diff --git a/acl_loader/main.py b/acl_loader/main.py index 84519ebed6..f9201846b3 100644 --- a/acl_loader/main.py +++ b/acl_loader/main.py @@ -116,9 +116,7 @@ def __init__(self): self.tables_db_info = {} self.rules_db_info = {} self.rules_info = {} - """ - Load global db config. This call is no-op in single npu platforms - """ + # Load global db config. This call is no-op in single npu platforms SonicDBConfig.load_sonic_global_db_config() self.sessions_db_info = {} self.configdb = ConfigDBConnector() @@ -126,29 +124,23 @@ def __init__(self): self.statedb = SonicV2Connector(host="127.0.0.1") self.statedb.connect(self.statedb.STATE_DB) - """ - For multi-npu architecture we will have both global and per front asic namespace. - Global namespace will be used for Control plane ACL which are via IPTables. - Per ASIC namespace will be used for Data and Everflow ACL's. - Global Configdb will have all ACL information for both Ctrl and Data/Evereflow ACL's - and will be used as souurce of truth for ACL modification to config DB which will be done to both Global DB and - front asic namespace - """ + # For multi-npu architecture we will have both global and per front asic namespace. + # Global namespace will be used for Control plane ACL which are via IPTables. + # Per ASIC namespace will be used for Data and Everflow ACL's. + # Global Configdb will have all ACL information for both Ctrl and Data/Evereflow ACL's + # and will be used as souurce of truth for ACL modification to config DB which will be done to both Global DB and + # front asic namespace self.per_npu_configdb = {} - """ - State DB are used for to get mirror Session monitor port. - For multi-npu platforms each asic namespace can have different monitor port - dependinding on which route to session destination ip. So for multi-npu - platforms we get state db for all front asic namespace in addition to - """ + # State DB are used for to get mirror Session monitor port. + # For multi-npu platforms each asic namespace can have different monitor port + # dependinding on which route to session destination ip. So for multi-npu + # platforms we get state db for all front asic namespace in addition to self.per_npu_statedb = {} - """ - Getting all front asic namespace and correspding config and state DB connector - """ + # Getting all front asic namespace and correspding config and state DB connector namespaces = sonic_device_util.get_all_namespaces() for front_asic_namespaces in namespaces['front_ns']: @@ -188,10 +180,8 @@ def read_policers_info(self): :return: """ - """ - For multi-npu platforms we will read from any one of front asic namespace - config db as the information should be same across all config db - """ + # For multi-npu platforms we will read from any one of front asic namespace + # config db as the information should be same across all config db if self.per_npu_configdb: namespace_configdb = (self.per_npu_configdb.values())[0] self.policers_db_info = namespace_configdb.get_table(self.POLICER) @@ -207,10 +197,8 @@ def read_sessions_info(self): :return: """ - """ - For multi-npu platforms we will read from any one of front asic namespace - config db as the information should be same across all config db - """ + # For multi-npu platforms we will read from any one of front asic namespace + # config db as the information should be same across all config db if self.per_npu_configdb: namespace_configdb = (self.per_npu_configdb.values())[0] self.sessions_db_info = namespace_configdb.get_table(self.CFG_MIRROR_SESSION_TABLE) @@ -218,12 +206,10 @@ def read_sessions_info(self): self.sessions_db_info = self.configdb.get_table(self.CFG_MIRROR_SESSION_TABLE) for key in self.sessions_db_info.keys(): if self.per_npu_statedb: - """ - For multi-npu platforms we will read from all front asic name space - statedb as the monitor port will be differnt for each asic - and it's status also might be different (ideally should not happen) - We will store them as dict of 'asic' : value - """ + # For multi-npu platforms we will read from all front asic name space + # statedb as the monitor port will be differnt for each asic + # and it's status also might be different (ideally should not happen) + # We will store them as dict of 'asic' : value self.sessions_db_info[key]["status"] = {} self.sessions_db_info[key]["monitor_port"] = {} for namespace_key, namespace_statedb in self.per_npu_statedb.iteritems(): @@ -373,16 +359,12 @@ def validate_actions(self, table_name, action_props): stage = self.tables_db_info[table_name].get("stage", Stage.INGRESS) - """ - check if per npu state db is there then read using first state db - else read from global statedb - """ + # check if per npu state db is there then read using first state db + # else read from global statedb if self.per_npu_statedb: - """ - For multi-npu we will read using anyone statedb connector for front asic namespace. - Same