Gitiles
Code Review Sign In
gerrit.onosproject.org / onos / 46b7400f7baf469c1e06c4f40d858cf36738cdad / . / apps / openstacknetworking / app / src / main / java / org / onosproject / openstacknetworking / impl / OpenstackSwitchingHandler.java
blob: 5519f370d4fc192ab7863448e1a6d9cf81b6caf1 [file] [log] [blame]
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]1/*
Jian Li26949762018-03-30 15:46:37 +0900[diff] [blame]2 * Copyright 2016-present Open Networking Foundation
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]16
17package org.onosproject.openstacknetworking.impl;
18
19import com.google.common.base.Strings;
20import org.apache.felix.scr.annotations.Activate;
21import org.apache.felix.scr.annotations.Component;
22import org.apache.felix.scr.annotations.Deactivate;
23import org.apache.felix.scr.annotations.Reference;
24import org.apache.felix.scr.annotations.ReferenceCardinality;
25import org.onlab.packet.Ethernet;
Frank Wangf9571662017-06-06 18:01:29 +0800[diff] [blame]26import org.onlab.packet.MacAddress;
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]27import org.onlab.packet.VlanId;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]28import org.onosproject.core.ApplicationId;
29import org.onosproject.core.CoreService;
30import org.onosproject.mastership.MastershipService;
daniel park796c2eb2018-03-22 17:01:51 +0900[diff] [blame]31import org.onosproject.net.PortNumber;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]32import org.onosproject.net.device.DeviceService;
sangho1aaa7882017-05-31 13:22:47 +0900[diff] [blame]33import org.onosproject.net.driver.DriverService;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]34import org.onosproject.net.flow.DefaultTrafficSelector;
35import org.onosproject.net.flow.DefaultTrafficTreatment;
36import org.onosproject.net.flow.TrafficSelector;
37import org.onosproject.net.flow.TrafficTreatment;
sangho1aaa7882017-05-31 13:22:47 +0900[diff] [blame]38import org.onosproject.net.flow.instructions.ExtensionTreatment;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]39import org.onosproject.openstacknetworking.api.InstancePort;
40import org.onosproject.openstacknetworking.api.InstancePortEvent;
41import org.onosproject.openstacknetworking.api.InstancePortListener;
42import org.onosproject.openstacknetworking.api.InstancePortService;
sanghodc375372017-06-08 10:41:30 +0900[diff] [blame]43import org.onosproject.openstacknetworking.api.OpenstackFlowRuleService;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]44import org.onosproject.openstacknetworking.api.OpenstackNetworkService;
sanghoe6457a32017-08-24 14:31:19 +0900[diff] [blame]45import org.onosproject.openstacknetworking.api.OpenstackSecurityGroupService;
Jian Li26949762018-03-30 15:46:37 +0900[diff] [blame]46import org.onosproject.openstacknetworking.util.RulePopulatorUtil;
Hyunsun Moon0d457362017-06-27 17:19:41 +0900[diff] [blame]47import org.onosproject.openstacknode.api.OpenstackNode;
48import org.onosproject.openstacknode.api.OpenstackNodeService;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]49import org.openstack4j.model.network.Network;
Frank Wangf9571662017-06-06 18:01:29 +0800[diff] [blame]50import org.openstack4j.model.network.NetworkType;
51import org.openstack4j.model.network.Port;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]52import org.slf4j.Logger;
53
54import java.util.concurrent.ExecutorService;
55
56import static java.util.concurrent.Executors.newSingleThreadExecutor;
57import static org.onlab.util.Tools.groupedThreads;
sanghodc375372017-06-08 10:41:30 +0900[diff] [blame]58import static org.onosproject.openstacknetworking.api.Constants.ACL_TABLE;
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]59import static org.onosproject.openstacknetworking.api.Constants.DHCP_ARP_TABLE;
60import static org.onosproject.openstacknetworking.api.Constants.FLAT_TABLE;
sanghodc375372017-06-08 10:41:30 +0900[diff] [blame]61import static org.onosproject.openstacknetworking.api.Constants.FORWARDING_TABLE;
62import static org.onosproject.openstacknetworking.api.Constants.OPENSTACK_NETWORKING_APP_ID;
Frank Wangf9571662017-06-06 18:01:29 +0800[diff] [blame]63import static org.onosproject.openstacknetworking.api.Constants.PRIORITY_ADMIN_RULE;
Daniel Parkd1b14d32018-06-12 16:10:28 +0900[diff] [blame]64import static org.onosproject.openstacknetworking.api.Constants.PRIORITY_FLAT_DOWNSTREAM_RULE;
65import static org.onosproject.openstacknetworking.api.Constants.PRIORITY_FLAT_JUMP_DOWNSTREAM_RULE;
66import static org.onosproject.openstacknetworking.api.Constants.PRIORITY_FLAT_JUMP_UPSTREAM_RULE;
67import static org.onosproject.openstacknetworking.api.Constants.PRIORITY_FLAT_UPSTREAM_RULE;
