Thomas Lamprecht [Tue, 21 Nov 2023 07:26:56 +0000 (08:26 +0100)]
d/control: downgrade frr-pythontools from recommends to suggests
avoid pulling FRR in on upgrade if we'd hard-depend on
libpve-network-perl for all those systems that kept the default
install-recommends enabled as FRR is a bit involved and might announce
stuff and break some network environments if not correctly configured.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Stefan Hanreich [Mon, 20 Nov 2023 16:28:32 +0000 (17:28 +0100)]
api: refactor URL structure for Ipam
The initial URL structure was less than optimal due to Ipam as well as
Ipams being endpoints in the API, which are too similar and might be
confusing to users.
Move the listing of PVE IPAM to /ipams/pve/status
Move the create / update / delete endpoints to /vnets/{vnetid}/ips
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
Stefan Hanreich [Fri, 17 Nov 2023 11:39:46 +0000 (12:39 +0100)]
sdn: dhcp: add dnsmasq plugin
The plugin creates a dnsmasq@<zone> service that spawns a dnsmasq
instance that handles dhcp for that zone.
The configuration files for a dnsmasq instance lie within
/etc/dnsmasq.d/<zone>
The plugin generates the following configuration files:
* 00-default.conf
Contains the default global configuration for dnsmasq. Disables DNS,
enables some specific options for Windows, does some
security-related configuration and makes dnsmasq bind only to the
interfaces it is responsible for
* 10-<subnet>.conf
Contains the default settings for a subnet. Sets dhcp options for
DNS and gateway.
* 10-<subnet>.ranges.conf
Contains the configuration of DHCP ranges for a subnet.
* ethers
Contains the MAC address to IP mappings for a zone.
Every subnet gets assigned a tag in the dnsmasq configuration that is
equal to the subnet_id. This can be used to override / set additional
configuration options on a per-subnet basis.
Additionally it creates the file /etc/default/dnsmasq.<zone> that
provides default options for the dnsmasq service.
Leases are stored in /var/lib/misc/dnsmasq.<zone>.
Co-Authored-By: Alexandre Derumier <aderumier@odiso.com> Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
Stefan Hanreich [Fri, 17 Nov 2023 11:39:45 +0000 (12:39 +0100)]
dhcp: add abstract class for DHCP plugins
This abstract class provides several hooks that should be called
during the config generation process, they expose the functionality
for the different configuration tasks required from the DHCP plugins.
add_ip_mapping
Adds a mapping from MAC address to an IP for a given DHCP server. The
DHCP server will then always assign the given IP address to the MAC.
del_ip_mapping
Deletes all mappings for a given MAC address for a given DHCP server.
before_regenerate
Should be called before the plugin does any configuration tasks. The
main usage for this hook is tearing down old instances.
after_regenerate
Should be called after the plugin has finished generating any
configuration. The main usage for this hook is to perform cleanup and
restart / reload services.
before_configure
Should be called before creating the configuration for a specific DHCP
instance, as defined in the dhcp.cfg. This can be used for performing
instance-specific setup.
after_configure
Should be called after the configuration for a specific DHCP instance,
as defined in the dhcp.cfg. This will mainly be used for enabling and
restarting / reloading a specific instance of a DHCP server.
configure_subnet
This function configures the settings for a specific subnet (that can
contain multiple DHCP ranges). This sets global settings for a
specific subnet such as DNS server or gateway.
configure_range
This configures a DHCP range that is available for a given Subnet.
Co-Authored-By: Alexandre Derumier <aderumier@odiso.com> Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
Stefan Hanreich [Fri, 17 Nov 2023 11:39:44 +0000 (12:39 +0100)]
subnet: vnet: refactor IPAM related methods
Those methods are used by the DHCP plugins to attain the next free
IP address for a given DHCP range, as well as delete all entries with
a certain MAC address.
Co-Authored-By: Alexandre Derumier <aderumier@odiso.com> Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
Stefan Hanreich [Fri, 17 Nov 2023 11:39:40 +0000 (12:39 +0100)]
sdn: preparations for DHCP plugin
Add the option to retrieve the running configuration instead of only
the pending configuration via the config methods. Refactor methods
using the running config to utilize the new parameter.
Add helper methods and return additional attributes from the getter
functions that are needed by the dhcp plugins.
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
Stefan Lendl [Fri, 17 Nov 2023 14:23:07 +0000 (15:23 +0100)]
gitignore: add build artefacts and .vscode to ignore list
Signed-off-by: Stefan Lendl <s.lendl@proxmox.com>
[ TL: avoid one-word subject & make build-dir glob more specific ] Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
they access pmxcfs directly and so cannot really work, this needs to
be mocked some day (soon!), but as stop-gap just skip the tests if a
sbuild lock is present
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
When warning or error from ifreload are logged they are received in
1 line in result of pvesh.
So, the UPID might not always start at the beginning, which was
assumed by the old code, failing parsing it, throwing a warning like:
> Use of uninitialized value $upid in pattern match (m//) at /usr/share/perl5/PVE/Tools.pm line 1106.
> Use of uninitialized value $upid in concatenation (.) or string at /usr/share/perl5/PVE/Tools.pm line 1120.
Drop the start anchor of the regex.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Thu, 25 May 2023 16:10:14 +0000 (18:10 +0200)]
separate packaging and source build system
like almost all of our repos do nowadays, modern git can detect such
things on rebase so in development stuff should be hopefully not too
much affected by this.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Wed, 31 Aug 2022 08:56:27 +0000 (10:56 +0200)]
evpn controller: avoid declaration in conditional statement
those are quite dangerous, as the variable will keep the value from
last time the evaluation was true and still evaluate to that old, out
of date value the next time, if the condition is false then.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
controllers: evpn: fix multiple exit-nodes with route-map filtering
Currently, when multiple exit-nodes are defined, each exit-nodes exchanges
their own default route, so traffic is looping between both exit nodes
instead going out.
This add a new route-map to filter received type-5 on exit node
exitnodes-primary option force traffic to a primary node
A route-map is used to increase metric on backup nodes.
This can be usefull for snat or avoid asymetric routing.
Route-map is rework to handle multiple sequences of route map.
projects / matthieu / pve-network.git / log