aboutsummaryrefslogtreecommitdiffstats
path: root/src/VppContractManager.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/VppContractManager.cpp')
-rw-r--r--src/VppContractManager.cpp86
1 files changed, 62 insertions, 24 deletions
diff --git a/src/VppContractManager.cpp b/src/VppContractManager.cpp
index 873e77d..5e5d20f 100644
--- a/src/VppContractManager.cpp
+++ b/src/VppContractManager.cpp
@@ -21,24 +21,26 @@
#include <vom/om.hpp>
#include "VppContractManager.hpp"
+#include "VppEndPointGroupManager.hpp"
#include "VppLog.hpp"
+#include "VppRuntime.hpp"
using namespace VOM;
namespace VPP
{
-ContractManager::ContractManager(opflexagent::Agent &agent, IdGen &id_gen)
- : m_agent(agent)
- , m_id_gen(id_gen)
+ContractManager::ContractManager(Runtime &r)
+ : m_runtime(r)
{
}
static void
-get_group_sclass(opflexagent::Agent &agent,
+get_group_sclass(Runtime &runtime,
const std::unordered_set<opflex::modb::URI> &uris,
- std::unordered_set<uint32_t> &ids)
+ std::vector<uint32_t> &ids)
{
- opflexagent::PolicyManager &pm = agent.getPolicyManager();
+ opflexagent::PolicyManager &pm = runtime.policy_manager();
+
for (auto &u : uris)
{
boost::optional<uint32_t> sclass = pm.getSclassForGroup(u);
@@ -49,7 +51,7 @@ get_group_sclass(opflexagent::Agent &agent,
}
if (sclass)
{
- ids.insert(sclass.get());
+ ids.push_back(sclass.get());
}
else
{
@@ -58,6 +60,29 @@ get_group_sclass(opflexagent::Agent &agent,
}
}
+static void
+get_group_scope_sclass(Runtime &runtime,
+ const std::unordered_set<opflex::modb::URI> &uris,
+ std::vector<std::pair<uint16_t, uint32_t>> &ids)
+{
+ opflexagent::PolicyManager &pm = runtime.policy_manager();
+
+ for (auto &u : uris)
+ {
+ try
+ {
+ EndPointGroupManager::ForwardInfo fwd =
+ EndPointGroupManager::get_fwd_info(runtime, u);
+
+ ids.push_back(std::make_pair(fwd.rdId, fwd.sclass));
+ }
+ catch (EndPointGroupManager::NoFowardInfoException &e)
+ {
+ VLOGW << "No RD for: " << u;
+ }
+ }
+}
+
static uint32_t
getRdId(IdGen &id_gen,
const std::shared_ptr<modelgbp::gbp::RoutingDomain> epgRd)
@@ -94,7 +119,7 @@ ContractManager::handle_update(const opflex::modb::URI &uri)
OM::mark_n_sweep ms(uuid);
- opflexagent::PolicyManager &polMgr = m_agent.getPolicyManager();
+ opflexagent::PolicyManager &polMgr = m_runtime.policy_manager();
if (!polMgr.contractExists(uri))
{
// Contract removed
@@ -108,12 +133,11 @@ ContractManager::handle_update(const opflex::modb::URI &uri)
polMgr.getContractConsumers(uri, consURIs);
polMgr.getContractIntra(uri, intraURIs);
- typedef std::unordered_set<uint32_t> id_set_t;
- id_set_t provIds;
- id_set_t consIds;
+ std::vector<std::pair<uint16_t, uint32_t>> provIds;
+ std::vector<uint32_t> consIds;
- get_group_sclass(m_agent, provURIs, provIds);
- get_group_sclass(m_agent, consURIs, consIds);
+ get_group_scope_sclass(m_runtime, provURIs, provIds);
+ get_group_sclass(m_runtime, consURIs, consIds);
opflexagent::PolicyManager::rule_list_t rules;
polMgr.getContractRules(uri, rules);
@@ -194,10 +218,11 @@ ContractManager::handle_update(const opflex::modb::URI &uri)
uint8_t macAddr[6] = {0};
dst->getMac().toUIntArray(macAddr);
mac_address_t mac(macAddr);
- gbp_rule::next_hop_t nh(dst->getIp(),
- mac,
- getBdId(m_id_gen, dst->getBD()),
- getRdId(m_id_gen, dst->getRD()));
+ gbp_rule::next_hop_t nh(
+ dst->getIp(),
+ mac,
+ getBdId(m_runtime.id_gen, dst->getBD()),
+ getRdId(m_runtime.id_gen, dst->getRD()));
nhs.insert(nh);
}
if (nhs.size() == 0)
@@ -249,22 +274,31 @@ ContractManager::handle_update(const opflex::modb::URI &uri)
}
}
- for (const uint32_t &pvnid : provIds)
+ for (const auto pvnid : provIds)
{
for (const uint32_t &cvnid : consIds)
{
- if (pvnid == cvnid) /* intra group is allowed by default */
+ if (pvnid.second == cvnid) /* intra group is allowed by default */
continue;
- VLOGD << "Contract prov:" << pvnid << " cons:" << cvnid;
+ /*
+ * Derive the contract scope from the provider's RD
+ */
+ VLOGD << "Contract prov:[" << pvnid.first << ", " << pvnid.second
+ << "]"
+ << " cons:" << cvnid;
if (!in_rules.empty())
{
ACL::l3_list inAcl(uuid + "in", in_rules);
OM::write(uuid, inAcl);
- gbp_contract gbpc_in(
- pvnid, cvnid, inAcl, gbp_rules, in_ethertypes);
+ gbp_contract gbpc_in(pvnid.first,
+ pvnid.second,
+ cvnid,
+ inAcl,
+ gbp_rules,
+ in_ethertypes);
OM::write(uuid, gbpc_in);
}
if (!out_rules.empty())
@@ -272,8 +306,12 @@ ContractManager::handle_update(const opflex::modb::URI &uri)
ACL::l3_list outAcl(uuid + "out", out_rules);
OM::write(uuid, outAcl);
- gbp_contract gbpc_out(
- cvnid, pvnid, outAcl, gbp_rules, out_ethertypes);
+ gbp_contract gbpc_out(pvnid.first,
+ cvnid,
+ pvnid.second,
+ outAcl,
+ gbp_rules,
+ out_ethertypes);
OM::write(uuid, gbpc_out);
}
}