]>
Commit | Line | Data |
---|---|---|
f5eabba0 | 1 | package PVE::Network::SDN::Zones::Plugin; |
6939693f AD |
2 | |
3 | use strict; | |
4 | use warnings; | |
5 | ||
1f543c5f | 6 | use PVE::Tools qw(run_command); |
6939693f AD |
7 | use PVE::JSONSchema; |
8 | use PVE::Cluster; | |
eb1549e7 | 9 | use PVE::Network; |
6939693f AD |
10 | |
11 | use Data::Dumper; | |
eec580bf | 12 | use PVE::JSONSchema qw(get_standard_option); |
6939693f AD |
13 | use base qw(PVE::SectionConfig); |
14 | ||
f5eabba0 | 15 | PVE::Cluster::cfs_register_file('sdn/zones.cfg', |
6939693f AD |
16 | sub { __PACKAGE__->parse_config(@_); }, |
17 | sub { __PACKAGE__->write_config(@_); }); | |
18 | ||
f5eabba0 AD |
19 | PVE::JSONSchema::register_standard_option('pve-sdn-zone-id', { |
20 | description => "The SDN zone object identifier.", | |
21 | type => 'string', format => 'pve-sdn-zone-id', | |
fe61b14c AD |
22 | }); |
23 | ||
f5eabba0 AD |
24 | PVE::JSONSchema::register_format('pve-sdn-zone-id', \&parse_sdn_zone_id); |
25 | sub parse_sdn_zone_id { | |
26 | my ($id, $noerr) = @_; | |
fe61b14c | 27 | |
7c5b0f6d AD |
28 | if ($id !~ m/^[a-z][a-z0-9]*[a-z0-9]$/i) { |
29 | return undef if $noerr; | |
30 | die "zone ID '$id' contains illegal characters\n"; | |
fe61b14c | 31 | } |
4d7d91da | 32 | die "zone ID '$id' can't be more length than 8 characters\n" if length($id) > 8; |
f5eabba0 | 33 | return $id; |
fe61b14c AD |
34 | } |
35 | ||
6939693f AD |
36 | my $defaultData = { |
37 | ||
38 | propertyList => { | |
7d35eaf5 | 39 | type => { |
6939693f AD |
40 | description => "Plugin type.", |
41 | type => 'string', format => 'pve-configid', | |
42 | type => 'string', | |
43 | }, | |
c2b9c173 | 44 | nodes => get_standard_option('pve-node-list', { optional => 1 }), |
f5eabba0 AD |
45 | zone => get_standard_option('pve-sdn-zone-id', |
46 | { completion => \&PVE::Network::SDN::Zones::complete_sdn_zone }), | |
6939693f AD |
47 | }, |
48 | }; | |
49 | ||
50 | sub private { | |
51 | return $defaultData; | |
52 | } | |
53 | ||
c2b9c173 AD |
54 | sub decode_value { |
55 | my ($class, $type, $key, $value) = @_; | |
56 | ||
57 | if ($key eq 'nodes') { | |
58 | my $res = {}; | |
59 | ||
60 | foreach my $node (PVE::Tools::split_list($value)) { | |
61 | if (PVE::JSONSchema::pve_verify_node_name($node)) { | |
62 | $res->{$node} = 1; | |
63 | } | |
64 | } | |
65 | ||
66 | return $res; | |
0f700635 | 67 | } |
c2b9c173 AD |
68 | |
69 | return $value; | |
70 | } | |
71 | ||
72 | sub encode_value { | |
73 | my ($class, $type, $key, $value) = @_; | |
74 | ||
75 | if ($key eq 'nodes') { | |
76 | return join(',', keys(%$value)); | |
77 | } | |
78 | ||
79 | return $value; | |
80 | } | |
81 | ||
6939693f AD |
82 | sub parse_section_header { |
83 | my ($class, $line) = @_; | |
84 | ||
85 | if ($line =~ m/^(\S+):\s*(\S+)\s*$/) { | |
f5eabba0 | 86 | my ($type, $id) = (lc($1), $2); |
6939693f AD |
87 | my $errmsg = undef; # set if you want to skip whole section |
88 | eval { PVE::JSONSchema::pve_verify_configid($type); }; | |
89 | $errmsg = $@ if $@; | |
90 | my $config = {}; # to return additional attributes | |
f5eabba0 | 91 | return ($type, $id, $errmsg, $config); |
6939693f AD |
92 | } |
93 | return undef; | |
94 | } | |
95 | ||
6bffe819 | 96 | sub generate_sdn_config { |