information should be there in all state DB's - as it is static information about switch capability - """ + # For multi-npu we will read using anyone statedb connector for front asic namespace. + # Same information should be there in all state DB's + # as it is static information about switch capability namespace_statedb = (self.per_npu_statedb.values())[0] capability = namespace_statedb.get_all(self.statedb.STATE_DB, "{}|switch".format(self.SWITCH_CAPABILITY_TABLE)) else: @@ -596,17 +578,13 @@ def full_update(self): for key in self.rules_db_info.keys(): if self.current_table is None or self.current_table == key[0]: self.configdb.mod_entry(self.ACL_RULE, key, None) - """ - Program for per front asic namespace also if present - """ + # Program for per front asic namespace also if present for namespace_configdb in self.per_npu_configdb.values(): namespace_configdb.mod_entry(self.ACL_RULE, key, None) self.configdb.mod_config({self.ACL_RULE: self.rules_info}) - """ - Program for per front asic namespace also if present - """ + # Program for per front asic namespace also if present for namespace_configdb in self.per_npu_configdb.values(): namespace_configdb.mod_config({self.ACL_RULE: self.rules_info}) @@ -647,9 +625,7 @@ def incremental_update(self): # Remove all existing dataplane rules for key in current_dataplane_rules: self.configdb.mod_entry(self.ACL_RULE, key, None) - """ - Program for per-asic namespace also if present - """ + # Program for per-asic namespace also if present for namespace_configdb in self.per_npu_configdb.values(): namespace_configdb.mod_entry(self.ACL_RULE, key, None) @@ -657,9 +633,7 @@ def incremental_update(self): # Add all new dataplane rules for key in new_dataplane_rules: self.configdb.mod_entry(self.ACL_RULE, key, self.rules_info[key]) - """ - Program for per-asic namespace corresponding to front asic also if present. - """ + # Program for per-asic namespace corresponding to front asic also if present. for namespace_configdb in self.per_npu_configdb.values(): namespace_configdb.mod_entry(self.ACL_RULE, key, self.rules_info[key]) @@ -669,29 +643,23 @@ def incremental_update(self): for key in added_controlplane_rules: self.configdb.mod_entry(self.ACL_RULE, key, self.rules_info[key]) - """ - Program for per-asic namespace corresponding to front asic also if present. - For control plane ACL it's not needed but to keep all db in sync program everywhere - """ + # Program for per-asic namespace corresponding to front asic also if present. + # For control plane ACL it's not needed but to keep all db in sync program everywhere for namespace_configdb in self.per_npu_configdb.values(): namespace_configdb.mod_entry(self.ACL_RULE, key, self.rules_info[key]) for key in removed_controlplane_rules: self.configdb.mod_entry(self.ACL_RULE, key, None) - """ - Program for per-asic namespace corresponding to front asic also if present. - For control plane ACL it's not needed but to keep all db in sync program everywhere - """ + # Program for per-asic namespace corresponding to front asic also if present. + # For control plane ACL it's not needed but to keep all db in sync program everywhere for namespace_configdb in self.per_npu_configdb.values(): namespace_configdb.mod_entry(self.ACL_RULE, key, None) for key in existing_controlplane_rules: if cmp(self.rules_info[key], self.rules_db_info[key]) != 0: self.configdb.set_entry(self.ACL_RULE, key, self.rules_info[key]) - """ - Program for per-asic namespace corresponding to front asic also if present. - For control plane ACL it's not needed but to keep all db in sync program everywhere - """ + # Program for per-asic namespace corresponding to front asic also if present. + # For control plane ACL it's not needed but to keep all db in sync program everywhere for namespace_configdb in self.per_npu_configdb.values(): namespace_configdb.set_entry(self.ACL_RULE, key, self.rules_info[key]) @@ -705,9 +673,7 @@ def delete(self, table=None, rule=None): if not table or table == key[0]: if not rule or rule == key[1]: self.configdb.set_entry(self.ACL_RULE, key, None) - """ - Program for per-asic namespace corresponding to front asic also if present. - """ + # Program for per-asic namespace corresponding to front asic also if present. for namespace_configdb in self.per_npu_configdb.values(): namespace_configdb.set_entry(self.ACL_RULE, key, None) @@ -758,10 +724,8 @@ def show_session(self, session_name): for key, val in self.get_sessions_db_info().iteritems(): if session_name and key != session_name: continue - """ - For multi-mpu platform status and monitor port will be dict() - of 'asic-x':value - """ + # For multi-mpu platform status and monitor port will be dict() + # of 'asic-x':value data.append([key, val["status"], val["src_ip"], val["dst_ip"], val.get("gre_type", ""), val.get("dscp", ""), val.get("ttl", ""), val.get("queue", ""), val.get("policer", ""),