Add names to classifiers in the vnffgd template

The functinality of naming the classifiers which are
created through a vnffgd template is essential so the user
can identify somehow the classifiers that he created for a chain.

In addition to that the classifiers' names would be an important
tool in subsequent patches where we will use them to update the ACL
of an existing classifier though the vnffgd template. We are going to
use the name to identify which classifier's ACL the user wants to
update.

Change-Id: Ia586061c578a99662d49ad284d1ff313c350e1f3
Signed-off-by: Dimitrios Markou <mardim@intracom-telecom.com>
This commit is contained in:
Dimitrios Markou 2018-01-09 16:46:01 +02:00
parent 0a52d6fb4a
commit 994d4e51c9
23 changed files with 342 additions and 87 deletions

View File

@ -77,14 +77,18 @@ tosca-vnffgd-sample.yaml>`_.
policy:
type: ACL
criteria:
- network_src_port_id: 640dfd77-c92b-45a3-b8fc-22712de480e1
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
- network_src_port_id: 640dfd77-c92b-45a3-b8fc-22712de480eda
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.2.2/24
- name: block_tcp
classifier:
network_src_port_id: 640dfd77-c92b-45a3-b8fc-22712de480e1
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
- name: block_udp
classifier:
network_src_port_id: 640dfd77-c92b-45a3-b8fc-22712de480eda
destination_port_range: 80-1024
ip_proto: 17
ip_dst_prefix: 192.168.2.2/24
In above example, VNFFG will have 2 flow classifier. List flow classifiers
are defined in list of criteria.

View File

@ -0,0 +1,5 @@
---
features:
- Add names to classifiers through VNFFG template.This functionality
allows the identification and the categorization of the different
classifiers according to their specific use.

View File

@ -0,0 +1,43 @@
tosca_definitions_version: tosca_simple_profile_for_nfv_1_0_0
description: Sample VNFFG template
topology_template:
description: Sample VNFFG template
node_templates:
Forwarding_path1:
type: tosca.nodes.nfv.FP.Tacker
description: creates path (CP12->CP22)
properties:
id: 51
policy:
type: ACL
criteria:
- network_src_port_id: 640dfd77-c92b-45a3-b8fc-22712de480e1
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
- network_src_port_id: 640dfd77-c92b-45a3-b8fc-22712de480eda
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.2.2/24
path:
- forwarder: VNFD1
capability: CP12
- forwarder: VNFD2
capability: CP22
groups:
VNFFG1:
type: tosca.groups.nfv.VNFFG
description: HTTP to Corporate Net
properties:
vendor: tacker
version: 1.0
number_of_endpoints: 2
dependent_virtual_link: [VL12,VL22]
connection_point: [CP12,CP22]
constituent_vnfs: [VNFD1,VNFD2]
members: [Forwarding_path1]

View File

@ -0,0 +1,39 @@
tosca_definitions_version: tosca_simple_profile_for_nfv_1_0_0
description: Sample VNFFG template
topology_template:
description: Sample VNFFG template
node_templates:
Forwarding_path1:
type: tosca.nodes.nfv.FP.Tacker
description: creates path (CP12->CP22)
properties:
id: 51
policy:
type: ACL
criteria:
- network_src_port_id: 640dfd77-c92b-45a3-b8fc-22712de480e1
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
path:
- forwarder: VNFD1
capability: CP12
- forwarder: VNFD2
capability: CP22
groups:
VNFFG1:
type: tosca.groups.nfv.VNFFG
description: HTTP to Corporate Net
properties:
vendor: tacker
version: 1.0
number_of_endpoints: 2
dependent_virtual_link: [VL12,VL22]
connection_point: [CP12,CP22]
constituent_vnfs: [VNFD1,VNFD2]
members: [Forwarding_path1]

