllow(ICMP_IPV4_BETWEEN_SERVER_CLIENT_NAME, Direction.In);
- Rule clientServerIcmpIpv6Rule = createRuleAllow(ICMP_IPV6_BETWEEN_SERVER_CLIENT_NAME, Direction.In);
-
- Subject subject = new SubjectBuilder().setName(METADATA_SUBJECT_NAME)
- .setOrder(0)
- .setRule(ImmutableList.of(serverClientMetadataIpv4Rule, clientServerMetadataIpv4Rule,
- clientServerIcmpIpv4Rule, clientServerIcmpIpv6Rule,
- serverClientIcmpIpv4Rule, serverClientIcmpIpv6Rule))
- .build();
- return new ContractBuilder().setId(METADATA_CONTRACT_ID)
- .setSubject(ImmutableList.of(subject))
- .setDescription(METADATA_CONTRACT_DESC)
- .build();
- }
-
- private static Rule createRuleAllow(ClassifierName classifierName, Direction direction) {
- ClassifierName name =
- new ClassifierName(direction.name() + MappingUtils.NAME_DOUBLE_DELIMETER + classifierName.getValue());
- ClassifierRef classifierRef = new ClassifierRefBuilder().setName(name)
- .setInstanceName(classifierName)
- .setDirection(direction)
- .build();
- return new RuleBuilder().setName(new RuleName(name))
- .setActionRef(ImmutableList.<ActionRef>of(MappingUtils.ACTION_REF_ALLOW))
- .setClassifierRef(ImmutableList.of(classifierRef))
- .build();
+ return createContract(MGMT_CONTRACT_ID, ImmutableList.of(subject), MGMT_CONTRACT_DESC);
}
/**
clause, true);
}
- /**
- * puts clause with {@link L3EndpointIdentificationConstraints} in {@link ConsumerMatchers}
- * and {@link ProviderMatchers}. This clause points to subject in {@link #METADATA_CONTRACT}.
- *
- * @param tenantId location of {@link #METADATA_CONTRACT}
- * @param ipPrefix used in {@link L3EndpointIdentificationConstraints}
- * @param wTx transaction where entities are written
- */
- public static void writeMetadataClauseWithConsProvEic(TenantId tenantId, @Nullable IpPrefix ipPrefix,
- WriteTransaction wTx) {
- Clause clause = createClauseWithConsProvEic(ipPrefix, METADATA_SUBJECT_NAME);
- wTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.clauseIid(tenantId, METADATA_CONTRACT_ID, clause.getName()),
- clause, true);
- }
-
- private static Clause createClauseWithConsProvEic(@Nullable IpPrefix ipPrefix, SubjectName subjectName) {
- ConsumerMatchers consumerMatchers = null;
- ProviderMatchers providerMatchers = null;
- StringBuilder clauseName = new StringBuilder();
- clauseName.append(subjectName.getValue());
- if (ipPrefix != null) {
- clauseName.append(MappingUtils.NAME_DOUBLE_DELIMETER).append(Utils.getStringIpPrefix(ipPrefix));
- consumerMatchers =
- new ConsumerMatchersBuilder()
- .setEndpointIdentificationConstraints(new EndpointIdentificationConstraintsBuilder()
- .setL3EndpointIdentificationConstraints(new L3EndpointIdentificationConstraintsBuilder()
- .setPrefixConstraint(
- ImmutableList.of(new PrefixConstraintBuilder().setIpPrefix(ipPrefix).build()))
- .build())
- .build())
- .build();
- providerMatchers =
- new ProviderMatchersBuilder()
- .setEndpointIdentificationConstraints(new EndpointIdentificationConstraintsBuilder()
- .setL3EndpointIdentificationConstraints(new L3EndpointIdentificationConstraintsBuilder()
- .setPrefixConstraint(
- ImmutableList.of(new PrefixConstraintBuilder().setIpPrefix(ipPrefix).build()))
- .build())
- .build())
- .build();
- }
- return new ClauseBuilder().setName(new ClauseName(clauseName.toString()))
- .setSubjectRefs(ImmutableList.of(subjectName))
- .setConsumerMatchers(consumerMatchers)
- .setProviderMatchers(providerMatchers)
- .build();
- }
-
/**
* Puts network service entities (classifier-instances, {@link #DHCP_CONTRACT},
* {@link #DNS_CONTRACT}, {@link #MGMT_CONTRACT} and {@link #EPG}) to
* @param tenantId location of network-service entities
* @param wTx transaction where network-service entities are written
*/
- public static void writeNetworkServiceEntitiesToTenant(TenantId tenantId, WriteTransaction wTx, long metadataPort) {
- Set<ClassifierInstance> classifierInstances = getAllClassifierInstances(metadataPort);
+ public static void writeNetworkServiceEntitiesToTenant(TenantId tenantId, WriteTransaction wTx) {
+ Set<ClassifierInstance> classifierInstances = getAllClassifierInstances();
for (ClassifierInstance ci : classifierInstances) {
wTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.classifierInstanceIid(tenantId, ci.getName()), ci,
true);
true);
wTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.contractIid(tenantId, MGMT_CONTRACT_ID), MGMT_CONTRACT,
true);
- wTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.contractIid(tenantId, METADATA_CONTRACT_ID), METADATA_CONTRACT,
- true);
wTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.endpointGroupIid(tenantId, EPG_ID), EPG, true);
}
* @return All classifier-instances used in {@link #DHCP_CONTRACT}, {@link #DNS_CONTRACT} and
* {@link #MGMT_CONTRACT}
*/
- public static Set<ClassifierInstance> getAllClassifierInstances(long metadataPort) {
+ public static Set<ClassifierInstance> getAllClassifierInstances() {
HashSet<ClassifierInstance> cis = new HashSet<>();
cis.add(createDhcpIpv4ClientServer());
cis.add(createDhcpIpv4ServerClient());
cis.add(createSshTcpIpv6ClientServer());
cis.add(createIcmpIpv4());
cis.add(createIcmpIpv6());
- // METADATA
- cis.add(createMetadataIpv4ClientServer(metadataPort));
- cis.add(createMetadataIpv4ServerClient(metadataPort));
-
return cis;
}
// ###################### DHCP
private static ClassifierInstance createDhcpIpv4ClientServer() {
- return new ClassifierInstanceBuilder().setName(DHCP_IPV4_CLIENT_SERVER_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
- DHCP_IPV4_CLIENT_PORT, DHCP_IPV4_SERVER_PORT))
- .build();
+ return createClassifInstance(DHCP_IPV4_CLIENT_SERVER_NAME, L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
+ DHCP_IPV4_CLIENT_PORT, DHCP_IPV4_SERVER_PORT));
}
private static ClassifierInstance createDhcpIpv4ServerClient() {
- return new ClassifierInstanceBuilder().setName(DHCP_IPV4_SERVER_CLIENT_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
- DHCP_IPV4_SERVER_PORT, DHCP_IPV4_CLIENT_PORT))
- .build();
+ return createClassifInstance(DHCP_IPV4_SERVER_CLIENT_NAME, L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
+ DHCP_IPV4_SERVER_PORT, DHCP_IPV4_CLIENT_PORT));
}
private static ClassifierInstance createDhcpIpv6ClientServer() {
- return new ClassifierInstanceBuilder().setName(DHCP_IPV6_CLIENT_SERVER_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
- DHCP_IPV6_CLIENT_PORT, DHCP_IPV6_SERVER_PORT))
- .build();
+ return createClassifInstance(DHCP_IPV6_CLIENT_SERVER_NAME, L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
+ DHCP_IPV6_CLIENT_PORT, DHCP_IPV6_SERVER_PORT));
}
private static ClassifierInstance createDhcpIpv6ServerClient() {
- return new ClassifierInstanceBuilder().setName(DHCP_IPV6_SERVER_CLIENT_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
- DHCP_IPV6_SERVER_PORT, DHCP_IPV6_CLIENT_PORT))
- .build();
+ return createClassifInstance(DHCP_IPV6_SERVER_CLIENT_NAME, L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
+ DHCP_IPV6_SERVER_PORT, DHCP_IPV6_CLIENT_PORT));
}
// ###################### DNS UDP
private static ClassifierInstance createDnsUdpIpv4ClientServer() {
- return new ClassifierInstanceBuilder().setName(DNS_UDP_IPV4_CLIENT_SERVER_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(
- createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.UDP_VALUE, null, DNS_SERVER_PORT))
- .build();
+ return createClassifInstance(DNS_UDP_IPV4_CLIENT_SERVER_NAME, L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.UDP_VALUE, null,
+ DNS_SERVER_PORT));
}
private static ClassifierInstance createDnsUdpIpv4ServerClient() {
- return new ClassifierInstanceBuilder().setName(DNS_UDP_IPV4_SERVER_CLIENT_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(
- createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.UDP_VALUE, DNS_SERVER_PORT, null))
- .build();
+ return createClassifInstance(DNS_UDP_IPV4_SERVER_CLIENT_NAME, L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
+ DNS_SERVER_PORT, null));
}
private static ClassifierInstance createDnsUdpIpv6ClientServer() {
- return new ClassifierInstanceBuilder().setName(DNS_UDP_IPV6_CLIENT_SERVER_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(
- createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.UDP_VALUE, null, DNS_SERVER_PORT))
- .build();
+ return createClassifInstance(DNS_UDP_IPV6_CLIENT_SERVER_NAME, L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.UDP_VALUE, null,
+ DNS_SERVER_PORT));
}
private static ClassifierInstance createDnsUdpIpv6ServerClient() {
- return new ClassifierInstanceBuilder().setName(DNS_UDP_IPV6_SERVER_CLIENT_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(
- createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.UDP_VALUE, DNS_SERVER_PORT, null))
- .build();
+ return createClassifInstance(DNS_UDP_IPV6_SERVER_CLIENT_NAME, L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.UDP_VALUE,
+ DNS_SERVER_PORT, null));
}
// ###################### DNS TCP
private static ClassifierInstance createDnsTcpIpv4ClientServer() {
- return new ClassifierInstanceBuilder().setName(DNS_TCP_IPV4_CLIENT_SERVER_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(
- createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.TCP_VALUE, null, DNS_SERVER_PORT))
- .build();
+ return createClassifInstance(DNS_TCP_IPV4_CLIENT_SERVER_NAME,
+ L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv4_VALUE,
+ IpProtoClassifierDefinition.TCP_VALUE, null, DNS_SERVER_PORT));
}
private static ClassifierInstance createDnsTcpIpv4ServerClient() {
- return new ClassifierInstanceBuilder().setName(DNS_TCP_IPV4_SERVER_CLIENT_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(
- createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.TCP_VALUE, DNS_SERVER_PORT, null))
- .build();
+ return createClassifInstance(DNS_TCP_IPV4_SERVER_CLIENT_NAME,
+ L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv4_VALUE,
+ IpProtoClassifierDefinition.TCP_VALUE, DNS_SERVER_PORT, null));
}
private static ClassifierInstance createDnsTcpIpv6ClientServer() {
- return new ClassifierInstanceBuilder().setName(DNS_TCP_IPV6_CLIENT_SERVER_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(
- createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.TCP_VALUE, null, DNS_SERVER_PORT))
- .build();
+ return createClassifInstance(DNS_TCP_IPV6_CLIENT_SERVER_NAME,
+ L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv6_VALUE,
+ IpProtoClassifierDefinition.TCP_VALUE, null, DNS_SERVER_PORT));
}
private static ClassifierInstance createDnsTcpIpv6ServerClient() {
- return new ClassifierInstanceBuilder().setName(DNS_TCP_IPV6_SERVER_CLIENT_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(
- createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.TCP_VALUE, DNS_SERVER_PORT, null))
- .build();
+ return createClassifInstance(DNS_TCP_IPV6_SERVER_CLIENT_NAME,
+ L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv6_VALUE,
+ IpProtoClassifierDefinition.TCP_VALUE, DNS_SERVER_PORT, null));
}
// ###################### SSH TCP
private static ClassifierInstance createSshTcpIpv4ClientServer() {
- return new ClassifierInstanceBuilder().setName(SSH_IPV4_CLIENT_TO_SERVER_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(
- createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.TCP_VALUE, SSH_TCP_PORT, null))
- .build();
+ return createClassifInstance(SSH_IPV4_CLIENT_TO_SERVER_NAME,
+ L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv4_VALUE,
+ IpProtoClassifierDefinition.TCP_VALUE, SSH_TCP_PORT, null));
}
private static ClassifierInstance createSshTcpIpv4ServerClient() {
- return new ClassifierInstanceBuilder().setName(SSH_IPV4_SERVER_TO_CLIENT_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(
- createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.TCP_VALUE, null, SSH_TCP_PORT))
- .build();
+ return createClassifInstance(SSH_IPV4_SERVER_TO_CLIENT_NAME,
+ L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv4_VALUE,
+ IpProtoClassifierDefinition.TCP_VALUE, null, SSH_TCP_PORT));
}
private static ClassifierInstance createSshTcpIpv6ClientServer() {
- return new ClassifierInstanceBuilder().setName(SSH_IPV6_CLIENT_TO_SERVER_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(
- createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.TCP_VALUE, SSH_TCP_PORT, null))
- .build();
+ return createClassifInstance(SSH_IPV6_CLIENT_TO_SERVER_NAME,
+ L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv6_VALUE,
+ IpProtoClassifierDefinition.TCP_VALUE, SSH_TCP_PORT, null));
}
private static ClassifierInstance createSshTcpIpv6ServerClient() {
- return new ClassifierInstanceBuilder().setName(SSH_IPV6_SERVER_TO_CLIENT_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(
- createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.TCP_VALUE, null, SSH_TCP_PORT))
- .build();
+ return createClassifInstance(SSH_IPV6_SERVER_TO_CLIENT_NAME,
+ L4ClassifierDefinition.DEFINITION.getId(),
+ createParams(EtherTypeClassifierDefinition.IPv6_VALUE,
+ IpProtoClassifierDefinition.TCP_VALUE, null, SSH_TCP_PORT));
}
// ###################### ICMP
private static ClassifierInstance createIcmpIpv4() {
- return new ClassifierInstanceBuilder().setName(ICMP_IPV4_BETWEEN_SERVER_CLIENT_NAME)
- .setClassifierDefinitionId(IpProtoClassifierDefinition.DEFINITION.getId())
- .setParameterValue(createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.ICMP_VALUE, null, null))
- .build();
+ return createClassifInstance(ICMP_IPV4_BETWEEN_SERVER_CLIENT_NAME,
+ IpProtoClassifierDefinition.DEFINITION.getId(), createParams(
+ EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.ICMP_VALUE, null, null));
}
private static ClassifierInstance createIcmpIpv6() {
- return new ClassifierInstanceBuilder().setName(ICMP_IPV6_BETWEEN_SERVER_CLIENT_NAME)
- .setClassifierDefinitionId(IpProtoClassifierDefinition.DEFINITION.getId())
- .setParameterValue(createParams(EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.ICMP_VALUE, null, null))
- .build();
- }
-
- // ###################### METADATA
- private static ClassifierInstance createMetadataIpv4ClientServer(long dstPort) {
- return new ClassifierInstanceBuilder().setName(METADATA_CLIENT_TO_SERVER_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(
- createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.TCP_VALUE, null,
- dstPort))
- .build();
- }
-
- private static ClassifierInstance createMetadataIpv4ServerClient(long srcPort) {
- return new ClassifierInstanceBuilder().setName(METADATA_SERVER_TO_CLIENT_NAME)
- .setClassifierDefinitionId(L4ClassifierDefinition.DEFINITION.getId())
- .setParameterValue(
- createParams(EtherTypeClassifierDefinition.IPv4_VALUE, IpProtoClassifierDefinition.TCP_VALUE,
- srcPort, null))
- .build();
- }
-
- private static List<ParameterValue> createParams(long etherType, long proto, @Nullable Long srcPort,
- @Nullable Long dstPort) {
- List<ParameterValue> params = new ArrayList<>();
- if (srcPort != null) {
