]> git.proxmox.com Git - pve-manager.git/blame - PVE/API2/Network.pm
projects / pve-manager.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
api: backup: update: turn delete into a hash
[pve-manager.git] / PVE / API2 / Network.pm
CommitLineData
aff192e6
DM		 1package PVE::API2::Network;
2
3use strict;
4use warnings;
5
d09f6f7d 6use Net::IP qw(:PROC);
cacd7547 7use PVE::Tools qw(extract_param dir_glob_regex);
aff192e6
DM		 8use PVE::SafeSyslog;
9use PVE::INotify;
10use PVE::Exception qw(raise_param_exc);
11use PVE::RESTHandler;
12use PVE::RPCEnvironment;
13use PVE::JSONSchema qw(get_standard_option);
14use PVE::AccessControl;
15use IO::File;
16
17use base qw(PVE::RESTHandler);
18
2bca9b77
AD		 19my $have_sdn;
20eval {
30f5d476 21 require PVE::Network::SDN;
2bca9b77
AD		 22 $have_sdn = 1;
23};
24
aff192e6
DM		 25my $iflockfn = "/etc/network/.pve-interfaces.lock";
26
27my $bond_mode_enum = [
28 'balance-rr',
10a9563e 29 'active-backup', # OVS and Linux
aff192e6
DM		 30 'balance-xor',
31 'broadcast',
32 '802.3ad',
33 'balance-tlb',
d11733f8 34 'balance-alb',
10a9563e
DM		 35 'balance-slb', # OVS
36 'lacp-balance-slb', # OVS
37 'lacp-balance-tcp', # OVS
aff192e6
DM		 38 ];
39
3f0d1a4b 40my $network_type_enum = ['bridge', 'bond', 'eth', 'alias', 'vlan',
d11733f8
DM		 41 'OVSBridge', 'OVSBond', 'OVSPort', 'OVSIntPort'];
42
aff192e6 43my $confdesc = {
d11733f8
DM		 44 type => {
45 description => "Network interface type",
46 type => 'string',
47 enum => [@$network_type_enum, 'unknown'],
48 },
44d353a7
DM		 49 comments => {
50 description => "Comments",
51 type => 'string',
b5eda023 52 optional => 1,
44d353a7 53 },
3ed15e6c
WB		 54 comments6 => {
55 description => "Comments",
56 type => 'string',
57 optional => 1,
58 },
aff192e6
DM		 59 autostart => {
60 description => "Automatically start interface on boot.",
61 type => 'boolean',
62 optional => 1,
63 },
a1604d70
AD		 64 bridge_vlan_aware => {
65 description => "Enable bridge vlan support.",
66 type => 'boolean',
67 optional => 1,
68 },
aff192e6 69 bridge_ports => {
76189130 70 description => "Specify the interfaces you want to add to your bridge.",
aff192e6
DM		 71 optional => 1,
72 type => 'string', format => 'pve-iface-list',
73 },
d11733f8 74 ovs_ports => {
76189130 75 description => "Specify the interfaces you want to add to your bridge.",
d11733f8
DM		 76 optional => 1,
77 type => 'string', format => 'pve-iface-list',
78 },
4c917e97
DM		 79 ovs_tag => {
80 description => "Specify a VLan tag (used by OVSPort, OVSIntPort, OVSBond)",
81 optional => 1,
82 type => 'integer',
83 minimum => 1,
84 maximum => 4094,
85 },
d11733f8
DM		 86 ovs_options => {
87 description => "OVS interface options.",
88 optional => 1,
89 type => 'string',
90 maxLength => 1024,
91 },
92 ovs_bridge => {
93 description => "The OVS bridge associated with a OVS port. This is required when you create an OVS port.",
94 optional => 1,
95 type => 'string', format => 'pve-iface',
96 },
aff192e6
DM		 97 slaves => {
98 description => "Specify the interfaces used by the bonding device.",
99 optional => 1,
100 type => 'string', format => 'pve-iface-list',
101 },
d11733f8
DM		 102 ovs_bonds => {
103 description => "Specify the interfaces used by the bonding device.",
104 optional => 1,