View File

@ -0,0 +1,40 @@
tosca_definitions_version: tosca_simple_profile_for_nfv_1_0_0
description: Sample symmetrical VNFFG template (network_dst_port_id and ip_dst_prefix must be set)
topology_template:
description: Sample symmetrical VNFFG template
node_templates:
Forwarding_path1:
type: tosca.nodes.nfv.FP.Tacker
description: creates path (CP12->CP22)
properties:
id: 51
policy:
type: ACL
criteria:
- network_src_port_id: e8463552-f236-4127-afc2-571f2b1d81bb
network_dst_port_id: 8bff0400-a7b8-41eb-bbef-d7cff67a7361
ip_dst_prefix: 10.10.0.9/24
destination_port_range: 80-1024
ip_proto: 6
path:
- forwarder: VNFD1
capability: CP12
- forwarder: VNFD2
capability: CP22
groups:
VNFFG1:
type: tosca.groups.nfv.VNFFG
description: HTTP to Corporate Net
properties:
vendor: tacker
version: 1.0
number_of_endpoints: 2
dependent_virtual_link: [VL12,VL22]
connection_point: [CP12,CP22]
constituent_vnfs: [VNFD1,VNFD2]
members: [Forwarding_path1]

View File

@ -8,21 +8,25 @@ topology_template:
node_templates:
Forwarding_path1:
type: tosca.nodes.nfv.FP.Tacker
type: tosca.nodes.nfv.FP.TackerV2
description: creates path (CP12->CP22)
properties:
id: 51
policy:
type: ACL
criteria:
- network_src_port_id: 640dfd77-c92b-45a3-b8fc-22712de480e1
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
- network_src_port_id: 640dfd77-c92b-45a3-b8fc-22712de480eda
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.2.2/24
- name: block_tcp
classifier:
network_src_port_id: 640dfd77-c92b-45a3-b8fc-22712de480e1
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
- name: block_udp
classifier:
network_src_port_id: 640dfd77-c92b-45a3-b8fc-22712de480eda
destination_port_range: 80-1024
ip_proto: 17
ip_dst_prefix: 192.168.2.2/24
path:
- forwarder: VNFD1
capability: CP12

View File

@ -8,17 +8,19 @@ topology_template:
node_templates:
Forwarding_path1:
type: tosca.nodes.nfv.FP.Tacker
type: tosca.nodes.nfv.FP.TackerV2
description: creates path (CP12->CP22)
properties:
id: 51
policy:
type: ACL
criteria:
- network_src_port_id: 640dfd77-c92b-45a3-b8fc-22712de480e1
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
- name: block_tcp
classifier:
network_src_port_id: 640dfd77-c92b-45a3-b8fc-22712de480e1
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
path:
- forwarder: VNFD1
capability: CP12

View File

@ -8,18 +8,20 @@ topology_template:
node_templates:
Forwarding_path1:
type: tosca.nodes.nfv.FP.Tacker
type: tosca.nodes.nfv.FP.TackerV2
description: creates path (CP12->CP22)
properties:
id: 51
policy:
type: ACL
criteria:
- network_src_port_id: e8463552-f236-4127-afc2-571f2b1d81bb
network_dst_port_id: 8bff0400-a7b8-41eb-bbef-d7cff67a7361
ip_dst_prefix: 10.10.0.9/24
destination_port_range: 80-1024
ip_proto: 6
- name: block_tcp
classifier:
network_src_port_id: e8463552-f236-4127-afc2-571f2b1d81bb
network_dst_port_id: 8bff0400-a7b8-41eb-bbef-d7cff67a7361
ip_dst_prefix: 10.10.0.9/24
destination_port_range: 80-1024
ip_proto: 6
path:
- forwarder: VNFD1
capability: CP12

View File

@ -0,0 +1,35 @@
# Copyright 2018 OpenStack Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
"""add_name_to_classifiers
Revision ID: 5d490546290c
Revises: e9a1e47fb0b5
Create Date: 2018-01-11 14:27:16.334946
"""
# revision identifiers, used by Alembic.
revision = '5d490546290c'
down_revision = 'e9a1e47fb0b5'
from alembic import op
import sqlalchemy as sa
def upgrade(active_plugins=None, options=None):
op.add_column('vnffgclassifiers',
sa.Column('name', sa.String(255),
nullable=True, server_default=''))

