diff mbox series

[ovs-dev,OVN,v3] ovn-nbctl.c: Add an optional way to delete router policy by uuid

Message ID 20200507083049.100495-1-taoyunxiang@cmss.chinamobile.com
State Accepted
Commit 1b030874c3279289f7714a29f3126ffe6f330f71
Headers show
Series [ovs-dev,OVN,v3] ovn-nbctl.c: Add an optional way to delete router policy by uuid | expand

Commit Message

Tao YunXiang May 7, 2020, 8:30 a.m. UTC
We can delete router policy by specify lr and more parameters.
If CMS want to delete it exactly, it must specify detailed "match" field.
It's not an easy way, also maybe deleted by mistake.
This change adds a way to specify lr and uuid, which is optional.
You can still use the previous method to delete.

usage:
ovn-nbctl lr-policy-del lr0 [UUID0]

Author: Tao YunXiang <taoyunxiang@cmss.chinamobile.com>
Co-authored-by: Liu Chang <liuchang@cmss.chinamobile.com>
Co-authored-by: Rong Yin <rongyin@cmss.chinamobile.com>
Signed-off-by: Tao YunXiang <taoyunxiang@cmss.chinamobile.com>
Signed-off-by: Liu Chang <liuchang@cmss.chinamobile.com>
Signed-off-by: Rong Yin <rongyin@cmss.chinamobile.com>
---
 tests/ovn-nbctl.at        |  6 +++++
 utilities/ovn-nbctl.8.xml | 51 +++++++++++++++++++++++++++++++++++++++
 utilities/ovn-nbctl.c     | 41 ++++++++++++++++++++++---------
 3 files changed, 87 insertions(+), 11 deletions(-)

Comments

0-day Robot May 7, 2020, 8:58 a.m. UTC | #1
Bleep bloop.  Greetings taoyunxiang@cmss.chinamobile.com, I am a robot and I have tried out your patch.
Thanks for your contribution.

I encountered some error that I wasn't expecting.  See the details below.


checkpatch:
WARNING: Line lacks whitespace around operator
#115 FILE: utilities/ovn-nbctl.c:699:
  lr-policy-del ROUTER [{PRIORITY | UUID} [MATCH]]\n\

Lines checked: 180, Warnings: 1, Errors: 0


Please check this out.  If you feel there has been an error, please email aconole@redhat.com

Thanks,
0-day Robot
diff mbox series

Patch

diff --git a/tests/ovn-nbctl.at b/tests/ovn-nbctl.at
index 66fbcc748..4195844d8 100644
--- a/tests/ovn-nbctl.at
+++ b/tests/ovn-nbctl.at
@@ -1619,6 +1619,12 @@  Routing Policies
        100                              ip4.src == 1.1.2.0/24           allow
 ])
 
+
+dnl Delete policy by specified uuid
+AT_CHECK([ovn-nbctl lr-policy-del lr0 `ovn-nbctl --columns=_uuid list logical-router-policy | awk -F ':'  '{print $2}'`])
+AT_CHECK([ovn-nbctl list logical-router-policy], [0], [dnl
+])
+
 dnl Add policy with reroute action
 AT_CHECK([ovn-nbctl lr-policy-add lr0 102 "ip4.src == 3.1.2.0/24" reroute 3.3.3.3])
 
diff --git a/utilities/ovn-nbctl.8.xml b/utilities/ovn-nbctl.8.xml
index d973be259..bcc76ab91 100644
--- a/utilities/ovn-nbctl.8.xml
+++ b/utilities/ovn-nbctl.8.xml
@@ -710,6 +710,57 @@ 
       </dd>
     </dl>
 
