From 49f77e930db0102e2e4f7c6f2d0dc504be8ecd94 Mon Sep 17 00:00:00 2001 From: Philip Joseph Date: Thu, 29 Dec 2016 09:37:22 -0500 Subject: [PATCH] Bug 138 * Support enabling/disabling port security feature on VDU * Openstack changes to support port enabling/disabling Fix by: Hashir Mohammed Signed-off-by: Philip Joseph --- models/plugins/yang/vnfd.yang | 5 ++++ .../rift/rwcal/openstack/openstack_drv.py | 3 ++- .../vala/rwcal_openstack/rwcal_openstack.py | 6 +++++ rwcal/plugins/yang/rwcal.yang | 8 +++++++ .../tasklets/rwnsmtasklet/rwnsmtasklet.py | 4 +++- .../tasklets/rwvnfmtasklet/rwvnfmtasklet.py | 24 ++++++++++--------- 6 files changed, 37 insertions(+), 13 deletions(-) diff --git a/models/plugins/yang/vnfd.yang b/models/plugins/yang/vnfd.yang index 1c36433e..0806bf19 100644 --- a/models/plugins/yang/vnfd.yang +++ b/models/plugins/yang/vnfd.yang @@ -67,6 +67,11 @@ module vnfd description "Type of the connection point."; type manotypes:connection-point-type; } + leaf port-security-enabled { + description "Enables the port security for the port"; + type boolean; + default true; + } } grouping virtual-interface { diff --git a/rwcal/plugins/vala/rwcal_openstack/rift/rwcal/openstack/openstack_drv.py b/rwcal/plugins/vala/rwcal_openstack/rift/rwcal/openstack/openstack_drv.py index 798d41d8..a88013a5 100644 --- a/rwcal/plugins/vala/rwcal_openstack/rift/rwcal/openstack/openstack_drv.py +++ b/rwcal/plugins/vala/rwcal_openstack/rift/rwcal/openstack/openstack_drv.py @@ -1436,7 +1436,8 @@ class NeutronDriver(object): "name" : kwargs['name'], "network_id" : kwargs['network_id'], "fixed_ips" : [ {"subnet_id": kwargs['subnet_id']}], - "binding:vnic_type" : kwargs['port_type']}} + "binding:vnic_type" : kwargs['port_type'], + "port_security_enabled" : kwargs['port_security_enabled']}} ntconn = self._get_neutron_connection() try: diff --git a/rwcal/plugins/vala/rwcal_openstack/rwcal_openstack.py b/rwcal/plugins/vala/rwcal_openstack/rwcal_openstack.py index 8a4c3374..7cdc2407 100644 --- a/rwcal/plugins/vala/rwcal_openstack/rwcal_openstack.py +++ b/rwcal/plugins/vala/rwcal_openstack/rwcal_openstack.py @@ -1500,6 +1500,12 @@ class RwcalOpenstackPlugin(GObject.Object, RwCal.Cloud): else: raise NotImplementedError("Port Type: %s not supported" %(c_point.type_yang)) + # By default port gets created with post_security enaled as True + if c_point.port_security_enabled is not None and c_point.port_security_enabled == False: + kwargs['port_security_enabled'] = False + else: + kwargs['port_security_enabled'] = True + with self._use_driver(account) as drv: if c_point.has_field('security_group'): group = drv.neutron_security_group_by_name(c_point.security_group) diff --git a/rwcal/plugins/yang/rwcal.yang b/rwcal/plugins/yang/rwcal.yang index 872375d4..c04462fb 100644 --- a/rwcal/plugins/yang/rwcal.yang +++ b/rwcal/plugins/yang/rwcal.yang @@ -982,6 +982,10 @@ module rwcal description "Name of the security group"; type string; } + leaf port-security-enabled { + description "Enables the port security"; + type boolean; + } uses connection-point-type; } @@ -1061,6 +1065,10 @@ module rwcal type boolean; default false; } + leaf port-security-enabled { + description "Enables the port security"; + type boolean; + } uses connection-point-type; } diff --git a/rwlaunchpad/plugins/rwnsm/rift/tasklets/rwnsmtasklet/rwnsmtasklet.py b/rwlaunchpad/plugins/rwnsm/rift/tasklets/rwnsmtasklet/rwnsmtasklet.py