Gitiles
Code Review Sign In
gerrit.onosproject.org / onos / 9ac73958a0a2ad8461e30a9ca722684ee4fd182e / . / apps / k8s-networking / app / src / main / java / org / onosproject / k8snetworking / impl / K8sNetworkPolicyWatcher.java
blob: 12fd6a13bc47ff09a5a31edcef4aa674fe9d082e [file] [log] [blame]
Jian Lif4523d82019-07-07 01:06:09 +0900[diff] [blame]1/*
2 * Copyright 2019-present Open Networking Foundation
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16package org.onosproject.k8snetworking.impl;
17
Jian Li9ac73952021-01-15 14:53:22 +0900[diff] [blame^]18import io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy;
Jian Lif4523d82019-07-07 01:06:09 +0900[diff] [blame]19import io.fabric8.kubernetes.client.KubernetesClient;
Jian Lif4523d82019-07-07 01:06:09 +0900[diff] [blame]20import io.fabric8.kubernetes.client.Watcher;
Jian Li9ac73952021-01-15 14:53:22 +0900[diff] [blame^]21import io.fabric8.kubernetes.client.WatcherException;
Jian Lif4523d82019-07-07 01:06:09 +0900[diff] [blame]22import org.onosproject.cluster.ClusterService;
23import org.onosproject.cluster.LeadershipService;
24import org.onosproject.cluster.NodeId;
25import org.onosproject.core.ApplicationId;
26import org.onosproject.core.CoreService;
27import org.onosproject.k8snetworking.api.K8sNetworkPolicyAdminService;
28import org.onosproject.k8snode.api.K8sApiConfigEvent;
29import org.onosproject.k8snode.api.K8sApiConfigListener;
30import org.onosproject.k8snode.api.K8sApiConfigService;
31import org.onosproject.mastership.MastershipService;
32import org.osgi.service.component.annotations.Activate;
33import org.osgi.service.component.annotations.Component;
34import org.osgi.service.component.annotations.Deactivate;
35import org.osgi.service.component.annotations.Reference;
36import org.osgi.service.component.annotations.ReferenceCardinality;
37import org.slf4j.Logger;
38
39import java.util.Objects;
40import java.util.concurrent.ExecutorService;
41
42import static java.util.concurrent.Executors.newSingleThreadExecutor;
43import static org.onlab.util.Tools.groupedThreads;
44import static org.onosproject.k8snetworking.api.Constants.K8S_NETWORKING_APP_ID;
45import static org.onosproject.k8snetworking.util.K8sNetworkingUtil.k8sClient;
46import static org.slf4j.LoggerFactory.getLogger;
47
48/**
49 * Kubernetes network policy watcher used for feeding network policy information.
50 */
51@Component(immediate = true)
52public class K8sNetworkPolicyWatcher {
53
54 private final Logger log = getLogger(getClass());
55
56 @Reference(cardinality = ReferenceCardinality.MANDATORY)
57 protected CoreService coreService;
58
59 @Reference(cardinality = ReferenceCardinality.MANDATORY)
60 protected MastershipService mastershipService;
61
62 @Reference(cardinality = ReferenceCardinality.MANDATORY)
63 protected ClusterService clusterService;
64
65 @Reference(cardinality = ReferenceCardinality.MANDATORY)
66 protected LeadershipService leadershipService;
67
68 @Reference(cardinality = ReferenceCardinality.MANDATORY)
69 protected K8sNetworkPolicyAdminService k8sNetworkPolicyAdminService;
70
71 @Reference(cardinality = ReferenceCardinality.MANDATORY)
72 protected K8sApiConfigService k8sApiConfigService;
73
74 private final ExecutorService eventExecutor = newSingleThreadExecutor(
75 groupedThreads(this.getClass().getSimpleName(), "event-handler"));
76
77 private final InternalK8sNetworkPolicyWatcher
78 internalK8sNetworkPolicyWatcher = new InternalK8sNetworkPolicyWatcher();
79 private final InternalK8sApiConfigListener
80 internalK8sApiConfigListener = new InternalK8sApiConfigListener();
81
82 private ApplicationId appId;
83 private NodeId localNodeId;
84
85 @Activate
