From: Alexandre Derumier <aderumier@odiso.com>
Date: Mon, 9 Mar 2020 09:24:30 +0000 (+0100)
Subject: lxc: add sdn veth_create|plug
X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=ab2ec461f8e1d002636219c1d13a0e75e3bd0839;p=pve-container.git

lxc: add sdn veth_create|plug
---

diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 0f6f7fa..0245dfb 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -33,6 +33,11 @@ use PVE::GuestHelpers qw(safe_string_ne safe_num_ne safe_boolean_ne);
 use PVE::LXC::Tools;
 
 use Time::HiRes qw (gettimeofday);
+my $have_sdn;
+eval {
+    require PVE::Network::SDN::Zones;
+    $have_sdn = 1;
+};
 
 my $LXC_CONFIG_PATH = '/usr/share/lxc/config';
 
@@ -913,7 +918,12 @@ sub update_net {
 		    PVE::LXC::Config->write_config($vmid, $conf);
 		}
 
-		PVE::Network::tap_plug($veth, $newnet->{bridge}, $newnet->{tag}, $newnet->{firewall}, $newnet->{trunks}, $newnet->{rate});
+		if($have_sdn) {
+		    PVE::Network::SDN::Zones::tap_plug($veth, $newnet->{bridge}, $newnet->{tag}, $newnet->{firewall}, $newnet->{trunks}, $newnet->{rate});
+		} else {
+		    PVE::Network::tap_plug($veth, $newnet->{bridge}, $newnet->{tag}, $newnet->{firewall}, $newnet->{trunks}, $newnet->{rate});
+		}
+
 		# This includes the rate:
 		foreach (qw(bridge tag firewall rate)) {
 		    $oldnet->{$_} = $newnet->{$_} if $newnet->{$_};
@@ -941,8 +951,13 @@ sub hotplug_net {
     my $vethpeer = $veth . "p";
     my $eth = $newnet->{name};
 
-    PVE::Network::veth_create($veth, $vethpeer, $newnet->{bridge}, $newnet->{hwaddr});
-    PVE::Network::tap_plug($veth, $newnet->{bridge}, $newnet->{tag}, $newnet->{firewall}, $newnet->{trunks}, $newnet->{rate});
+    if($have_sdn) {
+	PVE::Network::SDN::Zones::veth_create($veth, $vethpeer, $newnet->{bridge}, $newnet->{hwaddr});
+	PVE::Network::SDN::Zones::tap_plug($veth, $newnet->{bridge}, $newnet->{tag}, $newnet->{firewall}, $newnet->{trunks}, $newnet->{rate});
+    } else {
+	PVE::Network::veth_create($veth, $vethpeer, $newnet->{bridge}, $newnet->{hwaddr});
+	PVE::Network::tap_plug($veth, $newnet->{bridge}, $newnet->{tag}, $newnet->{firewall}, $newnet->{trunks}, $newnet->{rate});
+    }
 
     # attach peer in container
     my $cmd = ['lxc-device', '-n', $vmid, 'add', $vethpeer, "$eth" ];
diff --git a/src/lxcnetaddbr b/src/lxcnetaddbr
index 5cb6b0b..ddc87f7 100755
--- a/src/lxcnetaddbr
+++ b/src/lxcnetaddbr
@@ -9,6 +9,11 @@ use PVE::LXC;
 use PVE::Tools qw(run_command);
 use PVE::Network;
 use PVE::ProcFSTools;
+my $have_sdn;
+eval {
+    require PVE::Network::SDN::Zones;
+    $have_sdn = 1;
+};
 
 die "got unexpected argument count\n" if scalar(@ARGV) != 5;
 
@@ -47,6 +52,10 @@ die "missing bridge configuration" if !$bridge;
 
 if (-d "/sys/class/net/$iface") {
 
+    if($have_sdn) {
+       ($bridge, undef) = PVE::Network::SDN::Zones::get_bridge_vlan($bridge);
+    } 
+
     my $bridgemtu = PVE::Tools::file_read_firstline("/sys/class/net/$bridge/mtu");
     die "bridge '$bridge' does not exist\n" if !$bridgemtu;
     #avoid insecure dependency;
@@ -54,7 +63,12 @@ if (-d "/sys/class/net/$iface") {
 
     PVE::Tools::run_command("/sbin/ip link set dev $iface up mtu $bridgemtu");
     PVE::Tools::run_command("/sbin/ip addr add 0.0.0.0/0 dev $iface");
-    PVE::Network::tap_plug($iface, $bridge, $tag, $firewall, $trunks, $rate);
+
+    if($have_sdn) {
+	PVE::Network::SDN::Zones::tap_plug($iface, $net->{bridge}, $tag, $firewall, $trunks, $rate);
+    } else {
+	PVE::Network::tap_plug($iface, $bridge, $tag, $firewall, $trunks, $rate);
+    }
 }
 
 exit 0;