- params.add(new ParameterValueBuilder().setName(new ParameterName(L4ClassifierDefinition.SRC_PORT_PARAM))
- .setIntValue(srcPort)
- .build());
- }
- if (dstPort != null) {
- params.add(new ParameterValueBuilder().setName(new ParameterName(L4ClassifierDefinition.DST_PORT_PARAM))
- .setIntValue(dstPort)
- .build());
- }
- params.add(new ParameterValueBuilder().setName(new ParameterName(IpProtoClassifierDefinition.PROTO_PARAM))
- .setIntValue(proto)
- .build());
- params.add(new ParameterValueBuilder().setName(new ParameterName(EtherTypeClassifierDefinition.ETHERTYPE_PARAM))
- .setIntValue(etherType)
- .build());
- return params;
+ return createClassifInstance((ICMP_IPV6_BETWEEN_SERVER_CLIENT_NAME),
+ IpProtoClassifierDefinition.DEFINITION.getId(), createParams(
+ EtherTypeClassifierDefinition.IPv6_VALUE, IpProtoClassifierDefinition.ICMP_VALUE, null, null));
}
}
--- /dev/null
+/*
+ * Copyright (c) 2017 Cisco Systems, Inc. and others. All rights reserved.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ * and is available at http://www.eclipse.org/legal/epl-v10.html
+ */
+
+package org.opendaylight.groupbasedpolicy.neutron.mapper.infrastructure;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.annotation.Nullable;
+
+import org.opendaylight.groupbasedpolicy.api.sf.EtherTypeClassifierDefinition;
+import org.opendaylight.groupbasedpolicy.api.sf.IpProtoClassifierDefinition;
+import org.opendaylight.groupbasedpolicy.api.sf.L4ClassifierDefinition;
+import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;
+import org.opendaylight.groupbasedpolicy.neutron.mapper.util.Utils;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpPrefix;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClassifierDefinitionId;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClassifierName;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClauseName;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ContractId;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.Description;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.EndpointGroupId;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.Name;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ParameterName;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.RuleName;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.SelectorName;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.SubjectName;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.HasDirection.Direction;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.action.refs.ActionRef;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.classifier.refs.ClassifierRef;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.classifier.refs.ClassifierRefBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.EndpointIdentificationConstraintsBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.endpoint.identification.constraints.L3EndpointIdentificationConstraintsBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.has.endpoint.identification.constraints.endpoint.identification.constraints.l3.endpoint.identification.constraints.PrefixConstraintBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValue;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValueBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.Contract;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.ContractBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.EndpointGroupBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.EndpointGroup.IntraGroupPolicy;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.Clause;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.ClauseBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.Subject;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.clause.ConsumerMatchers;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.clause.ConsumerMatchersBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.clause.ProviderMatchers;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.clause.ProviderMatchersBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.subject.Rule;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.contract.subject.RuleBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ConsumerNamedSelector;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ConsumerNamedSelectorBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ProviderNamedSelector;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ProviderNamedSelectorBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ClassifierInstance;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ClassifierInstanceBuilder;
+
+import com.google.common.collect.ImmutableList;
+
+public class ServiceUtil {
+
+ protected static Contract createContract(ContractId cid, List<Subject> subjects, Description description) {
+ return new ContractBuilder().setId(cid).setSubject(subjects).setDescription(description).build();
+ }
+
+ protected static ClassifierInstance createClassifInstance(ClassifierName name, ClassifierDefinitionId id,
+ List<ParameterValue> pv) {
+ return new ClassifierInstanceBuilder().setName(name)
+ .setClassifierDefinitionId(id)
+ .setParameterValue(pv)
+ .build();
+ }
+
+ protected static EndpointGroupBuilder createEpgBuilder(EndpointGroupId epgId, Name name, Description description) {
+ return new EndpointGroupBuilder().setId(epgId)
+ .setName(name)
+ .setIntraGroupPolicy(IntraGroupPolicy.RequireContract)
+ .setDescription(description);
+ }
+
+ protected static List<ParameterValue> createParams(long etherType, long proto, @Nullable Long srcPort,
+ @Nullable Long dstPort) {
+ List<ParameterValue> params = new ArrayList<>();
+ if (srcPort != null) {
+ params.add(new ParameterValueBuilder().setName(new ParameterName(L4ClassifierDefinition.SRC_PORT_PARAM))
+ .setIntValue(srcPort)
+ .build());
+ }
+ if (dstPort != null) {
+ params.add(new ParameterValueBuilder().setName(new ParameterName(L4ClassifierDefinition.DST_PORT_PARAM))
+ .setIntValue(dstPort)
+ .build());
+ }
+ params.add(new ParameterValueBuilder().setName(new ParameterName(IpProtoClassifierDefinition.PROTO_PARAM))
+ .setIntValue(proto)
+ .build());
+ params.add(new ParameterValueBuilder().setName(new ParameterName(EtherTypeClassifierDefinition.ETHERTYPE_PARAM))
+ .setIntValue(etherType)
+ .build());
+ return params;
+ }
+
+ protected static Clause createClauseWithConsProvEic(@Nullable IpPrefix ipPrefix, SubjectName subjectName) {
+ ConsumerMatchers consumerMatchers = null;
+ ProviderMatchers providerMatchers = null;
+ StringBuilder clauseName = new StringBuilder();
+ clauseName.append(subjectName.getValue());
+ if (ipPrefix != null) {
+ clauseName.append(MappingUtils.NAME_DOUBLE_DELIMETER).append(Utils.getStringIpPrefix(ipPrefix));
+ consumerMatchers =
+ new ConsumerMatchersBuilder()
+ .setEndpointIdentificationConstraints(new EndpointIdentificationConstraintsBuilder()
+ .setL3EndpointIdentificationConstraints(new L3EndpointIdentificationConstraintsBuilder()
+ .setPrefixConstraint(
+ ImmutableList.of(new PrefixConstraintBuilder().setIpPrefix(ipPrefix).build()))
+ .build())
+ .build())
+ .build();
+ providerMatchers =
+ new ProviderMatchersBuilder()
+ .setEndpointIdentificationConstraints(new EndpointIdentificationConstraintsBuilder()
+ .setL3EndpointIdentificationConstraints(new L3EndpointIdentificationConstraintsBuilder()
+ .setPrefixConstraint(
+ ImmutableList.of(new PrefixConstraintBuilder().setIpPrefix(ipPrefix).build()))
+ .build())
+ .build())
+ .build();
+ }
+ return new ClauseBuilder().setName(new ClauseName(clauseName.toString()))
+ .setSubjectRefs(ImmutableList.of(subjectName))
+ .setConsumerMatchers(consumerMatchers)
+ .setProviderMatchers(providerMatchers)
+ .build();
+ }
+
+ protected static Rule createRuleAllow(ClassifierName classifierName, Direction direction) {
+ ClassifierName name =
+ new ClassifierName(direction.name() + MappingUtils.NAME_DOUBLE_DELIMETER + classifierName.getValue());
+ ClassifierRef classifierRef = new ClassifierRefBuilder().setName(name)
+ .setInstanceName(classifierName)
+ .setDirection(direction)
+ .build();
+ return new RuleBuilder().setName(new RuleName(name))
+ .setActionRef(ImmutableList.<ActionRef>of(MappingUtils.ACTION_REF_ALLOW))
+ .setClassifierRef(ImmutableList.of(classifierRef))
+ .build();
+ }
+
+ protected static ProviderNamedSelector createProviderSelector(Contract contract) {
+ SelectorName selectorName = new SelectorName(contract.getSubject().get(0).getName().getValue());
+ return new ProviderNamedSelectorBuilder().setName(selectorName)
+ .setContract(ImmutableList.of(contract.getId()))
+ .build();
+ }
+
+ protected static ConsumerNamedSelector createConsumerSelector(Contract contract) {
+ SelectorName selectorName = new SelectorName(contract.getSubject().get(0).getName().getValue());
+ return new ConsumerNamedSelectorBuilder().setName(selectorName)
+ .setContract(ImmutableList.of(contract.getId()))
+ .build();
+ }
+}
import java.util.HashSet;
import java.util.Set;
-import javax.annotation.Nullable;
-
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.controller.md.sal.binding.api.ReadWriteTransaction;
import org.opendaylight.controller.md.sal.binding.api.WriteTransaction;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
import org.opendaylight.groupbasedpolicy.domain_extension.l2_l3.util.L2L3IidFactory;
import org.opendaylight.groupbasedpolicy.neutron.gbp.util.NeutronGbpIidFactory;
+import org.opendaylight.groupbasedpolicy.neutron.mapper.infrastructure.MetadataService;
import org.opendaylight.groupbasedpolicy.neutron.mapper.infrastructure.NetworkClient;
import org.opendaylight.groupbasedpolicy.neutron.mapper.infrastructure.NetworkService;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.NetworkUtils;
import org.opendaylight.groupbasedpolicy.util.DataStoreHelper;
import org.opendaylight.groupbasedpolicy.util.IidFactory;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpPrefix;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ContextId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.L2BridgeDomainId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.L2FloodDomainId;
InstanceIdentifier.builder(Neutron.class).child(Networks.class).child(Network.class).build();
private final DataBroker dataProvider;
private final Set<TenantId> tenantsWithRouterAndNetworkServiceEntities = new HashSet<>();
- private final IpPrefix metadataIpPrefix;
- private final long metadataPort;
+ private final long metadataTcpPort;
- public NeutronNetworkAware(DataBroker dataProvider, @Nullable IpPrefix metadataIpPrefix, long metadataPort) {
+ public NeutronNetworkAware(DataBroker dataProvider, long metadataPort) {
this.dataProvider = checkNotNull(dataProvider);
- this.metadataIpPrefix = metadataIpPrefix;
- this.metadataPort = metadataPort;
+ this.metadataTcpPort = metadataPort;
}
@Override
if (!tenantsWithRouterAndNetworkServiceEntities.contains(tenantId)) {
tenantsWithRouterAndNetworkServiceEntities.add(tenantId);
- NetworkService.writeNetworkServiceEntitiesToTenant(tenantId, rwTx, metadataPort);
+ NetworkService.writeNetworkServiceEntitiesToTenant(tenantId, rwTx);
NetworkService.writeDhcpClauseWithConsProvEic(tenantId, null, rwTx);
NetworkService.writeDnsClauseWithConsProvEic(tenantId, null, rwTx);
NetworkService.writeMgmtClauseWithConsProvEic(tenantId, null, rwTx);
NetworkClient.writeConsumerNamedSelector(tenantId, NetworkService.DHCP_CONTRACT_CONSUMER_SELECTOR, rwTx);
NetworkClient.writeConsumerNamedSelector(tenantId, NetworkService.DNS_CONTRACT_CONSUMER_SELECTOR, rwTx);
NetworkClient.writeConsumerNamedSelector(tenantId, NetworkService.MGMT_CONTRACT_CONSUMER_SELECTOR, rwTx);
- if (metadataIpPrefix != null) {
- NetworkService.writeMetadataClauseWithConsProvEic(tenantId, metadataIpPrefix, rwTx);
- NetworkClient.writeConsumerNamedSelector(tenantId, NetworkService.METADATA_CONTRACT_CONSUMER_SELECTOR,
+ MetadataService.writeMetadataClauseWithConsProvEic(tenantId, null, rwTx);
+ if (metadataTcpPort != 0) {
+ MetadataService.writeNetworkServiceEntitiesToTenant(tenantId, rwTx, metadataTcpPort);
+ MetadataService.writeMetadataClauseWithConsProvEic(tenantId, null, rwTx);
+ NetworkClient.writeConsumerNamedSelector(tenantId, MetadataService.METADATA_CONTRACT_CONSUMER_SELECTOR,
rwTx);
}
}
import static com.google.common.base.Preconditions.checkNotNull;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.List;
import java.util.Set;
+import java.util.stream.Collectors;
import javax.annotation.Nullable;
import org.opendaylight.groupbasedpolicy.domain_extension.l2_l3.util.L2L3IidFactory;
import org.opendaylight.groupbasedpolicy.neutron.gbp.util.NeutronGbpIidFactory;
import org.opendaylight.groupbasedpolicy.neutron.mapper.EndpointRegistrator;
+import org.opendaylight.groupbasedpolicy.neutron.mapper.infrastructure.MetadataService;
import org.opendaylight.groupbasedpolicy.neutron.mapper.infrastructure.NetworkClient;
import org.opendaylight.groupbasedpolicy.neutron.mapper.infrastructure.NetworkService;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.SubnetUtils;
import org.opendaylight.groupbasedpolicy.util.DataStoreHelper;
import org.opendaylight.groupbasedpolicy.util.IidFactory;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpAddress;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpPrefix;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.RegisterEndpointInput;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.forwarding.context.L2BridgeDomainBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.binding.rev150712.PortBindingExtension;
import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.ports.rev150712.port.attributes.FixedIps;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.ports.rev150712.port.attributes.FixedIpsBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.ports.rev150712.port.attributes.FixedIpsKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.ports.rev150712.ports.attributes.Ports;
import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.ports.rev150712.ports.attributes.ports.Port;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.ports.rev150712.ports.attributes.ports.PortBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.rev150712.Neutron;
import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.subnets.rev150712.subnets.attributes.subnets.Subnet;
import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
import com.google.common.base.Optional;
import com.google.common.collect.ImmutableList;
+import com.google.common.collect.Lists;
public class NeutronPortAware implements NeutronAware<Port> {
InstanceIdentifier.builder(Neutron.class).child(Ports.class).child(Port.class).build();
private final DataBroker dataProvider;
private final EndpointRegistrator epRegistrator;
+ private final IpPrefix metadataIpPrefix;
- public NeutronPortAware(DataBroker dataProvider, EndpointRegistrator epRegistrator) {
+ public NeutronPortAware(DataBroker dataProvider, EndpointRegistrator epRegistrator,