View File

@ -1 +1 @@
e9a1e47fb0b5
5d490546290c

View File

@ -137,6 +137,8 @@ class VnffgChain(model_base.BASE, models_v1.HasTenant, models_v1.HasId):
class VnffgClassifier(model_base.BASE, models_v1.HasTenant, models_v1.HasId):
"""VNFFG NFP Classifier Data Model"""
name = sa.Column(sa.String(255), nullable=True)
status = sa.Column(sa.String(255), nullable=False)
instance_id = sa.Column(sa.String(255), nullable=True)
@ -379,12 +381,12 @@ class VnffgPluginDbMixin(vnffg.VNFFGPluginBase, db_base.CommonDbMixin):
nfp_id = uuidutils.generate_uuid()
sfc_id = uuidutils.generate_uuid()
matches = self._policy_to_acl_criteria(context, template_db,
classifiers = self._policy_to_acl_criteria(context, template_db,
nfp_dict['name'],
vnf_mapping)
LOG.debug('acl_matches %s', matches)
LOG.debug('classifiers %s', classifiers)
classifier_ids = [uuidutils.generate_uuid() for i in matches]
classifier_ids = [uuidutils.generate_uuid() for i in classifiers]
nfp_db = VnffgNfp(id=nfp_id, vnffg_id=vnffg_id,
tenant_id=tenant_id,
@ -410,6 +412,7 @@ class VnffgPluginDbMixin(vnffg.VNFFGPluginBase, db_base.CommonDbMixin):
for i, classifier_id in enumerate(classifier_ids):
sfcc_db = VnffgClassifier(id=classifier_id,
name=classifiers[i]['name'],
tenant_id=tenant_id,
status=constants.PENDING_CREATE,
nfp_id=nfp_id,
@ -419,7 +422,7 @@ class VnffgPluginDbMixin(vnffg.VNFFGPluginBase, db_base.CommonDbMixin):
match_db_table = ACLMatchCriteria(
id=uuidutils.generate_uuid(),
vnffgc_id=classifier_id,
**matches[i])
**classifiers[i]['match'])
context.session.add(match_db_table)
@ -667,13 +670,26 @@ class VnffgPluginDbMixin(vnffg.VNFFGPluginBase, db_base.CommonDbMixin):
if 'criteria' not in policy:
raise nfvo.NfpPolicyCriteriaError(
error="Missing criteria in policy")
validation_list = []
for item in policy['criteria']:
if item.get('name') is None:
LOG.warning('The unnamed classifier approach'
' will be deprecated in subsequent'
' releases')
validation_list.append(item)
else:
validation_list.append(item['classifier'])
self._validate_criteria(policy['criteria'])
self._validate_criteria(validation_list)
matches = []
classifiers = []
for criteria in policy['criteria']:
match = dict()
for key, val in criteria.items():
if criteria.get('name') is None:
criteria_dict = criteria.copy()
else:
criteria_dict = criteria['classifier'].copy()
for key, val in criteria_dict.items():
if key in MATCH_CRITERIA:
match.update(self._convert_criteria(context, key, val,
vnf_mapping))
@ -681,9 +697,10 @@ class VnffgPluginDbMixin(vnffg.VNFFGPluginBase, db_base.CommonDbMixin):
raise nfvo.NfpPolicyCriteriaError(error="Unsupported "
"criteria: "
"{}".format(key))
matches.append(match)
classifiers.append({'name': criteria.get('name'),
'match': match})
return matches
return classifiers
def _convert_criteria(self, context, criteria, value, vnf_mapping):
"""Method is used to convert criteria to proper db value from template
@ -1053,8 +1070,8 @@ class VnffgPluginDbMixin(vnffg.VNFFGPluginBase, db_base.CommonDbMixin):
res = {
'match': self._make_acl_match_dict(classifier_db.match)
}
key_list = ('id', 'tenant_id', 'instance_id', 'status', 'chain_id',
'nfp_id')
key_list = ('id', 'name', 'tenant_id', 'instance_id', 'status',
'chain_id', 'nfp_id')
res.update((key, classifier_db[key]) for key in key_list)
return self._fields(res, fields)

View File

@ -628,6 +628,12 @@ RESOURCE_ATTRIBUTE_MAP = {
'allow_put': False,
'is_visible': True,
},
'name': {
'allow_post': True,
'allow_put': True,
'validate': {'type:string': NAME_MAX_LEN},
'is_visible': True,
},
},
'nsds': {