ba7ac021 | 97 | my ($class, $plugin_config, $zoneid, $vnetid, $vnet, $controller, $interfaces_config, $config) = @_; |
6939693f AD |
98 | |
99 | die "please implement inside plugin"; | |
100 | } | |
101 | ||
8fb1ee7f | 102 | sub generate_controller_config { |
56cdcac9 | 103 | my ($class, $plugin_config, $controller, $id, $uplinks, $config) = @_; |
32602a38 AD |
104 | |
105 | die "please implement inside plugin"; | |
106 | } | |
107 | ||
ad03c543 | 108 | sub generate_controller_vnet_config { |
56cdcac9 | 109 | my ($class, $plugin_config, $controller, $zoneid, $vnetid, $config) = @_; |
ad03c543 AD |
110 | |
111 | } | |
112 | ||
8fb1ee7f AD |
113 | sub write_controller_config { |
114 | my ($class, $plugin_config, $config) = @_; | |
115 | ||
116 | die "please implement inside plugin"; | |
117 | } | |
118 | ||
fa609bdd AD |
119 | sub controller_reload { |
120 | my ($class) = @_; | |
121 | ||
122 | die "please implement inside plugin"; | |
123 | } | |
124 | ||
fe0c6b9e | 125 | sub on_delete_hook { |
56cdcac9 | 126 | my ($class, $zoneid, $vnet_cfg) = @_; |
e8d5906e | 127 | |
56cdcac9 AD |
128 | # verify that no vnet are associated to this zone |
129 | foreach my $id (keys %{$vnet_cfg->{ids}}) { | |
130 | my $vnet = $vnet_cfg->{ids}->{$id}; | |
131 | die "zone $zoneid is used by vnet $id" | |
132 | if ($vnet->{type} eq 'vnet' && defined($vnet->{zone}) && $vnet->{zone} eq $zoneid); | |
133 | } | |
e8d5906e AD |
134 | } |
135 | ||
136 | sub on_update_hook { | |
a2b32a94 | 137 | my ($class, $zoneid, $zone_cfg, $controller_cfg) = @_; |
fe0c6b9e AD |
138 | |
139 | # do nothing by default | |
140 | } | |
141 | ||
6939693f AD |
142 | #helpers |
143 | sub parse_tag_number_or_range { | |
144 | my ($str, $max, $tag) = @_; | |
145 | ||
146 | my @elements = split(/,/, $str); | |
147 | my $count = 0; | |
148 | my $allowed = undef; | |
149 | ||
150 | die "extraneous commas in list\n" if $str ne join(',', @elements); | |
151 | foreach my $item (@elements) { | |
152 | if ($item =~ m/^([0-9]+)-([0-9]+)$/) { | |
153 | $count += 2; | |
154 | my ($port1, $port2) = ($1, $2); | |
155 | die "invalid port '$port1'\n" if $port1 > $max; | |
156 | die "invalid port '$port2'\n" if $port2 > $max; | |
157 | die "backwards range '$port1:$port2' not allowed, did you mean '$port2:$port1'?\n" if $port1 > $port2; | |
158 | ||
159 | if ($tag && $tag >= $port1 && $tag <= $port2){ | |
160 | $allowed = 1; | |
161 | last; | |
162 | } | |
163 | ||
164 | } elsif ($item =~ m/^([0-9]+)$/) { | |
165 | $count += 1; | |
166 | my $port = $1; | |
167 | die "invalid port '$port'\n" if $port > $max; | |
168 | ||
169 | if ($tag && $tag == $port){ | |
170 | $allowed = 1; | |
171 | last; | |
172 | } | |
173 | } | |
174 | } | |
175 | die "tag $tag is not allowed" if $tag && !$allowed; | |
176 | ||
177 | return (scalar(@elements) > 1); | |
178 | } | |
179 | ||
627b1694 | 180 | sub status { |
4d7cc94f AD |
181 | my ($class, $plugin_config, $zone, $vnetid, $vnet, $status) = @_; |
182 | ||
183 | my $err_msg = []; | |
627b1694 | 184 | |
4d7cc94f AD |
185 | # ifaces to check |
186 | my $ifaces = [ $vnetid ]; | |
187 | ||
188 | foreach my $iface (@{$ifaces}) { | |
189 | if (!$status->{$iface}->{status}) { | |
190 | push @$err_msg, "missing $iface"; | |
191 | } elsif ($status->{$iface}->{status} ne 'pass') { | |
