private void removeExternalRules(OpenstackNetwork osNet, String subNetCidr) {
TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder();
sBuilder
.matchEthType(Ethernet.TYPE_IPV4)
.matchTunnelId(Long.valueOf(osNet.segmentId()))
.matchIPSrc(IpPrefix.valueOf(subNetCidr))
.matchEthDst(Constants.DEFAULT_GATEWAY_MAC);
nodeService
.completeNodes()
.forEach(
node -> {
ForwardingObjective.Flag flag =
node.type().equals(GATEWAY)
? ForwardingObjective.Flag.VERSATILE
: ForwardingObjective.Flag.SPECIFIC;
RulePopulatorUtil.removeRule(
flowObjectiveService,
appId,
node.intBridge(),
sBuilder.build(),
flag,
ROUTING_RULE_PRIORITY);
});
}
private void populateRoutingRulestoDifferentNode(
Ip4Address vmIp, long vni, DeviceId deviceId, Ip4Address hostIp, String cidr) {
TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder();
TrafficTreatment.Builder tBuilder = DefaultTrafficTreatment.builder();
sBuilder
.matchEthType(Ethernet.TYPE_IPV4)
.matchTunnelId(vni)
.matchIPSrc(IpPrefix.valueOf(cidr))
.matchIPDst(vmIp.toIpPrefix());
tBuilder
.extension(buildExtension(deviceService, deviceId, hostIp), deviceId)
.setOutput(nodeService.tunnelPort(deviceId).get());
ForwardingObjective fo =
DefaultForwardingObjective.builder()
.withSelector(sBuilder.build())
.withTreatment(tBuilder.build())
.withPriority(EW_ROUTING_RULE_PRIORITY)
.withFlag(ForwardingObjective.Flag.SPECIFIC)
.fromApp(appId)
.add();
flowObjectiveService.forward(deviceId, fo);
}
private void populateRoutingRules(Host host, Set<OpenstackSubnet> osSubNets) {
String osSubNetId = host.annotations().value(SUBNET_ID);
if (osSubNetId == null) {
return;
}
DeviceId localDevice = host.location().deviceId();
PortNumber localPort = host.location().port();
if (!nodeService.dataIp(localDevice).isPresent()) {
log.warn("Failed to populate L3 rules");
return;
}
Map<String, String> vniMap = new HashMap<>();
openstackService.networks().stream().forEach(n -> vniMap.put(n.id(), n.segmentId()));
// TODO improve pipeline, do we have to install access rules between networks
// for every single VMs?
osSubNets
.stream()
.filter(osSubNet -> !osSubNet.id().equals(osSubNetId))
.forEach(
osSubNet -> {
populateRoutingRulestoSameNode(
host.ipAddresses().stream().findFirst().get().getIp4Address(),
host.mac(),
localPort,
localDevice,
Long.valueOf(vniMap.get(osSubNet.networkId())),
osSubNet.cidr());
nodeService
.completeNodes()
.stream()
.filter(node -> node.type().equals(COMPUTE))
.filter(node -> !node.intBridge().equals(localDevice))
.forEach(
node ->
populateRoutingRulestoDifferentNode(
host.ipAddresses().stream().findFirst().get().getIp4Address(),
Long.valueOf(vniMap.get(osSubNet.networkId())),
node.intBridge(),
nodeService.dataIp(localDevice).get().getIp4Address(),
osSubNet.cidr()));
});
}
private void populateCnodeToGateway(long vni, String subnetCidr) {
nodeService
.completeNodes()
.stream()
.filter(node -> node.type().equals(COMPUTE))
.forEach(
node ->
populateRuleToGateway(
node.intBridge(),
gatewayService.getGatewayGroupId(node.intBridge()),
vni,
subnetCidr));
}
private void removeRoutingRules(Host host, Set<OpenstackSubnet> osSubNets) {
String osSubNetId = host.annotations().value(SUBNET_ID);
if (osSubNetId == null) {
return;
}
Map<String, String> vniMap = new HashMap<>();
openstackService.networks().stream().forEach(n -> vniMap.put(n.id(), n.segmentId()));
osSubNets
.stream()
.filter(osSubNet -> !osSubNet.id().equals(osSubNetId))
.forEach(
osSubNet -> {
TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder();
sBuilder
.matchEthType(Ethernet.TYPE_IPV4)
.matchIPDst(host.ipAddresses().stream().findFirst().get().toIpPrefix())
.matchIPSrc(IpPrefix.valueOf(osSubNet.cidr()))
.matchTunnelId(Long.valueOf(vniMap.get(osSubNet.networkId())));
nodeService
.completeNodes()
.stream()
.filter(node -> node.type().equals(COMPUTE))
.forEach(
node ->
RulePopulatorUtil.removeRule(
flowObjectiveService,
appId,
node.intBridge(),
sBuilder.build(),
ForwardingObjective.Flag.SPECIFIC,
EW_ROUTING_RULE_PRIORITY));
});
log.debug("Removed routing rule from {} to {}", host, osSubNets);
}
@Deactivate
protected void deactivate() {
nodeService.removeListener(nodeListener);
log.info("stopped");
}
@Activate
protected void activate() {
super.activate();
appId = coreService.registerApplication(ROUTING_APP_ID);
nodeService.addListener(nodeListener);
}