* [pve-devel] [PATCH manager 0/3] network interface pinning fixes
@ 2025-07-18 12:33 Stefan Hanreich
2025-07-18 12:33 ` [pve-devel] [PATCH pve-manager 1/3] network-interface-pinning: avoid comparing undefined string Stefan Hanreich
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Stefan Hanreich @ 2025-07-18 12:33 UTC (permalink / raw)
To: pve-devel
Provides the following fixes:
* check for changes in the SDN configuration and only runs pve-sdn-commit if
there are changes to the SDN configuration
* pve-{sdn, firewall}-commit now wait for quorum on startup
* adds a missing undef check in the update controllers logic of the pinning tool
pve-manager:
Stefan Hanreich (3):
network-interface-pinning: avoid comparing undefined string
{sdn, firewall}-commit: wait for quorum
sdn-commit: only reload ifupdown if sdn configuration changed
PVE/CLI/proxmox_network_interface_pinning.pm | 2 +-
bin/pve-firewall-commit | 10 +++
bin/pve-sdn-commit | 75 ++++++++++++++++++++
services/pve-firewall-commit.service | 2 +-
services/pve-sdn-commit.service | 2 +-
5 files changed, 88 insertions(+), 3 deletions(-)
Summary over all repositories:
5 files changed, 88 insertions(+), 3 deletions(-)
--
Generated by git-murpp 0.8.0
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 5+ messages in thread
* [pve-devel] [PATCH pve-manager 1/3] network-interface-pinning: avoid comparing undefined string
2025-07-18 12:33 [pve-devel] [PATCH manager 0/3] network interface pinning fixes Stefan Hanreich
@ 2025-07-18 12:33 ` Stefan Hanreich
2025-07-18 12:33 ` [pve-devel] [PATCH pve-manager 2/3] {sdn, firewall}-commit: wait for quorum Stefan Hanreich
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Stefan Hanreich @ 2025-07-18 12:33 UTC (permalink / raw)
To: pve-devel
Controllers do not necessarily have a node defined, so check for
definedness before comparing the value to avoid ugly error messages.
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
PVE/CLI/proxmox_network_interface_pinning.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/PVE/CLI/proxmox_network_interface_pinning.pm b/PVE/CLI/proxmox_network_interface_pinning.pm
index 271ec0430..17b507911 100644
--- a/PVE/CLI/proxmox_network_interface_pinning.pm
+++ b/PVE/CLI/proxmox_network_interface_pinning.pm
@@ -53,7 +53,7 @@ my sub update_sdn_controllers {
for my $controller (values $controllers->{ids}->%*) {
next
- if $local_node ne $controller->{node}
+ if ($controller->{node} && $local_node ne $controller->{node})
|| $controller->{type} ne 'isis';
$controller->{'isis-ifaces'} = $mapping->list($controller->{'isis-ifaces'});
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 5+ messages in thread
* [pve-devel] [PATCH pve-manager 2/3] {sdn, firewall}-commit: wait for quorum
2025-07-18 12:33 [pve-devel] [PATCH manager 0/3] network interface pinning fixes Stefan Hanreich
2025-07-18 12:33 ` [pve-devel] [PATCH pve-manager 1/3] network-interface-pinning: avoid comparing undefined string Stefan Hanreich
@ 2025-07-18 12:33 ` Stefan Hanreich
2025-07-18 12:33 ` [pve-devel] [PATCH pve-manager 3/3] sdn-commit: only reload ifupdown if sdn configuration changed Stefan Hanreich
2025-07-18 12:45 ` [pve-devel] applied: [PATCH manager 0/3] network interface pinning fixes Thomas Lamprecht
3 siblings, 0 replies; 5+ messages in thread
From: Stefan Hanreich @ 2025-07-18 12:33 UTC (permalink / raw)
To: pve-devel
Since both one-shot services need to wait for quorum, wait for it at
the beginning of the scripts, before proceeding with the actual logic.
