Gitiles
Code Review Sign In
gerrit.onosproject.org / onos / 6a9ff0d87922ca8c7e5c7ff93771f6dcd086b0e4^! / . / apps / openstacknetworking / src / main / java / org / onosproject / openstacknetworking / impl / OpenstackSecurityGroupManager.java
commit6a9ff0d87922ca8c7e5c7ff93771f6dcd086b0e4[log] [tgz]
authorsangho <sangho@onlab.us>Mon Mar 27 11:23:37 2017 +0900
committerJonathan Hart <jono@onlab.us>Fri Apr 14 15:21:50 2017 +0000
treea5dc3007968097e5776fb6568e07abd7fb65260a
parent229554a0a493d27520a8182971792e7bdb1e270d [diff] [blame]
[ONOS-6137] Refactoring SecurityGroup features for stateful SONA

- Caches the security group information
- Supports seucrity group & rules update

Change-Id: Id7cdfb84e53e00aab49fbe736fb39e37492eeb61

diff --git a/apps/openstacknetworking/src/main/java/org/onosproject/openstacknetworking/impl/OpenstackSecurityGroupManager.java b/apps/openstacknetworking/src/main/java/org/onosproject/openstacknetworking/impl/OpenstackSecurityGroupManager.java
new file mode 100644
index 0000000..678d180
--- /dev/null
+++ b/apps/openstacknetworking/src/main/java/org/onosproject/openstacknetworking/impl/OpenstackSecurityGroupManager.java

@@ -0,0 +1,159 @@
+/*
+ * Copyright 2017-present Open Networking Laboratory
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.onosproject.openstacknetworking.impl;
+
+
+import com.google.common.base.Strings;
+import org.apache.felix.scr.annotations.Activate;
+import org.apache.felix.scr.annotations.Component;
+import org.apache.felix.scr.annotations.Deactivate;
+import org.apache.felix.scr.annotations.Reference;
+import org.apache.felix.scr.annotations.ReferenceCardinality;
+import org.apache.felix.scr.annotations.Service;
+import org.onosproject.core.CoreService;
+import org.onosproject.event.ListenerRegistry;
+import org.onosproject.openstacknetworking.api.Constants;
+import org.onosproject.openstacknetworking.api.OpenstackSecurityGroupAdminService;
+import org.onosproject.openstacknetworking.api.OpenstackSecurityGroupEvent;
+import org.onosproject.openstacknetworking.api.OpenstackSecurityGroupListener;
+import org.onosproject.openstacknetworking.api.OpenstackSecurityGroupService;
+import org.onosproject.openstacknetworking.api.OpenstackSecurityGroupStore;
+import org.onosproject.openstacknetworking.api.OpenstackSecurityGroupStoreDelegate;
+import org.openstack4j.model.network.SecurityGroup;
+import org.openstack4j.model.network.SecurityGroupRule;
+import org.openstack4j.openstack.networking.domain.NeutronSecurityGroup;
+import org.slf4j.Logger;
+
+import java.util.List;
+
+import static com.google.common.base.Preconditions.checkArgument;
+import static com.google.common.base.Preconditions.checkNotNull;
+import static org.slf4j.LoggerFactory.getLogger;
+
+/**
+ * Provides implementation of administering and interfaceing Openstack security
+ * groups.
+ *
+ */
+@Service
+@Component(immediate = true)
+public class OpenstackSecurityGroupManager
+        extends ListenerRegistry<OpenstackSecurityGroupEvent, OpenstackSecurityGroupListener>
+        implements OpenstackSecurityGroupAdminService, OpenstackSecurityGroupService {
+
+    protected final Logger log = getLogger(getClass());
+
+    private static final String MSG_SG = "OpenStack security group %s %s";
+    private static final String MSG_SG_RULE = "OpenStack security group %s %s";
+
+
+    private static final String MSG_CREATED = "created";
+    private static final String MSG_REMOVED = "removed";
+
+    private static final String ERR_NULL_SG = "OpenStack security group cannot be null";
+    private static final String ERR_NULL_SG_ID = "OpenStack security group ID cannot be null";
+    private static final String ERR_NULL_SG_RULE = "OpenStack security group rule cannot be null";
+    private static final String ERR_NULL_SG_RULE_ID = "OpenStack security group rule ID cannot be null";
+
+    @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY)
+    protected CoreService coreService;
+
+    @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY)
+    protected OpenstackSecurityGroupStore osSecurityGroupStore;
+
+    private final OpenstackSecurityGroupStoreDelegate delegate = new InternalSecurityGroupStoreDelegate();
+
+    @Activate
+    protected void activate() {
+        coreService.registerApplication(Constants.OPENSTACK_NETWORKING_APP_ID);
+        osSecurityGroupStore.setDelegate(delegate);
+        log.info("Started");
+    }
+
+    @Deactivate
+    protected void deactivate() {
+        osSecurityGroupStore.unsetDelegate(delegate);
+        log.info("Stopped");
+    }
+
+    @Override
+    public void createSecurityGroup(SecurityGroup sg) {
+        checkNotNull(sg, ERR_NULL_SG);
+        checkArgument(!Strings.isNullOrEmpty(sg.getId()), ERR_NULL_SG_ID);
+
+        osSecurityGroupStore.createSecurityGroup(sg);
+        log.info(String.format(MSG_SG, sg.getId(), MSG_CREATED));
+    }
+
+    @Override
+    public void removeSecurityGroup(String sgId) {
+        checkNotNull(sgId, ERR_NULL_SG_ID);
+
+        osSecurityGroupStore.removeSecurityGroup(sgId);
+        log.info(String.format(MSG_SG, sgId, MSG_REMOVED));
+    }
+
+    @Override
+    public void createSecurityGroupRule(SecurityGroupRule sgRule) {
+        checkNotNull(sgRule, ERR_NULL_SG_RULE);
+        checkArgument(!Strings.isNullOrEmpty(sgRule.getId()), ERR_NULL_SG_RULE_ID);
+
+        synchronized (osSecurityGroupStore) {
+            SecurityGroup sg = securityGroup(sgRule.getSecurityGroupId());
+            List sgRules = sg.getRules();
+            sgRules.add(sgRule);
+            SecurityGroup newSg = new NeutronSecurityGroup.SecurityGroupConcreteBuilder().from(sg).build();
+            SecurityGroup oldSg = osSecurityGroupStore.updateSecurityGroup(sgRule.getSecurityGroupId(), newSg);
+            if (oldSg == null) {
+                log.warn("Failed to add the security group rule {} to security group", sgRule.getId());
+            }
+
+            osSecurityGroupStore.createSecurityGroupRule(sgRule);
+            log.info(String.format(MSG_SG_RULE, sgRule.getId(), MSG_CREATED));
+        }
+    }
+
+    @Override
+    public void removeSecurityGroupRule(String sgRuleId) {
+        checkNotNull(sgRuleId, ERR_NULL_SG_RULE_ID);
+
+        osSecurityGroupStore.removeSecurityGroupRule(sgRuleId);
+        log.info(String.format(MSG_SG_RULE, sgRuleId, MSG_REMOVED));
+    }
+
+    @Override
+    public SecurityGroup securityGroup(String sgId) {
+        checkArgument(!Strings.isNullOrEmpty(sgId), ERR_NULL_SG_ID);
+        return osSecurityGroupStore.securityGroup(sgId);
+    }
+
+    @Override
+    public SecurityGroupRule securityGroupRule(String sgRuleId) {
+        checkArgument(!Strings.isNullOrEmpty(sgRuleId), ERR_NULL_SG_RULE_ID);
+        return osSecurityGroupStore.securityGroupRule(sgRuleId);
+    }
+
+    private class InternalSecurityGroupStoreDelegate implements OpenstackSecurityGroupStoreDelegate {
+
+        @Override
+        public void notify(OpenstackSecurityGroupEvent event) {
+            if (event != null) {
+                log.trace("send openstack security group event {}", event);
+                process(event);
+            }
+        }
+    }
+}