]>
Commit | Line | Data |
---|---|---|
f5eabba0 | 1 | package PVE::Network::SDN::Zones::Plugin; |
6939693f AD |
2 | |
3 | use strict; | |
4 | use warnings; | |
5 | ||
1f543c5f | 6 | use PVE::Tools qw(run_command); |
6939693f AD |
7 | use PVE::JSONSchema; |
8 | use PVE::Cluster; | |
eb1549e7 | 9 | use PVE::Network; |
6939693f AD |
10 | |
11 | use Data::Dumper; | |
eec580bf | 12 | use PVE::JSONSchema qw(get_standard_option); |
6939693f AD |
13 | use base qw(PVE::SectionConfig); |
14 | ||
f5eabba0 | 15 | PVE::Cluster::cfs_register_file('sdn/zones.cfg', |
6939693f AD |
16 | sub { __PACKAGE__->parse_config(@_); }, |
17 | sub { __PACKAGE__->write_config(@_); }); | |
18 | ||
f5eabba0 AD |
19 | PVE::JSONSchema::register_standard_option('pve-sdn-zone-id', { |
20 | description => "The SDN zone object identifier.", | |
21 | type => 'string', format => 'pve-sdn-zone-id', | |
fe61b14c AD |
22 | }); |
23 | ||
f5eabba0 AD |
24 | PVE::JSONSchema::register_format('pve-sdn-zone-id', \&parse_sdn_zone_id); |
25 | sub parse_sdn_zone_id { | |
26 | my ($id, $noerr) = @_; | |
fe61b14c | 27 | |
7c5b0f6d AD |
28 | if ($id !~ m/^[a-z][a-z0-9]*[a-z0-9]$/i) { |
29 | return undef if $noerr; | |
30 | die "zone ID '$id' contains illegal characters\n"; | |
fe61b14c | 31 | } |
7c5b0f6d | 32 | die "zone ID '$id' can't be more length than 10 characters\n" if length($id) > 10; |
f5eabba0 | 33 | return $id; |
fe61b14c AD |
34 | } |
35 | ||
6939693f AD |
36 | my $defaultData = { |
37 | ||
38 | propertyList => { | |
7d35eaf5 | 39 | type => { |
6939693f AD |
40 | description => "Plugin type.", |
41 | type => 'string', format => 'pve-configid', | |
42 | type => 'string', | |
43 | }, | |
c2b9c173 | 44 | nodes => get_standard_option('pve-node-list', { optional => 1 }), |
f5eabba0 AD |
45 | zone => get_standard_option('pve-sdn-zone-id', |
46 | { completion => \&PVE::Network::SDN::Zones::complete_sdn_zone }), | |
6939693f AD |
47 | }, |
48 | }; | |
49 | ||
50 | sub private { | |
51 | return $defaultData; | |
52 | } | |
53 | ||
c2b9c173 AD |
54 | sub decode_value { |
55 | my ($class, $type, $key, $value) = @_; | |
56 | ||
57 | if ($key eq 'nodes') { | |
58 | my $res = {}; | |
59 | ||
60 | foreach my $node (PVE::Tools::split_list($value)) { | |
61 | if (PVE::JSONSchema::pve_verify_node_name($node)) { | |
62 | $res->{$node} = 1; | |
63 | } | |
64 | } | |
65 | ||
66 | return $res; | |
67 | } | |
68 | ||
69 | return $value; | |
70 | } | |
71 | ||
72 | sub encode_value { | |
73 | my ($class, $type, $key, $value) = @_; | |
74 | ||
75 | if ($key eq 'nodes') { | |
76 | return join(',', keys(%$value)); | |
77 | } | |
78 | ||
79 | return $value; | |
80 | } | |
81 | ||
6939693f AD |
82 | sub parse_section_header { |
83 | my ($class, $line) = @_; | |
84 | ||
85 | if ($line =~ m/^(\S+):\s*(\S+)\s*$/) { | |
f5eabba0 | 86 | my ($type, $id) = (lc($1), $2); |
6939693f AD |
87 | my $errmsg = undef; # set if you want to skip whole section |
88 | eval { PVE::JSONSchema::pve_verify_configid($type); }; | |
89 | $errmsg = $@ if $@; | |
90 | my $config = {}; # to return additional attributes | |
f5eabba0 | 91 | return ($type, $id, $errmsg, $config); |
6939693f AD |
92 | } |
93 | return undef; | |
94 | } | |
95 | ||
6bffe819 | 96 | sub generate_sdn_config { |
ba7ac021 | 97 | my ($class, $plugin_config, $zoneid, $vnetid, $vnet, $controller, $interfaces_config, $config) = @_; |
6939693f AD |
98 | |
99 | die "please implement inside plugin"; | |
100 | } | |
101 | ||
8fb1ee7f | 102 | sub generate_controller_config { |
56cdcac9 | 103 | my ($class, $plugin_config, $controller, $id, $uplinks, $config) = @_; |
32602a38 AD |
104 | |
105 | die "please implement inside plugin"; | |
106 | } | |
107 | ||
