Blame - apps/kubevirt-networking/app/src/main/java/org/onosproject/kubevirtnetworking/impl/KubevirtSecurityGroupManager.java - onos

blob: b92db0577ff6df62dede16743ed740cc885726a2 [file] [log] [blame]

Jian Li	47e7af7	2021-03-05 01:32:04 +0900	[diff] [blame^]	1	/*
				2	* Copyright 2021-present Open Networking Foundation
				3	*
				4	* Licensed under the Apache License, Version 2.0 (the "License");
				5	* you may not use this file except in compliance with the License.
				6	* You may obtain a copy of the License at
				7	*
				8	* http://www.apache.org/licenses/LICENSE-2.0
				9	*
				10	* Unless required by applicable law or agreed to in writing, software
				11	* distributed under the License is distributed on an "AS IS" BASIS,
				12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	* See the License for the specific language governing permissions and
				14	* limitations under the License.
				15	*/
				16	package org.onosproject.kubevirtnetworking.impl;
				17
				18	import com.google.common.base.Strings;
				19	import org.onosproject.core.ApplicationId;
				20	import org.onosproject.core.CoreService;
				21	import org.onosproject.event.ListenerRegistry;
				22	import org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroup;
				23	import org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroupAdminService;
				24	import org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroupEvent;
				25	import org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroupListener;
				26	import org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroupRule;
				27	import org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroupService;
				28	import org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroupStore;
				29	import org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroupStoreDelegate;
				30	import org.osgi.service.component.annotations.Activate;
				31	import org.osgi.service.component.annotations.Component;
				32	import org.osgi.service.component.annotations.Deactivate;
				33	import org.osgi.service.component.annotations.Reference;
				34	import org.osgi.service.component.annotations.ReferenceCardinality;
				35	import org.slf4j.Logger;
				36
				37	import java.util.HashSet;
				38	import java.util.Objects;
				39	import java.util.Set;
				40
				41	import static com.google.common.base.Preconditions.checkArgument;
				42	import static com.google.common.base.Preconditions.checkNotNull;
				43	import static org.onosproject.kubevirtnetworking.api.Constants.KUBEVIRT_NETWORKING_APP_ID;
				44	import static org.slf4j.LoggerFactory.getLogger;
				45
				46	/**
				47	* Provides implementation of administering and interfacing kubevirt security groups.
				48	*/
				49	@Component(
				50	immediate = true,
				51	service = {KubevirtSecurityGroupAdminService.class, KubevirtSecurityGroupService.class }
				52	)
				53	public class KubevirtSecurityGroupManager
				54	extends ListenerRegistry<KubevirtSecurityGroupEvent, KubevirtSecurityGroupListener>
				55	implements KubevirtSecurityGroupAdminService, KubevirtSecurityGroupService {
				56
				57	protected final Logger log = getLogger(getClass());
				58
				59	private static final String MSG_SG = "Kubevirt security group %s %s";
				60	private static final String MSG_SG_RULE = "Kubevirt security group rule %s %s";
				61
				62	private static final String MSG_CREATED = "created";
				63	private static final String MSG_REMOVED = "removed";
				64
				65	private static final String ERR_NULL_SG =
				66	"Kubevirt security group cannot be null";
				67	private static final String ERR_NULL_SG_ID =
				68	"Kubevirt security group ID cannot be null";
				69	private static final String ERR_NULL_SG_RULE =
				70	"Kubevirt security group rule cannot be null";
				71	private static final String ERR_NULL_SG_RULE_ID =
				72	"Kubevirt security group rule ID cannot be null";
				73	private static final String ERR_NOT_FOUND = "not found";
				74	private static final String ERR_DUPLICATE = "already exist";
				75
				76	@Reference(cardinality = ReferenceCardinality.MANDATORY)
				77	protected CoreService coreService;
				78
				79	@Reference(cardinality = ReferenceCardinality.MANDATORY)
				80	protected KubevirtSecurityGroupStore sgStore;
				81
				82	private final KubevirtSecurityGroupStoreDelegate
				83	delegate = new InternalSecurityGroupStoreDelegate();
				84
				85	private ApplicationId appId;
				86	private boolean useSecurityGroup = false;
				87
				88	@Activate
				89	protected void activate() {
				90	appId = coreService.registerApplication(KUBEVIRT_NETWORKING_APP_ID);
				91
				92	sgStore.setDelegate(delegate);
				93	log.info("Started");
				94	}
				95
				96	@Deactivate
				97	protected void deactivate() {
				98	sgStore.unsetDelegate(delegate);
