]>
Commit | Line | Data |
---|---|---|
aff192e6 DM |
1 | package PVE::API2::Network; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | ||
d09f6f7d | 6 | use Net::IP qw(:PROC); |
cacd7547 | 7 | use PVE::Tools qw(extract_param dir_glob_regex); |
aff192e6 DM |
8 | use PVE::SafeSyslog; |
9 | use PVE::INotify; | |
10 | use PVE::Exception qw(raise_param_exc); | |
11 | use PVE::RESTHandler; | |
12 | use PVE::RPCEnvironment; | |
13 | use PVE::JSONSchema qw(get_standard_option); | |
14 | use PVE::AccessControl; | |
15 | use IO::File; | |
16 | ||
17 | use base qw(PVE::RESTHandler); | |
18 | ||
19 | my $iflockfn = "/etc/network/.pve-interfaces.lock"; | |
20 | ||
21 | my $bond_mode_enum = [ | |
22 | 'balance-rr', | |
10a9563e | 23 | 'active-backup', # OVS and Linux |
aff192e6 DM |
24 | 'balance-xor', |
25 | 'broadcast', | |
26 | '802.3ad', | |
27 | 'balance-tlb', | |
d11733f8 | 28 | 'balance-alb', |
10a9563e DM |
29 | 'balance-slb', # OVS |
30 | 'lacp-balance-slb', # OVS | |
31 | 'lacp-balance-tcp', # OVS | |
aff192e6 DM |
32 | ]; |
33 | ||
3f0d1a4b | 34 | my $network_type_enum = ['bridge', 'bond', 'eth', 'alias', 'vlan', |
d11733f8 DM |
35 | 'OVSBridge', 'OVSBond', 'OVSPort', 'OVSIntPort']; |
36 | ||
aff192e6 | 37 | my $confdesc = { |
d11733f8 DM |
38 | type => { |
39 | description => "Network interface type", | |
40 | type => 'string', | |
41 | enum => [@$network_type_enum, 'unknown'], | |
42 | }, | |
44d353a7 DM |
43 | comments => { |
44 | description => "Comments", | |
45 | type => 'string', | |
b5eda023 | 46 | optional => 1, |
44d353a7 | 47 | }, |
3ed15e6c WB |
48 | comments6 => { |
49 | description => "Comments", | |
50 | type => 'string', | |
51 | optional => 1, | |
52 | }, | |
aff192e6 DM |
53 | autostart => { |
54 | description => "Automatically start interface on boot.", | |
55 | type => 'boolean', | |
56 | optional => 1, | |
57 | }, | |
a1604d70 AD |
58 | bridge_vlan_aware => { |
59 | description => "Enable bridge vlan support.", | |
60 | type => 'boolean', | |
61 | optional => 1, | |
62 | }, | |
aff192e6 | 63 | bridge_ports => { |
76189130 | 64 | description => "Specify the interfaces you want to add to your bridge.", |
aff192e6 DM |
65 | optional => 1, |
66 | type => 'string', format => 'pve-iface-list', | |
67 | }, | |
d11733f8 | 68 | ovs_ports => { |
76189130 | 69 | description => "Specify the interfaces you want to add to your bridge.", |
d11733f8 DM |
70 | optional => 1, |
71 | type => 'string', format => 'pve-iface-list', | |
72 | }, | |
4c917e97 DM |
73 | ovs_tag => { |
74 | description => "Specify a VLan tag (used by OVSPort, OVSIntPort, OVSBond)", | |
75 | optional => 1, | |
76 | type => 'integer', | |
77 | minimum => 1, | |
78 | maximum => 4094, | |
79 | }, | |
d11733f8 DM |
80 | ovs_options => { |
81 | description => "OVS interface options.", | |
82 | optional => 1, | |
83 | type => 'string', | |
84 | maxLength => 1024, | |
85 | }, | |
86 | ovs_bridge => { | |
87 | description => "The OVS bridge associated with a OVS port. This is required when you create an OVS port.", | |
88 | optional => 1, | |
89 | type => 'string', format => 'pve-iface', | |
90 | }, | |
aff192e6 DM |
91 | slaves => { |
92 | description => "Specify the interfaces used by the bonding device.", | |
