diff options
| author | Stefan Hanreich <s.hanreich@proxmox.com> | 2025-07-29 11:29:31 +0200 |
|---|---|---|
| committer | Thomas Lamprecht <t.lamprecht@proxmox.com> | 2025-07-29 12:59:51 +0200 |
| commit | 6f1120693feb07f4ec6cd8c51c4b1d206a801ba5 (patch) | |
| tree | 7e35f85598ada5602537668df4efda2cc948be72 | |
| parent | f5966bbacd2998234795fb02f56bff24c7ecf7d6 (diff) | |
api: add lock token parameter to apply endpoint
Committing the configuration now requires a lock on the SDN
configuration, which was not required before. This is to prevent
concurrent callers from applying the SDN configuration, while the lock
is held. If there is no lock set, then this function behaves the same
as before.
Also add the functionality to automatically release the lock after
applying the configuration, for convenience reasons.
Co-authored-by: Gabriel Goller <g.goller@proxmox.com>
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
Link: https://lore.proxmox.com/20250729092933.90118-4-g.goller@proxmox.com
| -rw-r--r-- | src/PVE/API2/Network/SDN.pm | 32 |
1 files changed, 28 insertions, 4 deletions
diff --git a/src/PVE/API2/Network/SDN.pm b/src/PVE/API2/Network/SDN.pm index 6645f28..924c9e4 100644 --- a/src/PVE/API2/Network/SDN.pm +++ b/src/PVE/API2/Network/SDN.pm @@ -9,7 +9,7 @@ use PVE::JSONSchema qw(get_standard_option); use PVE::RESTHandler; use PVE::RPCEnvironment; use PVE::SafeSyslog; -use PVE::Tools qw(run_command); +use PVE::Tools qw(run_command extract_param); use PVE::Network::SDN; use PVE::API2::Network::SDN::Controllers; @@ -126,6 +126,16 @@ __PACKAGE__->register_method({ }, parameters => { additionalProperties => 0, + properties => { + 'lock-token' => get_standard_option('pve-sdn-lock-token'), + 'release-lock' => { + type => 'boolean', + optional => 1, + default => 1, + description => + 'When lock-token has been provided and configuration successfully commited, release the lock automatically afterwards', + }, + }, }, returns => { type => 'string', @@ -136,10 +146,24 @@ __PACKAGE__->register_method({ my $rpcenv = PVE::RPCEnvironment::get(); my $authuser = $rpcenv->get_user(); - my $previous_config_has_frr = PVE::Network::SDN::running_config_has_frr(); - PVE::Network::SDN::commit_config(); + my $lock_token = extract_param($param, 'lock-token'); + my $release_lock = extract_param($param, 'release-lock'); + + my $previous_config_has_frr; + my $new_config_has_frr; + + PVE::Network::SDN::lock_sdn_config( + sub { + $previous_config_has_frr = PVE::Network::SDN::running_config_has_frr(); + PVE::Network::SDN::commit_config(); + $new_config_has_frr = PVE::Network::SDN::running_config_has_frr(); + + PVE::Network::SDN::delete_global_lock() if $lock_token && $release_lock; + }, + "could not commit SDN config", + $lock_token, + ); - my $new_config_has_frr = PVE::Network::SDN::running_config_has_frr(); my $skip_frr = !($previous_config_has_frr || $new_config_has_frr); my $code = sub { |