192 | push @$err_msg, "error $iface"; | |
193 | } | |
627b1694 | 194 | } |
4d7cc94f | 195 | return $err_msg; |
627b1694 AD |
196 | } |
197 | ||
2ba9613b | 198 | |
eb1549e7 AD |
199 | sub tap_create { |
200 | my ($class, $plugin_config, $vnet, $iface, $vnetid) = @_; | |
201 | ||
912fb443 | 202 | PVE::Network::tap_create($iface, $vnetid); |
eb1549e7 AD |
203 | } |
204 | ||
205 | sub veth_create { | |
206 | my ($class, $plugin_config, $vnet, $veth, $vethpeer, $vnetid, $hwaddr) = @_; | |
207 | ||
912fb443 | 208 | PVE::Network::veth_create($veth, $vethpeer, $vnetid, $hwaddr); |
eb1549e7 AD |
209 | } |
210 | ||
211 | sub tap_plug { | |
912fb443 | 212 | my ($class, $plugin_config, $vnet, $tag, $iface, $vnetid, $firewall, $trunks, $rate) = @_; |
eb1549e7 | 213 | |
912fb443 AD |
214 | my $vlan_aware = PVE::Tools::file_read_firstline("/sys/class/net/$vnetid/bridge/vlan_filtering"); |
215 | die "vm vlans are not allowed on vnet $vnetid" if !$vlan_aware && ($tag || $trunks); | |
eb1549e7 AD |
216 | |
217 | PVE::Network::tap_plug($iface, $vnetid, $tag, $firewall, $trunks, $rate); | |
218 | } | |
219 | ||
3794e429 AD |
220 | #helper |
221 | ||
222 | sub get_uplink_iface { | |
223 | my ($interfaces_config, $uplink) = @_; | |
224 | ||
225 | my $iface = undef; | |
226 | foreach my $id (keys %{$interfaces_config->{ifaces}}) { | |
227 | my $interface = $interfaces_config->{ifaces}->{$id}; | |
228 | if (my $iface_uplink = $interface->{'uplink-id'}) { | |
229 | next if $iface_uplink ne $uplink; | |
230 | if($interface->{type} ne 'eth' && $interface->{type} ne 'bond') { | |
231 | warn "uplink $uplink is not a physical or bond interface"; | |
232 | next; | |
233 | } | |
234 | $iface = $id; | |
235 | } | |
236 | } | |
237 | ||
238 | #create a dummy uplink interface if no uplink found | |
239 | if(!$iface) { | |
240 | warn "can't find uplink $uplink in physical interface"; | |
241 | $iface = "uplink${uplink}"; | |
242 | } | |
243 | ||
244 | return $iface; | |
245 | } | |
1f543c5f AD |
246 | |
247 | sub get_local_route_ip { | |
248 | my ($targetip) = @_; | |
249 | ||
250 | my $ip = undef; | |
251 | my $interface = undef; | |
252 | ||
253 | run_command(['/sbin/ip', 'route', 'get', $targetip], outfunc => sub { | |
254 | if ($_[0] =~ m/src ($PVE::Tools::IPRE)/) { | |
255 | $ip = $1; | |
256 | } | |
257 | if ($_[0] =~ m/dev (\S+)/) { | |
258 | $interface = $1; | |
259 | } | |
260 | ||
261 | }); | |
262 | return ($ip, $interface); | |
263 | } | |
264 | ||
265 | ||
266 | sub find_local_ip_interface_peers { | |
267 | my ($peers) = @_; | |
268 | ||
269 | my $network_config = PVE::INotify::read_file('interfaces'); | |
270 | my $ifaces = $network_config->{ifaces}; | |
271 | #is a local ip member of peers list ? | |
272 | foreach my $address (@{$peers}) { | |
273 | while (my $interface = each %$ifaces) { | |
274 | my $ip = $ifaces->{$interface}->{address}; | |
275 | if ($ip && $ip eq $address) { | |
276 | return ($ip, $interface); | |
277 | } | |
278 | } | |
279 | } | |
280 | ||
281 | #if peer is remote, find source with ip route | |
282 | foreach my $address (@{$peers}) { | |
283 | my ($ip, $interface) = get_local_route_ip($address); | |
284 | return ($ip, $interface); | |
285 | } | |
286 | } | |
287 | ||
6939693f | 288 | 1; |