[pve-network.git] / PVE / Network / SDN / SubnetPlugin.pm

package PVE::Network::SDN::SubnetPlugin;

use strict;
use warnings;

use Net::IP;
use Net::Subnet qw(subnet_matcher);

use PVE::Cluster qw(cfs_read_file cfs_write_file cfs_lock_file);
use PVE::Exception qw(raise raise_param_exc);
use PVE::JSONSchema qw(get_standard_option);
use PVE::Network::SDN::Ipams;
use PVE::Network::SDN::Vnets;

use base qw(PVE::SectionConfig);

PVE::Cluster::cfs_register_file('sdn/subnets.cfg',
                                 sub { __PACKAGE__->parse_config(@_); },
                                 sub { __PACKAGE__->write_config(@_); });

PVE::JSONSchema::register_standard_option('pve-sdn-subnet-id', {
    description => "The SDN subnet object identifier.",
    type => 'string', format => 'pve-sdn-subnet-id',
    type => 'string'
});

PVE::JSONSchema::register_format('pve-sdn-subnet-id', \&parse_sdn_subnet_id);
sub parse_sdn_subnet_id {
    my ($id, $noerr) = @_;

    my $cidr = "";
    if($id =~ /\//) {
	$cidr = $id;
    } else {
	my ($zone, $ip, $mask) = split(/-/, $id);
	$cidr = "$ip/$mask";
    }

    if (!(PVE::JSONSchema::pve_verify_cidrv4($cidr, 1) ||
          PVE::JSONSchema::pve_verify_cidrv6($cidr, 1)))
    {
        return undef if $noerr;
        die "value does not look like a valid CIDR network\n";
    }
    return $id;
}

my $defaultData = {

    propertyList => {
        subnet => get_standard_option('pve-sdn-subnet-id',
            { completion => \&PVE::Network::SDN::Subnets::complete_sdn_subnet }),
    },
};

sub type {
    return 'subnet';
}

sub private {
    return $defaultData;
}

sub properties {
    return {
        vnet => {
            type => 'string',
            description => "associated vnet",
        },
        gateway => {
            type => 'string', format => 'ip',
            description => "Subnet Gateway: Will be assign on vnet for layer3 zones",
        },
        snat => {
            type => 'boolean',
            description => "enable masquerade for this subnet if pve-firewall",
        },
#	#cloudinit, dhcp options
#        routes => {
#            type => 'string',
#            description => "static routes [network=<network>:gateway=<ip>,network=<network>:gateway=<ip>,... ]",
#        },
        dnszoneprefix => {
            type => 'string', format => 'dns-name',
            description => "dns domain zone prefix  ex: 'adm' -> <hostname>.adm.mydomain.com",
        },
    };
}

sub options {
    return {
	vnet => { optional => 0 },
	gateway => { optional => 1 },
#	routes => { optional => 1 },
	snat => { optional => 1 },
	dnszoneprefix => { optional => 1 },
    };
}

sub on_update_hook {
    my ($class, $zone, $subnetid, $subnet, $old_subnet) = @_;

    my $cidr = $subnet->{cidr};
    my $mask = $subnet->{mask};

    my $subnet_matcher = subnet_matcher($cidr);

    my $vnetid = $subnet->{vnet};
    my $gateway = $subnet->{gateway};
    my $ipam = $zone->{ipam};
    my $dns = $zone->{dns};
    my $dnszone = $zone->{dnszone};
    my $reversedns = $zone->{reversedns};

    my $old_gateway = $old_subnet->{gateway} if $old_subnet;
    my $mac = undef;

    if($vnetid) {
	my $vnet = PVE::Network::SDN::Vnets::get_vnet($vnetid);
	raise_param_exc({ vnet => "$vnetid don't exist"}) if !$vnet;
	raise_param_exc({ vnet => "you can't add a subnet on a vlanaware vnet"}) if $vnet->{vlanaware};
	$mac = $vnet->{mac};
    }

    my $pointopoint = 1 if Net::IP::ip_is_ipv4($gateway) && $mask == 32;

    #for /32 pointopoint, we allow gateway outside the subnet
    raise_param_exc({ gateway => "$gateway is not in subnet $cidr"}) if $gateway && !$subnet_matcher->($gateway) && !$pointopoint;


    if ($ipam) {
	my $ipam_cfg = PVE::Network::SDN::Ipams::config();
	my $plugin_config = $ipam_cfg->{ids}->{$ipam};
	my $plugin = PVE::Network::SDN::Ipams::Plugin->lookup($plugin_config->{type});
	$plugin->add_subnet($plugin_config, $subnetid, $subnet);