86 protected void activate() {
87 appId = coreService.registerApplication(K8S_NETWORKING_APP_ID);
88 localNodeId = clusterService.getLocalNode().id();
89 leadershipService.runForLeadership(appId.name());
90 k8sApiConfigService.addListener(internalK8sApiConfigListener);
91
92 log.info("Started");
93 }
94
95 @Deactivate
96 protected void deactivate() {
97 k8sApiConfigService.removeListener(internalK8sApiConfigListener);
98 leadershipService.withdraw(appId.name());
99 eventExecutor.shutdown();
100
101 log.info("Stopped");
102 }
103
104 private class InternalK8sApiConfigListener implements K8sApiConfigListener {
105
106 private boolean isRelevantHelper() {
107 return Objects.equals(localNodeId, leadershipService.getLeader(appId.name()));
108 }
109
110 @Override
111 public void event(K8sApiConfigEvent event) {
112
113 switch (event.type()) {
114 case K8S_API_CONFIG_UPDATED:
115 eventExecutor.execute(this::processConfigUpdating);
116 break;
117 case K8S_API_CONFIG_CREATED:
118 case K8S_API_CONFIG_REMOVED:
119 default:
120 // do nothing
121 break;
122 }
123 }
124
125 private void processConfigUpdating() {
126 if (!isRelevantHelper()) {
127 return;
128 }
129
130 KubernetesClient client = k8sClient(k8sApiConfigService);
131
132 if (client != null) {
133 client.network().networkPolicies().inAnyNamespace().watch(
134 internalK8sNetworkPolicyWatcher);
135 }
136 }
137 }
138
139 private class InternalK8sNetworkPolicyWatcher implements Watcher<NetworkPolicy> {
140
141 @Override
142 public void eventReceived(Action action, NetworkPolicy service) {
143 switch (action) {
144 case ADDED:
145 eventExecutor.execute(() -> processAddition(service));
146 break;
147 case MODIFIED:
148 eventExecutor.execute(() -> processModification(service));
149 break;
150 case DELETED:
151 eventExecutor.execute(() -> processDeletion(service));
152 break;
153 case ERROR:
154 log.warn("Failures processing network policy manipulation.");
155 break;
156 default:
157 // do nothing
158 break;
159 }
160 }
161
162 @Override
Jian Li9ac73952021-01-15 14:53:22 +0900[diff] [blame^]163 public void onClose(WatcherException e) {
Jian Li1ea027142019-08-26 23:19:38 +0900[diff] [blame]164 log.warn("Network policy watcher OnClose", e);
Jian Lif4523d82019-07-07 01:06:09 +0900[diff] [blame]165 }
166
167 private void processAddition(NetworkPolicy networkPolicy) {
168 if (!isMaster()) {
169 return;
170 }
171
172 log.trace("Process network policy {} creating event from API server.",
173 networkPolicy.getMetadata().getName());
174
Jian Li8143c3b2019-12-24 15:58:25 +0900[diff] [blame]175 if (k8sNetworkPolicyAdminService.networkPolicy(
176 networkPolicy.getMetadata().getUid()) == null) {
177 k8sNetworkPolicyAdminService.createNetworkPolicy(networkPolicy);
178 }
Jian Lif4523d82019-07-07 01:06:09 +0900[diff] [blame]179 }
180
181 private void processModification(NetworkPolicy networkPolicy) {
182 if (!isMaster()) {
183 return;
184 }
185
186 log.trace("Process network policy {} updating event from API server.",
187 networkPolicy.getMetadata().getName());
188
189 if (k8sNetworkPolicyAdminService.networkPolicy(
190 networkPolicy.getMetadata().getUid()) != null) {
191 k8sNetworkPolicyAdminService.updateNetworkPolicy(networkPolicy);
192 }
193 }
194
195 private void processDeletion(NetworkPolicy networkPolicy) {
196 if (!isMaster()) {
197 return;
198 }
199
200 log.trace("Process network policy {} removal event from API server.",
201 networkPolicy.getMetadata().getName());
202
203 k8sNetworkPolicyAdminService.removeNetworkPolicy(networkPolicy.getMetadata().getUid());
204 }
205
206 private boolean isMaster() {
207 return Objects.equals(localNodeId, leadershipService.getLeader(appId.name()));
208 }
209 }
210}