sanghodc375372017-06-08 10:41:30 +0900[diff] [blame]68import static org.onosproject.openstacknetworking.api.Constants.PRIORITY_SWITCHING_RULE;
69import static org.onosproject.openstacknetworking.api.Constants.PRIORITY_TUNNEL_TAG_RULE;
Jian Li960ae512018-07-03 22:50:56 +0900[diff] [blame]70import static org.onosproject.openstacknetworking.api.Constants.STAT_FLAT_OUTBOUND_TABLE;
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]71import static org.onosproject.openstacknetworking.api.Constants.VTAG_TABLE;
Jian Liec5c32b2018-07-13 14:28:58 +0900[diff] [blame]72import static org.onosproject.openstacknetworking.util.OpenstackNetworkingUtil.swapStaleLocation;
Jian Li26949762018-03-30 15:46:37 +0900[diff] [blame]73import static org.onosproject.openstacknetworking.util.RulePopulatorUtil.buildExtension;
Hyunsun Moon0d457362017-06-27 17:19:41 +0900[diff] [blame]74import static org.onosproject.openstacknode.api.OpenstackNode.NodeType.COMPUTE;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]75import static org.slf4j.LoggerFactory.getLogger;
76
77
78/**
79 * Populates switching flow rules on OVS for the basic connectivity among the
80 * virtual instances in the same network.
81 */
82@Component(immediate = true)
83public final class OpenstackSwitchingHandler {
84
85 private final Logger log = getLogger(getClass());
86
Jian Li71670d12018-03-02 21:31:07 +0900[diff] [blame]87 private static final String ERR_SET_FLOWS_VNI = "Failed to set flows for %s: Failed to get VNI for %s";
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]88
89 @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY)
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]90 protected CoreService coreService;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]91
92 @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY)
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]93 protected MastershipService mastershipService;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]94
95 @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY)
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]96 protected DeviceService deviceService;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]97
98 @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY)
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]99 protected OpenstackFlowRuleService osFlowRuleService;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]100
101 @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY)
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]102 protected InstancePortService instancePortService;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]103
104 @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY)
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]105 protected OpenstackNetworkService osNetworkService;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]106
107 @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY)
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]108 protected OpenstackNodeService osNodeService;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]109
sangho1aaa7882017-05-31 13:22:47 +0900[diff] [blame]110 @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY)
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]111 protected DriverService driverService;
sangho1aaa7882017-05-31 13:22:47 +0900[diff] [blame]112
sanghoe6457a32017-08-24 14:31:19 +0900[diff] [blame]113 @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY)
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]114 protected OpenstackSecurityGroupService securityGroupService;
sanghoe6457a32017-08-24 14:31:19 +0900[diff] [blame]115
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]116 private final ExecutorService eventExecutor = newSingleThreadExecutor(
117 groupedThreads(this.getClass().getSimpleName(), "event-handler"));
118 private final InstancePortListener instancePortListener = new InternalInstancePortListener();
119 private ApplicationId appId;
120
121 @Activate
Ray Milkey9c9cde42018-01-12 14:22:06 -0800[diff] [blame]122 void activate() {
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]123 appId = coreService.registerApplication(OPENSTACK_NETWORKING_APP_ID);
124 instancePortService.addListener(instancePortListener);
125
126 log.info("Started");
127 }
128
129 @Deactivate
Ray Milkey9c9cde42018-01-12 14:22:06 -0800[diff] [blame]130 void deactivate() {
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]131 instancePortService.removeListener(instancePortListener);
132 eventExecutor.shutdown();
133
134 log.info("Stopped");
135 }
136
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]137 /**
138 * Configures L2 forwarding rules.
daniel park796c2eb2018-03-22 17:01:51 +0900[diff] [blame]139 * Currently, SONA supports Flat, VXLAN and VLAN modes.