105 type => 'string', format => 'pve-iface-list',
106 },
aff192e6
DM		 107 bond_mode => {
108 description => "Bonding mode.",
109 optional => 1,
110 type => 'string', enum => $bond_mode_enum,
111 },
7942a7bb
AD		 112 'bond-primary' => {
113 description => "Specify the primary interface for active-backup bond.",
114 optional => 1,
115 type => 'string', format => 'pve-iface',
116 },
ffffb625
DM		 117 bond_xmit_hash_policy => {
118 description => "Selects the transmit hash policy to use for slave selection in balance-xor and 802.3ad modes.",
119 optional => 1,
120 type => 'string',
121 enum => ['layer2', 'layer2+3', 'layer3+4' ],
122 },
9d2e1c8b
AD		 123 'vlan-raw-device' => {
124 description => "Specify the raw interface for the vlan interface.",
125 optional => 1,
126 type => 'string', format => 'pve-iface',
127 },
128 'vlan-id' => {
129 description => "vlan-id for a custom named vlan interface (ifupdown2 only).",
130 optional => 1,
131 type => 'integer',
132 minimum => 1,
133 maximum => 4094,
134 },
aff192e6
DM		 135 gateway => {
136 description => 'Default gateway address.',
137 type => 'string', format => 'ipv4',
138 optional => 1,
139 },
140 netmask => {
141 description => 'Network mask.',
142 type => 'string', format => 'ipv4mask',
143 optional => 1,
1904114e 144 requires => 'address',
aff192e6
DM		 145 },
146 address => {
147 description => 'IP address.',
148 type => 'string', format => 'ipv4',
149 optional => 1,
150 requires => 'netmask',
3ed15e6c 151 },
69106e5c
DC		 152 cidr => {
153 description => 'IPv4 CIDR.',
e9af22b0 154 type => 'string', format => 'CIDRv4',
69106e5c
DC		 155 optional => 1,
156 },
94011309
AD		 157 mtu => {
158 description => 'MTU.',
159 optional => 1,
160 type => 'integer',
161 minimum => 1280,
162 maximum => 65520,
163 },
3ed15e6c
WB		 164 gateway6 => {
165 description => 'Default ipv6 gateway address.',
166 type => 'string', format => 'ipv6',
167 optional => 1,
168 },
169 netmask6 => {
170 description => 'Network mask.',
171 type => 'integer', minimum => 0, maximum => 128,
172 optional => 1,
173 requires => 'address6',
174 },
175 address6 => {
176 description => 'IP address.',
177 type => 'string', format => 'ipv6',
178 optional => 1,
179 requires => 'netmask6',
69106e5c
DC		 180 },
181 cidr6 => {
182 description => 'IPv6 CIDR.',
e9af22b0 183 type => 'string', format => 'CIDRv6',
69106e5c
DC		 184 optional => 1,
185 },
aff192e6
DM		 186};
187
188sub json_config_properties {
189 my $prop = shift;
190
191 foreach my $opt (keys %$confdesc) {
192 $prop->{$opt} = $confdesc->{$opt};
193 }
194
195 return $prop;
196}
197
198__PACKAGE__->register_method({
199 name => 'index',
200 path => '',
201 method => 'GET',
202 permissions => { user => 'all' },
203 description => "List available networks",
204 proxyto => 'node',
205 parameters => {
206 additionalProperties => 0,
207 properties => {
208 node => get_standard_option('pve-node'),
209 type => {
210 description => "Only list specific interface types.",
211 type => 'string',
4c917e97 212 enum => [ @$network_type_enum, 'any_bridge' ],
aff192e6
DM		 213 optional => 1,
214 },
215 },
216 },
217 returns => {
218 type => "array",
219 items => {
220 type => "object",
221 properties => {},
222 },
223 links => [ { rel => 'child', href => "{iface}" } ],
224 },