				99	log.info("Stopped");
				100	}
				101
				102	@Override
				103	public void createSecurityGroup(KubevirtSecurityGroup sg) {
				104	checkNotNull(sg, ERR_NULL_SG);
				105	checkArgument(!Strings.isNullOrEmpty(sg.id()), ERR_NULL_SG_ID);
				106
				107	sgStore.createSecurityGroup(sg);
				108	log.info(String.format(MSG_SG, sg.id(), MSG_CREATED));
				109	}
				110
				111	@Override
				112	public void updateSecurityGroup(KubevirtSecurityGroup sg) {
				113	checkNotNull(sg, ERR_NULL_SG);
				114	checkArgument(!Strings.isNullOrEmpty(sg.id()), ERR_NULL_SG_ID);
				115
				116	sgStore.updateSecurityGroup(sg);
				117	}
				118
				119	@Override
				120	public void removeSecurityGroup(String sgId) {
				121	checkArgument(!Strings.isNullOrEmpty(sgId), ERR_NULL_SG_ID);
				122
				123	sgStore.removeSecurityGroup(sgId);
				124	log.info(String.format(MSG_SG, sgId, MSG_REMOVED));
				125	}
				126
				127	@Override
				128	public void createSecurityGroupRule(KubevirtSecurityGroupRule sgRule) {
				129	checkNotNull(sgRule, ERR_NULL_SG_RULE);
				130	checkArgument(!Strings.isNullOrEmpty(sgRule.id()), ERR_NULL_SG_RULE_ID);
				131	checkArgument(!Strings.isNullOrEmpty(sgRule.securityGroupId()), ERR_NULL_SG_ID);
				132
				133	synchronized (this) {
				134	KubevirtSecurityGroup sg = securityGroup(sgRule.securityGroupId());
				135	if (sg == null) {
				136	final String error = String.format(MSG_SG,
				137	sgRule.securityGroupId(), ERR_NOT_FOUND);
				138	throw new IllegalStateException(error);
				139	}
				140
				141	if (sg.rules().stream().anyMatch(rule -> Objects.equals(rule.id(), sgRule.id()))) {
				142	final String error = String.format(MSG_SG_RULE, sgRule.securityGroupId(), ERR_DUPLICATE);
				143	throw new IllegalStateException(error);
				144	}
				145
				146	// FIXME we cannot add element to extend list
				147	Set<KubevirtSecurityGroupRule> updatedSgRules = new HashSet<>(sg.rules());
				148	updatedSgRules.add(sgRule);
				149	sgStore.updateSecurityGroup(sg.updateRules(updatedSgRules));
				150	}
				151
				152	log.info(String.format(MSG_SG_RULE, sgRule.id(), MSG_CREATED));
				153	}
				154
				155	@Override
				156	public void removeSecurityGroupRule(String sgRuleId) {
				157	checkArgument(!Strings.isNullOrEmpty(sgRuleId), ERR_NULL_SG_RULE_ID);
				158
				159	synchronized (this) {
				160	KubevirtSecurityGroupRule sgRule = securityGroupRule(sgRuleId);
				161	if (sgRule == null) {
				162	final String error = String.format(MSG_SG_RULE, sgRuleId, ERR_NOT_FOUND);
				163	throw new IllegalStateException(error);
				164	}
				165
				166	KubevirtSecurityGroup sg = securityGroup(sgRule.securityGroupId());
				167	if (sg == null) {
				168	final String error = String.format(MSG_SG,
				169	sgRule.securityGroupId(), ERR_NOT_FOUND);
				170	throw new IllegalStateException(error);
				171	}
				172
				173	if (sg.rules().stream().noneMatch(rule -> Objects.equals(rule.id(), sgRule.id()))) {
				174	final String error = String.format(MSG_SG_RULE,
				175	sgRule.securityGroupId(), ERR_NOT_FOUND);
				176	throw new IllegalStateException(error);
				177	}
				178
				179	Set<KubevirtSecurityGroupRule> updatedSgRules = new HashSet<>(sg.rules());
				180	updatedSgRules.removeIf(r -> r.id().equals(sgRuleId));
				181	sgStore.updateSecurityGroup(sg.updateRules(updatedSgRules));
				182	}
				183
				184	log.info(String.format(MSG_SG_RULE, sgRuleId, MSG_REMOVED));
				185	}
				186
				187	@Override
				188	public void clear() {
				189	sgStore.clear();
				190	}
				191
				192	@Override
				193	public Set<KubevirtSecurityGroup> securityGroups() {
				194	return sgStore.securityGroups();
				195	}
				196
				197	@Override
				198	public KubevirtSecurityGroup securityGroup(String sgId) {
				199	checkArgument(!Strings.isNullOrEmpty(sgId), ERR_NULL_SG_ID);
				200	return sgStore.securityGroup(sgId);
				201	}
				202
				203	@Override
				204	public boolean isSecurityGroupEnabled() {
				205	return useSecurityGroup;
				206	}
				207
				208	@Override
				209	public void setSecurityGroupEnabled(boolean option) {
				210	useSecurityGroup = option;
				211	}
				212
				213	@Override
				214	public KubevirtSecurityGroupRule securityGroupRule(String sgRuleId) {
				215	return sgStore.securityGroups().stream()
				216	.flatMap(sg -> sg.rules().stream())
				217	.filter(sgRule -> Objects.equals(sgRule.id(), sgRuleId))
				218	.findAny().orElse(null);
				219	}
				220
				221	private class InternalSecurityGroupStoreDelegate
				222	implements KubevirtSecurityGroupStoreDelegate {
				223
				224	@Override
				225	public void notify(KubevirtSecurityGroupEvent event) {
				226	if (event != null) {
				227	log.trace("send kubevirt security group event {}", event);
				228	process(event);
				229	}
				230	}
				231	}
				232	}