[pve-network.git] / PVE / Network / SDN / Zones.pm

package PVE::Network::SDN::Zones;

use strict;
use warnings;

use Data::Dumper;
use JSON;

use PVE::Tools qw(extract_param dir_glob_regex run_command);
use PVE::Cluster qw(cfs_read_file cfs_write_file cfs_lock_file);
use PVE::Network;

use PVE::Network::SDN::Vnets;
use PVE::Network::SDN::Subnets;
use PVE::Network::SDN::Zones::VlanPlugin;
use PVE::Network::SDN::Zones::QinQPlugin;
use PVE::Network::SDN::Zones::VxlanPlugin;
use PVE::Network::SDN::Zones::EvpnPlugin;
use PVE::Network::SDN::Zones::FaucetPlugin;
use PVE::Network::SDN::Zones::SimplePlugin;
use PVE::Network::SDN::Zones::Plugin;

PVE::Network::SDN::Zones::VlanPlugin->register();
PVE::Network::SDN::Zones::QinQPlugin->register();
PVE::Network::SDN::Zones::VxlanPlugin->register();
PVE::Network::SDN::Zones::EvpnPlugin->register();
PVE::Network::SDN::Zones::FaucetPlugin->register();
PVE::Network::SDN::Zones::SimplePlugin->register();
PVE::Network::SDN::Zones::Plugin->init();

my $local_network_sdn_file = "/etc/network/interfaces.d/sdn";

sub sdn_zones_config {
    my ($cfg, $id, $noerr) = @_;

    die "no sdn zone ID specified\n" if !$id;

    my $scfg = $cfg->{ids}->{$id};
    die "sdn '$id' does not exist\n" if (!$noerr && !$scfg);

    return $scfg;
}

sub config {
    my $config = cfs_read_file("sdn/zones.cfg");
    return $config;
}

sub get_plugin_config {
    my ($vnet) = @_;
    my $zoneid = $vnet->{zone};
    my $zone_cfg = PVE::Network::SDN::Zones::config();
    return $zone_cfg->{ids}->{$zoneid};
}

sub write_config {
    my ($cfg) = @_;

    cfs_write_file("sdn/zones.cfg", $cfg);
}

sub sdn_zones_ids {
    my ($cfg) = @_;

    return keys %{$cfg->{ids}};
}

sub complete_sdn_zone {
    my ($cmdname, $pname, $cvalue) = @_;

    my $cfg = PVE::Network::SDN::config();

    return  $cmdname eq 'add' ? [] : [ PVE::Network::SDN::sdn_zones_ids($cfg) ];
}


sub generate_etc_network_config {

    my $version = PVE::Cluster::cfs_read_file('sdn/.version');
    my $vnet_cfg = PVE::Cluster::cfs_read_file('sdn/vnets.cfg');
    my $zone_cfg = PVE::Cluster::cfs_read_file('sdn/zones.cfg');
    my $subnet_cfg = PVE::Network::SDN::Subnets::config();
    my $controller_cfg = PVE::Cluster::cfs_read_file('sdn/controllers.cfg');
    return if !$vnet_cfg && !$zone_cfg;

    my $interfaces_config = PVE::INotify::read_file('interfaces');

    #generate configuration
    my $config = {};
    my $nodename = PVE::INotify::nodename();

    for my $id (sort keys %{$vnet_cfg->{ids}}) {
	my $vnet = $vnet_cfg->{ids}->{$id};
	my $zone = $vnet->{zone};

	if (!$zone) {
	    warn "can't generate vnet '$id': no zone assigned!\n";
	    next;
	}

	my $plugin_config = $zone_cfg->{ids}->{$zone};

	if (!defined($plugin_config)) {
	    warn "can't generate vnet '$id': zone $zone don't exist\n";
	    next;
	}

	next if defined($plugin_config->{nodes}) && !$plugin_config->{nodes}->{$nodename};

	my $controller;
	if (my $controllerid = $plugin_config->{controller}) {
	    $controller = $controller_cfg->{ids}->{$controllerid};
	}