225 code => sub {
226 my ($param) = @_;
227
e4d5bf72 228 my $rpcenv = PVE::RPCEnvironment::get();
89d146f2 229 my $authuser = $rpcenv->get_user();
e4d5bf72
DM		 230
231 my $tmp = PVE::INotify::read_file('interfaces', 1);
232 my $config = $tmp->{data};
233 my $changes = $tmp->{changes};
234
235 $rpcenv->set_result_attrib('changes', $changes) if $changes;
aff192e6 236
3ed15e6c
WB		 237 my $ifaces = $config->{ifaces};
238
239 delete $ifaces->{lo}; # do not list the loopback device
aff192e6 240
78510681
TL		 241 if (my $tfilter = $param->{type}) {
242 my $vnets;
c9713306 243 my $vnet_cfg;
78510681
TL		 244 my $can_access_vnet = sub { # only matters for the $have_sdn case, checked implict
245 return 1 if $authuser eq 'root@pam' || !defined($vnets);
c9713306 246 return 1 if !defined(PVE::Network::SDN::Vnets::sdn_vnets_config($vnet_cfg, $_[0], 1)); # not a vnet
78510681
TL		 247 $rpcenv->check_any($authuser, "/sdn/vnets/$_[0]", ['SDN.Audit', 'SDN.Allocate'], 1)
248 };
89d146f2
AD		 249
250 if ($have_sdn && $param->{type} eq 'any_bridge') {
78510681 251 $vnets = PVE::Network::SDN::get_local_vnets(); # returns already access-filtered
c9713306 252 $vnet_cfg = PVE::Network::SDN::Vnets::config();
89d146f2
AD		 253 }
254
78510681 255 for my $k (sort keys $ifaces->%*) {
3ed15e6c 256 my $type = $ifaces->{$k}->{type};
78510681
TL		 257 my $match = $tfilter eq $type || ($tfilter eq 'any_bridge' && ($type eq 'bridge' || $type eq 'OVSBridge'));
258 delete $ifaces->{$k} if !($match && $can_access_vnet->($k));
aff192e6 259 }
30f5d476 260
78510681
TL		 261 if (defined($vnets)) {
262 $ifaces->{$_} = $vnets->{$_} for keys $vnets->%*
263 }
aff192e6
DM		 264 }
265
3ed15e6c 266 return PVE::RESTHandler::hash_to_array($ifaces, 'iface');
aff192e6
DM		 267 }});
268
e4d5bf72
DM		 269__PACKAGE__->register_method({
270 name => 'revert_network_changes',
271 path => '',
272 method => 'DELETE',
273 permissions => {
274 check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
275 },
276 protected => 1,
277 description => "Revert network configuration changes.",
278 proxyto => 'node',
279 parameters => {
280 additionalProperties => 0,
281 properties => {
282 node => get_standard_option('pve-node'),
283 },
284 },
285 returns => { type => "null" },
286 code => sub {
287 my ($param) = @_;
288
289 unlink "/etc/network/interfaces.new";
290
291 return undef;
292 }});
aff192e6 293
3ed15e6c
WB		 294my $check_duplicate = sub {
295 my ($config, $newiface, $key, $name) = @_;
aff192e6
DM		 296
297 foreach my $iface (keys %$config) {
3ed15e6c
WB		 298 raise_param_exc({ $key => "$name already exists on interface '$iface'." })
299 if ($newiface ne $iface) && $config->{$iface}->{$key};
aff192e6
DM		 300 }
301};
302
3ed15e6c
WB		 303my $check_duplicate_gateway = sub {
304 my ($config, $newiface) = @_;
305 return &$check_duplicate($config, $newiface, 'gateway', 'Default gateway');
306};
307
308my $check_duplicate_gateway6 = sub {
309 my ($config, $newiface) = @_;
310 return &$check_duplicate($config, $newiface, 'gateway6', 'Default ipv6 gateway');
311};
312
6cd854d8
SI		 313my $check_duplicate_ports = sub {
314 my ($config, $newiface, $newparam) = @_;
315
316 my $param_name;
317 my $get_portlist = sub {
318 my ($param) = @_;
319 my $ports = '';