ad03c543 | 108 | sub generate_controller_vnet_config { |
56cdcac9 | 109 | my ($class, $plugin_config, $controller, $zoneid, $vnetid, $config) = @_; |
ad03c543 AD |
110 | |
111 | } | |
112 | ||
8fb1ee7f AD |
113 | sub write_controller_config { |
114 | my ($class, $plugin_config, $config) = @_; | |
115 | ||
116 | die "please implement inside plugin"; | |
117 | } | |
118 | ||
fa609bdd AD |
119 | sub controller_reload { |
120 | my ($class) = @_; | |
121 | ||
122 | die "please implement inside plugin"; | |
123 | } | |
124 | ||
fe0c6b9e | 125 | sub on_delete_hook { |
56cdcac9 | 126 | my ($class, $zoneid, $vnet_cfg) = @_; |
e8d5906e | 127 | |
56cdcac9 AD |
128 | # verify that no vnet are associated to this zone |
129 | foreach my $id (keys %{$vnet_cfg->{ids}}) { | |
130 | my $vnet = $vnet_cfg->{ids}->{$id}; | |
131 | die "zone $zoneid is used by vnet $id" | |
132 | if ($vnet->{type} eq 'vnet' && defined($vnet->{zone}) && $vnet->{zone} eq $zoneid); | |
133 | } | |
e8d5906e AD |
134 | } |
135 | ||
136 | sub on_update_hook { | |
a2b32a94 | 137 | my ($class, $zoneid, $zone_cfg, $controller_cfg) = @_; |
fe0c6b9e AD |
138 | |
139 | # do nothing by default | |
140 | } | |
141 | ||
6939693f AD |
142 | #helpers |
143 | sub parse_tag_number_or_range { | |
144 | my ($str, $max, $tag) = @_; | |
145 | ||
146 | my @elements = split(/,/, $str); | |
147 | my $count = 0; | |
148 | my $allowed = undef; | |
149 | ||
150 | die "extraneous commas in list\n" if $str ne join(',', @elements); | |
151 | foreach my $item (@elements) { | |
152 | if ($item =~ m/^([0-9]+)-([0-9]+)$/) { | |
153 | $count += 2; | |
154 | my ($port1, $port2) = ($1, $2); | |
155 | die "invalid port '$port1'\n" if $port1 > $max; | |
156 | die "invalid port '$port2'\n" if $port2 > $max; | |
157 | die "backwards range '$port1:$port2' not allowed, did you mean '$port2:$port1'?\n" if $port1 > $port2; | |
158 | ||
159 | if ($tag && $tag >= $port1 && $tag <= $port2){ | |
160 | $allowed = 1; | |
161 | last; | |
162 | } | |
163 | ||
164 | } elsif ($item =~ m/^([0-9]+)$/) { | |
165 | $count += 1; | |
166 | my $port = $1; | |
167 | die "invalid port '$port'\n" if $port > $max; | |
168 | ||
169 | if ($tag && $tag == $port){ | |
170 | $allowed = 1; | |
171 | last; | |
172 | } | |
173 | } | |
174 | } | |
175 | die "tag $tag is not allowed" if $tag && !$allowed; | |
176 | ||
177 | return (scalar(@elements) > 1); | |
178 | } | |
179 | ||
627b1694 AD |
180 | sub status { |
181 | my ($class, $plugin_config, $zone, $id, $vnet, $err_config, $status, $vnet_status, $zone_status) = @_; | |
182 | ||
183 | $vnet_status->{$id}->{zone} = $zone; | |
184 | $zone_status->{$zone}->{status} = 'available' if !defined($zone_status->{$zone}->{status}); | |
185 | ||
186 | if($err_config) { | |
187 | $vnet_status->{$id}->{status} = 'pending'; | |
188 | $vnet_status->{$id}->{statusmsg} = $err_config; | |
189 | $zone_status->{$zone}->{status} = 'pending'; | |
190 | } elsif ($status->{$id}->{status} && $status->{$id}->{status} eq 'pass') { | |
191 | $vnet_status->{$id}->{status} = 'available'; | |
192 | my $bridgeport = $status->{$id}->{config}->{'bridge-ports'}; | |
193 | ||
194 | if ($bridgeport && $status->{$bridgeport}->{status} && $status->{$bridgeport}->{status} ne 'pass') { | |
195 | $vnet_status->{$id}->{status} = 'error'; | |
196 | $vnet_status->{$id}->{statusmsg} = 'configuration not fully applied'; | |
197 | $zone_status->{$zone}->{status} = 'error'; | |
198 | } | |
199 | ||
200 | } else { | |
201 | $vnet_status->{$id}->{status} = 'error'; | |
202 | $vnet_status->{$id}->{statusmsg} = 'missing'; | |
203 | $zone_status->{$zone}->{status} = 'error'; | |
204 | } | |
205 | } | |
206 | ||
2ba9613b AD |
207 | |
208 | sub get_bridge_vlan { | |