	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
	eval {
	    $plugin->generate_sdn_config($plugin_config, $zone, $id, $vnet, $controller, $subnet_cfg, $interfaces_config, $config);
	};
	if (my $err = $@) {
	    warn "zone $zone : vnet $id : $err\n";
	    next;
	}
    }

    my $raw_network_config = "\#version:$version\n";
    foreach my $iface (sort keys %$config) {
	$raw_network_config .= "\n";
	$raw_network_config .= "auto $iface\n";
	$raw_network_config .= "iface $iface\n";
	foreach my $option (@{$config->{$iface}}) {
	    $raw_network_config .= "\t$option\n";
	}
    }

    return $raw_network_config;
}

sub write_etc_network_config {
    my ($rawconfig) = @_;

    return if !$rawconfig;

    my $writefh = IO::File->new($local_network_sdn_file,">");
    print $writefh $rawconfig;
    $writefh->close();
}

sub read_etc_network_config_version {
    my $versionstr = PVE::Tools::file_read_firstline($local_network_sdn_file);

    return if !defined($versionstr);

    if ($versionstr =~ m/^\#version:(\d+)$/) {
	return $1;
    }
}

sub ifquery_check {

    my $cmd = ['ifquery', '-a', '-c', '-o','json'];

    my $result = '';
    my $reader = sub { $result .= shift };

    eval {
	run_command($cmd, outfunc => $reader);
    };

    my $resultjson = decode_json($result);
    my $interfaces = {};

    foreach my $interface (@$resultjson) {
	my $name = $interface->{name};
	$interfaces->{$name} = {
	    status => $interface->{status},
	    config => $interface->{config},
	    config_status => $interface->{config_status},
	};
    }

    return $interfaces;
}

my $warned_about_reload;

sub status {

    my $err_config = undef;

    my $local_version = PVE::Network::SDN::Zones::read_etc_network_config_version();
    my $sdn_version = PVE::Cluster::cfs_read_file('sdn/.version');

    return if !$sdn_version;

    if (!$local_version) {
	$err_config = "local sdn network configuration is not yet generated, please reload";
	if (!$warned_about_reload) {
	    $warned_about_reload = 1;
	    warn "$err_config\n";
	}
    } elsif ($local_version < $sdn_version) {
	$err_config = "local sdn network configuration is too old, please reload";
	if (!$warned_about_reload) {
	    $warned_about_reload = 1;
	    warn "$err_config\n";
	}
    } else {
	$warned_about_reload = 0;
    }

    my $status = ifquery_check();

    my $vnet_cfg = PVE::Cluster::cfs_read_file('sdn/vnets.cfg');
    my $zone_cfg = PVE::Cluster::cfs_read_file('sdn/zones.cfg');
    my $nodename = PVE::INotify::nodename();

    my $vnet_status = {};
    my $zone_status = {};

    for my $id (sort keys %{$zone_cfg->{ids}}) {
	$zone_status->{$id}->{status} = $err_config ? 'pending' : 'available';
    }

    foreach my $id (sort keys %{$vnet_cfg->{ids}}) {
	my $vnet = $vnet_cfg->{ids}->{$id};
	my $zone = $vnet->{zone};
	next if !$zone;

	my $plugin_config = $zone_cfg->{ids}->{$zone};
	next if defined($plugin_config->{nodes}) && !$plugin_config->{nodes}->{$nodename};

	$vnet_status->{$id}->{zone} = $zone;
	$vnet_status->{$id}->{status} = 'available';

	if ($err_config) {
	    $vnet_status->{$id}->{status} = 'pending';
	    $vnet_status->{$id}->{statusmsg} = $err_config;
	    next;
	}

