Reorg

apply_sfc_patch.sh

@@ -0,0 +1,128 @@
+#!/bin/sh
+
+VERSION="3.0.1"
+
+PATCH_PATH=$1
+PATCH_PORT=$2
+
+Usage () {
+        echo -e "\n\nUsage: apply_sfc_patch.sh <path to 'sfc-patches' directory containing patches> <br-int patch port>\n"
+        echo -e "\nThe patch SHOULD belong to version $VERSION and should be "
+        echo -e "applied ONLY on top of sfc rpm with version $VERSION.\n"
+}
+
+# diff -u networking_sfc.rpm/db/sfc_db.py networking_sfc/db/sfc_db.py > sfc_db-3.0.1.patch
+# diff -u networking_sfc.rpm/db/flowclassifier_db.py networking_sfc/db/flowclassifier_db.py >> sfc_db-3.0.1.patch
+# diff -Naur -x "*.py?" networking_sfc.rpm/services/sfc/agent/extensions/oc/ networking_sfc/services/sfc/agent/extensions/oc/ > sfc_agent-3.0.1.patch
+# diff -Nau networking_sfc.rpm/services/sfc/drivers/oc/ networking_sfc/services/sfc/drivers/oc/ > sfc_plugin-3.0.1.patch
+# diff -Nau networking_sfc.rpm/services/flowclassifier/drivers/oc/ networking_sfc/services/flowclassifier/drivers/oc/ >> sfc_plugin-3.0.1.patch
+
+function backup_files_to_be_modifed(){
+    echo "Backing up files that are to be modified while patching with $1."
+    if [[ $1 == "sfc_db-$VERSION.patch" ]]; then
+        cp $PYTHON_MODULE_PATH/networking_sfc/db/sfc_db.py $PYTHON_MODULE_PATH/networking_sfc/db/sfc_db.py.bk
+        cp $PYTHON_MODULE_PATH/networking_sfc/db/flowclassifier_db.py $PYTHON_MODULE_PATH/networking_sfc/db/flowclassifier_db.py.bk
+    elif [[ $1 == "sfc_agent-$VERSION.patch" ]]; then
+        mkdir -p $PYTHON_MODULE_PATH/networking_sfc/services/sfc/agent/extensions/oc
+        cp $PYTHON_MODULE_PATH/networking_sfc/services/sfc/agent/extensions/oc/sfc_driver.py $PYTHON_MODULE_PATH/networking_sfc/services/sfc/agent/extensions/oc/sfc_driver.py.bk 2>/dev/null
+        touch $PYTHON_MODULE_PATH/networking_sfc/services/sfc/agent/extensions/oc/__init__.py
+    elif [[ $1 == "sfc_plugin-$VERSION.patch" ]]; then
+        mkdir -p $PYTHON_MODULE_PATH/networking_sfc/services/sfc/drivers/oc
+        mkdir -p $PYTHON_MODULE_PATH/networking_sfc/services/flowclassifier/drivers/oc
+        cp $PYTHON_MODULE_PATH/networking_sfc/services/sfc/drivers/oc/driver.py $PYTHON_MODULE_PATH/networking_sfc/services/sfc/drivers/oc/driver.py.bk 2>/dev/null
+        cp $PYTHON_MODULE_PATH/networking_sfc/services/flowclassifier/drivers/oc/driver.py $PYTHON_MODULE_PATH/networking_sfc/services/flowclassifier/drivers/oc/driver.py.bk 2>/dev/null
+        touch $PYTHON_MODULE_PATH/networking_sfc/services/sfc/drivers/oc/__init__.py
+        touch $PYTHON_MODULE_PATH/networking_sfc/services/flowclassifier/drivers/oc/__init__.py
+    else
+        :
+    fi
+}
+
+function apply_patches(){
+    cd $PYTHON_MODULE_PATH
+    for patch in ${PATCH_ARRAY[@]}
+    do
+        if [[ $patch != *"$VERSION"* ]]; then
+            echo -e "\nThe patches must be of version $VERSION."
+            exit 1
+        fi
+        test_patch=`patch -R -p0 --dry-run --silent > /dev/null < $patch`
+        patch_status=`echo $?`
+        if [ $patch_status == 0 ]; then