93 | optional => 1, | |
94 | type => 'string', format => 'pve-iface-list', | |
95 | }, | |
d11733f8 DM |
96 | ovs_bonds => { |
97 | description => "Specify the interfaces used by the bonding device.", | |
98 | optional => 1, | |
99 | type => 'string', format => 'pve-iface-list', | |
100 | }, | |
aff192e6 DM |
101 | bond_mode => { |
102 | description => "Bonding mode.", | |
103 | optional => 1, | |
104 | type => 'string', enum => $bond_mode_enum, | |
105 | }, | |
ffffb625 DM |
106 | bond_xmit_hash_policy => { |
107 | description => "Selects the transmit hash policy to use for slave selection in balance-xor and 802.3ad modes.", | |
108 | optional => 1, | |
109 | type => 'string', | |
110 | enum => ['layer2', 'layer2+3', 'layer3+4' ], | |
111 | }, | |
aff192e6 DM |
112 | gateway => { |
113 | description => 'Default gateway address.', | |
114 | type => 'string', format => 'ipv4', | |
115 | optional => 1, | |
116 | }, | |
117 | netmask => { | |
118 | description => 'Network mask.', | |
119 | type => 'string', format => 'ipv4mask', | |
120 | optional => 1, | |
1904114e | 121 | requires => 'address', |
aff192e6 DM |
122 | }, |
123 | address => { | |
124 | description => 'IP address.', | |
125 | type => 'string', format => 'ipv4', | |
126 | optional => 1, | |
127 | requires => 'netmask', | |
3ed15e6c | 128 | }, |
69106e5c DC |
129 | cidr => { |
130 | description => 'IPv4 CIDR.', | |
131 | type => 'string', format => 'CIDRv4', | |
132 | optional => 1, | |
133 | }, | |
3ed15e6c WB |
134 | gateway6 => { |
135 | description => 'Default ipv6 gateway address.', | |
136 | type => 'string', format => 'ipv6', | |
137 | optional => 1, | |
138 | }, | |
139 | netmask6 => { | |
140 | description => 'Network mask.', | |
141 | type => 'integer', minimum => 0, maximum => 128, | |
142 | optional => 1, | |
143 | requires => 'address6', | |
144 | }, | |
145 | address6 => { | |
146 | description => 'IP address.', | |
147 | type => 'string', format => 'ipv6', | |
148 | optional => 1, | |
149 | requires => 'netmask6', | |
69106e5c DC |
150 | }, |
151 | cidr6 => { | |
152 | description => 'IPv6 CIDR.', | |
153 | type => 'string', format => 'CIDRv6', | |
154 | optional => 1, | |
155 | }, | |
aff192e6 DM |
156 | }; |
157 | ||
158 | sub json_config_properties { | |
159 | my $prop = shift; | |
160 | ||
161 | foreach my $opt (keys %$confdesc) { | |
162 | $prop->{$opt} = $confdesc->{$opt}; | |
163 | } | |
164 | ||
165 | return $prop; | |
166 | } | |
167 | ||
168 | __PACKAGE__->register_method({ | |
169 | name => 'index', | |
170 | path => '', | |
171 | method => 'GET', | |
172 | permissions => { user => 'all' }, | |
173 | description => "List available networks", | |
174 | proxyto => 'node', | |
175 | parameters => { | |
176 | additionalProperties => 0, | |
177 | properties => { | |
178 | node => get_standard_option('pve-node'), | |
179 | type => { | |
180 | description => "Only list specific interface types.", | |
181 | type => 'string', | |
4c917e97 | 182 | enum => [ @$network_type_enum, 'any_bridge' ], |
aff192e6 DM |
183 | optional => 1, |
184 | }, | |
185 | }, | |
186 | }, | |
187 | returns => { | |
188 | type => "array", | |
189 | items => { | |
190 | type => "object", | |