	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
	my $err_msg = $plugin->status($plugin_config, $zone, $id, $vnet, $status);
	if (@{$err_msg} > 0) {
	    $vnet_status->{$id}->{status} = 'error';
	    $vnet_status->{$id}->{statusmsg} = join(',', @{$err_msg});
	    $zone_status->{$id}->{status} = 'error';
	}
    }

    return ($zone_status, $vnet_status);
}

sub tap_create {
    my ($iface, $bridge) = @_;

    my $vnet = PVE::Network::SDN::Vnets::get_vnet($bridge);
    if (!$vnet) { # fallback for classic bridge
	PVE::Network::tap_create($iface, $bridge);
	return;
    }

    my $plugin_config = get_plugin_config($vnet);
    my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
    $plugin->tap_create($plugin_config, $vnet, $iface, $bridge);
}

sub veth_create {
    my ($veth, $vethpeer, $bridge, $hwaddr) = @_;

    my $vnet = PVE::Network::SDN::Vnets::get_vnet($bridge);
    if (!$vnet) { # fallback for classic bridge
	PVE::Network::veth_create($veth, $vethpeer, $bridge, $hwaddr);
	return;
    }

    my $plugin_config = get_plugin_config($vnet);
    my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
    $plugin->veth_create($plugin_config, $vnet, $veth, $vethpeer, $bridge, $hwaddr);
}

sub tap_plug {
    my ($iface, $bridge, $tag, $firewall, $trunks, $rate) = @_;

    my $vnet = PVE::Network::SDN::Vnets::get_vnet($bridge);
    if (!$vnet) { # fallback for classic bridge
	PVE::Network::tap_plug($iface, $bridge, $tag, $firewall, $trunks, $rate);
	return;
    }

    my $plugin_config = get_plugin_config($vnet);
    my $nodename = PVE::INotify::nodename();

    die "vnet $bridge is not allowed on this node\n"
	if $plugin_config->{nodes} && !defined($plugin_config->{nodes}->{$nodename});

    my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
    $plugin->tap_plug($plugin_config, $vnet, $tag, $iface, $bridge, $firewall, $trunks, $rate);
}

