Search in sources :

Example 6 with InterfaceAcl

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAcl in project netvirt by opendaylight.

the class NeutronPortChangeListener method update.

@Override
protected void update(InstanceIdentifier<Port> identifier, Port original, Port update) {
    // in order to validate the supported vnic types from the hostconfig
    if (isPortTypeSwitchdev(original) && !isPortBound(original) && isPortBound(update)) {
        handleNeutronPortCreated(update);
    }
    final String portName = update.getUuid().getValue();
    Network network = neutronvpnUtils.getNeutronNetwork(update.getNetworkId());
    LOG.info("Update port {} from network {}", portName, update.getNetworkId().toString());
    if (network == null || !NeutronvpnUtils.isNetworkTypeSupported(network)) {
        LOG.error("neutron vpn received a port update() for a network without a provider extension augmentation " + "or with an unsupported network type for the port {} which is part of network {}", portName, network);
        return;
    }
    neutronvpnUtils.addToPortCache(update);
    if ((Strings.isNullOrEmpty(original.getDeviceOwner()) || Strings.isNullOrEmpty(original.getDeviceId()) || NeutronConstants.FLOATING_IP_DEVICE_ID_PENDING.equalsIgnoreCase(original.getDeviceId())) && !Strings.isNullOrEmpty(update.getDeviceOwner()) && !Strings.isNullOrEmpty(update.getDeviceId())) {
        if (update.getDeviceOwner().equals(NeutronConstants.DEVICE_OWNER_ROUTER_INF)) {
            handleRouterInterfaceAdded(update);
            return;
        }
        if (NeutronConstants.DEVICE_OWNER_GATEWAY_INF.equals(update.getDeviceOwner())) {
            handleRouterGatewayUpdated(update);
        } else if (NeutronConstants.DEVICE_OWNER_FLOATING_IP.equals(update.getDeviceOwner())) {
            handleFloatingIpPortUpdated(original, update);
        }
    } else {
        Set<FixedIps> oldIPs = getFixedIpSet(original.getFixedIps());
        Set<FixedIps> newIPs = getFixedIpSet(update.getFixedIps());
        if (!oldIPs.equals(newIPs)) {
            handleNeutronPortUpdated(original, update);
        }
    }
    // check if port security enabled/disabled as part of port update
    boolean origSecurityEnabled = NeutronvpnUtils.getPortSecurityEnabled(original);
    boolean updatedSecurityEnabled = NeutronvpnUtils.getPortSecurityEnabled(update);
    if (origSecurityEnabled || updatedSecurityEnabled) {
        InstanceIdentifier<Interface> interfaceIdentifier = NeutronvpnUtils.buildVlanInterfaceIdentifier(portName);
        jobCoordinator.enqueueJob("PORT- " + portName, () -> {
            WriteTransaction wrtConfigTxn = dataBroker.newWriteOnlyTransaction();
            try {
                Optional<Interface> optionalInf = SingleTransactionDataBroker.syncReadOptional(dataBroker, LogicalDatastoreType.CONFIGURATION, interfaceIdentifier);
                if (optionalInf.isPresent()) {
                    InterfaceBuilder interfaceBuilder = new InterfaceBuilder(optionalInf.get());
                    InterfaceAcl infAcl = handlePortSecurityUpdated(original, update, origSecurityEnabled, updatedSecurityEnabled, interfaceBuilder).build();
                    interfaceBuilder.addAugmentation(InterfaceAcl.class, infAcl);
                    LOG.info("update: Of-port-interface updation for port {}", portName);
                    // Update OFPort interface for this neutron port
                    wrtConfigTxn.put(LogicalDatastoreType.CONFIGURATION, interfaceIdentifier, interfaceBuilder.build());
                } else {
                    LOG.warn("update: Interface {} is not present", portName);
                }
            } catch (ReadFailedException e) {
                LOG.error("update: Failed to update interface {}", portName, e);
            }
            List<ListenableFuture<Void>> futures = new ArrayList<>();
            futures.add(wrtConfigTxn.submit());
            return futures;
        });
    }
}
Also used : WriteTransaction(org.opendaylight.controller.md.sal.binding.api.WriteTransaction) ReadFailedException(org.opendaylight.controller.md.sal.common.api.data.ReadFailedException) ArrayList(java.util.ArrayList) ElanInterfaceBuilder(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.elan.interfaces.ElanInterfaceBuilder) InterfaceBuilder(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.InterfaceBuilder) InterfaceAcl(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAcl) Network(org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.networks.rev150712.networks.attributes.networks.Network) ListenableFuture(com.google.common.util.concurrent.ListenableFuture) FixedIps(org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.ports.rev150712.port.attributes.FixedIps) Interface(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.Interface) ElanInterface(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.elan.interfaces.ElanInterface)