191 | properties => {}, | |
192 | }, | |
193 | links => [ { rel => 'child', href => "{iface}" } ], | |
194 | }, | |
195 | code => sub { | |
196 | my ($param) = @_; | |
197 | ||
e4d5bf72 DM |
198 | my $rpcenv = PVE::RPCEnvironment::get(); |
199 | ||
200 | my $tmp = PVE::INotify::read_file('interfaces', 1); | |
201 | my $config = $tmp->{data}; | |
202 | my $changes = $tmp->{changes}; | |
203 | ||
204 | $rpcenv->set_result_attrib('changes', $changes) if $changes; | |
aff192e6 | 205 | |
3ed15e6c WB |
206 | my $ifaces = $config->{ifaces}; |
207 | ||
208 | delete $ifaces->{lo}; # do not list the loopback device | |
aff192e6 DM |
209 | |
210 | if ($param->{type}) { | |
3ed15e6c WB |
211 | foreach my $k (keys %$ifaces) { |
212 | my $type = $ifaces->{$k}->{type}; | |
4c917e97 DM |
213 | my $match = ($param->{type} eq $type) || ( |
214 | ($param->{type} eq 'any_bridge') && | |
215 | ($type eq 'bridge' || $type eq 'OVSBridge')); | |
3ed15e6c | 216 | delete $ifaces->{$k} if !$match; |
aff192e6 DM |
217 | } |
218 | } | |
219 | ||
3ed15e6c | 220 | return PVE::RESTHandler::hash_to_array($ifaces, 'iface'); |
aff192e6 DM |
221 | }}); |
222 | ||
e4d5bf72 DM |
223 | __PACKAGE__->register_method({ |
224 | name => 'revert_network_changes', | |
225 | path => '', | |
226 | method => 'DELETE', | |
227 | permissions => { | |
228 | check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]], | |
229 | }, | |
230 | protected => 1, | |
231 | description => "Revert network configuration changes.", | |
232 | proxyto => 'node', | |
233 | parameters => { | |
234 | additionalProperties => 0, | |
235 | properties => { | |
236 | node => get_standard_option('pve-node'), | |
237 | }, | |
238 | }, | |
239 | returns => { type => "null" }, | |
240 | code => sub { | |
241 | my ($param) = @_; | |
242 | ||
243 | unlink "/etc/network/interfaces.new"; | |
244 | ||
245 | return undef; | |
246 | }}); | |
aff192e6 | 247 | |
3ed15e6c WB |
248 | my $check_duplicate = sub { |
249 | my ($config, $newiface, $key, $name) = @_; | |
aff192e6 DM |
250 | |
251 | foreach my $iface (keys %$config) { | |
3ed15e6c WB |
252 | raise_param_exc({ $key => "$name already exists on interface '$iface'." }) |
253 | if ($newiface ne $iface) && $config->{$iface}->{$key}; | |
aff192e6 DM |
254 | } |
255 | }; | |
256 | ||
3ed15e6c WB |
257 | my $check_duplicate_gateway = sub { |
258 | my ($config, $newiface) = @_; | |
259 | return &$check_duplicate($config, $newiface, 'gateway', 'Default gateway'); | |
260 | }; | |
261 | ||
262 | my $check_duplicate_gateway6 = sub { | |
263 | my ($config, $newiface) = @_; | |
264 | return &$check_duplicate($config, $newiface, 'gateway6', 'Default ipv6 gateway'); | |
265 | }; | |
266 | ||
3ed15e6c WB |
267 | sub ipv6_tobin { |
268 | return Net::IP::ip_iptobin(Net::IP::ip_expand_address(shift, 6), 6); | |
269 | } | |
270 | ||
271 | my $check_ipv6_settings = sub { | |
272 | my ($address, $netmask) = @_; | |
273 | ||
274 | raise_param_exc({ netmask => "$netmask is not a valid subnet length for ipv6" }) | |
275 | if $netmask < 0 || $netmask > 128; | |
276 | ||
0f6e6f6b | 277 | raise_param_exc({ address => "$address is not a valid host IPv6 address." }) |
3ed15e6c WB |
278 | if !Net::IP::ip_is_ipv6($address); |