+ @Nullable IpPrefix metadataIpPrefix) {
this.dataProvider = checkNotNull(dataProvider);
this.epRegistrator = checkNotNull(epRegistrator);
+ this.metadataIpPrefix = checkNotNull(metadataIpPrefix);
}
@Override public void onCreated(Port createdItem, Neutron neutron) {
NetworkDomainId networkContainment = new NetworkDomainId(ipWithSubnet.getSubnetId().getValue());
List<EndpointGroupId> epgsFromSecGroups = resolveEpgIdsFromSecGroups(port.getSecurityGroups());
epgsFromSecGroups.add(NetworkService.EPG_ID);
-
- // BUILD BASE ENDPOINT
AddressEndpointRegBuilder l2BaseEp = createBasicMacAddrEpInputBuilder(port, networkContainment,
- epgsFromSecGroups);
+ Collections.emptyList());
AddressEndpointRegBuilder l3BaseEp = createBasicL3AddrEpInputBuilder(port, networkContainment,
epgsFromSecGroups, neutron);
+
setParentChildRelationshipForEndpoints(l3BaseEp, l2BaseEp);
- // BUILD ENDPOINT
org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.RegisterEndpointInputBuilder epInBuilder = createEndpointRegFromPort(
port, ipWithSubnet, networkContainment, epgsFromSecGroups, neutron);
ReadWriteTransaction rwTx = dataProvider.newReadWriteTransaction();
registerBaseEndpointAndStoreMapping(
ImmutableList.of(l2BaseEp.build(), l3BaseEp.build()), port, rwTx, addBaseEpMapping);
+
+ AddressEndpointRegBuilder metadataEp = createBasicL3AddrEpInputBuilder(cloneMetadataPortFromDhcpPort(port, metadataIpPrefix), networkContainment,
+ Lists.newArrayList(MetadataService.EPG_ID), neutron);
+ setParentChildRelationshipForEndpoints(metadataEp, l2BaseEp);
+ registerBaseEndpointAndStoreMapping(
+ ImmutableList.of(metadataEp.build()), port, rwTx, true);
+
registerEndpointAndStoreMapping(epInBuilder.build(), port, rwTx);
DataStoreHelper.submitToDs(rwTx);
} else if (PortUtils.isNormalPort(port)) {
}
}
+ private Port cloneMetadataPortFromDhcpPort(Port port, IpPrefix metadataPrefix) {
+ IpAddress metadataIp = MappingUtils.ipPrefixToIpAddress(metadataPrefix);
+ List<FixedIps> metadataIps = port.getFixedIps().stream().map(fi -> {
+ FixedIpsKey key = new FixedIpsKey(metadataIp, fi.getKey().getSubnetId());
+ return new FixedIpsBuilder(fi).setKey(key).setIpAddress(metadataIp).build();
+ }).collect(Collectors.toList());
+ return new PortBuilder(port).setFixedIps(metadataIps).build();
+ }
+
private void setParentChildRelationshipForEndpoints(AddressEndpointRegBuilder parentEp,
AddressEndpointRegBuilder childEp) {
childEp.setParentEndpointChoice(new ParentEndpointCaseBuilder().setParentEndpoint(
Port port, ReadWriteTransaction rwTx) {
boolean isRegisteredEndpoint = epRegistrator.registerEndpoint(regEpInput);
if (!isRegisteredEndpoint) {
- LOG.error("Failed to register an endpoint: {}", regEpInput);
+ LOG.error("Failed to register endpoint: {}", regEpInput);
return;
}
UniqueId portId = new UniqueId(port.getUuid().getValue());
boolean isRegisteredBaseEndpoint = epRegistrator.registerEndpoint(regBaseEpInput);
if (!isRegisteredBaseEndpoint) {
- LOG.error("Failed to register an address endpoint: {}", addrEpRegs);
+ LOG.error("Failed to register address endpoint: {}", addrEpRegs);
return;
}
for (AddressEndpointReg addrEpReg : addrEpRegs) {
import java.util.List;
import java.util.Map;
import java.util.Set;
-import java.util.stream.Collector;
import java.util.stream.Collectors;
import javax.annotation.Nonnull;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
import org.opendaylight.groupbasedpolicy.api.sf.ChainActionDefinition;
import org.opendaylight.groupbasedpolicy.dto.EpgKeyDto;
+import org.opendaylight.groupbasedpolicy.neutron.mapper.EndpointRegistrator;
import org.opendaylight.groupbasedpolicy.neutron.mapper.mapping.NeutronAware;
import org.opendaylight.groupbasedpolicy.neutron.mapper.mapping.NeutronSecurityGroupAware;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;
+import org.opendaylight.groupbasedpolicy.neutron.mapper.util.NetworkUtils;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.SecurityGroupUtils;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.SecurityRuleUtils;
import org.opendaylight.groupbasedpolicy.util.DataStoreHelper;
import org.opendaylight.groupbasedpolicy.util.IidFactory;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.RegisterEndpointInput;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.RegisterEndpointInputBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.register.endpoint.input.AddressEndpointRegBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ActionName;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ClauseName;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ContextId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ContractId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.Description;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.EndpointGroupId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ParameterName;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.SelectorName;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.TenantId;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.forwarding.l2_l3.rev160427.IpPrefixType;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.ActionChoice;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.change.action.of.security.group.rules.input.action.action.choice.SfcActionCase;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.HasDirection.Direction;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.subject.feature.instance.ParameterValueBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.Contract;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.EndpointGroupBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.ExternalImplicitGroupBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ConsumerNamedSelector;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ConsumerNamedSelectorBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.endpoint.group.ProviderNamedSelector;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ActionInstance;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ActionInstanceBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.subject.feature.instances.ClassifierInstance;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.networks.rev150712.networks.attributes.networks.Network;
import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.rev150712.Neutron;
import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.groups.attributes.security.groups.SecurityGroup;
import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.groups.attributes.security.groups.SecurityGroupKey;
private final Map<SecurityGroupKey, SecurityGroup> pendingDeletedGroups;
final static String PROVIDED_BY = "provided_by-";
final static String POSSIBLE_CONSUMER = "possible_consumer-";
+ private final EndpointRegistrator epRegistrator;
- public NeutronSecurityRuleAware(DataBroker dataProvider) {
+ public NeutronSecurityRuleAware(DataBroker dataProvider, EndpointRegistrator epRegistrator) {
this(dataProvider, HashMultiset.<InstanceIdentifier<ClassifierInstance>>create(),
- HashMultiset.<InstanceIdentifier<ActionInstance>>create());
+ HashMultiset.<InstanceIdentifier<ActionInstance>>create(), epRegistrator);
}
@VisibleForTesting
NeutronSecurityRuleAware(DataBroker dataProvider,
Multiset<InstanceIdentifier<ClassifierInstance>> classifierInstanceNames,
- Multiset<InstanceIdentifier<ActionInstance>> createdActionInstances) {
+ Multiset<InstanceIdentifier<ActionInstance>> createdActionInstances, EndpointRegistrator epRegistrator) {
this.dataProvider = checkNotNull(dataProvider);
this.createdClassifierInstances = checkNotNull(classifierInstanceNames);
this.createdActionInstances = checkNotNull(createdActionInstances);
this.pendingCreatedRules = new HashMap<>();
this.pendingDeletedGroups = new HashMap<>();
+ this.epRegistrator = Preconditions.checkNotNull(epRegistrator);
}
@Override
EndpointGroupId providerEpgId = new EndpointGroupId(providerSecGroupId.getValue());
Description contractDescription = createContractDescription(secRule, neutron);
- SingleRuleContract singleRuleContract = createSingleRuleContract(secRule, contractDescription, action);
+ SingleRuleContract singleRuleContract = createSingleRuleContract(secRule, contractDescription, action, neutron);
Contract contract = singleRuleContract.getContract();
rwTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.contractIid(tenantId, contract.getId()), contract, true);
SelectorName providerSelector = getSelectorNameWithConsumer(secRule, neutron);
}
@VisibleForTesting
- static SingleRuleContract createSingleRuleContract(SecurityRule secRule, Description contractDescription, ActionChoice action) {
+ SingleRuleContract createSingleRuleContract(SecurityRule secRule, Description contractDescription,
+ ActionChoice action, Neutron neutron) {
if (secRule.getRemoteIpPrefix() != null) {
+ if (neutron.getNetworks() != null && neutron.getNetworks().getNetwork() != null) {
+ java.util.Optional<Network> publicNet = neutron.getNetworks()
+ .getNetwork()
+ .stream()
+ .filter(net -> NetworkUtils.isRouterExternal(net))
+ .findAny();
+ if (publicNet.isPresent()) {
+ WriteTransaction wTx = dataProvider.newWriteOnlyTransaction();
+ wTx.merge(LogicalDatastoreType.CONFIGURATION,
+ IidFactory.externalImplicitGroupIid(new TenantId(secRule.getTenantId().getValue()),
+ MappingUtils.EPG_EXTERNAL_ID),
+ new ExternalImplicitGroupBuilder().setId(MappingUtils.EPG_EXTERNAL_ID).build(), true);
+ wTx.merge(LogicalDatastoreType.CONFIGURATION,
+ IidFactory.endpointGroupIid(new TenantId(secRule.getTenantId().getValue()),
+ MappingUtils.EPG_EXTERNAL_ID),
+ new EndpointGroupBuilder().setId(MappingUtils.EPG_EXTERNAL_ID).build(), true);
+ DataStoreHelper.submitToDs(wTx);
+ AddressEndpointRegBuilder addrEpbuilder = new AddressEndpointRegBuilder()
+ .setAddress(String.valueOf(secRule.getRemoteIpPrefix().getValue()))
+ .setAddressType(IpPrefixType.class)
+ .setContextType(MappingUtils.L3_CONTEXT)
+ .setContextId(new ContextId(publicNet.get().getUuid().getValue()))
+ .setTenant(new TenantId(secRule.getTenantId().getValue()))
+ .setTimestamp(System.currentTimeMillis())
+ .setEndpointGroup(ImmutableList.<EndpointGroupId>of(MappingUtils.EPG_EXTERNAL_ID));
+ RegisterEndpointInput regEp = new RegisterEndpointInputBuilder()
+ .setAddressEndpointReg(ImmutableList.of(addrEpbuilder.build())).build();
+ boolean registered = epRegistrator.registerEndpoint(regEp);
+ if (registered) {
+ LOG.info("Registering endpoint representing remote-ip-prefix {}", addrEpbuilder.getKey());
+ } else {
+ LOG.error("Failed to register endpoint {}", addrEpbuilder.getKey());
+ }
+ }
+ }
return new SingleRuleContract(secRule, 0, contractDescription, action);
}
return new SingleRuleContract(secRule, 400, contractDescription, action);
<cm:property-placeholder persistent-id="org.opendaylight.groupbasedpolicy.neutron.mapper.startup" update-strategy="none">
<cm:default-properties>
- <cm:property name="metadata-ip" value="169.254.169.254/32"/>
+ <cm:property name="metadata-ip" value="169.254.169.254"/>
<cm:property name="metadata-port" value="80"/>
</cm:default-properties>
</cm:property-placeholder>
# To explicitly specify which IP prefix should be used for metadata
# service in openstack, uncomment and modify following line.
# Specifying one IP for metadata service is currently supported.
-#metadata-ip = 169.254.169.254/32
+#metadata-ip = 169.254.169.254
# To explicitly specify which port should be used for metadata
# service in openstack, uncomment and modify following line.
// ipv4
DataBroker dataBroker = getDataBroker();
ReadWriteTransaction rwTx = dataBroker.newReadWriteTransaction();
- NetworkService.writeMetadataClauseWithConsProvEic(new TenantId(tenantId), metadataIpv4Prefix, rwTx);
+ MetadataService.writeMetadataClauseWithConsProvEic(new TenantId(tenantId), metadataIpv4Prefix, rwTx);
rwTx.submit().get();
// expected clause name
+ metadataIpv4Prefix.getIpv4Prefix().getValue();
clauseNameIpV4 = clauseNameIpV4.replace('/', '_');
- PolicyAssert.assertClauseExists(dataBroker, tenantId, NetworkService.METADATA_CONTRACT_ID.getValue(),
+ PolicyAssert.assertClauseExists(dataBroker, tenantId, MetadataService.METADATA_CONTRACT_ID.getValue(),
clauseNameIpV4);
}
// write everything
DataBroker dataBroker = getDataBroker();
ReadWriteTransaction rwTx = dataBroker.newReadWriteTransaction();
- NetworkService.writeNetworkServiceEntitiesToTenant(new TenantId(tenantId), rwTx, METADATA_IPV4_SERVER_PORT);
+ NetworkService.writeNetworkServiceEntitiesToTenant(new TenantId(tenantId), rwTx);
rwTx.submit().get();
// read classifier instances
PolicyAssert.assertClassifierInstanceExists(dataBroker, tenantId, SSH_IPV6_CLIENT_TO_SERVER_NAME);
PolicyAssert.assertClassifierInstanceExists(dataBroker, tenantId, ICMP_IPV4_BETWEEN_SERVER_CLIENT_NAME);
PolicyAssert.assertClassifierInstanceExists(dataBroker, tenantId, ICMP_IPV6_BETWEEN_SERVER_CLIENT_NAME);
- PolicyAssert.assertClassifierInstanceExists(dataBroker, tenantId, METADATA_CLIENT_TO_SERVER_NAME);
- PolicyAssert.assertClassifierInstanceExists(dataBroker, tenantId, METADATA_SERVER_TO_CLIENT_NAME);
// read contracts
PolicyAssert.assertContractExists(dataBroker, tenantId, NetworkService.DHCP_CONTRACT_ID.getValue());
PolicyAssert.assertContractExists(dataBroker, tenantId, NetworkService.DNS_CONTRACT_ID.getValue());
PolicyAssert.assertContractExists(dataBroker, tenantId, NetworkService.MGMT_CONTRACT_ID.getValue());
- PolicyAssert.assertContractExists(dataBroker, tenantId, NetworkService.METADATA_CONTRACT_ID.getValue());
// read group id
PolicyAssert.assertEndpointGroupExists(dataBroker, tenantId, NetworkService.EPG_ID.getValue());
@Test
public void testGetAllClassifierInstances() {
Set<ClassifierInstance> classifierInstances =
- NetworkService.getAllClassifierInstances(METADATA_IPV4_SERVER_PORT);
+ NetworkService.getAllClassifierInstances();
assertNotNull(classifierInstances);
assertFalse(classifierInstances.isEmpty());
- assertEquals(20, classifierInstances.size());
+ assertEquals(18, classifierInstances.size());
}
}
.addAugmentation(NetworkProviderExtension.class, providerExtension)
.build();
- networkAware = new NeutronNetworkAware(dataBroker, METADATA_IP_PREFIX, METADATA_IPV4_SERVER_PORT);
+ networkAware = new NeutronNetworkAware(dataBroker, METADATA_IPV4_SERVER_PORT);
}
@Rule
@Test
public void testConstructor_invalidArgument() throws NullPointerException {
thrown.expect(NullPointerException.class);
- new NeutronNetworkAware(null, METADATA_IP_PREFIX, METADATA_IPV4_SERVER_PORT);
+ new NeutronNetworkAware(null, METADATA_IPV4_SERVER_PORT);
}
@Test
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.PortUtils;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.Utils;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpAddress;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpPrefix;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Address;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Prefix;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.RegisterEndpointInput;
any(org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.UnregisterEndpointInput.class)))
.thenReturn(true);
- portAware = new NeutronPortAware(dataBroker, epRegistrator);
+ portAware = new NeutronPortAware(dataBroker, epRegistrator, new IpPrefix(new Ipv4Prefix("192.168.192.168/32")));
}
@Rule
@Test
public void testConstructor_invalidArgument() throws NullPointerException {
thrown.expect(NullPointerException.class);
- new NeutronPortAware(null, null);
+ new NeutronPortAware(null, null, null);
}
@Test
.thenReturn(futureRpcResult);
epRegistrator = new EndpointRegistrator(epService, baseEpService);
- networkAware = new NeutronNetworkAware(dataBroker, METADATA_IP_PREFIX, METADATA_IPV4_SERVER_PORT);
+ networkAware = new NeutronNetworkAware(dataBroker, METADATA_IPV4_SERVER_PORT);
network = new NetworkBuilder().setTenantId(tenantUuid).setUuid(networkUuid).setName("networkName").build();
routerAware = new NeutronRouterAware(dataBroker, epRegistrator);
package org.opendaylight.groupbasedpolicy.neutron.mapper.mapping;
+import static org.mockito.Matchers.any;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
import org.apache.commons.lang3.StringUtils;
import org.junit.Before;
import org.junit.Rule;
import org.junit.rules.ExpectedException;
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.groupbasedpolicy.neutron.mapper.test.NeutronMapperDataBrokerTest;
+import org.opendaylight.groupbasedpolicy.neutron.mapper.EndpointRegistrator;
import org.opendaylight.groupbasedpolicy.neutron.mapper.mapping.rule.NeutronSecurityRuleAware;
import org.opendaylight.groupbasedpolicy.neutron.mapper.test.NeutronEntityFactory;
import org.opendaylight.groupbasedpolicy.neutron.mapper.test.PolicyAssert;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.RegisterEndpointInput;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.UnregisterEndpointInput;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.EndpointGroup.IntraGroupPolicy;
import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.groups.attributes.security.groups.SecurityGroup;
import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.secgroups.rev150712.security.groups.attributes.security.groups.SecurityGroupBuilder;
private NeutronSecurityGroupAware groupAware;
private SecurityGroup secGroup1;
private SecurityGroup secGroup2;
+ private EndpointRegistrator epRegistrator;
@Before
public void init() {
dataBroker = getDataBroker();
- groupAware = new NeutronSecurityGroupAware(dataBroker, new NeutronSecurityRuleAware(dataBroker));
secGroup1 = NeutronEntityFactory.securityGroup(secGroupId1, tenantId);
secGroup2 = NeutronEntityFactory.securityGroup(secGroupId2, tenantId);
+
+
+ epRegistrator = mock(EndpointRegistrator.class);
+ when(epRegistrator.registerEndpoint(any(RegisterEndpointInput.class))).thenReturn(true);
+ when(epRegistrator.registerEndpoint(
+ any(org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.RegisterEndpointInput.class)))
+ .thenReturn(true);
+ when(epRegistrator.unregisterEndpoint(any(UnregisterEndpointInput.class))).thenReturn(true);
+ when(epRegistrator.unregisterEndpoint(
+ any(org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.UnregisterEndpointInput.class)))
+ .thenReturn(true);
+ groupAware = new NeutronSecurityGroupAware(dataBroker, new NeutronSecurityRuleAware(dataBroker, epRegistrator));
}
@Test
import java.util.ArrayList;
import java.util.List;
+import org.junit.Before;
import org.junit.Test;
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.controller.md.sal.binding.api.ReadWriteTransaction;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
+import org.opendaylight.groupbasedpolicy.neutron.mapper.EndpointRegistrator;
import org.opendaylight.groupbasedpolicy.neutron.mapper.test.ConfigDataStoreReader;
-import org.opendaylight.groupbasedpolicy.neutron.mapper.test.NeutronMapperDataBrokerTest;
import org.opendaylight.groupbasedpolicy.neutron.mapper.test.NeutronEntityFactory;
+import org.opendaylight.groupbasedpolicy.neutron.mapper.test.NeutronMapperDataBrokerTest;
import org.opendaylight.groupbasedpolicy.neutron.mapper.test.PolicyAssert;
import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;
import org.opendaylight.groupbasedpolicy.util.IidFactory;
public class NeutronSecurityRuleAwareDataStoreTest extends NeutronMapperDataBrokerTest {
+ private EndpointRegistrator epRegistrator;
+
+ @Before
+ public void init() {
+ epRegistrator = getEpRegistrator();
+ }
+
@Test
public final void testAddNeutronSecurityRule_rulesWithRemoteIpPrefix() throws Exception {
String tenant = "ad4c6c25-2424-4ad3-97ee-f9691ce03645";
ImmutableList.of(goldInIpv4, goldOutIpv4, serverIn80Tcp10_1_1_0, serverInIp20_1_1_0, serverOutIpv4))
.build())
.build();
- NeutronSecurityRuleAware ruleAware = new NeutronSecurityRuleAware(dataBroker);
+ NeutronSecurityRuleAware ruleAware = new NeutronSecurityRuleAware(dataBroker, epRegistrator);
ReadWriteTransaction rwTx = dataBroker.newReadWriteTransaction();
ruleAware.addNeutronSecurityRule(goldInIpv4, neutron, rwTx);
ruleAware.addNeutronSecurityRule(goldOutIpv4, neutron, rwTx);
@Test
public final void testAddAndDeleteNeutronSecurityRule() throws Exception {
DataBroker dataBroker = getDataBroker();
- NeutronSecurityRuleAware ruleAware = new NeutronSecurityRuleAware(dataBroker);
+ NeutronSecurityRuleAware ruleAware = new NeutronSecurityRuleAware(dataBroker, epRegistrator);
final String tenantId = "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa";
final String secGroupId1 = "bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb";
.setSecurityRules(new SecurityRulesBuilder()
.setSecurityRule(ImmutableList.of(goldInIpv4, goldOutIpv4, serverOutIpv4, serverInIpv4)).build())
.build();
- NeutronSecurityRuleAware ruleAware = new NeutronSecurityRuleAware(dataBroker);
+ NeutronSecurityRuleAware ruleAware = new NeutronSecurityRuleAware(dataBroker, epRegistrator);
ReadWriteTransaction rwTx = dataBroker.newReadWriteTransaction();
ruleAware.addNeutronSecurityRule(goldInIpv4, neutron, rwTx);
ruleAware.addNeutronSecurityRule(goldOutIpv4, neutron, rwTx);
.setSecurityRules(new SecurityRulesBuilder()
.setSecurityRule(ImmutableList.of(goldInIpv4, goldOutIpv4, serverOutIpv4, serverIn80TcpIpv4)).build())
.build();
- NeutronSecurityRuleAware ruleAware = new NeutronSecurityRuleAware(dataBroker);
+ NeutronSecurityRuleAware ruleAware = new NeutronSecurityRuleAware(dataBroker, epRegistrator);
ReadWriteTransaction rwTx = dataBroker.newReadWriteTransaction();
ruleAware.addNeutronSecurityRule(goldInIpv4, neutron, rwTx);
ruleAware.addNeutronSecurityRule(goldOutIpv4, neutron, rwTx);
secGroups.add(NeutronEntityFactory.securityGroup(defaultSecGrp, tenant));
Neutron neutron = new NeutronBuilder()
.setSecurityGroups(new SecurityGroupsBuilder().setSecurityGroup(secGroups).build()).build();
- NeutronSecurityRuleAware ruleAware = new NeutronSecurityRuleAware(dataBroker);
+ NeutronSecurityRuleAware ruleAware = new NeutronSecurityRuleAware(dataBroker, epRegistrator);
ReadWriteTransaction rwTx = dataBroker.newReadWriteTransaction();
ruleAware.addNeutronSecurityRule(defaultInIpv4Default, neutron, rwTx);
ruleAware.addNeutronSecurityRule(defaultInIpv6Default, neutron, rwTx);
@Test
public void testConstructor_invalidArgument() throws Exception {
try {
- new NeutronSecurityRuleAware(null);
+ new NeutronSecurityRuleAware(null, null);
fail(NullPointerException.class.getName() + " expected");
} catch (NullPointerException ex) {
// do nothing
import java.util.ArrayList;
import java.util.List;
+import org.junit.Before;
import org.junit.Test;
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
+import org.opendaylight.groupbasedpolicy.neutron.mapper.EndpointRegistrator;
import org.opendaylight.groupbasedpolicy.neutron.mapper.test.ConfigDataStoreReader;
import org.opendaylight.groupbasedpolicy.neutron.mapper.test.NeutronMapperDataBrokerTest;
import org.opendaylight.groupbasedpolicy.neutron.mapper.test.NeutronEntityFactory;
private static final String RULE_TENANT_ID = "00000000-0000-0000-0000-000000000002";
private static final String RULE_GROUP_ID = "00000000-0000-0000-0000-000000000003";
+ private EndpointRegistrator epRegistrator;
+
+ @Before
+ public void init() {
+ epRegistrator = getEpRegistrator();
+ }
+
@Test
public final void testIsDirectionOpposite_InIn() {
assertFalse(NeutronSecurityRuleAware.isDirectionOpposite(Direction.In, Direction.In));
@Test
public void testNeutronSecurityRuleCreatedAndDeleted() throws Exception {
DataBroker dataProvider = getDataBroker();
- NeutronSecurityRuleAware neutronSecurityRuleAware = new NeutronSecurityRuleAware(dataProvider);
+ NeutronSecurityRuleAware neutronSecurityRuleAware = new NeutronSecurityRuleAware(dataProvider, epRegistrator);
//create security rule and put to DS
SecurityRule neutronRule = buildNeutronSecurityRule();
*/
package org.opendaylight.groupbasedpolicy.neutron.mapper.test;
+import static org.mockito.Matchers.any;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
import java.util.Collection;
-import com.google.common.collect.ImmutableList;
import org.opendaylight.controller.md.sal.binding.test.AbstractDataBrokerTest;
+import org.opendaylight.groupbasedpolicy.neutron.mapper.EndpointRegistrator;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.RegisterEndpointInput;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.UnregisterEndpointInput;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.forwarding.l2_l3.rev160427.SubnetAugmentForwarding;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.forwarding.rev160427.Forwarding;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.neutron.gbp.mapper.rev150513.Mappings;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.Tenants;
import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.rev150712.Neutron;
+import com.google.common.collect.ImmutableList;
+
/**
* Loads only modules of GBP and it's dependencies for data broker.
* <br>
Mappings.class);
}
+ protected EndpointRegistrator getEpRegistrator() {
+ EndpointRegistrator epRegistrator = mock(EndpointRegistrator.class);
+ when(epRegistrator.registerEndpoint(any(RegisterEndpointInput.class))).thenReturn(true);
+ when(epRegistrator.registerEndpoint(
+ any(org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.RegisterEndpointInput.class)))
+ .thenReturn(true);
+ when(epRegistrator.unregisterEndpoint(any(UnregisterEndpointInput.class))).thenReturn(true);
+ when(epRegistrator.unregisterEndpoint(
+ any(org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.UnregisterEndpointInput.class)))
+ .thenReturn(true);
+ return epRegistrator;
+ }
+
}
import java.util.Collections;\r
import java.util.List;\r
\r
+import javax.annotation.Nonnull;\r
import javax.annotation.Nullable;\r
\r
import org.opendaylight.controller.md.sal.binding.api.BindingTransactionChain;\r
import com.google.common.annotations.VisibleForTesting;\r
import com.google.common.base.Optional;\r
import com.google.common.base.Strings;\r
-\r
-import javax.annotation.Nonnull;\r
public class PortHandler implements TransactionChainListener {\r
\r
private static final Logger LOG = LoggerFactory.getLogger(PortHandler.class);\r
import org.opendaylight.controller.sal.binding.api.BindingAwareBroker;
import org.opendaylight.controller.sal.binding.api.BindingAwareProvider;
import org.opendaylight.groupbasedpolicy.renderer.vpp.api.BridgeDomainManager;
-import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.AclManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.InterfaceManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.listener.RendererPolicyListener;
import org.opendaylight.groupbasedpolicy.renderer.vpp.listener.VppEndpointListener;
import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.BridgeDomainManagerImpl;
import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.ForwardingManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.VppRendererPolicyManager;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AclManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.routing.RoutingManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.sf.AllowAction;
import org.opendaylight.groupbasedpolicy.renderer.vpp.sf.Classifier;
+++ /dev/null
-/*
- * Copyright (c) 2017 Cisco Systems, Inc. and others. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v1.0 which accompanies this distribution,
- * and is available at http://www.eclipse.org/legal/epl-v10.html
- */
-
-package org.opendaylight.groupbasedpolicy.renderer.vpp.iface;
-
-import java.util.stream.Collectors;
-
-import javax.annotation.Nonnull;
-
-import org.opendaylight.controller.md.sal.binding.api.DataBroker;
-import org.opendaylight.groupbasedpolicy.renderer.util.AddressEndpointUtils;
-import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.PolicyContext;
-import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AccessListUtil;
-import org.opendaylight.groupbasedpolicy.renderer.vpp.util.KeyFactory;
-import org.opendaylight.groupbasedpolicy.renderer.vpp.util.MountedDataBrokerProvider;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.Interface;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.absolute.location.location.type.ExternalLocationCase;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.endpoints.AddressEndpointWithLocation;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.renderer.endpoints.RendererEndpointKey;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.renderer.endpoints.renderer.endpoint.PeerEndpointKey;
-import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.base.Optional;
-import com.google.common.base.Preconditions;
-import com.google.common.collect.ImmutableSet;
-
-public class AclManager {
-
- private static final Logger LOG = LoggerFactory.getLogger(AclManager.class);
- private final MountedDataBrokerProvider mountDataProvider;
-
- public AclManager(@Nonnull MountedDataBrokerProvider mountDataProvider) {
- this.mountDataProvider = Preconditions.checkNotNull(mountDataProvider);
- }
-
- public void updateAclsForPeers(PolicyContext policyCtx, RendererEndpointKey rEpKey) {
- ImmutableSet<PeerEndpointKey> peers = policyCtx.getPolicyTable().row(rEpKey).keySet();
- for (RendererEndpointKey peerRendEp : peers.stream()
- .map(AddressEndpointUtils::fromPeerEpKey)
- .collect(Collectors.toList())
- .stream()
- .map(AddressEndpointUtils::toRendererEpKey)
- .collect(Collectors.toList())) {
- updateAclsForRendEp(peerRendEp, policyCtx);
- }
- }
-
- public void updateAclsForRendEp(RendererEndpointKey rEpKey, PolicyContext policyCtx) {
- LOG.info("Updating policy for endpoint {}", rEpKey);
- AddressEndpointWithLocation peerAddrEp = policyCtx.getAddrEpByKey().get(KeyFactory.addressEndpointKey(rEpKey));
- ExternalLocationCase epLoc;
- try {
- epLoc = InterfaceManager.resolveAndValidateLocation(peerAddrEp);
- } catch (NullPointerException | IllegalArgumentException e) {
- //TODO investigate, don't just move on.
- LOG.warn("Peer {} has no location. Moving on...", peerAddrEp, e.getMessage());
- return;
- }
- InstanceIdentifier<?> vppNodeIid = epLoc.getExternalNodeMountPoint();
- Optional<InstanceIdentifier<Interface>> optInterfaceIid =
- VppPathMapper.interfaceToInstanceIdentifier(epLoc.getExternalNodeConnector());
- if (!optInterfaceIid.isPresent()) {
- LOG.warn("Cannot find interface for endpoint {}. ACLs for endpoint not updated {}. ", rEpKey);
- return;
- }
- Optional<DataBroker> optMountPoint = mountDataProvider.getDataBrokerForMountPoint(vppNodeIid);
- AccessListUtil.resolveAclsOnInterface(rEpKey, policyCtx).forEach(aclWrapper -> aclWrapper
- .writeAcl(optMountPoint.get(), optInterfaceIid.get().firstKeyOf(Interface.class)));
- }
-}
}
}
- static ExternalLocationCase resolveAndValidateLocation(AddressEndpointWithLocation addrEpWithLoc) {
+ public static ExternalLocationCase resolveAndValidateLocation(AddressEndpointWithLocation addrEpWithLoc) {
LocationType locationType = addrEpWithLoc.getAbsoluteLocation().getLocationType();
if (!(locationType instanceof ExternalLocationCase)) {
throw new IllegalArgumentException("Endpoint does not have external location " + addrEpWithLoc);
import static com.google.common.base.Preconditions.checkNotNull;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.concurrent.ExecutionException;
+import java.util.stream.Collectors;
+
import javax.annotation.Nonnull;
-import com.google.common.base.Function;
-import com.google.common.util.concurrent.FutureCallback;
-import com.google.common.util.concurrent.Futures;
-import com.google.common.util.concurrent.ListenableFuture;
+
import org.opendaylight.controller.md.sal.binding.api.BindingTransactionChain;
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
+import org.opendaylight.controller.md.sal.binding.api.DataObjectModification;
+import org.opendaylight.controller.md.sal.binding.api.DataTreeIdentifier;
+import org.opendaylight.controller.md.sal.binding.api.ReadWriteTransaction;
import org.opendaylight.controller.md.sal.binding.api.WriteTransaction;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.manager.VppNodeManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.CloseOnFailTransactionChain;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.KeyFactory;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.VppIidFactory;
+import org.opendaylight.groupbasedpolicy.util.DataStoreHelper;
+import org.opendaylight.groupbasedpolicy.util.DataTreeChangeHandler;
+import org.opendaylight.groupbasedpolicy.util.EndpointUtils;
import org.opendaylight.groupbasedpolicy.util.IidFactory;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.endpoints.address.endpoints.AddressEndpointKey;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.Endpoints;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.endpoints.AddressEndpoints;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.endpoints.address.endpoints.AddressEndpoint;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.AbsoluteLocation;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.AbsoluteLocationBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.absolute.location.location.type.ExternalLocationCase;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.absolute.location.location.type.ExternalLocationCaseBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.relative.location.RelativeLocations;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.relative.location.RelativeLocationsBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.relative.location.relative.locations.ExternalLocationBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.parent.child.endpoints.parent.endpoint.choice.parent.endpoint._case.ParentEndpoint;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.parent.child.endpoints.parent.endpoint.choice.parent.endpoint._case.ParentEndpointKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint_location_provider.rev160419.ProviderName;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint_location_provider.rev160419.location.providers.LocationProvider;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint_location_provider.rev160419.location.providers.LocationProviderBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint_location_provider.rev160419.location.providers.location.provider.ProviderAddressEndpointLocationKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.endpoints.AddressEndpointWithLocationKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.vpp_renderer.rev160425.config.VppEndpoint;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.vpp_renderer.rev160425.config.VppEndpointBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.vpp_renderer.rev160425.config.VppEndpointKey;
+import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NodeId;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.Node;
import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-public class VppEndpointLocationProvider implements AutoCloseable {
+import com.google.common.annotations.VisibleForTesting;
+import com.google.common.base.Function;
+import com.google.common.util.concurrent.FutureCallback;
+import com.google.common.util.concurrent.Futures;
+import com.google.common.util.concurrent.ListenableFuture;
+
+public class VppEndpointLocationProvider extends DataTreeChangeHandler<AddressEndpoint> {
private static final Logger LOG = LoggerFactory.getLogger(VppEndpointLocationProvider.class);
public static final ProviderName VPP_ENDPOINT_LOCATION_PROVIDER =
new ProviderName("VPP endpoint location provider");
public static final long PROVIDER_PRIORITY = 10L;
private final BindingTransactionChain txChain;
+ private final Map<VppEndpointKey, VppEndpoint> vppEndpoints = new HashMap<>();
+ private final Map<VppEndpointKey, DataObjectModification<AddressEndpoint>> cachedVppEndpoints = new HashMap<>();
public VppEndpointLocationProvider(DataBroker dataProvider) {
+ super(dataProvider);
LocationProvider locationProvider = new LocationProviderBuilder().setProvider(VPP_ENDPOINT_LOCATION_PROVIDER)
.setPriority(PROVIDER_PRIORITY)
.build();
LOG.error("{} was NOT created", VPP_ENDPOINT_LOCATION_PROVIDER.getValue());
}
});
+ registerDataTreeChangeListener(new DataTreeIdentifier<>(LogicalDatastoreType.OPERATIONAL,
+ InstanceIdentifier.builder(Endpoints.class).child(AddressEndpoints.class).child(AddressEndpoint.class).build()));
}
- ListenableFuture<Void> createLocationForVppEndpoint(final VppEndpoint vppEndpoint) {
- final ProviderAddressEndpointLocation providerAddressEndpointLocation =
- createProviderAddressEndpointLocation(vppEndpoint);
- final WriteTransaction wTx = txChain.newWriteOnlyTransaction();
- wTx.put(LogicalDatastoreType.CONFIGURATION, IidFactory.providerAddressEndpointLocationIid(
- VPP_ENDPOINT_LOCATION_PROVIDER, providerAddressEndpointLocation.getKey()),
- providerAddressEndpointLocation);
- LOG.debug("Creating location for {}", providerAddressEndpointLocation.getKey());
- return Futures.transform(wTx.submit(), (Function<Void, Void>) input -> {
- LOG.debug("{} provided location: {}", VPP_ENDPOINT_LOCATION_PROVIDER.getValue(),
- providerAddressEndpointLocation);
- return null;
- });
+ @Override
+ protected void onWrite(DataObjectModification<AddressEndpoint> rootNode,
+ InstanceIdentifier<AddressEndpoint> rootIdentifier) {
+ LOG.debug("onWrite triggered by {}", rootNode.getDataAfter());
+ try {
+ if (EndpointUtils.isExternalEndpoint(dataProvider, rootNode.getDataAfter())) {
+ writeLocation(createRelativeAddressEndpointLocation(rootNode.getDataAfter().getKey(),
+ VppNodeManager.resolvePublicInterfaces(dataProvider))).get();
+ } else {
+ createAbsoluteAddressEndpointLocation(null, rootNode).get();
+ }
+ } catch (InterruptedException | ExecutionException e) {
+ LOG.error("Failed to write location for endpoint {}. {}", rootNode.getDataAfter().getKey(), e.getMessage());
+ }
+ }
+
+ @Override
+ protected void onDelete(DataObjectModification<AddressEndpoint> rootNode,
+ InstanceIdentifier<AddressEndpoint> rootIdentifier) {
+ LOG.debug("onDelete triggered by {}", rootNode.getDataBefore());
+ try {
+ if (EndpointUtils.isExternalEndpoint(dataProvider, rootNode.getDataBefore())) {
+ deleteLocation(createProviderAddressEndpointLocationKey(rootNode.getDataBefore().getKey())).get();
+ } else {
+ createAbsoluteAddressEndpointLocation(null, rootNode).get();
+ }
+ } catch (InterruptedException | ExecutionException e) {
+ LOG.error("Failed to delete location for endpoint {}. {}", rootNode.getDataBefore().getKey(),
+ e.getMessage());
+ }
+ }
+
+ @Override
+ protected void onSubtreeModified(DataObjectModification<AddressEndpoint> rootNode,
+ InstanceIdentifier<AddressEndpoint> rootIdentifier) {
+ LOG.debug("onSubtreeModified triggered by change: before={} after={}", rootNode.getDataBefore(),
+ rootNode.getDataAfter());
+ if (rootNode.getDataBefore() != null) {
+ onDelete(rootNode, rootIdentifier);
+ }
+ if (rootNode.getDataAfter() != null) {
+ onWrite(rootNode, rootIdentifier);
+ }
+ }
+
+ public ListenableFuture<Void> createLocationForVppEndpoint(VppEndpoint vppEndpoint) {
+ return createAbsoluteAddressEndpointLocation(vppEndpoint, null);
+ }
+
+ public ListenableFuture<Void> deleteLocationForVppEndpoint(VppEndpoint vppEndpoint) {
+ // removing VPP EP from cache out of since block, it's not needed for the other thread.
+ vppEndpoints.remove(vppEndpoint.getKey());
+ return deleteLocation(createProviderAddressEndpointLocationKey(vppEndpoint));
+ }
+
+ /**
+ * There are two inputs from which we need to resolve location - {@link AddressEndpoint} and {@link VppEndpoint}
+ * These data are delivered by different threads which meet here.
+ */
+ @VisibleForTesting
+ synchronized ListenableFuture<Void> createAbsoluteAddressEndpointLocation(VppEndpoint vppEndpoint,
+ DataObjectModification<AddressEndpoint> rootNode) {
+ if (vppEndpoint != null) {
+ vppEndpoints.put(vppEndpoint.getKey(), vppEndpoint);
+ if (cachedVppEndpoints.get(vppEndpoint.getKey()) != null) {
+ return processAddrEp(cachedVppEndpoints.get(vppEndpoint.getKey()));
+ }
+ } else if (rootNode != null) {
+ return processAddrEp(rootNode);
+ }
+ return Futures.immediateFuture(null);
+ }
+
+ private ListenableFuture<Void> processAddrEp(DataObjectModification<AddressEndpoint> rootNode) {
+ if (rootNode != null) {
+ AddressEndpointChange aec = new AddressEndpointChange(rootNode, dataProvider);
+ switch (rootNode.getModificationType()) {
+ case WRITE:
+ case SUBTREE_MODIFIED: {
+ VppEndpoint vpp = vppEndpoints.get(vppEndpointKeyFrom(rootNode.getDataAfter().getKey()));
+ if (vpp == null) {
+ VppEndpointKey key = vppEndpointKeyFrom(rootNode.getDataAfter().getKey());
+ cachedVppEndpoints.put(key, rootNode);
+ return Futures.immediateFuture(null);
+ }
+ if (aec.hasMoreParents()) {
+ return aec.syncMultiparents();
+ }
+ return aec.write();
+ }
+ case DELETE: {
+ if (aec.hasMoreParents()) {
+ return aec.syncMultiparents();
+ } else {
+ return aec.delete();
+ }
+ }
+ }
+ }
+ return Futures.immediateFuture(null);
}
- public static ProviderAddressEndpointLocation createProviderAddressEndpointLocation(VppEndpoint vppEndpoint) {
+ private ProviderAddressEndpointLocation createAbsoluteLocationFromVppEndpoint(VppEndpoint vppEndpoint) {
InstanceIdentifier<Node> vppNodeIid = VppIidFactory.getNetconfNodeIid(vppEndpoint.getVppNodeId());
String restIfacePath = VppPathMapper.interfaceToRestPath(vppEndpoint.getVppInterfaceName());
- AbsoluteLocation absoluteLocation = new AbsoluteLocationBuilder()
- .setLocationType(new ExternalLocationCaseBuilder().setExternalNodeMountPoint(vppNodeIid)
- .setExternalNodeConnector(restIfacePath)
- .build())
- .build();
+ AbsoluteLocation absoluteLocation =
+ new AbsoluteLocationBuilder().setLocationType(new ExternalLocationCaseBuilder()
+ .setExternalNodeMountPoint(vppNodeIid).setExternalNodeConnector(restIfacePath).build()).build();
return new ProviderAddressEndpointLocationBuilder()
.setKey(createProviderAddressEndpointLocationKey(vppEndpoint))
.setAbsoluteLocation(absoluteLocation)
.build();
}
- ListenableFuture<Void> deleteLocationForVppEndpoint(final VppEndpoint vppEndpoint) {
- final ProviderAddressEndpointLocationKey provAddrEpLocKey =
- createProviderAddressEndpointLocationKey(vppEndpoint);
- final WriteTransaction wTx = txChain.newWriteOnlyTransaction();
- wTx.delete(LogicalDatastoreType.CONFIGURATION,
- IidFactory.providerAddressEndpointLocationIid(VPP_ENDPOINT_LOCATION_PROVIDER, provAddrEpLocKey));
- LOG.debug("Deleting location for {}", provAddrEpLocKey);
- return Futures.transform(wTx.submit(), (Function<Void, Void>) input -> {
- LOG.debug("{} removed location: {}", VPP_ENDPOINT_LOCATION_PROVIDER.getValue(), provAddrEpLocKey);
- return null;
+ public ProviderAddressEndpointLocation createRelativeAddressEndpointLocation(@Nonnull AddressEndpointKey addrEp,
+ @Nonnull Map<NodeId, String> publicIntfNamesByNodes) {
+ RelativeLocations relLocations =
+ new RelativeLocationsBuilder()
+ .setExternalLocation(publicIntfNamesByNodes.keySet()
+ .stream()
+ .filter(nodeId -> publicIntfNamesByNodes.get(nodeId) != null)
+ .map(nodeId -> new ExternalLocationBuilder()
+ .setExternalNodeMountPoint(VppIidFactory.getNetconfNodeIid(nodeId))
+ .setExternalNodeConnector(
+ VppPathMapper.interfaceToRestPath(publicIntfNamesByNodes.get(nodeId)))
+ .build())
+ .collect(Collectors.toList()))
+ .build();
+ return new ProviderAddressEndpointLocationBuilder().setKey(createProviderAddressEndpointLocationKey(addrEp))
+ .setRelativeLocations(relLocations)
+ .build();
+ }
+
+ public ListenableFuture<Void> writeLocation(ProviderAddressEndpointLocation location) {
+ WriteTransaction wTx = txChain.newWriteOnlyTransaction();
+ wTx.put(LogicalDatastoreType.CONFIGURATION,
+ IidFactory.providerAddressEndpointLocationIid(VPP_ENDPOINT_LOCATION_PROVIDER, location.getKey()),
+ location, true);
+ return Futures.transform(wTx.submit(), new Function<Void, Void>() {
+
+ @Override
+ public Void apply(Void input) {
+ LOG.debug("{} provided location: {}", VPP_ENDPOINT_LOCATION_PROVIDER.getValue(), location);
+ return null;
+ }
});
}
- private static ProviderAddressEndpointLocationKey createProviderAddressEndpointLocationKey(
- VppEndpoint vppEndpoint) {
- return new ProviderAddressEndpointLocationKey(vppEndpoint.getAddress(), vppEndpoint.getAddressType(),
- vppEndpoint.getContextId(), vppEndpoint.getContextType());
+ public ListenableFuture<Void> deleteLocation(ProviderAddressEndpointLocationKey key) {
+ ReadWriteTransaction rwTx = txChain.newReadWriteTransaction();
+ LOG.debug("Deleting location for {}", key);
+ DataStoreHelper.removeIfExists(LogicalDatastoreType.CONFIGURATION,
+ IidFactory.providerAddressEndpointLocationIid(VPP_ENDPOINT_LOCATION_PROVIDER, key), rwTx);
+ return Futures.transform(rwTx.submit(), new Function<Void, Void>() {
+
+ @Override
+ public Void apply(Void input) {
+ LOG.debug("{} removed location: {}", VPP_ENDPOINT_LOCATION_PROVIDER.getValue(), key);
+ return null;
+ }
+ });
}
public ListenableFuture<Void> replaceLocationForEndpoint(@Nonnull ExternalLocationCase location, @Nonnull AddressEndpointWithLocationKey addrEpWithLocKey) {
});
}
+ static ProviderAddressEndpointLocationKey createProviderAddressEndpointLocationKey(VppEndpoint vpp) {
+ return new ProviderAddressEndpointLocationKey(vpp.getAddress(), vpp.getAddressType(), vpp.getContextId(),
+ vpp.getContextType());
+ }
+
+ static ProviderAddressEndpointLocationKey createProviderAddressEndpointLocationKey(AddressEndpointKey key) {
+ return new ProviderAddressEndpointLocationKey(key.getAddress(), key.getAddressType(), key.getContextId(),
+ key.getContextType());
+ }
+
+ private static ProviderAddressEndpointLocationKey createProviderAddressEndpointLocationKey(ParentEndpointKey key) {
+ return new ProviderAddressEndpointLocationKey(key.getAddress(), key.getAddressType(), key.getContextId(),
+ key.getContextType());
+ }
+
+ private VppEndpointKey vppEndpointKeyFrom(AddressEndpointKey key) {
+ return new VppEndpointKey(key.getAddress(), key.getAddressType(), key.getContextId(), key.getContextType());
+ }
+
+ private VppEndpointKey vppEndpointKeyFrom(ParentEndpointKey key) {
+ return new VppEndpointKey(key.getAddress(), key.getAddressType(), key.getContextId(), key.getContextType());
+ }
+
@Override
- public void close() throws Exception {
