Bug 138

* Support enabling/disabling port security feature on VDU
* Openstack changes to support port enabling/disabling

Signed-off-by: Hashir Mohammed <hashir.mohammed@riftio.com>

diff --git a/models/plugins/yang/vnfd.yang b/models/plugins/yang/vnfd.yang
index dab7499..32a87d2 100644 (file)
--- a/models/plugins/yang/vnfd.yang
+++ b/models/plugins/yang/vnfd.yang
@@ -67,6 +67,11 @@ module vnfd
       description "Type of the connection point.";
       type manotypes:connection-point-type;
     }
+    leaf port-security-enabled {
+      description "Enables the port security for the port";
+      type boolean;
+      default true;
+    }
   }
 
   grouping virtual-interface {

diff --git a/rwcal/plugins/vala/rwcal_openstack/rift/rwcal/openstack/openstack_drv.py b/rwcal/plugins/vala/rwcal_openstack/rift/rwcal/openstack/openstack_drv.py
index 798d41d..a88013a 100644 (file)
--- a/rwcal/plugins/vala/rwcal_openstack/rift/rwcal/openstack/openstack_drv.py
+++ b/rwcal/plugins/vala/rwcal_openstack/rift/rwcal/openstack/openstack_drv.py
@@ -1436,7 +1436,8 @@ class NeutronDriver(object):
                 "name"              : kwargs['name'],
                 "network_id"        : kwargs['network_id'],
                 "fixed_ips"         : [ {"subnet_id": kwargs['subnet_id']}],
-                "binding:vnic_type" : kwargs['port_type']}}
+                "binding:vnic_type" : kwargs['port_type'],
+                "port_security_enabled" : kwargs['port_security_enabled']}}
 
         ntconn = self._get_neutron_connection()
         try:

diff --git a/rwcal/plugins/vala/rwcal_openstack/rwcal_openstack.py b/rwcal/plugins/vala/rwcal_openstack/rwcal_openstack.py
index 8a4c337..7cdc240 100644 (file)
--- a/rwcal/plugins/vala/rwcal_openstack/rwcal_openstack.py
+++ b/rwcal/plugins/vala/rwcal_openstack/rwcal_openstack.py
@@ -1500,6 +1500,12 @@ class RwcalOpenstackPlugin(GObject.Object, RwCal.Cloud):
         else:
             raise NotImplementedError("Port Type: %s not supported" %(c_point.type_yang))
 
+        # By default port gets created with post_security enaled as True
+        if c_point.port_security_enabled is not None and c_point.port_security_enabled == False:
+            kwargs['port_security_enabled'] = False
+        else:
+            kwargs['port_security_enabled'] = True
+
         with self._use_driver(account) as drv:
             if c_point.has_field('security_group'):
                 group = drv.neutron_security_group_by_name(c_point.security_group)

diff --git a/rwcal/plugins/yang/rwcal.yang b/rwcal/plugins/yang/rwcal.yang
index 872375d..c04462f 100644 (file)
--- a/rwcal/plugins/yang/rwcal.yang
+++ b/rwcal/plugins/yang/rwcal.yang
@@ -982,6 +982,10 @@ module rwcal
         description "Name of the security group";
         type string;
       }
+      leaf port-security-enabled {
+        description "Enables the port security";
+        type boolean;
+      }
 
       uses connection-point-type;
     }
@@ -1061,6 +1065,10 @@ module rwcal
         type boolean;
         default false;
       }
+      leaf port-security-enabled {
+        description "Enables the port security";
+        type boolean;
+      }
 
       uses connection-point-type;
     }

diff --git a/rwlaunchpad/plugins/rwnsm/rift/tasklets/rwnsmtasklet/rwnsmtasklet.py b/rwlaunchpad/plugins/rwnsm/rift/tasklets/rwnsmtasklet/rwnsmtasklet.py
index 8534952..d683a60 100755 (executable)
--- a/rwlaunchpad/plugins/rwnsm/rift/tasklets/rwnsmtasklet/rwnsmtasklet.py
+++ b/rwlaunchpad/plugins/rwnsm/rift/tasklets/rwnsmtasklet/rwnsmtasklet.py
@@ -958,7 +958,8 @@ class VirtualNetworkFunctionRecord(object):
 
         vnfr = RwVnfrYang.YangData_Vnfr_VnfrCatalog_Vnfr.from_dict(vnfr_dict)
 