279 | ||
280 | my $binip = ipv6_tobin($address); | |
281 | my $binmask = Net::IP::ip_get_mask($netmask, 6); | |
282 | ||
0f6e6f6b | 283 | my $type = ($binip eq $binmask) ? 'ANYCAST' : Net::IP::ip_iptypev6($binip); |
3ed15e6c | 284 | |
0f6e6f6b | 285 | if (defined($type) && $type !~ /^(?:(?:GLOBAL|(?:UNIQUE|LINK)-LOCAL)-UNICAST)$/) { |
68f371d4 | 286 | raise_param_exc({ address => "$address with type '$type', cannot be used as host IPv6 address." }); |
0f6e6f6b | 287 | } |
3ed15e6c WB |
288 | }; |
289 | ||
69106e5c DC |
290 | my $map_cidr_to_address_netmask = sub { |
291 | my ($param) = @_; | |
292 | ||
293 | if ($param->{cidr}) { | |
294 | raise_param_exc({ address => "address conflicts with cidr" }) | |
295 | if $param->{address}; | |
296 | raise_param_exc({ netmask => "netmask conflicts with cidr" }) | |
297 | if $param->{netmask}; | |
298 | ||
299 | my ($address, $netmask) = $param->{cidr} =~ m!^(.*)/(\d+)$!; | |
300 | $param->{address} = $address; | |
301 | $param->{netmask} = $netmask; | |
302 | delete $param->{cidr}; | |
303 | } | |
304 | ||
305 | if ($param->{cidr6}) { | |
306 | raise_param_exc({ address6 => "address6 conflicts with cidr6" }) | |
307 | if $param->{address6}; | |
308 | raise_param_exc({ netmask6 => "netmask6 conflicts with cidr6" }) | |
309 | if $param->{netmask6}; | |
310 | ||
311 | my ($address, $netmask) = $param->{cidr6} =~ m!^(.*)/(\d+)$!; | |
312 | $param->{address6} = $address; | |
313 | $param->{netmask6} = $netmask; | |
314 | delete $param->{cidr6}; | |
315 | } | |
316 | }; | |
317 | ||
aff192e6 DM |
318 | __PACKAGE__->register_method({ |
319 | name => 'create_network', | |
320 | path => '', | |
321 | method => 'POST', | |
322 | permissions => { | |
7d020b42 | 323 | check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]], |
aff192e6 DM |
324 | }, |
325 | description => "Create network device configuration", | |
326 | protected => 1, | |
327 | proxyto => 'node', | |
328 | parameters => { | |
329 | additionalProperties => 0, | |
330 | properties => json_config_properties({ | |
331 | node => get_standard_option('pve-node'), | |
332 | iface => get_standard_option('pve-iface')}), | |
333 | }, | |
334 | returns => { type => 'null' }, | |
335 | code => sub { | |
336 | my ($param) = @_; | |
337 | ||
338 | my $node = extract_param($param, 'node'); | |
339 | my $iface = extract_param($param, 'iface'); | |
340 | ||
341 | my $code = sub { | |
342 | my $config = PVE::INotify::read_file('interfaces'); | |
3ed15e6c | 343 | my $ifaces = $config->{ifaces}; |
aff192e6 DM |
344 | |
345 | raise_param_exc({ iface => "interface already exists" }) | |
3ed15e6c | 346 | if $ifaces->{$iface}; |
aff192e6 | 347 | |
3ed15e6c | 348 | &$check_duplicate_gateway($ifaces, $iface) |
aff192e6 | 349 | if $param->{gateway}; |
3ed15e6c WB |
350 | &$check_duplicate_gateway6($ifaces, $iface) |
351 | if $param->{gateway6}; | |
aff192e6 | 352 | |
69106e5c DC |
353 | $map_cidr_to_address_netmask->($param); |
354 | ||
3ed15e6c WB |
355 | &$check_ipv6_settings($param->{address6}, int($param->{netmask6})) |
356 | if $param->{address6}; | |
357 | ||
358 | my $families = $param->{families} = []; | |
359 | push @$families, 'inet' | |
360 | if $param->{address} && !grep(/^inet$/, @$families); | |