Example 7 with InterfaceAcl

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAcl in project netvirt by opendaylight.

the class NeutronPortChangeListener method handlePortSecurityUpdated.

private static InterfaceAclBuilder handlePortSecurityUpdated(Port portOriginal, Port portUpdated, boolean origSecurityEnabled, boolean updatedSecurityEnabled, InterfaceBuilder interfaceBuilder) {
    InterfaceAclBuilder interfaceAclBuilder = null;
    if (origSecurityEnabled != updatedSecurityEnabled) {
        interfaceAclBuilder = new InterfaceAclBuilder();
        interfaceAclBuilder.setPortSecurityEnabled(updatedSecurityEnabled);
        if (updatedSecurityEnabled) {
            // Handle security group enabled
            NeutronvpnUtils.populateInterfaceAclBuilder(interfaceAclBuilder, portUpdated);
        } else {
            // Handle security group disabled
            interfaceAclBuilder.setSecurityGroups(new ArrayList<>());
            interfaceAclBuilder.setAllowedAddressPairs(new ArrayList<>());
        }
    } else {
        if (updatedSecurityEnabled) {
            // handle SG add/delete delta
            InterfaceAcl interfaceAcl = interfaceBuilder.getAugmentation(InterfaceAcl.class);
            interfaceAclBuilder = new InterfaceAclBuilder(interfaceAcl);
            interfaceAclBuilder.setSecurityGroups(NeutronvpnUtils.getUpdatedSecurityGroups(interfaceAcl.getSecurityGroups(), portOriginal.getSecurityGroups(), portUpdated.getSecurityGroups()));
            List<AllowedAddressPairs> updatedAddressPairs = NeutronvpnUtils.getUpdatedAllowedAddressPairs(interfaceAcl.getAllowedAddressPairs(), portOriginal.getAllowedAddressPairs(), portUpdated.getAllowedAddressPairs());
            interfaceAclBuilder.setAllowedAddressPairs(NeutronvpnUtils.getAllowedAddressPairsForFixedIps(updatedAddressPairs, portOriginal.getMacAddress(), portOriginal.getFixedIps(), portUpdated.getFixedIps()));
        }
    }
    return interfaceAclBuilder;
}
Also used : InterfaceAclBuilder(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAclBuilder) AllowedAddressPairs(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs) InterfaceAcl(org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAcl)

Aggregations

InterfaceAcl (org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAcl)6 AclInterface (org.opendaylight.netvirt.aclservice.api.utils.AclInterface)5 ArrayList (java.util.ArrayList)3 Uuid (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid)3 Interface (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.Interface)2 InterfaceBuilder (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.InterfaceBuilder)2 InterfaceAclBuilder (org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAclBuilder)2 ListenableFuture (com.google.common.util.concurrent.ListenableFuture)1 ExecutionException (java.util.concurrent.ExecutionException)1 WriteTransaction (org.opendaylight.controller.md.sal.binding.api.WriteTransaction)1 ReadFailedException (org.opendaylight.controller.md.sal.common.api.data.ReadFailedException)1 ServiceRecoveryInterface (org.opendaylight.genius.srm.ServiceRecoveryInterface)1 L2vlan (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana._if.type.rev140508.L2vlan)1 DirectionEgress (org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.DirectionEgress)1 IpPrefixOrAddress (org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.IpPrefixOrAddress)1 AllowedAddressPairs (org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs)1 ElanInterface (org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.elan.interfaces.ElanInterface)1 ElanInterfaceBuilder (org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.elan.rev150602.elan.interfaces.ElanInterfaceBuilder)1 Network (org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.networks.rev150712.networks.attributes.networks.Network)1 FixedIps (org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.ports.rev150712.port.attributes.FixedIps)1