320 for my $k (qw(bridge_ports ovs_ports slaves ovs_bonds)) {
321 if ($param->{$k}) {
322 $ports .= " $param->{$k}";
323 $param_name //= $k;
324 }
325 }
326 return PVE::Tools::split_list($ports);
327 };
328
329 my $new_ports = {};
330 for my $p ($get_portlist->($newparam)) {
331 $new_ports->{$p} = 1;
332 }
333 return if !(keys %$new_ports);
334
335 for my $iface (keys %$config) {
336 next if $iface eq $newiface;
337
338 my $d = $config->{$iface};
339 for my $p ($get_portlist->($d)) {
340 raise_param_exc({ $param_name => "$p is already used on interface '$iface'." })
341 if $new_ports->{$p};
342 }
343 }
344};
345
3ed15e6c
WB		 346sub ipv6_tobin {
347 return Net::IP::ip_iptobin(Net::IP::ip_expand_address(shift, 6), 6);
348}
349
350my $check_ipv6_settings = sub {
351 my ($address, $netmask) = @_;
352
353 raise_param_exc({ netmask => "$netmask is not a valid subnet length for ipv6" })
354 if $netmask < 0 || $netmask > 128;
355
0f6e6f6b 356 raise_param_exc({ address => "$address is not a valid host IPv6 address." })
3ed15e6c
WB		 357 if !Net::IP::ip_is_ipv6($address);
358
359 my $binip = ipv6_tobin($address);
360 my $binmask = Net::IP::ip_get_mask($netmask, 6);
361
0f6e6f6b 362 my $type = ($binip eq $binmask) ? 'ANYCAST' : Net::IP::ip_iptypev6($binip);
3ed15e6c 363
0f6e6f6b 364 if (defined($type) && $type !~ /^(?:(?:GLOBAL|(?:UNIQUE|LINK)-LOCAL)-UNICAST)$/) {
68f371d4 365 raise_param_exc({ address => "$address with type '$type', cannot be used as host IPv6 address." });
0f6e6f6b 366 }
3ed15e6c
WB		 367};
368
69106e5c
DC		 369my $map_cidr_to_address_netmask = sub {
370 my ($param) = @_;
371
372 if ($param->{cidr}) {
373 raise_param_exc({ address => "address conflicts with cidr" })
374 if $param->{address};
375 raise_param_exc({ netmask => "netmask conflicts with cidr" })
376 if $param->{netmask};
377
e9af22b0
TL		 378 my ($address, $netmask) = $param->{cidr} =~ m!^(.*)/(\d+)$!;
379 $param->{address} = $address;
380 $param->{netmask} = $netmask;
69106e5c
DC		 381 delete $param->{cidr};
382 }
383
384 if ($param->{cidr6}) {
385 raise_param_exc({ address6 => "address6 conflicts with cidr6" })
386 if $param->{address6};
387 raise_param_exc({ netmask6 => "netmask6 conflicts with cidr6" })
388 if $param->{netmask6};
389
e9af22b0
TL		 390 my ($address, $netmask) = $param->{cidr6} =~ m!^(.*)/(\d+)$!;
391 $param->{address6} = $address;
392 $param->{netmask6} = $netmask;
69106e5c
DC		 393 delete $param->{cidr6};
394 }
395};
396
aff192e6
DM		 397__PACKAGE__->register_method({
398 name => 'create_network',
399 path => '',
400 method => 'POST',
401 permissions => {
7d020b42 402 check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
aff192e6
DM		 403 },
404 description => "Create network device configuration",
405 protected => 1,
406 proxyto => 'node',
407 parameters => {
408 additionalProperties => 0,
409 properties => json_config_properties({
410 node => get_standard_option('pve-node'),
411 iface => get_standard_option('pve-iface')}),
412 },
413 returns => { type => 'null' },
414 code => sub {
415 my ($param) = @_;
416
417 my $node = extract_param($param, 'node');
418 my $iface = extract_param($param, 'iface');
419
420 my $code = sub {
421 my $config = PVE::INotify::read_file('interfaces');
3ed15e6c 422 my $ifaces = $config->{ifaces};