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]140 *
141 * @param instPort instance port object
142 * @param install install flag, add the rule if true, remove it otherwise
143 */
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]144 private void setNetworkRules(InstancePort instPort, boolean install) {
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]145 NetworkType type = osNetworkService.network(instPort.networkId()).getNetworkType();
146 switch (type) {
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]147 case VXLAN:
148 setTunnelTagFlowRules(instPort, install);
Jian Li9a921b42018-06-18 02:44:50 +0900[diff] [blame]149 setForwardingRulesForVxlan(instPort, install);
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]150 break;
151 case VLAN:
152 setVlanTagFlowRules(instPort, install);
153 setForwardingRulesForVlan(instPort, install);
154 break;
daniel park796c2eb2018-03-22 17:01:51 +0900[diff] [blame]155 case FLAT:
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]156 setFlatJumpRules(instPort, install);
Jian Li9a921b42018-06-18 02:44:50 +0900[diff] [blame]157 setDownstreamRulesForFlat(instPort, install);
158 setUpstreamRulesForFlat(instPort, install);
daniel park796c2eb2018-03-22 17:01:51 +0900[diff] [blame]159 break;
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]160 default:
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]161 log.warn("Unsupported network tunnel type {}", type.name());
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]162 break;
163 }
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]164 }
165
Jian Li24ec59f2018-05-23 19:01:25 +0900[diff] [blame]166 /**
167 * Removes virtual port.
168 *
169 * @param instPort instance port
170 */
171 private void removeVportRules(InstancePort instPort) {
172 NetworkType type = osNetworkService.network(instPort.networkId()).getNetworkType();
173
174 switch (type) {
175 case VXLAN:
176 setTunnelTagFlowRules(instPort, false);
177 break;
178 case VLAN:
179 setVlanTagFlowRules(instPort, false);
180 break;
Jian Li9a921b42018-06-18 02:44:50 +0900[diff] [blame]181 case FLAT:
182 setFlatJumpRules(instPort, false);
183 setUpstreamRulesForFlat(instPort, false);
184 setDownstreamRulesForFlat(instPort, false);
Ray Milkeybcc53d32018-07-02 10:22:57 -0700[diff] [blame]185 break;
Jian Li24ec59f2018-05-23 19:01:25 +0900[diff] [blame]186 default:
Jian Li9a921b42018-06-18 02:44:50 +0900[diff] [blame]187 log.warn("Unsupported network type {}", type.name());
Jian Li24ec59f2018-05-23 19:01:25 +0900[diff] [blame]188 break;
189 }
190 }
191
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]192 private void setFlatJumpRules(InstancePort port, boolean install) {
193 TrafficSelector.Builder selector = DefaultTrafficSelector.builder();
194 selector.matchInPort(port.portNumber());
195
196 TrafficTreatment.Builder treatment = DefaultTrafficTreatment.builder();
Jian Li960ae512018-07-03 22:50:56 +0900[diff] [blame]197 treatment.transition(STAT_FLAT_OUTBOUND_TABLE);
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]198
199 osFlowRuleService.setRule(
200 appId,
201 port.deviceId(),
202 selector.build(),
203 treatment.build(),
Daniel Parkd1b14d32018-06-12 16:10:28 +0900[diff] [blame]204 PRIORITY_FLAT_JUMP_UPSTREAM_RULE,
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]205 DHCP_ARP_TABLE,
206 install);
207
208 Network network = osNetworkService.network(port.networkId());
209
210 if (network == null) {
211 log.warn("The network does not exist");
212 return;
213 }
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]214 PortNumber portNumber = osNodeService.node(port.deviceId())
215 .phyIntfPortNum(network.getProviderPhyNet());
216
217 if (portNumber == null) {