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
bin/pve-firewall-commit | 10 ++++++++++
bin/pve-sdn-commit | 10 ++++++++++
services/pve-firewall-commit.service | 2 +-
services/pve-sdn-commit.service | 2 +-
4 files changed, 22 insertions(+), 2 deletions(-)
diff --git a/bin/pve-firewall-commit b/bin/pve-firewall-commit
index e0d4eb410..3d208f67b 100644
--- a/bin/pve-firewall-commit
+++ b/bin/pve-firewall-commit
@@ -3,8 +3,18 @@
use strict;
use warnings;
+use Time::HiRes qw(usleep);
+
+use PVE::Cluster;
use PVE::INotify;
+for (my $i = 0; !PVE::Cluster::check_cfs_quorum(1); $i++) {
+ print "waiting for pmxcfs mount to appear and get quorate...\n"
+ if $i % 50 == 0;
+
+ usleep(100 * 1000);
+}
+
my $local_node = PVE::INotify::nodename();
my $current_fw_config_file = "/etc/pve/nodes/$local_node/host.fw";
my $new_fw_config_file = "/etc/pve/nodes/$local_node/host.fw.new";
diff --git a/bin/pve-sdn-commit b/bin/pve-sdn-commit
index 09e4387c5..7536608d6 100644
--- a/bin/pve-sdn-commit
+++ b/bin/pve-sdn-commit
@@ -3,9 +3,19 @@
use strict;
use warnings;
+use Time::HiRes qw(usleep);
+
+use PVE::Cluster;
use PVE::Network::SDN;
use PVE::Tools;
+for (my $i = 0; !PVE::Cluster::check_cfs_quorum(1); $i++) {
+ print "waiting for pmxcfs mount to appear and get quorate...\n"
+ if $i % 50 == 0;
+
+ usleep(100 * 1000);
+}
+
my $previous_config_has_frr = PVE::Network::SDN::running_config_has_frr();
PVE::Network::SDN::commit_config();
diff --git a/services/pve-firewall-commit.service b/services/pve-firewall-commit.service
index 77ea095d7..454ef6c2e 100644
--- a/services/pve-firewall-commit.service
+++ b/services/pve-firewall-commit.service
@@ -2,7 +2,7 @@
Description=Commit Proxmox VE Firewall changes
DefaultDependencies=no
Wants=pve-cluster.service
-After=pve-cluster.service
+After=corosync.service
[Service]
ExecStart=/usr/share/pve-manager/helpers/pve-firewall-commit
diff --git a/services/pve-sdn-commit.service b/services/pve-sdn-commit.service
index 927d06c54..ff723725d 100644
--- a/services/pve-sdn-commit.service
+++ b/services/pve-sdn-commit.service
@@ -2,7 +2,7 @@
Description=Commit Proxmox VE SDN changes
DefaultDependencies=no
Wants=pve-cluster.service network.target
-After=frr.service network.target pve-cluster.service
+After=frr.service network.target corosync.service
[Service]
ExecStart=/usr/share/pve-manager/helpers/pve-sdn-commit
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 5+ messages in thread
* [pve-devel] [PATCH pve-manager 3/3] sdn-commit: only reload ifupdown if sdn configuration changed
2025-07-18 12:33 [pve-devel] [PATCH manager 0/3] network interface pinning fixes Stefan Hanreich
2025-07-18 12:33 ` [pve-devel] [PATCH pve-manager 1/3] network-interface-pinning: avoid comparing undefined string Stefan Hanreich
2025-07-18 12:33 ` [pve-devel] [PATCH pve-manager 2/3] {sdn, firewall}-commit: wait for quorum Stefan Hanreich
@ 2025-07-18 12:33 ` Stefan Hanreich
2025-07-18 12:45 ` [pve-devel] applied: [PATCH manager 0/3] network interface pinning fixes Thomas Lamprecht
3 siblings, 0 replies; 5+ messages in thread
From: Stefan Hanreich @ 2025-07-18 12:33 UTC (permalink / raw)
To: pve-devel
Check for any changes between the running config and the currently
applied config and guard against executing pve-sdn-commit if the
configuration is unchanged.