	#don't register gateway for pointopoint
	return if $pointopoint;

	#delete gateway on removal
	if (!defined($gateway) && $old_gateway) {
	    eval {
		PVE::Network::SDN::Subnets::del_ip($zone, $subnetid, $old_subnet, $old_gateway);
	    };
	    warn if $@;
	}
        if(!$old_gateway || $gateway && $gateway ne $old_gateway) {
	    my $hostname = "$vnetid-gw";
	    my $description = "$vnetid gw";
	    PVE::Network::SDN::Subnets::add_ip($zone, $subnetid, $subnet, $gateway, $hostname, $mac, $description, 1);
	}

	#delete old gateway after update
	if($gateway && $old_gateway && $gateway ne $old_gateway) {
	    eval {
		PVE::Network::SDN::Subnets::del_ip($zone, $subnetid, $old_subnet, $old_gateway);
	    };
	    warn if $@;
	}
    }
}

sub on_delete_hook {
    my ($class, $subnetid, $subnet_cfg, $vnet_cfg) = @_;

    return;
}

1;
Commit	Line	Data
c33dd818 AD	1	package PVE::Network::SDN::SubnetPlugin;
	2
	3	use strict;
	4	use warnings;
	5
d1ab9bdb TL	6	use Net::IP;
	7	use Net::Subnet qw(subnet_matcher);
	8
c33dd818	9	use PVE::Cluster qw(cfs_read_file cfs_write_file cfs_lock_file);
c33dd818	10	use PVE::Exception qw(raise raise_param_exc);
d1ab9bdb	11	use PVE::JSONSchema qw(get_standard_option);
e612faf6	12	use PVE::Network::SDN::Ipams;
d1ab9bdb TL	13	use PVE::Network::SDN::Vnets;
	14
	15	use base qw(PVE::SectionConfig);
c33dd818 AD	16
	17	PVE::Cluster::cfs_register_file('sdn/subnets.cfg',
	18	sub { __PACKAGE__->parse_config(@_); },
	19	sub { __PACKAGE__->write_config(@_); });
	20
	21	PVE::JSONSchema::register_standard_option('pve-sdn-subnet-id', {
	22	description => "The SDN subnet object identifier.",
	23	type => 'string', format => 'pve-sdn-subnet-id',
	24	type => 'string'
	25	});
	26
	27	PVE::JSONSchema::register_format('pve-sdn-subnet-id', \&parse_sdn_subnet_id);
	28	sub parse_sdn_subnet_id {
	29	my ($id, $noerr) = @_;
	30
e8736dac AD	31	my $cidr = "";
	32	if($id =~ /\//) {
	33	$cidr = $id;
	34	} else {
	35	my ($zone, $ip, $mask) = split(/-/, $id);
	36	$cidr = "$ip/$mask";
	37	}
c33dd818 AD	38
	39	if (!(PVE::JSONSchema::pve_verify_cidrv4($cidr, 1) \|\|
	40	PVE::JSONSchema::pve_verify_cidrv6($cidr, 1)))
	41	{
	42	return undef if $noerr;
	43	die "value does not look like a valid CIDR network\n";
	44	}
	45	return $id;
	46	}
	47
	48	my $defaultData = {
	49
	50	propertyList => {
	51	subnet => get_standard_option('pve-sdn-subnet-id',
	52	{ completion => \&PVE::Network::SDN::Subnets::complete_sdn_subnet }),
	53	},
	54	};
	55
	56	sub type {
	57	return 'subnet';
	58	}
	59
	60	sub private {
	61	return $defaultData;
	62	}
	63
	64	sub properties {
	65	return {
e612faf6 AD	66	vnet => {
	67	type => 'string',
	68	description => "associated vnet",
	69	},
c33dd818 AD	70	gateway => {
	71	type => 'string', format => 'ip',
	72	description => "Subnet Gateway: Will be assign on vnet for layer3 zones",
	73	},
	74	snat => {
	75	type => 'boolean',
	76	description => "enable masquerade for this subnet if pve-firewall",
	77	},
f6f2aa16 AD	78	# #cloudinit, dhcp options
	79	# routes => {
	80	# type => 'string',
	81	# description => "static routes [network=<network>:gateway=<ip>,network=<network>:gateway=<ip>,... ]",
	82	# },
ee4f339e	83	dnszoneprefix => {
