[pve-network.git] / PVE / API2 / Network / SDN / Zones.pm

package PVE::API2::Network::SDN::Zones;

use strict;
use warnings;

use PVE::SafeSyslog;
use PVE::Tools qw(extract_param);
use PVE::Cluster qw(cfs_read_file cfs_write_file);
use PVE::Network::SDN;
use PVE::Network::SDN::Vnets;
use PVE::Network::SDN::Zones;
use PVE::Network::SDN::Dns;
use PVE::Network::SDN::Zones::Plugin;
use PVE::Network::SDN::Zones::VlanPlugin;
use PVE::Network::SDN::Zones::QinQPlugin;
use PVE::Network::SDN::Zones::VxlanPlugin;
use PVE::Network::SDN::Zones::EvpnPlugin;
use PVE::Network::SDN::Zones::FaucetPlugin;
use PVE::Network::SDN::Zones::SimplePlugin;

use Storable qw(dclone);
use PVE::JSONSchema qw(get_standard_option);
use PVE::RPCEnvironment;
use PVE::Exception qw(raise raise_param_exc);

use PVE::RESTHandler;

use base qw(PVE::RESTHandler);

my $sdn_zones_type_enum = PVE::Network::SDN::Zones::Plugin->lookup_types();

my $api_sdn_zones_config = sub {
    my ($cfg, $id) = @_;

    my $scfg = dclone(PVE::Network::SDN::Zones::sdn_zones_config($cfg, $id));
    $scfg->{zone} = $id;
    $scfg->{digest} = $cfg->{digest};

    if ($scfg->{nodes}) {
        $scfg->{nodes} = PVE::Network::SDN::Zones::Plugin->encode_value($scfg->{type}, 'nodes', $scfg->{nodes});
    }

    my $pending = $scfg->{pending};
    if ($pending->{nodes}) {
        $pending->{nodes} = PVE::Network::SDN::Zones::Plugin->encode_value($scfg->{type}, 'nodes', $pending->{nodes});
    }

    return $scfg;
};

__PACKAGE__->register_method ({
    name => 'index',
    path => '',
    method => 'GET',
    description => "SDN zones index.",
    permissions => {
	description => "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/zones/<zone>'",
	user => 'all',
    },
    parameters => {
    	additionalProperties => 0,
	properties => {
	    type => {
		description => "Only list sdn zones of specific type",
		type => 'string',
		enum => $sdn_zones_type_enum,
		optional => 1,
	    },
	    running => {
		type => 'boolean',
		optional => 1,
		description => "Display running config.",
	    },
	    pending => {
		type => 'boolean',
		optional => 1,
		description => "Display pending config.",
	    },
	},
    },
    returns => {
	type => 'array',
	items => {
	    type => "object",
	    properties => { zone => { type => 'string'},
			    type => { type => 'string'},
			    mtu => { type => 'integer', optional => 1 },
			    dns => { type => 'string', optional => 1},
			    reversedns => { type => 'string', optional => 1},
			    dnszone => { type => 'string', optional => 1},
			    ipam => { type => 'string', optional => 1},
			    pending => { optional => 1},
			    state => { type => 'string', optional => 1},
			    nodes => { type => 'string', optional => 1},
			  },
	},
	links => [ { rel => 'child', href => "{zone}" } ],
    },
    code => sub {
	my ($param) = @_;

	my $rpcenv = PVE::RPCEnvironment::get();
	my $authuser = $rpcenv->get_user();

	my $cfg = {};
	if($param->{pending}) {
	    my $running_cfg = PVE::Network::SDN::config();
	    my $config = PVE::Network::SDN::Zones::config();
	    $cfg = PVE::Network::SDN::pending_config($running_cfg, $config, 'zones');
        } elsif ($param->{running}) {
	    my $running_cfg = PVE::Network::SDN::config();
	    $cfg = $running_cfg->{zones};
        } else {
	    $cfg = PVE::Network::SDN::Zones::config();
        }

	my @sids = PVE::Network::SDN::Zones::sdn_zones_ids($cfg);
	my $res = [];
	foreach my $id (@sids) {
	    my $privs = [ 'SDN.Audit', 'SDN.Allocate' ];
	    next if !$rpcenv->check_any($authuser, "/sdn/zones/$id", $privs, 1);

	    my $scfg = &$api_sdn_zones_config($cfg, $id);
	    next if $param->{type} && $param->{type} ne $scfg->{type};

	    my $plugin_config = $cfg->{ids}->{$id};
	    my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
	    push @$res, $scfg;
	}

	return $res;
    }});