-        vnfr.vnfd = VnfrYang.YangData_Vnfr_VnfrCatalog_Vnfr_Vnfd.from_dict(self.vnfd.as_dict())
+        vnfr.vnfd = VnfrYang.YangData_Vnfr_VnfrCatalog_Vnfr_Vnfd.from_dict(self.vnfd.as_dict(),
+                                                                          ignore_missing_keys=True)
         vnfr.member_vnf_index_ref = self.member_vnf_index
         vnfr.vnf_configuration.from_dict(self._vnfd.vnf_configuration.as_dict())
 
@@ -1072,6 +1073,7 @@ class VirtualNetworkFunctionRecord(object):
             cpr = VnfrYang.YangData_Vnfr_VnfrCatalog_Vnfr_ConnectionPoint()
             cpr.name = conn_p.name
             cpr.type_yang = conn_p.type_yang
+            cpr.port_security_enabled = conn_p.port_security_enabled
             vlr_ref = find_vlr_for_cp(conn_p)
             if vlr_ref is None:
                 msg = "Failed to find VLR for cp = %s" % conn_p.name

diff --git a/rwlaunchpad/plugins/rwvnfm/rift/tasklets/rwvnfmtasklet/rwvnfmtasklet.py b/rwlaunchpad/plugins/rwvnfm/rift/tasklets/rwvnfmtasklet/rwvnfmtasklet.py
index e493d3a..daf8360 100755 (executable)
--- a/rwlaunchpad/plugins/rwvnfm/rift/tasklets/rwvnfmtasklet/rwvnfmtasklet.py
+++ b/rwlaunchpad/plugins/rwvnfm/rift/tasklets/rwvnfmtasklet/rwvnfmtasklet.py
@@ -466,13 +466,13 @@ class VirtualDeploymentUnitRecord(object):
 
         ei_list = []
         for intf, cp, vlr in self._ext_intf:
-            ei_list.append({"name": cp,
-                            "vnfd_connection_point_ref": cp,
+            ei_list.append({"name": cp.name,
+                            "vnfd_connection_point_ref": cp.name,
                             "virtual_interface": {}})
-            self._vnfr.update_cp(cp,
-                                 self.cp_ip_addr(cp),
-                                 self.cp_mac_addr(cp),
-                                 self.cp_id(cp))
+            self._vnfr.update_cp(cp.name,
+                                 self.cp_ip_addr(cp.name),
+                                 self.cp_mac_addr(cp.name),
+                                 self.cp_id(cp.name))
 
         vdur_dict["external_interface"] = ei_list
 
@@ -633,9 +633,10 @@ class VirtualDeploymentUnitRecord(object):
 
         cp_list = []
         for intf, cp, vlr in self._ext_intf:
-            cp_info = {"name": cp,
+            cp_info = {"name": cp.name,
                        "virtual_link_id": vlr.network_id,
-                       "type_yang": intf.virtual_interface.type_yang}
+                       "type_yang": intf.virtual_interface.type_yang,
+                       "port_security_enabled": cp.port_security_enabled}
 
             if (intf.virtual_interface.has_field('vpci') and
                     intf.virtual_interface.vpci is not None):
@@ -656,7 +657,8 @@ class VirtualDeploymentUnitRecord(object):
             else:
                 cp_list.append({"name": cp,
                                 "virtual_link_id": vlr.network_id,
-                                "type_yang": intf.virtual_interface.type_yang})
+                                "type_yang": intf.virtual_interface.type_yang,
+                                "port_security_enabled": cp.port_security_enabled})
 
         vm_create_msg_dict["connection_points"] = cp_list
         vm_create_msg_dict.update(vdu_copy_dict)
@@ -781,7 +783,7 @@ class VirtualDeploymentUnitRecord(object):
 
             vlr = vnfr.ext_vlr_by_id(cp.vlr_ref)
 
-            etuple = (ext_intf, cp.name, vlr)
+            etuple = (ext_intf, cp, vlr)
             self._ext_intf.append(etuple)
 
             self._log.debug("Created external interface tuple  : %s", etuple)
@@ -1798,7 +1800,7 @@ class VirtualNetworkFunctionRecord(object):
 
             def cpr_from_cp(cp):
                 """ Creates a record level connection point from the desciptor cp"""
-                cp_fields = ["name", "image", "vm-flavor"]
+                cp_fields = ["name", "image", "vm-flavor", "port_security_enabled"]
                 cp_copy_dict = {k: v for k, v in cp.as_dict().items() if k in cp_fields}
                 cpr_dict = {}
                 cpr_dict.update(cp_copy_dict)