Support tenant overlay network mode at kubevirt networking
Change-Id: Ife40e40e3ee5e342ac8b90ddea6eb81744ace18a
diff --git a/apps/kubevirt-networking/app/src/main/java/org/onosproject/kubevirtnetworking/util/KubevirtNetworkingUtil.java b/apps/kubevirt-networking/app/src/main/java/org/onosproject/kubevirtnetworking/util/KubevirtNetworkingUtil.java
index 48d9bc0..d759db0 100644
--- a/apps/kubevirt-networking/app/src/main/java/org/onosproject/kubevirtnetworking/util/KubevirtNetworkingUtil.java
+++ b/apps/kubevirt-networking/app/src/main/java/org/onosproject/kubevirtnetworking/util/KubevirtNetworkingUtil.java
@@ -26,6 +26,7 @@
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
+import org.onlab.osgi.DefaultServiceDirectory;
import org.onlab.packet.IpAddress;
import org.onlab.packet.MacAddress;
import org.onosproject.cfg.ConfigProperty;
@@ -34,6 +35,11 @@
import org.onosproject.kubevirtnetworking.api.KubevirtPort;
import org.onosproject.kubevirtnode.api.KubevirtApiConfig;
import org.onosproject.kubevirtnode.api.KubevirtApiConfigService;
+import org.onosproject.kubevirtnode.api.KubevirtNode;
+import org.onosproject.net.DeviceId;
+import org.onosproject.net.Port;
+import org.onosproject.net.PortNumber;
+import org.onosproject.net.device.DeviceService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -42,10 +48,14 @@
import java.util.HashSet;
import java.util.List;
import java.util.Map;
+import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
+import static org.onosproject.kubevirtnetworking.api.Constants.TUNNEL_TO_TENANT_PREFIX;
+import static org.onosproject.net.AnnotationKeys.PORT_NAME;
+
/**
* An utility that used in KubeVirt networking app.
*/
@@ -233,7 +243,6 @@
if (config.scheme() == KubevirtApiConfig.Scheme.HTTPS) {
configBuilder.withTrustCerts(true)
- .withOauthToken(config.token())
.withCaCertData(config.caCertData())
.withClientCertData(config.clientCertData())
.withClientKeyData(config.clientKeyData());
@@ -277,6 +286,27 @@
}
/**
+ * Obtains the tunnel port number with the given network and node.
+ *
+ * @param network kubevirt network
+ * @param node kubevirt node
+ * @return tunnel port number
+ */
+ public static PortNumber tunnelPort(KubevirtNetwork network, KubevirtNode node) {
+ switch (network.type()) {
+ case VXLAN:
+ return node.vxlanPort();
+ case GRE:
+ return node.grePort();
+ case GENEVE:
+ return node.genevePort();
+ default:
+ break;
+ }
+ return null;
+ }
+
+ /**
* Obtains the kubevirt port from kubevirt POD.
*
* @param networks set of existing kubevirt networks
@@ -331,4 +361,64 @@
return null;
}
+
+ /**
+ * Obtains the tunnel bridge to tenant bridge patch port number.
+ *
+ * @param node kubevirt node
+ * @param network kubevirt network
+ * @return patch port number
+ */
+ public static PortNumber tunnelToTenantPort(KubevirtNode node, KubevirtNetwork network) {
+ if (network.segmentId() == null) {
+ return null;
+ }
+
+ if (node.tunBridge() == null) {
+ return null;
+ }
+
+ String tunToTenantPortName = TUNNEL_TO_TENANT_PREFIX + segmentIdHex(network.segmentId());
+ return portNumber(node.tunBridge(), tunToTenantPortName);
+ }
+
+ /**
+ * Obtains the tunnel port number of the given node.
