From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <shanreich@lana.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 47669AF5B
 for <pve-devel@lists.proxmox.com>; Fri,  8 Sep 2023 15:43:07 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 2E12F12B2B
 for <pve-devel@lists.proxmox.com>; Fri,  8 Sep 2023 15:43:07 +0200 (CEST)
Received: from lana.proxmox.com (unknown [94.136.29.99])
 by firstgate.proxmox.com (Proxmox) with ESMTP
 for <pve-devel@lists.proxmox.com>; Fri,  8 Sep 2023 15:43:06 +0200 (CEST)
Received: by lana.proxmox.com (Postfix, from userid 10043)
 id 50E292C0592; Fri,  8 Sep 2023 15:43:05 +0200 (CEST)
From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Fri,  8 Sep 2023 15:42:58 +0200
Message-Id: <20230908134304.2009415-1-s.hanreich@proxmox.com>
X-Mailer: git-send-email 2.39.2
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.583 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery
 methods POISEN_SPAM_PILL          0.1 Meta: its spam
 POISEN_SPAM_PILL_1        0.1 random spam to be learned in bayes
 POISEN_SPAM_PILL_3        0.1 random spam to be learned in bayes
 RDNS_NONE 0.793 Delivered to internal network by a host with no rDNS
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_NONE                0.001 SPF: sender does not publish an SPF Record
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [dhcp.pm, plugin.pm, network.pm, cluster.pm, sdn.pm,
 subnetplugin.pm, dnsmasq.pm]
Subject: [pve-devel] [RFC cluster/manager/network 0/6] Add support for DHCP
 servers to SDN
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Fri, 08 Sep 2023 13:43:07 -0000

This patch series adds support for automatically deploying dnsmasq as a DHCP
server to a simple SDN Zone.

While certainly not 100% polished on some ends (looking at restarting systemd
services in particular), the general idea behind the mechanism shows. I wanted
to gather some feedback on how I approached designing the plugins and the
config regeneration process before comitting to this design by creating an API
and UI around it.

For your testing convenience I've provided deb packages on our share:
  /path/to/nasi/iso/packages/shan-sdn-dhcp

You need to install dnsmasq (and disable it afterwards):

  apt install dnsmasq && systemctl disable --now dnsmasq


You can use the following example configuration for deploying a DHCP server in
a SDN subnet:

/etc/pve/sdn/dhcp.cfg:

  dnsmasq: nat


/etc/pve/sdn/zones.cfg:

  simple: DHCPNAT
          ipam pve


/etc/pve/sdn/vnets.cfg:

  vnet: dhcpnat
          zone DHCPNAT


/etc/pve/sdn/subnets.cfg:

  subnet: DHCPNAT-10.1.0.0-16
          vnet dhcpnat
          dhcp-dns-server 10.1.0.1
          dhcp-range server=nat,start-address=10.1.0.100,end-address=10.1.0.200,lease-time=86400
          dhcp-range server=nat,start-address=10.1.1.100,end-address=10.1.1.200,lease-time=86400,dns-server=10.1.0.2
          gateway 10.1.0.1
          snat 1


Then apply the SDN configuration:

  pvesh set /cluster/sdn


Be careful that after configuring dhcp-range you do not save the subnet config
from the Web UI, since the dhcp-range line will vanish from the config.



pve-cluster:

Stefan Hanreich (1):
  cluster files: add dhcp.cfg

 src/PVE/Cluster.pm  | 1 +
 src/pmxcfs/status.c | 1 +
 2 files changed, 2 insertions(+)


pve-manager:

Stefan Hanreich (1):
  sdn: regenerate DHCP config on reload

 PVE/API2/Network.pm | 1 +
 1 file changed, 1 insertion(+)


pve-network:

Stefan Hanreich (4):
  sdn: dhcp: add abstract class for DHCP plugins
  sdn: dhcp: subnet: add DHCP options to subnet configuration
  sdn: dhcp: add DHCP plugin for dnsmasq
  sdn: dhcp: regenerate config for DHCP servers on reload

 debian/control                      |   1 +
 src/PVE/Network/SDN.pm              |  11 ++-
 src/PVE/Network/SDN/Dhcp.pm         | 122 ++++++++++++++++++++++++++++
 src/PVE/Network/SDN/Dhcp/Dnsmasq.pm | 115 ++++++++++++++++++++++++++
 src/PVE/Network/SDN/Dhcp/Makefile   |   8 ++
 src/PVE/Network/SDN/Dhcp/Plugin.pm  |  76 +++++++++++++++++
 src/PVE/Network/SDN/Makefile        |   4 +-
 src/PVE/Network/SDN/SubnetPlugin.pm |  43 ++++++++++
 8 files changed, 377 insertions(+), 3 deletions(-)
 create mode 100644 src/PVE/Network/SDN/Dhcp.pm
 create mode 100644 src/PVE/Network/SDN/Dhcp/Dnsmasq.pm
 create mode 100644 src/PVE/Network/SDN/Dhcp/Makefile
 create mode 100644 src/PVE/Network/SDN/Dhcp/Plugin.pm


Summary over all repositories:
  11 files changed, 380 insertions(+), 3 deletions(-)

--
murpp v0.4.0