aff192e6
DM		 423
424 raise_param_exc({ iface => "interface already exists" })
3ed15e6c 425 if $ifaces->{$iface};
aff192e6 426
3ed15e6c 427 &$check_duplicate_gateway($ifaces, $iface)
aff192e6 428 if $param->{gateway};
3ed15e6c
WB		 429 &$check_duplicate_gateway6($ifaces, $iface)
430 if $param->{gateway6};
aff192e6 431
6cd854d8
SI		 432 $check_duplicate_ports->($ifaces, $iface, $param);
433
69106e5c
DC		 434 $map_cidr_to_address_netmask->($param);
435
3ed15e6c
WB		 436 &$check_ipv6_settings($param->{address6}, int($param->{netmask6}))
437 if $param->{address6};
438
439 my $families = $param->{families} = [];
440 push @$families, 'inet'
441 if $param->{address} && !grep(/^inet$/, @$families);
442 push @$families, 'inet6'
443 if $param->{address6} && !grep(/^inet6$/, @$families);
444 @$families = ('inet') if !scalar(@$families);
e16a27be 445
aff192e6 446 $param->{method} = $param->{address} ? 'static' : 'manual';
3ed15e6c 447 $param->{method6} = $param->{address6} ? 'static' : 'manual';
aff192e6 448
bdfa2498
DM		 449 if ($param->{type} =~ m/^OVS/) {
450 -x '/usr/bin/ovs-vsctl' ||
451 die "Open VSwitch is not installed (need package 'openvswitch-switch')\n";
452 }
453
d11733f8
DM		 454 if ($param->{type} eq 'OVSIntPort' || $param->{type} eq 'OVSBond') {
455 my $brname = $param->{ovs_bridge};
456 raise_param_exc({ ovs_bridge => "parameter is required" }) if !$brname;
3ed15e6c 457 my $br = $ifaces->{$brname};
d11733f8
DM		 458 raise_param_exc({ ovs_bridge => "bridge '$brname' does not exist" }) if !$br;
459 raise_param_exc({ ovs_bridge => "interface '$brname' is no OVS bridge" })
460 if $br->{type} ne 'OVSBridge';
461
462 my @ports = split (/\s+/, $br->{ovs_ports} || '');
463 $br->{ovs_ports} = join(' ', @ports, $iface)
464 if ! grep { $_ eq $iface } @ports;
465 }
466
3ed15e6c 467 $ifaces->{$iface} = $param;
aff192e6
DM		 468
469 PVE::INotify::write_file('interfaces', $config);
470 };
471
472 PVE::Tools::lock_file($iflockfn, 10, $code);
473 die $@ if $@;
474
475 return undef;
476 }});
477
478__PACKAGE__->register_method({
479 name => 'update_network',
480 path => '{iface}',
481 method => 'PUT',
482 permissions => {
7d020b42 483 check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
aff192e6
DM		 484 },
485 description => "Update network device configuration",
486 protected => 1,
487 proxyto => 'node',
488 parameters => {
489 additionalProperties => 0,
490 properties => json_config_properties({
491 node => get_standard_option('pve-node'),
492 iface => get_standard_option('pve-iface'),
493 delete => {
494 type => 'string', format => 'pve-configid-list',
495 description => "A list of settings you want to delete.",
496 optional => 1,
497 }}),
498 },
499 returns => { type => 'null' },
500 code => sub {
501 my ($param) = @_;
502
503 my $node = extract_param($param, 'node');
504 my $iface = extract_param($param, 'iface');
505 my $delete = extract_param($param, 'delete');
506
507 my $code = sub {
508 my $config = PVE::INotify::read_file('interfaces');
3ed15e6c 509 my $ifaces = $config->{ifaces};
aff192e6
DM		 510
511 raise_param_exc({ iface => "interface does not exist" })
3ed15e6c 512 if !$ifaces->{$iface};
aff192e6 513
3ed15e6c 514 my $families = ($param->{families} ||= []);
aff192e6 515 foreach my $k (PVE::Tools::split_list($delete)) {
