From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9])
	by lore.proxmox.com (Postfix) with ESMTPS id B05BD1FF183
	for <inbox@lore.proxmox.com>; Wed, 16 Jul 2025 15:13:26 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 5257C11113;
	Wed, 16 Jul 2025 15:09:51 +0200 (CEST)
From: Gabriel Goller <g.goller@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Wed, 16 Jul 2025 15:08:14 +0200
Message-Id: <20250716130837.585796-54-g.goller@proxmox.com>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <20250716130837.585796-1-g.goller@proxmox.com>
References: <20250716130837.585796-1-g.goller@proxmox.com>
MIME-Version: 1.0
X-SPAM-LEVEL: Spam detection results:  0
 AWL -1.013 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 KAM_MAILER                  2 Automated Mailer Tag Left in Email
 RCVD_IN_MSPIKE_H2       0.001 Average reputation (+2)
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
Subject: [pve-devel] [PATCH pve-network v5 19/21] zone: vxlan: add fabrics
 integration
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pve-devel-bounces@lists.proxmox.com
Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com>

From: Stefan Hanreich <s.hanreich@proxmox.com>

Add a new property to the VXLAN zone, that can contain the name of a
fabric. This automatically generates the peer-list from the fabric,
instead of having to manually write a comma-separated IP list. This
changes the peer field to optional from required. Either the peers or
the fabric field needs to be set, and this is now validated in the
update hook of the VXLAN zone.

Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
 src/PVE/API2/Network/SDN/Fabrics/Fabric.pm |  9 ++++
 src/PVE/Network/SDN/Zones/VxlanPlugin.pm   | 61 +++++++++++++++++++---
 2 files changed, 64 insertions(+), 6 deletions(-)

diff --git a/src/PVE/API2/Network/SDN/Fabrics/Fabric.pm b/src/PVE/API2/Network/SDN/Fabrics/Fabric.pm
index d59b134ea7ee..8c47b1bc5f00 100644
--- a/src/PVE/API2/Network/SDN/Fabrics/Fabric.pm
+++ b/src/PVE/API2/Network/SDN/Fabrics/Fabric.pm
@@ -237,6 +237,15 @@ __PACKAGE__->register_method({
                     }
                 }
 
+                # check if this fabric is used in a vxlan zone
+                my $zone_cfg = PVE::Network::SDN::Zones::config();
+                for my $key (keys %{ $zone_cfg->{ids} }) {
+                    my $zone = $zone_cfg->{ids}->{$key};
+                    if ($zone->{type} eq "vxlan" && $zone->{fabric} eq $id) {
+                        die "this fabric is still used in the VXLAN zone \"$key\"";
+                    }
+                }
+
                 my $digest = extract_param($param, 'digest');
                 PVE::Tools::assert_if_modified($config->digest(), $digest) if $digest;
 
diff --git a/src/PVE/Network/SDN/Zones/VxlanPlugin.pm b/src/PVE/Network/SDN/Zones/VxlanPlugin.pm
index 018d41285292..8f6fba00fbb9 100644
--- a/src/PVE/Network/SDN/Zones/VxlanPlugin.pm
+++ b/src/PVE/Network/SDN/Zones/VxlanPlugin.pm
@@ -31,6 +31,11 @@ sub properties {
             type => 'string',
             format => 'ip-list',
         },
+        fabric => {
+            description => "SDN fabric to use as underlay for this VXLAN zone.",
+            type => 'string',
+            format => 'pve-sdn-fabric-id',
+        },
         'vxlan-port' => {
             description => "Vxlan tunnel udp port (default 4789).",
             minimum => 1,
@@ -43,13 +48,14 @@ sub properties {
 sub options {
     return {
         nodes => { optional => 1 },
-        peers => { optional => 0 },
+        peers => { optional => 1 },
         'vxlan-port' => { optional => 1 },
         mtu => { optional => 1 },
         dns => { optional => 1 },
         reversedns => { optional => 1 },
         dnszone => { optional => 1 },
         ipam => { optional => 1 },
+        fabric => { optional => 1 },
     };
 }
 
@@ -72,17 +78,47 @@ sub generate_sdn_config {
     my $alias = $vnet->{alias};
     my $multicastaddress = $plugin_config->{'multicast-address'};
     my $vxlanport = $plugin_config->{'vxlan-port'};
-    my @peers;
-    @peers = PVE::Tools::split_list($plugin_config->{'peers'}) if $plugin_config->{'peers'};
     my $vxlan_iface = "vxlan_$vnetid";
 
     die "missing vxlan tag" if !$tag;
 
-    my ($ifaceip, $iface) =
-        PVE::Network::SDN::Zones::Plugin::find_local_ip_interface_peers(\@peers);
+    my @peers;
+    my $ifaceip;
+    my $iface;
+
+    if ($plugin_config->{peers}) {
+        @peers = PVE::Tools::split_list($plugin_config->{'peers'}) if $plugin_config->{'peers'};
+        ($ifaceip, $iface) =
+            PVE::Network::SDN::Zones::Plugin::find_local_ip_interface_peers(\@peers);
+    } elsif ($plugin_config->{fabric}) {
+        my $local_node = PVE::INotify::nodename();
+        my $config = PVE::Network::SDN::Fabrics::config(1);
+
+        my $fabric = eval { $config->get_fabric($plugin_config->{fabric}) };
+        die "could not configure VXLAN zone $plugin_config->{id}: $@" if $@;
+
+        my $nodes = $config->list_nodes_fabric($plugin_config->{fabric});
+
+        my $current_node = eval { $config->get_node($plugin_config->{fabric}, $local_node) };
+        die "could not configure VXLAN zone $plugin_config->{id}: $@" if $@;
+
+        die
+            "Node $local_node requires an IP in the fabric $fabric->{id} to configure the VXLAN zone $plugin_config->{id}"
+            if !$current_node->{ip};
+
+        for my $node (values %$nodes) {
+            push @peers, $node->{ip} if $node->{ip};
+        }
+
+        $ifaceip = $current_node->{ip};
+    } else {
+        die "neither peers nor fabric configured for VXLAN zone $plugin_config->{id}";
+    }
 
     my $mtu = 1450;
-    $mtu = $interfaces_config->{$iface}->{mtu} - 50 if $interfaces_config->{$iface}->{mtu};
+    if ($iface) {
+        $mtu = $interfaces_config->{$iface}->{mtu} - 50 if $interfaces_config->{$iface}->{mtu};
+    }
     $mtu = $plugin_config->{mtu} if $plugin_config->{mtu};
 
     #vxlan interface
@@ -114,6 +150,19 @@ sub generate_sdn_config {
     return $config;
 }
 
+sub on_update_hook {
+    my ($class, $zoneid, $zone_cfg, $controller_cfg) = @_;
+
+    my $zone = $zone_cfg->{ids}->{$zoneid};
+
+    if (($zone->{peers} && $zone->{fabric}) || !($zone->{peers} || $zone->{fabric})) {
+        raise_param_exc({
+            peers => "must have exactly one of peers / fabric defined",
+            fabric => "must have exactly one of peers / fabric defined",
+        });
+    }
+}
+
 sub vnet_update_hook {
     my ($class, $vnet_cfg, $vnetid, $zone_cfg) = @_;
 
-- 
2.39.5



_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel