use of org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAcl in project netvirt by opendaylight.
the class NeutronPortChangeListener method update.
@Override
protected void update(InstanceIdentifier<Port> identifier, Port original, Port update) {
// in order to validate the supported vnic types from the hostconfig
if (isPortTypeSwitchdev(original) && !isPortBound(original) && isPortBound(update)) {
handleNeutronPortCreated(update);
}
final String portName = update.getUuid().getValue();
Network network = neutronvpnUtils.getNeutronNetwork(update.getNetworkId());
LOG.info("Update port {} from network {}", portName, update.getNetworkId().toString());
if (network == null || !NeutronvpnUtils.isNetworkTypeSupported(network)) {
LOG.error("neutron vpn received a port update() for a network without a provider extension augmentation " + "or with an unsupported network type for the port {} which is part of network {}", portName, network);
return;
}
neutronvpnUtils.addToPortCache(update);
if ((Strings.isNullOrEmpty(original.getDeviceOwner()) || Strings.isNullOrEmpty(original.getDeviceId()) || NeutronConstants.FLOATING_IP_DEVICE_ID_PENDING.equalsIgnoreCase(original.getDeviceId())) && !Strings.isNullOrEmpty(update.getDeviceOwner()) && !Strings.isNullOrEmpty(update.getDeviceId())) {
if (update.getDeviceOwner().equals(NeutronConstants.DEVICE_OWNER_ROUTER_INF)) {
handleRouterInterfaceAdded(update);
return;
}
if (NeutronConstants.DEVICE_OWNER_GATEWAY_INF.equals(update.getDeviceOwner())) {
handleRouterGatewayUpdated(update);
} else if (NeutronConstants.DEVICE_OWNER_FLOATING_IP.equals(update.getDeviceOwner())) {
handleFloatingIpPortUpdated(original, update);
}
} else {
Set<FixedIps> oldIPs = getFixedIpSet(original.getFixedIps());
Set<FixedIps> newIPs = getFixedIpSet(update.getFixedIps());
if (!oldIPs.equals(newIPs)) {
handleNeutronPortUpdated(original, update);
}
}
// check if port security enabled/disabled as part of port update
boolean origSecurityEnabled = NeutronvpnUtils.getPortSecurityEnabled(original);
boolean updatedSecurityEnabled = NeutronvpnUtils.getPortSecurityEnabled(update);
if (origSecurityEnabled || updatedSecurityEnabled) {
InstanceIdentifier<Interface> interfaceIdentifier = NeutronvpnUtils.buildVlanInterfaceIdentifier(portName);
jobCoordinator.enqueueJob("PORT- " + portName, () -> {
WriteTransaction wrtConfigTxn = dataBroker.newWriteOnlyTransaction();
try {
Optional<Interface> optionalInf = SingleTransactionDataBroker.syncReadOptional(dataBroker, LogicalDatastoreType.CONFIGURATION, interfaceIdentifier);
if (optionalInf.isPresent()) {
InterfaceBuilder interfaceBuilder = new InterfaceBuilder(optionalInf.get());
InterfaceAcl infAcl = handlePortSecurityUpdated(original, update, origSecurityEnabled, updatedSecurityEnabled, interfaceBuilder).build();
interfaceBuilder.addAugmentation(InterfaceAcl.class, infAcl);
LOG.info("update: Of-port-interface updation for port {}", portName);
// Update OFPort interface for this neutron port
wrtConfigTxn.put(LogicalDatastoreType.CONFIGURATION, interfaceIdentifier, interfaceBuilder.build());
} else {
LOG.warn("update: Interface {} is not present", portName);
}
} catch (ReadFailedException e) {
LOG.error("update: Failed to update interface {}", portName, e);
}
List<ListenableFuture<Void>> futures = new ArrayList<>();
futures.add(wrtConfigTxn.submit());
return futures;
});
}
}
use of org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAcl in project netvirt by opendaylight.
the class NeutronPortChangeListener method handlePortSecurityUpdated.
private static InterfaceAclBuilder handlePortSecurityUpdated(Port portOriginal, Port portUpdated, boolean origSecurityEnabled, boolean updatedSecurityEnabled, InterfaceBuilder interfaceBuilder) {
InterfaceAclBuilder interfaceAclBuilder = null;
if (origSecurityEnabled != updatedSecurityEnabled) {
interfaceAclBuilder = new InterfaceAclBuilder();
interfaceAclBuilder.setPortSecurityEnabled(updatedSecurityEnabled);
if (updatedSecurityEnabled) {
// Handle security group enabled
NeutronvpnUtils.populateInterfaceAclBuilder(interfaceAclBuilder, portUpdated);
} else {
// Handle security group disabled
interfaceAclBuilder.setSecurityGroups(new ArrayList<>());
interfaceAclBuilder.setAllowedAddressPairs(new ArrayList<>());
}
} else {
if (updatedSecurityEnabled) {
// handle SG add/delete delta
InterfaceAcl interfaceAcl = interfaceBuilder.getAugmentation(InterfaceAcl.class);
interfaceAclBuilder = new InterfaceAclBuilder(interfaceAcl);
interfaceAclBuilder.setSecurityGroups(NeutronvpnUtils.getUpdatedSecurityGroups(interfaceAcl.getSecurityGroups(), portOriginal.getSecurityGroups(), portUpdated.getSecurityGroups()));
List<AllowedAddressPairs> updatedAddressPairs = NeutronvpnUtils.getUpdatedAllowedAddressPairs(interfaceAcl.getAllowedAddressPairs(), portOriginal.getAllowedAddressPairs(), portUpdated.getAllowedAddressPairs());
interfaceAclBuilder.setAllowedAddressPairs(NeutronvpnUtils.getAllowedAddressPairsForFixedIps(updatedAddressPairs, portOriginal.getMacAddress(), portOriginal.getFixedIps(), portUpdated.getFixedIps()));
}
}
return interfaceAclBuilder;
}
Aggregations