+ public void close() {
+ super.closeRegisteredListener();
WriteTransaction wTx = txChain.newWriteOnlyTransaction();
wTx.delete(LogicalDatastoreType.CONFIGURATION, IidFactory.locationProviderIid(VPP_ENDPOINT_LOCATION_PROVIDER));
wTx.submit();
}
+
+ private class AddressEndpointChange {
+
+ private final AddressEndpoint before;
+ private final AddressEndpoint after;
+ private final DataBroker dataBroker;
+
+ public AddressEndpointChange(DataObjectModification<AddressEndpoint> addrEp, @Nonnull DataBroker dataBroker) {
+ this.before = addrEp.getDataBefore();
+ this.after = addrEp.getDataAfter();
+ this.dataBroker = dataBroker;
+ }
+
+ boolean hasMoreParents() {
+ return (before != null && EndpointUtils.getParentEndpoints(before.getParentEndpointChoice()).size() > 1)
+ || (after != null && EndpointUtils.getParentEndpoints(after.getParentEndpointChoice()).size() > 1);
+ }
+
+ ListenableFuture<Void> syncMultiparents() {
+ ReadWriteTransaction rwTx = dataBroker.newReadWriteTransaction();
+ if (before != null) {
+ for (ParentEndpoint pe : EndpointUtils.getParentEndpoints(before.getParentEndpointChoice())) {
+ InstanceIdentifier<ProviderAddressEndpointLocation> iid =
+ IidFactory.providerAddressEndpointLocationIid(VPP_ENDPOINT_LOCATION_PROVIDER,
+ createProviderAddressEndpointLocationKey(pe.getKey()));
+ DataStoreHelper.removeIfExists(LogicalDatastoreType.CONFIGURATION, iid, rwTx);
+ }
+ }
+ if (after != null) {
+ for (ParentEndpoint pe : EndpointUtils.getParentEndpoints(after.getParentEndpointChoice())) {
+ VppEndpoint vppEndpoint = vppEndpoints.get(vppEndpointKeyFrom(after.getKey()));
+ InstanceIdentifier<ProviderAddressEndpointLocation> iid =
+ IidFactory.providerAddressEndpointLocationIid(VPP_ENDPOINT_LOCATION_PROVIDER,
+ createProviderAddressEndpointLocationKey(pe.getKey()));
+ ProviderAddressEndpointLocation location = createAbsoluteLocationFromVppEndpoint(
+ new VppEndpointBuilder(vppEndpoint).setKey(vppEndpointKeyFrom(pe.getKey())).build());
+ rwTx.put(LogicalDatastoreType.CONFIGURATION, iid, location, true);
+ }
+ }
+ return rwTx.submit();
+ }
+
+ ListenableFuture<Void> write() {
+ VppEndpoint vpp = vppEndpoints.get(vppEndpointKeyFrom(after.getKey()));
+ WriteTransaction wTx = dataBroker.newWriteOnlyTransaction();
+ ProviderAddressEndpointLocation location =
+ createAbsoluteLocationFromVppEndpoint(vpp);
+ InstanceIdentifier<ProviderAddressEndpointLocation> iid = IidFactory.providerAddressEndpointLocationIid(
+ VPP_ENDPOINT_LOCATION_PROVIDER, createProviderAddressEndpointLocationKey(vpp));
+ wTx.put(LogicalDatastoreType.CONFIGURATION, iid, location, true);
+ return wTx.submit();
+ }
+
+ ListenableFuture<Void> delete() {
+ ReadWriteTransaction rwTx = dataBroker.newReadWriteTransaction();
+ InstanceIdentifier<ProviderAddressEndpointLocation> iid = IidFactory.providerAddressEndpointLocationIid(
+ VPP_ENDPOINT_LOCATION_PROVIDER, createProviderAddressEndpointLocationKey(before.getKey()));
+ DataStoreHelper.removeIfExists(LogicalDatastoreType.CONFIGURATION, iid, rwTx);
+ return rwTx.submit();
+ }
+ }
}
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Address;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.Interfaces;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ip.rev140616.Interface1;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.RendererNodes;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.nodes.RendererNode;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.nodes.RendererNodeBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.nodes.RendererNodeKey;
}
return Lists.newArrayList();
}
+
+ public static Map<NodeId, String> resolvePublicInterfaces(DataBroker dataProvider) {
+ Map<NodeId, String> nodes = new HashMap<>();
+ ReadOnlyTransaction rTx = dataProvider.newReadOnlyTransaction();
+ Optional<RendererNodes> rendNodes =
+ DataStoreHelper.readFromDs(LogicalDatastoreType.OPERATIONAL, VppIidFactory.getRendererNodesIid(), rTx);
+ rTx.close();
+ if (!rendNodes.isPresent()) {
+ return nodes;
+ }
+ rendNodes.get()
+ .getRendererNode()
+ .stream()
+ .filter(rn -> rn.getAugmentation(VppInterfaceAugmentation.class) != null)
+ .filter(rn -> rn.getAugmentation(VppInterfaceAugmentation.class).getPhysicalInterface() != null)
+ .forEach(rn -> {
+ java.util.Optional<PhysicalInterface> pubInt = rn.getAugmentation(VppInterfaceAugmentation.class)
+ .getPhysicalInterface()
+ .stream()
+ .filter(phInt -> phInt.isExternal())
+ .findFirst();
+ if (pubInt.isPresent()) {
+ nodes.put(rn.getNodePath().firstKeyOf(Node.class).getNodeId(), pubInt.get().getInterfaceName());
+ }
+ });
+ return nodes;
+ }
}
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
import org.opendaylight.groupbasedpolicy.renderer.vpp.api.BridgeDomainManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.commands.RoutingCommand;
-import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.AclManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.InterfaceManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.nat.NatManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.nat.NatUtil;
-import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AccessListUtil;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AclManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.routing.RoutingManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.General;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.KeyFactory;
}
String l2FloodDomain = optL2FloodDomain.get();
try {
- ifaceManager.addBridgeDomainToInterface(l2FloodDomain, rEp, AccessListUtil.resolveAclsOnInterface(
+ ifaceManager.addBridgeDomainToInterface(l2FloodDomain, rEp, aclManager.resolveAclsOnInterface(
rEpKey, policyCtx), isBviForEndpoint(rEp)).get();
aclManager.updateAclsForPeers(policyCtx, rEpKey);
LOG.debug("Interface added to bridge-domain {} for endpoint {}", l2FloodDomain, rEp);
import org.opendaylight.groupbasedpolicy.renderer.util.AddressEndpointUtils;
import org.opendaylight.groupbasedpolicy.renderer.vpp.event.NodeOperEvent;
import org.opendaylight.groupbasedpolicy.renderer.vpp.event.RendererPolicyConfEvent;
-import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.AclManager;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AclManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.KeyFactory;
import org.opendaylight.groupbasedpolicy.util.IidFactory;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.endpoints.address.endpoints.AddressEndpointKey;
LOG.trace("VPP renderer policy updated");
PolicyContext policyCtxBefore = new PolicyContext(rPolicyBefore);
PolicyContext policyCtxAfter = new PolicyContext(rPolicyAfter);
+ aclManager.cacheMultiInterfaces(policyCtxAfter);
MapDifference<String, Collection<NodeId>> vppNodesByL2FlDiff =
createDiffForVppNodesByL2Fd(policyCtxBefore, policyCtxAfter);
SetMultimap<String, NodeId> removedVppNodesByL2Fd = HashMultimap.create();
private void rendererPolicyCreated(RendererPolicy rPolicy) {
LOG.trace("VPP renderer policy version {} created", rPolicy.getVersion());
PolicyContext policyCtx = new PolicyContext(rPolicy);
+ aclManager.cacheMultiInterfaces(policyCtx);
ImmutableSet<RendererEndpointKey> rEpKeys = policyCtx.getPolicyTable().rowKeySet();
SetMultimap<String, NodeId> vppNodesByL2Fd = resolveVppNodesByL2Fd(rEpKeys, policyCtx);
private void rendererPolicyDeleted(RendererPolicy rendererPolicy) {
LOG.trace("VPP renderer policy version {} deleted", rendererPolicy.getVersion());
PolicyContext policyCtx = new PolicyContext(rendererPolicy);
+ aclManager.cacheMultiInterfaces(policyCtx);
ImmutableSet<RendererEndpointKey> rEpKeys = policyCtx.getPolicyTable().rowKeySet();
rEpKeys.forEach(rEpKey -> fwManager.removeForwardingForEndpoint(rEpKey, policyCtx));
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Prefix;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv6Prefix;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.parent.child.endpoints.parent.endpoint.choice.parent.endpoint._case.ParentEndpoint;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.forwarding.l2_l3.rev160427.L2BridgeDomain;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.forwarding.l2_l3.rev160427.SubnetAugmentRenderer;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.forwarding.l2_l3.rev160427.has.subnet.Subnet;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.HasDirection.Direction;
// hiding default public constructor
private AccessListUtil() {}
- public static List<AccessListWrapper> resolveAclsOnInterface(RendererEndpointKey rEpKey, PolicyContext ctx) {
- List<AccessListWrapper> aclWrappers = new ArrayList<>();
- for (ACE_DIRECTION dir : new ACE_DIRECTION[] {ACE_DIRECTION.INGRESS, ACE_DIRECTION.EGRESS}) {
- aclWrappers.add(buildAccessListWrappers(dir, ctx, rEpKey));
- }
- return aclWrappers;
- }
-
- /**
- * @param policyDirection direction for which policy should be resolved. EP -> VPP = OUTBOUND, EP <- VPP = INBOUND
- * @param ctx with cached data
- * @param rEpKey key of EP for which to create ACLs.
- * @return synchronization futures, so that INGRESS and EGRESS ACLS can be resolved in parallel.
- */
- private static AccessListWrapper buildAccessListWrappers(ACE_DIRECTION policyDirection, PolicyContext ctx,
- RendererEndpointKey rEpKey) {
- LOG.trace("Resolving policy for VPP renderer endpoint {} in a separate thread in {} direction.", rEpKey,
- policyDirection);
- AccessListWrapper aclWrapper = AccessListUtil.ACE_DIRECTION.INGRESS
- .equals(policyDirection) ? new IngressAccessListWrapper() : new EgressAccessListWrapper();
+ static void configureLocalRules(PolicyContext ctx, RendererEndpointKey rEpKey, ACE_DIRECTION policyDirection,
+ AccessListWrapper aclWrapper) {
ctx.getPolicyTable()
.row(rEpKey)
.keySet()
.stream()
.filter(peerEpKey -> peerHasLocation(ctx, peerEpKey))
.forEach(peerEpKey -> {
- ctx.getPolicyTable().get(rEpKey, peerEpKey).forEach(resolvedRules -> {
- List<GbpAceBuilder> rules = new ArrayList<>();
- LOG.debug("Resolving policy for {} and peer endpoint {}", rEpKey, peerEpKey);
- Direction classifDir =
- calculateClassifDirection(resolvedRules.getRendererEndpointParticipation(), policyDirection);
- rules.addAll(resolveAclRulesFromPolicy(resolvedRules, classifDir,
- rEpKey.getAddress() + UNDERSCORE + peerEpKey.getAddress()));
- updateAddressesInRules(rules, rEpKey, peerEpKey, ctx, policyDirection, true);
- aclWrapper.writeRules(rules);
+ ctx.getPolicyTable().get(rEpKey, peerEpKey).forEach(resolvedRules -> {
+ List<GbpAceBuilder> rules = new ArrayList<>();
+ LOG.debug("Resolving policy for {} and peer endpoint {}", rEpKey, peerEpKey);
+ Direction classifDir = calculateClassifDirection(resolvedRules.getRendererEndpointParticipation(),
+ policyDirection);
+ rules.addAll(resolveAclRulesFromPolicy(resolvedRules, classifDir,
+ rEpKey.getAddress() + UNDERSCORE + peerEpKey.getAddress()));
+ updateAddressesInRules(rules, rEpKey, peerEpKey, ctx, policyDirection, true);
+ aclWrapper.writeRules(rules);
+
+ });
});
- });
- // resolve peers with no location
- aclWrapper.writeRules(denyDomainSubnets(ctx, policyDirection));
- // TODO currently any traffic heading to/from outside of managed domain is
- // permitted for demonstration purposes
- if (rEpKey.getContextType().isAssignableFrom(L2BridgeDomain.class) && findAddrEp(ctx, rEpKey) != null) {
- Optional<GbpAceBuilder> allowExtAccess =
- allowExternalNetworksForEp(findAddrEp(ctx, rEpKey), policyDirection);
- if (allowExtAccess.isPresent()) {
- aclWrapper.writeRule(allowExtAccess.get());
- }
- }
- return aclWrapper;
}
/**
AddressEndpointUtils.fromPeerEpKey(peerEpKey)) != null;
}
- private static AddressEndpointWithLocation findAddrEp(PolicyContext ctx, RendererEndpointKey rEpKey) {
+ static AddressEndpointWithLocation findAddrEp(PolicyContext ctx, RendererEndpointKey rEpKey) {
return ctx.getAddrEpByKey().get(
AddressEndpointUtils.fromRendererEpKey(rEpKey));
}
* purposes
* TODO initial workaround for external networking
*/
- private static Optional<GbpAceBuilder> allowExternalNetworksForEp(@Nonnull AddressEndpointWithLocation addrEp,
+ static Optional<GbpAceBuilder> allowExternalNetworksForEp(@Nonnull AddressEndpointWithLocation addrEp,
AccessListUtil.ACE_DIRECTION dir) {
List<ParentEndpoint> parentEndpoints = EndpointUtils.getParentEndpoints(addrEp.getParentEndpointChoice());
if (parentEndpoints.isEmpty()) {
return (address.contains("/") && address.split("/").length > 0) ? address.split("/")[0] : address;
}
- private static List<GbpAceBuilder> denyDomainSubnets(@Nonnull PolicyContext ctx, @Nonnull ACE_DIRECTION policyDirection) {
+ static List<GbpAceBuilder> denyDomainSubnets(@Nonnull PolicyContext ctx, @Nonnull ACE_DIRECTION policyDirection) {
List<GbpAceBuilder> aclRuleBuilders = new ArrayList<>();
for (RendererForwardingByTenant rf : ctx.getPolicy()
.getConfiguration()
if (policyDirection.equals(ACE_DIRECTION.INGRESS) && subnetAug.getSubnet().isIsTenant()) {
aclRuleBuilders.add(denyIngressTrafficForPrefix(subnetAug.getSubnet()));
}
- else if(subnetAug.getSubnet().isIsTenant()) {
+ else if (subnetAug.getSubnet().isIsTenant()) {
aclRuleBuilders.add(denyEgressTrafficForPrefix(subnetAug.getSubnet()));
}
});
--- /dev/null
+/*
+ * Copyright (c) 2017 Cisco Systems, Inc. and others. All rights reserved.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ * and is available at http://www.eclipse.org/legal/epl-v10.html
+ */
+
+package org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.stream.Collectors;
+
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+
+import org.opendaylight.controller.md.sal.binding.api.DataBroker;
+import org.opendaylight.groupbasedpolicy.renderer.util.AddressEndpointUtils;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.InterfaceManager;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.VppPathMapper;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.PolicyContext;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AccessListUtil.ACE_DIRECTION;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.util.KeyFactory;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.util.MountedDataBrokerProvider;
+import org.opendaylight.groupbasedpolicy.util.EndpointUtils;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.Interface;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.InterfaceKey;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.endpoints.address.endpoints.AddressEndpointKey;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.absolute.location.location.type.ExternalLocationCase;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.forwarding.l2_l3.rev160427.L2BridgeDomain;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.endpoints.AddressEndpointWithLocation;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.renderer.endpoints.RendererEndpointKey;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.renderer.endpoints.renderer.endpoint.PeerEndpointKey;
+import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NodeId;
+import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.Node;
+import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.google.common.base.Optional;
+import com.google.common.base.Preconditions;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.ImmutableTable;
+import com.google.common.collect.ImmutableTable.Builder;
+import com.google.common.collect.Sets;
+
+public class AclManager {
+
+ private static final Logger LOG = LoggerFactory.getLogger(AclManager.class);
+ private final MountedDataBrokerProvider mountDataProvider;
+
+ private static ImmutableTable<NodeId, InterfaceKey, ImmutableSet<AddressEndpointKey>> multipleEndpointsOnInterface;
+
+ public AclManager(@Nonnull MountedDataBrokerProvider mountDataProvider) {
+ this.mountDataProvider = Preconditions.checkNotNull(mountDataProvider);
+ }
+
+ public List<AccessListWrapper> resolveAclsOnInterface(RendererEndpointKey rEpKey, PolicyContext ctx) {
+ List<AccessListWrapper> aclWrappers = new ArrayList<>();
+ for (ACE_DIRECTION dir : new ACE_DIRECTION[] {ACE_DIRECTION.INGRESS, ACE_DIRECTION.EGRESS}) {
+ aclWrappers.add(buildAccessListWrappers(dir, ctx, rEpKey));
+ }
+ return aclWrappers;
+ }
+
+ /**
+ * @param policyDirection direction for which policy should be resolved. EP -> VPP = OUTBOUND, EP <- VPP = INBOUND
+ * @param ctx with cached data
+ * @param rEpKey key of EP for which to create ACLs.