f6f2aa16	84	type => 'string', format => 'dns-name',
ee4f339e	85	description => "dns domain zone prefix ex: 'adm' -> <hostname>.adm.mydomain.com",
c33dd818	86	},
c33dd818 AD	87	};
	88	}
	89
	90	sub options {
	91	return {
3926d9a7	92	vnet => { optional => 0 },
c33dd818	93	gateway => { optional => 1 },
f6f2aa16	94	# routes => { optional => 1 },
c33dd818	95	snat => { optional => 1 },
ee4f339e	96	dnszoneprefix => { optional => 1 },
c33dd818 AD	97	};
	98	}
	99
	100	sub on_update_hook {
4ad78442	101	my ($class, $zone, $subnetid, $subnet, $old_subnet) = @_;
c33dd818	102
e8736dac AD	103	my $cidr = $subnet->{cidr};
	104	my $mask = $subnet->{mask};
	105
ee4f339e AD	106	my $subnet_matcher = subnet_matcher($cidr);
ee4f339e AD	107
e612faf6	108	my $vnetid = $subnet->{vnet};
ee4f339e	109	my $gateway = $subnet->{gateway};
331e2330	110	my $ipam = $zone->{ipam};
4ad78442 AD	111	my $dns = $zone->{dns};
	112	my $dnszone = $zone->{dnszone};
	113	my $reversedns = $zone->{reversedns};
ee4f339e	114
e612faf6	115	my $old_gateway = $old_subnet->{gateway} if $old_subnet;
e9365ab0	116	my $mac = undef;
e612faf6 AD	117
	118	if($vnetid) {
	119	my $vnet = PVE::Network::SDN::Vnets::get_vnet($vnetid);
	120	raise_param_exc({ vnet => "$vnetid don't exist"}) if !$vnet;
7416e82d	121	raise_param_exc({ vnet => "you can't add a subnet on a vlanaware vnet"}) if $vnet->{vlanaware};
e9365ab0	122	$mac = $vnet->{mac};
e612faf6 AD	123	}
e612faf6 AD	124
e8736dac AD	125	my $pointopoint = 1 if Net::IP::ip_is_ipv4($gateway) && $mask == 32;
e8736dac AD	126
e612faf6	127	#for /32 pointopoint, we allow gateway outside the subnet
e8736dac AD	128	raise_param_exc({ gateway => "$gateway is not in subnet $cidr"}) if $gateway && !$subnet_matcher->($gateway) && !$pointopoint;
e8736dac AD	129
70b03506	130
e612faf6 AD	131	if ($ipam) {
	132	my $ipam_cfg = PVE::Network::SDN::Ipams::config();
	133	my $plugin_config = $ipam_cfg->{ids}->{$ipam};
e612faf6 AD	134	my $plugin = PVE::Network::SDN::Ipams::Plugin->lookup($plugin_config->{type});
	135	$plugin->add_subnet($plugin_config, $subnetid, $subnet);
	136
e8736dac AD	137	#don't register gateway for pointopoint
	138	return if $pointopoint;
	139
	140	#delete gateway on removal
e612faf6 AD	141	if (!defined($gateway) && $old_gateway) {
e612faf6 AD	142	eval {
4ad78442	143	PVE::Network::SDN::Subnets::del_ip($zone, $subnetid, $old_subnet, $old_gateway);
e612faf6 AD	144	};
	145	warn if $@;
	146	}
	147	if(!$old_gateway \|\| $gateway && $gateway ne $old_gateway) {
ceb972a9 AD	148	my $hostname = "$vnetid-gw";
ceb972a9 AD	149	my $description = "$vnetid gw";
e9365ab0	150	PVE::Network::SDN::Subnets::add_ip($zone, $subnetid, $subnet, $gateway, $hostname, $mac, $description, 1);
e612faf6 AD	151	}
e612faf6 AD	152
e8736dac	153	#delete old gateway after update
e612faf6 AD	154	if($gateway && $old_gateway && $gateway ne $old_gateway) {
e612faf6 AD	155	eval {
4ad78442	156	PVE::Network::SDN::Subnets::del_ip($zone, $subnetid, $old_subnet, $old_gateway);
e612faf6 AD	157	};
	158	warn if $@;
	159	}
	160	}
c33dd818 AD	161	}
c33dd818 AD	162
58a7773a AD	163	sub on_delete_hook {
	164	my ($class, $subnetid, $subnet_cfg, $vnet_cfg) = @_;
	165
58a7773a AD	166	return;
	167	}
	168
c33dd818	169	1;