__PACKAGE__->register_method ({
    name => 'read',
    path => '{zone}',
    method => 'GET',
    description => "Read sdn zone configuration.",
    permissions => {
	check => ['perm', '/sdn/zones/{zone}', ['SDN.Allocate']],
   },

    parameters => {
    	additionalProperties => 0,
	properties => {
	    zone => get_standard_option('pve-sdn-zone-id'),
	    running => {
		type => 'boolean',
		optional => 1,
		description => "Display running config.",
	    },
	    pending => {
		type => 'boolean',
		optional => 1,
		description => "Display pending config.",
	    }
	},
    },
    returns => { type => 'object' },
    code => sub {
	my ($param) = @_;

	my $cfg = {};
	if($param->{pending}) {
	    my $running_cfg = PVE::Network::SDN::config();
	    my $config = PVE::Network::SDN::Zones::config();
	    $cfg = PVE::Network::SDN::pending_config($running_cfg, $config, 'zones');
        } elsif ($param->{running}) {
	    my $running_cfg = PVE::Network::SDN::config();
	    $cfg = $running_cfg->{zones};
        } else {
	    $cfg = PVE::Network::SDN::Zones::config();
        }

	return &$api_sdn_zones_config($cfg, $param->{zone});
    }});

__PACKAGE__->register_method ({
    name => 'create',
    protected => 1,
    path => '',
    method => 'POST',
    description => "Create a new sdn zone object.",
    permissions => {
	check => ['perm', '/sdn/zones', ['SDN.Allocate']],
    },
    parameters => PVE::Network::SDN::Zones::Plugin->createSchema(),
    returns => { type => 'null' },
    code => sub {
	my ($param) = @_;

	my $type = extract_param($param, 'type');
	my $id = extract_param($param, 'zone');

	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($type);
	my $opts = $plugin->check_config($id, $param, 1, 1);

        # create /etc/pve/sdn directory
        PVE::Cluster::check_cfs_quorum();
        mkdir("/etc/pve/sdn");

        PVE::Network::SDN::lock_sdn_config(
	    sub {

		my $zone_cfg = PVE::Network::SDN::Zones::config();
		my $controller_cfg = PVE::Network::SDN::Controllers::config();
		my $dns_cfg = PVE::Network::SDN::Dns::config();

		my $scfg = undef;
		if ($scfg = PVE::Network::SDN::Zones::sdn_zones_config($zone_cfg, $id, 1)) {
		    die "sdn zone object ID '$id' already defined\n";
		}
		
		my $dnsserver = $opts->{dns};
		my $reversednsserver = $opts->{reversedns};
		my $dnszone = $opts->{dnszone};
		raise_param_exc({ dns => "$dnsserver don't exist"}) if $dnsserver && !$dns_cfg->{ids}->{$dnsserver};
		raise_param_exc({ reversedns => "$reversednsserver don't exist"}) if $reversednsserver && !$dns_cfg->{ids}->{$reversednsserver};
		raise_param_exc({ dnszone => "missing dns server"}) if $dnszone && !$dnsserver;

		my $ipam = $opts->{ipam};
		my $ipam_cfg = PVE::Network::SDN::Ipams::config();
		raise_param_exc({ ipam => "$ipam not existing"}) if $ipam && !$ipam_cfg->{ids}->{$ipam};

		$zone_cfg->{ids}->{$id} = $opts;
		$plugin->on_update_hook($id, $zone_cfg, $controller_cfg);

		PVE::Network::SDN::Zones::write_config($zone_cfg);

	    }, "create sdn zone object failed");

	return undef;
    }});

__PACKAGE__->register_method ({
    name => 'update',
    protected => 1,
    path => '{zone}',
    method => 'PUT',
    description => "Update sdn zone object configuration.",
    permissions => {
	check => ['perm', '/sdn/zones', ['SDN.Allocate']],
    },
    parameters => PVE::Network::SDN::Zones::Plugin->updateSchema(),
    returns => { type => 'null' },
    code => sub {
	my ($param) = @_;

	my $id = extract_param($param, 'zone');
	my $digest = extract_param($param, 'digest');

