1 package PVE
::Network
::SDN
::Zones
::Plugin
;
6 use PVE
::Tools
qw(run_command);
11 use PVE
::JSONSchema
qw(get_standard_option);
12 use base
qw(PVE::SectionConfig);
14 PVE
::Cluster
::cfs_register_file
(
16 sub { __PACKAGE__-
>parse_config(@_); },
17 sub { __PACKAGE__-
>write_config(@_); },
20 PVE
::JSONSchema
::register_standard_option
('pve-sdn-zone-id', {
21 description
=> "The SDN zone object identifier.",
22 type
=> 'string', format
=> 'pve-sdn-zone-id',
25 PVE
::JSONSchema
::register_format
('pve-sdn-zone-id', \
&parse_sdn_zone_id
);
26 sub parse_sdn_zone_id
{
27 my ($id, $noerr) = @_;
29 if ($id !~ m/^[a-z][a-z0-9]*[a-z0-9]$/i) {
30 return undef if $noerr;
31 die "zone ID '$id' contains illegal characters\n";
33 die "zone ID '$id' can't be more length than 8 characters\n" if length($id) > 8;
41 description
=> "Plugin type.",
42 type
=> 'string', format
=> 'pve-configid',
45 nodes
=> get_standard_option
('pve-node-list', { optional
=> 1 }),
46 zone
=> get_standard_option
('pve-sdn-zone-id', {
47 completion
=> \
&PVE
::Network
::SDN
::Zones
::complete_sdn_zone
,
51 description
=> "use a specific ipam",
60 sub parse_section_header
{
61 my ($class, $line) = @_;
63 if ($line =~ m/^(\S+):\s*(\S+)\s*$/) {
64 my ($type, $id) = (lc($1), $2);
65 my $errmsg = undef; # set if you want to skip whole section
66 eval { PVE
::JSONSchema
::pve_verify_configid
($type); };
68 my $config = {}; # to return additional attributes
69 return ($type, $id, $errmsg, $config);
75 my ($class, $type, $key, $value) = @_;
77 if ($key eq 'nodes' || $key eq 'exitnodes') {
80 foreach my $node (PVE
::Tools
::split_list
($value)) {
81 if (PVE
::JSONSchema
::pve_verify_node_name
($node)) {
93 my ($class, $type, $key, $value) = @_;
95 if ($key eq 'nodes' || $key eq 'exitnodes') {
96 return join(',', keys(%$value));
102 sub generate_sdn_config
{
103 my ($class, $plugin_config, $zoneid, $vnetid, $vnet, $controller, $controller_cfg, $subnet_cfg, $interfaces_config, $config) = @_;
105 die "please implement inside plugin";
108 sub generate_controller_config
{
109 my ($class, $plugin_config, $controller, $id, $uplinks, $config) = @_;
111 die "please implement inside plugin";
114 sub generate_controller_vnet_config
{
115 my ($class, $plugin_config, $controller, $zoneid, $vnetid, $config) = @_;
119 sub write_controller_config
{
120 my ($class, $plugin_config, $config) = @_;
122 die "please implement inside plugin";
125 sub controller_reload
{
128 die "please implement inside plugin";
132 my ($class, $zoneid, $vnet_cfg) = @_;
134 # verify that no vnet are associated to this zone
135 foreach my $id (keys %{$vnet_cfg->{ids
}}) {
136 my $vnet = $vnet_cfg->{ids
}->{$id};
137 die "zone $zoneid is used by vnet $id"
138 if ($vnet->{type
} eq 'vnet' && defined($vnet->{zone
}) && $vnet->{zone
} eq $zoneid);
143 my ($class, $zoneid, $zone_cfg, $controller_cfg) = @_;
145 # do nothing by default
148 sub vnet_update_hook
{
149 my ($class, $vnet_cfg, $vnetid, $zone_cfg) = @_;
151 # do nothing by default
155 sub parse_tag_number_or_range
{
156 my ($str, $max, $tag) = @_;
158 my @elements = split(/,/, $str);
162 die "extraneous commas in list\n" if $str ne join(',', @elements);
163 foreach my $item (@elements) {
164 if ($item =~ m/^([0-9]+)-([0-9]+)$/) {
166 my ($port1, $port2) = ($1, $2);
167 die "invalid port '$port1'\n" if $port1 > $max;
