]> git.proxmox.com Git - pve-network.git/blob - PVE/Network/SDN/Zones/Plugin.pm
projects / pve-network.git / blob
? search:


ebb5c7ec7e1fdfc2227534e53f5f1f3455786564
[pve-network.git] / PVE / Network / SDN / Zones / Plugin.pm
1 package PVE::Network::SDN::Zones::Plugin;
2
3 use strict;
4 use warnings;
5
6 use PVE::Tools qw(run_command);
7 use PVE::JSONSchema;
8 use PVE::Cluster;
9 use PVE::Network;
10
11 use Data::Dumper;
12 use PVE::JSONSchema qw(get_standard_option);
13 use base qw(PVE::SectionConfig);
14
15 PVE::Cluster::cfs_register_file('sdn/zones.cfg',
16 sub { __PACKAGE__->parse_config(@_); },
17 sub { __PACKAGE__->write_config(@_); });
18
19 PVE::JSONSchema::register_standard_option('pve-sdn-zone-id', {
20 description => "The SDN zone object identifier.",
21 type => 'string', format => 'pve-sdn-zone-id',
22 });
23
24 PVE::JSONSchema::register_format('pve-sdn-zone-id', \&parse_sdn_zone_id);
25 sub parse_sdn_zone_id {
26 my ($id, $noerr) = @_;
27
28 if ($id !~ m/^[a-z][a-z0-9]*[a-z0-9]$/i) {
29 return undef if $noerr;
30 die "zone ID '$id' contains illegal characters\n";
31 }
32 die "zone ID '$id' can't be more length than 8 characters\n" if length($id) > 8;
33 return $id;
34 }
35
36 my $defaultData = {
37
38 propertyList => {
39 type => {
40 description => "Plugin type.",
41 type => 'string', format => 'pve-configid',
42 type => 'string',
43 },
44 nodes => get_standard_option('pve-node-list', { optional => 1 }),
45 zone => get_standard_option('pve-sdn-zone-id',
46 { completion => \&PVE::Network::SDN::Zones::complete_sdn_zone }),
47 ipam => {
48 type => 'string',
49 description => "use a specific ipam",
50 },
51 },
52 };
53
54 sub private {
55 return $defaultData;
56 }
57
58 sub parse_section_header {
59 my ($class, $line) = @_;
60
61 if ($line =~ m/^(\S+):\s*(\S+)\s*$/) {
62 my ($type, $id) = (lc($1), $2);
63 my $errmsg = undef; # set if you want to skip whole section
64 eval { PVE::JSONSchema::pve_verify_configid($type); };
65 $errmsg = $@ if $@;
66 my $config = {}; # to return additional attributes
67 return ($type, $id, $errmsg, $config);
68 }
69 return undef;
70 }
71
72 sub generate_sdn_config {
73 my ($class, $plugin_config, $zoneid, $vnetid, $vnet, $controller, $controller_cfg, $subnet_cfg, $interfaces_config, $config) = @_;
74
75 die "please implement inside plugin";
76 }
77
78 sub generate_controller_config {
79 my ($class, $plugin_config, $controller, $id, $uplinks, $config) = @_;
80
81 die "please implement inside plugin";
82 }
83
84 sub generate_controller_vnet_config {
85 my ($class, $plugin_config, $controller, $zoneid, $vnetid, $config) = @_;
86
87 }
88
89 sub write_controller_config {
90 my ($class, $plugin_config, $config) = @_;
91
92 die "please implement inside plugin";
93 }
94
95 sub controller_reload {
96 my ($class) = @_;
97
98 die "please implement inside plugin";
99 }
100
101 sub on_delete_hook {
102 my ($class, $zoneid, $vnet_cfg) = @_;
103
104 # verify that no vnet are associated to this zone
105 foreach my $id (keys %{$vnet_cfg->{ids}}) {
106 my $vnet = $vnet_cfg->{ids}->{$id};
107 die "zone $zoneid is used by vnet $id"
108 if ($vnet->{type} eq 'vnet' && defined($vnet->{zone}) && $vnet->{zone} eq $zoneid);
109 }
110 }
111
112 sub on_update_hook {
113 my ($class, $zoneid, $zone_cfg, $controller_cfg) = @_;
114
115 # do nothing by default
116 }
117
118 sub vnet_update_hook {
119 my ($class, $vnet_cfg, $vnetid, $zone_cfg) = @_;
120
121 # do nothing by default
122 }
123
124 #helpers
125 sub parse_tag_number_or_range {
126 my ($str, $max, $tag) = @_;
127
128 my @elements = split(/,/, $str);
129 my $count = 0;
130 my $allowed = undef;
131
132 die "extraneous commas in list\n" if $str ne join(',', @elements);
133 foreach my $item (@elements) {
134 if ($item =~ m/^([0-9]+)-([0-9]+)$/) {