View File

@ -359,6 +359,7 @@ class OpenStack_Driver(abstract_vim_driver.VimAbstractDriver,
LOG.debug('fc passed is %s', fc)
sfc_classifier_params = {}
sfc_classifier_params['name'] = name
for field in fc:
if field in FC_MAP:
sfc_classifier_params[FC_MAP[field]] = fc[field]

View File

@ -323,12 +323,12 @@ class NfvoPlugin(nfvo_db_plugin.NfvoPluginDb, vnffg_db.VnffgPluginDbMixin,
nfp = super(NfvoPlugin, self).get_nfp(context,
vnffg_dict['forwarding_paths'])
sfc = super(NfvoPlugin, self).get_sfc(context, nfp['chain_id'])
matches = []
classifier_dict = dict()
name_match_list = []
for classifier_id in nfp['classifier_ids']:
matches.append(super(NfvoPlugin, self).
get_classifier(context,
classifier_id,
fields='match')['match'])
classifier_dict = super(NfvoPlugin, self).get_classifier(
context, classifier_id, fields=['name', 'match'])
name_match_list.append(classifier_dict)
# grab the first VNF to check it's VIM type
# we have already checked that all VNFs are in the same VIM
vim_obj = self._get_vim_from_vnf(context,
@ -339,11 +339,11 @@ class NfvoPlugin(nfvo_db_plugin.NfvoPluginDb, vnffg_db.VnffgPluginDbMixin,
driver_type = vim_obj['type']
try:
fc_ids = []
for match in matches:
for item in name_match_list:
fc_ids.append(self._vim_drivers.invoke(driver_type,
'create_flow_classifier',
name=vnffg_dict['name'],
fc=match,
name=item['name'],
fc=item['match'],
auth_attr=vim_obj['auth_cred']))
sfc_id = self._vim_drivers.invoke(driver_type,
'create_chain',

View File

@ -490,6 +490,7 @@ class TestNfvoPlugin(db_base.SqlTestCase):
fc = vnffg_db.VnffgClassifier(
id='a85f21b5-f446-43f0-86f4-d83bdc5590ab',
tenant_id='ad7ebc56538745a08ef7c5e97f8bd437',
name='classifier_one',
status='ACTIVE',
instance_id='3007dc2d-30dc-4651-9184-f1e6273cc0b6',
chain_id='f28e33bc-1061-4762-b942-76060bbd59c4',

View File

@ -8,17 +8,19 @@ topology_template:
node_templates:
Forwarding_path1:
type: tosca.nodes.nfv.FP.Tacker
type: tosca.nodes.nfv.FP.TackerV2
description: creates path (CP11->CP12->CP32)
properties:
id: 51
policy:
type: ACL
criteria:
- blah: tenant1_net
- destination_port_range: 80-1024
- ip_proto: 6
- ip_dst_prefix: 192.168.1.2/24
- name: classifier_one
classifier:
blah: tenant1_net
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
path:
- forwarder: VNF1
capability: CP11

View File

@ -8,21 +8,25 @@ topology_template:
node_templates:
Forwarding_path1:
type: tosca.nodes.nfv.FP.Tacker
type: tosca.nodes.nfv.FP.TackerV2
description: creates path (CP11->CP12->CP32)
properties:
id: 51
policy:
type: ACL
criteria:
- network_name: tenant1_net
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
- network_name: tenant1_net
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
- name: classifier_one
classifier:
network_name: tenant1_net
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
- name: classifier_two
classifier:
network_name: tenant1_net
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
path:
- forwarder: VNF1

View File

@ -21,17 +21,19 @@ topology_template:
node_templates:
Forwarding_path1:
type: tosca.nodes.nfv.FP.Tacker
type: tosca.nodes.nfv.FP.TackerV2
description: creates path (CP12->CP22)
properties:
id: 51
policy:
type: ACL
criteria:
- network_src_port_id: { get_input: net_src_port_id }
- destination_port_range: { get_input: dst_port_range }
- ip_proto: 6
- ip_dst_prefix: { get_input: ip_dst_pre }
- name: classifier_one
classifier:
network_src_port_id: { get_input: net_src_port_id }
destination_port_range: { get_input: dst_port_range }
ip_proto: 6
ip_dst_prefix: { get_input: ip_dst_pre }
path:
- forwarder: VNFD1
capability: CP12

