[pve-network.git] / PVE / Network / SDN / Zones.pm

package PVE::Network::SDN::Zones;

use strict;
use warnings;

use Data::Dumper;
use JSON;

use PVE::Tools qw(extract_param dir_glob_regex run_command);
use PVE::Cluster qw(cfs_read_file cfs_write_file cfs_lock_file);
use PVE::Network;

use PVE::Network::SDN::Vnets;
use PVE::Network::SDN::Zones::VlanPlugin;
use PVE::Network::SDN::Zones::QinQPlugin;
use PVE::Network::SDN::Zones::VxlanPlugin;
use PVE::Network::SDN::Zones::EvpnPlugin;
use PVE::Network::SDN::Zones::FaucetPlugin;
use PVE::Network::SDN::Zones::SimplePlugin;
use PVE::Network::SDN::Zones::Plugin;

PVE::Network::SDN::Zones::VlanPlugin->register();
PVE::Network::SDN::Zones::QinQPlugin->register();
PVE::Network::SDN::Zones::VxlanPlugin->register();
PVE::Network::SDN::Zones::EvpnPlugin->register();
PVE::Network::SDN::Zones::FaucetPlugin->register();
PVE::Network::SDN::Zones::SimplePlugin->register();
PVE::Network::SDN::Zones::Plugin->init();

my $local_network_sdn_file = "/etc/network/interfaces.d/sdn";

sub sdn_zones_config {
    my ($cfg, $id, $noerr) = @_;

    die "no sdn zone ID specified\n" if !$id;

    my $scfg = $cfg->{ids}->{$id};
    die "sdn '$id' does not exist\n" if (!$noerr && !$scfg);

    return $scfg;
}

sub config {
    my $config = cfs_read_file("sdn/zones.cfg");
    return $config;
}

sub get_plugin_config {
    my ($vnet) = @_;
    my $zoneid = $vnet->{zone};
    my $zone_cfg = PVE::Network::SDN::Zones::config();
    return $zone_cfg->{ids}->{$zoneid};
}

sub write_config {
    my ($cfg) = @_;

    cfs_write_file("sdn/zones.cfg", $cfg);
}

sub sdn_zones_ids {
    my ($cfg) = @_;

    return keys %{$cfg->{ids}};
}

sub complete_sdn_zone {
    my ($cmdname, $pname, $cvalue) = @_;

    my $cfg = PVE::Network::SDN::config();

    return  $cmdname eq 'add' ? [] : [ PVE::Network::SDN::sdn_zones_ids($cfg) ];
}

sub get_zone {
    my ($zoneid, $running) = @_;

    my $cfg = {};
    if($running) {
        my $cfg = PVE::Network::SDN::config();
        $cfg = $cfg->{vnets};
    } else {
        $cfg = PVE::Network::SDN::Zones::config();
    }

    my $zone = PVE::Network::SDN::Zones::sdn_zones_config($cfg, $zoneid, 1);

    return $zone;
}


sub generate_etc_network_config {

    my $cfg = PVE::Network::SDN::config();

    my $version = $cfg->{version};
    my $vnet_cfg = $cfg->{vnets};
    my $zone_cfg = $cfg->{zones};
    my $subnet_cfg = $cfg->{subnets};
    my $controller_cfg = $cfg->{controllers};
    return if !$vnet_cfg && !$zone_cfg;

    my $interfaces_config = PVE::INotify::read_file('interfaces');

    #generate configuration
    my $config = {};
    my $nodename = PVE::INotify::nodename();

    for my $id (sort keys %{$vnet_cfg->{ids}}) {
	my $vnet = $vnet_cfg->{ids}->{$id};
	my $zone = $vnet->{zone};

	if (!$zone) {
	    warn "can't generate vnet '$id': no zone assigned!\n";
	    next;
	}

	my $plugin_config = $zone_cfg->{ids}->{$zone};

	if (!defined($plugin_config)) {
	    warn "can't generate vnet '$id': zone $zone don't exist\n";
	    next;
	}

	next if defined($plugin_config->{nodes}) && !$plugin_config->{nodes}->{$nodename};

	my $controller;
	if (my $controllerid = $plugin_config->{controller}) {
	    $controller = $controller_cfg->{ids}->{$controllerid};
	}

	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
	eval {
	    $plugin->generate_sdn_config($plugin_config, $zone, $id, $vnet, $controller, $subnet_cfg, $interfaces_config, $config);
	};
	if (my $err = $@) {
	    warn "zone $zone : vnet $id : $err\n";
	    next;
	}
    }

    my $raw_network_config = "\#version:$version\n";
    foreach my $iface (sort keys %$config) {
	$raw_network_config .= "\n";
	$raw_network_config .= "auto $iface\n";
	$raw_network_config .= "iface $iface\n";
	foreach my $option (@{$config->{$iface}}) {
	    $raw_network_config .= "\t$option\n";
	}
    }

    return $raw_network_config;
}

sub write_etc_network_config {
    my ($rawconfig) = @_;

    return if !$rawconfig;

    my $writefh = IO::File->new($local_network_sdn_file,">");
    print $writefh $rawconfig;
    $writefh->close();
}

sub read_etc_network_config_version {
    my $versionstr = PVE::Tools::file_read_firstline($local_network_sdn_file);

    return if !defined($versionstr);

    if ($versionstr =~ m/^\#version:(\d+)$/) {
	return $1;
    }
}

sub ifquery_check {

    my $cmd = ['ifquery', '-a', '-c', '-o','json'];

    my $result = '';
    my $reader = sub { $result .= shift };

    eval {
	run_command($cmd, outfunc => $reader);
    };

    my $resultjson = decode_json($result);
    my $interfaces = {};

    foreach my $interface (@$resultjson) {
	my $name = $interface->{name};
	$interfaces->{$name} = {
	    status => $interface->{status},
	    config => $interface->{config},
	    config_status => $interface->{config_status},
	};
    }

    return $interfaces;
}

my $warned_about_reload;

sub status {

    my $err_config = undef;

    my $local_version = PVE::Network::SDN::Zones::read_etc_network_config_version();
    my $cfg = PVE::Network::SDN::config();
    my $sdn_version = $cfg->{version};

    return if !$sdn_version;

    if (!$local_version) {
	$err_config = "local sdn network configuration is not yet generated, please reload";
	if (!$warned_about_reload) {
	    $warned_about_reload = 1;
	    warn "$err_config\n";
	}
    } elsif ($local_version < $sdn_version) {
	$err_config = "local sdn network configuration is too old, please reload";
	if (!$warned_about_reload) {
	    $warned_about_reload = 1;
	    warn "$err_config\n";
	}
    } else {
	$warned_about_reload = 0;
    }

    my $status = ifquery_check();

    
    my $vnet_cfg = $cfg->{vnets};
    my $zone_cfg = $cfg->{zones};
    my $nodename = PVE::INotify::nodename();

    my $vnet_status = {};
    my $zone_status = {};

    for my $id (sort keys %{$zone_cfg->{ids}}) {
	$zone_status->{$id}->{status} = $err_config ? 'pending' : 'available';
    }

    foreach my $id (sort keys %{$vnet_cfg->{ids}}) {
	my $vnet = $vnet_cfg->{ids}->{$id};
	my $zone = $vnet->{zone};
	next if !$zone;

	my $plugin_config = $zone_cfg->{ids}->{$zone};
	next if defined($plugin_config->{nodes}) && !$plugin_config->{nodes}->{$nodename};

	$vnet_status->{$id}->{zone} = $zone;
	$vnet_status->{$id}->{status} = 'available';

	if ($err_config) {
	    $vnet_status->{$id}->{status} = 'pending';
	    $vnet_status->{$id}->{statusmsg} = $err_config;
	    next;
	}

	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
	my $err_msg = $plugin->status($plugin_config, $zone, $id, $vnet, $status);
	if (@{$err_msg} > 0) {
	    $vnet_status->{$id}->{status} = 'error';
	    $vnet_status->{$id}->{statusmsg} = join(',', @{$err_msg});
	    $zone_status->{$id}->{status} = 'error';
	}
    }

    return ($zone_status, $vnet_status);
}

sub tap_create {
    my ($iface, $bridge) = @_;

    my $vnet = PVE::Network::SDN::Vnets::get_vnet($bridge, 1);
    if (!$vnet) { # fallback for classic bridge
	PVE::Network::tap_create($iface, $bridge);
	return;
    }

    my $plugin_config = get_plugin_config($vnet);
    my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
    $plugin->tap_create($plugin_config, $vnet, $iface, $bridge);
}

sub veth_create {
    my ($veth, $vethpeer, $bridge, $hwaddr) = @_;

    my $vnet = PVE::Network::SDN::Vnets::get_vnet($bridge, 1);
    if (!$vnet) { # fallback for classic bridge
	PVE::Network::veth_create($veth, $vethpeer, $bridge, $hwaddr);
	return;
    }

    my $plugin_config = get_plugin_config($vnet);
    my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
    $plugin->veth_create($plugin_config, $vnet, $veth, $vethpeer, $bridge, $hwaddr);
}

sub tap_plug {
    my ($iface, $bridge, $tag, $firewall, $trunks, $rate) = @_;

    my $vnet = PVE::Network::SDN::Vnets::get_vnet($bridge, 1);
    if (!$vnet) { # fallback for classic bridge
	PVE::Network::tap_plug($iface, $bridge, $tag, $firewall, $trunks, $rate);
	return;
    }

    my $plugin_config = get_plugin_config($vnet);
    my $nodename = PVE::INotify::nodename();

    die "vnet $bridge is not allowed on this node\n"
	if $plugin_config->{nodes} && !defined($plugin_config->{nodes}->{$nodename});

    my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
    $plugin->tap_plug($plugin_config, $vnet, $tag, $iface, $bridge, $firewall, $trunks, $rate);
}

1;
Commit	Line	Data
f5eabba0 AD	1	package PVE::Network::SDN::Zones;
	2
	3	use strict;
	4	use warnings;
	5
	6	use Data::Dumper;
	7	use JSON;
	8
	9	use PVE::Tools qw(extract_param dir_glob_regex run_command);
	10	use PVE::Cluster qw(cfs_read_file cfs_write_file cfs_lock_file);
eb1549e7	11	use PVE::Network;
f5eabba0 AD	12
	13	use PVE::Network::SDN::Vnets;
	14	use PVE::Network::SDN::Zones::VlanPlugin;
	15	use PVE::Network::SDN::Zones::QinQPlugin;
	16	use PVE::Network::SDN::Zones::VxlanPlugin;
	17	use PVE::Network::SDN::Zones::EvpnPlugin;
	18	use PVE::Network::SDN::Zones::FaucetPlugin;
880ae857	19	use PVE::Network::SDN::Zones::SimplePlugin;
f5eabba0 AD	20	use PVE::Network::SDN::Zones::Plugin;
	21
	22	PVE::Network::SDN::Zones::VlanPlugin->register();
	23	PVE::Network::SDN::Zones::QinQPlugin->register();
	24	PVE::Network::SDN::Zones::VxlanPlugin->register();
	25	PVE::Network::SDN::Zones::EvpnPlugin->register();
	26	PVE::Network::SDN::Zones::FaucetPlugin->register();
880ae857	27	PVE::Network::SDN::Zones::SimplePlugin->register();
f5eabba0 AD	28	PVE::Network::SDN::Zones::Plugin->init();
f5eabba0 AD	29
0814c9a9	30	my $local_network_sdn_file = "/etc/network/interfaces.d/sdn";
f5eabba0 AD	31
	32	sub sdn_zones_config {
	33	my ($cfg, $id, $noerr) = @_;
	34
	35	die "no sdn zone ID specified\n" if !$id;
	36
	37	my $scfg = $cfg->{ids}->{$id};
b2d83056	38	die "sdn '$id' does not exist\n" if (!$noerr && !$scfg);
f5eabba0 AD	39
	40	return $scfg;
	41	}
	42
	43	sub config {
f703d2ae	44	my $config = cfs_read_file("sdn/zones.cfg");
f5eabba0 AD	45	return $config;
	46	}
	47
41d40fb1 TL	48	sub get_plugin_config {
	49	my ($vnet) = @_;
	50	my $zoneid = $vnet->{zone};
	51	my $zone_cfg = PVE::Network::SDN::Zones::config();
	52	return $zone_cfg->{ids}->{$zoneid};
	53	}
	54
f5eabba0 AD	55	sub write_config {
	56	my ($cfg) = @_;
	57
f703d2ae	58	cfs_write_file("sdn/zones.cfg", $cfg);
f5eabba0 AD	59	}
f5eabba0 AD	60
f5eabba0 AD	61	sub sdn_zones_ids {
	62	my ($cfg) = @_;
	63
	64	return keys %{$cfg->{ids}};
	65	}
	66
	67	sub complete_sdn_zone {
	68	my ($cmdname, $pname, $cvalue) = @_;
	69
	70	my $cfg = PVE::Network::SDN::config();
	71
	72	return $cmdname eq 'add' ? [] : [ PVE::Network::SDN::sdn_zones_ids($cfg) ];
	73	}
	74
4ad78442 AD	75	sub get_zone {
	76	my ($zoneid, $running) = @_;
	77
	78	my $cfg = {};
	79	if($running) {
	80	my $cfg = PVE::Network::SDN::config();
	81	$cfg = $cfg->{vnets};
	82	} else {
	83	$cfg = PVE::Network::SDN::Zones::config();
	84	}
	85
	86	my $zone = PVE::Network::SDN::Zones::sdn_zones_config($cfg, $zoneid, 1);
	87
	88	return $zone;
	89	}
	90
f5eabba0 AD	91
	92	sub generate_etc_network_config {
	93
5d3e0248 AD	94	my $cfg = PVE::Network::SDN::config();
	95
	96	my $version = $cfg->{version};
	97	my $vnet_cfg = $cfg->{vnets};
	98	my $zone_cfg = $cfg->{zones};
	99	my $subnet_cfg = $cfg->{subnets};
	100	my $controller_cfg = $cfg->{controllers};
56cdcac9	101	return if !$vnet_cfg && !$zone_cfg;
f5eabba0	102
ba7ac021	103	my $interfaces_config = PVE::INotify::read_file('interfaces');
f5eabba0 AD	104
	105	#generate configuration
	106	my $config = {};
c2b9c173 AD	107	my $nodename = PVE::INotify::nodename();
c2b9c173 AD	108
e0c19383	109	for my $id (sort keys %{$vnet_cfg->{ids}}) {
f5eabba0	110	my $vnet = $vnet_cfg->{ids}->{$id};
3fd3e917	111	my $zone = $vnet->{zone};
f5eabba0	112
e0c19383 TL	113	if (!$zone) {
e0c19383 TL	114	warn "can't generate vnet '$id': no zone assigned!\n";
f5eabba0 AD	115	next;
	116	}
	117
56cdcac9	118	my $plugin_config = $zone_cfg->{ids}->{$zone};
f5eabba0 AD	119
f5eabba0 AD	120	if (!defined($plugin_config)) {
e0c19383	121	warn "can't generate vnet '$id': zone $zone don't exist\n";
f5eabba0 AD	122	next;
	123	}
	124
c2b9c173 AD	125	next if defined($plugin_config->{nodes}) && !$plugin_config->{nodes}->{$nodename};
c2b9c173 AD	126
e0c19383 TL	127	my $controller;
	128	if (my $controllerid = $plugin_config->{controller}) {
	129	$controller = $controller_cfg->{ids}->{$controllerid};
4405f2de AD	130	}
4405f2de AD	131
f5eabba0	132	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
ae3f4de8	133	eval {
7024ec2b	134	$plugin->generate_sdn_config($plugin_config, $zone, $id, $vnet, $controller, $subnet_cfg, $interfaces_config, $config);
ae3f4de8	135	};
cd01a0c0 TL	136	if (my $err = $@) {
cd01a0c0 TL	137	warn "zone $zone : vnet $id : $err\n";
ae3f4de8 AD	138	next;
ae3f4de8 AD	139	}
f5eabba0 AD	140	}
f5eabba0 AD	141
0814c9a9	142	my $raw_network_config = "\#version:$version\n";
2d4c068e	143	foreach my $iface (sort keys %$config) {
f5eabba0 AD	144	$raw_network_config .= "\n";
	145	$raw_network_config .= "auto $iface\n";
	146	$raw_network_config .= "iface $iface\n";
	147	foreach my $option (@{$config->{$iface}}) {
	148	$raw_network_config .= "\t$option\n";
	149	}
	150	}
	151
	152	return $raw_network_config;
	153	}
	154
	155	sub write_etc_network_config {
	156	my ($rawconfig) = @_;
	157
	158	return if !$rawconfig;
f5eabba0	159
0814c9a9	160	my $writefh = IO::File->new($local_network_sdn_file,">");
f5eabba0 AD	161	print $writefh $rawconfig;
	162	$writefh->close();
	163	}
	164
0814c9a9 AD	165	sub read_etc_network_config_version {
0814c9a9 AD	166	my $versionstr = PVE::Tools::file_read_firstline($local_network_sdn_file);
06c87086 SI	167
	168	return if !defined($versionstr);
	169
0814c9a9 AD	170	if ($versionstr =~ m/^\#version:(\d+)$/) {
	171	return $1;
	172	}
	173	}
	174
f5eabba0 AD	175	sub ifquery_check {
	176
	177	my $cmd = ['ifquery', '-a', '-c', '-o','json'];
	178
	179	my $result = '';
	180	my $reader = sub { $result .= shift };
	181
	182	eval {
	183	run_command($cmd, outfunc => $reader);
	184	};
	185
	186	my $resultjson = decode_json($result);
	187	my $interfaces = {};
	188
	189	foreach my $interface (@$resultjson) {
	190	my $name = $interface->{name};
	191	$interfaces->{$name} = {
	192	status => $interface->{status},
	193	config => $interface->{config},
	194	config_status => $interface->{config_status},
	195	};
	196	}
	197
	198	return $interfaces;
	199	}
	200
9ddc4a6f	201	my $warned_about_reload;
4d7cc94f	202
f5eabba0 AD	203	sub status {
f5eabba0 AD	204
f5eabba0 AD	205	my $err_config = undef;
f5eabba0 AD	206
6f4d0610	207	my $local_version = PVE::Network::SDN::Zones::read_etc_network_config_version();
5d3e0248 AD	208	my $cfg = PVE::Network::SDN::config();
5d3e0248 AD	209	my $sdn_version = $cfg->{version};
f5eabba0	210
6f4d0610	211	return if !$sdn_version;
3709a203	212
6f4d0610	213	if (!$local_version) {
3709a203	214	$err_config = "local sdn network configuration is not yet generated, please reload";
9ddc4a6f TL	215	if (!$warned_about_reload) {
	216	$warned_about_reload = 1;
	217	warn "$err_config\n";
	218	}
6f4d0610 AD	219	} elsif ($local_version < $sdn_version) {
6f4d0610 AD	220	$err_config = "local sdn network configuration is too old, please reload";
9ddc4a6f TL	221	if (!$warned_about_reload) {
	222	$warned_about_reload = 1;
	223	warn "$err_config\n";
	224	}
	225	} else {
	226	$warned_about_reload = 0;
f5eabba0 AD	227	}
	228
	229	my $status = ifquery_check();