+ *
+ * @param node kubevirt node
+ * @param network kubevirt network
+ * @return tunnel port number
+ */
+ public static PortNumber tunnelPort(KubevirtNode node, KubevirtNetwork network) {
+ if (network.segmentId() == null) {
+ return null;
+ }
+
+ if (node.tunBridge() == null) {
+ return null;
+ }
+
+ switch (network.type()) {
+ case VXLAN:
+ return node.vxlanPort();
+ case GRE:
+ return node.grePort();
+ case GENEVE:
+ return node.genevePort();
+ case FLAT:
+ default:
+ // do nothing
+ return null;
+ }
+ }
+
+ private static PortNumber portNumber(DeviceId deviceId, String portName) {
+ DeviceService deviceService = DefaultServiceDirectory.getService(DeviceService.class);
+ Port port = deviceService.getPorts(deviceId).stream()
+ .filter(p -> p.isEnabled() &&
+ Objects.equals(p.annotations().value(PORT_NAME), portName))
+ .findAny().orElse(null);
+ return port != null ? port.number() : null;
+ }
+
}
diff --git a/apps/kubevirt-networking/app/src/main/java/org/onosproject/kubevirtnetworking/util/RulePopulatorUtil.java b/apps/kubevirt-networking/app/src/main/java/org/onosproject/kubevirtnetworking/util/RulePopulatorUtil.java
new file mode 100644
index 0000000..f005c5f
--- /dev/null
+++ b/apps/kubevirt-networking/app/src/main/java/org/onosproject/kubevirtnetworking/util/RulePopulatorUtil.java
@@ -0,0 +1,210 @@
+/*
+ * Copyright 2021-present Open Networking Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.onosproject.kubevirtnetworking.util;
+
+import org.onlab.packet.Ip4Address;
+import org.onosproject.net.Device;
+import org.onosproject.net.DeviceId;
+import org.onosproject.net.behaviour.ExtensionTreatmentResolver;
+import org.onosproject.net.device.DeviceService;
+import org.onosproject.net.flow.instructions.ExtensionPropertyException;
+import org.onosproject.net.flow.instructions.ExtensionTreatment;
+import org.slf4j.Logger;
+
+import static org.onosproject.net.flow.instructions.ExtensionTreatmentType.ExtensionTreatmentTypes.NICIRA_LOAD;
+import static org.onosproject.net.flow.instructions.ExtensionTreatmentType.ExtensionTreatmentTypes.NICIRA_MOV_ARP_SHA_TO_THA;
+import static org.onosproject.net.flow.instructions.ExtensionTreatmentType.ExtensionTreatmentTypes.NICIRA_MOV_ARP_SPA_TO_TPA;
+import static org.onosproject.net.flow.instructions.ExtensionTreatmentType.ExtensionTreatmentTypes.NICIRA_MOV_ETH_SRC_TO_DST;
+import static org.onosproject.net.flow.instructions.ExtensionTreatmentType.ExtensionTreatmentTypes.NICIRA_MOV_IP_SRC_TO_DST;
+import static org.onosproject.net.flow.instructions.ExtensionTreatmentType.ExtensionTreatmentTypes.NICIRA_SET_TUNNEL_DST;
+import static org.slf4j.LoggerFactory.getLogger;
+
+/**
+ * Provides common methods to help populating flow rules for SONA applications.
+ */
+public final class RulePopulatorUtil {
+
+ private static final Logger log = getLogger(RulePopulatorUtil.class);
+
+ private static final int OFF_SET_BIT = 0;
+ private static final int REMAINDER_BIT = 8;
+
+ private static final String OFF_SET_N_BITS = "ofsNbits";
+ private static final String DESTINATION = "dst";
+ private static final String VALUE = "value";
+ private static final String TUNNEL_DST = "tunnelDst";
+
+ // layer 3 nicira fields
+ private static final int NXM_OF_IP_SRC = 0x00000e04;
+ private static final int NXM_OF_IP_DST = 0x00001004;
+ private static final int NXM_OF_IP_PROT = 0x00000c01;
+
+ public static final int NXM_NX_IP_TTL = 0x00013a01;
+ public static final int NXM_NX_IP_FRAG = 0x00013401;
+ public static final int NXM_OF_ARP_OP = 0x00001e02;
+ public static final int NXM_OF_ARP_SPA = 0x00002004;
+ public static final int NXM_OF_ARP_TPA = 0x00002204;
+ public static final int NXM_NX_ARP_SHA = 0x00012206;
+ public static final int NXM_NX_ARP_THA = 0x00012406;
+
+ // layer 4 nicira fields
+ public static final int NXM_OF_TCP_SRC = 0x00001202;
+ public static final int NXM_OF_TCP_DST = 0x00001402;
+ public static final int NXM_NX_TCP_FLAGS = 0x00014402;
+ public static final int NXM_OF_UDP_SRC = 0x00001602;
+ public static final int NXM_OF_UDP_DST = 0x00001802;
+
+ public static final int NXM_OF_ICMP_TYPE = 0x00001a01;
+ public static final int NXM_OF_ICMP_CODE = 0x00001c01;
+
+ private RulePopulatorUtil() {
+ }
+
+ /**
+ * Returns the nicira load extension treatment.