+            echo "$patch is already applied so skipping."
+        else
+            backup_files_to_be_modifed $patch
+            echo "Applying patch $patch ..."
+            patch -p0 < $patch
+            sleep 2
+        fi
+    done
+}
+
+function check_for_sfc(){
+    sfc_rpm="$(rpm -qa | grep networking-sfc)"
+    if [[ -z $sfc_rpm ]]; then
+        echo -e "\nSFC RPM is missing in this node. This script works ONLY if a valid SFC rpm is installed. Aborting..."
+        exit 1
+    fi
+
+    if [[ $sfc_rpm != *"$VERSION"* ]]; then
+        echo -e "\nThis script works ONLY on SFC RPM installed with version $VERSION."
+        exit 1
+    fi
+}
+
+function copy_sfc_patches(){
+    cp $PATCH_PATH/sfc-patches/sfc_plugin-$VERSION.patch $PYTHON_MODULE_PATH/.
+    cp $PATCH_PATH/sfc-patches/sfc_agent-$VERSION.patch $PYTHON_MODULE_PATH/.
+    cp $PATCH_PATH/sfc-patches/sfc_db-$VERSION.patch $PYTHON_MODULE_PATH/.
+}
+
+function configure_sfc(){
+    NEUTRON_CONF="/etc/neutron/neutron.conf"
+    OVS_INI="/etc/neutron/plugins/ml2/openvswitch_agent.ini"
+    EGG_FILE="/usr/lib/python2.7/site-packages/networking_sfc-*egg*/entry_points.txt"
+    crudini --set --verbose $NEUTRON_CONF sfc drivers oc
+    crudini --set --verbose $NEUTRON_CONF flowclassifier drivers oc
+    if [[ `crudini --get $NEUTRON_CONF DEFAULT service_plugins` != *"trunk"* ]]; then
+        crudini --set --verbose $NEUTRON_CONF DEFAULT service_plugins `crudini --get $NEUTRON_CONF DEFAULT service_plugins`,trunk
+    fi
+    crudini --set --verbose $OVS_INI ovs phy_patch_ofport $PATCH_PORT
+    crudini --set --verbose $EGG_FILE networking_sfc.flowclassifier.drivers oc networking_sfc.services.flowclassifier.drivers.oc.driver:OCFlowClassifierDriver
+    crudini --set --verbose $EGG_FILE networking_sfc.sfc.agent_drivers ovs networking_sfc.services.sfc.agent.extensions.oc.sfc_driver:SfcOCAgentDriver
+    crudini --set --verbose $EGG_FILE networking_sfc.sfc.drivers oc networking_sfc.services.sfc.drivers.oc.driver:OCSfcDriver
+
+    systemctl restart neutron-server.service
+    systemctl restart neutron-openvswitch-agent.service
+}
+
+function cleanup(){
+    rm -f $PYTHON_MODULE_PATH/sfc_agent-$VERSION.patch
+    rm -f $PYTHON_MODULE_PATH/sfc_plugin-$VERSION.patch
+    rm -f $PYTHON_MODULE_PATH/sfc_db-$VERSION.patch
+}
+
+function install_patch(){
+    check_for_sfc
+    copy_sfc_patches
+    apply_patches
+    cleanup
+    configure_sfc
+}
+
+if [[ -z $PATCH_PATH ]]; then
+    Usage
+    exit 1
+fi
+if [[ -z $PATCH_PORT ]]; then
+    Usage
+    echo -e "Please give the patch port of br-int that interfaces the switch "
+    echo -e "connected to the extreme switch. Choose the correct one from the following:\n"
+    ovs-vsctl list-ports br-int
+    echo -e "\nIt maybe something like int-br-vlan or int-extreme-br or the like"
+    exit 1
+fi
+
+PYTHON_MODULE_PATH="/usr/lib/python2.7/site-packages"
+PATCH_ARRAY=("sfc_agent-$VERSION.patch" "sfc_plugin-$VERSION.patch" "sfc_db-$VERSION.patch")
+install_patch

