PVE/Network/SDN/SubnetPlugin.pm

   1 package PVE::Network::SDN::SubnetPlugin;
   2
   3 use strict;
   4 use warnings;
   5
   6 use PVE::Cluster qw(cfs_read_file cfs_write_file cfs_lock_file);
   7 use base qw(PVE::SectionConfig);
   8 use PVE::JSONSchema qw(get_standard_option);
   9 use PVE::Exception qw(raise raise_param_exc);
  10 use Net::Subnet qw(subnet_matcher);
  11
  12 PVE::Cluster::cfs_register_file('sdn/subnets.cfg',
  13                                  sub { __PACKAGE__->parse_config(@_); },
  14                                  sub { __PACKAGE__->write_config(@_); });
  15
  16 PVE::JSONSchema::register_standard_option('pve-sdn-subnet-id', {
  17     description => "The SDN subnet object identifier.",
  18     type => 'string', format => 'pve-sdn-subnet-id',
  19     type => 'string'
  20 });
  21
  22 PVE::JSONSchema::register_format('pve-sdn-subnet-id', \&parse_sdn_subnet_id);
  23 sub parse_sdn_subnet_id {
  24     my ($id, $noerr) = @_;
  25
  26     my $cidr = $id =~ s/-/\//r;
  27
  28     if (!(PVE::JSONSchema::pve_verify_cidrv4($cidr, 1) ||
  29           PVE::JSONSchema::pve_verify_cidrv6($cidr, 1)))
  30     {
  31         return undef if $noerr;
  32         die "value does not look like a valid CIDR network\n";
  33     }
  34     return $id;
  35 }
  36
  37 my $defaultData = {
  38
  39     propertyList => {
  40         subnet => get_standard_option('pve-sdn-subnet-id',
  41             { completion => \&PVE::Network::SDN::Subnets::complete_sdn_subnet }),
  42     },
  43 };
  44
  45 sub type {
  46     return 'subnet';
  47 }
  48
  49 sub private {
  50     return $defaultData;
  51 }
  52
  53 sub properties {
  54     return {
  55         gateway => {
  56             type => 'string', format => 'ip',
  57             description => "Subnet Gateway: Will be assign on vnet for layer3 zones",
  58         },
  59         snat => {
  60             type => 'boolean',
  61             description => "enable masquerade for this subnet if pve-firewall",
  62         },
  63 #       #cloudinit, dhcp options
  64 #        routes => {
  65 #            type => 'string',
  66 #            description => "static routes [network=<network>:gateway=<ip>,network=<network>:gateway=<ip>,... ]",
  67 #        },
  68         dns => {
  69             type => 'string',
  70             description => "dns api server",
  71         },
  72         reversedns => {
  73             type => 'string',
  74             description => "reverse dns api server",
  75         },
  76         dnszone => {
  77             type => 'string', format => 'dns-name',
  78             description => "dns domain zone  ex: mydomain.com",
  79         },
  80         reversednszone => {
  81             type => 'string', format => 'dns-name',
  82             description => "reverse dns zone ex: 0.168.192.in-addr.arpa",
  83         },
  84         dnszoneprefix => {
  85             type => 'string', format => 'dns-name',
  86             description => "dns domain zone prefix  ex: 'adm' -> <hostname>.adm.mydomain.com",
  87         },
  88         ipam => {
  89             type => 'string',
  90             description => "use a specific ipam",
  91         },
  92     };
  93 }
  94
  95 sub options {
  96     return {
  97         vnet => { optional => 0 },
  98         gateway => { optional => 1 },
  99 #       routes => { optional => 1 },
 100         snat => { optional => 1 },
 101         dns => { optional => 1 },
 102         reversedns => { optional => 1 },
 103         dnszone => { optional => 1 },
 104         reversednszone => { optional => 1 },
 105         dnszoneprefix => { optional => 1 },
 106         ipam => { optional => 1 },
 107     };
 108 }
 109
 110 sub on_update_hook {
 111     my ($class, $subnetid, $subnet_cfg) = @_;
 112
 113     my $cidr = $subnetid =~ s/-/\//r;
 114     my $subnet_matcher = subnet_matcher($cidr);
 115
 116     my $subnet = $subnet_cfg->{ids}->{$subnetid};
 117
 118     my $gateway = $subnet->{gateway};
 119     my $dns = $subnet->{dns};
 120     my $dnszone = $subnet->{dnszone};
 121     my $reversedns = $subnet->{reversedns};
 122     my $reversednszone = $subnet->{reversednszone};
 123
 124     #to: for /32 pointotoping, allow gateway outside the subnet
 125     raise_param_exc({ gateway => "$gateway is not in subnet $subnet"}) if $gateway && !$subnet_matcher->($gateway);
 126
 127     raise_param_exc({ dns => "missing dns provider"}) if $dnszone && !$dns;
 128     raise_param_exc({ dnszone => "missing dns zone"}) if $dns && !$dnszone;
 129     raise_param_exc({ reversedns => "missing dns provider"}) if $reversednszone && !$reversedns;
 130     raise_param_exc({ reversednszone => "missing dns zone"}) if $reversedns && !$reversednszone;
 131     raise_param_exc({ reversedns => "missing forward dns zone"}) if $reversednszone && !$dnszone;
 132
 133 }
 134
 135 sub on_delete_hook {
 136     my ($class, $subnetid, $subnet_cfg, $vnet_cfg) = @_;
 137
 138     #verify if vnets have subnet
 139     foreach my $vnetid (keys %{$vnet_cfg->{ids}}) {
 140         my $vnet = $vnet_cfg->{ids}->{$vnetid};
 141         my @subnets = PVE::Tools::split_list($vnet->{subnets}) if $vnet->{subnets};
 142         foreach my $subnet (@subnets) {
 143             my $id = $subnet =~ s/\//-/r;
 144             raise_param_exc({ subnet => "$subnet is attached to vnet $vnetid"}) if $id eq $subnetid;
 145         }
 146     }
 147
 148     return;
 149 }
 150
 151 1;