Source Code of org.apache.cloudstack.network.contrail.management.ContrailVpcElementImpl

// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements.  See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership.  The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License.  You may obtain a copy of the License at
//
//   http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied.  See the License for the
// specific language governing permissions and limitations
// under the License.

package org.apache.cloudstack.network.contrail.management;

import java.io.IOException;
import java.util.List;

import javax.ejb.Local;
import javax.inject.Inject;

import org.apache.cloudstack.network.contrail.model.VirtualNetworkModel;
import org.apache.cloudstack.network.contrail.model.NetworkPolicyModel;

import org.apache.log4j.Logger;
import org.springframework.stereotype.Component;

import com.cloud.deploy.DeployDestination;
import com.cloud.exception.ConcurrentOperationException;
import com.cloud.exception.InsufficientCapacityException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.Network;
import com.cloud.network.Network.Provider;
import com.cloud.network.element.NetworkACLServiceProvider;
import com.cloud.network.element.VpcProvider;
import com.cloud.network.vpc.NetworkACLItem;
import com.cloud.network.vpc.NetworkACLVO;
import com.cloud.network.vpc.PrivateGateway;
import com.cloud.network.vpc.StaticRouteProfile;
import com.cloud.network.vpc.Vpc;
import com.cloud.network.vpc.dao.NetworkACLDao;
import com.cloud.vm.ReservationContext;

@Component
@Local(value = {NetworkACLServiceProvider.class, VpcProvider.class, ContrailElementImpl.class})
public class ContrailVpcElementImpl extends ContrailElementImpl implements NetworkACLServiceProvider, VpcProvider {
    private static final Logger s_logger =
            Logger.getLogger(ContrailElement.class);

    @Inject
    NetworkACLDao _networkACLDao;

    // NetworkElement API
    @Override
    public Provider getProvider() {
        return Provider.JuniperContrailVpcRouter;
    }

    @Override
    public boolean implementVpc(Vpc vpc, DeployDestination dest,
            ReservationContext context) throws ConcurrentOperationException,
            ResourceUnavailableException, InsufficientCapacityException {
        // TODO Auto-generated method stub
        s_logger.debug("NetworkElement implementVpc");
        return true;
    }

    @Override
    public boolean shutdownVpc(Vpc vpc, ReservationContext context)
            throws ConcurrentOperationException, ResourceUnavailableException {
        // TODO Auto-generated method stub
        s_logger.debug("NetworkElement shutdownVpc");
        return true;
    }

    @Override
    public boolean createPrivateGateway(PrivateGateway gateway)
            throws ConcurrentOperationException, ResourceUnavailableException {
        // TODO Auto-generated method stub
        s_logger.debug("NetworkElement createPrivateGateway");
        return false;
    }

    @Override
    public boolean deletePrivateGateway(PrivateGateway privateGateway)
            throws ConcurrentOperationException, ResourceUnavailableException {
        // TODO Auto-generated method stub
        s_logger.debug("NetworkElement deletePrivateGateway");
        return false;
    }

    @Override
    public boolean applyStaticRoutes(Vpc vpc, List<StaticRouteProfile> routes)
            throws ResourceUnavailableException {
        // TODO Auto-generated method stub
        s_logger.debug("NetworkElement applyStaticRoutes");
        return true;
    }

    @Override
    public boolean applyNetworkACLs(Network net,
            List<? extends NetworkACLItem> rules)
                    throws ResourceUnavailableException {
        s_logger.debug("NetworkElement applyNetworkACLs");
        if (rules == null || rules.isEmpty()) {
            s_logger.debug("no rules to apply");
            return true;
        }

        Long aclId = rules.get(0).getAclId();
        NetworkACLVO acl = _networkACLDao.findById(aclId);
        NetworkPolicyModel policyModel = _manager.getDatabase().lookupNetworkPolicy(acl.getUuid());
        if (policyModel == null) {
            /*
             * For the first time, when a CS ACL applied to a network, create a network-policy in VNC
             * and when there are no networks associated to CS ACL, delete it from VNC.
             */
            policyModel = new NetworkPolicyModel(acl.getUuid(), acl.getName());
            net.juniper.contrail.api.types.Project project;
            try {
                project = _manager.getVncProject(net.getDomainId(), net.getAccountId());
                if (project == null) {
                    project = _manager.getDefaultVncProject();
                }
            } catch (IOException ex) {
                s_logger.warn("read project", ex);
                return false;
            }
            policyModel.setProject(project);
        }

        VirtualNetworkModel vnModel = _manager.getDatabase().lookupVirtualNetwork(net.getUuid(),
                _manager.getCanonicalName(net), net.getTrafficType());
        NetworkPolicyModel oldPolicyModel = null;
        /* this method is called when network is destroyed too, hence vn model might have been deleted already */
        if (vnModel != null) {
            oldPolicyModel = vnModel.getNetworkPolicyModel();
            vnModel.addToNetworkPolicy(policyModel);
        }

        try {
            policyModel.build(_manager.getModelController(), rules);
        } catch (Exception e) {
            s_logger.error(e);
            e.printStackTrace();
            return false;
        }

        try {
            if (!policyModel.verify(_manager.getModelController())) {
                policyModel.update(_manager.getModelController());
            }
            _manager.getDatabase().getNetworkPolicys().add(policyModel);
        } catch (Exception ex) {
            s_logger.error("network-policy update: ", ex);
            ex.printStackTrace();
            return false;
        }

        if (!policyModel.hasPolicyRules()) {
            try {
                policyModel.delete(_manager.getModelController());
                _manager.getDatabase().getNetworkPolicys().remove(policyModel);
            } catch (IOException e) {
                e.printStackTrace();
                return false;
            }
        }
        /*
         * if no other VNs are associated with the old policy,
         * we could delete it from the Contrail VNC
         */
        if (policyModel != oldPolicyModel && oldPolicyModel != null && !oldPolicyModel.hasDescendents()) {
            try {
                oldPolicyModel.delete(_manager.getModelController());
                _manager.getDatabase().getNetworkPolicys().remove(oldPolicyModel);
            } catch (IOException e) {
                e.printStackTrace();
                return false;
            }
        }

        return true;
    }

    @Override
    public boolean applyACLItemsToPrivateGw(PrivateGateway privateGateway,
            List<? extends NetworkACLItem> rules)
                    throws ResourceUnavailableException {
        // TODO Auto-generated method stub
        s_logger.debug("NetworkElement applyACLItemsToPrivateGw");
        return true;
    }

}