demo.sh

@@ -0,0 +1,152 @@
+#!/bin/sh
+
+########################## FILL THIS INFO #####################################
+# Note: Fill with hostnames. Blank, if compute does not exist.
+computeA=node-204.localdomain
+computeB=compute-5
+computeC=compute-210
+
+# Note: Fill with SF and client glance image names.
+sf_image=sf
+client_image=client
+###############################################################################
+
+
+
+if [[ -z $computeA && -z $computeB && -z $computeC ]]; then
+    echo "Fill the compute node details."
+    exit
+fi
+
+
+sf_id=`glance image-list | grep " $sf_image " | awk '{print $2}'`
+client_id=`glance image-list | grep " $client_image " | awk '{print $2}'`
+if [[ -z $sf_id || -z $client_id ]]; then
+    echo "Fill in valid glance image names for both SF and Client VMs."
+    exit
+fi
+
+operation=$1
+if [ "$operation" != "create" ] && [ "$operation" != "delete" ]; then
+    echo "This script expects a case-sensitive argument --> create/delete"
+    exit
+fi 
+
+if [ ! -z $computeC ] ; then
+    c2_compute=$computeC
+    c1_compute=$computeA
+    sf_compute=$computeB
+elif [ ! -z $computeB ] ; then
+    sf_compute=$computeB
+    c2_compute=$computeA
+    c1_compute=$computeA
+else
+    sf_compute=$computeA
+    c2_compute=$computeA
+    c1_compute=$computeA
+fi
+
+if [ "$operation" == "create" ]; then
+    echo -e "\nCreating network Inspected_net"
+    openstack network create inspected_net
+    openstack subnet create --subnet-range 11.0.0.0/24 --network inspected_net inspected_subnet
+    sleep 50
+    echo -e "\nCreating network Inspection_net"
+    openstack network create inspection_net
+    openstack subnet create --subnet-range 12.0.0.0/24 --network inspection_net inspection_subnet
+    sleep 50
+    #openstack router create sfc-router
+
+    #openstack router add subnet sfc-router inspected_subnet
+    #openstack router add subnet sfc-router inspection_subnet
+
+    openstack port create --network inspected_net c1
+    openstack port create --network inspected_net c2
+    openstack port create --network inspected_net c3
+    openstack port create --network inspection_net p1
+    openstack port create --network inspection_net p2
+
+    p1_id=`openstack port list -f value | grep " p1 " | awk '{print $1}'`
+    p2_id=`openstack port list -f value | grep " p2 " | awk '{print $1}'`
+    p1_mac=`openstack port list -f value | grep " p1 " | awk '{print $3}'`
+    p2_mac=`openstack port list -f value | grep " p2 " | awk '{print $3}'`
+
+    c1_id=`openstack port list -f value | grep " c1 " | awk '{print $1}'`
+    c2_id=`openstack port list -f value | grep " c2 " | awk '{print $1}'`
+    c3_id=`openstack port list -f value | grep " c3 " | awk '{print $1}'`
+
+    echo -e "\nCreating Neutron Trunk port" 
+    openstack network trunk create --parent-port $p1_id trunk1
+
+    echo -e "\nLaunching VNF on Node $sf_compute..."
+    nova boot --image $sf_image --flavor 3 --nic port-id=$p1_id\
+     --nic port-id=$p2_id --availability-zone nova:$sf_compute VNF
+
+    sleep 5
+
+    echo -e "\nLaunching Client1 on Node $c1_compute..."
+    nova boot --image $client_image --flavor 3 --nic port-id=$c1_id  --availability-zone nova:$c1_compute Client1
+    echo -e "\nLaunching Client2 on Node $sf_compute..."
+    nova boot --image $client_image --flavor 3 --nic port-id=$c3_id  --availability-zone nova:$sf_compute Client2
+    echo -e "\nLaunching Server on Node $c2_compute..."
+    nova boot --image $client_image --flavor 3 --nic port-id=$c2_id  --availability-zone nova:$c2_compute Server
+
+    sleep 5
+
+    vnf_id=`openstack server list | grep VNF | awk '{print $2}'`
+
+    echo -e "\nCreating a shadow port s1" 
+    openstack port create --network inspected_net --mac-address $p1_mac s1
+    s1_id=`openstack port list -f value | grep " s1 " | awk '{print $1}'`
+    seg_id=`openstack network show inspected_net | grep segmentation_id | awk '{print $4}'`
+
+    echo -e "\nCreating a shadow port s2" 
+    openstack port create --network inspected_net --device $p2_id --mac-address $p2_mac s2
+
+    openstack network trunk set --subport port=$s1_id,segmentation-type=vlan,segmentation-id=$seg_id trunk1
+
+    openstack port set --device $p1_id s1
+
+    sleep 3
+
+    echo -e "\nCreating SFC Port Pair pp1."
+    openstack port pair create --ingress s1 --egress s2 pp1
+    echo -e "\nCreating SFC Port Pair Group ppg1."
+    openstack port pair group create --port-pair pp1 ppg1 
+    echo -e "\nCreating SFC Flow Classifier fc1."
+    openstack flow classifier create --protocol TCP  --logical-source-port c1 --logical-destination-port c2 fc1
+    echo -e "\nCreating SFC Flow Classifier fc2."
+    openstack flow classifier create --protocol TCP  --logical-source-port c3 --logical-destination-port c2 fc2
+
+    while true; do
+        read -p "Create or delete the port chain? (create/delete/exit)  " op
+        case $op in
+            create ) echo -e "\nCreating SFC Port Chain pc1" && openstack port chain create --port-pair-group ppg1 --flow-classifier fc1 --flow-classifier fc2 pc1;;
+            delete ) echo -e "\nDeleting SFC Port Chain pc1" && openstack port chain delete pc1;;
+            exit ) exit;;
+            * ) echo "Please choose either of (create/delete/exit).";;
+        esac
+    done
+
+else
+    openstack port chain delete pc1
+    openstack flow classifier delete fc1
+    openstack flow classifier delete fc2
+    openstack port pair group delete ppg1
+    openstack port pair delete pp1
+
+    s1_id=`openstack port list -f value | grep " s1 " | awk '{print $1}'`
+    openstack network trunk unset --subport $s1_id trunk1
+
+    openstack server delete Client1 Server VNF Client2
+
+    openstack network trunk delete trunk1
+
+    openstack port delete c1 c2 p1 p2 c3 s1 s2
+
+    #openstack router remove subnet sfc-router inspected_subnet
+    #openstack router remove subnet sfc-router inspection_subnet
+    #openstack router delete sfc-router
+    openstack network delete inspected_net inspection_net 
+fi
+

