[pve-network.git] / PVE / API2 / Network / SDN / Zones.pm

package PVE::API2::Network::SDN::Zones;

use strict;
use warnings;

use PVE::SafeSyslog;
use PVE::Tools qw(extract_param);
use PVE::Cluster qw(cfs_read_file cfs_write_file);
use PVE::Network::SDN::Vnets;
use PVE::Network::SDN::Zones;
use PVE::Network::SDN::Zones::Plugin;
use PVE::Network::SDN::Zones::VlanPlugin;
use PVE::Network::SDN::Zones::QinQPlugin;
use PVE::Network::SDN::Zones::VxlanPlugin;
use PVE::Network::SDN::Zones::EvpnPlugin;
use PVE::Network::SDN::Zones::FaucetPlugin;

use Storable qw(dclone);
use PVE::JSONSchema qw(get_standard_option);
use PVE::RPCEnvironment;

use PVE::RESTHandler;

use base qw(PVE::RESTHandler);

my $sdn_zones_type_enum = PVE::Network::SDN::Zones::Plugin->lookup_types();

my $api_sdn_zones_config = sub {
    my ($cfg, $id) = @_;

    my $scfg = dclone(PVE::Network::SDN::Zones::sdn_zones_config($cfg, $id));
    $scfg->{zone} = $id;
    $scfg->{digest} = $cfg->{digest};

    if ($scfg->{nodes}) {
        $scfg->{nodes} = PVE::Storage::Plugin->encode_value($scfg->{type}, 'nodes', $scfg->{nodes});
    }

    return $scfg;
};

__PACKAGE__->register_method ({
    name => 'index',
    path => '',
    method => 'GET',
    description => "SDN zones index.",
    permissions => {
	description => "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/zones/<zone>'",
	user => 'all',
    },
    parameters => {
    	additionalProperties => 0,
	properties => {
	    type => {
		description => "Only list sdn zones of specific type",
		type => 'string',
		enum => $sdn_zones_type_enum,
		optional => 1,
	    },
	},
    },
    returns => {
	type => 'array',
	items => {
	    type => "object",
	    properties => { zone => { type => 'string'}, 
			    type => { type => 'string'},
			  },
	},
	links => [ { rel => 'child', href => "{zone}" } ],
    },
    code => sub {
	my ($param) = @_;

	my $rpcenv = PVE::RPCEnvironment::get();
	my $authuser = $rpcenv->get_user();


	my $cfg = PVE::Network::SDN::Zones::config();

	my @sids = PVE::Network::SDN::Zones::sdn_zones_ids($cfg);
	my $res = [];
	foreach my $id (@sids) {
	    my $privs = [ 'SDN.Audit', 'SDN.Allocate' ];
	    next if !$rpcenv->check_any($authuser, "/sdn/zones/$id", $privs, 1);

	    my $scfg = &$api_sdn_zones_config($cfg, $id);
	    next if $param->{type} && $param->{type} ne $scfg->{type};

	    my $plugin_config = $cfg->{ids}->{$id};
	    my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
	    push @$res, $scfg;
	}

	return $res;
    }});

__PACKAGE__->register_method ({
    name => 'read',
    path => '{zone}',
    method => 'GET',
    description => "Read sdn zone configuration.",
    permissions => {
	check => ['perm', '/sdn/zones/{zone}', ['SDN.Allocate']],
   },

    parameters => {
    	additionalProperties => 0,
	properties => {
	    zone => get_standard_option('pve-sdn-zone-id'),
	},
    },
    returns => { type => 'object' },
    code => sub {
	my ($param) = @_;

	my $cfg = PVE::Network::SDN::Zones::config();

	return &$api_sdn_zones_config($cfg, $param->{zone});
    }});

__PACKAGE__->register_method ({
    name => 'create',
    protected => 1,
    path => '',
    method => 'POST',
    description => "Create a new sdn zone object.",
    permissions => {
	check => ['perm', '/sdn/zones', ['SDN.Allocate']],
    },
    parameters => PVE::Network::SDN::Zones::Plugin->createSchema(),
    returns => { type => 'null' },
    code => sub {
	my ($param) = @_;

	my $type = extract_param($param, 'type');
	my $id = extract_param($param, 'zone');

	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($type);
	my $opts = $plugin->check_config($id, $param, 1, 1);

        # create /etc/pve/sdn directory
        PVE::Cluster::check_cfs_quorum();
        mkdir("/etc/pve/sdn");

        PVE::Network::SDN::Zones::lock_sdn_zones_config(
	    sub {

		my $zone_cfg = PVE::Network::SDN::Zones::config();
		my $controller_cfg = PVE::Network::SDN::Controllers::config();

		my $scfg = undef;
		if ($scfg = PVE::Network::SDN::Zones::sdn_zones_config($zone_cfg, $id, 1)) {
		    die "sdn zone object ID '$id' already defined\n";
		}

