]>
git.proxmox.com Git - pve-manager.git/blob - PVE/API2/Network.pm
739ef874f766e212f2291d05b6c5e33ed75952a7
1 package PVE
::API2
::Network
;
7 use PVE
::Tools
qw(extract_param);
10 use PVE
::Exception
qw(raise_param_exc);
12 use PVE
::RPCEnvironment
;
13 use PVE
::JSONSchema
qw(get_standard_option);
14 use PVE
::AccessControl
;
17 use base
qw(PVE::RESTHandler);
19 my $iflockfn = "/etc/network/.pve-interfaces.lock";
21 my $bond_mode_enum = [
23 'active-backup', # OVS and Linux
30 'lacp-balance-slb', # OVS
31 'lacp-balance-tcp', # OVS
34 my $network_type_enum = ['bridge', 'bond', 'eth', 'alias',
35 'OVSBridge', 'OVSBond', 'OVSPort', 'OVSIntPort'];
39 description
=> "Network interface type",
41 enum
=> [@$network_type_enum, 'unknown'],
44 description
=> "Automatically start interface on boot.",
49 description
=> "Specify the iterfaces you want to add to your bridge.",
51 type
=> 'string', format
=> 'pve-iface-list',
54 description
=> "Specify the iterfaces you want to add to your bridge.",
56 type
=> 'string', format
=> 'pve-iface-list',
59 description
=> "OVS interface options.",
65 description
=> "The OVS bridge associated with a OVS port. This is required when you create an OVS port.",
67 type
=> 'string', format
=> 'pve-iface',
70 description
=> "Specify the interfaces used by the bonding device.",
72 type
=> 'string', format
=> 'pve-iface-list',
75 description
=> "Specify the interfaces used by the bonding device.",
77 type
=> 'string', format
=> 'pve-iface-list',
80 description
=> "Bonding mode.",
82 type
=> 'string', enum
=> $bond_mode_enum,
84 bond_xmit_hash_policy
=> {
85 description
=> "Selects the transmit hash policy to use for slave selection in balance-xor and 802.3ad modes.",
88 enum
=> ['layer2', 'layer2+3', 'layer3+4' ],
91 description
=> 'Default gateway address.',
92 type
=> 'string', format
=> 'ipv4',
96 description
=> 'Network mask.',
97 type
=> 'string', format
=> 'ipv4mask',
99 requires
=> 'address',
102 description
=> 'IP address.',
103 type
=> 'string', format
=> 'ipv4',
105 requires
=> 'netmask',
109 sub json_config_properties
{
112 foreach my $opt (keys %$confdesc) {
113 $prop->{$opt} = $confdesc->{$opt};
119 __PACKAGE__-
>register_method({
123 permissions
=> { user
=> 'all' },
124 description
=> "List available networks",
127 additionalProperties
=> 0,
129 node
=> get_standard_option
('pve-node'),
131 description
=> "Only list specific interface types.",
133 enum
=> $network_type_enum,
144 links
=> [ { rel
=> 'child', href
=> "{iface}" } ],
149 my $rpcenv = PVE
::RPCEnvironment
::get
();
151 my $tmp = PVE
::INotify
::read_file
('interfaces', 1);
152 my $config = $tmp->{data
};
153 my $changes = $tmp->{changes
};
155 $rpcenv->set_result_attrib('changes', $changes) if $changes;
157 delete $config->{lo
}; # do not list the loopback device
159 if ($param->{type
}) {
160 foreach my $k (keys %$config) {
161 delete $config->{$k} if $param->{type
} ne $config->{$k}->{type
};
165 return PVE
::RESTHandler
::hash_to_array
($config, 'iface');
168 __PACKAGE__-
>register_method({
169 name
=> 'revert_network_changes',
173 check
=> ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
176 description
=> "Revert network configuration changes.",
179 additionalProperties
=> 0,
181 node
=> get_standard_option
('pve-node'),
184 returns
=> { type
=> "null" },
188 unlink "/etc/network/interfaces.new";
193 my $check_duplicate_gateway = sub {
194 my ($config, $newiface) = @_;
196 foreach my $iface (keys %$config) {
197 raise_param_exc
({ gateway
=> "Default gateway already exists on interface '$iface'." })
198 if ($newiface ne $iface) && $config->{$iface}->{gateway
};
202 my $check_ipv4_settings = sub {
203 my ($address, $netmask) = @_;
205 my $binip = Net
::IP
::ip_iptobin
($address, 4);
206 my $binmask = Net
::IP
::ip_iptobin
($netmask, 4);
207 my $broadcast = Net
::IP
::ip_iptobin
('255.255.255.255', 4);
208 my $binhost = $binip | $binmask;
210 raise_param_exc
({ address
=> "$address is not a valid host ip address." })
211 if ($binhost eq $binmask) || ($binhost eq $broadcast);
214 __PACKAGE__-
>register_method({
215 name
=> 'create_network',
219 check
=> ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
221 description
=> "Create network device configuration",
225 additionalProperties
=> 0,
226 properties
=> json_config_properties
({
227 node
=> get_standard_option
('pve-node'),
228 iface
=> get_standard_option
('pve-iface')}),
230 returns
=> { type
=> 'null' },
234 my $node = extract_param
($param, 'node');
235 my $iface = extract_param
($param, 'iface');
238 my $config = PVE
::INotify
::read_file
('interfaces');
240 raise_param_exc
({ iface
=> "interface already exists" })
241 if $config->{$iface};
243 &$check_duplicate_gateway($config, $iface)
244 if $param->{gateway
};
246 &$check_ipv4_settings($param->{address
}, $param->{netmask
})
247 if $param->{address
};
249 $param->{method} = $param->{address
} ?
