[ovs-dev] [PATCH OVN v2] ovn-nbctl.c: Add an optional way to delete router policy by uuid

Numan Siddique numans at ovn.org
Tue Mar 24 08:09:38 UTC 2020


On Tue, Mar 24, 2020 at 7:20 AM Tao YunXiang
<taoyunxiang at cmss.chinamobile.com> wrote:
>
> We can delete router policy by specify lr and more parameters.
> If CMS want to delete it exactly, it must specify detailed "match" field.
> It's not an easy way, also maybe deleted by mistake.
> This change adds a way to specify lr and uuid, which is optional.
> You can still use the previous method to delete.
>
> usage:
> ovn-nbctl lr-policy-del lr0 [UUID0]
>
> Author: Tao YunXiang <taoyunxiang at cmss.chinamobile.com>
> Co-authored-by: Liu Chang <liuchang at cmss.chinamobile.com>
> Co-authored-by: Rong Yin <rongyin at cmss.chinamobile.com>
> Signed-off-by: Tao YunXiang <taoyunxiang at cmss.chinamobile.com>
> Signed-off-by: Liu Chang <liuchang at cmss.chinamobile.com>
> Signed-off-by: Rong Yin <rongyin at cmss.chinamobile.com>

Can you please add a few tests in the tests/ovn-nbctl.at which would help
in regressions ?