index 16431be4..dce9ebe6 100755 --- a/rwlaunchpad/plugins/rwnsm/rift/tasklets/rwnsmtasklet/rwnsmtasklet.py +++ b/rwlaunchpad/plugins/rwnsm/rift/tasklets/rwnsmtasklet/rwnsmtasklet.py @@ -963,7 +963,8 @@ class VirtualNetworkFunctionRecord(object): vnfr = RwVnfrYang.YangData_Vnfr_VnfrCatalog_Vnfr.from_dict(vnfr_dict) - vnfr.vnfd = VnfrYang.YangData_Vnfr_VnfrCatalog_Vnfr_Vnfd.from_dict(self.vnfd.as_dict()) + vnfr.vnfd = VnfrYang.YangData_Vnfr_VnfrCatalog_Vnfr_Vnfd.from_dict(self.vnfd.as_dict(), + ignore_missing_keys=True) vnfr.member_vnf_index_ref = self.member_vnf_index vnfr.vnf_configuration.from_dict(self._vnfd.vnf_configuration.as_dict()) @@ -1120,6 +1121,7 @@ class VirtualNetworkFunctionRecord(object): cpr = VnfrYang.YangData_Vnfr_VnfrCatalog_Vnfr_ConnectionPoint() cpr.name = conn_p.name cpr.type_yang = conn_p.type_yang + cpr.port_security_enabled = conn_p.port_security_enabled vlr_ref = find_vlr_for_cp(conn_p) if vlr_ref is None: msg = "Failed to find VLR for cp = %s" % conn_p.name diff --git a/rwlaunchpad/plugins/rwvnfm/rift/tasklets/rwvnfmtasklet/rwvnfmtasklet.py b/rwlaunchpad/plugins/rwvnfm/rift/tasklets/rwvnfmtasklet/rwvnfmtasklet.py index 87f497dd..f456b168 100755 --- a/rwlaunchpad/plugins/rwvnfm/rift/tasklets/rwvnfmtasklet/rwvnfmtasklet.py +++ b/rwlaunchpad/plugins/rwvnfm/rift/tasklets/rwvnfmtasklet/rwvnfmtasklet.py @@ -466,13 +466,13 @@ class VirtualDeploymentUnitRecord(object): ei_list = [] for intf, cp, vlr in self._ext_intf: - ei_list.append({"name": cp, - "vnfd_connection_point_ref": cp, + ei_list.append({"name": cp.name, + "vnfd_connection_point_ref": cp.name, "virtual_interface": {}}) - self._vnfr.update_cp(cp, - self.cp_ip_addr(cp), - self.cp_mac_addr(cp), - self.cp_id(cp)) + self._vnfr.update_cp(cp.name, + self.cp_ip_addr(cp.name), + self.cp_mac_addr(cp.name), + self.cp_id(cp.name)) vdur_dict["external_interface"] = ei_list @@ -633,9 +633,10 @@ class VirtualDeploymentUnitRecord(object): cp_list = [] for intf, cp, vlr in self._ext_intf: - cp_info = {"name": cp, + cp_info = {"name": cp.name, "virtual_link_id": vlr.network_id, - "type_yang": intf.virtual_interface.type_yang} + "type_yang": intf.virtual_interface.type_yang, + "port_security_enabled": cp.port_security_enabled} if (intf.virtual_interface.has_field('vpci') and intf.virtual_interface.vpci is not None): @@ -656,7 +657,8 @@ class VirtualDeploymentUnitRecord(object): else: cp_list.append({"name": cp, "virtual_link_id": vlr.network_id, - "type_yang": intf.virtual_interface.type_yang}) + "type_yang": intf.virtual_interface.type_yang, + "port_security_enabled": cp.port_security_enabled}) vm_create_msg_dict["connection_points"] = cp_list vm_create_msg_dict.update(vdu_copy_dict) @@ -781,7 +783,7 @@ class VirtualDeploymentUnitRecord(object): vlr = vnfr.ext_vlr_by_id(cp.vlr_ref) - etuple = (ext_intf, cp.name, vlr) + etuple = (ext_intf, cp, vlr) self._ext_intf.append(etuple) self._log.debug("Created external interface tuple : %s", etuple) @@ -1809,7 +1811,7 @@ class VirtualNetworkFunctionRecord(object): def cpr_from_cp(cp): """ Creates a record level connection point from the desciptor cp""" - cp_fields = ["name", "image", "vm-flavor"] + cp_fields = ["name", "image", "vm-flavor", "port_security_enabled"] cp_copy_dict = {k: v for k, v in cp.as_dict().items() if k in cp_fields} cpr_dict = {} cpr_dict.update(cp_copy_dict) -- 2.25.1