        PVE::Network::SDN::lock_sdn_config(
	 sub {

	    my $zone_cfg = PVE::Network::SDN::Zones::config();
	    my $controller_cfg = PVE::Network::SDN::Controllers::config();
	    my $dns_cfg = PVE::Network::SDN::Dns::config();

	    PVE::SectionConfig::assert_if_modified($zone_cfg, $digest);

	    my $scfg = PVE::Network::SDN::Zones::sdn_zones_config($zone_cfg, $id);

	    my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($scfg->{type});
	    my $opts = $plugin->check_config($id, $param, 0, 1);

	    foreach my $k (%$opts) {
		$scfg->{$k} = $opts->{$k};
	    }

	    my $dnsserver = $opts->{dns};
	    my $reversednsserver = $opts->{reversedns};
	    my $dnszone = $opts->{dnszone};
	    raise_param_exc({ dns => "$dnsserver don't exist"}) if $dnsserver && !$dns_cfg->{ids}->{$dnsserver};
	    raise_param_exc({ reversedns => "$reversednsserver don't exist"}) if $reversednsserver && !$dns_cfg->{ids}->{$reversednsserver};
	    raise_param_exc({ dnszone => "missing dns server"}) if $dnszone && !$dnsserver;

	    my $ipam = $opts->{ipam};
	    my $ipam_cfg = PVE::Network::SDN::Ipams::config();
	    raise_param_exc({ ipam => "$ipam not existing"}) if $ipam && !$ipam_cfg->{ids}->{$ipam};

	    $plugin->on_update_hook($id, $zone_cfg, $controller_cfg);

	    PVE::Network::SDN::Zones::write_config($zone_cfg);

	    }, "update sdn zone object failed");

	return undef;
    }});

__PACKAGE__->register_method ({
    name => 'delete',
    protected => 1,
    path => '{zone}',
    method => 'DELETE',
    description => "Delete sdn zone object configuration.",
    permissions => {
	check => ['perm', '/sdn/zones', ['SDN.Allocate']],
    },
    parameters => {
    	additionalProperties => 0,
	properties => {
	    zone => get_standard_option('pve-sdn-zone-id', {
                completion => \&PVE::Network::SDN::Zones::complete_sdn_zones,
            }),
	},
    },
    returns => { type => 'null' },
    code => sub {
	my ($param) = @_;

	my $id = extract_param($param, 'zone');

        PVE::Network::SDN::lock_sdn_config(
	    sub {

		my $cfg = PVE::Network::SDN::Zones::config();

		my $scfg = PVE::Network::SDN::Zones::sdn_zones_config($cfg, $id);

		my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($scfg->{type});

		my $vnet_cfg = PVE::Network::SDN::Vnets::config();

		$plugin->on_delete_hook($id, $vnet_cfg);

		delete $cfg->{ids}->{$id};
		PVE::Network::SDN::Zones::write_config($cfg);

	    }, "delete sdn zone object failed");


	return undef;
    }});