		$zone_cfg->{ids}->{$id} = $opts;
		$plugin->on_update_hook($id, $zone_cfg, $controller_cfg);

		PVE::Network::SDN::Zones::write_config($zone_cfg);

	    }, "create sdn zone object failed");

	return undef;
    }});

__PACKAGE__->register_method ({
    name => 'revert_configuration',
    protected => 1,
    path => '',
    method => 'DELETE',
    description => "Revert sdn zone changes.",
    permissions => {
	check => ['perm', '/sdn/zones', ['SDN.Allocate']],
    },
    parameters => {
	additionalProperties => 0,
    },
    returns => { type => 'null' },
    code => sub {
	my ($param) = @_;

	die "no sdn zones changes to revert" if !-e "/etc/pve/sdn/zones.cfg.new";
	unlink "/etc/pve/sdn/zones.cfg.new";

	return undef;
    }});

__PACKAGE__->register_method ({
    name => 'update',
    protected => 1,
    path => '{zone}',
    method => 'PUT',
    description => "Update sdn zone object configuration.",
    permissions => {
	check => ['perm', '/sdn/zones', ['SDN.Allocate']],
    },
    parameters => PVE::Network::SDN::Zones::Plugin->updateSchema(),
    returns => { type => 'null' },
    code => sub {
	my ($param) = @_;

	my $id = extract_param($param, 'zone');
	my $digest = extract_param($param, 'digest');

        PVE::Network::SDN::Zones::lock_sdn_zones_config(
	 sub {

	    my $zone_cfg = PVE::Network::SDN::Zones::config();
	    my $controller_cfg = PVE::Network::SDN::Controllers::config();

	    PVE::SectionConfig::assert_if_modified($zone_cfg, $digest);

	    my $scfg = PVE::Network::SDN::Zones::sdn_zones_config($zone_cfg, $id);

	    my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($scfg->{type});
	    my $opts = $plugin->check_config($id, $param, 0, 1);

	    foreach my $k (%$opts) {
		$scfg->{$k} = $opts->{$k};
	    }

	    $plugin->on_update_hook($id, $zone_cfg, $controller_cfg);

	    PVE::Network::SDN::Zones::write_config($zone_cfg);

	    }, "update sdn zone object failed");

	return undef;
    }});

__PACKAGE__->register_method ({
    name => 'delete',
    protected => 1,
    path => '{zone}',
    method => 'DELETE',
    description => "Delete sdn zone object configuration.",
    permissions => {
	check => ['perm', '/sdn/zones', ['SDN.Allocate']],
    },
    parameters => {
    	additionalProperties => 0,
	properties => {
	    zone => get_standard_option('pve-sdn-zone-id', {
                completion => \&PVE::Network::SDN::Zones::complete_sdn_zones,
            }),
	},
    },
    returns => { type => 'null' },
    code => sub {
	my ($param) = @_;

	my $id = extract_param($param, 'zone');

        PVE::Network::SDN::Zones::lock_sdn_zones_config(
	    sub {

		my $cfg = PVE::Network::SDN::Zones::config();

		my $scfg = PVE::Network::SDN::Zones::sdn_zones_config($cfg, $id);

		my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($scfg->{type});

		my $vnet_cfg = PVE::Network::SDN::Vnets::config();

		$plugin->on_delete_hook($id, $vnet_cfg);

		delete $cfg->{ids}->{$id};
		PVE::Network::SDN::Zones::write_config($cfg);

	    }, "delete sdn zone object failed");


	return undef;
    }});

1;
Commit	Line	Data
4140be9e AD	1	package PVE::API2::Network::SDN::Zones;
	2
	3	use strict;
	4	use warnings;
	5
	6	use PVE::SafeSyslog;
	7	use PVE::Tools qw(extract_param);
	8	use PVE::Cluster qw(cfs_read_file cfs_write_file);
	9	use PVE::Network::SDN::Vnets;
	10	use PVE::Network::SDN::Zones;
	11	use PVE::Network::SDN::Zones::Plugin;
	12	use PVE::Network::SDN::Zones::VlanPlugin;
	13	use PVE::Network::SDN::Zones::QinQPlugin;
	14	use PVE::Network::SDN::Zones::VxlanPlugin;
	15	use PVE::Network::SDN::Zones::EvpnPlugin;
	16	use PVE::Network::SDN::Zones::FaucetPlugin;
	17
	18	use Storable qw(dclone);
	19	use PVE::JSONSchema qw(get_standard_option);
	20	use PVE::RPCEnvironment;
	21
	22	use PVE::RESTHandler;
	23
	24	use base qw(PVE::RESTHandler);
	25
	26	my $sdn_zones_type_enum = PVE::Network::SDN::Zones::Plugin->lookup_types();
	27
	28	my $api_sdn_zones_config = sub {
	29	my ($cfg, $id) = @_;
	30
	31	my $scfg = dclone(PVE::Network::SDN::Zones::sdn_zones_config($cfg, $id));
	32	$scfg->{zone} = $id;
	33	$scfg->{digest} = $cfg->{digest};
	34
c2b9c173 AD	35	if ($scfg->{nodes}) {
	36	$scfg->{nodes} = PVE::Storage::Plugin->encode_value($scfg->{type}, 'nodes', $scfg->{nodes});
	37	}
	38
4140be9e AD	39	return $scfg;
	40	};
	41
	42	__PACKAGE__->register_method ({
	43	name => 'index',
	44	path => '',
	45	method => 'GET',
	46	description => "SDN zones index.",
	47	permissions => {
3551b612	48	description => "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/zones/<zone>'",
4140be9e AD	49	user => 'all',
	50	},
	51	parameters => {
	52	additionalProperties => 0,
	53	properties => {
	54	type => {
	55	description => "Only list sdn zones of specific type",
	56	type => 'string',
	57	enum => $sdn_zones_type_enum,
	58	optional => 1,
	59	},
	60	},
	61	},
	62	returns => {
	63	type => 'array',
	64	items => {
	65	type => "object",
	66	properties => { zone => { type => 'string'},
	67	type => { type => 'string'},
	68	},
	69	},
	70	links => [ { rel => 'child', href => "{zone}" } ],
	71	},
	72	code => sub {
	73	my ($param) = @_;
	74
	75	my $rpcenv = PVE::RPCEnvironment::get();
	76	my $authuser = $rpcenv->get_user();
	77
	78
	79	my $cfg = PVE::Network::SDN::Zones::config();
	80
	81	my @sids = PVE::Network::SDN::Zones::sdn_zones_ids($cfg);
	82	my $res = [];
	83	foreach my $id (@sids) {
3551b612 AD	84	my $privs = [ 'SDN.Audit', 'SDN.Allocate' ];
3551b612 AD	85	next if !$rpcenv->check_any($authuser, "/sdn/zones/$id", $privs, 1);
4140be9e AD	86
	87	my $scfg = &$api_sdn_zones_config($cfg, $id);
	88	next if $param->{type} && $param->{type} ne $scfg->{type};
	89
	90	my $plugin_config = $cfg->{ids}->{$id};
	91	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
	92	push @$res, $scfg;
	93	}
	94
	95	return $res;
	96	}});
	97
	98	__PACKAGE__->register_method ({
	99	name => 'read',
	100	path => '{zone}',
	101	method => 'GET',
	102	description => "Read sdn zone configuration.",
3551b612 AD	103	permissions => {
	104	check => ['perm', '/sdn/zones/{zone}', ['SDN.Allocate']],
	105	},
4140be9e AD	106
	107	parameters => {
	108	additionalProperties => 0,
	109	properties => {
	110	zone => get_standard_option('pve-sdn-zone-id'),
	111	},
	112	},
	113	returns => { type => 'object' },
	114	code => sub {
	115	my ($param) = @_;
	116
	117	my $cfg = PVE::Network::SDN::Zones::config();
	118
	119	return &$api_sdn_zones_config($cfg, $param->{zone});
	120	}});
	121
	122	__PACKAGE__->register_method ({
	123	name => 'create',
	124	protected => 1,
	125	path => '',
	126	method => 'POST',
	127	description => "Create a new sdn zone object.",
3551b612 AD	128	permissions => {
	129	check => ['perm', '/sdn/zones', ['SDN.Allocate']],
	130	},
4140be9e AD	131	parameters => PVE::Network::SDN::Zones::Plugin->createSchema(),
	132	returns => { type => 'null' },
	133	code => sub {
	134	my ($param) = @_;
	135
	136	my $type = extract_param($param, 'type');
	137	my $id = extract_param($param, 'zone');
	138
	139	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($type);
	140	my $opts = $plugin->check_config($id, $param, 1, 1);
	141
45c3f15c AD	142	# create /etc/pve/sdn directory
	143	PVE::Cluster::check_cfs_quorum();
	144	mkdir("/etc/pve/sdn");
	145
4140be9e AD	146	PVE::Network::SDN::Zones::lock_sdn_zones_config(
	147	sub {
	148
a2b32a94 AD	149	my $zone_cfg = PVE::Network::SDN::Zones::config();
a2b32a94 AD	150	my $controller_cfg = PVE::Network::SDN::Controllers::config();
4140be9e AD	151
4140be9e AD	152	my $scfg = undef;
a2b32a94	153	if ($scfg = PVE::Network::SDN::Zones::sdn_zones_config($zone_cfg, $id, 1)) {
4140be9e AD	154	die "sdn zone object ID '$id' already defined\n";
	155	}
	156
a2b32a94 AD	157	$zone_cfg->{ids}->{$id} = $opts;
a2b32a94 AD	158	$plugin->on_update_hook($id, $zone_cfg, $controller_cfg);
4140be9e	159
a2b32a94	160	PVE::Network::SDN::Zones::write_config($zone_cfg);
4140be9e AD	161
	162	}, "create sdn zone object failed");
	163
	164	return undef;
	165	}});
	166
4140be9e AD	167	__PACKAGE__->register_method ({
	168	name => 'revert_configuration',
	169	protected => 1,
	170	path => '',
	171	method => 'DELETE',
	172	description => "Revert sdn zone changes.",
3551b612 AD	173	permissions => {
	174	check => ['perm', '/sdn/zones', ['SDN.Allocate']],
	175	},
4140be9e AD	176	parameters => {
	177	additionalProperties => 0,
	178	},
	179	returns => { type => 'null' },
	180	code => sub {
	181	my ($param) = @_;
	182
	183	die "no sdn zones changes to revert" if !-e "/etc/pve/sdn/zones.cfg.new";
	184	unlink "/etc/pve/sdn/zones.cfg.new";
	185
	186	return undef;
	187	}});
	188
	189	__PACKAGE__->register_method ({
	190	name => 'update',
	191	protected => 1,
	192	path => '{zone}',
	193	method => 'PUT',
	194	description => "Update sdn zone object configuration.",
3551b612 AD	195	permissions => {
	196	check => ['perm', '/sdn/zones', ['SDN.Allocate']],
	197	},
4140be9e AD	198	parameters => PVE::Network::SDN::Zones::Plugin->updateSchema(),
	199	returns => { type => 'null' },
	200	code => sub {
	201	my ($param) = @_;
	202
	203	my $id = extract_param($param, 'zone');
	204	my $digest = extract_param($param, 'digest');
	205
	206	PVE::Network::SDN::Zones::lock_sdn_zones_config(
	207	sub {
	208
a2b32a94 AD	209	my $zone_cfg = PVE::Network::SDN::Zones::config();
a2b32a94 AD	210	my $controller_cfg = PVE::Network::SDN::Controllers::config();
4140be9e	211
a2b32a94	212	PVE::SectionConfig::assert_if_modified($zone_cfg, $digest);
4140be9e	213
a2b32a94	214	my $scfg = PVE::Network::SDN::Zones::sdn_zones_config($zone_cfg, $id);
4140be9e AD	215
	216	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($scfg->{type});
	217	my $opts = $plugin->check_config($id, $param, 0, 1);
	218
	219	foreach my $k (%$opts) {
	220	$scfg->{$k} = $opts->{$k};
	221	}
	222
a2b32a94	223	$plugin->on_update_hook($id, $zone_cfg, $controller_cfg);
4140be9e	224
a2b32a94	225	PVE::Network::SDN::Zones::write_config($zone_cfg);
4140be9e AD	226
	227	}, "update sdn zone object failed");
	228
	229	return undef;
	230	}});
	231
	232	__PACKAGE__->register_method ({
	233	name => 'delete',
	234	protected => 1,
	235	path => '{zone}',
	236	method => 'DELETE',
	237	description => "Delete sdn zone object configuration.",
3551b612 AD	238	permissions => {
	239	check => ['perm', '/sdn/zones', ['SDN.Allocate']],
	240	},
4140be9e AD	241	parameters => {
	242	additionalProperties => 0,
	243	properties => {
	244	zone => get_standard_option('pve-sdn-zone-id', {
	245	completion => \&PVE::Network::SDN::Zones::complete_sdn_zones,
	246	}),
	247	},
	248	},
	249	returns => { type => 'null' },
	250	code => sub {
	251	my ($param) = @_;
	252
	253	my $id = extract_param($param, 'zone');
	254
	255	PVE::Network::SDN::Zones::lock_sdn_zones_config(
	256	sub {
	257
	258	my $cfg = PVE::Network::SDN::Zones::config();
	259
	260	my $scfg = PVE::Network::SDN::Zones::sdn_zones_config($cfg, $id);
	261
	262	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($scfg->{type});
	263
	264	my $vnet_cfg = PVE::Network::SDN::Vnets::config();
	265
	266	$plugin->on_delete_hook($id, $vnet_cfg);
	267
	268	delete $cfg->{ids}->{$id};
	269	PVE::Network::SDN::Zones::write_config($cfg);
	270
	271	}, "delete sdn zone object failed");
	272
	273
	274	return undef;
	275	}});
	276
	277	1;