218 log.warn("The port number does not exist");
219 return;
220 }
221
222 selector = DefaultTrafficSelector.builder();
Daniel Parkd1b14d32018-06-12 16:10:28 +0900[diff] [blame]223 selector.matchInPort(portNumber)
224 .matchEthType(Ethernet.TYPE_IPV4)
225 .matchIPDst(port.ipAddress().toIpPrefix());
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]226
227 osFlowRuleService.setRule(
228 appId,
229 port.deviceId(),
230 selector.build(),
231 treatment.build(),
Daniel Parkd1b14d32018-06-12 16:10:28 +0900[diff] [blame]232 PRIORITY_FLAT_JUMP_DOWNSTREAM_RULE,
233 DHCP_ARP_TABLE,
234 install);
235
236 selector = DefaultTrafficSelector.builder();
237 selector.matchInPort(portNumber)
238 .matchEthType(Ethernet.TYPE_ARP)
239 .matchArpTpa(port.ipAddress().getIp4Address());
240
241 osFlowRuleService.setRule(
242 appId,
243 port.deviceId(),
244 selector.build(),
245 treatment.build(),
246 PRIORITY_FLAT_JUMP_DOWNSTREAM_RULE,
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]247 DHCP_ARP_TABLE,
248 install);
249 }
250
Jian Li9a921b42018-06-18 02:44:50 +0900[diff] [blame]251 private void setDownstreamRulesForFlat(InstancePort instPort, boolean install) {
daniel park796c2eb2018-03-22 17:01:51 +0900[diff] [blame]252 TrafficSelector selector = DefaultTrafficSelector.builder()
253 .matchEthType(Ethernet.TYPE_IPV4)
254 .matchIPDst(instPort.ipAddress().toIpPrefix())
255 .build();
256 TrafficTreatment treatment = DefaultTrafficTreatment.builder()
257 .setOutput(instPort.portNumber())
258 .build();
259
260 osFlowRuleService.setRule(
261 appId,
262 instPort.deviceId(),
263 selector,
264 treatment,
Daniel Parkd1b14d32018-06-12 16:10:28 +0900[diff] [blame]265 PRIORITY_FLAT_DOWNSTREAM_RULE,
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]266 FLAT_TABLE,
daniel park796c2eb2018-03-22 17:01:51 +0900[diff] [blame]267 install);
268
269 selector = DefaultTrafficSelector.builder()
270 .matchEthType(Ethernet.TYPE_ARP)
271 .matchArpTpa(instPort.ipAddress().getIp4Address())
272 .build();
273
274 osFlowRuleService.setRule(
275 appId,
276 instPort.deviceId(),
277 selector,
278 treatment,
Daniel Parkd1b14d32018-06-12 16:10:28 +0900[diff] [blame]279 PRIORITY_FLAT_DOWNSTREAM_RULE,
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]280 FLAT_TABLE,
daniel park796c2eb2018-03-22 17:01:51 +0900[diff] [blame]281 install);
282 }
283
Jian Li9a921b42018-06-18 02:44:50 +0900[diff] [blame]284 private void setUpstreamRulesForFlat(InstancePort instPort, boolean install) {
daniel park796c2eb2018-03-22 17:01:51 +0900[diff] [blame]285 TrafficSelector selector = DefaultTrafficSelector.builder()
286 .matchInPort(instPort.portNumber())
287 .build();
288
289 Network network = osNetworkService.network(instPort.networkId());
290
291 if (network == null) {
292 log.warn("The network does not exist");
293 return;
294 }
295
296 PortNumber portNumber = osNodeService.node(instPort.deviceId())
297 .phyIntfPortNum(network.getProviderPhyNet());
298
299 if (portNumber == null) {
300 log.warn("The port number does not exist");
301 return;
302 }
303
304 TrafficTreatment treatment = DefaultTrafficTreatment.builder()
305 .setOutput(portNumber)
306 .build();
307
308 osFlowRuleService.setRule(
309 appId,
310 instPort.deviceId(),
311 selector,
312 treatment,
Daniel Parkd1b14d32018-06-12 16:10:28 +0900[diff] [blame]313 PRIORITY_FLAT_UPSTREAM_RULE,
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]314 FLAT_TABLE,
daniel park796c2eb2018-03-22 17:01:51 +0900[diff] [blame]315 install);
316 }
317
318
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]319 /**
320 * Configures the flow rules which are used for L2 packet switching.
321 * Note that these rules will be inserted in switching table (table 5).