1;
Commit	Line	Data
f5eabba0 AD	1	package PVE::Network::SDN::Zones;
	2
	3	use strict;
	4	use warnings;
	5
	6	use Data::Dumper;
	7	use JSON;
	8
	9	use PVE::Tools qw(extract_param dir_glob_regex run_command);
	10	use PVE::Cluster qw(cfs_read_file cfs_write_file cfs_lock_file);
eb1549e7	11	use PVE::Network;
f5eabba0 AD	12
f5eabba0 AD	13	use PVE::Network::SDN::Vnets;
7024ec2b	14	use PVE::Network::SDN::Subnets;
f5eabba0 AD	15	use PVE::Network::SDN::Zones::VlanPlugin;
	16	use PVE::Network::SDN::Zones::QinQPlugin;
	17	use PVE::Network::SDN::Zones::VxlanPlugin;
	18	use PVE::Network::SDN::Zones::EvpnPlugin;
	19	use PVE::Network::SDN::Zones::FaucetPlugin;
880ae857	20	use PVE::Network::SDN::Zones::SimplePlugin;
f5eabba0 AD	21	use PVE::Network::SDN::Zones::Plugin;
	22
	23	PVE::Network::SDN::Zones::VlanPlugin->register();
	24	PVE::Network::SDN::Zones::QinQPlugin->register();
	25	PVE::Network::SDN::Zones::VxlanPlugin->register();
	26	PVE::Network::SDN::Zones::EvpnPlugin->register();
	27	PVE::Network::SDN::Zones::FaucetPlugin->register();
880ae857	28	PVE::Network::SDN::Zones::SimplePlugin->register();
f5eabba0 AD	29	PVE::Network::SDN::Zones::Plugin->init();
f5eabba0 AD	30
0814c9a9	31	my $local_network_sdn_file = "/etc/network/interfaces.d/sdn";
f5eabba0 AD	32
	33	sub sdn_zones_config {
	34	my ($cfg, $id, $noerr) = @_;
	35
	36	die "no sdn zone ID specified\n" if !$id;
	37
	38	my $scfg = $cfg->{ids}->{$id};
b2d83056	39	die "sdn '$id' does not exist\n" if (!$noerr && !$scfg);
f5eabba0 AD	40
	41	return $scfg;
	42	}
	43
	44	sub config {
f703d2ae	45	my $config = cfs_read_file("sdn/zones.cfg");
f5eabba0 AD	46	return $config;
	47	}
	48
41d40fb1 TL	49	sub get_plugin_config {
	50	my ($vnet) = @_;
	51	my $zoneid = $vnet->{zone};
	52	my $zone_cfg = PVE::Network::SDN::Zones::config();
	53	return $zone_cfg->{ids}->{$zoneid};
	54	}
	55
f5eabba0 AD	56	sub write_config {
	57	my ($cfg) = @_;
	58
f703d2ae	59	cfs_write_file("sdn/zones.cfg", $cfg);
f5eabba0 AD	60	}
f5eabba0 AD	61
f5eabba0 AD	62	sub sdn_zones_ids {
	63	my ($cfg) = @_;
	64
	65	return keys %{$cfg->{ids}};
	66	}
	67
	68	sub complete_sdn_zone {
	69	my ($cmdname, $pname, $cvalue) = @_;
	70
	71	my $cfg = PVE::Network::SDN::config();
	72
	73	return $cmdname eq 'add' ? [] : [ PVE::Network::SDN::sdn_zones_ids($cfg) ];
	74	}
	75
	76
	77	sub generate_etc_network_config {
	78
0814c9a9	79	my $version = PVE::Cluster::cfs_read_file('sdn/.version');
f5eabba0	80	my $vnet_cfg = PVE::Cluster::cfs_read_file('sdn/vnets.cfg');
56cdcac9	81	my $zone_cfg = PVE::Cluster::cfs_read_file('sdn/zones.cfg');
7024ec2b	82	my $subnet_cfg = PVE::Network::SDN::Subnets::config();
4405f2de	83	my $controller_cfg = PVE::Cluster::cfs_read_file('sdn/controllers.cfg');
56cdcac9	84	return if !$vnet_cfg && !$zone_cfg;
f5eabba0	85
ba7ac021	86	my $interfaces_config = PVE::INotify::read_file('interfaces');
f5eabba0 AD	87
	88	#generate configuration
	89	my $config = {};
c2b9c173 AD	90	my $nodename = PVE::INotify::nodename();
c2b9c173 AD	91
e0c19383	92	for my $id (sort keys %{$vnet_cfg->{ids}}) {
f5eabba0	93	my $vnet = $vnet_cfg->{ids}->{$id};
3fd3e917	94	my $zone = $vnet->{zone};
f5eabba0	95
e0c19383 TL	96	if (!$zone) {
e0c19383 TL	97	warn "can't generate vnet '$id': no zone assigned!\n";
f5eabba0 AD	98	next;
	99	}
	100
56cdcac9	101	my $plugin_config = $zone_cfg->{ids}->{$zone};
f5eabba0 AD	102
f5eabba0 AD	103	if (!defined($plugin_config)) {
e0c19383	104	warn "can't generate vnet '$id': zone $zone don't exist\n";
