Skip to content

Commit

Permalink
Address review comment to change comment from """ to #
Browse files Browse the repository at this point in the history 
except for doc string
  • Loading branch information
@abdosi
abdosi committed May 11, 2020
1 parent 529de02 commit 727e9e7
Showing 1 changed file with 38 additions and 74 deletions.
112 changes: 38 additions & 74 deletions acl_loader/main.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,39 +116,31 @@ def __init__(self):
self.tables_db_info = {}
self.rules_db_info = {}
self.rules_info = {}
"""
Load global db config. This call is no-op in single npu platforms
"""
# Load global db config. This call is no-op in single npu platforms
SonicDBConfig.load_sonic_global_db_config()
self.sessions_db_info = {}
self.configdb = ConfigDBConnector()
self.configdb.connect()
self.statedb = SonicV2Connector(host="127.0.0.1")
self.statedb.connect(self.statedb.STATE_DB)

"""
For multi-npu architecture we will have both global and per front asic namespace.
Global namespace will be used for Control plane ACL which are via IPTables.
Per ASIC namespace will be used for Data and Everflow ACL's.
Global Configdb will have all ACL information for both Ctrl and Data/Evereflow ACL's
and will be used as souurce of truth for ACL modification to config DB which will be done to both Global DB and
front asic namespace
"""
# For multi-npu architecture we will have both global and per front asic namespace.
# Global namespace will be used for Control plane ACL which are via IPTables.
# Per ASIC namespace will be used for Data and Everflow ACL's.
# Global Configdb will have all ACL information for both Ctrl and Data/Evereflow ACL's
# and will be used as souurce of truth for ACL modification to config DB which will be done to both Global DB and
# front asic namespace

self.per_npu_configdb = {}

"""
State DB are used for to get mirror Session monitor port.
For multi-npu platforms each asic namespace can have different monitor port
dependinding on which route to session destination ip. So for multi-npu
platforms we get state db for all front asic namespace in addition to
"""
# State DB are used for to get mirror Session monitor port.
# For multi-npu platforms each asic namespace can have different monitor port
# dependinding on which route to session destination ip. So for multi-npu
# platforms we get state db for all front asic namespace in addition to

self.per_npu_statedb = {}

"""
Getting all front asic namespace and correspding config and state DB connector
"""
# Getting all front asic namespace and correspding config and state DB connector

namespaces = sonic_device_util.get_all_namespaces()
for front_asic_namespaces in namespaces['front_ns']:
Expand Down Expand Up @@ -188,10 +180,8 @@ def read_policers_info(self):
:return:
"""

"""
For multi-npu platforms we will read from any one of front asic namespace
config db as the information should be same across all config db
"""
# For multi-npu platforms we will read from any one of front asic namespace
# config db as the information should be same across all config db
if self.per_npu_configdb:
namespace_configdb = (self.per_npu_configdb.values())[0]
self.policers_db_info = namespace_configdb.get_table(self.POLICER)
Expand All @@ -207,23 +197,19 @@ def read_sessions_info(self):
:return:
"""

"""
For multi-npu platforms we will read from any one of front asic namespace
config db as the information should be same across all config db
"""
# For multi-npu platforms we will read from any one of front asic namespace
# config db as the information should be same across all config db
if self.per_npu_configdb:
namespace_configdb = (self.per_npu_configdb.values())[0]
self.sessions_db_info = namespace_configdb.get_table(self.CFG_MIRROR_SESSION_TABLE)
else:
self.sessions_db_info = self.configdb.get_table(self.CFG_MIRROR_SESSION_TABLE)
for key in self.sessions_db_info.keys():
if self.per_npu_statedb:
"""
For multi-npu platforms we will read from all front asic name space
statedb as the monitor port will be differnt for each asic
and it's status also might be different (ideally should not happen)
We will store them as dict of 'asic' : value
"""
# For multi-npu platforms we will read from all front asic name space
# statedb as the monitor port will be differnt for each asic
# and it's status also might be different (ideally should not happen)
# We will store them as dict of 'asic' : value
self.sessions_db_info[key]["status"] = {}
self.sessions_db_info[key]["monitor_port"] = {}
for namespace_key, namespace_statedb in self.per_npu_statedb.iteritems():
Expand Down Expand Up @@ -373,16 +359,12 @@ def validate_actions(self, table_name, action_props):

stage = self.tables_db_info[table_name].get("stage", Stage.INGRESS)