1;
Commit	Line	Data
4140be9e AD	1	package PVE::API2::Network::SDN::Zones;
	2
	3	use strict;
	4	use warnings;
	5
	6	use PVE::SafeSyslog;
	7	use PVE::Tools qw(extract_param);
	8	use PVE::Cluster qw(cfs_read_file cfs_write_file);
f9bc9640	9	use PVE::Network::SDN;
4140be9e AD	10	use PVE::Network::SDN::Vnets;
4140be9e AD	11	use PVE::Network::SDN::Zones;
4ad78442	12	use PVE::Network::SDN::Dns;
4140be9e AD	13	use PVE::Network::SDN::Zones::Plugin;
	14	use PVE::Network::SDN::Zones::VlanPlugin;
	15	use PVE::Network::SDN::Zones::QinQPlugin;
	16	use PVE::Network::SDN::Zones::VxlanPlugin;
	17	use PVE::Network::SDN::Zones::EvpnPlugin;
	18	use PVE::Network::SDN::Zones::FaucetPlugin;
880ae857	19	use PVE::Network::SDN::Zones::SimplePlugin;
4140be9e AD	20
	21	use Storable qw(dclone);
	22	use PVE::JSONSchema qw(get_standard_option);
	23	use PVE::RPCEnvironment;
4ad78442	24	use PVE::Exception qw(raise raise_param_exc);
4140be9e AD	25
	26	use PVE::RESTHandler;
	27
	28	use base qw(PVE::RESTHandler);
	29
	30	my $sdn_zones_type_enum = PVE::Network::SDN::Zones::Plugin->lookup_types();
	31
	32	my $api_sdn_zones_config = sub {
	33	my ($cfg, $id) = @_;
	34
	35	my $scfg = dclone(PVE::Network::SDN::Zones::sdn_zones_config($cfg, $id));
	36	$scfg->{zone} = $id;
	37	$scfg->{digest} = $cfg->{digest};
	38
c2b9c173	39	if ($scfg->{nodes}) {
155fa5c7	40	$scfg->{nodes} = PVE::Network::SDN::Zones::Plugin->encode_value($scfg->{type}, 'nodes', $scfg->{nodes});
c2b9c173 AD	41	}
c2b9c173 AD	42
6f5f42e4 AD	43	my $pending = $scfg->{pending};
	44	if ($pending->{nodes}) {
	45	$pending->{nodes} = PVE::Network::SDN::Zones::Plugin->encode_value($scfg->{type}, 'nodes', $pending->{nodes});
	46	}
	47
4140be9e AD	48	return $scfg;
	49	};
	50
	51	__PACKAGE__->register_method ({
	52	name => 'index',
	53	path => '',
	54	method => 'GET',
	55	description => "SDN zones index.",
	56	permissions => {
3551b612	57	description => "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/zones/<zone>'",
4140be9e AD	58	user => 'all',
	59	},
	60	parameters => {
	61	additionalProperties => 0,
	62	properties => {
	63	type => {
	64	description => "Only list sdn zones of specific type",
	65	type => 'string',
	66	enum => $sdn_zones_type_enum,
	67	optional => 1,
	68	},
6f5f42e4 AD	69	running => {
	70	type => 'boolean',
	71	optional => 1,
	72	description => "Display running config.",
	73	},
	74	pending => {
	75	type => 'boolean',
	76	optional => 1,
	77	description => "Display pending config.",
	78	},
4140be9e AD	79	},
	80	},
	81	returns => {
	82	type => 'array',
	83	items => {
	84	type => "object",
0f700635	85	properties => { zone => { type => 'string'},
4140be9e	86	type => { type => 'string'},
6f5f42e4	87	mtu => { type => 'integer', optional => 1 },
4ad78442 AD	88	dns => { type => 'string', optional => 1},
	89	reversedns => { type => 'string', optional => 1},
	90	dnszone => { type => 'string', optional => 1},
331e2330	91	ipam => { type => 'string', optional => 1},
6f5f42e4 AD	92	pending => { optional => 1},
	93	state => { type => 'string', optional => 1},
	94	nodes => { type => 'string', optional => 1},
4140be9e AD	95	},
	96	},
	97	links => [ { rel => 'child', href => "{zone}" } ],
	98	},
	99	code => sub {
	100	my ($param) = @_;
	101
	102	my $rpcenv = PVE::RPCEnvironment::get();
	103	my $authuser = $rpcenv->get_user();
	104
6f5f42e4 AD	105	my $cfg = {};
	106	if($param->{pending}) {
	107	my $running_cfg = PVE::Network::SDN::config();
	108	my $config = PVE::Network::SDN::Zones::config();
	109	$cfg = PVE::Network::SDN::pending_config($running_cfg, $config, 'zones');
	110	} elsif ($param->{running}) {
	111	my $running_cfg = PVE::Network::SDN::config();
	112	$cfg = $running_cfg->{zones};
	113	} else {
	114	$cfg = PVE::Network::SDN::Zones::config();
	115	}
4140be9e AD	116
