* Support enabling/disabling port security feature on VDU
* Openstack changes to support port enabling/disabling
Signed-off-by: Hashir Mohammed <hashir.mohammed@riftio.com>
description "Type of the connection point.";
type manotypes:connection-point-type;
}
description "Type of the connection point.";
type manotypes:connection-point-type;
}
+ leaf port-security-enabled {
+ description "Enables the port security for the port";
+ type boolean;
+ default true;
+ }
}
grouping virtual-interface {
}
grouping virtual-interface {
"name" : kwargs['name'],
"network_id" : kwargs['network_id'],
"fixed_ips" : [ {"subnet_id": kwargs['subnet_id']}],
"name" : kwargs['name'],
"network_id" : kwargs['network_id'],
"fixed_ips" : [ {"subnet_id": kwargs['subnet_id']}],
- "binding:vnic_type" : kwargs['port_type']}}
+ "binding:vnic_type" : kwargs['port_type'],
+ "port_security_enabled" : kwargs['port_security_enabled']}}
ntconn = self._get_neutron_connection()
try:
ntconn = self._get_neutron_connection()
try:
else:
raise NotImplementedError("Port Type: %s not supported" %(c_point.type_yang))
else:
raise NotImplementedError("Port Type: %s not supported" %(c_point.type_yang))
+ # By default port gets created with post_security enaled as True
+ if c_point.port_security_enabled is not None and c_point.port_security_enabled == False:
+ kwargs['port_security_enabled'] = False
+ else:
+ kwargs['port_security_enabled'] = True
+
with self._use_driver(account) as drv:
if c_point.has_field('security_group'):
group = drv.neutron_security_group_by_name(c_point.security_group)
with self._use_driver(account) as drv:
if c_point.has_field('security_group'):
group = drv.neutron_security_group_by_name(c_point.security_group)
description "Name of the security group";
type string;
}
description "Name of the security group";
type string;
}
+ leaf port-security-enabled {
+ description "Enables the port security";
+ type boolean;
+ }
uses connection-point-type;
}
uses connection-point-type;
}
type boolean;
default false;
}
type boolean;
default false;
}
+ leaf port-security-enabled {
+ description "Enables the port security";
+ type boolean;
+ }
uses connection-point-type;
}
uses connection-point-type;
}
vnfr = RwVnfrYang.YangData_Vnfr_VnfrCatalog_Vnfr.from_dict(vnfr_dict)
vnfr = RwVnfrYang.YangData_Vnfr_VnfrCatalog_Vnfr.from_dict(vnfr_dict)
- vnfr.vnfd = VnfrYang.YangData_Vnfr_VnfrCatalog_Vnfr_Vnfd.from_dict(self.vnfd.as_dict())
+ vnfr.vnfd = VnfrYang.YangData_Vnfr_VnfrCatalog_Vnfr_Vnfd.from_dict(self.vnfd.as_dict(),
+ ignore_missing_keys=True)
vnfr.member_vnf_index_ref = self.member_vnf_index
vnfr.vnf_configuration.from_dict(self._vnfd.vnf_configuration.as_dict())
vnfr.member_vnf_index_ref = self.member_vnf_index
vnfr.vnf_configuration.from_dict(self._vnfd.vnf_configuration.as_dict())
cpr = VnfrYang.YangData_Vnfr_VnfrCatalog_Vnfr_ConnectionPoint()
cpr.name = conn_p.name
cpr.type_yang = conn_p.type_yang
cpr = VnfrYang.YangData_Vnfr_VnfrCatalog_Vnfr_ConnectionPoint()
cpr.name = conn_p.name
cpr.type_yang = conn_p.type_yang
+ cpr.port_security_enabled = conn_p.port_security_enabled
vlr_ref = find_vlr_for_cp(conn_p)
if vlr_ref is None:
msg = "Failed to find VLR for cp = %s" % conn_p.name
vlr_ref = find_vlr_for_cp(conn_p)
if vlr_ref is None:
msg = "Failed to find VLR for cp = %s" % conn_p.name
ei_list = []
for intf, cp, vlr in self._ext_intf:
ei_list = []
for intf, cp, vlr in self._ext_intf:
- ei_list.append({"name": cp,
- "vnfd_connection_point_ref": cp,
+ ei_list.append({"name": cp.name,
+ "vnfd_connection_point_ref": cp.name,
"virtual_interface": {}})
"virtual_interface": {}})
- self._vnfr.update_cp(cp,
- self.cp_ip_addr(cp),
- self.cp_mac_addr(cp),
- self.cp_id(cp))
+ self._vnfr.update_cp(cp.name,
+ self.cp_ip_addr(cp.name),
+ self.cp_mac_addr(cp.name),
+ self.cp_id(cp.name))
vdur_dict["external_interface"] = ei_list
vdur_dict["external_interface"] = ei_list
cp_list = []
for intf, cp, vlr in self._ext_intf:
cp_list = []
for intf, cp, vlr in self._ext_intf:
+ cp_info = {"name": cp.name,
"virtual_link_id": vlr.network_id,
"virtual_link_id": vlr.network_id,
- "type_yang": intf.virtual_interface.type_yang}
+ "type_yang": intf.virtual_interface.type_yang,
+ "port_security_enabled": cp.port_security_enabled}
if (intf.virtual_interface.has_field('vpci') and
intf.virtual_interface.vpci is not None):
if (intf.virtual_interface.has_field('vpci') and
intf.virtual_interface.vpci is not None):
else:
cp_list.append({"name": cp,
"virtual_link_id": vlr.network_id,
else:
cp_list.append({"name": cp,
"virtual_link_id": vlr.network_id,
- "type_yang": intf.virtual_interface.type_yang})
+ "type_yang": intf.virtual_interface.type_yang,
+ "port_security_enabled": cp.port_security_enabled})
vm_create_msg_dict["connection_points"] = cp_list
vm_create_msg_dict.update(vdu_copy_dict)
vm_create_msg_dict["connection_points"] = cp_list
vm_create_msg_dict.update(vdu_copy_dict)
vlr = vnfr.ext_vlr_by_id(cp.vlr_ref)
vlr = vnfr.ext_vlr_by_id(cp.vlr_ref)
- etuple = (ext_intf, cp.name, vlr)
+ etuple = (ext_intf, cp, vlr)
self._ext_intf.append(etuple)
self._log.debug("Created external interface tuple : %s", etuple)
self._ext_intf.append(etuple)
self._log.debug("Created external interface tuple : %s", etuple)
def cpr_from_cp(cp):
""" Creates a record level connection point from the desciptor cp"""
def cpr_from_cp(cp):
""" Creates a record level connection point from the desciptor cp"""
- cp_fields = ["name", "image", "vm-flavor"]
+ cp_fields = ["name", "image", "vm-flavor", "port_security_enabled"]
cp_copy_dict = {k: v for k, v in cp.as_dict().items() if k in cp_fields}
cpr_dict = {}
cpr_dict.update(cp_copy_dict)
cp_copy_dict = {k: v for k, v in cp.as_dict().items() if k in cp_fields}
cpr_dict = {}
cpr_dict.update(cp_copy_dict)