+ * @return synchronization futures, so that INGRESS and EGRESS ACLS can be resolved in parallel.
+ */
+ private static AccessListWrapper buildAccessListWrappers(ACE_DIRECTION policyDirection, PolicyContext ctx,
+ RendererEndpointKey rEpKey) {
+ LOG.trace("Resolving policy for VPP renderer endpoint {} in a separate thread in {} direction.", rEpKey,
+ policyDirection);
+ AccessListWrapper aclWrapper = AccessListUtil.ACE_DIRECTION.INGRESS
+ .equals(policyDirection) ? new IngressAccessListWrapper() : new EgressAccessListWrapper();
+ AccessListUtil.configureLocalRules(ctx, rEpKey, policyDirection, aclWrapper);
+ // we support multiple IP end-points on a same interface
+ for (AddressEndpointKey aek : otherEndpointsOnTheSameInterface(ctx,
+ AddressEndpointUtils.fromRendererEpKey(rEpKey))) {
+ AccessListUtil.configureLocalRules(ctx, AddressEndpointUtils.toRendererEpKey(aek), policyDirection, aclWrapper);
+ }
+ // resolve peers with no location
+ aclWrapper.writeRules(AccessListUtil.denyDomainSubnets(ctx, policyDirection));
+ // TODO currently any traffic heading to/from outside of managed domain is
+ // permitted for demonstration purposes
+ if (rEpKey.getContextType().isAssignableFrom(L2BridgeDomain.class) && AccessListUtil.findAddrEp(ctx, rEpKey) != null) {
+ Optional<GbpAceBuilder> allowExtAccess =
+ AccessListUtil.allowExternalNetworksForEp(AccessListUtil.findAddrEp(ctx, rEpKey), policyDirection);
+ if (allowExtAccess.isPresent()) {
+ aclWrapper.writeRule(allowExtAccess.get());
+ }
+ }
+ return aclWrapper;
+ }
+
+ public void updateAclsForPeers(PolicyContext policyCtx, RendererEndpointKey rEpKey) {
+ ImmutableSet<PeerEndpointKey> peers = policyCtx.getPolicyTable().row(rEpKey).keySet();
+ for (RendererEndpointKey peerRendEp : peers.stream()
+ .map(AddressEndpointUtils::fromPeerEpKey)
+ .collect(Collectors.toList())
+ .stream()
+ .map(AddressEndpointUtils::toRendererEpKey)
+ .collect(Collectors.toList())) {
+ updateAclsForRendEp(peerRendEp, policyCtx);
+ }
+ }
+
+ public void updateAclsForRendEp(RendererEndpointKey rEpKey, PolicyContext policyCtx) {
+ LOG.info("Updating policy for endpoint {}", rEpKey);
+ AddressEndpointWithLocation peerAddrEp = policyCtx.getAddrEpByKey().get(KeyFactory.addressEndpointKey(rEpKey));
+ ExternalLocationCase epLoc;
+ try {
+ epLoc = InterfaceManager.resolveAndValidateLocation(peerAddrEp);
+ } catch (NullPointerException | IllegalArgumentException e) {
+ //TODO investigate, don't just move on.
+ LOG.warn("Peer {} has no location. Moving on...", peerAddrEp, e.getMessage());
+ return;
+ }
+ InstanceIdentifier<?> vppNodeIid = epLoc.getExternalNodeMountPoint();
+ Optional<InstanceIdentifier<Interface>> optInterfaceIid =
+ VppPathMapper.interfaceToInstanceIdentifier(epLoc.getExternalNodeConnector());
+ if (!optInterfaceIid.isPresent()) {
+ LOG.warn("Cannot find interface for endpoint {}. ACLs for endpoint not updated {}. ", rEpKey);
+ return;
+ }
+ Optional<DataBroker> optMountPoint = mountDataProvider.getDataBrokerForMountPoint(vppNodeIid);
+ resolveAclsOnInterface(rEpKey, policyCtx).forEach(aclWrapper -> aclWrapper
+ .writeAcl(optMountPoint.get(), optInterfaceIid.get().firstKeyOf(Interface.class)));
+ }
+
+ /**
+ * Cache end-points accessible via a single interface for further processing.
+ */
+ public void cacheMultiInterfaces(@Nonnull PolicyContext ctx) {
+ Builder<NodeId, InterfaceKey, ImmutableSet<AddressEndpointKey>> resultBuilder = new Builder<>();
+ resolveEndpointsOnMultipleInterface(ImmutableList.copyOf(ctx.getAddrEpByKey().values()), resultBuilder);
+ multipleEndpointsOnInterface = resultBuilder.build();
+ }
+
+ private void resolveEndpointsOnMultipleInterface(@Nullable ImmutableList<AddressEndpointWithLocation> eps,
+ @Nonnull Builder<NodeId, InterfaceKey, ImmutableSet<AddressEndpointKey>> builder) {
+ if (eps == null || eps.isEmpty()) {
+ return;
+ }
+ eps.get(0);
+ ImmutableSet<AddressEndpointKey> copyOf = ImmutableSet.copyOf(eps.stream()
+ .filter(addrEp -> AddressEndpointUtils.sameExternalLocationCase(eps.get(0), addrEp))
+ .map(addrEp -> AddressEndpointUtils.fromAddressEndpointWithLocationKey(addrEp.getKey()))
+ .collect(Collectors.toSet()));
+ Optional<ExternalLocationCase> extLoc = EndpointUtils.getExternalLocationFrom(eps.get(0));
+ builder.put(extLoc.get().getExternalNodeMountPoint().firstKeyOf(Node.class).getNodeId(),
+ new InterfaceKey(extLoc.get().getExternalNodeConnector()), copyOf);
+ ImmutableList<AddressEndpointWithLocation> lisst = ImmutableList.copyOf(eps.stream()
+ .filter(addrEp -> !AddressEndpointUtils.sameExternalLocationCase(eps.get(0), addrEp))
+ .collect(Collectors.toList()));
+ if (!lisst.isEmpty()) {
+ resolveEndpointsOnMultipleInterface(lisst, builder);
+ }
+ }
+
+ public @Nonnull static ImmutableSet<AddressEndpointKey> otherEndpointsOnTheSameInterface(@Nonnull PolicyContext ctx,
+ @Nonnull AddressEndpointKey key) {
+ if (multipleEndpointsOnInterface != null) {
+ for (InterfaceKey ifaceKey : multipleEndpointsOnInterface.columnKeySet()) {
+ for (NodeId nodeId : multipleEndpointsOnInterface.column(ifaceKey).keySet()) {
+ ImmutableSet<AddressEndpointKey> addrEps = multipleEndpointsOnInterface.get(nodeId, ifaceKey);
+ if (addrEps != null && addrEps.contains(key) && addrEps.size() > 1) {
+ return multipleEndpointsOnInterface.get(nodeId, ifaceKey);
+ }
+ }
+ }
+ }
+ return ImmutableSet.copyOf(Sets.newHashSet());
+ }
+}
class DestinationMapper extends AddressMapper {
private static final Logger LOG = LoggerFactory.getLogger(DestinationMapper.class);
- private static final String METADATA_IP_PREFIX = "169.254.169.254/32";
- private static final String IN__METADATA = "In__METADATA";
DestinationMapper(ACE_DIRECTION direction) {
super(direction);
@Override
void updateRule(AddressEndpointWithLocation addrEp, GbpAceBuilder aclRuleBuilder) {
- if (!EndpointUtils.getParentEndpoints(addrEp.getParentEndpointChoice()).isEmpty()) {
- // TODO more parents, when supported
+ String address;
+ if (addrEp.getContextType().isAssignableFrom(L3Context.class)) {
+ address = addrEp.getAddress();
+ } else {
ParentEndpoint parentEp = EndpointUtils.getParentEndpoints(addrEp.getParentEndpointChoice()).get(0);
- if (parentEp != null && parentEp.getContextType().isAssignableFrom(L3Context.class)) {
- // TODO this is a fix for metadata agent in DHCP namespace, when we will fully support multiple IPs
- // per interface we shall rework this
- if (aclRuleBuilder.getName().contains(IN__METADATA)) {
- LOG.trace("Setting dst IP address {} in rule {}", METADATA_IP_PREFIX, aclRuleBuilder);
- try {
- AccessListUtil.setDestinationL3Address(aclRuleBuilder, METADATA_IP_PREFIX);
- } catch (UnknownHostException e) {
- LOG.error("Failed to parse address {}. Cannot apply ACL entry {}. {}", METADATA_IP_PREFIX,
- aclRuleBuilder, e);
- }
- } else {
- LOG.trace("Setting dst IP address {} in rule {}", parentEp.getAddress(), aclRuleBuilder);
- try {
- AccessListUtil.setDestinationL3Address(aclRuleBuilder, parentEp.getAddress());
- } catch (UnknownHostException e) {
- LOG.error("Failed to parse address {}. Cannot apply ACL entry {}. {}", parentEp.getAddress(),
- aclRuleBuilder, e);
- }
- }
-
+ if (parentEp == null || !parentEp.getContextType().isAssignableFrom(L3Context.class)) {
+ LOG.warn("Cannot resolve IP address for endpoint {}", addrEp);
+ return;
}
+ address = parentEp.getAddress();
+ }
+ LOG.trace("Setting dst IP address {} in rule {}", address, aclRuleBuilder);
+ try {
+ AccessListUtil.setDestinationL3Address(aclRuleBuilder, address);
+ } catch (UnknownHostException e) {
+ LOG.error("Failed to parse address {}. Cannot apply ACL entry {}. {}", address, aclRuleBuilder, e);
}
}
}
class SourceMapper extends AddressMapper {
private static final Logger LOG = LoggerFactory.getLogger(SourceMapper.class);
- private static final String METADATA_IP_PREFIX = "169.254.169.254/32";
- private static final String OUT__METADATA = "Out__METADATA";
SourceMapper(ACE_DIRECTION direction) {
super(direction);
@Override
void updateRule(AddressEndpointWithLocation addrEp, GbpAceBuilder aclRuleBuilder) {
- if (!EndpointUtils.getParentEndpoints(addrEp.getParentEndpointChoice()).isEmpty()) {
- // TODO more parents
+ String address;
+ if (addrEp.getContextType().isAssignableFrom(L3Context.class)) {
+ address = addrEp.getAddress();
+ } else {
ParentEndpoint parentEp = EndpointUtils.getParentEndpoints(addrEp.getParentEndpointChoice()).get(0);
- if (parentEp != null && parentEp.getContextType().isAssignableFrom(L3Context.class)) {
- // TODO this is a fix for metadata agent in DHCP namespace, when we will fully support multiple IPs
- // per interface we shall rework this
- if (aclRuleBuilder.getName().contains(OUT__METADATA)) {
- LOG.trace("Setting src IP address {} in rule {}", METADATA_IP_PREFIX, aclRuleBuilder);
- try {
- AccessListUtil.setSourceL3Address(aclRuleBuilder, METADATA_IP_PREFIX);
- } catch (UnknownHostException e) {
- LOG.error("Failed to parse address {}. Cannot apply ACL entry {}. {}", METADATA_IP_PREFIX,
- aclRuleBuilder, e);
- }
- } else {
- LOG.trace("Setting src IP address {} in rule {}", parentEp.getAddress(), aclRuleBuilder);
- try {
- AccessListUtil.setSourceL3Address(aclRuleBuilder, parentEp.getAddress());
- } catch (UnknownHostException e) {
- LOG.error("Failed to parse address {}. Cannot apply ACL entry {}. {}", parentEp.getAddress(),
- aclRuleBuilder, e);
- }
- }
+ if (parentEp == null || !parentEp.getContextType().isAssignableFrom(L3Context.class)) {
+ LOG.warn("Cannot resolve IP address for endpoint {}", addrEp);
+ return;
}
+ address = parentEp.getAddress();
+ }
+ LOG.trace("Setting src IP address {} in rule {}", address, aclRuleBuilder);
+ try {
+ AccessListUtil.setSourceL3Address(aclRuleBuilder, address);
+ } catch (UnknownHostException e) {
+ LOG.error("Failed to parse address {}. Cannot apply ACL entry {}. {}", address, aclRuleBuilder, e);
}
}
}
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang._interface.acl.rev161214.VppAclInterfaceAugmentation;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.v3po.rev170315.BridgeDomainsState;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.v3po.rev170315.VppInterfaceAugmentation;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.v3po.rev170315.interfaces._interface.L2;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.v3po.rev170315.bridge.domains.state.BridgeDomain;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.v3po.rev170315.bridge.domains.state.BridgeDomainKey;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.v3po.rev170315.interfaces._interface.L2;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.acl.rev161214.VppAcl;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NetworkTopology;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NodeId;
}
public static InstanceIdentifier<RendererNode> getRendererNodeIid(RendererNode rendererNode) {
- return InstanceIdentifier.builder(Renderers.class)
- .child(Renderer.class, new RendererKey(VppRenderer.NAME))
- .child(RendererNodes.class)
- .child(RendererNode.class, new RendererNodeKey(rendererNode.getNodePath()))
- .build();
+ return getRendererNodesIid().child(RendererNode.class, new RendererNodeKey(rendererNode.getNodePath()));
}
public static InstanceIdentifier<Node> getNodeIid(TopologyKey topologyKey, NodeKey nodeKey) {
import org.mockito.Mockito;
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.controller.md.sal.binding.api.ReadOnlyTransaction;
+import org.opendaylight.controller.md.sal.binding.api.WriteTransaction;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
import org.opendaylight.groupbasedpolicy.renderer.vpp.event.VppEndpointConfEvent;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.MountedDataBrokerProvider;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.Interfaces;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.Interface;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.InterfaceKey;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.endpoints.address.endpoints.AddressEndpoint;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.endpoints.address.endpoints.AddressEndpointBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.endpoints.address.endpoints.AddressEndpointKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ContextId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint_location_provider.rev160419.LocationProviders;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint_location_provider.rev160419.location.providers.LocationProvider;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.v3po.rev170315.VppInterfaceAugmentation;
import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.v3po.rev170315.BridgeDomains;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NodeId;
-import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.TopologyId;
-import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.TopologyKey;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.Node;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.NodeKey;
import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
import com.google.common.base.Optional;
+import com.google.common.collect.ImmutableList;
public class InterfaceManagerTest extends CustomDataBrokerTest {
new VppEndpointKey(ADDRESS, AddressType.class, CONTEXT_ID, ContextType.class);
private final static InstanceIdentifier<VppEndpoint> BASIC_VPP_EP_IID =
InstanceIdentifier.builder(Config.class).child(VppEndpoint.class, BASIC_VPP_EP_KEY).build();
- private final static TopologyKey TOPO_KEY = new TopologyKey(new TopologyId("topo1"));
private final static NodeKey NODE_KEY = new NodeKey(new NodeId("node1"));
private final static String SOCKET = "socket1";
@Test
public void testVppEndpointChanged_created() throws Exception {
+ VppEndpointLocationProvider vppEpLocProvider = new VppEndpointLocationProvider(dataBroker);
+ AddressEndpoint addrEp = new AddressEndpointBuilder()
+ .setKey(new AddressEndpointKey(vhostVppEpBuilder().getAddress(), vhostVppEpBuilder().getAddressType(),
+ vhostVppEpBuilder().getContextId(), vhostVppEpBuilder().getContextType()))
+ .setEndpointGroup(ImmutableList.of())
+ .build();