361 | push @$families, 'inet6' | |
362 | if $param->{address6} && !grep(/^inet6$/, @$families); | |
363 | @$families = ('inet') if !scalar(@$families); | |
e16a27be | 364 | |
aff192e6 | 365 | $param->{method} = $param->{address} ? 'static' : 'manual'; |
3ed15e6c | 366 | $param->{method6} = $param->{address6} ? 'static' : 'manual'; |
aff192e6 | 367 | |
bdfa2498 DM |
368 | if ($param->{type} =~ m/^OVS/) { |
369 | -x '/usr/bin/ovs-vsctl' || | |
370 | die "Open VSwitch is not installed (need package 'openvswitch-switch')\n"; | |
371 | } | |
372 | ||
d11733f8 DM |
373 | if ($param->{type} eq 'OVSIntPort' || $param->{type} eq 'OVSBond') { |
374 | my $brname = $param->{ovs_bridge}; | |
375 | raise_param_exc({ ovs_bridge => "parameter is required" }) if !$brname; | |
3ed15e6c | 376 | my $br = $ifaces->{$brname}; |
d11733f8 DM |
377 | raise_param_exc({ ovs_bridge => "bridge '$brname' does not exist" }) if !$br; |
378 | raise_param_exc({ ovs_bridge => "interface '$brname' is no OVS bridge" }) | |
379 | if $br->{type} ne 'OVSBridge'; | |
380 | ||
381 | my @ports = split (/\s+/, $br->{ovs_ports} || ''); | |
382 | $br->{ovs_ports} = join(' ', @ports, $iface) | |
383 | if ! grep { $_ eq $iface } @ports; | |
384 | } | |
385 | ||
3ed15e6c | 386 | $ifaces->{$iface} = $param; |
aff192e6 DM |
387 | |
388 | PVE::INotify::write_file('interfaces', $config); | |
389 | }; | |
390 | ||
391 | PVE::Tools::lock_file($iflockfn, 10, $code); | |
392 | die $@ if $@; | |
393 | ||
394 | return undef; | |
395 | }}); | |
396 | ||
397 | __PACKAGE__->register_method({ | |
398 | name => 'update_network', | |
399 | path => '{iface}', | |
400 | method => 'PUT', | |
401 | permissions => { | |
7d020b42 | 402 | check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]], |
aff192e6 DM |
403 | }, |
404 | description => "Update network device configuration", | |
405 | protected => 1, | |
406 | proxyto => 'node', | |
407 | parameters => { | |
408 | additionalProperties => 0, | |
409 | properties => json_config_properties({ | |
410 | node => get_standard_option('pve-node'), | |
411 | iface => get_standard_option('pve-iface'), | |
412 | delete => { | |
413 | type => 'string', format => 'pve-configid-list', | |
414 | description => "A list of settings you want to delete.", | |
415 | optional => 1, | |
416 | }}), | |
417 | }, | |
418 | returns => { type => 'null' }, | |
419 | code => sub { | |
420 | my ($param) = @_; | |
421 | ||
422 | my $node = extract_param($param, 'node'); | |
423 | my $iface = extract_param($param, 'iface'); | |
424 | my $delete = extract_param($param, 'delete'); | |
425 | ||
426 | my $code = sub { | |
427 | my $config = PVE::INotify::read_file('interfaces'); | |
3ed15e6c | 428 | my $ifaces = $config->{ifaces}; |
aff192e6 DM |
429 | |
430 | raise_param_exc({ iface => "interface does not exist" }) | |
3ed15e6c | 431 | if !$ifaces->{$iface}; |
aff192e6 | 432 | |
3ed15e6c | 433 | my $families = ($param->{families} ||= []); |
aff192e6 | 434 | foreach my $k (PVE::Tools::split_list($delete)) { |
3ed15e6c WB |
435 | delete $ifaces->{$iface}->{$k}; |
436 | @$families = grep(!/^inet$/, @$families) if $k eq 'address'; | |
437 | @$families = grep(!/^inet6$/, @$families) if $k eq 'address6'; | |