3ed15e6c
WB		 516 delete $ifaces->{$iface}->{$k};
517 @$families = grep(!/^inet$/, @$families) if $k eq 'address';
518 @$families = grep(!/^inet6$/, @$families) if $k eq 'address6';
47d13c02
DC		 519 if ($k eq 'cidr') {
520 delete $ifaces->{$iface}->{netmask};
521 delete $ifaces->{$iface}->{address};
522 } elsif ($k eq 'cidr6') {
523 delete $ifaces->{$iface}->{netmask6};
524 delete $ifaces->{$iface}->{address6};
525 }
aff192e6
DM		 526 }
527
69106e5c
DC		 528 $map_cidr_to_address_netmask->($param);
529
3ed15e6c 530 &$check_duplicate_gateway($ifaces, $iface)
aff192e6 531 if $param->{gateway};
3ed15e6c
WB		 532 &$check_duplicate_gateway6($ifaces, $iface)
533 if $param->{gateway6};
534
6cd854d8
SI		 535 $check_duplicate_ports->($ifaces, $iface, $param);
536
3ed15e6c 537 if ($param->{address}) {
3ed15e6c
WB		 538 push @$families, 'inet' if !grep(/^inet$/, @$families);
539 } else {
540 @$families = grep(!/^inet$/, @$families);
541 }
542 if ($param->{address6}) {
543 &$check_ipv6_settings($param->{address6}, int($param->{netmask6}));
544 push @$families, 'inet6' if !grep(/^inet6$/, @$families);
545 } else {
546 @$families = grep(!/^inet6$/, @$families);
547 }
548 @$families = ('inet') if !scalar(@$families);
e16a27be 549
aff192e6 550 $param->{method} = $param->{address} ? 'static' : 'manual';
3ed15e6c 551 $param->{method6} = $param->{address6} ? 'static' : 'manual';
aff192e6
DM		 552
553 foreach my $k (keys %$param) {
3ed15e6c 554 $ifaces->{$iface}->{$k} = $param->{$k};
aff192e6
DM		 555 }
556
557 PVE::INotify::write_file('interfaces', $config);
558 };
559
560 PVE::Tools::lock_file($iflockfn, 10, $code);
561 die $@ if $@;
562
563 return undef;
564 }});
565
566__PACKAGE__->register_method({
567 name => 'network_config',
568 path => '{iface}',
569 method => 'GET',
570 permissions => {
7d020b42 571 check => ['perm', '/nodes/{node}', [ 'Sys.Audit' ]],
aff192e6
DM		 572 },
573 description => "Read network device configuration",
574 proxyto => 'node',
575 parameters => {
576 additionalProperties => 0,
577 properties => {
578 node => get_standard_option('pve-node'),
579 iface => get_standard_option('pve-iface'),
580 },
581 },
582 returns => {
583 type => "object",
584 properties => {
585 type => {
586 type => 'string',
587 },
588 method => {
589 type => 'string',
590 },
591 },
592 },
593 code => sub {
594 my ($param) = @_;
595
596 my $config = PVE::INotify::read_file('interfaces');
3ed15e6c 597 my $ifaces = $config->{ifaces};
aff192e6
DM		 598
599 raise_param_exc({ iface => "interface does not exist" })
3ed15e6c 600 if !$ifaces->{$param->{iface}};
aff192e6 601
3ed15e6c 602 return $ifaces->{$param->{iface}};
aff192e6
DM		 603 }});
604
a6ed0aa6
TL		 605sub ifupdown2_version {
606 my $v;
607 PVE::Tools::run_command(['ifreload', '-V'], outfunc => sub { $v //= shift });
608 return if !defined($v) || $v !~ /^\s*ifupdown2:(\S+)\s*$/;
609 $v = $1;
610 my ($major, $minor, $extra, $pve) = split(/\.|-/, $v);
560bdfd8 611 my $is_pve = defined($pve) && $pve =~ /(pve|pmx|proxmox)/;
a6ed0aa6
TL		 612
613 return ($major * 100000 + $minor * 1000 + $extra * 10, $is_pve, $v);
614}
615sub assert_ifupdown2_installed {
616 die "you need ifupdown2 to reload network configuration\n" if ! -e '/usr/share/ifupdown2';
