Committed by
Gerrit Code Review
Refactored OpenstackSwitching app
[DONE] - Restructured to activate or deactivate switching and routing app separately - Fixed to add or remove host when port is detected or vanished - Use openstack node service to get integration bridges and data IP [TODO] - Remove use of OpenstackPortInfo - Support installing flow rules for exising VMs - Call security group update method when port update triggered from OpenStack Change-Id: Ic0b2ac3f7ab07f0e20c97c6edfdd1928b9767baf
Showing
39 changed files
with
1444 additions
and
1777 deletions
... | @@ -117,8 +117,8 @@ APPS = [ | ... | @@ -117,8 +117,8 @@ APPS = [ |
117 | '//apps/mlb:onos-apps-mlb-oar', | 117 | '//apps/mlb:onos-apps-mlb-oar', |
118 | '//apps/openstackinterface:onos-apps-openstackinterface-oar', | 118 | '//apps/openstackinterface:onos-apps-openstackinterface-oar', |
119 | '//apps/openstacknetworking:onos-apps-openstacknetworking-oar', | 119 | '//apps/openstacknetworking:onos-apps-openstacknetworking-oar', |
120 | - '//apps/openstacknetworking/openstackrouting:onos-apps-openstacknetworking-openstackrouting-oar', | 120 | + '//apps/openstacknetworking/routing:onos-apps-openstacknetworking-routing-oar', |
121 | - '//apps/openstacknetworking/openstackswitching:onos-apps-openstacknetworking-openstackswitching-oar', | 121 | + '//apps/openstacknetworking/switching:onos-apps-openstacknetworking-switching-oar', |
122 | '//apps/mobility:onos-apps-mobility-oar', | 122 | '//apps/mobility:onos-apps-mobility-oar', |
123 | '//apps/optical:onos-apps-optical-oar', | 123 | '//apps/optical:onos-apps-optical-oar', |
124 | '//apps/newoptical:onos-apps-newoptical-oar', | 124 | '//apps/newoptical:onos-apps-newoptical-oar', | ... | ... |
... | @@ -8,5 +8,5 @@ onos_app ( | ... | @@ -8,5 +8,5 @@ onos_app ( |
8 | category = 'Utility', | 8 | category = 'Utility', |
9 | url = 'http://onosproject.org', | 9 | url = 'http://onosproject.org', |
10 | included_bundles = BUNDLES, | 10 | included_bundles = BUNDLES, |
11 | - required_apps = [ 'org.onosproject.openstackinterface' ], | 11 | + required_apps = [ 'org.onosproject.openstackrouting', 'org.onosproject.openstackswitching' ] |
12 | ) | 12 | ) | ... | ... |
... | @@ -19,14 +19,12 @@ import org.onlab.packet.Ip4Address; | ... | @@ -19,14 +19,12 @@ import org.onlab.packet.Ip4Address; |
19 | import org.onlab.packet.MacAddress; | 19 | import org.onlab.packet.MacAddress; |
20 | import org.onosproject.net.DeviceId; | 20 | import org.onosproject.net.DeviceId; |
21 | 21 | ||
22 | -import java.util.Collection; | ||
23 | -import java.util.Collections; | ||
24 | - | ||
25 | import static com.google.common.base.Preconditions.checkNotNull; | 22 | import static com.google.common.base.Preconditions.checkNotNull; |
26 | 23 | ||
27 | /** | 24 | /** |
28 | * Contains OpenstackPort Information. | 25 | * Contains OpenstackPort Information. |
29 | */ | 26 | */ |
27 | +// TODO remove this | ||
30 | public final class OpenstackPortInfo { | 28 | public final class OpenstackPortInfo { |
31 | private final Ip4Address hostIp; | 29 | private final Ip4Address hostIp; |
32 | private final MacAddress hostMac; | 30 | private final MacAddress hostMac; |
... | @@ -34,7 +32,6 @@ public final class OpenstackPortInfo { | ... | @@ -34,7 +32,6 @@ public final class OpenstackPortInfo { |
34 | private final long vni; | 32 | private final long vni; |
35 | private final Ip4Address gatewayIP; | 33 | private final Ip4Address gatewayIP; |
36 | private final String networkId; | 34 | private final String networkId; |
37 | - private final Collection<String> securityGroups; | ||
38 | 35 | ||
39 | /** | 36 | /** |
40 | * Returns OpenstackPortInfo reference. | 37 | * Returns OpenstackPortInfo reference. |
... | @@ -45,17 +42,15 @@ public final class OpenstackPortInfo { | ... | @@ -45,17 +42,15 @@ public final class OpenstackPortInfo { |
45 | * @param vni tunnel ID | 42 | * @param vni tunnel ID |
46 | * @param gatewayIP gateway IP address | 43 | * @param gatewayIP gateway IP address |
47 | * @param networkId network identifier | 44 | * @param networkId network identifier |
48 | - * @param securityGroups security group list | ||
49 | */ | 45 | */ |
50 | public OpenstackPortInfo(Ip4Address hostIp, MacAddress hostMac, DeviceId deviceId, long vni, | 46 | public OpenstackPortInfo(Ip4Address hostIp, MacAddress hostMac, DeviceId deviceId, long vni, |
51 | - Ip4Address gatewayIP, String networkId, Collection<String> securityGroups) { | 47 | + Ip4Address gatewayIP, String networkId) { |
52 | this.hostIp = hostIp; | 48 | this.hostIp = hostIp; |
53 | this.hostMac = hostMac; | 49 | this.hostMac = hostMac; |
54 | this.deviceId = deviceId; | 50 | this.deviceId = deviceId; |
55 | this.vni = vni; | 51 | this.vni = vni; |
56 | this.gatewayIP = gatewayIP; | 52 | this.gatewayIP = gatewayIP; |
57 | this.networkId = networkId; | 53 | this.networkId = networkId; |
58 | - this.securityGroups = securityGroups; | ||
59 | } | 54 | } |
60 | 55 | ||
61 | /** | 56 | /** |
... | @@ -113,15 +108,6 @@ public final class OpenstackPortInfo { | ... | @@ -113,15 +108,6 @@ public final class OpenstackPortInfo { |
113 | } | 108 | } |
114 | 109 | ||
115 | /** | 110 | /** |
116 | - * Returns Security Group ID list. | ||
117 | - * | ||
118 | - * @return list of Security Group ID | ||
119 | - */ | ||
120 | - public Collection<String> securityGroups() { | ||
121 | - return Collections.unmodifiableCollection(securityGroups); | ||
122 | - } | ||
123 | - | ||
124 | - /** | ||
125 | * Returns the builder of the OpenstackPortInfo. | 111 | * Returns the builder of the OpenstackPortInfo. |
126 | * | 112 | * |
127 | * @return OpenstackPortInfo builder reference | 113 | * @return OpenstackPortInfo builder reference |
... | @@ -140,7 +126,6 @@ public final class OpenstackPortInfo { | ... | @@ -140,7 +126,6 @@ public final class OpenstackPortInfo { |
140 | private DeviceId deviceId; | 126 | private DeviceId deviceId; |
141 | private long vni; | 127 | private long vni; |
142 | private Ip4Address gatewayIP; | 128 | private Ip4Address gatewayIP; |
143 | - private Collection<String> securityGroups; | ||
144 | private String networkId; | 129 | private String networkId; |
145 | 130 | ||
146 | /** | 131 | /** |
... | @@ -210,23 +195,12 @@ public final class OpenstackPortInfo { | ... | @@ -210,23 +195,12 @@ public final class OpenstackPortInfo { |
210 | } | 195 | } |
211 | 196 | ||
212 | /** | 197 | /** |
213 | - * Sets the security group ID list. | ||
214 | - * | ||
215 | - * @param securityGroups security group ID list | ||
216 | - * @return Builder reference | ||
217 | - */ | ||
218 | - public Builder setSecurityGroups(Collection<String> securityGroups) { | ||
219 | - this.securityGroups = securityGroups; | ||
220 | - return this; | ||
221 | - } | ||
222 | - | ||
223 | - /** | ||
224 | * Builds the OpenstackPortInfo reference. | 198 | * Builds the OpenstackPortInfo reference. |
225 | * | 199 | * |
226 | * @return OpenstackPortInfo reference | 200 | * @return OpenstackPortInfo reference |
227 | */ | 201 | */ |
228 | public OpenstackPortInfo build() { | 202 | public OpenstackPortInfo build() { |
229 | - return new OpenstackPortInfo(hostIp, hostMac, deviceId, vni, gatewayIP, networkId, securityGroups); | 203 | + return new OpenstackPortInfo(hostIp, hostMac, deviceId, vni, gatewayIP, networkId); |
230 | } | 204 | } |
231 | } | 205 | } |
232 | } | 206 | } | ... | ... |
... | @@ -15,57 +15,19 @@ | ... | @@ -15,57 +15,19 @@ |
15 | */ | 15 | */ |
16 | package org.onosproject.openstacknetworking; | 16 | package org.onosproject.openstacknetworking; |
17 | 17 | ||
18 | -import org.onosproject.openstackinterface.OpenstackNetwork; | ||
19 | -import org.onosproject.openstackinterface.OpenstackPort; | ||
20 | -import org.onosproject.openstackinterface.OpenstackSubnet; | ||
21 | - | ||
22 | import java.util.Map; | 18 | import java.util.Map; |
23 | 19 | ||
24 | /** | 20 | /** |
25 | * Handles port management REST API from Openstack for VMs. | 21 | * Handles port management REST API from Openstack for VMs. |
26 | */ | 22 | */ |
23 | +// TODO remove this | ||
27 | public interface OpenstackSwitchingService { | 24 | public interface OpenstackSwitchingService { |
28 | 25 | ||
29 | /** | 26 | /** |
30 | - * Store the port information created by Openstack. | ||
31 | - * | ||
32 | - * @param openstackPort port information | ||
33 | - */ | ||
34 | - void createPorts(OpenstackPort openstackPort); | ||
35 | - | ||
36 | - /** | ||
37 | - * Removes flow rules corresponding to the port removed by Openstack. | ||
38 | - * | ||
39 | - * @param uuid UUID | ||
40 | - */ | ||
41 | - void removePort(String uuid); | ||
42 | - | ||
43 | - /** | ||
44 | - * Updates flow rules corresponding to the port information updated by Openstack. | ||
45 | - * | ||
46 | - * @param openstackPort OpenStack port | ||
47 | - */ | ||
48 | - void updatePort(OpenstackPort openstackPort); | ||
49 | - | ||
50 | - /** | ||
51 | - * Stores the network information created by openstack. | ||
52 | - * | ||
53 | - * @param openstackNetwork network information | ||
54 | - */ | ||
55 | - void createNetwork(OpenstackNetwork openstackNetwork); | ||
56 | - | ||
57 | - /** | ||
58 | - * Stores the subnet information created by openstack. | ||
59 | - * | ||
60 | - * @param openstackSubnet subnet information | ||
61 | - */ | ||
62 | - void createSubnet(OpenstackSubnet openstackSubnet); | ||
63 | - | ||
64 | - /** | ||
65 | * Retruns OpenstackPortInfo map. | 27 | * Retruns OpenstackPortInfo map. |
66 | * | 28 | * |
67 | * @return OpenstackPortInfo map | 29 | * @return OpenstackPortInfo map |
68 | */ | 30 | */ |
31 | + // TODO remove this | ||
69 | Map<String, OpenstackPortInfo> openstackPortInfo(); | 32 | Map<String, OpenstackPortInfo> openstackPortInfo(); |
70 | - | ||
71 | } | 33 | } | ... | ... |
apps/openstacknetworking/app/app.xml
deleted
100644 → 0
1 | -<?xml version="1.0" encoding="UTF-8"?> | ||
2 | -<!-- | ||
3 | - ~ Copyright 2016-present Open Networking Laboratory | ||
4 | - ~ | ||
5 | - ~ Licensed under the Apache License, Version 2.0 (the "License"); | ||
6 | - ~ you may not use this file except in compliance with the License. | ||
7 | - ~ You may obtain a copy of the License at | ||
8 | - ~ | ||
9 | - ~ http://www.apache.org/licenses/LICENSE-2.0 | ||
10 | - ~ | ||
11 | - ~ Unless required by applicable law or agreed to in writing, software | ||
12 | - ~ distributed under the License is distributed on an "AS IS" BASIS, | ||
13 | - ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
14 | - ~ See the License for the specific language governing permissions and | ||
15 | - ~ limitations under the License. | ||
16 | - --> | ||
17 | -<app name="org.onosproject.openstacknetworking" origin="ON.Lab" version="${project.version}" | ||
18 | - category="Utility" url="http://onosproject.org" title="OpenStack Networking App" | ||
19 | - featuresRepo="mvn:${project.groupId}/${project.artifactId}/${project.version}/xml/features" | ||
20 | - features="${project.artifactId}" | ||
21 | - apps="org.onosproject.openstackswitching,org.onosproject.openstackrouting"> | ||
22 | - <description>${project.description}</description> | ||
23 | - <artifact>mvn:${project.groupId}/onos-app-openstacknetworking-api/${project.version}</artifact> | ||
24 | - <artifact>mvn:${project.groupId}/onos-app-openstacknetworking-web/${project.version}</artifact> | ||
25 | -</app> |
apps/openstacknetworking/app/pom.xml
deleted
100644 → 0
1 | -<?xml version="1.0" encoding="UTF-8"?> | ||
2 | -<!-- | ||
3 | - ~ Copyright 2016-present Open Networking Laboratory | ||
4 | - ~ | ||
5 | - ~ Licensed under the Apache License, Version 2.0 (the "License"); | ||
6 | - ~ you may not use this file except in compliance with the License. | ||
7 | - ~ You may obtain a copy of the License at | ||
8 | - ~ | ||
9 | - ~ http://www.apache.org/licenses/LICENSE-2.0 | ||
10 | - ~ | ||
11 | - ~ Unless required by applicable law or agreed to in writing, software | ||
12 | - ~ distributed under the License is distributed on an "AS IS" BASIS, | ||
13 | - ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
14 | - ~ See the License for the specific language governing permissions and | ||
15 | - ~ limitations under the License. | ||
16 | - --> | ||
17 | -<project xmlns="http://maven.apache.org/POM/4.0.0" | ||
18 | - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
19 | - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
20 | - <modelVersion>4.0.0</modelVersion> | ||
21 | - | ||
22 | - <parent> | ||
23 | - <groupId>org.onosproject</groupId> | ||
24 | - <artifactId>onos-app-openstacknetworking</artifactId> | ||
25 | - <version>1.7.0-SNAPSHOT</version> | ||
26 | - </parent> | ||
27 | - | ||
28 | - <artifactId>onos-app-openstacknetworking-app</artifactId> | ||
29 | - <packaging>pom</packaging> | ||
30 | - | ||
31 | - <properties> | ||
32 | - <onos.app.readme>Openstack Networking Application.</onos.app.readme> | ||
33 | - </properties> | ||
34 | - | ||
35 | - <description>SONA Openstack Networking main Application</description> | ||
36 | - | ||
37 | - <dependencies> | ||
38 | - <dependency> | ||
39 | - <groupId>org.onosproject</groupId> | ||
40 | - <artifactId>onos-app-openstackswitching</artifactId> | ||
41 | - <version>${project.version}</version> | ||
42 | - </dependency> | ||
43 | - <dependency> | ||
44 | - <groupId>org.onosproject</groupId> | ||
45 | - <artifactId>onos-app-openstackrouting</artifactId> | ||
46 | - <version>${project.version}</version> | ||
47 | - </dependency> | ||
48 | - <dependency> | ||
49 | - <groupId>org.onosproject</groupId> | ||
50 | - <artifactId>onos-app-openstacknetworking-api</artifactId> | ||
51 | - <version>${project.version}</version> | ||
52 | - </dependency> | ||
53 | - <dependency> | ||
54 | - <groupId>org.onosproject</groupId> | ||
55 | - <artifactId>onos-app-openstacknetworking-web</artifactId> | ||
56 | - <version>${project.version}</version> | ||
57 | - </dependency> | ||
58 | - </dependencies> | ||
59 | -</project> |
1 | -<?xml version="1.0" encoding="UTF-8"?> | ||
2 | -<!-- | ||
3 | - ~ Copyright 2016-present Open Networking Laboratory | ||
4 | - ~ | ||
5 | - ~ Licensed under the Apache License, Version 2.0 (the "License"); | ||
6 | - ~ you may not use this file except in compliance with the License. | ||
7 | - ~ You may obtain a copy of the License at | ||
8 | - ~ | ||
9 | - ~ http://www.apache.org/licenses/LICENSE-2.0 | ||
10 | - ~ | ||
11 | - ~ Unless required by applicable law or agreed to in writing, software | ||
12 | - ~ distributed under the License is distributed on an "AS IS" BASIS, | ||
13 | - ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
14 | - ~ See the License for the specific language governing permissions and | ||
15 | - ~ limitations under the License. | ||
16 | - --> | ||
17 | -<app name="org.onosproject.openstackrouting" origin="ON.Lab" version="${project.version}" | ||
18 | - category="default" url="http://onosproject.org" | ||
19 | - featuresRepo="mvn:${project.groupId}/${project.artifactId}/${project.version}/xml/features" | ||
20 | - features="${project.artifactId}" > | ||
21 | - <description>${project.description}</description> | ||
22 | - <artifact>mvn:${project.groupId}/onos-app-openstackrouting/${project.version}</artifact> | ||
23 | - <artifact>mvn:${project.groupId}/onos-app-openstacknetworking-api/${project.version}</artifact> | ||
24 | -</app> |
1 | -<?xml version="1.0" encoding="UTF-8" standalone="yes"?> | ||
2 | -<!-- | ||
3 | - ~ Copyright 2016-present Open Networking Laboratory | ||
4 | - ~ | ||
5 | - ~ Licensed under the Apache License, Version 2.0 (the "License"); | ||
6 | - ~ you may not use this file except in compliance with the License. | ||
7 | - ~ You may obtain a copy of the License at | ||
8 | - ~ | ||
9 | - ~ http://www.apache.org/licenses/LICENSE-2.0 | ||
10 | - ~ | ||
11 | - ~ Unless required by applicable law or agreed to in writing, software | ||
12 | - ~ distributed under the License is distributed on an "AS IS" BASIS, | ||
13 | - ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
14 | - ~ See the License for the specific language governing permissions and | ||
15 | - ~ limitations under the License. | ||
16 | - --> | ||
17 | -<features xmlns="http://karaf.apache.org/xmlns/features/v1.2.0" name="${project.artifactId}-${project.version}"> | ||
18 | - <feature name="${project.artifactId}" version="${project.version}" | ||
19 | - description="${project.description}"> | ||
20 | - <feature>onos-api</feature> | ||
21 | - <bundle>mvn:${project.groupId}/onos-app-openstackrouting/${project.version}</bundle> | ||
22 | - <bundle>mvn:${project.groupId}/onos-app-openstacknetworking-api/${project.version}</bundle> | ||
23 | - </feature> | ||
24 | -</features> |
1 | -<?xml version="1.0" encoding="UTF-8"?> | ||
2 | -<!-- | ||
3 | - ~ Copyright 2016-present Open Networking Laboratory | ||
4 | - ~ | ||
5 | - ~ Licensed under the Apache License, Version 2.0 (the "License"); | ||
6 | - ~ you may not use this file except in compliance with the License. | ||
7 | - ~ You may obtain a copy of the License at | ||
8 | - ~ | ||
9 | - ~ http://www.apache.org/licenses/LICENSE-2.0 | ||
10 | - ~ | ||
11 | - ~ Unless required by applicable law or agreed to in writing, software | ||
12 | - ~ distributed under the License is distributed on an "AS IS" BASIS, | ||
13 | - ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
14 | - ~ See the License for the specific language governing permissions and | ||
15 | - ~ limitations under the License. | ||
16 | - --> | ||
17 | -<app name="org.onosproject.openstackswitching" origin="ON.Lab" version="${project.version}" | ||
18 | - category="default" url="http://onosproject.org" | ||
19 | - featuresRepo="mvn:${project.groupId}/${project.artifactId}/${project.version}/xml/features" | ||
20 | - features="${project.artifactId}" | ||
21 | - apps="org.onosproject.dhcp"> | ||
22 | - <description>${project.description}</description> | ||
23 | - <artifact>mvn:${project.groupId}/onos-app-openstackswitching/${project.version}</artifact> | ||
24 | - <artifact>mvn:${project.groupId}/onos-app-openstacknetworking-api/${project.version}</artifact> | ||
25 | -</app> |
1 | -/* | ||
2 | -* Copyright 2016-present Open Networking Laboratory | ||
3 | -* | ||
4 | -* Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | -* you may not use this file except in compliance with the License. | ||
6 | -* You may obtain a copy of the License at | ||
7 | -* | ||
8 | -* http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | -* | ||
10 | -* Unless required by applicable law or agreed to in writing, software | ||
11 | -* distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | -* See the License for the specific language governing permissions and | ||
14 | -* limitations under the License. | ||
15 | -*/ | ||
16 | -package org.onosproject.openstacknetworking.switching; | ||
17 | - | ||
18 | -import org.onlab.packet.ARP; | ||
19 | -import org.onlab.packet.Ethernet; | ||
20 | -import org.onlab.packet.Ip4Address; | ||
21 | -import org.onlab.packet.IpAddress; | ||
22 | -import org.onlab.packet.MacAddress; | ||
23 | -import org.onosproject.net.Host; | ||
24 | -import org.onosproject.net.flow.DefaultTrafficTreatment; | ||
25 | -import org.onosproject.net.flow.TrafficTreatment; | ||
26 | -import org.onosproject.net.host.HostService; | ||
27 | -import org.onosproject.net.packet.DefaultOutboundPacket; | ||
28 | -import org.onosproject.net.packet.InboundPacket; | ||
29 | -import org.onosproject.net.packet.PacketService; | ||
30 | -import org.onosproject.openstackinterface.OpenstackInterfaceService; | ||
31 | -import org.onosproject.openstackinterface.OpenstackPort; | ||
32 | -import org.onosproject.openstacknetworking.OpenstackPortInfo; | ||
33 | -import org.slf4j.Logger; | ||
34 | -import org.slf4j.LoggerFactory; | ||
35 | -import java.nio.ByteBuffer; | ||
36 | -import java.util.Collection; | ||
37 | - | ||
38 | -import static com.google.common.base.Preconditions.checkNotNull; | ||
39 | - | ||
40 | -/** | ||
41 | - * Handles ARP packet from VMs. | ||
42 | - */ | ||
43 | -public class OpenstackArpHandler { | ||
44 | - | ||
45 | - private static Logger log = LoggerFactory | ||
46 | - .getLogger(OpenstackArpHandler.class); | ||
47 | - private static final MacAddress GATEWAY_MAC = MacAddress.valueOf("1f:1f:1f:1f:1f:1f"); | ||
48 | - private PacketService packetService; | ||