"""
check if per npu state db is there then read using first state db
else read from global statedb
"""
# check if per npu state db is there then read using first state db
# else read from global statedb
if self.per_npu_statedb:
"""
For multi-npu we will read using anyone statedb connector for front asic namespace.
Same information should be there in all state DB's
as it is static information about switch capability
"""
# For multi-npu we will read using anyone statedb connector for front asic namespace.
# Same information should be there in all state DB's
# as it is static information about switch capability
namespace_statedb = (self.per_npu_statedb.values())[0]
capability = namespace_statedb.get_all(self.statedb.STATE_DB, "{}|switch".format(self.SWITCH_CAPABILITY_TABLE))
else:
Expand Down Expand Up @@ -596,17 +578,13 @@ def full_update(self):
for key in self.rules_db_info.keys():
if self.current_table is None or self.current_table == key[0]:
self.configdb.mod_entry(self.ACL_RULE, key, None)
"""
Program for per front asic namespace also if present
"""
# Program for per front asic namespace also if present
for namespace_configdb in self.per_npu_configdb.values():
namespace_configdb.mod_entry(self.ACL_RULE, key, None)


self.configdb.mod_config({self.ACL_RULE: self.rules_info})
"""
Program for per front asic namespace also if present
"""
# Program for per front asic namespace also if present
for namespace_configdb in self.per_npu_configdb.values():
namespace_configdb.mod_config({self.ACL_RULE: self.rules_info})

Expand Down Expand Up @@ -647,19 +625,15 @@ def incremental_update(self):
# Remove all existing dataplane rules
for key in current_dataplane_rules:
self.configdb.mod_entry(self.ACL_RULE, key, None)
"""
Program for per-asic namespace also if present
"""
# Program for per-asic namespace also if present
for namespace_configdb in self.per_npu_configdb.values():
namespace_configdb.mod_entry(self.ACL_RULE, key, None)


# Add all new dataplane rules
for key in new_dataplane_rules:
self.configdb.mod_entry(self.ACL_RULE, key, self.rules_info[key])
"""
Program for per-asic namespace corresponding to front asic also if present.
"""
# Program for per-asic namespace corresponding to front asic also if present.
for namespace_configdb in self.per_npu_configdb.values():
namespace_configdb.mod_entry(self.ACL_RULE, key, self.rules_info[key])

Expand All @@ -669,29 +643,23 @@ def incremental_update(self):

for key in added_controlplane_rules:
self.configdb.mod_entry(self.ACL_RULE, key, self.rules_info[key])
"""
Program for per-asic namespace corresponding to front asic also if present.
For control plane ACL it's not needed but to keep all db in sync program everywhere
"""
# Program for per-asic namespace corresponding to front asic also if present.
# For control plane ACL it's not needed but to keep all db in sync program everywhere
for namespace_configdb in self.per_npu_configdb.values():
namespace_configdb.mod_entry(self.ACL_RULE, key, self.rules_info[key])

for key in removed_controlplane_rules:
self.configdb.mod_entry(self.ACL_RULE, key, None)
"""
Program for per-asic namespace corresponding to front asic also if present.
For control plane ACL it's not needed but to keep all db in sync program everywhere
"""
# Program for per-asic namespace corresponding to front asic also if present.
# For control plane ACL it's not needed but to keep all db in sync program everywhere
for namespace_configdb in self.per_npu_configdb.values():
namespace_configdb.mod_entry(self.ACL_RULE, key, None)

for key in existing_controlplane_rules:
if cmp(self.rules_info[key], self.rules_db_info[key]) != 0:
self.configdb.set_entry(self.ACL_RULE, key, self.rules_info[key])
"""
Program for per-asic namespace corresponding to front asic also if present.
For control plane ACL it's not needed but to keep all db in sync program everywhere
"""
# Program for per-asic namespace corresponding to front asic also if present.
# For control plane ACL it's not needed but to keep all db in sync program everywhere
for namespace_configdb in self.per_npu_configdb.values():
namespace_configdb.set_entry(self.ACL_RULE, key, self.rules_info[key])

Expand All @@ -705,9 +673,7 @@ def delete(self, table=None, rule=None):
if not table or table == key[0]:
if not rule or rule == key[1]:
self.configdb.set_entry(self.ACL_RULE, key, None)
"""
Program for per-asic namespace corresponding to front asic also if present.
"""
# Program for per-asic namespace corresponding to front asic also if present.
for namespace_configdb in self.per_npu_configdb.values():
namespace_configdb.set_entry(self.ACL_RULE, key, None)

Expand Down Expand Up @@ -758,10 +724,8 @@ def show_session(self, session_name):
for key, val in self.get_sessions_db_info().iteritems():
if session_name and key != session_name:
continue
"""
For multi-mpu platform status and monitor port will be dict()
of 'asic-x':value
"""
# For multi-mpu platform status and monitor port will be dict()
# of 'asic-x':value
data.append([key, val["status"], val["src_ip"], val["dst_ip"],
val.get("gre_type", ""), val.get("dscp", ""),
val.get("ttl", ""), val.get("queue", ""), val.get("policer", ""),
Expand Down

0 comments on commit 727e9e7

Please sign in to comment.