f5eabba0 AD	105	next;
	106	}
	107
c2b9c173 AD	108	next if defined($plugin_config->{nodes}) && !$plugin_config->{nodes}->{$nodename};
c2b9c173 AD	109
e0c19383 TL	110	my $controller;
	111	if (my $controllerid = $plugin_config->{controller}) {
	112	$controller = $controller_cfg->{ids}->{$controllerid};
4405f2de AD	113	}
4405f2de AD	114
f5eabba0	115	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
ae3f4de8	116	eval {
7024ec2b	117	$plugin->generate_sdn_config($plugin_config, $zone, $id, $vnet, $controller, $subnet_cfg, $interfaces_config, $config);
ae3f4de8	118	};
cd01a0c0 TL	119	if (my $err = $@) {
cd01a0c0 TL	120	warn "zone $zone : vnet $id : $err\n";
ae3f4de8 AD	121	next;
ae3f4de8 AD	122	}
f5eabba0 AD	123	}
f5eabba0 AD	124
0814c9a9	125	my $raw_network_config = "\#version:$version\n";
2d4c068e	126	foreach my $iface (sort keys %$config) {
f5eabba0 AD	127	$raw_network_config .= "\n";
	128	$raw_network_config .= "auto $iface\n";
	129	$raw_network_config .= "iface $iface\n";
	130	foreach my $option (@{$config->{$iface}}) {
	131	$raw_network_config .= "\t$option\n";
	132	}
	133	}
	134
	135	return $raw_network_config;
	136	}
	137
	138	sub write_etc_network_config {
	139	my ($rawconfig) = @_;
	140
	141	return if !$rawconfig;
f5eabba0	142
0814c9a9	143	my $writefh = IO::File->new($local_network_sdn_file,">");
f5eabba0 AD	144	print $writefh $rawconfig;
	145	$writefh->close();
	146	}
	147
0814c9a9 AD	148	sub read_etc_network_config_version {
0814c9a9 AD	149	my $versionstr = PVE::Tools::file_read_firstline($local_network_sdn_file);
06c87086 SI	150
	151	return if !defined($versionstr);
	152
0814c9a9 AD	153	if ($versionstr =~ m/^\#version:(\d+)$/) {
	154	return $1;
	155	}
	156	}
	157
f5eabba0 AD	158	sub ifquery_check {
	159
	160	my $cmd = ['ifquery', '-a', '-c', '-o','json'];
	161
	162	my $result = '';
	163	my $reader = sub { $result .= shift };
	164
	165	eval {
	166	run_command($cmd, outfunc => $reader);
	167	};
	168
	169	my $resultjson = decode_json($result);
	170	my $interfaces = {};
	171
	172	foreach my $interface (@$resultjson) {
	173	my $name = $interface->{name};
	174	$interfaces->{$name} = {
	175	status => $interface->{status},
	176	config => $interface->{config},
	177	config_status => $interface->{config_status},
	178	};
	179	}
	180
	181	return $interfaces;
	182	}
	183
9ddc4a6f	184	my $warned_about_reload;
4d7cc94f	185
f5eabba0 AD	186	sub status {
f5eabba0 AD	187
f5eabba0 AD	188	my $err_config = undef;
f5eabba0 AD	189
6f4d0610 AD	190	my $local_version = PVE::Network::SDN::Zones::read_etc_network_config_version();
6f4d0610 AD	191	my $sdn_version = PVE::Cluster::cfs_read_file('sdn/.version');
f5eabba0	192
6f4d0610	193	return if !$sdn_version;
3709a203	194
6f4d0610	195	if (!$local_version) {
3709a203	196	$err_config = "local sdn network configuration is not yet generated, please reload";
9ddc4a6f TL	197	if (!$warned_about_reload) {
	198	$warned_about_reload = 1;
	199	warn "$err_config\n";
	200	}
6f4d0610 AD	201	} elsif ($local_version < $sdn_version) {
6f4d0610 AD	202	$err_config = "local sdn network configuration is too old, please reload";
9ddc4a6f TL	203	if (!$warned_about_reload) {
	204	$warned_about_reload = 1;
	205	warn "$err_config\n";
	206	}
	207	} else {
	208	$warned_about_reload = 0;
f5eabba0 AD	209	}
	210
	211	my $status = ifquery_check();
	212
	213	my $vnet_cfg = PVE::Cluster::cfs_read_file('sdn/vnets.cfg');