	117	my @sids = PVE::Network::SDN::Zones::sdn_zones_ids($cfg);
	118	my $res = [];
	119	foreach my $id (@sids) {
3551b612 AD	120	my $privs = [ 'SDN.Audit', 'SDN.Allocate' ];
3551b612 AD	121	next if !$rpcenv->check_any($authuser, "/sdn/zones/$id", $privs, 1);
4140be9e AD	122
	123	my $scfg = &$api_sdn_zones_config($cfg, $id);
	124	next if $param->{type} && $param->{type} ne $scfg->{type};
	125
	126	my $plugin_config = $cfg->{ids}->{$id};
	127	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
	128	push @$res, $scfg;
	129	}
	130
	131	return $res;
	132	}});
	133
	134	__PACKAGE__->register_method ({
	135	name => 'read',
	136	path => '{zone}',
	137	method => 'GET',
	138	description => "Read sdn zone configuration.",
3551b612 AD	139	permissions => {
	140	check => ['perm', '/sdn/zones/{zone}', ['SDN.Allocate']],
	141	},
4140be9e AD	142
	143	parameters => {
	144	additionalProperties => 0,
	145	properties => {
	146	zone => get_standard_option('pve-sdn-zone-id'),
6f5f42e4 AD	147	running => {
	148	type => 'boolean',
	149	optional => 1,
	150	description => "Display running config.",
	151	},
	152	pending => {
	153	type => 'boolean',
	154	optional => 1,
	155	description => "Display pending config.",
	156	}
4140be9e AD	157	},
	158	},
	159	returns => { type => 'object' },
	160	code => sub {
	161	my ($param) = @_;
	162
6f5f42e4 AD	163	my $cfg = {};
	164	if($param->{pending}) {
	165	my $running_cfg = PVE::Network::SDN::config();
	166	my $config = PVE::Network::SDN::Zones::config();
	167	$cfg = PVE::Network::SDN::pending_config($running_cfg, $config, 'zones');
	168	} elsif ($param->{running}) {
	169	my $running_cfg = PVE::Network::SDN::config();
	170	$cfg = $running_cfg->{zones};
	171	} else {
	172	$cfg = PVE::Network::SDN::Zones::config();
	173	}
4140be9e AD	174
	175	return &$api_sdn_zones_config($cfg, $param->{zone});
	176	}});
	177
	178	__PACKAGE__->register_method ({
	179	name => 'create',
	180	protected => 1,
	181	path => '',
	182	method => 'POST',
	183	description => "Create a new sdn zone object.",
3551b612 AD	184	permissions => {
	185	check => ['perm', '/sdn/zones', ['SDN.Allocate']],
	186	},
4140be9e AD	187	parameters => PVE::Network::SDN::Zones::Plugin->createSchema(),
	188	returns => { type => 'null' },
	189	code => sub {
	190	my ($param) = @_;
	191
	192	my $type = extract_param($param, 'type');
	193	my $id = extract_param($param, 'zone');
	194
	195	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($type);
	196	my $opts = $plugin->check_config($id, $param, 1, 1);
	197
45c3f15c AD	198	# create /etc/pve/sdn directory
	199	PVE::Cluster::check_cfs_quorum();
	200	mkdir("/etc/pve/sdn");
	201
f9bc9640	202	PVE::Network::SDN::lock_sdn_config(
4140be9e AD	203	sub {
4140be9e AD	204
a2b32a94 AD	205	my $zone_cfg = PVE::Network::SDN::Zones::config();
a2b32a94 AD	206	my $controller_cfg = PVE::Network::SDN::Controllers::config();
4ad78442	207	my $dns_cfg = PVE::Network::SDN::Dns::config();
4140be9e AD	208
4140be9e AD	209	my $scfg = undef;
a2b32a94	210	if ($scfg = PVE::Network::SDN::Zones::sdn_zones_config($zone_cfg, $id, 1)) {
4140be9e AD	211	die "sdn zone object ID '$id' already defined\n";
4140be9e AD	212	}
4ad78442 AD	213
	214	my $dnsserver = $opts->{dns};
	215	my $reversednsserver = $opts->{reversedns};
	216	my $dnszone = $opts->{dnszone};
	217	raise_param_exc({ dns => "$dnsserver don't exist"}) if $dnsserver && !$dns_cfg->{ids}->{$dnsserver};
	218	raise_param_exc({ reversedns => "$reversednsserver don't exist"}) if $reversednsserver && !$dns_cfg->{ids}->{$reversednsserver};
	219	raise_param_exc({ dnszone => "missing dns server"}) if $dnszone && !$dnsserver;
4140be9e	220
331e2330 AD	221	my $ipam = $opts->{ipam};
	222	my $ipam_cfg = PVE::Network::SDN::Ipams::config();