'static' : 'manual';
251 if ($param->{type
} =~ m/^OVS/) {
252 -x
'/usr/bin/ovs-vsctl' ||
253 die "Open VSwitch is not installed (need package 'openvswitch-switch')\n";
256 if ($param->{type
} eq 'OVSIntPort' || $param->{type
} eq 'OVSBond') {
257 my $brname = $param->{ovs_bridge
};
258 raise_param_exc
({ ovs_bridge
=> "parameter is required" }) if !$brname;
259 my $br = $config->{$brname};
260 raise_param_exc
({ ovs_bridge
=> "bridge '$brname' does not exist" }) if !$br;
261 raise_param_exc
({ ovs_bridge
=> "interface '$brname' is no OVS bridge" })
262 if $br->{type
} ne 'OVSBridge';
264 my @ports = split (/\s+/, $br->{ovs_ports
} || '');
265 $br->{ovs_ports
} = join(' ', @ports, $iface)
266 if ! grep { $_ eq $iface } @ports;
269 $config->{$iface} = $param;
271 PVE
::INotify
::write_file
('interfaces', $config);
274 PVE
::Tools
::lock_file
($iflockfn, 10, $code);
280 __PACKAGE__-
>register_method({
281 name
=> 'update_network',
285 check
=> ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
287 description
=> "Update network device configuration",
291 additionalProperties
=> 0,
292 properties
=> json_config_properties
({
293 node
=> get_standard_option
('pve-node'),
294 iface
=> get_standard_option
('pve-iface'),
296 type
=> 'string', format
=> 'pve-configid-list',
297 description
=> "A list of settings you want to delete.",
301 returns
=> { type
=> 'null' },
305 my $node = extract_param
($param, 'node');
306 my $iface = extract_param
($param, 'iface');
307 my $delete = extract_param
($param, 'delete');
310 my $config = PVE
::INotify
::read_file
('interfaces');
312 raise_param_exc
({ iface
=> "interface does not exist" })
313 if !$config->{$iface};
315 foreach my $k (PVE
::Tools
::split_list
($delete)) {
316 delete $config->{$iface}->{$k};
319 &$check_duplicate_gateway($config, $iface)
320 if $param->{gateway
};
322 &$check_ipv4_settings($param->{address
}, $param->{netmask
})
323 if $param->{address
};
325 $param->{method} = $param->{address
} ?
'static' : 'manual';
327 foreach my $k (keys %$param) {
328 $config->{$iface}->{$k} = $param->{$k};
331 PVE
::INotify
::write_file
('interfaces', $config);
334 PVE
::Tools
::lock_file
($iflockfn, 10, $code);
340 __PACKAGE__-
>register_method({
341 name
=> 'network_config',
345 check
=> ['perm', '/nodes/{node}', [ 'Sys.Audit' ]],
347 description
=> "Read network device configuration",
350 additionalProperties
=> 0,
352 node
=> get_standard_option
('pve-node'),
353 iface
=> get_standard_option
('pve-iface'),
370 my $config = PVE
::INotify
::read_file
('interfaces');
372 raise_param_exc
({ iface
=> "interface does not exist" })
373 if !$config->{$param->{iface
}};
375 return $config->{$param->{iface
}};
378 __PACKAGE__-
>register_method({
379 name
=> 'delete_network',
383 check
=> ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
385 description
=> "Delete network device configuration",
389 additionalProperties
=> 0,
391 node
=> get_standard_option
('pve-node'),
392 iface
=> get_standard_option
('pve-iface'),
395 returns
=> { type
=> 'null' },
400 my $config = PVE
::INotify
::read_file
('interfaces');
402 raise_param_exc
({ iface
=> "interface does not exist" })
403 if !$config->{$param->{iface
}};
405 my $d = $config->{$param->{iface
}};
406 if ($d->{type
} eq 'OVSIntPort' || $d->{type
} eq 'OVSBond') {
407 if (my $brname = $d->{ovs_bridge
}) {
408 if (my $br = $config->{$brname}) {
409 if ($br->{ovs_ports
}) {
410 my @ports = split (/\s+/, $br->{ovs_ports
});
411 my @new = grep { $_ ne $param->{iface
} } @ports;
412 $br->{ovs_ports
} = join(' ', @new);
418 delete $config->{$param->{iface
}};
420 PVE
::INotify
::write_file
('interfaces', $config);
423 PVE
::Tools
::lock_file
($iflockfn, 10, $code);