49 | - private OpenstackInterfaceService openstackService; | ||
50 | - private HostService hostService; | ||
51 | - | ||
52 | - /** | ||
53 | - * Returns OpenstackArpHandler reference. | ||
54 | - * | ||
55 | - * @param openstackService OpenstackNetworkingService reference | ||
56 | - * @param packetService PacketService reference | ||
57 | - * @param hostService host service | ||
58 | - */ | ||
59 | - public OpenstackArpHandler(OpenstackInterfaceService openstackService, PacketService packetService, | ||
60 | - HostService hostService) { | ||
61 | - this.openstackService = openstackService; | ||
62 | - this.packetService = packetService; | ||
63 | - this.hostService = hostService; | ||
64 | - } | ||
65 | - | ||
66 | - /** | ||
67 | - * Processes ARP request packets. | ||
68 | - * It checks if the target IP is owned by a known host first and then ask to | ||
69 | - * OpenStack if it's not. This ARP proxy does not support overlapping IP. | ||
70 | - * | ||
71 | - * @param pkt ARP request packet | ||
72 | - * @param openstackPortInfoCollection collection of port information | ||
73 | - */ | ||
74 | - public void processPacketIn(InboundPacket pkt, Collection<OpenstackPortInfo> openstackPortInfoCollection) { | ||
75 | - Ethernet ethRequest = pkt.parsed(); | ||
76 | - ARP arp = (ARP) ethRequest.getPayload(); | ||
77 | - | ||
78 | - if (arp.getOpCode() != ARP.OP_REQUEST) { | ||
79 | - return; | ||
80 | - } | ||
81 | - | ||
82 | - IpAddress sourceIp = Ip4Address.valueOf(arp.getSenderProtocolAddress()); | ||
83 | - MacAddress srcMac = MacAddress.valueOf(arp.getSenderHardwareAddress()); | ||
84 | - OpenstackPortInfo portInfo = openstackPortInfoCollection.stream() | ||
85 | - .filter(p -> p.ip().equals(sourceIp) && p.mac().equals(srcMac)).findFirst().orElse(null); | ||
86 | - IpAddress targetIp = Ip4Address.valueOf(arp.getTargetProtocolAddress()); | ||
87 | - | ||
88 | - MacAddress dstMac; | ||
89 | - | ||
90 | - if (targetIp.equals(portInfo == null ? null : portInfo.gatewayIP())) { | ||
91 | - dstMac = GATEWAY_MAC; | ||
92 | - } else { | ||
93 | - dstMac = getMacFromHostService(targetIp); | ||
94 | - if (dstMac == null) { | ||
95 | - dstMac = getMacFromOpenstack(targetIp); | ||
96 | - } | ||
97 | - } | ||
98 | - | ||
99 | - if (dstMac == null) { | ||
100 | - log.debug("Failed to find MAC address for {}", targetIp.toString()); | ||
101 | - return; | ||
102 | - } | ||
103 | - | ||
104 | - Ethernet ethReply = ARP.buildArpReply(targetIp.getIp4Address(), | ||
105 | - dstMac, | ||
106 | - ethRequest); | ||
107 | - | ||
108 | - TrafficTreatment treatment = DefaultTrafficTreatment.builder() | ||
109 | - .setOutput(pkt.receivedFrom().port()) | ||
110 | - .build(); | ||
111 | - | ||
112 | - packetService.emit(new DefaultOutboundPacket( | ||
113 | - pkt.receivedFrom().deviceId(), | ||
114 | - treatment, | ||
115 | - ByteBuffer.wrap(ethReply.serialize()))); | ||
116 | - } | ||
117 | - | ||
118 | - /** | ||
119 | - * Returns MAC address of a host with a given target IP address by asking to | ||
120 | - * OpenStack. It does not support overlapping IP. | ||
121 | - * | ||
122 | - * @param targetIp target ip address | ||
123 | - * @return mac address, or null if it fails to fetch the mac | ||
124 | - */ | ||
125 | - private MacAddress getMacFromOpenstack(IpAddress targetIp) { | ||
126 | - checkNotNull(targetIp); | ||
127 | - | ||
128 | - OpenstackPort openstackPort = openstackService.ports() | ||
129 | - .stream() | ||
130 | - .filter(port -> port.fixedIps().containsValue(targetIp)) | ||
131 | - .findFirst() | ||
132 | - .orElse(null); | ||
133 | - | ||
134 | - if (openstackPort != null) { | ||
135 | - log.debug("Found MAC from OpenStack for {}", targetIp.toString()); | ||
136 | - return openstackPort.macAddress(); | ||
137 | - } else { | ||
138 | - return null; | ||
139 | - } | ||
140 | - } | ||
141 | - | ||
142 | - /** | ||
143 | - * Returns MAC address of a host with a given target IP address by asking to | ||
144 | - * host service. It does not support overlapping IP. | ||
145 | - * | ||
146 | - * @param targetIp target ip | ||
147 | - * @return mac address, or null if it fails to find the mac | ||
148 | - */ | ||
149 | - private MacAddress getMacFromHostService(IpAddress targetIp) { | ||
150 | - checkNotNull(targetIp); | ||
151 | - | ||
152 | - Host host = hostService.getHostsByIp(targetIp) | ||
153 | - .stream() | ||
154 | - .findFirst() | ||
155 | - .orElse(null); | ||
156 | - | ||
157 | - if (host != null) { | ||
158 | - log.debug("Found MAC from host service for {}", targetIp.toString()); | ||
159 | - return host.mac(); | ||
160 | - } else { | ||
161 | - return null; | ||
162 | - } | ||
163 | - } | ||
164 | -} |
1 | -/* | ||
2 | -* Copyright 2016-present Open Networking Laboratory | ||
3 | -* | ||
4 | -* Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | -* you may not use this file except in compliance with the License. | ||
6 | -* You may obtain a copy of the License at | ||
7 | -* | ||
8 | -* http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | -* | ||
10 | -* Unless required by applicable law or agreed to in writing, software | ||
11 | -* distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | -* See the License for the specific language governing permissions and | ||
14 | -* limitations under the License. | ||
15 | -*/ | ||
16 | - | ||
17 | -package org.onosproject.openstacknetworking.switching; | ||
18 | - | ||
19 | -import org.onlab.packet.Ethernet; | ||
20 | -import org.onlab.packet.IPv4; | ||
21 | -import org.onlab.packet.Ip4Address; | ||
22 | -import org.onlab.packet.Ip4Prefix; | ||
23 | -import org.onlab.packet.IpAddress; | ||
24 | -import org.onlab.packet.IpPrefix; | ||
25 | -import org.onlab.packet.TpPort; | ||
26 | -import org.onosproject.core.ApplicationId; | ||
27 | -import org.onosproject.net.DeviceId; | ||
28 | -import org.onosproject.net.flow.DefaultTrafficSelector; | ||
29 | -import org.onosproject.net.flow.DefaultTrafficTreatment; | ||
30 | -import org.onosproject.net.flow.TrafficSelector; | ||
31 | -import org.onosproject.net.flow.TrafficTreatment; | ||
32 | -import org.onosproject.net.flowobjective.DefaultForwardingObjective; | ||
33 | -import org.onosproject.net.flowobjective.FlowObjectiveService; | ||
34 | -import org.onosproject.net.flowobjective.ForwardingObjective; | ||
35 | -import org.onosproject.openstackinterface.OpenstackInterfaceService; | ||
36 | -import org.onosproject.openstackinterface.OpenstackSecurityGroup; | ||
37 | -import org.onosproject.openstackinterface.OpenstackSecurityGroupRule; | ||
38 | -import org.onosproject.openstacknetworking.OpenstackPortInfo; | ||
39 | -import org.slf4j.Logger; | ||
40 | -import org.slf4j.LoggerFactory; | ||
41 | - | ||
42 | -import java.util.Map; | ||
43 | - | ||
44 | -/** | ||
45 | - * Populates flows rules for Security Groups of VMs. | ||
46 | - * | ||
47 | - */ | ||
48 | -public class OpenstackSecurityGroupRulePopulator { | ||
49 | - | ||
50 | - private static Logger log = LoggerFactory | ||
51 | - .getLogger(OpenstackSecurityGroupRulePopulator.class); | ||
52 | - | ||
53 | - private OpenstackInterfaceService openstackService; | ||
54 | - private FlowObjectiveService flowObjectiveService; | ||
55 | - | ||
56 | - private ApplicationId appId; | ||
57 | - | ||
58 | - private static final String PROTO_ICMP = "ICMP"; | ||
59 | - private static final String PROTO_TCP = "TCP"; | ||
60 | - private static final String PROTO_UDP = "UDP"; | ||
61 | - | ||
62 | - private static final String ETHTYPE_IPV4 = "IPV4"; | ||
63 | - | ||
64 | - private static final IpPrefix IP_PREFIX_ANY = Ip4Prefix.valueOf("0.0.0.0/0"); | ||
65 | - | ||
66 | - private static final int ACL_RULE_PRIORITY = 30000; | ||
67 | - | ||
68 | - /** | ||
69 | - * Constructor. | ||
70 | - * | ||
71 | - * @param appId application ID | ||
72 | - * @param openstackService OpenStack interface service | ||
73 | - * @param flowObjectiveService flow objective service | ||
74 | - */ | ||
75 | - public OpenstackSecurityGroupRulePopulator(ApplicationId appId, OpenstackInterfaceService openstackService, | ||
76 | - FlowObjectiveService flowObjectiveService) { | ||
77 | - this.appId = appId; | ||
78 | - this.openstackService = openstackService; | ||
79 | - this.flowObjectiveService = flowObjectiveService; | ||
80 | - } | ||
81 | - | ||
82 | - /** | ||
83 | - * Populates flow rules for security groups. | ||
84 | - * | ||
85 | - * @param id Device ID | ||
86 | - * @param sgId Security Group ID | ||
87 | - * @param vmIp VM IP address | ||
88 | - * @param portInfoMap Port Info map | ||
89 | - */ | ||
90 | - public void populateSecurityGroupRules(DeviceId id, String sgId, Ip4Address vmIp, | ||
91 | - Map<String, OpenstackPortInfo> portInfoMap) { | ||
92 | - OpenstackSecurityGroup securityGroup = openstackService.securityGroup(sgId); | ||
93 | - if (securityGroup != null) { | ||
94 | - securityGroup.rules().stream().forEach(sgRule -> { | ||
95 | - if (sgRule.remoteGroupId() != null && !sgRule.remoteGroupId().equals("null")) { | ||
96 | - openstackService.ports().stream() | ||
97 | - .filter(port -> port.securityGroups().contains(sgRule.remoteGroupId())) | ||
98 | - .flatMap(port -> port.fixedIps().values().stream()) | ||
99 | - .forEach(remoteIp -> setSecurityGroupRule(id, sgRule, | ||
100 | - vmIp, IpPrefix.valueOf((IpAddress) remoteIp, 32))); | ||
101 | - } else { | ||
102 | - setSecurityGroupRule(id, sgRule, vmIp, sgRule.remoteIpPrefix()); | ||
103 | - } | ||
104 | - }); | ||
105 | - | ||
106 | - openstackService.ports().stream().forEach(osPort -> | ||
107 | - osPort.securityGroups().stream().forEach(remoteVmSgId -> { | ||
108 | - OpenstackSecurityGroup remoteVmSg = openstackService.securityGroup(remoteVmSgId); | ||
109 | - remoteVmSg.rules().stream() | ||
110 | - .filter(remoteVmSgRule -> remoteVmSgRule.remoteGroupId().equals(sgId)) | ||
111 | - .forEach(remoteVmSgRule -> { | ||
112 | - Ip4Address remoteVmIp = | ||
113 | - (Ip4Address) osPort.fixedIps().values().stream().findAny().orElse(null); | ||
114 | - OpenstackPortInfo osPortInfo = portInfoMap.get(OpenstackSwitchingManager.PORTNAME_PREFIX_VM | ||
115 | - + osPort.id().substring(0, 11)); | ||
116 | - if (osPortInfo != null && remoteVmIp != null) { | ||
117 | - setSecurityGroupRule(osPortInfo.deviceId(), remoteVmSgRule, remoteVmIp, | ||
118 | - IpPrefix.valueOf(vmIp, 32)); | ||
119 | - } | ||
120 | - }); | ||
121 | - })); | ||
122 | - } | ||
123 | - } | ||
124 | - | ||
125 | - /** | ||
126 | - * Removes flow rules for security groups. | ||
127 | - * | ||
128 | - * @param id Device ID | ||
129 | - * @param sgId Security Group ID to remove | ||
130 | - * @param vmIp VM IP address | ||
131 | - * @param portInfoMap port info map | ||
132 | - * @param securityGroupMap security group info map | ||
133 | - */ | ||
134 | - public void removeSecurityGroupRules(DeviceId id, String sgId, Ip4Address vmIp, | ||
135 | - Map<String, OpenstackPortInfo> portInfoMap, | ||
136 | - Map<String, OpenstackSecurityGroup> securityGroupMap) { | ||
137 | - OpenstackSecurityGroup securityGroup = securityGroupMap.get(sgId); | ||
138 | - if (securityGroup != null) { | ||
139 | - securityGroup.rules().stream().forEach(sgRule -> { | ||
140 | - if (sgRule.remoteGroupId() != null && !sgRule.remoteGroupId().equals("null")) { | ||
141 | - portInfoMap.values().stream() | ||
142 | - .filter(portInfo -> portInfo.securityGroups().contains(sgRule.remoteGroupId())) | ||
143 | - .map(OpenstackPortInfo::ip) | ||
144 | - .forEach(remoteIp -> { | ||
145 | - removeSecurityGroupRule(id, sgRule, vmIp, IpPrefix.valueOf(remoteIp, 32)); | ||
146 | - }); | ||
147 | - } else { | ||
148 | - removeSecurityGroupRule(id, sgRule, vmIp, sgRule.remoteIpPrefix()); | ||
149 | - } | ||
150 | - }); | ||
151 | - | ||
152 | - portInfoMap.values().stream() | ||
153 | - .forEach(portInfo -> portInfo.securityGroups() | ||
154 | - .forEach(remoteVmSgId -> { | ||
155 | - OpenstackSecurityGroup remoteVmSg = securityGroupMap.get(remoteVmSgId); | ||
156 | - remoteVmSg.rules().stream() | ||
157 | - .filter(remoteVmSgRule -> remoteVmSgRule.remoteGroupId().equals(sgId)) | ||
158 | - .forEach(remoteVmSgRule -> removeSecurityGroupRule(portInfo.deviceId(), | ||
159 | - remoteVmSgRule, portInfo.ip(), IpPrefix.valueOf(vmIp, 32))); | ||
160 | - })); | ||
161 | - } | ||
162 | - } | ||
163 | - | ||
164 | - private void setSecurityGroupRule(DeviceId id, OpenstackSecurityGroupRule sgRule, | ||
165 | - Ip4Address vmIp, IpPrefix remoteIp) { | ||
166 | - ForwardingObjective.Builder foBuilder = buildFlowObjective(id, sgRule, vmIp, remoteIp); | ||
167 | - if (foBuilder != null) { | ||
168 | - flowObjectiveService.forward(id, foBuilder.add()); | ||
169 | - } | ||
170 | - } | ||
171 | - | ||
172 | - private void removeSecurityGroupRule(DeviceId id, OpenstackSecurityGroupRule sgRule, | ||
173 | - Ip4Address vmIp, IpPrefix remoteIp) { | ||
174 | - ForwardingObjective.Builder foBuilder = buildFlowObjective(id, sgRule, vmIp, remoteIp); | ||
175 | - if (foBuilder != null) { | ||
176 | - flowObjectiveService.forward(id, foBuilder.remove()); | ||
177 | - } | ||
178 | - } | ||
179 | - | ||
180 | - ForwardingObjective.Builder buildFlowObjective(DeviceId id, OpenstackSecurityGroupRule sgRule, | ||
181 | - Ip4Address vmIp, IpPrefix remoteIp) { | ||
182 | - if (remoteIp != null && remoteIp.equals(IpPrefix.valueOf(vmIp, 32))) { | ||
183 | - return null; | ||
184 | - } | ||
185 | - TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); | ||
186 | - TrafficTreatment.Builder tBuilder = DefaultTrafficTreatment.builder(); | ||
187 | - | ||
188 | - buildMatchs(sBuilder, sgRule, vmIp, remoteIp); | ||
189 | - | ||
190 | - ForwardingObjective.Builder foBuilder = DefaultForwardingObjective.builder() | ||
191 | - .withSelector(sBuilder.build()) | ||
192 | - .withTreatment(tBuilder.build()) | ||
193 | - .withPriority(ACL_RULE_PRIORITY) | ||
194 | - .withFlag(ForwardingObjective.Flag.SPECIFIC) | ||
195 | - .fromApp(appId); | ||
196 | - | ||
197 | - return foBuilder; | ||
198 | - } | ||
199 | - | ||
200 | - private void buildMatchs(TrafficSelector.Builder sBuilder, OpenstackSecurityGroupRule sgRule, | ||
201 | - Ip4Address vmIp, IpPrefix remoteIp) { | ||
202 | - buildMatchEthType(sBuilder, sgRule.ethertype()); | ||
203 | - buildMatchDirection(sBuilder, sgRule.direction(), vmIp); | ||
204 | - buildMatchProto(sBuilder, sgRule.protocol()); | ||
205 | - buildMatchPort(sBuilder, sgRule.protocol(), sgRule.direction(), sgRule.portRangeMax(), sgRule.portRangeMin()); | ||
206 | - buildMatchRemoteIp(sBuilder, remoteIp, sgRule.direction()); | ||
207 | - } | ||
208 | - | ||
209 | - private void buildMatchDirection(TrafficSelector.Builder sBuilder, | ||
210 | - OpenstackSecurityGroupRule.Direction direction, Ip4Address vmIp) { | ||
211 | - if (direction.equals(OpenstackSecurityGroupRule.Direction.EGRESS)) { | ||
212 | - sBuilder.matchIPSrc(IpPrefix.valueOf(vmIp, 32)); | ||
213 | - } else { | ||
214 | - sBuilder.matchIPDst(IpPrefix.valueOf(vmIp, 32)); | ||
215 | - } | ||
216 | - } | ||
217 | - | ||
218 | - private void buildMatchEthType(TrafficSelector.Builder sBuilder, String ethertype) { | ||
219 | - // Either IpSrc or IpDst (or both) is set by default, and we need to set EthType as IPv4. | ||
220 | - sBuilder.matchEthType(Ethernet.TYPE_IPV4); | ||
221 | - if (ethertype != null && ethertype != "null" && | ||
222 | - !ethertype.toUpperCase().equals(ETHTYPE_IPV4)) { | ||
223 | - log.error("EthType {} is not supported yet in Security Group", ethertype); | ||
224 | - } | ||
225 | - } | ||
226 | - | ||
227 | - private void buildMatchRemoteIp(TrafficSelector.Builder sBuilder, IpPrefix remoteIpPrefix, | ||
228 | - OpenstackSecurityGroupRule.Direction direction) { | ||
229 | - if (remoteIpPrefix != null && !remoteIpPrefix.getIp4Prefix().equals(IP_PREFIX_ANY)) { | ||
230 | - if (direction.equals(OpenstackSecurityGroupRule.Direction.EGRESS)) { | ||
231 | - sBuilder.matchIPDst(remoteIpPrefix); | ||
232 | - } else { | ||
233 | - sBuilder.matchIPSrc(remoteIpPrefix); | ||
234 | - } | ||
235 | - } | ||
236 | - } | ||
237 | - | ||
238 | - private void buildMatchProto(TrafficSelector.Builder sBuilder, String protocol) { | ||
239 | - if (protocol != null) { | ||
240 | - switch (protocol.toUpperCase()) { | ||
241 | - case PROTO_ICMP: | ||
242 | - sBuilder.matchIPProtocol(IPv4.PROTOCOL_ICMP); | ||
243 | - break; | ||
244 | - case PROTO_TCP: | ||
245 | - sBuilder.matchIPProtocol(IPv4.PROTOCOL_TCP); | ||
246 | - break; | ||
247 | - case PROTO_UDP: | ||
248 | - sBuilder.matchIPProtocol(IPv4.PROTOCOL_UDP); | ||
249 | - break; | ||
250 | - default: | ||
251 | - } | ||
252 | - } | ||
253 | - } | ||
254 | - | ||
255 | - private void buildMatchPort(TrafficSelector.Builder sBuilder, String protocol, | ||
256 | - OpenstackSecurityGroupRule.Direction direction, | ||
257 | - int portMin, int portMax) { | ||
258 | - if (portMin > 0 && portMax > 0 && portMin == portMax) { | ||
259 | - if (protocol.toUpperCase().equals(PROTO_TCP)) { | ||
260 | - if (direction.equals(OpenstackSecurityGroupRule.Direction.EGRESS)) { | ||
261 | - sBuilder.matchTcpDst(TpPort.tpPort(portMax)); | ||
262 | - } else { | ||
263 | - sBuilder.matchTcpSrc(TpPort.tpPort(portMax)); | ||
264 | - } | ||
265 | - } else if (protocol.toUpperCase().equals(PROTO_UDP)) { | ||
266 | - if (direction.equals(OpenstackSecurityGroupRule.Direction.EGRESS)) { | ||
267 | - sBuilder.matchUdpDst(TpPort.tpPort(portMax)); | ||
268 | - } else { | ||
269 | - sBuilder.matchUdpSrc(TpPort.tpPort(portMax)); | ||
270 | - } | ||
271 | - } | ||
272 | - } | ||
273 | - } | ||
274 | -} |
1 | -/* | ||
2 | - * Copyright 2016-present Open Networking Laboratory | ||
3 | - * | ||
4 | - * Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | - * you may not use this file except in compliance with the License. | ||
6 | - * You may obtain a copy of the License at | ||
7 | - * | ||
8 | - * http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | - * | ||
10 | - * Unless required by applicable law or agreed to in writing, software | ||
11 | - * distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | - * See the License for the specific language governing permissions and | ||
14 | - * limitations under the License. | ||
15 | - */ | ||
16 | -package org.onosproject.openstacknetworking.switching; | ||
17 | - | ||
18 | -import com.google.common.collect.ImmutableMap; | ||
19 | -import com.google.common.collect.Maps; | ||
20 | -import org.apache.felix.scr.annotations.Activate; | ||
21 | -import org.apache.felix.scr.annotations.Component; | ||
22 | -import org.apache.felix.scr.annotations.Deactivate; | ||
23 | -import org.apache.felix.scr.annotations.Reference; | ||
24 | -import org.apache.felix.scr.annotations.ReferenceCardinality; | ||
25 | -import org.apache.felix.scr.annotations.Service; | ||
26 | -import org.onlab.packet.Ethernet; | ||
27 | -import org.onlab.packet.Ip4Address; | ||
28 | -import org.onlab.packet.IpPrefix; | ||
29 | -import org.onosproject.core.ApplicationId; | ||
30 | -import org.onosproject.core.CoreService; | ||
31 | -import org.onosproject.dhcp.DhcpService; | ||
32 | -import org.onosproject.dhcp.IpAssignment; | ||
33 | -import org.onosproject.event.AbstractEvent; | ||
34 | -import org.onosproject.net.Device; | ||
35 | -import org.onosproject.net.DeviceId; | ||
36 | -import org.onosproject.net.Port; | ||
37 | -import org.onosproject.net.config.ConfigFactory; | ||
38 | -import org.onosproject.net.config.NetworkConfigEvent; | ||
39 | -import org.onosproject.net.config.NetworkConfigListener; | ||
40 | -import org.onosproject.net.config.NetworkConfigRegistry; | ||
41 | -import org.onosproject.net.config.NetworkConfigService; | ||
42 | -import org.onosproject.net.device.DeviceEvent; | ||
43 | -import org.onosproject.net.device.DeviceListener; | ||
44 | -import org.onosproject.net.device.DeviceService; | ||
45 | -import org.onosproject.net.driver.DriverService; | ||
46 | -import org.onosproject.net.flowobjective.FlowObjectiveService; | ||
47 | -import org.onosproject.net.host.HostEvent; | ||
48 | -import org.onosproject.net.host.HostListener; | ||
49 | -import org.onosproject.net.host.HostService; | ||
50 | -import org.onosproject.net.packet.InboundPacket; | ||
51 | -import org.onosproject.net.packet.PacketContext; | ||
52 | -import org.onosproject.net.packet.PacketProcessor; | ||
53 | -import org.onosproject.net.packet.PacketService; | ||
54 | -import org.onosproject.openstackinterface.OpenstackInterfaceService; | ||
55 | -import org.onosproject.openstackinterface.OpenstackNetwork; | ||
56 | -import org.onosproject.openstackinterface.OpenstackPort; | ||
57 | -import org.onosproject.openstackinterface.OpenstackSecurityGroup; | ||
58 | -import org.onosproject.openstackinterface.OpenstackSubnet; | ||
59 | -import org.onosproject.openstacknetworking.OpenstackPortInfo; | ||
60 | -import org.onosproject.openstacknetworking.OpenstackSubjectFactories; | ||
61 | -import org.onosproject.openstacknetworking.OpenstackNetworkingConfig; | ||
62 | -import org.onosproject.openstacknetworking.OpenstackSwitchingService; | ||
63 | -import org.slf4j.Logger; | ||
64 | -import org.slf4j.LoggerFactory; | ||
65 | - | ||
66 | -import java.util.Date; | ||
67 | -import java.util.Collection; | ||
68 | -import java.util.Map; | ||
69 | -import java.util.concurrent.ExecutorService; | ||
70 | -import java.util.concurrent.Executors; | ||
71 | - | ||
72 | -import static org.onlab.util.Tools.groupedThreads; | ||
73 | -import static org.onosproject.dhcp.IpAssignment.AssignmentStatus.Option_RangeNotEnforced; | ||
74 | - | ||
75 | -import static com.google.common.base.Preconditions.checkArgument; | ||
76 | -import static com.google.common.base.Preconditions.checkNotNull; | ||
77 | - | ||
78 | -@Service | ||
79 | -@Component(immediate = true) | ||
80 | -/** | ||
81 | - * Populates forwarding rules for VMs created by Openstack. | ||
82 | - */ | ||
83 | -public class OpenstackSwitchingManager implements OpenstackSwitchingService { | ||
84 | - | ||
85 | - private final Logger log = LoggerFactory.getLogger(getClass()); | ||
86 | - | ||
87 | - @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
88 | - protected CoreService coreService; | ||
89 | - | ||
90 | - @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
91 | - protected PacketService packetService; | ||
92 | - | ||
93 | - @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
94 | - protected DeviceService deviceService; | ||
95 | - | ||
96 | - @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
97 | - protected HostService hostService; | ||
98 | - | ||
99 | - @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
100 | - protected FlowObjectiveService flowObjectiveService; | ||
101 | - | ||
102 | - @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
103 | - protected DhcpService dhcpService; | ||
104 | - | ||
105 | - @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
106 | - protected DriverService driverService; | ||
107 | - | ||
108 | - @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
109 | - protected NetworkConfigRegistry networkConfig; | ||
110 | - | ||
111 | - @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
112 | - protected OpenstackInterfaceService openstackService; | ||
113 | - | ||
114 | - @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
115 | - protected NetworkConfigService configService; | ||
116 | - | ||
117 | - @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
118 | - protected NetworkConfigRegistry configRegistry; | ||
119 | - | ||
120 | - public static final String PORTNAME_PREFIX_VM = "tap"; | ||
121 | - public static final String PORTNAME_PREFIX_ROUTER = "qr-"; | ||
122 | - public static final String PORTNAME_PREFIX_TUNNEL = "vxlan"; | ||
123 | - public static final String PORTNAME = "portName"; | ||
124 | - private static final String ROUTER_INTERFACE = "network:router_interface"; | ||
125 | - public static final String DEVICE_OWNER_GATEWAY = "network:router_gateway"; | ||
126 | - public static final Ip4Address DNS_SERVER_IP = Ip4Address.valueOf("8.8.8.8"); | ||
127 | - private static final String FORWARD_SLASH = "/"; | ||
128 | - private static final int DHCP_INFINITE_LEASE = -1; | ||
129 | - public static final String SONA_DRIVER_NAME = "sona"; | ||
130 | - | ||
131 | - | ||
132 | - private ApplicationId appId; | ||
133 | - | ||
134 | - private OpenstackArpHandler arpHandler; | ||
135 | - private OpenstackSecurityGroupRulePopulator sgRulePopulator; | ||
136 | - | ||
137 | - private ExecutorService deviceEventExecutorService = | ||
138 | - Executors.newSingleThreadExecutor(groupedThreads("onos/openstackswitching", "device-event")); | ||
139 | - | ||
140 | - private ExecutorService configEventExecutorService = | ||
141 | - Executors.newSingleThreadExecutor(groupedThreads("onos/openstackswitching", "config-event")); | ||
142 | - | ||
143 | - private InternalPacketProcessor internalPacketProcessor = new InternalPacketProcessor(); | ||
144 | - private InternalDeviceListener internalDeviceListener = new InternalDeviceListener(); | ||
145 | - private InternalHostListener internalHostListener = new InternalHostListener(); | ||
146 | - | ||
147 | - private final Map<String, OpenstackPortInfo> openstackPortInfoMap = Maps.newHashMap(); | ||
148 | - private Map<String, OpenstackSecurityGroup> securityGroupMap = Maps.newConcurrentMap(); | ||
149 | - | ||
150 | - private final ConfigFactory configFactory = | ||
151 | - new ConfigFactory(OpenstackSubjectFactories.USER_DEFINED_SUBJECT_FACTORY, OpenstackNetworkingConfig.class, | ||
152 | - "config") { | ||
153 | - @Override | ||
154 | - public OpenstackNetworkingConfig createConfig() { | ||
155 | - return new OpenstackNetworkingConfig(); | ||
156 | - } | ||
157 | - }; | ||
158 | - private final NetworkConfigListener configListener = new InternalConfigListener(); | ||
159 | - | ||
160 | - private OpenstackNetworkingConfig config; | ||
161 | - | ||
162 | - @Activate | ||
163 | - protected void activate() { | ||
164 | - appId = coreService | ||
165 | - .registerApplication("org.onosproject.openstackswitching"); | ||
166 | - | ||
167 | - packetService.addProcessor(internalPacketProcessor, PacketProcessor.director(1)); | ||
168 | - deviceService.addListener(internalDeviceListener); | ||
169 | - hostService.addListener(internalHostListener); | ||
170 | - configRegistry.registerConfigFactory(configFactory); | ||
171 | - configService.addListener(configListener); | ||
172 | - | ||
173 | - arpHandler = new OpenstackArpHandler(openstackService, packetService, hostService); | ||
174 | - sgRulePopulator = new OpenstackSecurityGroupRulePopulator(appId, openstackService, flowObjectiveService); | ||
175 | - | ||
176 | - networkConfig.registerConfigFactory(configFactory); | ||
177 | - networkConfig.addListener(configListener); | ||
178 | - | ||
179 | - readConfiguration(); | ||
180 | - | ||
181 | - log.info("Started"); | ||
182 | - } | ||
183 | - | ||
184 | - @Deactivate | ||
185 | - protected void deactivate() { | ||
186 | - packetService.removeProcessor(internalPacketProcessor); | ||
187 | - deviceService.removeListener(internalDeviceListener); | ||
188 | - | ||
189 | - deviceEventExecutorService.shutdown(); | ||
190 | - configEventExecutorService.shutdown(); | ||
191 | - hostService.removeListener(internalHostListener); | ||
192 | - configService.removeListener(configListener); | ||
193 | - configRegistry.unregisterConfigFactory(configFactory); | ||
194 | - | ||
195 | - log.info("Stopped"); | ||
196 | - } | ||
197 | - | ||
198 | - @Override | ||
199 | - public void createPorts(OpenstackPort openstackPort) { | ||
200 | - | ||
201 | - if (!openstackPort.deviceOwner().equals(ROUTER_INTERFACE) | ||
202 | - && !openstackPort.deviceOwner().equals(DEVICE_OWNER_GATEWAY) | ||
203 | - && !openstackPort.fixedIps().isEmpty()) { | ||
204 | - registerDhcpInfo(openstackPort); | ||
205 | - } | ||
206 | - } | ||
207 | - | ||
208 | - @Override | ||
209 | - public void removePort(String uuid) { | ||
210 | - // When VMs are remvoed, the flow rules for the VMs are removed using ONOS port update event. | ||
211 | - // But, when router is removed, no ONOS port event occurs and we need to use Neutron port event. | ||
212 | - // Here we should not touch any rules for VMs. | ||
213 | - log.debug("port {} was removed", uuid); | ||
214 | - | ||
215 | - String routerPortName = PORTNAME_PREFIX_ROUTER + uuid.substring(0, 11); | ||
216 | - OpenstackPortInfo routerPortInfo = openstackPortInfoMap.get(routerPortName); | ||
217 | - if (routerPortInfo != null) { | ||
218 | - dhcpService.removeStaticMapping(routerPortInfo.mac()); | ||
219 | - deviceService.getPorts(routerPortInfo.deviceId()).forEach(port -> { | ||
220 | - String pName = port.annotations().value(PORTNAME); | ||
221 | - if (pName.equals(routerPortName)) { | ||
222 | - OpenstackSwitchingRulePopulator rulePopulator = | ||
223 | - new OpenstackSwitchingRulePopulator(appId, flowObjectiveService, | ||
224 | - deviceService, openstackService, driverService, config); | ||
225 | - | ||
226 | - rulePopulator.removeSwitchingRules(port, openstackPortInfoMap); | ||
227 | - openstackPortInfoMap.remove(routerPortName); | ||
228 | - return; | ||
229 | - } | ||
230 | - }); | ||
231 | - } | ||
232 | - } | ||
233 | - | ||
234 | - @Override | ||
235 | - public void updatePort(OpenstackPort openstackPort) { | ||
236 | - if (openstackPort.status().equals(OpenstackPort.PortStatus.ACTIVE)) { | ||
237 | - String portName = PORTNAME_PREFIX_VM + openstackPort.id().substring(0, 11); | ||
238 | - OpenstackPortInfo osPortInfo = openstackPortInfoMap.get(portName); | ||
239 | - if (osPortInfo != null) { | ||
240 | - // Remove all security group rules based on the ones stored in security group map. | ||
241 | - osPortInfo.securityGroups().stream().forEach( | ||
242 | - sgId -> sgRulePopulator.removeSecurityGroupRules(osPortInfo.deviceId(), sgId, | ||
243 | - osPortInfo.ip(), openstackPortInfoMap, securityGroupMap)); | ||
244 | - // Add all security group rules based on the updated security group. | ||
245 | - openstackPort.securityGroups().stream().forEach( | ||
246 | - sgId -> sgRulePopulator.populateSecurityGroupRules(osPortInfo.deviceId(), sgId, | ||
247 | - osPortInfo.ip(), openstackPortInfoMap)); | ||
248 | - updatePortMap(osPortInfo.deviceId(), portName, openstackService.networks(), | ||
249 | - openstackService.subnets(), openstackPort); | ||
250 | - } | ||
251 | - } | ||
252 | - } | ||
253 | - | ||
254 | - @Override | ||
255 | - public void createNetwork(OpenstackNetwork openstackNetwork) { | ||
256 | - //TODO | ||
257 | - } | ||
258 | - | ||
259 | - @Override | ||
260 | - public void createSubnet(OpenstackSubnet openstackSubnet) { | ||
261 | - //TODO | ||
262 | - } | ||
263 | - | ||
264 | - @Override | ||
265 | - public Map<String, OpenstackPortInfo> openstackPortInfo() { | ||
266 | - return ImmutableMap.copyOf(this.openstackPortInfoMap); | ||
267 | - } | ||
268 | - | ||
269 | - private void processPortUpdated(Device device, Port port) { | ||
270 | - String portName = port.annotations().value(PORTNAME); | ||
271 | - synchronized (openstackPortInfoMap) { | ||
272 | - if (portName.startsWith(PORTNAME_PREFIX_VM)) { | ||
273 | - if (port.isEnabled()) { | ||
274 | - OpenstackSwitchingRulePopulator rulePopulator = | ||
275 | - new OpenstackSwitchingRulePopulator(appId, flowObjectiveService, | ||
276 | - deviceService, openstackService, driverService, config); | ||
277 | - | ||
278 | - rulePopulator.populateSwitchingRules(device, port); | ||
279 | - OpenstackPort openstackPort = rulePopulator.openstackPort(port); | ||
280 | - Ip4Address vmIp = (Ip4Address) openstackPort.fixedIps().values().stream() | ||
281 | - .findAny().orElseGet(null); | ||
282 | - openstackPort.securityGroups().stream().forEach( | ||
283 | - sgId -> sgRulePopulator.populateSecurityGroupRules(device.id(), sgId, vmIp, | ||
284 | - openstackPortInfoMap)); | ||
285 | - updatePortMap(device.id(), port.annotations().value(PORTNAME), | ||
286 | - openstackService.networks(), openstackService.subnets(), openstackPort); | ||
287 | - | ||
288 | - //In case portupdate event is driven by vm shutoff from openstack | ||
289 | - } else if (!port.isEnabled() && openstackPortInfoMap.containsKey(portName)) { | ||
290 | - log.debug("Flowrules according to the port {} were removed", port.number()); | ||
291 | - OpenstackSwitchingRulePopulator rulePopulator = | ||
292 | - new OpenstackSwitchingRulePopulator(appId, flowObjectiveService, | ||
293 | - deviceService, openstackService, driverService, config); | ||
294 | - rulePopulator.removeSwitchingRules(port, openstackPortInfoMap); | ||
295 | - openstackPortInfoMap.get(portName).securityGroups().stream().forEach( | ||
296 | - sgId -> sgRulePopulator.removeSecurityGroupRules(device.id(), sgId, | ||
297 | - openstackPortInfoMap.get(portName).ip(), openstackPortInfoMap, securityGroupMap)); | ||
298 | - dhcpService.removeStaticMapping(openstackPortInfoMap.get(port.annotations().value(PORTNAME)).mac()); | ||
299 | - openstackPortInfoMap.remove(port.annotations().value(PORTNAME)); | ||
300 | - } | ||
301 | - } | ||
302 | - } | ||
303 | - } | ||
304 | - | ||
305 | - private void processPortRemoved(Port port) { | ||
306 | - log.debug("port {} is removed", port.toString()); | ||
307 | - } | ||
308 | - | ||
309 | - private void initializeFlowRules() { | ||
310 | - OpenstackSwitchingRulePopulator rulePopulator = | ||
311 | - new OpenstackSwitchingRulePopulator(appId, flowObjectiveService, | ||
312 | - deviceService, openstackService, driverService, config); | ||
313 | - | ||
314 | - Collection<OpenstackNetwork> networks = openstackService.networks(); | ||
315 | - Collection<OpenstackSubnet> subnets = openstackService.subnets(); | ||
316 | - | ||
317 | - deviceService.getDevices().forEach(device -> { | ||
318 | - log.debug("device {} num of ports {} ", device.id(), | ||
319 | - deviceService.getPorts(device.id()).size()); | ||
320 | - deviceService.getPorts(device.id()).stream() | ||
321 | - .filter(port -> port.annotations().value(PORTNAME).startsWith(PORTNAME_PREFIX_VM) || | ||
322 | - port.annotations().value(PORTNAME).startsWith(PORTNAME_PREFIX_ROUTER)) | ||
323 | - .forEach(vmPort -> { | ||
324 | - OpenstackPort osPort = rulePopulator.openstackPort(vmPort); | ||
325 | - if (osPort != null && !osPort.deviceOwner().equals(DEVICE_OWNER_GATEWAY)) { | ||
326 | - rulePopulator.populateSwitchingRules(device, vmPort); | ||
327 | - Ip4Address vmIp = (Ip4Address) osPort.fixedIps().values().stream() | ||
328 | - .findAny().orElseGet(null); | ||
329 | - osPort.securityGroups().stream().forEach( | ||
330 | - sgId -> sgRulePopulator.populateSecurityGroupRules(device.id(), | ||
331 | - sgId, vmIp, openstackPortInfoMap)); | ||
332 | - updatePortMap(device.id(), vmPort.annotations().value(PORTNAME), networks, | ||
333 | - subnets, osPort); | ||
334 | - registerDhcpInfo(osPort); | ||
335 | - } else { | ||
336 | - log.warn("No openstackPort information for port {}", vmPort); | ||
337 | - } | ||
338 | - } | ||
339 | - ); | ||
340 | - } | ||
341 | - ); | ||
342 | - } | ||
343 | - | ||
344 | - private void updatePortMap(DeviceId deviceId, String portName, Collection<OpenstackNetwork> networks, | ||
345 | - Collection<OpenstackSubnet> subnets, OpenstackPort openstackPort) { | ||
346 | - long vni; | ||
347 | - OpenstackNetwork openstackNetwork = networks.stream() | ||
348 | - .filter(n -> n.id().equals(openstackPort.networkId())) | ||
349 | - .findAny().orElse(null); | ||
350 | - if (openstackNetwork != null) { | ||
351 | - vni = Long.parseLong(openstackNetwork.segmentId()); | ||
352 | - } else { | ||
353 | - log.debug("updatePortMap failed because there's no OpenstackNetwork matches {}", openstackPort.networkId()); | ||
354 | - return; | ||
355 | - } | ||
356 | - | ||
357 | - | ||
358 | - OpenstackSubnet openstackSubnet = subnets.stream() | ||
359 | - .filter(n -> n.networkId().equals(openstackPort.networkId())) | ||
360 | - .findFirst().get(); | ||
361 | - | ||
362 | - Ip4Address gatewayIPAddress = Ip4Address.valueOf(openstackSubnet.gatewayIp()); | ||
363 | - | ||
364 | - OpenstackPortInfo.Builder portBuilder = OpenstackPortInfo.builder() | ||
365 | - .setDeviceId(deviceId) | ||
366 | - .setHostIp((Ip4Address) openstackPort.fixedIps().values().stream().findFirst().orElse(null)) | ||
367 | - .setHostMac(openstackPort.macAddress()) | ||
368 | - .setVni(vni) | ||
369 | - .setGatewayIP(gatewayIPAddress) | ||
370 | - .setNetworkId(openstackPort.networkId()) | ||
371 | - .setSecurityGroups(openstackPort.securityGroups()); | ||
372 | - | ||
373 | - openstackPortInfoMap.put(portName, portBuilder.build()); | ||
374 | - | ||
375 | - openstackPort.securityGroups().stream().forEach(sgId -> { | ||
376 | - if (!securityGroupMap.containsKey(sgId)) { | ||
377 | - securityGroupMap.put(sgId, openstackService.securityGroup(sgId)); | ||
378 | - } | ||
379 | - }); | ||
380 | - } | ||
381 | - | ||
382 | - private void registerDhcpInfo(OpenstackPort openstackPort) { | ||
383 | - checkNotNull(openstackPort); | ||
384 | - checkArgument(!openstackPort.fixedIps().isEmpty()); | ||
385 | - | ||
386 | - OpenstackSubnet openstackSubnet = openstackService.subnets().stream() | ||
387 | - .filter(n -> n.networkId().equals(openstackPort.networkId())) | ||
388 | - .findFirst().orElse(null); | ||
389 | - if (openstackSubnet == null) { | ||
390 | - log.warn("Failed to find subnet for {}", openstackPort); | ||
391 | - return; | ||
392 | - } | ||
393 | - | ||
394 | - Ip4Address ipAddress = openstackPort.fixedIps().values().stream().findFirst().get(); | ||
395 | - IpPrefix subnetPrefix = IpPrefix.valueOf(openstackSubnet.cidr()); | ||
396 | - Ip4Address broadcast = Ip4Address.makeMaskedAddress( | ||
397 | - ipAddress, | ||
398 | - subnetPrefix.prefixLength()); | ||
399 | - | ||
400 | - // TODO: supports multiple DNS servers | ||
401 | - Ip4Address domainServer = openstackSubnet.dnsNameservers().isEmpty() ? | ||
402 | - DNS_SERVER_IP : openstackSubnet.dnsNameservers().get(0); | ||
403 | - | ||
404 | - IpAssignment ipAssignment = IpAssignment.builder() | ||
405 | - .ipAddress(ipAddress) | ||
406 | - .leasePeriod(DHCP_INFINITE_LEASE) | ||
407 | - .timestamp(new Date()) | ||
408 | - .subnetMask(Ip4Address.makeMaskPrefix(subnetPrefix.prefixLength())) | ||
409 | - .broadcast(broadcast) | ||
410 | - .domainServer(domainServer) | ||
411 | - .assignmentStatus(Option_RangeNotEnforced) | ||
412 | - .routerAddress(Ip4Address.valueOf(openstackSubnet.gatewayIp())) | ||
413 | - .build(); | ||
414 | - | ||
415 | - dhcpService.setStaticMapping(openstackPort.macAddress(), ipAssignment); | ||
416 | - } | ||
417 | - | ||
418 | - private class InternalPacketProcessor implements PacketProcessor { | ||
419 | - | ||
420 | - @Override | ||
421 | - public void process(PacketContext context) { | ||
422 | - // FIXME: use GatewayNode list to check if the ARP packet is from GatewayNode's | ||
423 | - if (context.isHandled()) { | ||
424 | - return; | ||
425 | - } else if (!SONA_DRIVER_NAME.equals(driverService | ||
426 | - .getDriver(context.inPacket().receivedFrom().deviceId()).name())) { | ||
427 | - return; | ||
428 | - } | ||
429 | - | ||
430 | - InboundPacket pkt = context.inPacket(); | ||
431 | - Ethernet ethernet = pkt.parsed(); | ||
432 | - | ||
433 | - if (ethernet != null && ethernet.getEtherType() == Ethernet.TYPE_ARP) { | ||
434 | - arpHandler.processPacketIn(pkt, openstackPortInfoMap.values()); | ||
435 | - } | ||
436 | - } | ||
437 | - } | ||
438 | - | ||
439 | - private class InternalHostListener implements HostListener { | ||
440 | - | ||
441 | - @Override | ||
442 | - public void event(HostEvent hostEvent) { | ||
443 | - deviceEventExecutorService.execute(new InternalEventHandler(hostEvent)); | ||
444 | - } | ||
445 | - } | ||
446 | - | ||
447 | - private class InternalDeviceListener implements DeviceListener { | ||
448 | - | ||
449 | - @Override | ||
450 | - public void event(DeviceEvent deviceEvent) { | ||
451 | - deviceEventExecutorService.execute(new InternalEventHandler(deviceEvent)); | ||
452 | - } | ||
453 | - } | ||
454 | - | ||
455 | - private class InternalEventHandler implements Runnable { | ||
456 | - | ||
457 | - volatile AbstractEvent event; | ||
458 | - | ||
459 | - InternalEventHandler(AbstractEvent event) { | ||
460 | - this.event = event; | ||
461 | - } | ||
462 | - | ||
463 | - @Override | ||
464 | - public void run() { | ||
465 | - | ||
466 | - if (event instanceof DeviceEvent) { | ||
467 | - DeviceEvent deviceEvent = (DeviceEvent) event; | ||
468 | - | ||
469 | - switch (deviceEvent.type()) { | ||
470 | - case DEVICE_ADDED: | ||
471 | - log.debug("device {} is added", deviceEvent.subject().id()); | ||
472 | - break; | ||
473 | - case DEVICE_AVAILABILITY_CHANGED: | ||
474 | - Device device = deviceEvent.subject(); | ||
475 | - if (deviceService.isAvailable(device.id())) { | ||
476 | - log.debug("device {} is added", device.id()); | ||
477 | - } | ||
478 | - break; | ||
479 | - case PORT_ADDED: | ||
480 | - processPortUpdated(deviceEvent.subject(), deviceEvent.port()); | ||
481 | - break; | ||
482 | - case PORT_UPDATED: | ||
483 | - processPortUpdated(deviceEvent.subject(), deviceEvent.port()); | ||
484 | - break; | ||
485 | - case PORT_REMOVED: | ||
486 | - processPortRemoved(deviceEvent.port()); | ||
487 | - break; | ||
488 | - default: | ||
489 | - log.debug("Unsupported deviceEvent type {}", deviceEvent.type().toString()); | ||
490 | - break; | ||
491 | - } | ||
492 | - } else if (event instanceof HostEvent) { | ||
493 | - HostEvent hostEvent = (HostEvent) event; | ||
494 | - | ||
495 | - switch (hostEvent.type()) { | ||
496 | - case HOST_REMOVED: | ||
497 | - log.debug("host {} was removed", hostEvent.subject().toString()); | ||
498 | - break; | ||
499 | - default: | ||
500 | - log.debug("Unsupported hostEvent type {}", hostEvent.type().toString()); | ||
501 | - break; | ||
502 | - } | ||
503 | - } | ||
504 | - } | ||
505 | - } | ||
506 | - | ||
507 | - private void readConfiguration() { | ||
508 | - config = configService.getConfig("openstacknetworking", OpenstackNetworkingConfig.class); | ||
509 | - if (config == null) { | ||
510 | - log.error("No configuration found"); | ||
511 | - return; | ||
512 | - } | ||
513 | - | ||
514 | - arpHandler = new OpenstackArpHandler(openstackService, packetService, hostService); | ||
515 | - sgRulePopulator = new OpenstackSecurityGroupRulePopulator(appId, openstackService, flowObjectiveService); | ||
516 | - | ||
517 | - initializeFlowRules(); | ||
518 | - } | ||
519 | - | ||
520 | - private class InternalConfigListener implements NetworkConfigListener { | ||
521 | - | ||
522 | - @Override | ||
523 | - public void event(NetworkConfigEvent event) { | ||
524 | - if (!event.configClass().equals(OpenstackNetworkingConfig.class)) { | ||
525 | - return; | ||
526 | - } | ||
527 | - | ||
528 | - if (event.type().equals(NetworkConfigEvent.Type.CONFIG_ADDED) || | ||
529 | - event.type().equals(NetworkConfigEvent.Type.CONFIG_UPDATED)) { | ||
530 | - configEventExecutorService.execute(OpenstackSwitchingManager.this::readConfiguration); | ||
531 | - | ||
532 | - } | ||
533 | - } | ||
534 | - } | ||
535 | -} |
1 | -/* | ||
2 | -* Copyright 2016-present Open Networking Laboratory | ||
3 | -* | ||
4 | -* Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | -* you may not use this file except in compliance with the License. | ||
6 | -* You may obtain a copy of the License at | ||
7 | -* | ||
8 | -* http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | -* | ||
10 | -* Unless required by applicable law or agreed to in writing, software | ||
11 | -* distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | -* See the License for the specific language governing permissions and | ||
14 | -* limitations under the License. | ||
15 | -*/ | ||
16 | - | ||
17 | -package org.onosproject.openstacknetworking.switching; | ||
18 | - | ||
19 | -import org.onlab.packet.Ethernet; | ||
20 | -import org.onlab.packet.Ip4Address; | ||
21 | -import org.onosproject.core.ApplicationId; | ||
22 | -import org.onosproject.net.Device; | ||
23 | -import org.onosproject.net.DeviceId; | ||
24 | -import org.onosproject.net.Port; | ||
25 | -import org.onosproject.net.PortNumber; | ||
26 | -import org.onosproject.net.behaviour.ExtensionTreatmentResolver; | ||
27 | -import org.onosproject.net.device.DeviceService; | ||
28 | -import org.onosproject.net.driver.DefaultDriverData; | ||
29 | -import org.onosproject.net.driver.DefaultDriverHandler; | ||
30 | -import org.onosproject.net.driver.Driver; | ||
31 | -import org.onosproject.net.driver.DriverHandler; | ||
32 | -import org.onosproject.net.driver.DriverService; | ||
33 | -import org.onosproject.net.flow.DefaultTrafficSelector; | ||
34 | -import org.onosproject.net.flow.DefaultTrafficTreatment; | ||
35 | -import org.onosproject.net.flow.TrafficSelector; | ||
36 | -import org.onosproject.net.flow.TrafficTreatment; | ||
37 | -import org.onosproject.net.flow.instructions.ExtensionTreatment; | ||
38 | -import org.onosproject.net.flow.instructions.ExtensionPropertyException; | ||
39 | -import org.onosproject.net.flow.instructions.ExtensionTreatmentType; | ||
40 | -import org.onosproject.net.flowobjective.DefaultForwardingObjective; | ||
41 | -import org.onosproject.net.flowobjective.FlowObjectiveService; | ||
42 | -import org.onosproject.net.flowobjective.ForwardingObjective; | ||
43 | -import org.onosproject.openstackinterface.OpenstackInterfaceService; | ||
44 | -import org.onosproject.openstackinterface.OpenstackNetwork; | ||
45 | -import org.onosproject.openstackinterface.OpenstackPort; | ||
46 | -import org.onosproject.openstacknetworking.OpenstackNetworkingConfig; | ||
47 | -import org.onosproject.openstacknetworking.OpenstackPortInfo; | ||
48 | -import org.slf4j.Logger; | ||
49 | -import org.slf4j.LoggerFactory; | ||
50 | - | ||
51 | -import java.util.Collection; | ||
52 | -import java.util.Map; | ||
53 | - | ||
54 | -/** | ||
55 | - * Populates switching flow rules. | ||
56 | - */ | ||
57 | -public class OpenstackSwitchingRulePopulator { | ||
58 | - | ||
59 | - private static Logger log = LoggerFactory | ||
60 | - .getLogger(OpenstackSwitchingRulePopulator.class); | ||
61 | - private static final int SWITCHING_RULE_PRIORITY = 30000; | ||
62 | - private static final int TUNNELTAG_RULE_PRIORITY = 30000; | ||
63 | - private static final String PORT_NAME = "portName"; | ||
64 | - private static final String TUNNEL_DST = "tunnelDst"; | ||
65 | - private FlowObjectiveService flowObjectiveService; | ||
66 | - private DriverService driverService; | ||
67 | - private DeviceService deviceService; | ||
68 | - private ApplicationId appId; | ||
69 | - private OpenstackNetworkingConfig config; | ||
70 | - | ||
71 | - private Collection<OpenstackNetwork> openstackNetworkList; | ||
72 | - private Collection<OpenstackPort> openstackPortList; | ||
73 | - | ||
74 | - /** | ||
75 | - * Creates OpenstackSwitchingRulPopulator. | ||
76 | - * | ||
77 | - * @param appId application id | ||
78 | - * @param flowObjectiveService FlowObjectiveService reference | ||
79 | - * @param deviceService DeviceService reference | ||
80 | - * @param openstackService openstack interface service | ||
81 | - * @param driverService DriverService reference | ||
82 | - * @param config OpenstackRoutingConfig | ||
83 | - */ | ||
84 | - public OpenstackSwitchingRulePopulator(ApplicationId appId, | ||
85 | - FlowObjectiveService flowObjectiveService, | ||
86 | - DeviceService deviceService, | ||
87 | - OpenstackInterfaceService openstackService, | ||
88 | - DriverService driverService, | ||
89 | - OpenstackNetworkingConfig config) { | ||
90 | - this.flowObjectiveService = flowObjectiveService; | ||
91 | - this.deviceService = deviceService; | ||
92 | - this.driverService = driverService; | ||
93 | - this.appId = appId; | ||
94 | - this.config = config; | ||
95 | - | ||
96 | - openstackNetworkList = openstackService.networks(); | ||
97 | - openstackPortList = openstackService.ports(); | ||
98 | - } | ||
99 | - | ||
100 | - | ||
101 | - /** | ||
102 | - * Populates flow rules for the VM created. | ||
103 | - * | ||
104 | - * @param device device to populate rules to | ||
105 | - * @param port port for the VM created | ||
106 | - */ | ||
107 | - public void populateSwitchingRules(Device device, Port port) { | ||
108 | - populateFlowRulesForTunnelTag(device, port); | ||
109 | - populateFlowRulesForTrafficToSameCnode(device, port); | ||
110 | - populateFlowRulesForTrafficToDifferentCnode(device, port); | ||
111 | - } | ||
112 | - | ||
113 | - /** | ||
114 | - * Populate the flow rules for tagging tunnelId according to which inport is came from. | ||
115 | - * | ||
116 | - * @param device device to put the rules | ||
117 | - * @param port port info of the VM | ||
118 | - */ | ||
119 | - private void populateFlowRulesForTunnelTag(Device device, Port port) { | ||
120 | - Ip4Address vmIp = getFixedIpAddressForPort(port.annotations().value(PORT_NAME)); | ||
121 | - String portName = port.annotations().value(PORT_NAME); | ||
122 | - String vni = getVniForPort(portName); | ||
123 | - | ||
124 | - if (vmIp != null) { | ||
125 | - setFlowRuleForTunnelTag(device.id(), port, vni); | ||
126 | - } | ||
127 | - } | ||
128 | - | ||
129 | - private void setFlowRuleForTunnelTag(DeviceId deviceId, Port port, String vni) { | ||
130 | - | ||
131 | - TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); | ||
132 | - TrafficTreatment.Builder tBuilder = DefaultTrafficTreatment.builder(); | ||
133 | - | ||
134 | - sBuilder.matchEthType(Ethernet.TYPE_IPV4) | ||
135 | - .matchInPort(port.number()); | ||
136 | - | ||
137 | - tBuilder.setTunnelId(Long.parseLong(vni)); | ||
138 | - | ||
139 | - ForwardingObjective fo = DefaultForwardingObjective.builder() | ||
140 | - .withSelector(sBuilder.build()) | ||
141 | - .withTreatment(tBuilder.build()) | ||
142 | - .withPriority(TUNNELTAG_RULE_PRIORITY) | ||
143 | - .withFlag(ForwardingObjective.Flag.SPECIFIC) | ||
144 | - .fromApp(appId) | ||
145 | - .add(); | ||
146 | - | ||
147 | - flowObjectiveService.forward(deviceId, fo); | ||
148 | - } | ||
149 | - | ||
150 | - /** | ||
151 | - * Populates the flow rules for traffic to VMs in the same Cnode as the sender. | ||
152 | - * | ||
153 | - * @param device device to put the rules | ||
154 | - * @param port port info of the VM | ||
155 | - */ | ||
156 | - private void populateFlowRulesForTrafficToSameCnode(Device device, Port port) { | ||
157 | - Ip4Address vmIp = getFixedIpAddressForPort(port.annotations().value(PORT_NAME)); | ||
158 | - String portName = port.annotations().value(PORT_NAME); | ||
159 | - String vni = getVniForPort(portName); | ||
160 | - | ||
161 | - if (vmIp != null) { | ||
162 | - setFlowRuleForVMsInSameCnode(vmIp, device.id(), port, vni); | ||
163 | - } | ||
164 | - } | ||
165 | - | ||
166 | - /** | ||
167 | - * Sets the flow rules for traffic between VMs in the same Cnode. | ||
168 | - * | ||
169 | - * @param ip4Address VM IP address | ||
170 | - * @param id device ID to put rules | ||
171 | - * @param port VM port | ||
172 | - * @param vni VM VNI | ||
173 | - */ | ||
174 | - private void setFlowRuleForVMsInSameCnode(Ip4Address ip4Address, DeviceId id, | ||
175 | - Port port, String vni) { | ||
176 | - | ||
177 | - //For L2 Switching Case | ||
178 | - TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); | ||
179 | - TrafficTreatment.Builder tBuilder = DefaultTrafficTreatment.builder(); | ||
180 | - | ||
181 | - sBuilder.matchEthType(Ethernet.TYPE_IPV4) | ||
182 | - .matchIPDst(ip4Address.toIpPrefix()) | ||
183 | - .matchTunnelId(Long.parseLong(vni)); | ||
184 | - | ||
185 | - tBuilder.setOutput(port.number()); | ||
186 | - | ||
187 | - ForwardingObjective fo = DefaultForwardingObjective.builder() | ||
188 | - .withSelector(sBuilder.build()) | ||
189 | - .withTreatment(tBuilder.build()) | ||
190 | - .withPriority(SWITCHING_RULE_PRIORITY) | ||
191 | - .withFlag(ForwardingObjective.Flag.SPECIFIC) | ||
192 | - .fromApp(appId) | ||
193 | - .add(); | ||
194 | - | ||
195 | - flowObjectiveService.forward(id, fo); | ||
196 | - } | ||
197 | - | ||
198 | - /** | ||
199 | - * Populates the flow rules for traffic to VMs in different Cnode using | ||
200 | - * Nicira extention. | ||
201 | - * | ||
202 | - * @param device device to put rules | ||
203 | - * @param port port information of the VM | ||
204 | - */ | ||
205 | - private void populateFlowRulesForTrafficToDifferentCnode(Device device, Port port) { | ||
206 | - String portName = port.annotations().value(PORT_NAME); | ||
207 | - Ip4Address fixedIp = getFixedIpAddressForPort(portName); | ||
208 | - String vni = getVniForPort(portName); | ||
209 | - Ip4Address hostDpIpAddress = config.nodes().get(device.id()); | ||
210 | - | ||
211 | - if (hostDpIpAddress == null) { | ||
212 | - log.debug("There's no openstack node information for device id {}", device.id().toString()); | ||
213 | - return; | ||
214 | - } | ||
215 | - | ||
216 | - deviceService.getAvailableDevices().forEach(d -> { | ||
217 | - if (!d.equals(device)) { | ||
218 | - deviceService.getPorts(d.id()).forEach(p -> { | ||
219 | - String pName = p.annotations().value(PORT_NAME); | ||
220 | - if (!p.equals(port) && vni.equals(getVniForPort(pName))) { | ||
221 | - Ip4Address hostxDpIpAddress = config.nodes().get(d.id()); | ||
222 | - | ||
223 | - Ip4Address fixedIpx = getFixedIpAddressForPort(pName); | ||
224 | - if (port.isEnabled()) { | ||
225 | - setVxLanFlowRule(vni, device.id(), hostxDpIpAddress, fixedIpx); | ||
226 | - setVxLanFlowRule(vni, d.id(), hostDpIpAddress, fixedIp); | ||
227 | - } | ||
228 | - } | ||
229 | - }); | ||
230 | - } | ||
231 | - }); | ||
232 | - } | ||
233 | - | ||
234 | - /** | ||
235 | - * Sets the flow rules between traffic from VMs in different Cnode. | ||
236 | - * | ||
237 | - * @param vni VNI | ||
238 | - * @param deviceId device ID | ||
239 | - * @param hostIp host IP of the VM | ||
240 | - * @param vmIp fixed IP of the VM | ||
241 | - */ | ||
242 | - private void setVxLanFlowRule(String vni, DeviceId deviceId, Ip4Address hostIp, | ||
243 | - Ip4Address vmIp) { | ||
244 | - TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); | ||
245 | - TrafficTreatment.Builder tBuilder = DefaultTrafficTreatment.builder(); | ||
246 | - | ||
247 | - sBuilder.matchEthType(Ethernet.TYPE_IPV4) | ||
248 | - .matchTunnelId(Long.parseLong(vni)) | ||
249 | - .matchIPDst(vmIp.toIpPrefix()); | ||
250 | - tBuilder.extension(buildNiciraExtenstion(deviceId, hostIp), deviceId) | ||
251 | - .setOutput(getTunnelPort(deviceId)); | ||
252 | - | ||
253 | - ForwardingObjective fo = DefaultForwardingObjective.builder() | ||
254 | - .withSelector(sBuilder.build()) | ||
255 | - .withTreatment(tBuilder.build()) | ||
256 | - .withPriority(SWITCHING_RULE_PRIORITY) | ||
257 | - .withFlag(ForwardingObjective.Flag.SPECIFIC) | ||
258 | - .fromApp(appId) | ||
259 | - .add(); | ||
260 | - | ||
261 | - flowObjectiveService.forward(deviceId, fo); | ||
262 | - } | ||
263 | - | ||
264 | - /** | ||
265 | - * Returns OpenstackPort object for the Port reference given. | ||
266 | - * | ||
267 | - * @param port Port object | ||
268 | - * @return OpenstackPort reference, or null when not found | ||
269 | - */ | ||
270 | - public OpenstackPort openstackPort(Port port) { | ||
271 | - String uuid = port.annotations().value(PORT_NAME).substring(3); | ||
272 | - return openstackPortList.stream().filter(p -> p.id().startsWith(uuid)) | ||
273 | - .findAny().orElse(null); | ||
274 | - } | ||
275 | - | ||
276 | - /** | ||
277 | - * Remove flows rules for the removed VM. | ||
278 | - * | ||
279 | - * @param removedPort removedport info | ||
280 | - * @param openstackPortInfoMap openstackPortInfoMap | ||
281 | - */ | ||
282 | - public void removeSwitchingRules(Port removedPort, Map<String, | ||
283 | - OpenstackPortInfo> openstackPortInfoMap) { | ||
284 | - OpenstackPortInfo openstackPortInfo = openstackPortInfoMap | ||
285 | - .get(removedPort.annotations().value(PORT_NAME)); | ||
286 | - | ||
287 | - DeviceId deviceId = openstackPortInfo.deviceId(); | ||
288 | - Ip4Address vmIp = openstackPortInfo.ip(); | ||
289 | - PortNumber portNumber = removedPort.number(); | ||
290 | - long vni = openstackPortInfo.vni(); | ||
291 | - | ||
292 | - removeFlowRuleForTunnelTag(deviceId, portNumber); | ||
293 | - removeFlowRuleForVMsInSameCnode(deviceId, vmIp, vni); | ||
294 | - removeFlowRuleForVMsInDiffrentCnode(removedPort, deviceId, vmIp, vni, openstackPortInfoMap); | ||
295 | - } | ||
296 | - | ||
297 | - /** | ||
298 | - * Removes flow rules for tagging tunnelId. | ||
299 | - * | ||
300 | - * @param deviceId device id | ||
301 | - * @param portNumber port number | ||
302 | - */ | ||
303 | - private void removeFlowRuleForTunnelTag(DeviceId deviceId, PortNumber portNumber) { | ||
304 | - TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); | ||
305 | - TrafficTreatment.Builder tBuilder = DefaultTrafficTreatment.builder(); | ||
306 | - | ||
307 | - sBuilder.matchEthType(Ethernet.TYPE_IPV4) | ||
308 | - .matchInPort(portNumber); | ||
309 | - | ||
310 | - ForwardingObjective fo = DefaultForwardingObjective.builder() | ||
311 | - .withSelector(sBuilder.build()) | ||
312 | - .withTreatment(tBuilder.build()) | ||
313 | - .withPriority(TUNNELTAG_RULE_PRIORITY) | ||
314 | - .withFlag(ForwardingObjective.Flag.SPECIFIC) | ||
315 | - .fromApp(appId) | ||
316 | - .remove(); | ||
317 | - | ||
318 | - flowObjectiveService.forward(deviceId, fo); | ||
319 | - } | ||
320 | - | ||
321 | - /** | ||
322 | - * Removes the flow rules for traffic between VMs in the same Cnode. | ||
323 | - * | ||
324 | - * @param deviceId device id on which removed VM was run | ||
325 | - * @param vmIp ip of the removed VM | ||
326 | - * @param vni vni which removed VM was belonged | ||
327 | - */ | ||
328 | - private void removeFlowRuleForVMsInSameCnode(DeviceId deviceId, Ip4Address vmIp, long vni) { | ||
329 | - TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); | ||
330 | - | ||
331 | - sBuilder.matchEthType(Ethernet.TYPE_IPV4) | ||
332 | - .matchIPDst(vmIp.toIpPrefix()) | ||
333 | - .matchTunnelId(vni); | ||
334 | - | ||
335 | - ForwardingObjective fo = DefaultForwardingObjective.builder() | ||
336 | - .withSelector(sBuilder.build()) | ||
337 | - .withTreatment(DefaultTrafficTreatment.builder().build()) | ||
338 | - .withFlag(ForwardingObjective.Flag.SPECIFIC) | ||
339 | - .withPriority(SWITCHING_RULE_PRIORITY) | ||
340 | - .fromApp(appId) | ||
341 | - .remove(); | ||
342 | - | ||
343 | - flowObjectiveService.forward(deviceId, fo); | ||
344 | - } | ||
345 | - | ||
346 | - /** | ||
347 | - * Removes the flow rules for traffic between VMs in the different Cnode. | ||
348 | - * | ||
349 | - * @param removedPort removedport info | ||
350 | - * @param deviceId device id on which removed VM was run | ||
351 | - * @param vmIp ip of the removed VM | ||
352 | - * @param vni vni which removed VM was belonged | ||
353 | - * @param openstackPortInfoMap openstackPortInfoMap | ||
354 | - */ | ||
355 | - private void removeFlowRuleForVMsInDiffrentCnode(Port removedPort, DeviceId deviceId, Ip4Address vmIp, | ||
356 | - long vni, Map<String, OpenstackPortInfo> openstackPortInfoMap) { | ||
357 | - | ||
358 | - final boolean anyPortRemainedInSameCnode | ||
359 | - = checkIfAnyPortRemainedInSameCnode(removedPort, deviceId, vni, openstackPortInfoMap); | ||
360 | - | ||
361 | - openstackPortInfoMap.forEach((port, portInfo) -> { | ||
362 | - if (portInfo.vni() == vni && !portInfo.deviceId().equals(deviceId)) { | ||
363 | - removeVxLanFlowRule(portInfo.deviceId(), vmIp, vni); | ||
364 | - if (!anyPortRemainedInSameCnode) { | ||
365 | - removeVxLanFlowRule(deviceId, portInfo.ip(), vni); | ||
366 | - } | ||
367 | - } | ||
368 | - }); | ||
369 | - } | ||
370 | - | ||
371 | - /** | ||
372 | - * Removes the flow rules between traffic from VMs in different Cnode. | ||
373 | - * | ||
374 | - * @param deviceId device id | ||
375 | - * @param vmIp ip | ||
376 | - * @param vni vni which removed VM was belonged | ||
377 | - */ | ||
378 | - private void removeVxLanFlowRule(DeviceId deviceId, Ip4Address vmIp, long vni) { | ||
379 | - TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); | ||
380 | - | ||
381 | - sBuilder.matchEthType(Ethernet.TYPE_IPV4) | ||
382 | - .matchTunnelId(vni) | ||
383 | - .matchIPDst(vmIp.toIpPrefix()); | ||
384 | - | ||
385 | - ForwardingObjective fo = DefaultForwardingObjective.builder() | ||
386 | - .withSelector(sBuilder.build()) | ||
387 | - .withTreatment(DefaultTrafficTreatment.builder().build()) | ||
388 | - .withFlag(ForwardingObjective.Flag.SPECIFIC) | ||
389 | - .withPriority(SWITCHING_RULE_PRIORITY) | ||
390 | - .fromApp(appId) | ||
391 | - .remove(); | ||
392 | - | ||
393 | - flowObjectiveService.forward(deviceId, fo); | ||
394 | - } | ||
395 | - | ||
396 | - /** | ||
397 | - * Checks if there is any port remained with same vni at the device, on which the removed VM was run. | ||
398 | - * | ||
399 | - * @param removedPort removedport info | ||
400 | - * @param deviceId device id on which removed VM was run | ||
401 | - * @param vni vni which removed VM was belonged | ||
402 | - * @param openstackPortInfoMap openstackPortInfoMap | ||
403 | - * @return true if there is, false otherwise | ||
404 | - */ | ||
405 | - private boolean checkIfAnyPortRemainedInSameCnode(Port removedPort, DeviceId deviceId, long vni, | ||
406 | - Map<String, OpenstackPortInfo> openstackPortInfoMap) { | ||
407 | - | ||
408 | - for (Map.Entry<String, OpenstackPortInfo> entry : openstackPortInfoMap.entrySet()) { | ||
409 | - if (!removedPort.annotations().value(PORT_NAME).equals(entry.getKey())) { | ||
410 | - if (entry.getValue().vni() == vni && entry.getValue().deviceId().equals(deviceId)) { | ||
411 | - return true; | ||
412 | - } | ||
413 | - } | ||
414 | - } | ||
415 | - return false; | ||
416 | - } | ||
417 | - | ||
418 | - /** | ||
419 | - * Returns the VNI of the VM of the port. | ||
420 | - * | ||
421 | - * @param portName VM port | ||
422 | - * @return VNI | ||
423 | - */ | ||
424 | - private String getVniForPort(String portName) { | ||
425 | - String uuid = portName.substring(3); | ||
426 | - OpenstackPort port = openstackPortList.stream() | ||
427 | - .filter(p -> p.id().startsWith(uuid)) | ||
428 | - .findAny().orElse(null); | ||
429 | - if (port == null) { | ||
430 | - log.debug("No port information for port {}", portName); | ||
431 | - return null; | ||
432 | - } | ||
433 | - | ||
434 | - OpenstackNetwork network = openstackNetworkList.stream() | ||
435 | - .filter(n -> n.id().equals(port.networkId())) | ||
436 | - .findAny().orElse(null); | ||
437 | - if (network == null) { | ||
438 | - log.warn("No VNI information for network {}", port.networkId()); | ||
439 | - return null; | ||
440 | - } | ||
441 | - | ||
442 | - return network.segmentId(); | ||
443 | - } | ||
444 | - | ||
445 | - /** | ||
446 | - * Returns the Fixed IP address of the VM. | ||
447 | - * | ||
448 | - * @param portName VM port info | ||
449 | - * @return IP address of the VM | ||
450 | - */ | ||
451 | - private Ip4Address getFixedIpAddressForPort(String portName) { | ||
452 | - | ||
453 | - String uuid = portName.substring(3); | ||
454 | - OpenstackPort port = openstackPortList.stream() | ||
455 | - .filter(p -> p.id().startsWith(uuid)) | ||
456 | - .findFirst().orElse(null); | ||
457 | - | ||
458 | - if (port == null) { | ||
459 | - log.error("There is no port information for port name {}", portName); | ||
460 | - return null; | ||
461 | - } | ||
462 | - | ||
463 | - if (port.fixedIps().isEmpty()) { | ||
464 | - log.error("There is no fixed IP info in the port information"); | ||
465 | - return null; | ||
466 | - } | ||
467 | - | ||
468 | - return (Ip4Address) port.fixedIps().values().toArray()[0]; | ||
469 | - } | ||
470 | - | ||
471 | - private ExtensionTreatment buildNiciraExtenstion(DeviceId id, Ip4Address hostIp) { | ||
472 | - Driver driver = driverService.getDriver(id); | ||
473 | - DriverHandler driverHandler = new DefaultDriverHandler(new DefaultDriverData(driver, id)); | ||
474 | - ExtensionTreatmentResolver resolver = driverHandler.behaviour(ExtensionTreatmentResolver.class); | ||
475 | - | ||
476 | - ExtensionTreatment extensionInstruction = | ||
477 | - resolver.getExtensionInstruction( | ||
478 | - ExtensionTreatmentType.ExtensionTreatmentTypes.NICIRA_SET_TUNNEL_DST.type()); | ||
479 | - | ||
480 | - try { | ||
481 | - extensionInstruction.setPropertyValue(TUNNEL_DST, hostIp); | ||
482 | - } catch (ExtensionPropertyException e) { | ||
483 | - log.error("Error setting Nicira extension setting {}", e); | ||
484 | - } | ||
485 | - | ||
486 | - return extensionInstruction; | ||
487 | - } | ||
488 | - | ||
489 | - private PortNumber getTunnelPort(DeviceId deviceId) { | ||
490 | - Port port = deviceService.getPorts(deviceId).stream() | ||
491 | - .filter(p -> p.annotations().value(PORT_NAME).equals( | ||
492 | - OpenstackSwitchingManager.PORTNAME_PREFIX_TUNNEL)) | ||
493 | - .findAny().orElse(null); | ||
494 | - | ||
495 | - if (port == null) { | ||
496 | - log.error("No TunnelPort was created."); | ||
497 | - return null; | ||
498 | - } | ||
499 | - return port.number(); | ||
500 | - } | ||
501 | - | ||
502 | -} |
... | @@ -29,11 +29,10 @@ | ... | @@ -29,11 +29,10 @@ |
29 | <packaging>pom</packaging> | 29 | <packaging>pom</packaging> |
30 | 30 | ||
31 | <modules> | 31 | <modules> |
32 | - <module>app</module> | ||
33 | - <module>web</module> | ||
34 | <module>api</module> | 32 | <module>api</module> |
35 | - <module>openstackswitching</module> | 33 | + <module>web</module> |
36 | - <module>openstackrouting</module> | 34 | + <module>switching</module> |
35 | + <module>routing</module> | ||
37 | </modules> | 36 | </modules> |
38 | 37 | ||
39 | <description>SONA Openstack Networking Application</description> | 38 | <description>SONA Openstack Networking Application</description> | ... | ... |
... | @@ -4,12 +4,13 @@ COMPILE_DEPS = [ | ... | @@ -4,12 +4,13 @@ COMPILE_DEPS = [ |
4 | '//apps/openstackinterface/api:onos-apps-openstackinterface-api', | 4 | '//apps/openstackinterface/api:onos-apps-openstackinterface-api', |
5 | '//apps/openstacknetworking/api:onos-apps-openstacknetworking-api', | 5 | '//apps/openstacknetworking/api:onos-apps-openstacknetworking-api', |
6 | '//apps/scalablegateway:onos-apps-scalablegateway', | 6 | '//apps/scalablegateway:onos-apps-scalablegateway', |
7 | + '//apps/openstacknode:onos-apps-openstacknode', | ||
7 | ] | 8 | ] |
8 | 9 | ||
9 | BUNDLES = [ | 10 | BUNDLES = [ |
10 | - '//apps/openstackinterface/api:onos-apps-openstackinterface-api', | ||
11 | '//apps/openstacknetworking/api:onos-apps-openstacknetworking-api', | 11 | '//apps/openstacknetworking/api:onos-apps-openstacknetworking-api', |
12 | - '//apps/openstacknetworking/openstackrouting:onos-apps-openstacknetworking-openstackrouting', | 12 | + '//apps/openstacknetworking/web:onos-apps-openstacknetworking-web', |
13 | + '//apps/openstacknetworking/routing:onos-apps-openstacknetworking-routing', | ||
13 | ] | 14 | ] |
14 | 15 | ||
15 | osgi_jar_with_tests ( | 16 | osgi_jar_with_tests ( |
... | @@ -17,9 +18,11 @@ osgi_jar_with_tests ( | ... | @@ -17,9 +18,11 @@ osgi_jar_with_tests ( |
17 | ) | 18 | ) |
18 | 19 | ||
19 | onos_app ( | 20 | onos_app ( |
21 | + app_name = 'org.onosproject.openstackrouting', | ||
20 | title = 'OpenStack Routing App', | 22 | title = 'OpenStack Routing App', |
21 | category = 'Utility', | 23 | category = 'Utility', |
22 | url = 'http://onosproject.org', | 24 | url = 'http://onosproject.org', |
23 | description = 'OpenStack routing application.', | 25 | description = 'OpenStack routing application.', |
24 | included_bundles = BUNDLES, | 26 | included_bundles = BUNDLES, |
27 | + required_apps = [ 'org.onosproject.openstackinterface', 'org.onosproject.openstacknode', 'org.onosproject.scalablegateway' ] | ||
25 | ) | 28 | ) | ... | ... |
... | @@ -20,5 +20,6 @@ | ... | @@ -20,5 +20,6 @@ |
20 | <feature>onos-api</feature> | 20 | <feature>onos-api</feature> |
21 | <bundle>mvn:${project.groupId}/onos-app-openstacknetworking-api/${project.version}</bundle> | 21 | <bundle>mvn:${project.groupId}/onos-app-openstacknetworking-api/${project.version}</bundle> |
22 | <bundle>mvn:${project.groupId}/onos-app-openstacknetworking-web/${project.version}</bundle> | 22 | <bundle>mvn:${project.groupId}/onos-app-openstacknetworking-web/${project.version}</bundle> |
23 | + <bundle>mvn:${project.groupId}/onos-app-openstackrouting/${project.version}</bundle> | ||
23 | </feature> | 24 | </feature> |
24 | </features> | 25 | </features> | ... | ... |
... | @@ -28,6 +28,17 @@ | ... | @@ -28,6 +28,17 @@ |
28 | <artifactId>onos-app-openstackrouting</artifactId> | 28 | <artifactId>onos-app-openstackrouting</artifactId> |
29 | <packaging>bundle</packaging> | 29 | <packaging>bundle</packaging> |
30 | 30 | ||
31 | + <properties> | ||
32 | + <onos.app.name>org.onosproject.openstackrouting</onos.app.name> | ||
33 | + <onos.app.title>Openstack Switching App</onos.app.title> | ||
34 | + <onos.app.category>Traffic Steering</onos.app.category> | ||
35 | + <onos.app.url>http://onosproject.org</onos.app.url> | ||
36 | + <onos.app.requires> | ||
37 | + org.onosproject.openstackinterface, | ||
38 | + org.onosproject.openstacknode | ||
39 | + </onos.app.requires> | ||
40 | + </properties> | ||
41 | + | ||
31 | <dependencies> | 42 | <dependencies> |
32 | <dependency> | 43 | <dependency> |
33 | <groupId>org.osgi</groupId> | 44 | <groupId>org.osgi</groupId> | ... | ... |
... | @@ -3,14 +3,14 @@ COMPILE_DEPS = [ | ... | @@ -3,14 +3,14 @@ COMPILE_DEPS = [ |
3 | '//core/store/serializers:onos-core-serializers', | 3 | '//core/store/serializers:onos-core-serializers', |
4 | '//apps/openstackinterface/api:onos-apps-openstackinterface-api', | 4 | '//apps/openstackinterface/api:onos-apps-openstackinterface-api', |
5 | '//apps/openstacknetworking/api:onos-apps-openstacknetworking-api', | 5 | '//apps/openstacknetworking/api:onos-apps-openstacknetworking-api', |
6 | + '//apps/openstacknode:onos-apps-openstacknode', | ||
6 | '//apps/dhcp/api:onos-apps-dhcp-api', | 7 | '//apps/dhcp/api:onos-apps-dhcp-api', |
7 | ] | 8 | ] |
8 | 9 | ||
9 | BUNDLES = [ | 10 | BUNDLES = [ |
10 | - '//apps/openstackinterface/api:onos-apps-openstackinterface-api', | ||
11 | '//apps/openstacknetworking/api:onos-apps-openstacknetworking-api', | 11 | '//apps/openstacknetworking/api:onos-apps-openstacknetworking-api', |
12 | - '//apps/openstacknetworking/openstackswitching:onos-apps-openstacknetworking-openstackswitching', | 12 | + '//apps/openstacknetworking/web:onos-apps-openstacknetworking-web', |
13 | - '//apps/dhcp/api:onos-apps-dhcp-api', | 13 | + '//apps/openstacknetworking/switching:onos-apps-openstacknetworking-switching', |
14 | ] | 14 | ] |
15 | 15 | ||
16 | osgi_jar_with_tests ( | 16 | osgi_jar_with_tests ( |
... | @@ -18,9 +18,11 @@ osgi_jar_with_tests ( | ... | @@ -18,9 +18,11 @@ osgi_jar_with_tests ( |
18 | ) | 18 | ) |
19 | 19 | ||
20 | onos_app ( | 20 | onos_app ( |
21 | + app_name = 'org.onosproject.openstackswitching', | ||
21 | title = 'OpenStack Switching App', | 22 | title = 'OpenStack Switching App', |
22 | category = 'Utility', | 23 | category = 'Utility', |
23 | url = 'http://onosproject.org', | 24 | url = 'http://onosproject.org', |
24 | description = 'OpenStack Switching application.', | 25 | description = 'OpenStack Switching application.', |
25 | included_bundles = BUNDLES, | 26 | included_bundles = BUNDLES, |
27 | + required_apps = [ 'org.onosproject.openstackinterface', 'org.onosproject.openstacknode', 'org.onosproject.dhcp' ] | ||
26 | ) | 28 | ) | ... | ... |
... | @@ -19,6 +19,7 @@ | ... | @@ -19,6 +19,7 @@ |
19 | description="${project.description}"> | 19 | description="${project.description}"> |
20 | <feature>onos-api</feature> | 20 | <feature>onos-api</feature> |
21 | <bundle>mvn:${project.groupId}/onos-app-openstacknetworking-api/${project.version}</bundle> | 21 | <bundle>mvn:${project.groupId}/onos-app-openstacknetworking-api/${project.version}</bundle> |
22 | + <bundle>mvn:${project.groupId}/onos-app-openstacknetworking-web/${project.version}</bundle> | ||
22 | <bundle>mvn:${project.groupId}/onos-app-openstackswitching/${project.version}</bundle> | 23 | <bundle>mvn:${project.groupId}/onos-app-openstackswitching/${project.version}</bundle> |
23 | </feature> | 24 | </feature> |
24 | </features> | 25 | </features> | ... | ... |
... | @@ -28,8 +28,24 @@ | ... | @@ -28,8 +28,24 @@ |
28 | <artifactId>onos-app-openstackswitching</artifactId> | 28 | <artifactId>onos-app-openstackswitching</artifactId> |
29 | <packaging>bundle</packaging> | 29 | <packaging>bundle</packaging> |
30 | 30 | ||
31 | + <properties> | ||
32 | + <onos.app.name>org.onosproject.openstackswitching</onos.app.name> | ||
33 | + <onos.app.title>Openstack Switching App</onos.app.title> | ||
34 | + <onos.app.category>Traffic Steering</onos.app.category> | ||
35 | + <onos.app.url>http://onosproject.org</onos.app.url> | ||
36 | + <onos.app.requires> | ||
37 | + org.onosproject.dhcp, | ||
38 | + org.onosproject.openstackinterface, | ||
39 | + org.onosproject.openstacknode | ||
40 | + </onos.app.requires> | ||
41 | + </properties> | ||
42 | + | ||
31 | <dependencies> | 43 | <dependencies> |
32 | <dependency> | 44 | <dependency> |
45 | + <groupId>org.osgi</groupId> | ||
46 | + <artifactId>org.osgi.compendium</artifactId> | ||
47 | + </dependency> | ||
48 | + <dependency> | ||
33 | <groupId>org.onosproject</groupId> | 49 | <groupId>org.onosproject</groupId> |
34 | <artifactId>onos-app-openstacknetworking-api</artifactId> | 50 | <artifactId>onos-app-openstacknetworking-api</artifactId> |
35 | <version>${project.version}</version> | 51 | <version>${project.version}</version> |
... | @@ -41,6 +57,11 @@ | ... | @@ -41,6 +57,11 @@ |
41 | </dependency> | 57 | </dependency> |
42 | <dependency> | 58 | <dependency> |
43 | <groupId>org.onosproject</groupId> | 59 | <groupId>org.onosproject</groupId> |
60 | + <artifactId>onos-app-openstacknode</artifactId> | ||
61 | + <version>${project.version}</version> | ||
62 | + </dependency> | ||
63 | + <dependency> | ||
64 | + <groupId>org.onosproject</groupId> | ||
44 | <artifactId>onos-app-dhcp</artifactId> | 65 | <artifactId>onos-app-dhcp</artifactId> |
45 | <version>${project.version}</version> | 66 | <version>${project.version}</version> |
46 | </dependency> | 67 | </dependency> | ... | ... |
1 | +/* | ||
2 | + * Copyright 2016-present Open Networking Laboratory | ||
3 | + * | ||
4 | + * Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | + * you may not use this file except in compliance with the License. | ||
6 | + * You may obtain a copy of the License at | ||
7 | + * | ||
8 | + * http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | + * | ||
10 | + * Unless required by applicable law or agreed to in writing, software | ||
11 | + * distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | + * See the License for the specific language governing permissions and | ||
14 | + * limitations under the License. | ||
15 | + */ | ||
16 | +package org.onosproject.openstacknetworking.switching; | ||
17 | + | ||
18 | +import org.onlab.osgi.DefaultServiceDirectory; | ||
19 | +import org.onlab.osgi.ServiceDirectory; | ||
20 | +import org.onlab.packet.Ip4Address; | ||
21 | +import org.onlab.util.Tools; | ||
22 | +import org.onosproject.core.ApplicationId; | ||
23 | +import org.onosproject.core.CoreService; | ||
24 | +import org.onosproject.mastership.MastershipService; | ||
25 | +import org.onosproject.net.Host; | ||
26 | +import org.onosproject.net.host.HostEvent; | ||
27 | +import org.onosproject.net.host.HostListener; | ||
28 | +import org.onosproject.net.host.HostService; | ||
29 | +import org.slf4j.Logger; | ||
30 | + | ||
31 | +import java.util.Objects; | ||
32 | +import java.util.Optional; | ||
33 | +import java.util.Set; | ||
34 | +import java.util.concurrent.ExecutorService; | ||
35 | +import java.util.stream.Collectors; | ||
36 | + | ||
37 | +import static java.util.concurrent.Executors.newSingleThreadScheduledExecutor; | ||
38 | +import static org.onlab.util.Tools.groupedThreads; | ||
39 | +import static org.onosproject.openstacknetworking.switching.Constants.*; | ||
40 | +import static org.slf4j.LoggerFactory.getLogger; | ||
41 | + | ||
42 | +/** | ||
43 | + * Provides abstract virtual machine handler. | ||
44 | + */ | ||
45 | +public abstract class AbstractVmHandler { | ||
46 | + protected final Logger log = getLogger(getClass()); | ||
47 | + | ||
48 | + protected final ExecutorService eventExecutor = newSingleThreadScheduledExecutor( | ||
49 | + groupedThreads(this.getClass().getSimpleName(), "event-handler")); | ||
50 | + | ||
51 | + protected CoreService coreService; | ||
52 | + protected MastershipService mastershipService; | ||
53 | + protected HostService hostService; | ||
54 | + | ||
55 | + protected ApplicationId appId; | ||
56 | + protected HostListener hostListener = new InternalHostListener(); | ||
57 | + | ||
58 | + protected void activate() { | ||
59 | + ServiceDirectory services = new DefaultServiceDirectory(); | ||
60 | + coreService = services.get(CoreService.class); | ||
61 | + mastershipService = services.get(MastershipService.class); | ||
62 | + hostService = services.get(HostService.class); | ||
63 | + | ||
64 | + appId = coreService.registerApplication(Constants.APP_ID); | ||
65 | + hostService.addListener(hostListener); | ||
66 | + | ||
67 | + log.info("Started"); | ||
68 | + } | ||
69 | + | ||
70 | + protected void deactivate() { | ||
71 | + hostService.removeListener(hostListener); | ||
72 | + eventExecutor.shutdown(); | ||
73 | + | ||
74 | + log.info("Stopped"); | ||
75 | + } | ||
76 | + | ||
77 | + abstract void hostDetected(Host host); | ||
78 | + | ||
79 | + abstract void hostRemoved(Host host); | ||
80 | + | ||
81 | + protected boolean isValidHost(Host host) { | ||
82 | + return !host.ipAddresses().isEmpty() && | ||
83 | + host.annotations().value(VXLAN_ID) != null && | ||
84 | + host.annotations().value(NETWORK_ID) != null && | ||
85 | + host.annotations().value(TENANT_ID) != null && | ||
86 | + host.annotations().value(PORT_ID) != null; | ||
87 | + } | ||
88 | + | ||
89 | + protected Set<Host> getVmsInDifferentCnode(Host host) { | ||
90 | + return Tools.stream(hostService.getHosts()) | ||
91 | + .filter(h -> !h.location().deviceId().equals(host.location().deviceId())) | ||
92 | + .filter(this::isValidHost) | ||
93 | + .filter(h -> Objects.equals(getVni(h), getVni(host))) | ||
94 | + .collect(Collectors.toSet()); | ||
95 | + } | ||
96 | + | ||
97 | + protected Optional<Host> getVmByPortId(String portId) { | ||
98 | + return Tools.stream(hostService.getHosts()) | ||
99 | + .filter(this::isValidHost) | ||
100 | + .filter(host -> host.annotations().value(PORT_ID).equals(portId)) | ||
101 | + .findFirst(); | ||
102 | + } | ||
103 | + | ||
104 | + protected Ip4Address getIp(Host host) { | ||
105 | + return host.ipAddresses().stream().findFirst().get().getIp4Address(); | ||
106 | + } | ||
107 | + | ||
108 | + protected String getVni(Host host) { | ||
109 | + return host.annotations().value(VXLAN_ID); | ||
110 | + } | ||
111 | + | ||
112 | + protected String getTenantId(Host host) { | ||
113 | + return host.annotations().value(TENANT_ID); | ||
114 | + } | ||
115 | + | ||
116 | + private class InternalHostListener implements HostListener { | ||
117 | + | ||
118 | + @Override | ||
119 | + public void event(HostEvent event) { | ||
120 | + Host host = event.subject(); | ||
121 | + if (!mastershipService.isLocalMaster(host.location().deviceId())) { | ||
122 | + // do not allow to proceed without mastership | ||
123 | + return; | ||
124 | + } | ||
125 | + | ||
126 | + if (!isValidHost(host)) { | ||
127 | + log.debug("Invalid host event, ignore it {}", host); | ||
128 | + return; | ||
129 | + } | ||
130 | + | ||
131 | + switch (event.type()) { | ||
132 | + case HOST_UPDATED: | ||
133 | + case HOST_ADDED: | ||
134 | + eventExecutor.execute(() -> hostDetected(host)); | ||
135 | + break; | ||
136 | + case HOST_REMOVED: | ||
137 | + eventExecutor.execute(() -> hostRemoved(host)); | ||
138 | + break; | ||
139 | + default: | ||
140 | + break; | ||
141 | + } | ||
142 | + } | ||
143 | + } | ||
144 | +} |
1 | +/* | ||
2 | + * Copyright 2016-present Open Networking Laboratory | ||
3 | + * | ||
4 | + * Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | + * you may not use this file except in compliance with the License. | ||
6 | + * You may obtain a copy of the License at | ||
7 | + * | ||
8 | + * http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | + * | ||
10 | + * Unless required by applicable law or agreed to in writing, software | ||
11 | + * distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | + * See the License for the specific language governing permissions and | ||
14 | + * limitations under the License. | ||
15 | + */ | ||
16 | +package org.onosproject.openstacknetworking.switching; | ||
17 | + | ||
18 | +import org.onlab.packet.Ip4Address; | ||
19 | +import org.onlab.packet.Ip4Prefix; | ||
20 | +import org.onlab.packet.IpPrefix; | ||
21 | + | ||
22 | +/** | ||
23 | + * Provides constants used in OpenStack node services. | ||
24 | + */ | ||
25 | +public final class Constants { | ||
26 | + | ||
27 | + private Constants() { | ||
28 | + } | ||
29 | + | ||
30 | + public static final String APP_ID = "org.onosproject.openstackswitching"; | ||
31 | + | ||
32 | + public static final String PORTNAME_PREFIX_VM = "tap"; | ||
33 | + public static final String PORTNAME_PREFIX_ROUTER = "qr-"; | ||
34 | + public static final String PORTNAME_PREFIX_TUNNEL = "vxlan"; | ||
35 | + | ||
36 | + // TODO remove this | ||
37 | + public static final String ROUTER_INTERFACE = "network:router_interface"; | ||
38 | + public static final String DEVICE_OWNER_GATEWAY = "network:router_gateway"; | ||
39 | + | ||
40 | + public static final Ip4Address DNS_SERVER_IP = Ip4Address.valueOf("8.8.8.8"); | ||
41 | + public static final IpPrefix IP_PREFIX_ANY = Ip4Prefix.valueOf("0.0.0.0/0"); | ||
42 | + public static final int DHCP_INFINITE_LEASE = -1; | ||
43 | + | ||
44 | + public static final String NETWORK_ID = "networkId"; | ||
45 | + public static final String PORT_ID = "portId"; | ||
46 | + public static final String VXLAN_ID = "vxlanId"; | ||
47 | + public static final String TENANT_ID = "tenantId"; | ||
48 | + public static final String GATEWAY_IP = "gatewayIp"; | ||
49 | + public static final String CREATE_TIME = "createTime"; | ||
50 | + | ||
51 | + public static final int SWITCHING_RULE_PRIORITY = 30000; | ||
52 | + public static final int TUNNELTAG_RULE_PRIORITY = 30000; | ||
53 | + public static final int ACL_RULE_PRIORITY = 30000; | ||
54 | +} | ||
... | \ No newline at end of file | ... | \ No newline at end of file |
1 | +/* | ||
2 | +* Copyright 2016-present Open Networking Laboratory | ||
3 | +* | ||
4 | +* Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | +* you may not use this file except in compliance with the License. | ||
6 | +* You may obtain a copy of the License at | ||
7 | +* | ||
8 | +* http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | +* | ||
10 | +* Unless required by applicable law or agreed to in writing, software | ||
11 | +* distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | +* See the License for the specific language governing permissions and | ||
14 | +* limitations under the License. | ||
15 | +*/ | ||
16 | +package org.onosproject.openstacknetworking.switching; | ||
17 | + | ||
18 | +import com.google.common.base.Strings; | ||
19 | +import com.google.common.collect.Sets; | ||
20 | +import org.apache.felix.scr.annotations.Activate; | ||
21 | +import org.apache.felix.scr.annotations.Component; | ||
22 | +import org.apache.felix.scr.annotations.Deactivate; | ||
23 | +import org.apache.felix.scr.annotations.Modified; | ||
24 | +import org.apache.felix.scr.annotations.Property; | ||
25 | +import org.apache.felix.scr.annotations.Reference; | ||
26 | +import org.apache.felix.scr.annotations.ReferenceCardinality; | ||
27 | +import org.onlab.packet.ARP; | ||
28 | +import org.onlab.packet.Ethernet; | ||
29 | +import org.onlab.packet.Ip4Address; | ||
30 | +import org.onlab.packet.IpAddress; | ||
31 | +import org.onlab.packet.MacAddress; | ||
32 | +import org.onlab.util.Tools; | ||
33 | +import org.onosproject.net.Host; | ||
34 | +import org.onosproject.net.flow.DefaultTrafficTreatment; | ||
35 | +import org.onosproject.net.flow.TrafficTreatment; | ||
36 | +import org.onosproject.net.packet.DefaultOutboundPacket; | ||
37 | +import org.onosproject.net.packet.PacketContext; | ||
38 | +import org.onosproject.net.packet.PacketProcessor; | ||
39 | +import org.onosproject.net.packet.PacketService; | ||
40 | +import org.onosproject.openstackinterface.OpenstackInterfaceService; | ||
41 | +import org.onosproject.openstackinterface.OpenstackNetwork; | ||
42 | +import org.onosproject.openstackinterface.OpenstackPort; | ||
43 | +import org.osgi.service.component.ComponentContext; | ||
44 | +import org.slf4j.Logger; | ||
45 | +import org.slf4j.LoggerFactory; | ||
46 | +import java.nio.ByteBuffer; | ||
47 | +import java.util.Dictionary; | ||
48 | +import java.util.Set; | ||
49 | + | ||
50 | +import static com.google.common.base.Preconditions.checkNotNull; | ||
51 | +import static org.onosproject.openstacknetworking.switching.Constants.*; | ||
52 | + | ||
53 | +/** | ||
54 | + * Handles ARP packet from VMs. | ||
55 | + */ | ||
56 | +@Component(immediate = true) | ||
57 | +public final class OpenstackArpHandler extends AbstractVmHandler { | ||
58 | + | ||
59 | + private final Logger log = LoggerFactory.getLogger(getClass()); | ||
60 | + | ||
61 | + private static final String GATEWAY_MAC = "gatewayMac"; | ||
62 | + private static final String DEFAULT_GATEWAY_MAC = "1f:1f:1f:1f:1f:1f"; | ||
63 | + | ||
64 | + @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
65 | + protected PacketService packetService; | ||
66 | + | ||
67 | + @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
68 | + protected OpenstackInterfaceService openstackService; | ||
69 | + | ||
70 | + @Property(name = GATEWAY_MAC, value = DEFAULT_GATEWAY_MAC, | ||
71 | + label = "Fake MAC address for virtual network subnet gateway") | ||
72 | + private String gatewayMac = DEFAULT_GATEWAY_MAC; | ||
73 | + | ||
74 | + private final InternalPacketProcessor packetProcessor = new InternalPacketProcessor(); | ||
75 | + private final Set<Ip4Address> gateways = Sets.newConcurrentHashSet(); | ||
76 | + | ||
77 | + @Activate | ||
78 | + protected void activate() { | ||
79 | + packetService.addProcessor(packetProcessor, PacketProcessor.director(0)); | ||
80 | + super.activate(); | ||
81 | + } | ||
82 | + | ||
83 | + @Deactivate | ||
84 | + protected void deactivate() { | ||
85 | + packetService.removeProcessor(packetProcessor); | ||
86 | + super.deactivate(); | ||
87 | + } | ||
88 | + | ||
89 | + @Modified | ||
90 | + protected void modified(ComponentContext context) { | ||
91 | + Dictionary<?, ?> properties = context.getProperties(); | ||
92 | + String updatedMac; | ||
93 | + | ||
94 | + updatedMac = Tools.get(properties, GATEWAY_MAC); | ||
95 | + if (!Strings.isNullOrEmpty(updatedMac) && !updatedMac.equals(gatewayMac)) { | ||
96 | + gatewayMac = updatedMac; | ||
97 | + } | ||
98 | + | ||
99 | + log.info("Modified"); | ||
100 | + } | ||
101 | + | ||
102 | + /** | ||
103 | + * Processes ARP request packets. | ||
104 | + * It checks if the target IP is owned by a known host first and then ask to | ||
105 | + * OpenStack if it's not. This ARP proxy does not support overlapping IP. | ||
106 | + * | ||
107 | + * @param context packet context | ||
108 | + * @param ethPacket ethernet packet | ||
109 | + */ | ||
110 | + private void processPacketIn(PacketContext context, Ethernet ethPacket) { | ||
111 | + ARP arpPacket = (ARP) ethPacket.getPayload(); | ||
112 | + if (arpPacket.getOpCode() != ARP.OP_REQUEST) { | ||
113 | + return; | ||
114 | + } | ||
115 | + | ||
116 | + Ip4Address targetIp = Ip4Address.valueOf(arpPacket.getTargetProtocolAddress()); | ||
117 | + MacAddress replyMac = gateways.contains(targetIp) ? MacAddress.valueOf(gatewayMac) : | ||
118 | + getMacFromHostService(targetIp); | ||
119 | + if (replyMac.equals(MacAddress.NONE)) { | ||
120 | + replyMac = getMacFromOpenstack(targetIp); | ||
121 | + } | ||
122 | + | ||
123 | + if (replyMac == MacAddress.NONE) { | ||
124 | + log.debug("Failed to find MAC address for {}", targetIp.toString()); | ||
125 | + return; | ||
126 | + } | ||
127 | + | ||
128 | + Ethernet ethReply = ARP.buildArpReply( | ||
129 | + targetIp.getIp4Address(), | ||
130 | + replyMac, | ||
131 | + ethPacket); | ||
132 | + | ||
133 | + TrafficTreatment treatment = DefaultTrafficTreatment.builder() | ||
134 | + .setOutput(context.inPacket().receivedFrom().port()) | ||
135 | + .build(); | ||
136 | + | ||
137 | + packetService.emit(new DefaultOutboundPacket( | ||
138 | + context.inPacket().receivedFrom().deviceId(), | ||
139 | + treatment, | ||
140 | + ByteBuffer.wrap(ethReply.serialize()))); | ||
141 | + } | ||
142 | + | ||
143 | + /** | ||
144 | + * Returns MAC address of a host with a given target IP address by asking to | ||
145 | + * OpenStack. It does not support overlapping IP. | ||
146 | + * | ||
147 | + * @param targetIp target ip address | ||
148 | + * @return mac address, or null if it fails to fetch the mac | ||
149 | + */ | ||
150 | + private MacAddress getMacFromOpenstack(IpAddress targetIp) { | ||
151 | + checkNotNull(targetIp); | ||
152 | + | ||
153 | + OpenstackPort openstackPort = openstackService.ports() | ||
154 | + .stream() | ||
155 | + .filter(port -> port.fixedIps().containsValue(targetIp.getIp4Address())) | ||
156 | + .findFirst() | ||
157 | + .orElse(null); | ||
158 | + | ||
159 | + if (openstackPort != null) { | ||
160 | + log.debug("Found MAC from OpenStack for {}", targetIp.toString()); | ||
161 | + return openstackPort.macAddress(); | ||
162 | + } else { | ||
163 | + return MacAddress.NONE; | ||
164 | + } | ||
165 | + } | ||
166 | + | ||
167 | + /** | ||
168 | + * Returns MAC address of a host with a given target IP address by asking to | ||
169 | + * host service. It does not support overlapping IP. | ||
170 | + * | ||
171 | + * @param targetIp target ip | ||
172 | + * @return mac address, or null if it fails to find the mac | ||
173 | + */ | ||
174 | + private MacAddress getMacFromHostService(IpAddress targetIp) { | ||
175 | + checkNotNull(targetIp); | ||
176 | + | ||
177 | + Host host = hostService.getHostsByIp(targetIp) | ||
178 | + .stream() | ||
179 | + .findFirst() | ||
180 | + .orElse(null); | ||
181 | + | ||
182 | + if (host != null) { | ||
183 | + log.debug("Found MAC from host service for {}", targetIp.toString()); | ||
184 | + return host.mac(); | ||
185 | + } else { | ||
186 | + return MacAddress.NONE; | ||
187 | + } | ||
188 | + } | ||
189 | + | ||
190 | + @Override | ||
191 | + protected void hostDetected(Host host) { | ||
192 | + OpenstackNetwork osNet = openstackService.network(host.annotations().value(NETWORK_ID)); | ||
193 | + if (osNet == null) { | ||
194 | + log.warn("Failed to get OpenStack network for {}", host); | ||
195 | + return; | ||
196 | + } | ||
197 | + osNet.subnets().stream() | ||
198 | + .forEach(subnet -> gateways.add(Ip4Address.valueOf(subnet.gatewayIp()))); | ||
199 | + } | ||
200 | + | ||
201 | + @Override | ||
202 | + protected void hostRemoved(Host host) { | ||
203 | + // TODO remove subnet gateway from gateways if no hosts exists on that subnet | ||
204 | + } | ||
205 | + | ||
206 | + private class InternalPacketProcessor implements PacketProcessor { | ||
207 | + | ||
208 | + @Override | ||
209 | + public void process(PacketContext context) { | ||
210 | + if (context.isHandled()) { | ||
211 | + return; | ||
212 | + } | ||
213 | + | ||
214 | + Ethernet ethPacket = context.inPacket().parsed(); | ||
215 | + if (ethPacket == null || ethPacket.getEtherType() != Ethernet.TYPE_ARP) { | ||
216 | + return; | ||
217 | + } | ||
218 | + processPacketIn(context, ethPacket); | ||
219 | + } | ||
220 | + } | ||
221 | +} |
1 | +/* | ||
2 | +* Copyright 2016-present Open Networking Laboratory | ||
3 | +* | ||
4 | +* Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | +* you may not use this file except in compliance with the License. | ||
6 | +* You may obtain a copy of the License at | ||
7 | +* | ||
8 | +* http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | +* | ||
10 | +* Unless required by applicable law or agreed to in writing, software | ||
11 | +* distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | +* See the License for the specific language governing permissions and | ||
14 | +* limitations under the License. | ||
15 | +*/ | ||
16 | + | ||
17 | +package org.onosproject.openstacknetworking.switching; | ||
18 | + | ||
19 | +import com.google.common.collect.Maps; | ||
20 | +import com.google.common.collect.Sets; | ||
21 | +import org.apache.felix.scr.annotations.Activate; | ||
22 | +import org.apache.felix.scr.annotations.Component; | ||
23 | +import org.apache.felix.scr.annotations.Deactivate; | ||
24 | +import org.apache.felix.scr.annotations.Reference; | ||
25 | +import org.apache.felix.scr.annotations.ReferenceCardinality; | ||
26 | +import org.onlab.packet.Ethernet; | ||
27 | +import org.onlab.packet.IPv4; | ||
28 | +import org.onlab.packet.Ip4Address; | ||
29 | +import org.onlab.packet.IpPrefix; | ||
30 | +import org.onlab.packet.TpPort; | ||
31 | +import org.onlab.util.Tools; | ||
32 | +import org.onosproject.net.DeviceId; | ||
33 | +import org.onosproject.net.Host; | ||
34 | +import org.onosproject.net.flow.DefaultTrafficSelector; | ||
35 | +import org.onosproject.net.flow.DefaultTrafficTreatment; | ||
36 | +import org.onosproject.net.flow.TrafficSelector; | ||
37 | +import org.onosproject.net.flowobjective.DefaultForwardingObjective; | ||
38 | +import org.onosproject.net.flowobjective.FlowObjectiveService; | ||
39 | +import org.onosproject.net.flowobjective.ForwardingObjective; | ||
40 | +import org.onosproject.openstackinterface.OpenstackInterfaceService; | ||
41 | +import org.onosproject.openstackinterface.OpenstackPort; | ||
42 | +import org.onosproject.openstackinterface.OpenstackSecurityGroup; | ||
43 | +import org.onosproject.openstackinterface.OpenstackSecurityGroupRule; | ||
44 | +import org.slf4j.Logger; | ||
45 | +import org.slf4j.LoggerFactory; | ||
46 | + | ||
47 | +import java.util.Map; | ||
48 | +import java.util.Objects; | ||
49 | +import java.util.Optional; | ||
50 | +import java.util.Set; | ||
51 | +import java.util.stream.Collectors; | ||
52 | + | ||
53 | +import static org.onosproject.openstacknetworking.switching.Constants.*; | ||
54 | + | ||
55 | +/** | ||
56 | + * Populates flows rules for Security Groups of VMs. | ||
57 | + * | ||
58 | + */ | ||
59 | +@Component(immediate = true) | ||
60 | +public class OpenstackSecurityGroupRulePopulator extends AbstractVmHandler { | ||
61 | + | ||
62 | + private final Logger log = LoggerFactory.getLogger(getClass()); | ||
63 | + | ||
64 | + @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
65 | + protected OpenstackInterfaceService openstackService; | ||
66 | + | ||
67 | + @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
68 | + protected FlowObjectiveService flowObjectiveService; | ||
69 | + | ||
70 | + private static final String PROTO_ICMP = "ICMP"; | ||
71 | + private static final String PROTO_TCP = "TCP"; | ||
72 | + private static final String PROTO_UDP = "UDP"; | ||
73 | + private static final String ETHTYPE_IPV4 = "IPV4"; | ||
74 | + | ||
75 | + private final Map<Host, Set<SecurityGroupRule>> securityGroupRuleMap = Maps.newConcurrentMap(); | ||
76 | + | ||
77 | + @Activate | ||
78 | + protected void activate() { | ||
79 | + super.activate(); | ||
80 | + } | ||
81 | + | ||
82 | + @Deactivate | ||
83 | + protected void deactivate() { | ||
84 | + super.deactivate(); | ||
85 | + } | ||
86 | + | ||
87 | + // TODO call this when port is updated from OpenStack | ||
88 | + public void updateSecurityGroup(OpenstackPort osPort) { | ||
89 | + if (!osPort.status().equals(OpenstackPort.PortStatus.ACTIVE)) { | ||
90 | + return; | ||
91 | + } | ||
92 | + | ||
93 | + Optional<Host> host = getVmByPortId(osPort.id()); | ||
94 | + if (!host.isPresent()) { | ||
95 | + log.warn("No host found with {}", osPort); | ||
96 | + return; | ||
97 | + } | ||
98 | + eventExecutor.execute(() -> updateSecurityGroupRules(host.get(), true)); | ||
99 | + } | ||
100 | + | ||
101 | + /** | ||
102 | + * Populates security group rules for all VMs in the supplied tenant ID. | ||
103 | + * VMs in the same tenant tend to be engaged to each other by sharing the | ||
104 | + * same security groups or setting the remote to another security group. | ||
105 | + * To make the implementation simpler and robust, it tries to reinstall | ||
106 | + * security group rules for all the VMs in the same tenant whenever a new | ||
107 | + * VM is detected or port is updated. | ||
108 | + * | ||
109 | + * @param tenantId tenant id to update security group rules | ||
110 | + */ | ||
111 | + private void populateSecurityGroupRules(String tenantId, boolean install) { | ||
112 | + securityGroupRuleMap.entrySet().stream() | ||
113 | + .filter(entry -> getTenantId(entry.getKey()).equals(tenantId)) | ||
114 | + .forEach(entry -> { | ||
115 | + Host local = entry.getKey(); | ||
116 | + entry.getValue().stream().forEach(sgRule -> { | ||
117 | + setSecurityGroupRule(local.location().deviceId(), | ||
118 | + sgRule.rule(), | ||
119 | + getIp(local), | ||
120 | + sgRule.remoteIp(), install); | ||
121 | + }); | ||
122 | + }); | ||
123 | + log.debug("Updated security group rules for {}", tenantId); | ||
124 | + } | ||
125 | + | ||
126 | + private void setSecurityGroupRule(DeviceId deviceId, OpenstackSecurityGroupRule sgRule, | ||
127 | + Ip4Address vmIp, IpPrefix remoteIp, | ||
128 | + boolean install) { | ||
129 | + ForwardingObjective.Builder foBuilder = buildFlowObjective(sgRule, vmIp, remoteIp); | ||
130 | + if (foBuilder == null) { | ||
131 | + return; | ||
132 | + } | ||
133 | + | ||
134 | + if (install) { | ||
135 | + flowObjectiveService.forward(deviceId, foBuilder.add()); | ||
136 | + } else { | ||
137 | + flowObjectiveService.forward(deviceId, foBuilder.remove()); | ||
138 | + } | ||
139 | + } | ||
140 | + | ||
141 | + private ForwardingObjective.Builder buildFlowObjective(OpenstackSecurityGroupRule sgRule, | ||
142 | + Ip4Address vmIp, | ||
143 | + IpPrefix remoteIp) { | ||
144 | + if (remoteIp != null && remoteIp.equals(IpPrefix.valueOf(vmIp, 32))) { | ||
145 | + // do nothing if the remote IP is my IP | ||
146 | + return null; | ||
147 | + } | ||
148 | + | ||
149 | + TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); | ||
150 | + buildMatchs(sBuilder, sgRule, vmIp, remoteIp); | ||
151 | + | ||
152 | + return DefaultForwardingObjective.builder() | ||
153 | + .withSelector(sBuilder.build()) | ||
154 | + .withTreatment(DefaultTrafficTreatment.builder().build()) | ||
155 | + .withPriority(ACL_RULE_PRIORITY) | ||
156 | + .withFlag(ForwardingObjective.Flag.SPECIFIC) | ||
157 | + .fromApp(appId); | ||
158 | + } | ||
159 | + | ||
160 | + private void buildMatchs(TrafficSelector.Builder sBuilder, OpenstackSecurityGroupRule sgRule, | ||
161 | + Ip4Address vmIp, IpPrefix remoteIp) { | ||
162 | + buildMatchEthType(sBuilder, sgRule.ethertype()); | ||
163 | + buildMatchDirection(sBuilder, sgRule.direction(), vmIp); | ||
164 | + buildMatchProto(sBuilder, sgRule.protocol()); | ||
165 | + buildMatchPort(sBuilder, sgRule.protocol(), sgRule.direction(), | ||
166 | + sgRule.portRangeMax(), sgRule.portRangeMin()); | ||
167 | + buildMatchRemoteIp(sBuilder, remoteIp, sgRule.direction()); | ||
168 | + } | ||
169 | + | ||
170 | + private void buildMatchDirection(TrafficSelector.Builder sBuilder, | ||
171 | + OpenstackSecurityGroupRule.Direction direction, | ||
172 | + Ip4Address vmIp) { | ||
173 | + if (direction.equals(OpenstackSecurityGroupRule.Direction.EGRESS)) { | ||
174 | + sBuilder.matchIPSrc(IpPrefix.valueOf(vmIp, 32)); | ||
175 | + } else { | ||
176 | + sBuilder.matchIPDst(IpPrefix.valueOf(vmIp, 32)); | ||
177 | + } | ||
178 | + } | ||
179 | + | ||
180 | + private void buildMatchEthType(TrafficSelector.Builder sBuilder, String etherType) { | ||
181 | + // Either IpSrc or IpDst (or both) is set by default, and we need to set EthType as IPv4. | ||
182 | + sBuilder.matchEthType(Ethernet.TYPE_IPV4); | ||
183 | + if (etherType != null && !Objects.equals(etherType, "null") && | ||
184 | + !etherType.toUpperCase().equals(ETHTYPE_IPV4)) { | ||
185 | + log.debug("EthType {} is not supported yet in Security Group", etherType); | ||
186 | + } | ||
187 | + } | ||
188 | + | ||
189 | + private void buildMatchRemoteIp(TrafficSelector.Builder sBuilder, IpPrefix remoteIpPrefix, | ||
190 | + OpenstackSecurityGroupRule.Direction direction) { | ||
191 | + if (remoteIpPrefix != null && !remoteIpPrefix.getIp4Prefix().equals(IP_PREFIX_ANY)) { | ||
192 | + if (direction.equals(OpenstackSecurityGroupRule.Direction.EGRESS)) { | ||
193 | + sBuilder.matchIPDst(remoteIpPrefix); | ||
194 | + } else { | ||
195 | + sBuilder.matchIPSrc(remoteIpPrefix); | ||
196 | + } | ||
197 | + } | ||
198 | + } | ||
199 | + | ||
200 | + private void buildMatchProto(TrafficSelector.Builder sBuilder, String protocol) { | ||
201 | + if (protocol != null) { | ||
202 | + switch (protocol.toUpperCase()) { | ||
203 | + case PROTO_ICMP: | ||
204 | + sBuilder.matchIPProtocol(IPv4.PROTOCOL_ICMP); | ||
205 | + break; | ||
206 | + case PROTO_TCP: | ||
207 | + sBuilder.matchIPProtocol(IPv4.PROTOCOL_TCP); | ||
208 | + break; | ||
209 | + case PROTO_UDP: | ||
210 | + sBuilder.matchIPProtocol(IPv4.PROTOCOL_UDP); | ||
211 | + break; | ||
212 | + default: | ||
213 | + } | ||
214 | + } | ||
215 | + } | ||
216 | + | ||
217 | + private void buildMatchPort(TrafficSelector.Builder sBuilder, String protocol, | ||
218 | + OpenstackSecurityGroupRule.Direction direction, | ||
219 | + int portMin, int portMax) { | ||
220 | + if (portMin > 0 && portMax > 0 && portMin == portMax) { | ||
221 | + if (protocol.toUpperCase().equals(PROTO_TCP)) { | ||
222 | + if (direction.equals(OpenstackSecurityGroupRule.Direction.EGRESS)) { | ||
223 | + sBuilder.matchTcpDst(TpPort.tpPort(portMax)); | ||
224 | + } else { | ||
225 | + sBuilder.matchTcpSrc(TpPort.tpPort(portMax)); | ||
226 | + } | ||
227 | + } else if (protocol.toUpperCase().equals(PROTO_UDP)) { | ||
228 | + if (direction.equals(OpenstackSecurityGroupRule.Direction.EGRESS)) { | ||
229 | + sBuilder.matchUdpDst(TpPort.tpPort(portMax)); | ||
230 | + } else { | ||
231 | + sBuilder.matchUdpSrc(TpPort.tpPort(portMax)); | ||
232 | + } | ||
233 | + } | ||
234 | + } | ||
235 | + } | ||
236 | + | ||
237 | + private void updateSecurityGroupRulesMap(Host host) { | ||
238 | + OpenstackPort osPort = openstackService.port(host.annotations().value(PORT_ID)); | ||
239 | + if (osPort == null) { | ||
240 | + log.debug("Failed to get OpenStack port information for {}", host); | ||
241 | + return; | ||
242 | + } | ||
243 | + | ||
244 | + Set<SecurityGroupRule> rules = Sets.newHashSet(); | ||
245 | + osPort.securityGroups().stream().forEach(sgId -> { | ||
246 | + OpenstackSecurityGroup osSecGroup = openstackService.securityGroup(sgId); | ||
247 | + if (osSecGroup != null) { | ||
248 | + osSecGroup.rules().stream().forEach(rule -> rules.addAll(getSgRules(rule))); | ||
249 | + } else { | ||
250 | + // TODO handle the case that the security group removed | ||
251 | + log.warn("Failed to get security group {}", sgId); | ||
252 | + } | ||
253 | + }); | ||
254 | + securityGroupRuleMap.put(host, rules); | ||
255 | + } | ||
256 | + | ||
257 | + /** | ||
258 | + * Returns set of security group rules with individual remote IP by | ||
259 | + * converting remote group to actual IP address. | ||
260 | + * | ||
261 | + * @param sgRule security group rule | ||
262 | + * @return set of security group rules | ||
263 | + */ | ||
264 | + private Set<SecurityGroupRule> getSgRules(OpenstackSecurityGroupRule sgRule) { | ||
265 | + Set<SecurityGroupRule> sgRules = Sets.newHashSet(); | ||
266 | + if (sgRule.remoteGroupId() != null && !sgRule.remoteGroupId().equals("null")) { | ||
267 | + sgRules = getRemoteIps(sgRule.tenantId(), sgRule.remoteGroupId()) | ||
268 | + .stream() | ||
269 | + .map(remoteIp -> new SecurityGroupRule(sgRule, remoteIp)) | ||
270 | + .collect(Collectors.toSet()); | ||
271 | + } else { | ||
272 | + sgRules.add(new SecurityGroupRule(sgRule, sgRule.remoteIpPrefix())); | ||
273 | + } | ||
274 | + return sgRules; | ||
275 | + } | ||
276 | + | ||
277 | + /** | ||
278 | + * Returns a set of host IP addresses engaged with supplied security group ID. | ||
279 | + * It only searches a VM in the same tenant boundary. | ||
280 | + * | ||
281 | + * @param tenantId tenant id | ||
282 | + * @param sgId security group id | ||
283 | + * @return set of ip addresses in ip prefix format | ||
284 | + */ | ||
285 | + private Set<IpPrefix> getRemoteIps(String tenantId, String sgId) { | ||
286 | + Set<IpPrefix> remoteIps = Sets.newHashSet(); | ||
287 | + securityGroupRuleMap.entrySet().stream() | ||
288 | + .filter(entry -> Objects.equals(getTenantId(entry.getKey()), tenantId)) | ||
289 | + .forEach(entry -> { | ||
290 | + if (entry.getValue().stream() | ||
291 | + .anyMatch(rule -> rule.rule().secuityGroupId().equals(sgId))) { | ||
292 | + remoteIps.add(IpPrefix.valueOf(getIp(entry.getKey()), 32)); | ||
293 | + } | ||
294 | + }); | ||
295 | + return remoteIps; | ||
296 | + } | ||
297 | + | ||
298 | + private void updateSecurityGroupRules(Host host, boolean isHostAdded) { | ||
299 | + String tenantId = getTenantId(host); | ||
300 | + populateSecurityGroupRules(tenantId, false); | ||
301 | + | ||
302 | + if (isHostAdded) { | ||
303 | + updateSecurityGroupRulesMap(host); | ||
304 | + } else { | ||
305 | + securityGroupRuleMap.remove(host); | ||
306 | + } | ||
307 | + | ||
308 | + Tools.stream(hostService.getHosts()) | ||
309 | + .filter(h -> Objects.equals(getTenantId(h), getTenantId(host))) | ||
310 | + .forEach(this::updateSecurityGroupRulesMap); | ||
311 | + | ||
312 | + populateSecurityGroupRules(tenantId, true); | ||
313 | + } | ||
314 | + | ||
315 | + @Override | ||
316 | + protected void hostDetected(Host host) { | ||
317 | + updateSecurityGroupRules(host, true); | ||
318 | + log.info("Applied security group rules for {}", host); | ||
319 | + } | ||
320 | + | ||
321 | + @Override | ||
322 | + protected void hostRemoved(Host host) { | ||
323 | + updateSecurityGroupRules(host, false); | ||
324 | + log.info("Applied security group rules for {}", host); | ||
325 | + } | ||
326 | + | ||
327 | + private final class SecurityGroupRule { | ||
328 | + private final OpenstackSecurityGroupRule rule; | ||
329 | + private final IpPrefix remoteIp; | ||
330 | + | ||
331 | + private SecurityGroupRule(OpenstackSecurityGroupRule rule, IpPrefix remoteIp) { | ||
332 | + this.rule = rule; | ||
333 | + this.remoteIp = remoteIp; | ||
334 | + } | ||
335 | + | ||
336 | + private OpenstackSecurityGroupRule rule() { | ||
337 | + return rule; | ||
338 | + } | ||
339 | + | ||
340 | + private IpPrefix remoteIp() { | ||
341 | + return remoteIp; | ||
342 | + } | ||
343 | + | ||
344 | + @Override | ||
345 | + public boolean equals(Object obj) { | ||
346 | + if (this == obj) { | ||
347 | + return true; | ||
348 | + } | ||
349 | + | ||
350 | + if (obj instanceof SecurityGroupRule) { | ||
351 | + SecurityGroupRule that = (SecurityGroupRule) obj; | ||
352 | + if (Objects.equals(rule, that.rule) && | ||
353 | + Objects.equals(remoteIp, that.remoteIp)) { | ||
354 | + return true; | ||
355 | + } | ||
356 | + } | ||
357 | + return false; | ||
358 | + } | ||
359 | + | ||
360 | + @Override | ||
361 | + public int hashCode() { | ||
362 | + return Objects.hash(rule, remoteIp); | ||
363 | + } | ||
364 | + } | ||
365 | +} |
1 | +/* | ||
2 | + * Copyright 2016-present Open Networking Laboratory | ||
3 | + * | ||
4 | + * Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | + * you may not use this file except in compliance with the License. | ||
6 | + * You may obtain a copy of the License at | ||
7 | + * | ||
8 | + * http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | + * | ||
10 | + * Unless required by applicable law or agreed to in writing, software | ||
11 | + * distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | + * See the License for the specific language governing permissions and | ||
14 | + * limitations under the License. | ||
15 | + */ | ||
16 | +package org.onosproject.openstacknetworking.switching; | ||
17 | + | ||
18 | +import com.google.common.base.Strings; | ||
19 | +import com.google.common.collect.Maps; | ||
20 | +import com.google.common.collect.Sets; | ||
21 | +import org.apache.felix.scr.annotations.Activate; | ||
22 | +import org.apache.felix.scr.annotations.Component; | ||
23 | +import org.apache.felix.scr.annotations.Deactivate; | ||
24 | +import org.apache.felix.scr.annotations.Reference; | ||
25 | +import org.apache.felix.scr.annotations.ReferenceCardinality; | ||
26 | +import org.apache.felix.scr.annotations.Service; | ||
27 | +import org.onlab.packet.Ip4Address; | ||
28 | +import org.onlab.packet.IpPrefix; | ||
29 | +import org.onlab.packet.VlanId; | ||
30 | +import org.onlab.util.Tools; | ||
31 | +import org.onosproject.core.CoreService; | ||
32 | +import org.onosproject.dhcp.DhcpService; | ||
33 | +import org.onosproject.dhcp.IpAssignment; | ||
34 | +import org.onosproject.mastership.MastershipService; | ||
35 | +import org.onosproject.net.ConnectPoint; | ||
36 | +import org.onosproject.net.DefaultAnnotations; | ||
37 | +import org.onosproject.net.Device; | ||
38 | +import org.onosproject.net.Host; | ||
39 | +import org.onosproject.net.HostId; | ||
40 | +import org.onosproject.net.HostLocation; | ||
41 | +import org.onosproject.net.Port; | ||
42 | +import org.onosproject.net.device.DeviceEvent; | ||
43 | +import org.onosproject.net.device.DeviceListener; | ||
44 | +import org.onosproject.net.device.DeviceService; | ||
45 | +import org.onosproject.net.host.DefaultHostDescription; | ||
46 | +import org.onosproject.net.host.HostDescription; | ||
47 | +import org.onosproject.net.host.HostProvider; | ||
48 | +import org.onosproject.net.host.HostProviderRegistry; | ||
49 | +import org.onosproject.net.host.HostProviderService; | ||
50 | +import org.onosproject.net.host.HostService; | ||
51 | +import org.onosproject.net.provider.AbstractProvider; | ||
52 | +import org.onosproject.net.provider.ProviderId; | ||
53 | +import org.onosproject.openstackinterface.OpenstackInterfaceService; | ||
54 | +import org.onosproject.openstackinterface.OpenstackNetwork; | ||
55 | +import org.onosproject.openstackinterface.OpenstackPort; | ||
56 | +import org.onosproject.openstackinterface.OpenstackSubnet; | ||
57 | +import org.onosproject.openstacknetworking.OpenstackPortInfo; | ||
58 | +import org.onosproject.openstacknetworking.OpenstackSwitchingService; | ||
59 | +import org.slf4j.Logger; | ||
60 | +import org.slf4j.LoggerFactory; | ||
61 | + | ||
62 | +import java.util.Date; | ||
63 | +import java.util.Map; | ||
64 | +import java.util.concurrent.ExecutorService; | ||
65 | +import java.util.concurrent.Executors; | ||
66 | + | ||
67 | +import static org.onlab.util.Tools.groupedThreads; | ||
68 | +import static org.onosproject.dhcp.IpAssignment.AssignmentStatus.Option_RangeNotEnforced; | ||
69 | + | ||
70 | +import static com.google.common.base.Preconditions.checkArgument; | ||
71 | +import static com.google.common.base.Preconditions.checkNotNull; | ||
72 | +import static org.onosproject.net.AnnotationKeys.PORT_NAME; | ||
73 | +import static org.onosproject.openstacknetworking.switching.Constants.*; | ||
74 | + | ||
75 | +@Service | ||
76 | +@Component(immediate = true) | ||
77 | +/** | ||
78 | + * Populates forwarding rules for VMs created by Openstack. | ||
79 | + */ | ||
80 | +public final class OpenstackSwitchingManager extends AbstractProvider | ||
81 | + implements OpenstackSwitchingService, HostProvider { | ||
82 | + | ||
83 | + private final Logger log = LoggerFactory.getLogger(getClass()); | ||
84 | + | ||
85 | + @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
86 | + protected CoreService coreService; | ||
87 | + | ||
88 | + @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
89 | + protected DeviceService deviceService; | ||
90 | + | ||
91 | + @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
92 | + protected HostProviderRegistry hostProviderRegistry; | ||
93 | + | ||
94 | + @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
95 | + protected DhcpService dhcpService; | ||
96 | + | ||
97 | + @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
98 | + protected HostService hostService; | ||
99 | + | ||
100 | + @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
101 | + protected MastershipService mastershipService; | ||
102 | + | ||
103 | + @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
104 | + protected OpenstackInterfaceService openstackService; | ||
105 | + | ||
106 | + private final ExecutorService deviceEventExecutor = | ||
107 | + Executors.newSingleThreadExecutor(groupedThreads("onos/openstackswitching", "device-event")); | ||
108 | + private final ExecutorService configEventExecutor = | ||
109 | + Executors.newSingleThreadExecutor(groupedThreads("onos/openstackswitching", "config-event")); | ||
110 | + private final InternalDeviceListener internalDeviceListener = new InternalDeviceListener(); | ||
111 | + | ||
112 | + private HostProviderService hostProvider; | ||
113 | + | ||
114 | + /** | ||
115 | + * Creates OpenStack switching host provider. | ||
116 | + */ | ||
117 | + public OpenstackSwitchingManager() { | ||
118 | + super(new ProviderId("host", APP_ID)); | ||
119 | + } | ||
120 | + | ||
121 | + @Activate | ||
122 | + protected void activate() { | ||
123 | + coreService.registerApplication(APP_ID); | ||
124 | + deviceService.addListener(internalDeviceListener); | ||
125 | + hostProvider = hostProviderRegistry.register(this); | ||
126 | + | ||
127 | + log.info("Started"); | ||
128 | + } | ||
129 | + | ||
130 | + @Deactivate | ||
131 | + protected void deactivate() { | ||
132 | + hostProviderRegistry.unregister(this); | ||
133 | + deviceService.removeListener(internalDeviceListener); | ||
134 | + | ||
135 | + deviceEventExecutor.shutdown(); | ||
136 | + configEventExecutor.shutdown(); | ||
137 | + | ||
138 | + log.info("Stopped"); | ||
139 | + } | ||
140 | + | ||
141 | + @Override | ||
142 | + public void triggerProbe(Host host) { | ||
143 | + // no probe is required | ||
144 | + } | ||
145 | + | ||
146 | + @Override | ||
147 | + // TODO remove this and openstackPortInfo | ||
148 | + public Map<String, OpenstackPortInfo> openstackPortInfo() { | ||
149 | + Map<String, OpenstackPortInfo> portInfoMap = Maps.newHashMap(); | ||
150 | + | ||
151 | + Tools.stream(hostService.getHosts()).filter(this::isValidHost).forEach(host -> { | ||
152 | + Port port = deviceService.getPort( | ||
153 | + host.location().deviceId(), | ||
154 | + host.location().port()); | ||
155 | + | ||
156 | + OpenstackPortInfo portInfo = OpenstackPortInfo.builder() | ||
157 | + .setDeviceId(host.location().deviceId()) | ||
158 | + .setHostMac(host.mac()) | ||
159 | + .setNetworkId(host.annotations().value(NETWORK_ID)) | ||
160 | + .setGatewayIP(Ip4Address.valueOf(host.annotations().value(GATEWAY_IP))) | ||
161 | + .setVni(Long.valueOf(host.annotations().value(VXLAN_ID))) | ||
162 | + .setHostIp(host.ipAddresses().stream().findFirst().get().getIp4Address()) | ||
163 | + .build(); | ||
164 | + | ||
165 | + portInfoMap.put(port.annotations().value(PORT_NAME), portInfo); | ||
166 | + }); | ||
167 | + | ||
168 | + return portInfoMap; | ||
169 | + } | ||
170 | + | ||
171 | + // TODO remove this and openstackPortInfo | ||
172 | + private boolean isValidHost(Host host) { | ||
173 | + return !host.ipAddresses().isEmpty() && | ||
174 | + host.annotations().value(VXLAN_ID) != null && | ||
175 | + host.annotations().value(NETWORK_ID) != null && | ||
176 | + host.annotations().value(TENANT_ID) != null && | ||
177 | + host.annotations().value(GATEWAY_IP) != null && | ||
178 | + host.annotations().value(PORT_ID) != null; | ||
179 | + } | ||
180 | + | ||
181 | + private void processPortAdded(Port port) { | ||
182 | + OpenstackPort osPort = openstackService.port(port); | ||
183 | + if (osPort == null) { | ||
184 | + log.warn("Failed to get OpenStack port for {}", port); | ||
185 | + return; | ||
186 | + } | ||
187 | + | ||
188 | + OpenstackNetwork osNet = openstackService.network(osPort.networkId()); | ||
189 | + if (osNet == null) { | ||
190 | + log.warn("Failed to get OpenStack network {}", | ||
191 | + osPort.networkId()); | ||
192 | + return; | ||
193 | + } | ||
194 | + | ||
195 | + registerDhcpInfo(osPort); | ||
196 | + ConnectPoint connectPoint = new ConnectPoint(port.element().id(), port.number()); | ||
197 | + // TODO remove this and openstackPortInfo | ||
198 | + String gatewayIp = osNet.subnets().stream().findFirst().get().gatewayIp(); | ||
199 | + | ||
200 | + // Added CREATE_TIME intentionally to trigger HOST_UPDATED event for the | ||
201 | + // existing instances. | ||
202 | + DefaultAnnotations.Builder annotations = DefaultAnnotations.builder() | ||
203 | + .set(NETWORK_ID, osPort.networkId()) | ||
204 | + .set(PORT_ID, osPort.id()) | ||
205 | + .set(VXLAN_ID, osNet.segmentId()) | ||
206 | + .set(TENANT_ID, osNet.tenantId()) | ||
207 | + // TODO remove this and openstackPortInfo | ||
208 | + .set(GATEWAY_IP, gatewayIp) | ||
209 | + .set(CREATE_TIME, String.valueOf(System.currentTimeMillis())); | ||
210 | + | ||
211 | + HostDescription hostDesc = new DefaultHostDescription( | ||
212 | + osPort.macAddress(), | ||
213 | + VlanId.NONE, | ||
214 | + new HostLocation(connectPoint, System.currentTimeMillis()), | ||
215 | + Sets.newHashSet(osPort.fixedIps().values()), | ||
216 | + annotations.build()); | ||
217 | + | ||
218 | + HostId hostId = HostId.hostId(osPort.macAddress()); | ||
219 | + hostProvider.hostDetected(hostId, hostDesc, false); | ||
220 | + } | ||
221 | + | ||
222 | + private void processPortRemoved(Port port) { | ||
223 | + ConnectPoint connectPoint = new ConnectPoint(port.element().id(), port.number()); | ||
224 | + hostService.getConnectedHosts(connectPoint).stream() | ||
225 | + .forEach(host -> { | ||
226 | + dhcpService.removeStaticMapping(host.mac()); | ||
227 | + hostProvider.hostVanished(host.id()); | ||
228 | + }); | ||
229 | + } | ||
230 | + | ||
231 | + private void registerDhcpInfo(OpenstackPort openstackPort) { | ||
232 | + checkNotNull(openstackPort); | ||
233 | + checkArgument(!openstackPort.fixedIps().isEmpty()); | ||
234 | + | ||
235 | + OpenstackSubnet openstackSubnet = openstackService.subnets().stream() | ||
236 | + .filter(n -> n.networkId().equals(openstackPort.networkId())) | ||
237 | + .findFirst().orElse(null); | ||
238 | + if (openstackSubnet == null) { | ||
239 | + log.warn("Failed to find subnet for {}", openstackPort); | ||
240 | + return; | ||
241 | + } | ||
242 | + | ||
243 | + Ip4Address ipAddress = openstackPort.fixedIps().values().stream().findFirst().get(); | ||
244 | + IpPrefix subnetPrefix = IpPrefix.valueOf(openstackSubnet.cidr()); | ||
245 | + Ip4Address broadcast = Ip4Address.makeMaskedAddress( | ||
246 | + ipAddress, | ||
247 | + subnetPrefix.prefixLength()); | ||
248 | + | ||
249 | + // TODO: supports multiple DNS servers | ||
250 | + Ip4Address domainServer = openstackSubnet.dnsNameservers().isEmpty() ? | ||
251 | + DNS_SERVER_IP : openstackSubnet.dnsNameservers().get(0); | ||
252 | + | ||
253 | + IpAssignment ipAssignment = IpAssignment.builder() | ||
254 | + .ipAddress(ipAddress) | ||
255 | + .leasePeriod(DHCP_INFINITE_LEASE) | ||
256 | + .timestamp(new Date()) | ||
257 | + .subnetMask(Ip4Address.makeMaskPrefix(subnetPrefix.prefixLength())) | ||
258 | + .broadcast(broadcast) | ||
259 | + .domainServer(domainServer) | ||
260 | + .assignmentStatus(Option_RangeNotEnforced) | ||
261 | + .routerAddress(Ip4Address.valueOf(openstackSubnet.gatewayIp())) | ||
262 | + .build(); | ||
263 | + | ||
264 | + dhcpService.setStaticMapping(openstackPort.macAddress(), ipAssignment); | ||
265 | + } | ||
266 | + | ||
267 | + private class InternalDeviceListener implements DeviceListener { | ||
268 | + | ||
269 | + @Override | ||
270 | + public void event(DeviceEvent event) { | ||
271 | + Device device = event.subject(); | ||
272 | + if (!mastershipService.isLocalMaster(device.id())) { | ||
273 | + // do not allow to proceed without mastership | ||
274 | + return; | ||
275 | + } | ||
276 | + | ||
277 | + Port port = event.port(); | ||
278 | + if (port == null) { | ||
279 | + return; | ||
280 | + } | ||
281 | + | ||
282 | + String portName = port.annotations().value(PORT_NAME); | ||
283 | + if (Strings.isNullOrEmpty(portName) || | ||
284 | + !portName.startsWith(PORTNAME_PREFIX_VM)) { | ||
285 | + // handles VM connected port event only | ||
286 | + return; | ||
287 | + } | ||
288 | + | ||
289 | + switch (event.type()) { | ||
290 | + case PORT_UPDATED: | ||
291 | + if (!event.port().isEnabled()) { | ||
292 | + deviceEventExecutor.execute(() -> processPortRemoved(event.port())); | ||
293 | + } | ||
294 | + break; | ||
295 | + case PORT_ADDED: | ||
296 | + deviceEventExecutor.execute(() -> processPortAdded(event.port())); | ||
297 | + break; | ||
298 | + default: | ||
299 | + break; | ||
300 | + } | ||
301 | + } | ||
302 | + } | ||
303 | +} |
1 | +/* | ||
2 | +* Copyright 2016-present Open Networking Laboratory | ||
3 | +* | ||
4 | +* Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | +* you may not use this file except in compliance with the License. | ||
6 | +* You may obtain a copy of the License at | ||
7 | +* | ||
8 | +* http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | +* | ||
10 | +* Unless required by applicable law or agreed to in writing, software | ||
11 | +* distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | +* See the License for the specific language governing permissions and | ||
14 | +* limitations under the License. | ||
15 | +*/ | ||
16 | + | ||
17 | +package org.onosproject.openstacknetworking.switching; | ||
18 | + | ||
19 | +import org.apache.felix.scr.annotations.Activate; | ||
20 | +import org.apache.felix.scr.annotations.Component; | ||
21 | +import org.apache.felix.scr.annotations.Deactivate; | ||
22 | +import org.apache.felix.scr.annotations.Reference; | ||
23 | +import org.apache.felix.scr.annotations.ReferenceCardinality; | ||
24 | +import org.onlab.packet.Ethernet; | ||
25 | +import org.onlab.packet.Ip4Address; | ||
26 | +import org.onlab.packet.IpAddress; | ||
27 | +import org.onosproject.net.Device; | ||
28 | +import org.onosproject.net.DeviceId; | ||
29 | +import org.onosproject.net.Host; | ||
30 | +import org.onosproject.net.PortNumber; | ||
31 | +import org.onosproject.net.behaviour.ExtensionTreatmentResolver; | ||
32 | +import org.onosproject.net.device.DeviceService; | ||
33 | +import org.onosproject.net.flow.DefaultTrafficSelector; | ||
34 | +import org.onosproject.net.flow.DefaultTrafficTreatment; | ||
35 | +import org.onosproject.net.flow.TrafficSelector; | ||
36 | +import org.onosproject.net.flow.TrafficTreatment; | ||
37 | +import org.onosproject.net.flow.instructions.ExtensionTreatment; | ||
38 | +import org.onosproject.net.flow.instructions.ExtensionPropertyException; | ||
39 | +import org.onosproject.net.flowobjective.DefaultForwardingObjective; | ||
40 | +import org.onosproject.net.flowobjective.FlowObjectiveService; | ||
41 | +import org.onosproject.net.flowobjective.ForwardingObjective; | ||
42 | +import org.onosproject.openstacknode.OpenstackNodeService; | ||
43 | +import org.slf4j.Logger; | ||
44 | +import org.slf4j.LoggerFactory; | ||
45 | + | ||
46 | +import java.util.Objects; | ||
47 | +import java.util.Optional; | ||
48 | + | ||
49 | +import static org.onosproject.net.flow.instructions.ExtensionTreatmentType.ExtensionTreatmentTypes.NICIRA_SET_TUNNEL_DST; | ||
50 | +import static org.onosproject.openstacknetworking.switching.Constants.*; | ||
51 | + | ||
52 | +/** | ||
53 | + * Populates switching flow rules. | ||
54 | + */ | ||
55 | +@Component(immediate = true) | ||
56 | +public final class OpenstackSwitchingRulePopulator extends AbstractVmHandler { | ||
57 | + | ||
58 | + private final Logger log = LoggerFactory.getLogger(getClass()); | ||
59 | + | ||
60 | + @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
61 | + protected DeviceService deviceService; | ||
62 | + | ||
63 | + @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
64 | + protected FlowObjectiveService flowObjectiveService; | ||
65 | + | ||
66 | + @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY) | ||
67 | + protected OpenstackNodeService nodeService; | ||
68 | + | ||
69 | + | ||
70 | + private static final String TUNNEL_DST = "tunnelDst"; | ||
71 | + | ||
72 | + @Activate | ||
73 | + protected void activate() { | ||
74 | + super.activate(); | ||
75 | + } | ||
76 | + | ||
77 | + @Deactivate | ||
78 | + protected void deactivate() { | ||
79 | + super.deactivate(); | ||
80 | + } | ||
81 | + | ||
82 | + private void populateSwitchingRules(Host host) { | ||
83 | + populateFlowRulesForTunnelTag(host); | ||
84 | + populateFlowRulesForTrafficToSameCnode(host); | ||
85 | + populateFlowRulesForTrafficToDifferentCnode(host); | ||
86 | + | ||
87 | + log.debug("Populated switching rule for {}", host); | ||
88 | + } | ||
89 | + | ||
90 | + private void populateFlowRulesForTunnelTag(Host host) { | ||
91 | + TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); | ||
92 | + TrafficTreatment.Builder tBuilder = DefaultTrafficTreatment.builder(); | ||
93 | + | ||
94 | + sBuilder.matchEthType(Ethernet.TYPE_IPV4) | ||
95 | + .matchInPort(host.location().port()); | ||
96 | + | ||
97 | + tBuilder.setTunnelId(Long.valueOf(getVni(host))); | ||
98 | + | ||
99 | + ForwardingObjective fo = DefaultForwardingObjective.builder() | ||
100 | + .withSelector(sBuilder.build()) | ||
101 | + .withTreatment(tBuilder.build()) | ||
102 | + .withPriority(TUNNELTAG_RULE_PRIORITY) | ||
103 | + .withFlag(ForwardingObjective.Flag.SPECIFIC) | ||
104 | + .fromApp(appId) | ||
105 | + .add(); | ||
106 | + | ||
107 | + flowObjectiveService.forward(host.location().deviceId(), fo); | ||
108 | + } | ||
109 | + | ||
110 | + private void populateFlowRulesForTrafficToSameCnode(Host host) { | ||
111 | + //For L2 Switching Case | ||
112 | + TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); | ||
113 | + TrafficTreatment.Builder tBuilder = DefaultTrafficTreatment.builder(); | ||
114 | + | ||
115 | + sBuilder.matchEthType(Ethernet.TYPE_IPV4) | ||
116 | + .matchIPDst(getIp(host).toIpPrefix()) | ||
117 | + .matchTunnelId(Long.valueOf(getVni(host))); | ||
118 | + | ||
119 | + tBuilder.setOutput(host.location().port()); | ||
120 | + | ||
121 | + ForwardingObjective fo = DefaultForwardingObjective.builder() | ||
122 | + .withSelector(sBuilder.build()) | ||
123 | + .withTreatment(tBuilder.build()) | ||
124 | + .withPriority(SWITCHING_RULE_PRIORITY) | ||
125 | + .withFlag(ForwardingObjective.Flag.SPECIFIC) | ||
126 | + .fromApp(appId) | ||
127 | + .add(); | ||
128 | + | ||
129 | + flowObjectiveService.forward(host.location().deviceId(), fo); | ||
130 | + } | ||
131 | + | ||
132 | + private void populateFlowRulesForTrafficToDifferentCnode(Host host) { | ||
133 | + Ip4Address localVmIp = getIp(host); | ||
134 | + DeviceId localDeviceId = host.location().deviceId(); | ||
135 | + Optional<IpAddress> localDataIp = nodeService.dataIp(localDeviceId); | ||
136 | + | ||
137 | + if (!localDataIp.isPresent()) { | ||
138 | + log.debug("Failed to get data IP for device {}", | ||
139 | + host.location().deviceId()); | ||
140 | + return; | ||
141 | + } | ||
142 | + | ||
143 | + String vni = getVni(host); | ||
144 | + getVmsInDifferentCnode(host).forEach(remoteVm -> { | ||
145 | + Optional<IpAddress> remoteDataIp = nodeService.dataIp(remoteVm.location().deviceId()); | ||
146 | + if (remoteDataIp.isPresent()) { | ||
147 | + setVxLanFlowRule(vni, | ||
148 | + localDeviceId, | ||
149 | + remoteDataIp.get().getIp4Address(), | ||
150 | + getIp(remoteVm)); | ||
151 | + | ||
152 | + setVxLanFlowRule(vni, | ||
153 | + remoteVm.location().deviceId(), | ||
154 | + localDataIp.get().getIp4Address(), | ||
155 | + localVmIp); | ||
156 | + } | ||
157 | + }); | ||
158 | + } | ||
159 | + | ||
160 | + private void setVxLanFlowRule(String vni, DeviceId deviceId, Ip4Address remoteIp, | ||
161 | + Ip4Address vmIp) { | ||
162 | + Optional<PortNumber> tunnelPort = nodeService.tunnelPort(deviceId); | ||
163 | + if (!tunnelPort.isPresent()) { | ||
164 | + log.warn("Failed to get tunnel port from {}", deviceId); | ||
165 | + return; | ||
166 | + } | ||
167 | + | ||
168 | + TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); | ||
169 | + TrafficTreatment.Builder tBuilder = DefaultTrafficTreatment.builder(); | ||
170 | + | ||
171 | + sBuilder.matchEthType(Ethernet.TYPE_IPV4) | ||
172 | + .matchTunnelId(Long.parseLong(vni)) | ||
173 | + .matchIPDst(vmIp.toIpPrefix()); | ||
174 | + tBuilder.extension(buildNiciraExtenstion(deviceId, remoteIp), deviceId) | ||
175 | + .setOutput(tunnelPort.get()); | ||
176 | + | ||
177 | + ForwardingObjective fo = DefaultForwardingObjective.builder() | ||
178 | + .withSelector(sBuilder.build()) | ||
179 | + .withTreatment(tBuilder.build()) | ||
180 | + .withPriority(SWITCHING_RULE_PRIORITY) | ||
181 | + .withFlag(ForwardingObjective.Flag.SPECIFIC) | ||
182 | + .fromApp(appId) | ||
183 | + .add(); | ||
184 | + | ||
185 | + flowObjectiveService.forward(deviceId, fo); | ||
186 | + } | ||
187 | + | ||
188 | + private void removeSwitchingRules(Host host) { | ||
189 | + removeFlowRuleForTunnelTag(host); | ||
190 | + removeFlowRuleForVMsInSameCnode(host); | ||
191 | + removeFlowRuleForVMsInDiffrentCnode(host); | ||
192 | + | ||
193 | + log.debug("Removed switching rule for {}", host); | ||
194 | + } | ||
195 | + | ||
196 | + private void removeFlowRuleForTunnelTag(Host host) { | ||
197 | + TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); | ||
198 | + TrafficTreatment.Builder tBuilder = DefaultTrafficTreatment.builder(); | ||
199 | + | ||
200 | + sBuilder.matchEthType(Ethernet.TYPE_IPV4) | ||
201 | + .matchInPort(host.location().port()); | ||
202 | + | ||
203 | + ForwardingObjective fo = DefaultForwardingObjective.builder() | ||
204 | + .withSelector(sBuilder.build()) | ||
205 | + .withTreatment(tBuilder.build()) | ||
206 | + .withPriority(TUNNELTAG_RULE_PRIORITY) | ||
207 | + .withFlag(ForwardingObjective.Flag.SPECIFIC) | ||
208 | + .fromApp(appId) | ||
209 | + .remove(); | ||
210 | + | ||
211 | + flowObjectiveService.forward(host.location().deviceId(), fo); | ||
212 | + } | ||
213 | + | ||
214 | + private void removeFlowRuleForVMsInSameCnode(Host host) { | ||
215 | + TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); | ||
216 | + sBuilder.matchEthType(Ethernet.TYPE_IPV4) | ||
217 | + .matchIPDst(getIp(host).toIpPrefix()) | ||
218 | + .matchTunnelId(Long.valueOf(getVni(host))); | ||
219 | + | ||
220 | + ForwardingObjective fo = DefaultForwardingObjective.builder() | ||
221 | + .withSelector(sBuilder.build()) | ||
222 | + .withTreatment(DefaultTrafficTreatment.builder().build()) | ||
223 | + .withFlag(ForwardingObjective.Flag.SPECIFIC) | ||
224 | + .withPriority(SWITCHING_RULE_PRIORITY) | ||
225 | + .fromApp(appId) | ||
226 | + .remove(); | ||
227 | + | ||
228 | + flowObjectiveService.forward(host.location().deviceId(), fo); | ||
229 | + } | ||
230 | + | ||
231 | + private void removeFlowRuleForVMsInDiffrentCnode(Host host) { | ||
232 | + DeviceId deviceId = host.location().deviceId(); | ||
233 | + final boolean anyPortRemainedInSameCnode = hostService.getConnectedHosts(deviceId) | ||
234 | + .stream() | ||
235 | + .filter(this::isValidHost) | ||
236 | + .anyMatch(h -> Objects.equals(getVni(h), getVni(host))); | ||
237 | + | ||
238 | + getVmsInDifferentCnode(host).forEach(h -> { | ||
239 | + removeVxLanFlowRule(h.location().deviceId(), getIp(host), getVni(host)); | ||
240 | + if (!anyPortRemainedInSameCnode) { | ||
241 | + removeVxLanFlowRule(deviceId, getIp(h), getVni(host)); | ||
242 | + } | ||
243 | + }); | ||
244 | + } | ||
245 | + | ||
246 | + private void removeVxLanFlowRule(DeviceId deviceId, Ip4Address vmIp, String vni) { | ||
247 | + TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); | ||
248 | + | ||
249 | + sBuilder.matchEthType(Ethernet.TYPE_IPV4) | ||
250 | + .matchTunnelId(Long.valueOf(vni)) | ||
251 | + .matchIPDst(vmIp.toIpPrefix()); | ||
252 | + | ||
253 | + ForwardingObjective fo = DefaultForwardingObjective.builder() | ||
254 | + .withSelector(sBuilder.build()) | ||
255 | + .withTreatment(DefaultTrafficTreatment.builder().build()) | ||
256 | + .withFlag(ForwardingObjective.Flag.SPECIFIC) | ||
257 | + .withPriority(SWITCHING_RULE_PRIORITY) | ||
258 | + .fromApp(appId) | ||
259 | + .remove(); | ||
260 | + | ||
261 | + flowObjectiveService.forward(deviceId, fo); | ||
262 | + } | ||
263 | + | ||
264 | + private ExtensionTreatment buildNiciraExtenstion(DeviceId deviceId, Ip4Address remoteIp) { | ||
265 | + Device device = deviceService.getDevice(deviceId); | ||
266 | + if (device != null && !device.is(ExtensionTreatmentResolver.class)) { | ||
267 | + log.error("The extension treatment is not supported"); | ||
268 | + return null; | ||
269 | + } | ||
270 | + | ||
271 | + ExtensionTreatmentResolver resolver = device.as(ExtensionTreatmentResolver.class); | ||
272 | + ExtensionTreatment treatment = resolver.getExtensionInstruction(NICIRA_SET_TUNNEL_DST.type()); | ||
273 | + try { | ||
274 | + treatment.setPropertyValue(TUNNEL_DST, remoteIp); | ||
275 | + return treatment; | ||
276 | + } catch (ExtensionPropertyException e) { | ||
277 | + log.warn("Failed to get tunnelDst extension treatment for {}", deviceId); | ||
278 | + return null; | ||
279 | + } | ||
280 | + } | ||
281 | + | ||
282 | + @Override | ||
283 | + protected void hostDetected(Host host) { | ||
284 | + populateSwitchingRules(host); | ||
285 | + log.info("Added new virtual machine to switching service {}", host); | ||
286 | + } | ||
287 | + | ||
288 | + @Override | ||
289 | + protected void hostRemoved(Host host) { | ||
290 | + removeSwitchingRules(host); | ||
291 | + log.info("Removed virtual machine from switching service {}", host); | ||
292 | + } | ||
293 | +} |
... | @@ -15,16 +15,7 @@ | ... | @@ -15,16 +15,7 @@ |
15 | */ | 15 | */ |
16 | package org.onosproject.openstacknetworking.web; | 16 | package org.onosproject.openstacknetworking.web; |
17 | 17 | ||
18 | -import com.fasterxml.jackson.databind.ObjectMapper; | ||
19 | -import com.fasterxml.jackson.databind.node.ObjectNode; | ||
20 | -import org.onosproject.openstackinterface.OpenstackPort; | ||
21 | -import org.onosproject.openstackinterface.web.OpenstackPortCodec; | ||
22 | -import org.onosproject.openstacknetworking.OpenstackPortInfo; | ||
23 | -import org.onosproject.openstacknetworking.OpenstackRoutingService; | ||
24 | -import org.onosproject.openstacknetworking.OpenstackSwitchingService; | ||
25 | import org.onosproject.rest.AbstractWebResource; | 18 | import org.onosproject.rest.AbstractWebResource; |
26 | -import org.slf4j.Logger; | ||
27 | -import org.slf4j.LoggerFactory; | ||
28 | 19 | ||
29 | import javax.ws.rs.Consumes; | 20 | import javax.ws.rs.Consumes; |
30 | import javax.ws.rs.DELETE; | 21 | import javax.ws.rs.DELETE; |
... | @@ -43,47 +34,16 @@ import java.io.InputStream; | ... | @@ -43,47 +34,16 @@ import java.io.InputStream; |
43 | @Path("ports") | 34 | @Path("ports") |
44 | public class OpenstackPortWebResource extends AbstractWebResource { | 35 | public class OpenstackPortWebResource extends AbstractWebResource { |
45 | 36 | ||
46 | - private final Logger log = LoggerFactory.getLogger(getClass()); | ||
47 | - private static final String PORTNAME_PREFIX_VM = "tap"; | ||
48 | - private static final OpenstackPortCodec PORT_CODEC = new OpenstackPortCodec(); | ||
49 | - | ||
50 | @POST | 37 | @POST |
51 | @Consumes(MediaType.APPLICATION_JSON) | 38 | @Consumes(MediaType.APPLICATION_JSON) |
52 | @Produces(MediaType.APPLICATION_JSON) | 39 | @Produces(MediaType.APPLICATION_JSON) |
53 | public Response createPorts(InputStream input) { | 40 | public Response createPorts(InputStream input) { |
54 | - try { | 41 | + return Response.status(Response.Status.OK).build(); |
55 | - ObjectMapper mapper = new ObjectMapper(); | ||
56 | - ObjectNode portNode = (ObjectNode) mapper.readTree(input); | ||
57 | - | ||
58 | - OpenstackPort openstackPort = PORT_CODEC.decode(portNode, this); | ||
59 | - OpenstackSwitchingService switchingService = | ||
60 | - getService(OpenstackSwitchingService.class); | ||
61 | - switchingService.createPorts(openstackPort); | ||
62 | - | ||
63 | - log.debug("REST API ports is called with {}", portNode.toString()); | ||
64 | - return Response.status(Response.Status.OK).build(); | ||
65 | - | ||
66 | - } catch (Exception e) { | ||
67 | - log.error("Creates Port failed because of exception {}", | ||
68 | - e.toString()); | ||
69 | - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.toString()) | ||
70 | - .build(); | ||
71 | - } | ||
72 | } | 42 | } |
73 | 43 | ||
74 | @Path("{portUUID}") | 44 | @Path("{portUUID}") |
75 | @DELETE | 45 | @DELETE |
76 | public Response deletePorts(@PathParam("portUUID") String id) { | 46 | public Response deletePorts(@PathParam("portUUID") String id) { |
77 | - OpenstackSwitchingService switchingService = | ||
78 | - getService(OpenstackSwitchingService.class); | ||
79 | - OpenstackPortInfo portInfo = switchingService.openstackPortInfo() | ||
80 | - .get(PORTNAME_PREFIX_VM.concat(id.substring(0, 11))); | ||
81 | - OpenstackRoutingService routingService = | ||
82 | - getService(OpenstackRoutingService.class); | ||
83 | - routingService.checkDisassociatedFloatingIp(id, portInfo); | ||
84 | - | ||
85 | - switchingService.removePort(id); | ||
86 | - | ||
87 | return Response.noContent().build(); | 47 | return Response.noContent().build(); |
88 | } | 48 | } |
89 | 49 | ||
... | @@ -92,23 +52,7 @@ public class OpenstackPortWebResource extends AbstractWebResource { | ... | @@ -92,23 +52,7 @@ public class OpenstackPortWebResource extends AbstractWebResource { |
92 | @Consumes(MediaType.APPLICATION_JSON) | 52 | @Consumes(MediaType.APPLICATION_JSON) |
93 | @Produces(MediaType.APPLICATION_JSON) | 53 | @Produces(MediaType.APPLICATION_JSON) |
94 | public Response updatePorts(InputStream input) { | 54 | public Response updatePorts(InputStream input) { |
95 | - try { | 55 | + // TODO call security group update here |
96 | - ObjectMapper mapper = new ObjectMapper(); | 56 | + return Response.status(Response.Status.OK).build(); |
97 | - ObjectNode portNode = (ObjectNode) mapper.readTree(input); | ||
98 | - | ||
99 | - OpenstackPort openstackPort = PORT_CODEC.decode(portNode, this); | ||
100 | - OpenstackSwitchingService switchingService = | ||
101 | - getService(OpenstackSwitchingService.class); | ||
102 | - switchingService.updatePort(openstackPort); | ||
103 | - | ||
104 | - log.debug("REST API update port is called with {}", portNode.toString()); | ||
105 | - return Response.status(Response.Status.OK).build(); | ||
106 | - | ||
107 | - } catch (Exception e) { | ||
108 | - log.error("Update Port failed because of exception {}", | ||
109 | - e.toString()); | ||
110 | - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.toString()) | ||
111 | - .build(); | ||
112 | - } | ||
113 | } | 57 | } |
114 | } | 58 | } | ... | ... |
... | @@ -16,5 +16,5 @@ onos_app ( | ... | @@ -16,5 +16,5 @@ onos_app ( |
16 | category = 'Utility', | 16 | category = 'Utility', |
17 | url = 'http://onosproject.org', | 17 | url = 'http://onosproject.org', |
18 | description = 'SONA Openstack Node Bootstrap Application.', | 18 | description = 'SONA Openstack Node Bootstrap Application.', |
19 | - required_app = [ 'org.onosproject.ovsdb-base' ], | 19 | + required_apps = [ 'org.onosproject.ovsdb-base', 'org.onosproject.drivers.ovsdb' ] |
20 | ) | 20 | ) | ... | ... |
... | @@ -38,7 +38,8 @@ | ... | @@ -38,7 +38,8 @@ |
38 | <onos.app.url>http://onosproject.org</onos.app.url> | 38 | <onos.app.url>http://onosproject.org</onos.app.url> |
39 | <onos.app.readme>SONA Openstack Node Bootstrap Application</onos.app.readme> | 39 | <onos.app.readme>SONA Openstack Node Bootstrap Application</onos.app.readme> |
40 | <onos.app.requires> | 40 | <onos.app.requires> |
41 | - org.onosproject.ovsdb-base | 41 | + org.onosproject.ovsdb-base, |
42 | + org.onosproject.drivers.ovsdb | ||
42 | </onos.app.requires> | 43 | </onos.app.requires> |
43 | </properties> | 44 | </properties> |
44 | 45 | ... | ... |
... | @@ -242,7 +242,7 @@ public final class OpenstackNodeManager implements OpenstackNodeService { | ... | @@ -242,7 +242,7 @@ public final class OpenstackNodeManager implements OpenstackNodeService { |
242 | deviceService.removeListener(deviceListener); | 242 | deviceService.removeListener(deviceListener); |
243 | nodeStore.removeListener(nodeStoreListener); | 243 | nodeStore.removeListener(nodeStoreListener); |
244 | 244 | ||
245 | - componentConfigService.unregisterProperties(getClass(), true); | 245 | + componentConfigService.unregisterProperties(getClass(), false); |
246 | configRegistry.unregisterConfigFactory(configFactory); | 246 | configRegistry.unregisterConfigFactory(configFactory); |
247 | 247 | ||
248 | leadershipService.withdraw(appId.name()); | 248 | leadershipService.withdraw(appId.name()); | ... | ... |
... | @@ -54,8 +54,8 @@ APPS = [ | ... | @@ -54,8 +54,8 @@ APPS = [ |
54 | '//apps/mlb:onos-apps-mlb-oar', | 54 | '//apps/mlb:onos-apps-mlb-oar', |
55 | '//apps/openstackinterface:onos-apps-openstackinterface-oar', | 55 | '//apps/openstackinterface:onos-apps-openstackinterface-oar', |
56 | '//apps/openstacknetworking:onos-apps-openstacknetworking-oar', | 56 | '//apps/openstacknetworking:onos-apps-openstacknetworking-oar', |
57 | - '//apps/openstacknetworking/openstackrouting:onos-apps-openstacknetworking-openstackrouting-oar', | 57 | + '//apps/openstacknetworking/routing:onos-apps-openstacknetworking-routing-oar', |
58 | - '//apps/openstacknetworking/openstackswitching:onos-apps-openstacknetworking-openstackswitching-oar', | 58 | + '//apps/openstacknetworking/switching:onos-apps-openstacknetworking-switching-oar', |
59 | '//apps/mobility:onos-apps-mobility-oar', | 59 | '//apps/mobility:onos-apps-mobility-oar', |
60 | '//apps/optical:onos-apps-optical-oar', | 60 | '//apps/optical:onos-apps-optical-oar', |
61 | '//apps/pathpainter:onos-apps-pathpainter-oar', | 61 | '//apps/pathpainter:onos-apps-pathpainter-oar', | ... | ... |
-
Please register or login to post a comment