168 die "invalid port '$port2'\n" if $port2 > $max;
169 die "backwards range '$port1:$port2' not allowed, did you mean '$port2:$port1'?\n" if $port1 > $port2;
171 if ($tag && $tag >= $port1 && $tag <= $port2){
176 } elsif ($item =~ m/^([0-9]+)$/) {
179 die "invalid port '$port'\n" if $port > $max;
181 if ($tag && $tag == $port){
187 die "tag $tag is not allowed" if $tag && !$allowed;
189 return (scalar(@elements) > 1);
193 my ($class, $plugin_config, $zone, $vnetid, $vnet, $status) = @_;
198 my $ifaces = [ $vnetid ];
200 foreach my $iface (@{$ifaces}) {
201 if (!$status->{$iface}->{status
}) {
202 push @$err_msg, "missing $iface";
203 } elsif ($status->{$iface}->{status
} ne 'pass') {
204 push @$err_msg, "error $iface";
212 my ($class, $plugin_config, $vnet, $iface, $vnetid) = @_;
214 PVE
::Network
::tap_create
($iface, $vnetid);
218 my ($class, $plugin_config, $vnet, $veth, $vethpeer, $vnetid, $hwaddr) = @_;
220 PVE
::Network
::veth_create
($veth, $vethpeer, $vnetid, $hwaddr);
224 my ($class, $plugin_config, $vnet, $tag, $iface, $vnetid, $firewall, $trunks, $rate) = @_;
226 my $vlan_aware = PVE
::Tools
::file_read_firstline
("/sys/class/net/$vnetid/bridge/vlan_filtering");
227 die "vm vlans are not allowed on vnet $vnetid" if !$vlan_aware && ($tag || $trunks);
229 PVE
::Network
::tap_plug
($iface, $vnetid, $tag, $firewall, $trunks, $rate);
234 sub get_uplink_iface
{
235 my ($interfaces_config, $uplink) = @_;
238 foreach my $id (keys %{$interfaces_config->{ifaces
}}) {
239 my $interface = $interfaces_config->{ifaces
}->{$id};
240 if (my $iface_uplink = $interface->{'uplink-id'}) {
241 next if $iface_uplink ne $uplink;
242 if($interface->{type
} ne 'eth' && $interface->{type
} ne 'bond') {
243 warn "uplink $uplink is not a physical or bond interface";
250 #create a dummy uplink interface if no uplink found
252 warn "can't find uplink $uplink in physical interface";
253 $iface = "uplink${uplink}";
259 sub get_local_route_ip
{
263 my $interface = undef;
265 run_command
(['/sbin/ip', 'route', 'get', $targetip], outfunc
=> sub {
266 if ($_[0] =~ m/src ($PVE::Tools::IPRE)/) {
269 if ($_[0] =~ m/dev (\S+)/) {
274 return ($ip, $interface);
278 sub find_local_ip_interface_peers
{
279 my ($peers, $iface) = @_;
281 my $network_config = PVE
::INotify
::read_file
('interfaces');
282 my $ifaces = $network_config->{ifaces
};
284 #if iface is defined, return ip if exist (if not,try to find it on other ifaces)
286 my $ip = $ifaces->{$iface}->{address
};
287 return ($ip,$iface) if $ip;
290 #is a local ip member of peers list ?
291 foreach my $address (@{$peers}) {
292 while (my $interface = each %$ifaces) {
293 my $ip = $ifaces->{$interface}->{address
};
294 if ($ip && $ip eq $address) {
295 return ($ip, $interface);
300 #if peer is remote, find source with ip route
301 foreach my $address (@{$peers}) {
302 my ($ip, $interface) = get_local_route_ip
($address);
303 return ($ip, $interface);
310 die "can't find bridge $bridge" if !-d
"/sys/class/net/$bridge";
316 return PVE
::Tools
::file_read_firstline
("/sys/class/net/$bridge/bridge/vlan_filtering");
322 my $is_ovs = !-d
"/sys/class/net/$bridge/brif";
326 sub get_bridge_ifaces
{
329 my @bridge_ifaces = ();
330 my $dir = "/sys/class/net/$bridge/brif";
331 PVE
::Tools
::dir_glob_foreach
($dir, '(((eth|bond)\d+|en[^.]+)(\.\d+)?)', sub {
332 push @bridge_ifaces, $_[0];
335 return @bridge_ifaces;