47d13c02 DC |
438 | if ($k eq 'cidr') { |
439 | delete $ifaces->{$iface}->{netmask}; | |
440 | delete $ifaces->{$iface}->{address}; | |
441 | } elsif ($k eq 'cidr6') { | |
442 | delete $ifaces->{$iface}->{netmask6}; | |
443 | delete $ifaces->{$iface}->{address6}; | |
444 | } | |
aff192e6 DM |
445 | } |
446 | ||
69106e5c DC |
447 | $map_cidr_to_address_netmask->($param); |
448 | ||
3ed15e6c | 449 | &$check_duplicate_gateway($ifaces, $iface) |
aff192e6 | 450 | if $param->{gateway}; |
3ed15e6c WB |
451 | &$check_duplicate_gateway6($ifaces, $iface) |
452 | if $param->{gateway6}; | |
453 | ||
454 | if ($param->{address}) { | |
3ed15e6c WB |
455 | push @$families, 'inet' if !grep(/^inet$/, @$families); |
456 | } else { | |
457 | @$families = grep(!/^inet$/, @$families); | |
458 | } | |
459 | if ($param->{address6}) { | |
460 | &$check_ipv6_settings($param->{address6}, int($param->{netmask6})); | |
461 | push @$families, 'inet6' if !grep(/^inet6$/, @$families); | |
462 | } else { | |
463 | @$families = grep(!/^inet6$/, @$families); | |
464 | } | |
465 | @$families = ('inet') if !scalar(@$families); | |
e16a27be | 466 | |
aff192e6 | 467 | $param->{method} = $param->{address} ? 'static' : 'manual'; |
3ed15e6c | 468 | $param->{method6} = $param->{address6} ? 'static' : 'manual'; |
aff192e6 DM |
469 | |
470 | foreach my $k (keys %$param) { | |
3ed15e6c | 471 | $ifaces->{$iface}->{$k} = $param->{$k}; |
aff192e6 DM |
472 | } |
473 | ||
474 | PVE::INotify::write_file('interfaces', $config); | |
475 | }; | |
476 | ||
477 | PVE::Tools::lock_file($iflockfn, 10, $code); | |
478 | die $@ if $@; | |
479 | ||
480 | return undef; | |
481 | }}); | |
482 | ||
483 | __PACKAGE__->register_method({ | |
484 | name => 'network_config', | |
485 | path => '{iface}', | |
486 | method => 'GET', | |
487 | permissions => { | |
7d020b42 | 488 | check => ['perm', '/nodes/{node}', [ 'Sys.Audit' ]], |
aff192e6 DM |
489 | }, |
490 | description => "Read network device configuration", | |
491 | proxyto => 'node', | |
492 | parameters => { | |
493 | additionalProperties => 0, | |
494 | properties => { | |
495 | node => get_standard_option('pve-node'), | |
496 | iface => get_standard_option('pve-iface'), | |
497 | }, | |
498 | }, | |
499 | returns => { | |
500 | type => "object", | |
501 | properties => { | |
502 | type => { | |
503 | type => 'string', | |
504 | }, | |
505 | method => { | |
506 | type => 'string', | |
507 | }, | |
508 | }, | |
509 | }, | |
510 | code => sub { | |
511 | my ($param) = @_; | |
512 | ||
513 | my $config = PVE::INotify::read_file('interfaces'); | |
3ed15e6c | 514 | my $ifaces = $config->{ifaces}; |
aff192e6 DM |
515 | |
516 | raise_param_exc({ iface => "interface does not exist" }) | |
3ed15e6c | 517 | if !$ifaces->{$param->{iface}}; |
aff192e6 | 518 | |
3ed15e6c | 519 | return $ifaces->{$param->{iface}}; |
aff192e6 DM |
520 | }}); |
521 | ||
cacd7547 AD |
522 | __PACKAGE__->register_method({ |
523 | name => 'reload_network_config', | |
524 | path => '', | |
525 | method => 'PUT', | |
526 | permissions => { | |
527 | check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]], | |
528 | }, | |
529 | description => "Reload network configuration", | |