135 $count += 2;
136 my ($port1, $port2) = ($1, $2);
137 die "invalid port '$port1'\n" if $port1 > $max;
138 die "invalid port '$port2'\n" if $port2 > $max;
139 die "backwards range '$port1:$port2' not allowed, did you mean '$port2:$port1'?\n" if $port1 > $port2;
140
141 if ($tag && $tag >= $port1 && $tag <= $port2){
142 $allowed = 1;
143 last;
144 }
145
146 } elsif ($item =~ m/^([0-9]+)$/) {
147 $count += 1;
148 my $port = $1;
149 die "invalid port '$port'\n" if $port > $max;
150
151 if ($tag && $tag == $port){
152 $allowed = 1;
153 last;
154 }
155 }
156 }
157 die "tag $tag is not allowed" if $tag && !$allowed;
158
159 return (scalar(@elements) > 1);
160 }
161
162 sub status {
163 my ($class, $plugin_config, $zone, $vnetid, $vnet, $status) = @_;
164
165 my $err_msg = [];
166
167 # ifaces to check
168 my $ifaces = [ $vnetid ];
169
170 foreach my $iface (@{$ifaces}) {
171 if (!$status->{$iface}->{status}) {
172 push @$err_msg, "missing $iface";
173 } elsif ($status->{$iface}->{status} ne 'pass') {
174 push @$err_msg, "error $iface";
175 }
176 }
177 return $err_msg;
178 }
179
180
181 sub tap_create {
182 my ($class, $plugin_config, $vnet, $iface, $vnetid) = @_;
183
184 PVE::Network::tap_create($iface, $vnetid);
185 }
186
187 sub veth_create {
188 my ($class, $plugin_config, $vnet, $veth, $vethpeer, $vnetid, $hwaddr) = @_;
189
190 PVE::Network::veth_create($veth, $vethpeer, $vnetid, $hwaddr);
191 }
192
193 sub tap_plug {
194 my ($class, $plugin_config, $vnet, $tag, $iface, $vnetid, $firewall, $trunks, $rate) = @_;
195
196 my $vlan_aware = PVE::Tools::file_read_firstline("/sys/class/net/$vnetid/bridge/vlan_filtering");
197 die "vm vlans are not allowed on vnet $vnetid" if !$vlan_aware && ($tag || $trunks);
198
199 PVE::Network::tap_plug($iface, $vnetid, $tag, $firewall, $trunks, $rate);
200 }
201
202 #helper
203
204 sub get_uplink_iface {
205 my ($interfaces_config, $uplink) = @_;
206
207 my $iface = undef;
208 foreach my $id (keys %{$interfaces_config->{ifaces}}) {
209 my $interface = $interfaces_config->{ifaces}->{$id};
210 if (my $iface_uplink = $interface->{'uplink-id'}) {
211 next if $iface_uplink ne $uplink;
212 if($interface->{type} ne 'eth' && $interface->{type} ne 'bond') {
213 warn "uplink $uplink is not a physical or bond interface";
214 next;
215 }
216 $iface = $id;
217 }
218 }
219
220 #create a dummy uplink interface if no uplink found
221 if(!$iface) {
222 warn "can't find uplink $uplink in physical interface";
223 $iface = "uplink${uplink}";
224 }
225
226 return $iface;
227 }
228
229 sub get_local_route_ip {
230 my ($targetip) = @_;
231
232 my $ip = undef;
233 my $interface = undef;
234
235 run_command(['/sbin/ip', 'route', 'get', $targetip], outfunc => sub {
236 if ($_[0] =~ m/src ($PVE::Tools::IPRE)/) {
237 $ip = $1;
238 }
239 if ($_[0] =~ m/dev (\S+)/) {
240 $interface = $1;
241 }
242
243 });
244 return ($ip, $interface);
245 }
246
247
248 sub find_local_ip_interface_peers {
249 my ($peers, $iface) = @_;
250
251 my $network_config = PVE::INotify::read_file('interfaces');
252 my $ifaces = $network_config->{ifaces};
253
254 #if iface is defined, return ip if exist (if not,try to find it on other ifaces)
255 if ($iface) {
256 my $ip = $ifaces->{$iface}->{address};
257 return ($ip,$iface) if $ip;
258 }
259
260 #is a local ip member of peers list ?
261 foreach my $address (@{$peers}) {
262 while (my $interface = each %$ifaces) {
263 my $ip = $ifaces->{$interface}->{address};
264 if ($ip && $ip eq $address) {
265 return ($ip, $interface);
266 }
267 }
268 }
269
270 #if peer is remote, find source with ip route
271 foreach my $address (@{$peers}) {
272 my ($ip, $interface) = get_local_route_ip($address);
273 return ($ip, $interface);
274 }
275 }
276
277 1;
experimental SDN package