617 my ($v, $pve, $v_str) = ifupdown2_version();
618 die "incompatible 'ifupdown2' package version '$v_str'! Did you installed from Proxmox repositories?\n"
619 if $v < (1*100000 + 2*1000 + 8*10) || !$pve;
620}
621
cacd7547
AD		 622__PACKAGE__->register_method({
623 name => 'reload_network_config',
624 path => '',
625 method => 'PUT',
626 permissions => {
627 check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
628 },
629 description => "Reload network configuration",
630 protected => 1,
631 proxyto => 'node',
632 parameters => {
633 additionalProperties => 0,
634 properties => {
635 node => get_standard_option('pve-node'),
636 },
637 },
638 returns => { type => 'string' },
639 code => sub {
640
641 my ($param) = @_;
642
643 my $rpcenv = PVE::RPCEnvironment::get();
644
645 my $authuser = $rpcenv->get_user();
646
647 my $current_config_file = "/etc/network/interfaces";
648 my $new_config_file = "/etc/network/interfaces.new";
649
a6ed0aa6 650 assert_ifupdown2_installed();
6159470e 651
cacd7547
AD		 652 my $worker = sub {
653
e46bf624 654 rename($new_config_file, $current_config_file) if -e $new_config_file;
cacd7547 655
2bca9b77 656 if ($have_sdn) {
9ad4656d 657 PVE::Network::SDN::generate_zone_config();
2bca9b77
AD		 658 }
659
cacd7547
AD		 660 my $err = sub {
661 my $line = shift;
662 if ($line =~ /(warning|error): (\S+):/) {
e46bf624 663 print "$2 : $line \n";
cacd7547
AD		 664 }
665 };
084e6030 666 PVE::Tools::run_command(['ifreload', '-a'], errfunc => $err);
cacd7547 667
20dc8bbe 668 if ($have_sdn) {
9ad4656d 669 PVE::Network::SDN::generate_controller_config(1);
084e6030 670 }
cacd7547
AD		 671 };
672 return $rpcenv->fork_worker('srvreload', 'networking', $authuser, $worker);
673 }});
674
aff192e6
DM		 675__PACKAGE__->register_method({
676 name => 'delete_network',
677 path => '{iface}',
678 method => 'DELETE',
679 permissions => {
7d020b42 680 check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
aff192e6
DM		 681 },
682 description => "Delete network device configuration",
683 protected => 1,
684 proxyto => 'node',
685 parameters => {
686 additionalProperties => 0,
687 properties => {
688 node => get_standard_option('pve-node'),
689 iface => get_standard_option('pve-iface'),
690 },
691 },
692 returns => { type => 'null' },
693 code => sub {
694 my ($param) = @_;
695
696 my $code = sub {
697 my $config = PVE::INotify::read_file('interfaces');
3ed15e6c 698 my $ifaces = $config->{ifaces};
aff192e6
DM		 699
700 raise_param_exc({ iface => "interface does not exist" })
3ed15e6c 701 if !$ifaces->{$param->{iface}};
aff192e6 702
3ed15e6c 703 my $d = $ifaces->{$param->{iface}};
d11733f8
DM		 704 if ($d->{type} eq 'OVSIntPort' || $d->{type} eq 'OVSBond') {
705 if (my $brname = $d->{ovs_bridge}) {
3ed15e6c 706 if (my $br = $ifaces->{$brname}) {
d11733f8
DM		 707 if ($br->{ovs_ports}) {
708 my @ports = split (/\s+/, $br->{ovs_ports});
709 my @new = grep { $_ ne $param->{iface} } @ports;
710 $br->{ovs_ports} = join(' ', @new);
711 }
712 }
713 }
714 }
715
3ed15e6c 716 delete $ifaces->{$param->{iface}};
aff192e6
DM		 717
718 PVE::INotify::write_file('interfaces', $config);
719 };
720
721 PVE::Tools::lock_file($iflockfn, 10, $code);
722 die $@ if $@;
723
724 return undef;
725 }});
The Proxmox VE Management API and Web UI