Optimized caclmgrd Notification handling. Previously (#5560)

any event happening on ACL Rule Table (eg DATAACL rules programmed) caused control plane default action to be triggered. Now Control Plance ACTION will be trigger only a) ACL Rule beloging to Control ACL Table Signed-off-by: Abhishek Dosi <abdosi@microsoft.com>
2020-10-08 11:31:09 -07:00 · 2020-10-08 11:31:09 -07:00 · 01fceb6f79
commit 01fceb6f79
parent 6edb5551cb
1 changed files with 23 additions and 4 deletions
--- a/files/image_config/caclmgrd/caclmgrd
+++ b/files/image_config/caclmgrd/caclmgrd
@ -533,9 +533,13 @@ class ControlPlaneAclManager(daemon_base.DaemonBase):
            config_db_subscriber_table_map[namespace] = []
            config_db_subscriber_table_map[namespace].append(subscribe_acl_table)
            config_db_subscriber_table_map[namespace].append(subscribe_acl_rule_table)
-        
+
+        # Get the ACL rule table seprator
+        acl_rule_table_seprator = subscribe_acl_rule_table.getTableNameSeparator()
+
        # Loop on select to see if any event happen on config db of any namespace
        while True:
+            ctrl_plane_acl_notification = False
            (state, selectableObj) = sel.select(SELECT_TIMEOUT_MS)
            # Continue if select is timeout or selectable object is not return
            if state != swsscommon.Select.OBJECT:
@ -546,9 +550,24 @@ class ControlPlaneAclManager(daemon_base.DaemonBase):
            namespace = redisSelectObj.getDbConnector().getNamespace()
            # Pop data of both Subscriber Table object of namespace that got config db acl table event
            for table in config_db_subscriber_table_map[namespace]:
-                table.pop()
-            # Update the Control Plane ACL of the namespace that got config db acl table event
-            self.update_control_plane_acls(namespace)
+                (key, op, fvp) = table.pop()
+                # Pop of table that does not have data
+                if key == '':
+                    continue
+                # ACL Table notification. We will take Control Plane ACTION for any ACL Table Event
+                # This can be optimize further but we should not have many acl table set/del events in normal
+                # scenario
+                elif acl_rule_table_seprator not in key:
+                    ctrl_plane_acl_notification = True
+                # Check ACL Rule notification and make sure Rule point to ACL Table which is Controlplane
+                else:
+                    acl_table = key.split(acl_rule_table_seprator)[0]
+                    if self.config_db_map[namespace].get_table(self.ACL_TABLE)[acl_table]["type"] == self.ACL_TABLE_TYPE_CTRLPLANE:
+                        ctrl_plane_acl_notification = True
+
+            # Update the Control Plane ACL of the namespace that got config db acl table/rule event
+            if ctrl_plane_acl_notification:
+                self.update_control_plane_acls(namespace)

 # ============================= Functions =============================