Thanks
Numan

>
> ---
>  utilities/ovn-nbctl.8.xml | 51 +++++++++++++++++++++++++++++++++++++++
>  utilities/ovn-nbctl.c     | 41 ++++++++++++++++++++++---------
>  2 files changed, 81 insertions(+), 11 deletions(-)
>
> diff --git a/utilities/ovn-nbctl.8.xml b/utilities/ovn-nbctl.8.xml
> index d973be259..b91e39042 100644
> --- a/utilities/ovn-nbctl.8.xml
> +++ b/utilities/ovn-nbctl.8.xml
> @@ -710,6 +710,57 @@
>        </dd>
>      </dl>
>
> +    <h1>Logical Router Policy Commands</h1>
> +
> +    <dl>
> +      <dt>lr-policy-add</code> <var>router</var> <var>priority</var>
> +          <var>match</var> <var>action</var> [<var>nexthop</var>]</dt>
> +      <dd>
> +        <p>
> +          Add Policy to <var>router</var> which provides a way to configure
> +          permit/deny and reroute policies on the router. Permit/deny policies
> +          are similar to OVN ACLs, but exist on the logical-router. Reroute
> +          policies are needed for service-insertion and service-chaining.
> +          <var>nexthop</var> is an optional parameter. It needs to be provided
> +          only when <var>action</var> is <var>reroute</var>. A policy is
> +          uniquely identified by <var>priority</var> and <var>match</var>.
> +          Multiple policies can have the same <var>priority</var>.
> +        </p>
> +
> +          <p>
> +          The following example shows a policy to lr1, which will drop packets
> +          from<code>192.168.100.0/24</code>.
> +          </p>
> +
> +          <p>
> +          <code>lr-policy-add lr1 100 ip4.src == 192.168.100.0/24 drop</code>.
> +          </p>
> +
> +      </dd>
> +
> +      <dt><code>lr-policy-del</code> <var>router</var> [<var>{priority | uuid}
> +          [match]</var>]</dt>
> +      <dd>
> +        <p>
> +          Deletes polices from <var>router</var>. If only <var>router</var>
> +          is supplied, all the polices from the logical router are deleted. If
> +          <var>priority</var> and/or <var>match</var> are also specified, then
> +          all the polices that match the conditions will be deleted from the
> +          logical router.
> +        </p>
> +
> +        <p>
> +          If <var>router</var> and <var>uuid</var> are supplied, then the
> +          policy with sepcified uuid is deleted.
> +        </p>
> +      </dd>
> +
> +      <dt><code>lr-policy-list</code> <var>router</var></dt>
> +      <dd>
> +        Lists the polices on <var>router</var>.
> +      </dd>
> +    </dl>
> +
>      <h1>NAT Commands</h1>
>
>      <dl>
> diff --git a/utilities/ovn-nbctl.c b/utilities/ovn-nbctl.c
> index e80058e61..1983b5f95 100644
> --- a/utilities/ovn-nbctl.c
> +++ b/utilities/ovn-nbctl.c
> @@ -696,7 +696,7 @@ Route commands:\n\
>  Policy commands:\n\
>    lr-policy-add ROUTER PRIORITY MATCH ACTION [NEXTHOP]\n\
>                              add a policy to router\n\
> -  lr-policy-del ROUTER [PRIORITY [MATCH]]\n\
> +  lr-policy-del ROUTER [{PRIORITY | UUID} [MATCH]]\n\
>                              remove policies from ROUTER\n\
>    lr-policy-list ROUTER     print policies for ROUTER\n\
>  \n\
> @@ -3587,21 +3587,40 @@ nbctl_lr_policy_del(struct ctl_context *ctx)
>          return;
>      }
>
> -    error = parse_priority(ctx->argv[2], &priority);
> -    if (error) {
> -        ctx->error = error;
> -        return;
> +    const struct uuid *lr_policy_uuid = NULL;
> +    struct uuid uuid_from_cmd;
> +    if (uuid_from_string(&uuid_from_cmd, ctx->argv[2])) {
> +        lr_policy_uuid = &uuid_from_cmd;
> +    } else {
> +        error = parse_priority(ctx->argv[2], &priority);
> +        if (error) {
> +            ctx->error = error;
> +            return;
> +        }
> +
>      }
> -    /* If match is not specified, delete all routing policies with the
> -     * specified priority. */
> +    /* If uuid was specified, delete routing policy with the
> +     * specified uuid. */
>      if (ctx->argc == 3) {
>          struct nbrec_logical_router_policy **new_policies
>              = xmemdup(lr->policies,
>                        sizeof *new_policies * lr->n_policies);
>          int n_policies = 0;
> -        for (int i = 0; i < lr->n_policies; i++) {
> -            if (priority != lr->policies[i]->priority) {
> -                new_policies[n_policies++] = lr->policies[i];
> +
> +        if (lr_policy_uuid) {
> +            for (size_t i = 0; i < lr->n_policies; i++) {
> +                if (!uuid_equals(lr_policy_uuid,
> +                                 &(lr->policies[i]->header_.uuid))) {
> +                    new_policies[n_policies++] = lr->policies[i];
> +                }
> +            }
> +    /* If match is not specified, delete all routing policies with the
> +     * specified priority. */
> +        } else {
> +            for (int i = 0; i < lr->n_policies; i++) {
> +                if (priority != lr->policies[i]->priority) {
> +                    new_policies[n_policies++] = lr->policies[i];
> +                }
>              }
>          }
>          nbrec_logical_router_verify_policies(lr);
> @@ -6125,7 +6144,7 @@ static const struct ctl_command_syntax nbctl_commands[] = {
>      /* Policy commands */
>      { "lr-policy-add", 4, 5, "ROUTER PRIORITY MATCH ACTION [NEXTHOP]", NULL,
>          nbctl_lr_policy_add, NULL, "", RW },
> -    { "lr-policy-del", 1, 3, "ROUTER [PRIORITY [MATCH]]", NULL,
> +    { "lr-policy-del", 1, 3, "ROUTER [{PRIORITY | UUID} [MATCH]]", NULL,
>          nbctl_lr_policy_del, NULL, "", RW },
>      { "lr-policy-list", 1, 1, "ROUTER", NULL, nbctl_lr_policy_list, NULL,
>         "", RO },
> --
> 2.17.1
>
>
>
> _______________________________________________
> dev mailing list
> dev at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>


More information about the dev mailing list