c2b9c173 AD	214	my $zone_cfg = PVE::Cluster::cfs_read_file('sdn/zones.cfg');
c2b9c173 AD	215	my $nodename = PVE::INotify::nodename();
f5eabba0	216
0f700635	217	my $vnet_status = {};
56cdcac9	218	my $zone_status = {};
f5eabba0	219
fc197ef2 TL	220	for my $id (sort keys %{$zone_cfg->{ids}}) {
fc197ef2 TL	221	$zone_status->{$id}->{status} = $err_config ? 'pending' : 'available';
4d7cc94f AD	222	}
4d7cc94f AD	223
70da0442 TL	224	foreach my $id (sort keys %{$vnet_cfg->{ids}}) {
	225	my $vnet = $vnet_cfg->{ids}->{$id};
	226	my $zone = $vnet->{zone};
627b1694	227	next if !$zone;
627b1694	228
70da0442 TL	229	my $plugin_config = $zone_cfg->{ids}->{$zone};
	230	next if defined($plugin_config->{nodes}) && !$plugin_config->{nodes}->{$nodename};
	231
4d7cc94f AD	232	$vnet_status->{$id}->{zone} = $zone;
	233	$vnet_status->{$id}->{status} = 'available';
	234
fc197ef2	235	if ($err_config) {
4d7cc94f AD	236	$vnet_status->{$id}->{status} = 'pending';
	237	$vnet_status->{$id}->{statusmsg} = $err_config;
	238	next;
	239	}
	240
70da0442	241	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
4d7cc94f AD	242	my $err_msg = $plugin->status($plugin_config, $zone, $id, $vnet, $status);
	243	if (@{$err_msg} > 0) {
	244	$vnet_status->{$id}->{status} = 'error';
	245	$vnet_status->{$id}->{statusmsg} = join(',', @{$err_msg});
	246	$zone_status->{$id}->{status} = 'error';
0f700635	247	}
f5eabba0	248	}
627b1694	249
fc197ef2	250	return ($zone_status, $vnet_status);
f5eabba0 AD	251	}
f5eabba0 AD	252
eb1549e7 AD	253	sub tap_create {
	254	my ($iface, $bridge) = @_;
	255
	256	my $vnet = PVE::Network::SDN::Vnets::get_vnet($bridge);
a1ef0eb9	257	if (!$vnet) { # fallback for classic bridge
eb1549e7	258	PVE::Network::tap_create($iface, $bridge);
a1ef0eb9	259	return;
eb1549e7 AD	260	}
eb1549e7 AD	261
41d40fb1	262	my $plugin_config = get_plugin_config($vnet);
eb1549e7 AD	263	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
	264	$plugin->tap_create($plugin_config, $vnet, $iface, $bridge);
	265	}
	266
	267	sub veth_create {
	268	my ($veth, $vethpeer, $bridge, $hwaddr) = @_;
	269
	270	my $vnet = PVE::Network::SDN::Vnets::get_vnet($bridge);
a1ef0eb9	271	if (!$vnet) { # fallback for classic bridge
eb1549e7	272	PVE::Network::veth_create($veth, $vethpeer, $bridge, $hwaddr);
a1ef0eb9	273	return;
eb1549e7 AD	274	}
eb1549e7 AD	275
41d40fb1	276	my $plugin_config = get_plugin_config($vnet);
eb1549e7 AD	277	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
	278	$plugin->veth_create($plugin_config, $vnet, $veth, $vethpeer, $bridge, $hwaddr);
	279	}
	280
	281	sub tap_plug {
	282	my ($iface, $bridge, $tag, $firewall, $trunks, $rate) = @_;
	283
	284	my $vnet = PVE::Network::SDN::Vnets::get_vnet($bridge);
a1ef0eb9	285	if (!$vnet) { # fallback for classic bridge
eb1549e7 AD	286	PVE::Network::tap_plug($iface, $bridge, $tag, $firewall, $trunks, $rate);
	287	return;
	288	}
	289
41d40fb1	290	my $plugin_config = get_plugin_config($vnet);
eb1549e7 AD	291	my $nodename = PVE::INotify::nodename();
eb1549e7 AD	292
41d40fb1 TL	293	die "vnet $bridge is not allowed on this node\n"
41d40fb1 TL	294	if $plugin_config->{nodes} && !defined($plugin_config->{nodes}->{$nodename});
2ba9613b	295
2ba9613b	296	my $plugin = PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
912fb443	297	$plugin->tap_plug($plugin_config, $vnet, $tag, $iface, $bridge, $firewall, $trunks, $rate);
2ba9613b AD	298	}
2ba9613b AD	299
f5eabba0 AD	300	1;
f5eabba0 AD	301