322 *
323 * @param instPort instance port object
324 * @param install install flag, add the rule if true, remove it otherwise
325 */
Jian Li9a921b42018-06-18 02:44:50 +0900[diff] [blame]326 private void setForwardingRulesForVxlan(InstancePort instPort, boolean install) {
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]327 // switching rules for the instPorts in the same node
328 TrafficSelector selector = DefaultTrafficSelector.builder()
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]329 // TODO: need to handle IPv6 in near future
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]330 .matchEthType(Ethernet.TYPE_IPV4)
331 .matchIPDst(instPort.ipAddress().toIpPrefix())
332 .matchTunnelId(getVni(instPort))
333 .build();
334
335 TrafficTreatment treatment = DefaultTrafficTreatment.builder()
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]336 // TODO: this might not be necessary for the VMs located in the same subnet
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]337 .setEthDst(instPort.macAddress())
338 .setOutput(instPort.portNumber())
339 .build();
340
sanghodc375372017-06-08 10:41:30 +0900[diff] [blame]341 osFlowRuleService.setRule(
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]342 appId,
343 instPort.deviceId(),
344 selector,
345 treatment,
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]346 PRIORITY_SWITCHING_RULE,
sanghodc375372017-06-08 10:41:30 +0900[diff] [blame]347 FORWARDING_TABLE,
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]348 install);
349
350 // switching rules for the instPorts in the remote node
Hyunsun Moon0d457362017-06-27 17:19:41 +0900[diff] [blame]351 OpenstackNode localNode = osNodeService.node(instPort.deviceId());
352 if (localNode == null) {
353 final String error = String.format("Cannot find openstack node for %s",
354 instPort.deviceId());
355 throw new IllegalStateException(error);
356 }
357 osNodeService.completeNodes(COMPUTE).stream()
358 .filter(remoteNode -> !remoteNode.intgBridge().equals(localNode.intgBridge()))
359 .forEach(remoteNode -> {
Hyunsun Moonacde3f52017-02-23 17:57:35 +0900[diff] [blame]360 TrafficTreatment treatmentToRemote = DefaultTrafficTreatment.builder()
361 .extension(buildExtension(
362 deviceService,
Hyunsun Moon0d457362017-06-27 17:19:41 +0900[diff] [blame]363 remoteNode.intgBridge(),
364 localNode.dataIp().getIp4Address()),
365 remoteNode.intgBridge())
366 .setOutput(remoteNode.tunnelPortNum())
Hyunsun Moonacde3f52017-02-23 17:57:35 +0900[diff] [blame]367 .build();
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]368
sanghodc375372017-06-08 10:41:30 +0900[diff] [blame]369 osFlowRuleService.setRule(
Hyunsun Moonacde3f52017-02-23 17:57:35 +0900[diff] [blame]370 appId,
Hyunsun Moon0d457362017-06-27 17:19:41 +0900[diff] [blame]371 remoteNode.intgBridge(),
Hyunsun Moonacde3f52017-02-23 17:57:35 +0900[diff] [blame]372 selector,
373 treatmentToRemote,
Hyunsun Moonacde3f52017-02-23 17:57:35 +0900[diff] [blame]374 PRIORITY_SWITCHING_RULE,
sanghodc375372017-06-08 10:41:30 +0900[diff] [blame]375 FORWARDING_TABLE,
Hyunsun Moonacde3f52017-02-23 17:57:35 +0900[diff] [blame]376 install);
377 });
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]378 }
379
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]380 /**
381 * Configures the flow rules which are used for L2 VLAN packet switching.
382 * Note that these rules will be inserted in switching table (table 5).