530 | protected => 1, | |
531 | proxyto => 'node', | |
532 | parameters => { | |
533 | additionalProperties => 0, | |
534 | properties => { | |
535 | node => get_standard_option('pve-node'), | |
536 | }, | |
537 | }, | |
538 | returns => { type => 'string' }, | |
539 | code => sub { | |
540 | ||
541 | my ($param) = @_; | |
542 | ||
543 | my $rpcenv = PVE::RPCEnvironment::get(); | |
544 | ||
545 | my $authuser = $rpcenv->get_user(); | |
546 | ||
547 | my $current_config_file = "/etc/network/interfaces"; | |
548 | my $new_config_file = "/etc/network/interfaces.new"; | |
549 | ||
930d2678 | 550 | die "you need ifupdown2 to reload networking\n" if !-e '/usr/share/ifupdown2'; |
f31cc71c | 551 | die "ifupdown2 reload is not compatible if openvswitch currently" if -x '/usr/bin/ovs-vsctl'; |
cacd7547 | 552 | |
cacd7547 AD |
553 | my $worker = sub { |
554 | ||
e46bf624 | 555 | rename($new_config_file, $current_config_file) if -e $new_config_file; |
cacd7547 AD |
556 | |
557 | my $cmd = ['ifreload', '-a']; | |
cacd7547 AD |
558 | |
559 | my $err = sub { | |
560 | my $line = shift; | |
561 | if ($line =~ /(warning|error): (\S+):/) { | |
e46bf624 | 562 | print "$2 : $line \n"; |
cacd7547 AD |
563 | } |
564 | }; | |
565 | ||
566 | PVE::Tools::run_command($cmd,errfunc => $err); | |
cacd7547 AD |
567 | }; |
568 | return $rpcenv->fork_worker('srvreload', 'networking', $authuser, $worker); | |
569 | }}); | |
570 | ||
aff192e6 DM |
571 | __PACKAGE__->register_method({ |
572 | name => 'delete_network', | |
573 | path => '{iface}', | |
574 | method => 'DELETE', | |
575 | permissions => { | |
7d020b42 | 576 | check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]], |
aff192e6 DM |
577 | }, |
578 | description => "Delete network device configuration", | |
579 | protected => 1, | |
580 | proxyto => 'node', | |
581 | parameters => { | |
582 | additionalProperties => 0, | |
583 | properties => { | |
584 | node => get_standard_option('pve-node'), | |
585 | iface => get_standard_option('pve-iface'), | |
586 | }, | |
587 | }, | |
588 | returns => { type => 'null' }, | |
589 | code => sub { | |
590 | my ($param) = @_; | |
591 | ||
592 | my $code = sub { | |
593 | my $config = PVE::INotify::read_file('interfaces'); | |
3ed15e6c | 594 | my $ifaces = $config->{ifaces}; |
aff192e6 DM |
595 | |
596 | raise_param_exc({ iface => "interface does not exist" }) | |
3ed15e6c | 597 | if !$ifaces->{$param->{iface}}; |
aff192e6 | 598 | |
3ed15e6c | 599 | my $d = $ifaces->{$param->{iface}}; |
d11733f8 DM |
600 | if ($d->{type} eq 'OVSIntPort' || $d->{type} eq 'OVSBond') { |
601 | if (my $brname = $d->{ovs_bridge}) { | |
3ed15e6c | 602 | if (my $br = $ifaces->{$brname}) { |
d11733f8 DM |
603 | if ($br->{ovs_ports}) { |
604 | my @ports = split (/\s+/, $br->{ovs_ports}); | |
605 | my @new = grep { $_ ne $param->{iface} } @ports; | |
606 | $br->{ovs_ports} = join(' ', @new); | |
607 | } | |
608 | } | |
609 | } | |
610 | } | |
611 | ||
3ed15e6c | 612 | delete $ifaces->{$param->{iface}}; |
aff192e6 DM |
613 | |
614 | PVE::INotify::write_file('interfaces', $config); | |
615 | }; | |
616 | ||
617 | PVE::Tools::lock_file($iflockfn, 10, $code); | |
618 | die $@ if $@; | |
619 | ||
620 | return undef; | |
621 | }}); |