Merge pull request #569 from jojimt/profile-cotracts

Support inter-profile contracts with ACI

Author: jojimt

Makefile

@@ -204,11 +204,17 @@ host-unit-test-coverage-detail:
 	@echo dev: running unit tests...
 	cd $(GOPATH)/src/github.com/contiv/netplugin && sudo -E PATH=$(PATH) scripts/unittests --coverage-detail
 
-host-integ-test: host-cleanup
+host-integ-test: host-cleanup start-aci-gw
 	@echo dev: running integration tests...
 	sudo -E /usr/local/go/bin/go test -v ./test/integration/ -check.v -encap vlan -fwd-mode bridge
 	sudo -E /usr/local/go/bin/go test -v ./test/integration/ -check.v -encap vxlan -fwd-mode bridge
 	sudo -E /usr/local/go/bin/go test -v ./test/integration/ -check.v -encap vxlan -fwd-mode routing
+	sudo -E /usr/local/go/bin/go test -v ./test/integration/ -check.v -check.f "AppProfile" -encap vlan -fwd-mode bridge --fabric-mode aci
+
+start-aci-gw:
+	@echo dev: starting aci gw...
+	docker pull contiv/aci-gw:integ_test
+	docker run --net=host -itd -e "APIC_URL=SANITY" -e "APIC_USERNAME=IGNORE" -e "APIC_PASSWORD=IGNORE" -e "APIC_LEAF_NODE=IGNORE" -e "APIC_PHYS_DOMAIN=IGNORE" --name=contiv-aci-gw contiv/aci-gw:integ_test
 
 host-cleanup:
 	@echo dev: cleaning up services...

netmaster/objApi/apiController.go

@@ -1304,21 +1304,37 @@ func (ac *APIController) PolicyDelete(policy *contivModel.Policy) error {
 	return nil
 }
 
-func syncAppProfile(policy *contivModel.Policy) {
-	// find all appProfiles that have an association
+func getAffectedProfs(policy *contivModel.Policy,
+	matchEpg *contivModel.EndpointGroup) map[string]bool {
 	profMap := make(map[string]bool)
-
+	// find all appProfiles that have an association via policy
 	for epg := range policy.LinkSets.EndpointGroups {
 		epgObj := contivModel.FindEndpointGroup(epg)
 		if epgObj == nil {
 			log.Warnf("syncAppProfile epg %s not found", epg)
 		} else {
 			prof := epgObj.Links.AppProfile.ObjKey
+			if prof != "" {
+				profMap[prof] = true
+				log.Infof("syncAppProfile epg %s ==> prof %s", epg, prof)
+			}
+		}
+	}
+
+	// add any app-profile associated via a matching epg
+	if matchEpg != nil {
+		prof := matchEpg.Links.AppProfile.ObjKey
+		if prof != "" {
 			profMap[prof] = true
-			log.Infof("syncAppProfile epg %s ==> prof %s", epg, prof)
+			log.Infof("syncAppProfile epg %s ==> prof %s",
+				matchEpg, prof)
 		}
 	}
 
+	return profMap
+}
+
+func syncAppProfile(profMap map[string]bool) {
 	for ap := range profMap {
 		profObj := contivModel.FindAppProfile(ap)
 		if profObj == nil {
@@ -1334,6 +1350,8 @@ func syncAppProfile(policy *contivModel.Policy) {
 // RuleCreate Creates the rule within a policy
 func (ac *APIController) RuleCreate(rule *contivModel.Rule) error {
 	log.Infof("Received RuleCreate: %+v", rule)
+	var epg *contivModel.EndpointGroup
+	epg = nil
 
 	// verify parameter values
 	if rule.Direction == "in" {
@@ -1365,7 +1383,7 @@ func (ac *APIController) RuleCreate(rule *contivModel.Rule) error {
 	if rule.FromEndpointGroup != "" {
 		epgKey := rule.TenantName + ":" + rule.FromEndpointGroup
 		// find the endpoint group
-		epg := contivModel.FindEndpointGroup(epgKey)
+		epg = contivModel.FindEndpointGroup(epgKey)
 		if epg == nil {
 			log.Errorf("Error finding endpoint group %s", epgKey)
 			return errors.New("endpoint group not found")
@@ -1374,7 +1392,7 @@ func (ac *APIController) RuleCreate(rule *contivModel.Rule) error {
 		epgKey := rule.TenantName + ":" + rule.ToEndpointGroup
 
 		// find the endpoint group
-		epg := contivModel.FindEndpointGroup(epgKey)
+		epg = contivModel.FindEndpointGroup(epgKey)
 		if epg == nil {
 			log.Errorf("Error finding endpoint group %s", epgKey)
 			return errors.New("endpoint group not found")
@@ -1421,8 +1439,19 @@ func (ac *APIController) RuleCreate(rule *contivModel.Rule) error {
 		return err
 	}
 
+	// link the rule to epg and vice versa
+	if epg != nil {
+		modeldb.AddLinkSet(&epg.LinkSets.MatchRules, rule)
+		modeldb.AddLink(&rule.Links.MatchEndpointGroup, epg)
+		err = epg.Write()
+		if err != nil {
+			return err
+		}
+	}
+
 	// Update any affected app profiles
-	syncAppProfile(policy)
+	pMap := getAffectedProfs(policy, epg)
+	syncAppProfile(pMap)
 
 	return nil
 }
@@ -1435,6 +1464,9 @@ func (ac *APIController) RuleUpdate(rule, params *contivModel.Rule) error {
 
 // RuleDelete deletes the rule within a policy
 func (ac *APIController) RuleDelete(rule *contivModel.Rule) error {
+	var epg *contivModel.EndpointGroup
+
+	epg = nil
 	log.Infof("Received RuleDelete: %+v", rule)
 
 	policyKey := GetpolicyKey(rule.TenantName, rule.PolicyName)
@@ -1453,6 +1485,15 @@ func (ac *APIController) RuleDelete(rule *contivModel.Rule) error {
 		return err
 	}
 
+	// unlink the rule from matching epg
+	epgKey := rule.Links.MatchEndpointGroup.ObjKey
+	if epgKey != "" {
+		epg = contivModel.FindEndpointGroup(epgKey)
+		if epg != nil {
+			modeldb.RemoveLinkSet(&epg.LinkSets.MatchRules, rule)
+		}
+	}
+
 	// Trigger policyDB Update
 	err = master.PolicyDelRule(policy, rule)
 	if err != nil {
@@ -1461,7 +1502,8 @@ func (ac *APIController) RuleDelete(rule *contivModel.Rule) error {
 	}
 
 	// Update any affected app profiles
-	syncAppProfile(policy)
+	pMap := getAffectedProfs(policy, epg)
+	syncAppProfile(pMap)
 
 	return nil
 }