383 *
384 * @param instPort instance port object
385 * @param install install flag, add the rule if true, remove it otherwise
386 */
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]387 private void setForwardingRulesForVlan(InstancePort instPort, boolean install) {
388 // switching rules for the instPorts in the same node
389 TrafficSelector selector = DefaultTrafficSelector.builder()
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]390 // TODO: need to handle IPv6 in near future
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]391 .matchEthType(Ethernet.TYPE_IPV4)
392 .matchIPDst(instPort.ipAddress().toIpPrefix())
393 .matchVlanId(getVlanId(instPort))
394 .build();
395
396 TrafficTreatment treatment = DefaultTrafficTreatment.builder()
397 .popVlan()
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]398 // TODO: this might not be necessary for the VMs located in the same subnet
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]399 .setEthDst(instPort.macAddress())
400 .setOutput(instPort.portNumber())
401 .build();
402
sanghodc375372017-06-08 10:41:30 +0900[diff] [blame]403 osFlowRuleService.setRule(
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]404 appId,
405 instPort.deviceId(),
406 selector,
407 treatment,
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]408 PRIORITY_SWITCHING_RULE,
sanghodc375372017-06-08 10:41:30 +0900[diff] [blame]409 FORWARDING_TABLE,
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]410 install);
411
412 // switching rules for the instPorts in the remote node
Hyunsun Moon0d457362017-06-27 17:19:41 +0900[diff] [blame]413 osNodeService.completeNodes(COMPUTE).stream()
414 .filter(remoteNode -> !remoteNode.intgBridge().equals(instPort.deviceId()) &&
415 remoteNode.vlanIntf() != null)
416 .forEach(remoteNode -> {
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]417 TrafficTreatment treatmentToRemote = DefaultTrafficTreatment.builder()
Daniel Parkc64b4c62018-05-09 18:13:39 +0900[diff] [blame]418 .setEthDst(instPort.macAddress())
419 .setOutput(remoteNode.vlanPortNum())
420 .build();
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]421
sanghodc375372017-06-08 10:41:30 +0900[diff] [blame]422 osFlowRuleService.setRule(
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]423 appId,
Hyunsun Moon0d457362017-06-27 17:19:41 +0900[diff] [blame]424 remoteNode.intgBridge(),
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]425 selector,
426 treatmentToRemote,
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]427 PRIORITY_SWITCHING_RULE,
sanghodc375372017-06-08 10:41:30 +0900[diff] [blame]428 FORWARDING_TABLE,
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]429 install);
430 });
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]431 }
432
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]433 /**
434 * Configures the flow rule which is for using VXLAN to tag the packet
435 * based on the in_port number of a virtual instance.
436 * Note that this rule will be inserted in VNI table (table 0).
437 *
438 * @param instPort instance port object
439 * @param install install flag, add the rule if true, remove it otherwise
440 */
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]441 private void setTunnelTagFlowRules(InstancePort instPort, boolean install) {
442 TrafficSelector selector = DefaultTrafficSelector.builder()
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]443 // TODO: need to handle IPv6 in near future
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]444 .matchEthType(Ethernet.TYPE_IPV4)
445 .matchInPort(instPort.portNumber())
446 .build();
447
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]448 // XXX All egress traffic needs to go through connection tracking module,
449 // which might hurt its performance.
sangho1aaa7882017-05-31 13:22:47 +0900[diff] [blame]450 ExtensionTreatment ctTreatment =
451 RulePopulatorUtil.niciraConnTrackTreatmentBuilder(driverService, instPort.deviceId())
452 .commit(true).build();
453
sanghoe6457a32017-08-24 14:31:19 +0900[diff] [blame]454 TrafficTreatment.Builder tb = DefaultTrafficTreatment.builder()
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]455 .setTunnelId(getVni(instPort))
sanghoe6457a32017-08-24 14:31:19 +0900[diff] [blame]456 .transition(ACL_TABLE);
457
458 if (securityGroupService.isSecurityGroupEnabled()) {
459 tb.extension(ctTreatment, instPort.deviceId());
460 }
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]461
sanghodc375372017-06-08 10:41:30 +0900[diff] [blame]462 osFlowRuleService.setRule(
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]463 appId,
464 instPort.deviceId(),
465 selector,
sanghoe6457a32017-08-24 14:31:19 +0900[diff] [blame]466 tb.build(),
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]467 PRIORITY_TUNNEL_TAG_RULE,
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]468 VTAG_TABLE,
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]469 install);
470 }
471
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]472 /**
473 * Configures the flow rule which is for using VLAN to tag the packet
474 * based on the in_port number of a virtual instance.
475 * Note that this rule will be inserted in VNI table (table 0).
476 *
477 * @param instPort instance port object
478 * @param install install flag, add the rule if true, remove it otherwise
479 */
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]480 private void setVlanTagFlowRules(InstancePort instPort, boolean install) {
481 TrafficSelector selector = DefaultTrafficSelector.builder()
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]482 // TODO: need to handle IPv6 in near future
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]483 .matchEthType(Ethernet.TYPE_IPV4)
484 .matchInPort(instPort.portNumber())
485 .build();
486
487 TrafficTreatment treatment = DefaultTrafficTreatment.builder()
488 .pushVlan()
489 .setVlanId(getVlanId(instPort))
sanghodc375372017-06-08 10:41:30 +0900[diff] [blame]490 .transition(ACL_TABLE)
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]491 .build();
492
sanghodc375372017-06-08 10:41:30 +0900[diff] [blame]493 osFlowRuleService.setRule(
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]494 appId,
495 instPort.deviceId(),
496 selector,
497 treatment,
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]498 PRIORITY_TUNNEL_TAG_RULE,
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]499 VTAG_TABLE,
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]500 install);
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]501 }
502
Frank Wangf9571662017-06-06 18:01:29 +0800[diff] [blame]503 private void setNetworkAdminRules(Network network, boolean install) {
504 TrafficSelector selector;
505 if (network.getNetworkType() == NetworkType.VXLAN) {
506
507 selector = DefaultTrafficSelector.builder()
508 .matchTunnelId(Long.valueOf(network.getProviderSegID()))
509 .build();
510 } else {
511 selector = DefaultTrafficSelector.builder()
512 .matchVlanId(VlanId.vlanId(network.getProviderSegID()))
513 .build();
514 }
515
516 TrafficTreatment treatment = DefaultTrafficTreatment.builder()
517 .drop()
518 .build();
519
520 osNodeService.completeNodes().stream()
521 .filter(osNode -> osNode.type() == COMPUTE)
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]522 .forEach(osNode ->
Frank Wangf9571662017-06-06 18:01:29 +0800[diff] [blame]523 osFlowRuleService.setRule(
524 appId,
525 osNode.intgBridge(),
526 selector,
527 treatment,
528 PRIORITY_ADMIN_RULE,
529 ACL_TABLE,
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]530 install)
531 );
Frank Wangf9571662017-06-06 18:01:29 +0800[diff] [blame]532 }
533
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]534 // TODO: need to be purged sooner or later
Frank Wangf9571662017-06-06 18:01:29 +0800[diff] [blame]535 private void setPortAdminRules(Port port, boolean install) {
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]536 InstancePort instancePort =
537 instancePortService.instancePort(MacAddress.valueOf(port.getMacAddress()));
Frank Wangf9571662017-06-06 18:01:29 +0800[diff] [blame]538 TrafficSelector selector = DefaultTrafficSelector.builder()
539 .matchInPort(instancePort.portNumber())
540 .build();
541
542 TrafficTreatment treatment = DefaultTrafficTreatment.builder()
543 .drop()
544 .build();
545
546 osFlowRuleService.setRule(
547 appId,
548 instancePort.deviceId(),
549 selector,
550 treatment,
551 PRIORITY_ADMIN_RULE,
Jian Li70a2c3f2018-04-13 17:26:31 +0900[diff] [blame]552 VTAG_TABLE,
Frank Wangf9571662017-06-06 18:01:29 +0800[diff] [blame]553 install);
554 }
555
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]556 /**
557 * Obtains the VLAN ID from the given instance port.
558 *
559 * @param instPort instance port object
560 * @return VLAN ID
561 */
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]562 private VlanId getVlanId(InstancePort instPort) {
563 Network osNet = osNetworkService.network(instPort.networkId());
564
565 if (osNet == null || Strings.isNullOrEmpty(osNet.getProviderSegID())) {
Jian Li71670d12018-03-02 21:31:07 +0900[diff] [blame]566 final String error =
567 String.format(ERR_SET_FLOWS_VNI,
568 instPort, osNet == null ? "<none>" : osNet.getName());
daniel parka792cf72017-04-14 16:25:35 +0900[diff] [blame]569 throw new IllegalStateException(error);
570 }
571
572 return VlanId.vlanId(osNet.getProviderSegID());
573 }
574
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]575 /**
576 * Obtains the VNI from the given instance port.
577 *
578 * @param instPort instance port object
579 * @return VXLAN Network Identifier (VNI)
580 */
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]581 private Long getVni(InstancePort instPort) {
582 Network osNet = osNetworkService.network(instPort.networkId());
583 if (osNet == null || Strings.isNullOrEmpty(osNet.getProviderSegID())) {
Jian Li71670d12018-03-02 21:31:07 +0900[diff] [blame]584 final String error =
585 String.format(ERR_SET_FLOWS_VNI,
586 instPort, osNet == null ? "<none>" : osNet.getName());
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]587 throw new IllegalStateException(error);
588 }
589 return Long.valueOf(osNet.getProviderSegID());
590 }
591
Jian Liea1b9662018-03-02 18:07:32 +0900[diff] [blame]592 /**
593 * An internal instance port listener which listens the port events generated
594 * from VM. The corresponding L2 forwarding rules will be generated and
595 * inserted to integration bridge only if a new VM port is detected. If the
596 * existing detected VM port is removed due to VM purge, we will remove the
597 * corresponding L2 forwarding to as well for the sake of resource saving.
598 */
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]599 private class InternalInstancePortListener implements InstancePortListener {
600
601 @Override
602 public boolean isRelevant(InstancePortEvent event) {
603 InstancePort instPort = event.subject();
604 return mastershipService.isLocalMaster(instPort.deviceId());
605 }
606
607 @Override
608 public void event(InstancePortEvent event) {
609 InstancePort instPort = event.subject();
Jian Li9a921b42018-06-18 02:44:50 +0900[diff] [blame]610
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]611 switch (event.type()) {
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]612 case OPENSTACK_INSTANCE_PORT_DETECTED:
Jian Liec5c32b2018-07-13 14:28:58 +0900[diff] [blame]613 case OPENSTACK_INSTANCE_PORT_UPDATED:
Jian Li46b74002018-07-15 18:39:08 +0900[diff] [blame^]614 case OPENSTACK_INSTANCE_RESTARTED:
Jian Liec5c32b2018-07-13 14:28:58 +0900[diff] [blame]615 log.info("SwitchingHandler: Instance port detected MAC:{} IP:{}",
Jian Li9a921b42018-06-18 02:44:50 +0900[diff] [blame]616 instPort.macAddress(),
617 instPort.ipAddress());
Jian Liec5c32b2018-07-13 14:28:58 +0900[diff] [blame]618
619 eventExecutor.execute(() -> instPortDetected(instPort));
Jian Li9a921b42018-06-18 02:44:50 +0900[diff] [blame]620
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]621 break;
Jian Li46b74002018-07-15 18:39:08 +0900[diff] [blame^]622 case OPENSTACK_INSTANCE_TERMINATED:
623 log.info("SwitchingHandler: Instance port terminated MAC:{} IP:{}",
624 instPort.macAddress(),
625 instPort.ipAddress());
626 eventExecutor.execute(() -> removeVportRules(instPort));
627
628 break;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]629 case OPENSTACK_INSTANCE_PORT_VANISHED:
Jian Liec5c32b2018-07-13 14:28:58 +0900[diff] [blame]630 log.info("SwitchingHandler: Instance port vanished MAC:{} IP:{}",
Jian Li9a921b42018-06-18 02:44:50 +0900[diff] [blame]631 instPort.macAddress(),
632 instPort.ipAddress());
Jian Liec5c32b2018-07-13 14:28:58 +0900[diff] [blame]633
634 eventExecutor.execute(() -> instPortRemoved(instPort));
Jian Li9a921b42018-06-18 02:44:50 +0900[diff] [blame]635
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]636 break;
Jian Liec5c32b2018-07-13 14:28:58 +0900[diff] [blame]637 case OPENSTACK_INSTANCE_MIGRATION_STARTED:
638 log.info("SwitchingHandler: Migration started for MAC:{} IP:{}",
639 instPort.macAddress(),
Jian Li9a921b42018-06-18 02:44:50 +0900[diff] [blame]640 instPort.ipAddress());
Jian Liec5c32b2018-07-13 14:28:58 +0900[diff] [blame]641
642 eventExecutor.execute(() -> instPortDetected(instPort));
643
644 break;
645 case OPENSTACK_INSTANCE_MIGRATION_ENDED:
646 log.info("SwitchingHandler: Migration finished for MAC:{} IP:{}",
647 instPort.macAddress(),
648 instPort.ipAddress());
649
650 InstancePort revisedInstPort = swapStaleLocation(instPort);
651 eventExecutor.execute(() -> removeVportRules(revisedInstPort));
652
Jian Li24ec59f2018-05-23 19:01:25 +0900[diff] [blame]653 break;
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]654 default:
655 break;
656 }
657 }
658
659 private void instPortDetected(InstancePort instPort) {
660 setNetworkRules(instPort, true);
661 // TODO add something else if needed
662 }
663
664 private void instPortRemoved(InstancePort instPort) {
665 setNetworkRules(instPort, false);
666 // TODO add something else if needed
667 }
668 }
Hyunsun Moon44aac662017-02-18 02:07:01 +0900[diff] [blame]669}