	230
5d3e0248 AD	231
	232	my $vnet_cfg = $cfg->{vnets};
	233	my $zone_cfg = $cfg->{zones};
c2b9c173	234	my $nodename = PVE::INotify::nodename();
f5eabba0	235
0f700635	236	my $vnet_status = {};
56cdcac9	237	my $zone_status = {};
f5eabba0	238
fc197ef2 TL	239	for my $id (sort keys %{$zone_cfg->{ids}}) {
fc197ef2 TL	240	$zone_status->{$id}->{status} = $err_config ? 'pending' : 'available';
4d7cc94f AD	241	}
4d7cc94f AD	242
70da0442 TL	243	foreach my $id (sort keys %{$vnet_cfg->{ids}}) {
	244	my $vnet = $vnet_cfg->{ids}->{$id};
	245	my $zone = $vnet->{zone};
627b1694	246	next if !$zone;
627b1694	247
70da0442 TL	248	my $plugin_config = $zone_cfg->{ids}->{$zone};
	249	next if defined($plugin_config->{nodes}) && !$plugin_config->{nodes}->{$nodename};
	250
4d7cc94f AD	251	$vnet_status->{$id}->{zone} = $zone;
	252	$vnet_status->{$id}->{status} = 'available';
	253
fc197ef2	254	if ($err_config) {
4d7cc94f AD	255	$vnet_status->{$id}->{status} = 'pending';
	256	$vnet_status->{$id}->{statusmsg} = $err_config;
	257	next;
	258	}
	259
70da0442	260	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
4d7cc94f AD	261	my $err_msg = $plugin->status($plugin_config, $zone, $id, $vnet, $status);
	262	if (@{$err_msg} > 0) {
	263	$vnet_status->{$id}->{status} = 'error';
	264	$vnet_status->{$id}->{statusmsg} = join(',', @{$err_msg});
	265	$zone_status->{$id}->{status} = 'error';
0f700635	266	}
f5eabba0	267	}
627b1694	268
fc197ef2	269	return ($zone_status, $vnet_status);
f5eabba0 AD	270	}
f5eabba0 AD	271
eb1549e7 AD	272	sub tap_create {
	273	my ($iface, $bridge) = @_;
	274
5d3e0248	275	my $vnet = PVE::Network::SDN::Vnets::get_vnet($bridge, 1);
a1ef0eb9	276	if (!$vnet) { # fallback for classic bridge
eb1549e7	277	PVE::Network::tap_create($iface, $bridge);
a1ef0eb9	278	return;
eb1549e7 AD	279	}
eb1549e7 AD	280
41d40fb1	281	my $plugin_config = get_plugin_config($vnet);
eb1549e7 AD	282	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
	283	$plugin->tap_create($plugin_config, $vnet, $iface, $bridge);
	284	}
	285
	286	sub veth_create {
	287	my ($veth, $vethpeer, $bridge, $hwaddr) = @_;
	288
5d3e0248	289	my $vnet = PVE::Network::SDN::Vnets::get_vnet($bridge, 1);
a1ef0eb9	290	if (!$vnet) { # fallback for classic bridge
eb1549e7	291	PVE::Network::veth_create($veth, $vethpeer, $bridge, $hwaddr);
a1ef0eb9	292	return;
eb1549e7 AD	293	}
eb1549e7 AD	294
41d40fb1	295	my $plugin_config = get_plugin_config($vnet);
eb1549e7 AD	296	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
	297	$plugin->veth_create($plugin_config, $vnet, $veth, $vethpeer, $bridge, $hwaddr);
	298	}
	299
	300	sub tap_plug {
	301	my ($iface, $bridge, $tag, $firewall, $trunks, $rate) = @_;
	302
5d3e0248	303	my $vnet = PVE::Network::SDN::Vnets::get_vnet($bridge, 1);
a1ef0eb9	304	if (!$vnet) { # fallback for classic bridge
eb1549e7 AD	305	PVE::Network::tap_plug($iface, $bridge, $tag, $firewall, $trunks, $rate);
	306	return;
	307	}
	308
41d40fb1	309	my $plugin_config = get_plugin_config($vnet);
eb1549e7 AD	310	my $nodename = PVE::INotify::nodename();
eb1549e7 AD	311
41d40fb1 TL	312	die "vnet $bridge is not allowed on this node\n"
41d40fb1 TL	313	if $plugin_config->{nodes} && !defined($plugin_config->{nodes}->{$nodename});
2ba9613b	314
2ba9613b	315	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
912fb443	316	$plugin->tap_plug($plugin_config, $vnet, $tag, $iface, $bridge, $firewall, $trunks, $rate);
2ba9613b AD	317	}
2ba9613b AD	318
f5eabba0 AD	319	1;
f5eabba0 AD	320