+ WriteTransaction wTx = dataBroker.newWriteOnlyTransaction();
+ wTx.put(LogicalDatastoreType.OPERATIONAL, IidFactory.addressEndpointIid(addrEp.getKey()), addrEp, true);
+ wTx.submit().get();
VppEndpoint vhostEp = vhostVppEpBuilder().build();
VppEndpointConfEvent event = new VppEndpointConfEvent(BASIC_VPP_EP_IID, null, vhostEp);
List<ProviderAddressEndpointLocation> epLocs = optLocationProvider.get().getProviderAddressEndpointLocation();
Assert.assertNotNull(epLocs);
Assert.assertEquals(1, epLocs.size());
- ProviderAddressEndpointLocation epLoc = VppEndpointLocationProvider.createProviderAddressEndpointLocation(vhostEp);
- Assert.assertEquals(epLoc, epLocs.get(0));
+ vppEpLocProvider.close();
}
@Test
Assert.assertFalse(potentialIface.isPresent());
// assert state on ODL data store
ReadOnlyTransaction rTx = dataBroker.newReadOnlyTransaction();
- ProviderAddressEndpointLocation providerAddressEndpointLocation =
- VppEndpointLocationProvider.createProviderAddressEndpointLocation(vhostEp);
+ VppEndpointLocationProvider.createProviderAddressEndpointLocationKey(vhostEp);
InstanceIdentifier<ProviderAddressEndpointLocation> providerAddressEndpointLocationIid = IidFactory
.providerAddressEndpointLocationIid(VppEndpointLocationProvider.VPP_ENDPOINT_LOCATION_PROVIDER,
- providerAddressEndpointLocation.getKey());
+ VppEndpointLocationProvider.createProviderAddressEndpointLocationKey(vhostEp));
Optional<ProviderAddressEndpointLocation> optProvEpLoc =
rTx.read(LogicalDatastoreType.CONFIGURATION, providerAddressEndpointLocationIid).get();
Assert.assertFalse(optProvEpLoc.isPresent());
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
-import com.google.common.util.concurrent.CheckedFuture;
-import com.google.common.util.concurrent.ListenableFuture;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.opendaylight.controller.md.sal.binding.api.BindingTransactionChain;
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
+import org.opendaylight.controller.md.sal.binding.api.ReadWriteTransaction;
import org.opendaylight.controller.md.sal.binding.api.WriteTransaction;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
+import org.opendaylight.controller.md.sal.common.api.data.ReadFailedException;
import org.opendaylight.controller.md.sal.common.api.data.TransactionCommitFailedException;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.AbsoluteLocation;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.absolute.location.location.type.ExternalLocationCase;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.base_endpoint.rev160427.has.absolute.location.absolute.location.location.type.ExternalLocationCaseBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ContextId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.renderer.rev151103.renderers.renderer.renderer.policy.configuration.endpoints.AddressEndpointWithLocationKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.vpp_renderer.rev160425.config.VppEndpoint;
import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.vpp_renderer.rev160425.config.VppEndpointBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.vpp_renderer.rev160425.config.VppEndpointKey;
import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NodeId;
-import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.Node;
+import org.opendaylight.yangtools.yang.binding.DataObject;
import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
+import com.google.common.base.Optional;
+import com.google.common.util.concurrent.CheckedFuture;
+import com.google.common.util.concurrent.ListenableFuture;
+
@SuppressWarnings("unchecked")
public class VppEndpointLocationProviderTest {
private final DataBroker dataProvider = mock(DataBroker.class);
private final BindingTransactionChain transactionChain = mock(BindingTransactionChain.class);
private final WriteTransaction wTx = mock(WriteTransaction.class);
+ private final ReadWriteTransaction rwTx = mock(ReadWriteTransaction.class);
private final CheckedFuture<Void, TransactionCommitFailedException> future = mock(CheckedFuture.class);
+ private final CheckedFuture<Optional<DataObject>,ReadFailedException> readFuture = mock(CheckedFuture.class);
+ private final Optional<DataObject> vppEpOpt = mock(Optional.class);
+ private final VppEndpointKey VPP_EP_KEY =
+ new VppEndpointKey("192.168.192.168/32", IpPrefixType.class, new ContextId("TEST_CTX"), L3Context.class);
@Before
- public void init() {
+ public void init() throws ReadFailedException {
when(dataProvider.createTransactionChain(any())).thenReturn(transactionChain);
when(transactionChain.newWriteOnlyTransaction()).thenReturn(wTx);
+ when(transactionChain.newReadWriteTransaction()).thenReturn(rwTx);
+ when(dataProvider.newReadWriteTransaction()).thenReturn(rwTx);
+ when(rwTx.read(any(LogicalDatastoreType.class), any(InstanceIdentifier.class))).thenReturn(readFuture);
+ when(readFuture.checkedGet()).thenReturn(vppEpOpt);
+ when(vppEpOpt.isPresent()).thenReturn(true);
when(wTx.submit()).thenReturn(future);
+ when(rwTx.submit()).thenReturn(future);
}
@Test
public void constructorTest() {
new VppEndpointLocationProvider(dataProvider);
-
verify(dataProvider, times(1)).createTransactionChain(any());
verify(transactionChain, times(1)).newWriteOnlyTransaction();
verify(wTx, times(1)).put(eq(LogicalDatastoreType.CONFIGURATION),
public void createLocationForVppEndpointTest() {
final VppEndpointLocationProvider locationProvider = new VppEndpointLocationProvider(dataProvider);
final ListenableFuture<Void> result = locationProvider.createLocationForVppEndpoint(vppEndpointBuilder());
-
Assert.assertNotNull(result);
verify(dataProvider, times(1)).createTransactionChain(any());
- verify(transactionChain, times(2)).newWriteOnlyTransaction();
+ verify(transactionChain, times(1)).newWriteOnlyTransaction();
verify(wTx, times(1)).put(eq(LogicalDatastoreType.CONFIGURATION),
any(InstanceIdentifier.class), any(LocationProvider.class), eq(true));
verify(wTx, times(1)).put(eq(LogicalDatastoreType.CONFIGURATION),
any(InstanceIdentifier.class), any(ProviderAddressEndpointLocation.class), eq(true));
- verify(wTx, times(2)).submit();
- }
-
- @Test
- public void createProviderAddressEndpointLocationTest() {
- final ProviderAddressEndpointLocation result =
- VppEndpointLocationProvider.createProviderAddressEndpointLocation(vppEndpointBuilder());
- Assert.assertNotNull(result);
- final AbsoluteLocation location = result.getAbsoluteLocation();
- Assert.assertNotNull(location);
- Assert.assertEquals(location.getLocationType().getImplementedInterface(), ExternalLocationCase.class);
- final ExternalLocationCase locationType = (ExternalLocationCase) location.getLocationType();
- Assert.assertEquals(locationType.getExternalNodeMountPoint().firstKeyOf(Node.class).getNodeId(), nodeId);
- Assert.assertTrue(locationType.getExternalNodeConnector().contains(INTERFACE_NAME));
-
+ verify(wTx, times(1)).submit();
}
@Test
public void deleteLocationForVppEndpointTest() {
final VppEndpointLocationProvider locationProvider = new VppEndpointLocationProvider(dataProvider);
final ListenableFuture<Void> result = locationProvider.deleteLocationForVppEndpoint(vppEndpointBuilder());
-
Assert.assertNotNull(result);
verify(dataProvider, times(1)).createTransactionChain(any());
- verify(transactionChain, times(2)).newWriteOnlyTransaction();
+ verify(transactionChain, times(1)).newWriteOnlyTransaction();
verify(wTx, times(1)).put(eq(LogicalDatastoreType.CONFIGURATION),
any(InstanceIdentifier.class), any(LocationProvider.class), eq(true));
- verify(wTx, times(1)).delete(eq(LogicalDatastoreType.CONFIGURATION),
+ verify(rwTx, times(1)).delete(eq(LogicalDatastoreType.CONFIGURATION),
any(InstanceIdentifier.class));
- verify(wTx, times(2)).submit();
+ verify(wTx, times(1)).submit();
+ verify(rwTx, times(1)).submit();
}
@Test
private VppEndpoint vppEndpointBuilder() {
final VppEndpointBuilder vppEndpointBuilder = new VppEndpointBuilder();
- vppEndpointBuilder.setVppNodeId(nodeId)
- .setVppInterfaceName(INTERFACE_NAME);
+ vppEndpointBuilder.setKey(VPP_EP_KEY).setVppNodeId(nodeId).setVppInterfaceName(INTERFACE_NAME);
return vppEndpointBuilder.build();
}
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.controller.md.sal.binding.api.WriteTransaction;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
-import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.AclManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.InterfaceManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.nat.NatManager;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AclManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.routing.RoutingManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.VppIidFactory;
import org.opendaylight.groupbasedpolicy.test.CustomDataBrokerTest;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
import org.opendaylight.groupbasedpolicy.renderer.vpp.DtoFactory;
import org.opendaylight.groupbasedpolicy.renderer.vpp.api.BridgeDomainManager;
-import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.AclManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.InterfaceManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.nat.NatManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AccessListWrapper;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AclManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.routing.RoutingManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.KeyFactory;
import org.opendaylight.groupbasedpolicy.test.CustomDataBrokerTest;
import org.opendaylight.groupbasedpolicy.renderer.vpp.DtoFactory;
import org.opendaylight.groupbasedpolicy.renderer.vpp.event.RendererPolicyConfEvent;
import org.opendaylight.groupbasedpolicy.renderer.vpp.event.VppEndpointConfEvent;
-import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.AclManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.InterfaceManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.iface.VppEndpointLocationProvider;
import org.opendaylight.groupbasedpolicy.renderer.vpp.nat.NatManager;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.acl.AclManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.routing.RoutingManager;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.KeyFactory;
import org.opendaylight.groupbasedpolicy.renderer.vpp.util.MountedDataBrokerProvider;
@Test
public void testRendererPolicyChanged_created_oneEpPerEpg() throws Exception {
- String clientIp = "1.1.1.1";
+ String clientIp = "1.1.1.1/32";
String clientIfaceName = "client1";
AbsoluteLocation clientLocation = DtoFactory.absoluteLocation(DtoFactory.VPP_NODE_1_IID, null, clientIfaceName);
AddressEndpointWithLocation clientEp =
DtoFactory.createEndpoint(clientIp, DtoFactory.L2FD_CTX.getValue(), clientLocation);
- String webIp = "2.2.2.2";
+ String webIp = "2.2.2.2/32";
String webIfaceName = "web1";
AbsoluteLocation webLocation = DtoFactory.absoluteLocation(DtoFactory.VPP_NODE_1_IID, null, webIfaceName);
AddressEndpointWithLocation webEp =
AbsoluteLocation client1LocationNodeNull =
DtoFactory.absoluteLocation(DtoFactory.VPP_NODE_1_IID, null, client1IfaceName);
AddressEndpointWithLocation client1Ep =
- DtoFactory.createEndpoint("10.0.0.1", DtoFactory.L2FD_CTX.getValue(), client1LocationNodeNull);
+ DtoFactory.createEndpoint("10.0.0.1/32", DtoFactory.L2FD_CTX.getValue(), client1LocationNodeNull);
String web1IfaceName = "web1";
AbsoluteLocation web1LocationNodeNull =
DtoFactory.absoluteLocation(DtoFactory.VPP_NODE_2_IID, null, web1IfaceName);
AddressEndpointWithLocation web1Ep =
- DtoFactory.createEndpoint("20.0.0.1", DtoFactory.L2FD_CTX.getValue(), web1LocationNodeNull);
+ DtoFactory.createEndpoint("20.0.0.1/32", DtoFactory.L2FD_CTX.getValue(), web1LocationNodeNull);
String client2IfaceName = "client2";
AbsoluteLocation client2LocationNodeNull =
DtoFactory.absoluteLocation(DtoFactory.VPP_NODE_1_IID, null, client2IfaceName);
AddressEndpointWithLocation client2Ep =
- DtoFactory.createEndpoint("10.0.0.2", DtoFactory.L2FD_CTX.getValue(), client2LocationNodeNull);
+ DtoFactory.createEndpoint("10.0.0.2/32", DtoFactory.L2FD_CTX.getValue(), client2LocationNodeNull);
String web2IfaceName = "web2";
AbsoluteLocation web2LocationNodeNull =
DtoFactory.absoluteLocation(DtoFactory.VPP_NODE_2_IID, null, web2IfaceName);
AddressEndpointWithLocation web2Ep =
- DtoFactory.createEndpoint("20.0.0.2", DtoFactory.L2FD_CTX.getValue(), web2LocationNodeNull);
+ DtoFactory.createEndpoint("20.0.0.2/32", DtoFactory.L2FD_CTX.getValue(), web2LocationNodeNull);
storeVppEndpoint(client1Ep.getKey(), client1IfaceName, createVppEndpointIid(client1Ep.getKey()));
storeVppEndpoint(web1Ep.getKey(), web1IfaceName, createVppEndpointIid(web1Ep.getKey()));
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
+import org.mockito.Mockito;
+import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.groupbasedpolicy.renderer.vpp.policy.PolicyContext;
+import org.opendaylight.groupbasedpolicy.renderer.vpp.util.MountedDataBrokerProvider;
+import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
+
+import com.google.common.base.Optional;
public class AccessListUtilTest extends TestResources {
private PolicyContext ctx;
+ private MountedDataBrokerProvider mountedDataProviderMock;
+ private DataBroker mountPointDataBroker;
@Before
public void init() {
ctx = super.createPolicyContext();
+ mountedDataProviderMock = Mockito.mock(MountedDataBrokerProvider.class);
+ mountPointDataBroker = Mockito.mock(DataBroker.class);
+ Mockito.when(mountedDataProviderMock.getDataBrokerForMountPoint(Mockito.any(InstanceIdentifier.class)))
+ .thenReturn(Optional.of(mountPointDataBroker));
}
@Test
public void resolveAclsOnInterfaceTest() {
// TODO add more checking
+ AclManager aclManager = new AclManager(mountedDataProviderMock);
List<AccessListWrapper> acls =
- AccessListUtil.resolveAclsOnInterface(rendererEndpoint(l2AddrEp2).build().getKey(), ctx);
+ aclManager.resolveAclsOnInterface(rendererEndpoint(l2AddrEp2).build().getKey(), ctx);
Assert.assertEquals(2, acls.size());
Assert.assertEquals(2, acls.stream().map(AccessListWrapper::getDirection).collect(Collectors.toSet()).size());
acls.stream().forEach(ace -> {