]>
Commit | Line | Data |
---|---|---|
880ae857 AD |
1 | package PVE::Network::SDN::Zones::SimplePlugin; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | use PVE::Network::SDN::Zones::Plugin; | |
1d44ce70 | 6 | use PVE::Exception qw(raise raise_param_exc); |
5ca07ed9 AD |
7 | use PVE::Cluster; |
8 | use PVE::Tools; | |
880ae857 AD |
9 | |
10 | use base('PVE::Network::SDN::Zones::Plugin'); | |
11 | ||
12 | sub type { | |
13 | return 'simple'; | |
14 | } | |
15 | ||
4ad78442 AD |
16 | sub properties { |
17 | return { | |
18 | dns => { | |
19 | type => 'string', | |
20 | description => "dns api server", | |
21 | }, | |
22 | reversedns => { | |
23 | type => 'string', | |
24 | description => "reverse dns api server", | |
25 | }, | |
26 | dnszone => { | |
27 | type => 'string', format => 'dns-name', | |
28 | description => "dns domain zone ex: mydomain.com", | |
331e2330 | 29 | } |
4ad78442 AD |
30 | }; |
31 | } | |
32 | ||
880ae857 | 33 | sub options { |
880ae857 | 34 | return { |
efe1459b | 35 | nodes => { optional => 1}, |
4ad78442 AD |
36 | mtu => { optional => 1 }, |
37 | dns => { optional => 1 }, | |
38 | reversedns => { optional => 1 }, | |
39 | dnszone => { optional => 1 }, | |
331e2330 | 40 | ipam => { optional => 0 }, |
880ae857 AD |
41 | }; |
42 | } | |
43 | ||
44 | # Plugin implementation | |
45 | sub generate_sdn_config { | |
efffa0ff | 46 | my ($class, $plugin_config, $zoneid, $vnetid, $vnet, $controller, $controller_cfg, $subnet_cfg, $interfaces_config, $config) = @_; |
880ae857 | 47 | |
efe1459b TL |
48 | return $config if$config->{$vnetid}; # nothing to do |
49 | ||
880ae857 AD |
50 | my $ipv4 = $vnet->{ipv4}; |
51 | my $ipv6 = $vnet->{ipv6}; | |
52 | my $mac = $vnet->{mac}; | |
53 | my $alias = $vnet->{alias}; | |
54 | my $mtu = $plugin_config->{mtu} if $plugin_config->{mtu}; | |
55 | ||
efe1459b | 56 | # vnet bridge |
880ae857 | 57 | my @iface_config = (); |
7024ec2b | 58 | |
e612faf6 | 59 | my $address = {}; |
5d3e0248 | 60 | my $subnets = PVE::Network::SDN::Vnets::get_subnets($vnetid, 1); |
fdf22d5f | 61 | |
e612faf6 AD |
62 | foreach my $subnetid (sort keys %{$subnets}) { |
63 | my $subnet = $subnets->{$subnetid}; | |
e8736dac AD |
64 | my $cidr = $subnet->{cidr}; |
65 | my $mask = $subnet->{mask}; | |
66 | ||
e612faf6 AD |
67 | my $gateway = $subnet->{gateway}; |
68 | if ($gateway) { | |
9f4f6c2e | 69 | push @iface_config, "address $gateway/$mask" if !defined($address->{$gateway}); |
e612faf6 AD |
70 | $address->{$gateway} = 1; |
71 | } | |
72 | #add route for /32 pointtopoint | |
e612faf6 | 73 | push @iface_config, "up ip route add $cidr dev $vnetid" if $mask == 32; |
53b2cc90 AD |
74 | if ($subnet->{snat}) { |
75 | #find outgoing interface | |
76 | my ($outip, $outiface) = PVE::Network::SDN::Zones::Plugin::get_local_route_ip('8.8.8.8'); | |
77 | if ($outip && $outiface) { | |
78 | #use snat, faster than masquerade | |
79 | push @iface_config, "post-up iptables -t nat -A POSTROUTING -s '$cidr' -o $outiface -j SNAT --to-source $outip"; | |
80 | push @iface_config, "post-down iptables -t nat -D POSTROUTING -s '$cidr' -o $outiface -j SNAT --to-source $outip"; | |
81 | #add conntrack zone once on outgoing interface | |
82 | push @iface_config, "post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1"; | |
83 | push @iface_config, "post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1"; | |
84 | } | |
85 | } | |
7024ec2b AD |
86 | } |
87 | ||
880ae857 AD |
88 | push @iface_config, "hwaddress $mac" if $mac; |
89 | push @iface_config, "bridge_ports none"; | |
90 | push @iface_config, "bridge_stp off"; | |
91 | push @iface_config, "bridge_fd 0"; | |
efe1459b | 92 | if ($vnet->{vlanaware}) { |
880ae857 AD |
93 | push @iface_config, "bridge-vlan-aware yes"; |
94 | push @iface_config, "bridge-vids 2-4094"; | |
95 | } | |
96 | push @iface_config, "mtu $mtu" if $mtu; | |
97 | push @iface_config, "alias $alias" if $alias; | |
efe1459b TL |
98 | |
99 | push @{$config->{$vnetid}}, @iface_config; | |
880ae857 AD |
100 | |
101 | return $config; | |
102 | } | |
103 | ||
104 | sub status { | |
105 | my ($class, $plugin_config, $zone, $vnetid, $vnet, $status) = @_; | |
106 | ||
880ae857 | 107 | # ifaces to check |
efe1459b TL |
108 | my $ifaces = [ $vnetid ]; |
109 | my $err_msg = []; | |
880ae857 AD |
110 | foreach my $iface (@{$ifaces}) { |
111 | if (!$status->{$iface}->{status}) { | |
112 | push @$err_msg, "missing $iface"; | |
efe1459b | 113 | } elsif ($status->{$iface}->{status} ne 'pass') { |
880ae857 AD |
114 | push @$err_msg, "error iface $iface"; |
115 | } | |
116 | } | |
117 | return $err_msg; | |
118 | } | |
119 | ||
1d44ce70 | 120 | |
5ca07ed9 | 121 | sub vnet_update_hook { |
88d9562b | 122 | my ($class, $vnet_cfg, $vnetid, $zone_cfg) = @_; |
5ca07ed9 | 123 | |
88d9562b AD |
124 | my $vnet = $vnet_cfg->{ids}->{$vnetid}; |
125 | my $tag = $vnet->{tag}; | |
126 | ||
127 | raise_param_exc({ tag => "vlan tag is not allowed on simple zone"}) if defined($tag); | |
5ca07ed9 AD |
128 | |
129 | if (!defined($vnet->{mac})) { | |
130 | my $dc = PVE::Cluster::cfs_read_file('datacenter.cfg'); | |
131 | $vnet->{mac} = PVE::Tools::random_ether_addr($dc->{mac_prefix}); | |
132 | } | |
1d44ce70 AD |
133 | } |
134 | ||
880ae857 AD |
135 | 1; |
136 | ||
137 |