View File

@ -13,17 +13,19 @@ topology_template:
node_templates:
Forwarding_path1:
type: tosca.nodes.nfv.FP.Tacker
type: tosca.nodes.nfv.FP.TackerV2
description: creates path (CP11->CP12->CP32)
properties:
id: 51
policy:
type: ACL
criteria:
- network_src_port_id: { get_input: net_src_port_id }
- destination_port_range: 80-1024
- ip_proto: 6
- ip_dst_prefix: 192.168.1.2/24
- name: classifier_one
classifier:
network_src_port_id: { get_input: net_src_port_id }
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
path:
- forwarder: VNF1
capability: CP11

View File

@ -13,17 +13,19 @@ topology_template:
node_templates:
Forwarding_path1:
type: tosca.nodes.nfv.FP.Tacker
type: tosca.nodes.nfv.FP.TackerV2
description: creates path (CP11->CP12->CP32)
properties:
id: 51
policy:
type: ACL
criteria:
- network_name: { get_input: net_name }
- destination_port_range: 80-1024
- ip_proto: 6
- ip_dst_prefix: 192.168.1.2/24
- name: classifier_one
classifier:
network_name: { get_input: net_name }
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
path:
- forwarder: VNF1
capability: CP11

View File

@ -8,17 +8,19 @@ topology_template:
node_templates:
Forwarding_path1:
type: tosca.nodes.nfv.FP.Tacker
type: tosca.nodes.nfv.FP.TackerV2
description: creates path (CP11->CP12->CP32)
properties:
id: 51
policy:
type: ACL
criteria:
- network_name: tenant1_net
- destination_port_range: 80-1024
- ip_proto: 6
- ip_dst_prefix: 192.168.1.2/24
- name: classifier_one
classifier:
network_name: tenant1_net
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
path:
- forwarder: VNF1
capability: CP11

View File

@ -8,17 +8,19 @@ topology_template:
node_templates:
Forwarding_path1:
type: tosca.nodes.nfv.FP.Tacker
type: tosca.nodes.nfv.FP.TackerV2
description: creates path (CP11->CP12->CP32)
properties:
id: 51
policy:
type: ACL
criteria:
- blah: tenant1_net
- destination_port_range: 80-1024
- ip_proto: 6
- ip_dst_prefix: 192.168.1.2/24
- name: classifier_one
classifier:
blah: tenant1_net
destination_port_range: 80-1024
ip_proto: 6
ip_dst_prefix: 192.168.1.2/24
path:
- forwarder: VNF1
capability: CP11

View File

@ -152,6 +152,29 @@ data_types:
entry_schema:
type: tosca.nfv.datatypes.aclType
tosca.nfv.datatypes.policyTypeV2:
properties:
type:
type: string
required: false
constraints:
- valid_values: [ ACL ]
criteria:
type: list
required: true
entry_schema:
type: tosca.nfv.datatypes.classifierType
tosca.nfv.datatypes.classifierType:
properties:
name:
type: string
required: true
classifier:
type: tosca.nfv.datatypes.aclType
required: true
node_types:
tosca.nodes.nfv.VDU.Tacker:
derived_from: tosca.nodes.nfv.VDU
@ -254,6 +277,22 @@ node_types:
constraints:
- valid_values: [ sriov, vnic ]
tosca.nodes.nfv.FP.TackerV2:
derived_from: tosca.nodes.Root
properties:
id:
type: integer
required: false
policy:
type: tosca.nfv.datatypes.policyTypeV2
required: true
description: policy to use to match traffic for this FP
path:
type: list
required: true
entry_schema:
type: tosca.nfv.datatypes.pathType
tosca.nodes.nfv.FP.Tacker:
derived_from: tosca.nodes.Root
properties:
@ -269,6 +308,7 @@ node_types:
required: true
entry_schema:
type: tosca.nfv.datatypes.pathType
tosca.nodes.nfv.VNFC.Tacker:
derived_from: tosca.nodes.SoftwareComponent
requirements: