use Data::Dumper;
use JSON;
+use PVE::INotify;
+
use PVE::Network::SDN::Vnets;
use PVE::Network::SDN::Zones;
use PVE::Network::SDN::Controllers;
use PVE::Network::SDN::Subnets;
+use PVE::Network::SDN::Dhcp;
use PVE::Tools qw(extract_param dir_glob_regex run_command);
use PVE::Cluster qw(cfs_read_file cfs_write_file cfs_lock_file);
-
+use PVE::RESTEnvironment qw(log_warn);
my $running_cfg = "sdn/.running-config";
my $controllers = { ids => $controllers_cfg->{ids} };
my $subnets = { ids => $subnets_cfg->{ids} };
- $cfg = { version => $version, vnets => $vnets, zones => $zones, controllers => $controllers, subnets => $subnets };
+ $cfg = { version => $version, vnets => $vnets, zones => $zones, controllers => $controllers, subnets => $subnets };
cfs_write_file($running_cfg, $cfg);
}
my $zoneid = $vnet->{zone};
my $comments = $vnet->{alias};
- my $privs = [ 'SDN.Audit', 'SDN.Allocate' ];
+ my $privs = [ 'SDN.Audit', 'SDN.Use' ];
next if !$zoneid;
- next if !$rpcenv->check_any($authuser, "/sdn/zones/$zoneid", $privs, 1) && !$rpcenv->check_any($authuser, "/sdn/vnets/$vnetid", $privs, 1);
+ next if !$rpcenv->check_sdn_bridge($authuser, $zoneid, $vnetid, $privs, 1);
my $zone_config = PVE::Network::SDN::Zones::sdn_zones_config($zones_cfg, $zoneid);
sub generate_zone_config {
my $raw_config = PVE::Network::SDN::Zones::generate_etc_network_config();
+ if ($raw_config) {
+ eval {
+ my $net_cfg = PVE::INotify::read_file('interfaces', 1);
+ my $opts = $net_cfg->{data}->{options};
+ log_warn("missing 'source /etc/network/interfaces.d/sdn' directive for SDN support!\n")
+ if ! grep { $_->[1] =~ m!^source /etc/network/interfaces.d/(:?sdn|\*)! } @$opts;
+ };
+ log_warn("Failed to read network interfaces definition - $@") if $@;
+ }
PVE::Network::SDN::Zones::write_etc_network_config($raw_config);
}
PVE::Network::SDN::Controllers::reload_controller() if $reload;
}
+sub generate_dhcp_config {
+ my ($reload) = @_;
+
+ PVE::Network::SDN::Dhcp::regenerate_config($reload);
+}
+
sub encode_value {
my ($type, $key, $value) = @_;
- if ($key eq 'nodes' || $key eq 'exitnodes') {
- if(ref($value) eq 'HASH') {
- return join(',', sort keys(%$value));
- } else {
- return $value;
- }
+ if ($key eq 'nodes' || $key eq 'exitnodes' || $key eq 'dhcp-range') {
+ if (ref($value) eq 'HASH') {
+ return join(',', sort keys(%$value));
+ } elsif (ref($value) eq 'ARRAY') {
+ return join(',', sort @$value);
+ } else {
+ return $value;
+ }
}
return $value;
if ($proxy) {
$ua->proxy(['http', 'https'], $proxy);
} else {
- $ua->env_proxy;
+ $ua->env_proxy;
}
$ua->ssl_opts(verify_hostname => 0, SSL_verify_mode => 0x00);
my $code = $response->code;
if ($code !~ /^2(\d+)$/) {
- my $msg = $response->message || 'unknown';
- die "Invalid response from server: $code $msg\n";
+ my $msg = $response->message || 'unknown';
+ die "Invalid response from server: $code $msg\n";
}
my $raw = '';
} else {
$raw = $response->content;
}
-
return if $raw eq '';
- my $json = '';
- eval {
- $json = from_json($raw);
- };
+ my $res = eval { from_json($raw) };
die "api response is not a json" if $@;
- return $json;
+ return $res;
}
1;
projects / pve-network.git / blobdiff