	223	raise_param_exc({ ipam => "$ipam not existing"}) if $ipam && !$ipam_cfg->{ids}->{$ipam};
	224
a2b32a94 AD	225	$zone_cfg->{ids}->{$id} = $opts;
a2b32a94 AD	226	$plugin->on_update_hook($id, $zone_cfg, $controller_cfg);
4140be9e	227
a2b32a94	228	PVE::Network::SDN::Zones::write_config($zone_cfg);
4140be9e AD	229
	230	}, "create sdn zone object failed");
	231
	232	return undef;
	233	}});
	234
4140be9e AD	235	__PACKAGE__->register_method ({
	236	name => 'update',
	237	protected => 1,
	238	path => '{zone}',
	239	method => 'PUT',
	240	description => "Update sdn zone object configuration.",
3551b612 AD	241	permissions => {
	242	check => ['perm', '/sdn/zones', ['SDN.Allocate']],
	243	},
4140be9e AD	244	parameters => PVE::Network::SDN::Zones::Plugin->updateSchema(),
	245	returns => { type => 'null' },
	246	code => sub {
	247	my ($param) = @_;
	248
	249	my $id = extract_param($param, 'zone');
	250	my $digest = extract_param($param, 'digest');
	251
f9bc9640	252	PVE::Network::SDN::lock_sdn_config(
4140be9e AD	253	sub {
4140be9e AD	254
a2b32a94 AD	255	my $zone_cfg = PVE::Network::SDN::Zones::config();
a2b32a94 AD	256	my $controller_cfg = PVE::Network::SDN::Controllers::config();
4ad78442	257	my $dns_cfg = PVE::Network::SDN::Dns::config();
4140be9e	258
a2b32a94	259	PVE::SectionConfig::assert_if_modified($zone_cfg, $digest);
4140be9e	260
a2b32a94	261	my $scfg = PVE::Network::SDN::Zones::sdn_zones_config($zone_cfg, $id);
4140be9e AD	262
	263	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($scfg->{type});
	264	my $opts = $plugin->check_config($id, $param, 0, 1);
	265
	266	foreach my $k (%$opts) {
	267	$scfg->{$k} = $opts->{$k};
	268	}
	269
4ad78442 AD	270	my $dnsserver = $opts->{dns};
	271	my $reversednsserver = $opts->{reversedns};
	272	my $dnszone = $opts->{dnszone};
	273	raise_param_exc({ dns => "$dnsserver don't exist"}) if $dnsserver && !$dns_cfg->{ids}->{$dnsserver};
	274	raise_param_exc({ reversedns => "$reversednsserver don't exist"}) if $reversednsserver && !$dns_cfg->{ids}->{$reversednsserver};
	275	raise_param_exc({ dnszone => "missing dns server"}) if $dnszone && !$dnsserver;
	276
331e2330 AD	277	my $ipam = $opts->{ipam};
	278	my $ipam_cfg = PVE::Network::SDN::Ipams::config();
	279	raise_param_exc({ ipam => "$ipam not existing"}) if $ipam && !$ipam_cfg->{ids}->{$ipam};
	280
a2b32a94	281	$plugin->on_update_hook($id, $zone_cfg, $controller_cfg);
4140be9e	282
a2b32a94	283	PVE::Network::SDN::Zones::write_config($zone_cfg);
4140be9e AD	284
	285	}, "update sdn zone object failed");
	286
	287	return undef;
	288	}});
	289
	290	__PACKAGE__->register_method ({
	291	name => 'delete',
	292	protected => 1,
	293	path => '{zone}',
	294	method => 'DELETE',
	295	description => "Delete sdn zone object configuration.",
3551b612 AD	296	permissions => {
	297	check => ['perm', '/sdn/zones', ['SDN.Allocate']],
	298	},
4140be9e AD	299	parameters => {
	300	additionalProperties => 0,
	301	properties => {
	302	zone => get_standard_option('pve-sdn-zone-id', {
	303	completion => \&PVE::Network::SDN::Zones::complete_sdn_zones,
	304	}),
	305	},
	306	},
	307	returns => { type => 'null' },
	308	code => sub {
	309	my ($param) = @_;
	310
	311	my $id = extract_param($param, 'zone');
	312
f9bc9640	313	PVE::Network::SDN::lock_sdn_config(
4140be9e AD	314	sub {
	315
	316	my $cfg = PVE::Network::SDN::Zones::config();
	317
	318	my $scfg = PVE::Network::SDN::Zones::sdn_zones_config($cfg, $id);
	319
	320	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($scfg->{type});
	321
	322	my $vnet_cfg = PVE::Network::SDN::Vnets::config();
	323
	324	$plugin->on_delete_hook($id, $vnet_cfg);
	325
	326	delete $cfg->{ids}->{$id};
	327	PVE::Network::SDN::Zones::write_config($cfg);
	328
	329	}, "delete sdn zone object failed");
	330
	331
	332	return undef;
	333	}});
	334
	335	1;