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
bin/pve-sdn-commit | 65 ++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 65 insertions(+)
diff --git a/bin/pve-sdn-commit b/bin/pve-sdn-commit
index 7536608d6..d75e14440 100644
--- a/bin/pve-sdn-commit
+++ b/bin/pve-sdn-commit
@@ -7,6 +7,11 @@ use Time::HiRes qw(usleep);
use PVE::Cluster;
use PVE::Network::SDN;
+use PVE::Network::SDN::Zones;
+use PVE::Network::SDN::Vnets;
+use PVE::Network::SDN::Subnets;
+use PVE::Network::SDN::Controllers;
+use PVE::Network::SDN::Fabrics;
use PVE::Tools;
for (my $i = 0; !PVE::Cluster::check_cfs_quorum(1); $i++) {
@@ -16,6 +21,66 @@ for (my $i = 0; !PVE::Cluster::check_cfs_quorum(1); $i++) {
usleep(100 * 1000);
}
+sub has_pending_changes {
+ my ($pending_config) = @_;
+
+ for my $entity (values $pending_config->{ids}->%*) {
+ return 1 if $entity->{state};
+ }
+
+ return 0;
+}
+
+sub fabrics_changed {
+ my $current_config = PVE::Network::SDN::Fabrics::config();
+ my $running_config = PVE::Network::SDN::Fabrics::config(1);
+
+ my ($running_fabrics, $running_nodes) = $running_config->list_all();
+ my ($current_fabrics, $current_nodes) = $current_config->list_all();
+
+ my $pending_fabrics = PVE::Network::SDN::pending_config(
+ { fabrics => { ids => $running_fabrics } },
+ { ids => $current_fabrics },
+ 'fabrics',
+ );
+
+ my $pending_nodes = PVE::Network::SDN::pending_config(
+ { nodes => { ids => $running_nodes } },
+ { ids => $current_nodes },
+ 'nodes',
+ );
+
+ return has_pending_changes($pending_fabrics) || has_pending_changes($pending_nodes);
+}
+
+sub sdn_changed {
+ my $running_config = PVE::Network::SDN::running_config();
+
+ my $configs = {
+ zones => PVE::Network::SDN::Zones::config(),
+ vnets => PVE::Network::SDN::Vnets::config(),
+ subnets => PVE::Network::SDN::Subnets::config(),
+ controllers => PVE::Network::SDN::Controllers::config(),
+ };
+
+ for my $type (keys $configs->%*) {
+ my $pending_config = PVE::Network::SDN::pending_config(
+ $running_config,
+ $configs->{$type},
+ $type,
+ );
+
+ return 1 if has_pending_changes($pending_config);
+ }
+
+ return fabrics_changed();
+}
+
+if (!sdn_changed()) {
+ print "No changes to SDN configuration detected, skipping reload\n";
+ exit 0;
+}
+
my $previous_config_has_frr = PVE::Network::SDN::running_config_has_frr();
PVE::Network::SDN::commit_config();
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 5+ messages in thread
* [pve-devel] applied: [PATCH manager 0/3] network interface pinning fixes
2025-07-18 12:33 [pve-devel] [PATCH manager 0/3] network interface pinning fixes Stefan Hanreich
` (2 preceding siblings ...)
2025-07-18 12:33 ` [pve-devel] [PATCH pve-manager 3/3] sdn-commit: only reload ifupdown if sdn configuration changed Stefan Hanreich
@ 2025-07-18 12:45 ` Thomas Lamprecht
3 siblings, 0 replies; 5+ messages in thread
From: Thomas Lamprecht @ 2025-07-18 12:45 UTC (permalink / raw)
To: pve-devel, Stefan Hanreich
On Fri, 18 Jul 2025 14:33:10 +0200, Stefan Hanreich wrote:
> Provides the following fixes:
>
> * check for changes in the SDN configuration and only runs pve-sdn-commit if
> there are changes to the SDN configuration
>
> * pve-{sdn, firewall}-commit now wait for quorum on startup
>
> [...]
Applied, thanks!
[1/3] network-interface-pinning: avoid comparing undefined string
commit: 6f5871f63db48ea1c3048057a1addd8da110a47d
[2/3] {sdn, firewall}-commit: wait for quorum
commit: 3aa6c09142179ad98add1eb2a750db9b50d30d04
[3/3] sdn-commit: only reload ifupdown if sdn configuration changed
commit: 3a5ede8acbc7bdd0e5a410f1e07799a9209a1fa8
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2025-07-18 12:44 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-07-18 12:33 [pve-devel] [PATCH manager 0/3] network interface pinning fixes Stefan Hanreich
2025-07-18 12:33 ` [pve-devel] [PATCH pve-manager 1/3] network-interface-pinning: avoid comparing undefined string Stefan Hanreich
2025-07-18 12:33 ` [pve-devel] [PATCH pve-manager 2/3] {sdn, firewall}-commit: wait for quorum Stefan Hanreich
2025-07-18 12:33 ` [pve-devel] [PATCH pve-manager 3/3] sdn-commit: only reload ifupdown if sdn configuration changed Stefan Hanreich
2025-07-18 12:45 ` [pve-devel] applied: [PATCH manager 0/3] network interface pinning fixes Thomas Lamprecht
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.