eb1549e7 | 209 | my ($class, $plugin_config, $vnetid, $tag) = @_; |
2ba9613b | 210 | |
eb1549e7 | 211 | my $bridge = $vnetid; |
2ba9613b AD |
212 | $tag = undef; |
213 | ||
eb1549e7 AD |
214 | die "bridge $bridge is missing" if !-d "/sys/class/net/$bridge/"; |
215 | ||
2ba9613b AD |
216 | return ($bridge, $tag); |
217 | } | |
218 | ||
eb1549e7 AD |
219 | sub tap_create { |
220 | my ($class, $plugin_config, $vnet, $iface, $vnetid) = @_; | |
221 | ||
7d1035b2 AD |
222 | my $tag = $vnet->{tag}; |
223 | my ($bridge, undef) = $class->get_bridge_vlan($plugin_config, $vnetid, $tag); | |
eb1549e7 AD |
224 | die "unable to get bridge setting\n" if !$bridge; |
225 | ||
226 | PVE::Network::tap_create($iface, $bridge); | |
227 | } | |
228 | ||
229 | sub veth_create { | |
230 | my ($class, $plugin_config, $vnet, $veth, $vethpeer, $vnetid, $hwaddr) = @_; | |
231 | ||
7d1035b2 AD |
232 | my $tag = $vnet->{tag}; |
233 | my ($bridge, undef) = $class->get_bridge_vlan($plugin_config, $vnetid, $tag); | |
eb1549e7 AD |
234 | die "unable to get bridge setting\n" if !$bridge; |
235 | ||
236 | PVE::Network::veth_create($veth, $vethpeer, $bridge, $hwaddr); | |
237 | } | |
238 | ||
239 | sub tap_plug { | |
240 | my ($class, $plugin_config, $vnet, $iface, $vnetid, $firewall, $rate) = @_; | |
241 | ||
242 | my $tag = $vnet->{tag}; | |
243 | ||
244 | ($vnetid, $tag) = $class->get_bridge_vlan($plugin_config, $vnetid, $tag); | |
245 | my $trunks = undef; | |
246 | ||
247 | PVE::Network::tap_plug($iface, $vnetid, $tag, $firewall, $trunks, $rate); | |
248 | } | |
249 | ||
3794e429 AD |
250 | #helper |
251 | ||
252 | sub get_uplink_iface { | |
253 | my ($interfaces_config, $uplink) = @_; | |
254 | ||
255 | my $iface = undef; | |
256 | foreach my $id (keys %{$interfaces_config->{ifaces}}) { | |
257 | my $interface = $interfaces_config->{ifaces}->{$id}; | |
258 | if (my $iface_uplink = $interface->{'uplink-id'}) { | |
259 | next if $iface_uplink ne $uplink; | |
260 | if($interface->{type} ne 'eth' && $interface->{type} ne 'bond') { | |
261 | warn "uplink $uplink is not a physical or bond interface"; | |
262 | next; | |
263 | } | |
264 | $iface = $id; | |
265 | } | |
266 | } | |
267 | ||
268 | #create a dummy uplink interface if no uplink found | |
269 | if(!$iface) { | |
270 | warn "can't find uplink $uplink in physical interface"; | |
271 | $iface = "uplink${uplink}"; | |
272 | } | |
273 | ||
274 | return $iface; | |
275 | } | |
1f543c5f AD |
276 | |
277 | sub get_local_route_ip { | |
278 | my ($targetip) = @_; | |
279 | ||
280 | my $ip = undef; | |
281 | my $interface = undef; | |
282 | ||
283 | run_command(['/sbin/ip', 'route', 'get', $targetip], outfunc => sub { | |
284 | if ($_[0] =~ m/src ($PVE::Tools::IPRE)/) { | |
285 | $ip = $1; | |
286 | } | |
287 | if ($_[0] =~ m/dev (\S+)/) { | |
288 | $interface = $1; | |
289 | } | |
290 | ||
291 | }); | |
292 | return ($ip, $interface); | |
293 | } | |
294 | ||
295 | ||
296 | sub find_local_ip_interface_peers { | |
297 | my ($peers) = @_; | |
298 | ||
299 | my $network_config = PVE::INotify::read_file('interfaces'); | |
300 | my $ifaces = $network_config->{ifaces}; | |
301 | #is a local ip member of peers list ? | |
302 | foreach my $address (@{$peers}) { | |
303 | while (my $interface = each %$ifaces) { | |
304 | my $ip = $ifaces->{$interface}->{address}; | |
305 | if ($ip && $ip eq $address) { | |
306 | return ($ip, $interface); | |
307 | } | |
308 | } | |
309 | } | |
310 | ||
311 | #if peer is remote, find source with ip route | |
312 | foreach my $address (@{$peers}) { | |
313 | my ($ip, $interface) = get_local_route_ip($address); | |
314 | return ($ip, $interface); | |
315 | } | |
316 | } | |
317 | ||
6939693f | 318 | 1; |