+    <h1>Logical Router Policy Commands</h1>
+
+    <dl>
+      <dt><code>lr-policy-add</code> <var>router</var> <var>priority</var>
+          <var>match</var> <var>action</var> [<var>nexthop</var>]</dt>
+      <dd>
+        <p>
+          Add Policy to <var>router</var> which provides a way to configure
+          permit/deny and reroute policies on the router. Permit/deny policies
+          are similar to OVN ACLs, but exist on the logical-router. Reroute
+          policies are needed for service-insertion and service-chaining.
+          <var>nexthop</var> is an optional parameter. It needs to be provided
+          only when <var>action</var> is <var>reroute</var>. A policy is
+          uniquely identified by <var>priority</var> and <var>match</var>.
+          Multiple policies can have the same <var>priority</var>.
+        </p>
+
+          <p>
+          The following example shows a policy to lr1, which will drop packets
+          from<code>192.168.100.0/24</code>.
+          </p>
+
+          <p>
+          <code>lr-policy-add lr1 100 ip4.src == 192.168.100.0/24 drop</code>.
+          </p>
+
+      </dd>
+
+      <dt><code>lr-policy-del</code> <var>router</var> [<var>{priority | uuid}
+          [match]</var>]</dt>
+      <dd>
+        <p>
+          Deletes polices from <var>router</var>. If only <var>router</var>
+          is supplied, all the polices from the logical router are deleted. If
+          <var>priority</var> and/or <var>match</var> are also specified, then
+          all the polices that match the conditions will be deleted from the
+          logical router.
+        </p>
+
+        <p>
+          If <var>router</var> and <var>uuid</var> are supplied, then the
+          policy with sepcified uuid is deleted.
+        </p>
+      </dd>
+
+      <dt><code>lr-policy-list</code> <var>router</var></dt>
+      <dd>
+        Lists the polices on <var>router</var>.
+      </dd>
+    </dl>
+
     <h1>NAT Commands</h1>
 
     <dl>
diff --git a/utilities/ovn-nbctl.c b/utilities/ovn-nbctl.c
index c86fa3886..02fc10c9e 100644
--- a/utilities/ovn-nbctl.c
+++ b/utilities/ovn-nbctl.c
@@ -696,7 +696,7 @@  Route commands:\n\
 Policy commands:\n\
   lr-policy-add ROUTER PRIORITY MATCH ACTION [NEXTHOP]\n\
                             add a policy to router\n\
-  lr-policy-del ROUTER [PRIORITY [MATCH]]\n\
+  lr-policy-del ROUTER [{PRIORITY | UUID} [MATCH]]\n\
                             remove policies from ROUTER\n\
   lr-policy-list ROUTER     print policies for ROUTER\n\
 \n\
@@ -3594,21 +3594,40 @@  nbctl_lr_policy_del(struct ctl_context *ctx)
         return;
     }
 
-    error = parse_priority(ctx->argv[2], &priority);
-    if (error) {
-        ctx->error = error;
-        return;
+    const struct uuid *lr_policy_uuid = NULL;
+    struct uuid uuid_from_cmd;
+    if (uuid_from_string(&uuid_from_cmd, ctx->argv[2])) {
+        lr_policy_uuid = &uuid_from_cmd;
+    } else {
+        error = parse_priority(ctx->argv[2], &priority);
+        if (error) {
+            ctx->error = error;
+            return;
+        }
+
     }
-    /* If match is not specified, delete all routing policies with the
-     * specified priority. */
+    /* If uuid was specified, delete routing policy with the
+     * specified uuid. */
     if (ctx->argc == 3) {
         struct nbrec_logical_router_policy **new_policies
             = xmemdup(lr->policies,
                       sizeof *new_policies * lr->n_policies);
         int n_policies = 0;
-        for (int i = 0; i < lr->n_policies; i++) {
-            if (priority != lr->policies[i]->priority) {
-                new_policies[n_policies++] = lr->policies[i];
+
+        if (lr_policy_uuid) {
+            for (size_t i = 0; i < lr->n_policies; i++) {
+                if (!uuid_equals(lr_policy_uuid,
+                                 &(lr->policies[i]->header_.uuid))) {
+                    new_policies[n_policies++] = lr->policies[i];
+                }
+            }
+    /* If match is not specified, delete all routing policies with the
+     * specified priority. */
+        } else {
+            for (int i = 0; i < lr->n_policies; i++) {
+                if (priority != lr->policies[i]->priority) {
+                    new_policies[n_policies++] = lr->policies[i];
+                }
             }
         }
         nbrec_logical_router_verify_policies(lr);
@@ -6225,7 +6244,7 @@  static const struct ctl_command_syntax nbctl_commands[] = {
     /* Policy commands */
     { "lr-policy-add", 4, 5, "ROUTER PRIORITY MATCH ACTION [NEXTHOP]", NULL,
         nbctl_lr_policy_add, NULL, "", RW },
-    { "lr-policy-del", 1, 3, "ROUTER [PRIORITY [MATCH]]", NULL,
+    { "lr-policy-del", 1, 3, "ROUTER [{PRIORITY | UUID} [MATCH]]", NULL,
         nbctl_lr_policy_del, NULL, "", RW },
     { "lr-policy-list", 1, 1, "ROUTER", NULL, nbctl_lr_policy_list, NULL,
        "", RO },