+ *
+ * @param device device instance
+ * @param field field code
+ * @param value value to load
+ * @return load extension treatment
+ */
+ public static ExtensionTreatment buildLoadExtension(Device device,
+ long field,
+ long value) {
+ if (!checkTreatmentResolver(device)) {
+ return null;
+ }
+
+ ExtensionTreatmentResolver resolver = device.as(ExtensionTreatmentResolver.class);
+ ExtensionTreatment treatment =
+ resolver.getExtensionInstruction(NICIRA_LOAD.type());
+
+ int ofsNbits = OFF_SET_BIT << 6 | (REMAINDER_BIT - 1);
+
+ try {
+ treatment.setPropertyValue(OFF_SET_N_BITS, ofsNbits);
+ treatment.setPropertyValue(DESTINATION, field);
+ treatment.setPropertyValue(VALUE, value);
+ return treatment;
+ } catch (ExtensionPropertyException e) {
+ log.error("Failed to set nicira load extension treatment for {}",
+ device.id());
+ return null;
+ }
+ }
+
+ /**
+ * Returns the nicira move source MAC to destination MAC extension treatment.
+ *
+ * @param device device instance
+ * @return move extension treatment
+ */
+ public static ExtensionTreatment buildMoveEthSrcToDstExtension(Device device) {
+ if (!checkTreatmentResolver(device)) {
+ return null;
+ }
+
+ ExtensionTreatmentResolver resolver = device.as(ExtensionTreatmentResolver.class);
+ return resolver.getExtensionInstruction(NICIRA_MOV_ETH_SRC_TO_DST.type());
+ }
+
+ /**
+ * Returns the nicira move source IP to destination IP extension treatment.
+ *
+ * @param device device instance
+ * @return move extension treatment
+ */
+ public static ExtensionTreatment buildMoveIpSrcToDstExtension(Device device) {
+ if (!checkTreatmentResolver(device)) {
+ return null;
+ }
+
+ ExtensionTreatmentResolver resolver = device.as(ExtensionTreatmentResolver.class);
+ return resolver.getExtensionInstruction(NICIRA_MOV_IP_SRC_TO_DST.type());
+ }
+
+ /**
+ * Returns the nicira move ARP SHA to THA extension treatment.
+ *
+ * @param device device instance
+ * @return move extension treatment
+ */
+ public static ExtensionTreatment buildMoveArpShaToThaExtension(Device device) {
+ if (!checkTreatmentResolver(device)) {
+ return null;
+ }
+
+ ExtensionTreatmentResolver resolver = device.as(ExtensionTreatmentResolver.class);
+ return resolver.getExtensionInstruction(NICIRA_MOV_ARP_SHA_TO_THA.type());
+ }
+
+ /**
+ * Returns the nicira move ARP SPA to TPA extension treatment.
+ *
+ * @param device device instance
+ * @return move extension treatment
+ */
+ public static ExtensionTreatment buildMoveArpSpaToTpaExtension(Device device) {
+ if (!checkTreatmentResolver(device)) {
+ return null;
+ }
+
+ ExtensionTreatmentResolver resolver = device.as(ExtensionTreatmentResolver.class);
+ return resolver.getExtensionInstruction(NICIRA_MOV_ARP_SPA_TO_TPA.type());
+ }
+
+ private static boolean checkTreatmentResolver(Device device) {
+ if (device == null || !device.is(ExtensionTreatmentResolver.class)) {
+ log.warn("Nicira extension treatment is not supported");
+ return false;
+ }
+
+ return true;
+ }
+
+ /**
+ * Returns tunnel destination extension treatment object.
+ *
+ * @param deviceService driver service
+ * @param deviceId device id to apply this treatment
+ * @param remoteIp tunnel destination ip address
+ * @return extension treatment
+ */
+ public static ExtensionTreatment buildExtension(DeviceService deviceService,
+ DeviceId deviceId,
+ Ip4Address remoteIp) {
+ Device device = deviceService.getDevice(deviceId);
+ if (!checkTreatmentResolver(device)) {
+ return null;
+ }
+
+ if (device == null) {
+ return null;
+ }
+
+ ExtensionTreatmentResolver resolver = device.as(ExtensionTreatmentResolver.class);
+ ExtensionTreatment treatment =
+ resolver.getExtensionInstruction(NICIRA_SET_TUNNEL_DST.type());
+ try {
+ treatment.setPropertyValue(TUNNEL_DST, remoteIp);
+ return treatment;
+ } catch (ExtensionPropertyException e) {
+ log.warn("Failed to get tunnelDst extension treatment for {} " +
+ "because of {}", deviceId, e);
+ return null;
+ }
+ }
+}