networking_sfc/db/flowclassifier_db.py

@@ -111,8 +111,8 @@ def _check_ip_prefix_valid(cls, ip_prefix, ethertype):
 
     @classmethod
     def _logical_port_conflict(cls, first_logical_port, second_logical_port):
-        if first_logical_port is None or second_logical_port is None:
-            return True
+        '''if first_logical_port is None or second_logical_port is None:
+            return True'''
         return first_logical_port == second_logical_port
 
     @classmethod

networking_sfc/db/sfc_db.py

@@ -239,7 +239,7 @@ def _validate_flow_classifiers(self, context, fc_ids, pc_id=None):
                 if fc_assoc and fc_assoc['portchain_id'] != pc_id:
                     raise ext_fc.FlowClassifierInUse(id=fc.id)
 
-            query = self._model_query(context, PortChain)
+            '''query = self._model_query(context, PortChain)
             for port_chain_db in query.all():
                 if port_chain_db['id'] == pc_id:
                     continue
@@ -260,7 +260,7 @@ def _validate_flow_classifiers(self, context, fc_ids, pc_id=None):
                             raise ext_sfc.PortChainFlowClassifierInConflict(
                                 fc_id=fc['id'], pc_id=port_chain_db['id'],
                                 pc_fc_id=pc_fc['id']
-                            )
+                            )'''
 
     def _setup_chain_group_associations(
         self, context, port_chain, pg_ids
@@ -431,10 +431,10 @@ def _validate_port_pair_ingress_egress(self, ingress, egress):
             raise ext_sfc.PortPairEgressNoHost(
                 egress=egress['id']
             )
-        if ingress['device_id'] != egress['device_id']:
+        '''if ingress['device_id'] != egress['device_id']:
             raise ext_sfc.PortPairIngressEgressDifferentHost(
                 ingress=ingress['id'],
-                egress=egress['id'])
+                egress=egress['id'])'''
 
     @log_helpers.log_method_call
     def create_port_pair(self, context, port_pair):

networking_sfc/services/flowclassifier/drivers/oc/driver.py

@@ -0,0 +1,38 @@
+# Copyright 2016 Futurewei. All rights reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+from oslo_log import helpers as log_helpers
+
+from networking_sfc.services.flowclassifier.common import exceptions as exc
+from networking_sfc.services.flowclassifier.drivers.ovs import driver as fc_dvr
+
+
+class OCFlowClassifierDriver(fc_dvr.OVSFlowClassifierDriver):
+    """FlowClassifier Driver Base Class."""
+
+    @log_helpers.log_method_call
+    def create_flow_classifier_precommit(self, context):
+        """OVS Driver precommit before transaction committed.
+
+        Make sure that either the logical_source_port
+        or the logical_destination_port is not None.
+        """
+
+        flow_classifier = context.current
+        logical_source_port = flow_classifier['logical_source_port']
+        logical_destination_port = flow_classifier['logical_destination_port']
+        if (logical_source_port or logical_destination_port) is None:
+            raise exc.FlowClassifierBadRequest(message=(
+                'FlowClassifier %s requires either logical destination port or'
+                ' logical source port in ovs driver' % flow_classifier['id']))