From: "DERUMIER, Alexandre" <alexandre.derumier@groupe-cyllene.com>
To: "pve-devel@lists.proxmox.com" <pve-devel@lists.proxmox.com>
Subject: Re: [pve-devel] [RFC cluster/manager/network 0/6] Add support for DHCP servers to SDN
Date: Wed, 13 Sep 2023 08:18:05 +0000 [thread overview]
Message-ID: <39db1d13a7384faf7338ba45c78e2816c520284b.camel@groupe-cyllene.com> (raw)
In-Reply-To: <2fd1071602ad075d4580d62565fc757e4bd92a91.camel@groupe-cyllene.com>
Hi,
I'm going to do a POC with kea dhcp and host reservations
It seem possible to dynamically inject reservations with need to reload
the daemon (and only 1 daemon is needed for all interfaces/bridges)
https://ftp.iij.ad.jp/pub/network/isc/kea/1.5.0-P1/doc/kea-guide.html#host-cmds
I'll try to do something like:
- at vm create (or nic create), create a reservation in ipam (the code
is already here) if user want a persistant ip. (maybe add something
like : net:....., dhcp=(unmanaged|persistant|ephemeral)
- at vm start,
if dhcp=persistant,look in ipam for reserved ip address,
if dhcp=ephemeral, allocation a new ip in pam
and inject host reservation in local kea.
- at vm stop, remove reservation from local kea
if dhcp=ephemeral, remove ip from ipam
- at vm destroy or nic detroy, if dhcp=persistant, remove the ip from
ipam
About kea, it seem also possible to allocate /32 leases with soom
hooks, could be usefull too for users with routed setup
https://github.com/zorun/kea-hook-runscript/blob/master/examples/slash32_leases/README.md
Le lundi 11 septembre 2023 à 03:53 +0000, DERUMIER, Alexandre a écrit :
> Hi,
>
> I think we should think how we want to attribute ips to the vms
> before
> continue the implementation.
>
> I think they are 2 models:
>
> 1)
>
> - we want that dhcp server attribute itself ips && leases from the
> subnets/ranges configured.
>
> That mean that leases need to be shared across nodes. (from the same
> cluster maybe with /etc/pve tricks, but in real world, it should
> also
> works across multiple clusters, as it's not uncommon to shared
> subnets
> in differents cluster, public network,...)
>
> So we don't have that 2 differents vms starting on the same time on 2
> differents cluster, receive the same ips. (so dhcp servers need to
> use
> some kind of central lock,...)
>
>
> 2)
>
> The other way (my preferred way), could be to use ipam. (where we
> already have local ipam, or external ipams like netbox/phpipam for
> sharing between multiple cluster).
>
>
> The ip is reserved in ipam (automatic find next free ip at vm
> creation
> for example, or manually in the gui, or maybe at vm start if we want
> ephemeral ip), then registered dns,
> and generated dhcp server config with mac-ip reserversation. (for
> dhcp
> server config generation, it could be a daemon pooling the ipam
> database change for example)
>
> Like this, no need to handle lease sharing, so it can work with any
> dhcp server.
>
>
>
>
> What do you think about it ?
>
>
> Le vendredi 08 septembre 2023 à 15:42 +0200, Stefan Hanreich a
> écrit :
> > This patch series adds support for automatically deploying dnsmasq
> > as
> > a DHCP
> > server to a simple SDN Zone.
> >
> > While certainly not 100% polished on some ends (looking at
> > restarting
> > systemd
> > services in particular), the general idea behind the mechanism
> > shows.
> > I wanted
> > to gather some feedback on how I approached designing the plugins
> > and
> > the
> > config regeneration process before comitting to this design by
> > creating an API
> > and UI around it.
> >
> > For your testing convenience I've provided deb packages on our
> > share:
> > /path/to/nasi/iso/packages/shan-sdn-dhcp
> >
> > You need to install dnsmasq (and disable it afterwards):
> >
> > apt install dnsmasq && systemctl disable --now dnsmasq
> >
> >
> > You can use the following example configuration for deploying a
> > DHCP
> > server in
> > a SDN subnet:
> >
> > /etc/pve/sdn/dhcp.cfg:
> >
> > dnsmasq: nat
> >
> >
> > /etc/pve/sdn/zones.cfg:
> >
> > simple: DHCPNAT
> > ipam pve
> >
> >
> > /etc/pve/sdn/vnets.cfg:
> >
> > vnet: dhcpnat
> > zone DHCPNAT
> >
> >
> > /etc/pve/sdn/subnets.cfg:
> >
> > subnet: DHCPNAT-10.1.0.0-16
> > vnet dhcpnat
> > dhcp-dns-server 10.1.0.1
> > dhcp-range server=nat,start-address=10.1.0.100,end-
> > address=10.1.0.200,lease-time=86400
> > dhcp-range server=nat,start-address=10.1.1.100,end-
> > address=10.1.1.200,lease-time=86400,dns-server=10.1.0.2
> > gateway 10.1.0.1
> > snat 1
> >
> >
> > Then apply the SDN configuration:
> >
> > pvesh set /cluster/sdn
> >
> >
> > Be careful that after configuring dhcp-range you do not save the
> > subnet config
> > from the Web UI, since the dhcp-range line will vanish from the
> > config.
> >
> >
> >
> > pve-cluster:
> >
> > Stefan Hanreich (1):
> > cluster files: add dhcp.cfg
> >
> > src/PVE/Cluster.pm | 1 +
> > src/pmxcfs/status.c | 1 +
> > 2 files changed, 2 insertions(+)
> >
> >
> > pve-manager:
> >
> > Stefan Hanreich (1):
> > sdn: regenerate DHCP config on reload
> >
> > PVE/API2/Network.pm | 1 +
> > 1 file changed, 1 insertion(+)
> >
> >
> > pve-network:
> >
> > Stefan Hanreich (4):
> > sdn: dhcp: add abstract class for DHCP plugins
> > sdn: dhcp: subnet: add DHCP options to subnet configuration
> > sdn: dhcp: add DHCP plugin for dnsmasq
> > sdn: dhcp: regenerate config for DHCP servers on reload
> >
> > debian/control | 1 +
> > src/PVE/Network/SDN.pm | 11 ++-
> > src/PVE/Network/SDN/Dhcp.pm | 122
> > ++++++++++++++++++++++++++++
> > src/PVE/Network/SDN/Dhcp/Dnsmasq.pm | 115
> > ++++++++++++++++++++++++++
> > src/PVE/Network/SDN/Dhcp/Makefile | 8 ++
> > src/PVE/Network/SDN/Dhcp/Plugin.pm | 76 +++++++++++++++++
> > src/PVE/Network/SDN/Makefile | 4 +-
> > src/PVE/Network/SDN/SubnetPlugin.pm | 43 ++++++++++
> > 8 files changed, 377 insertions(+), 3 deletions(-)
> > create mode 100644 src/PVE/Network/SDN/Dhcp.pm
> > create mode 100644 src/PVE/Network/SDN/Dhcp/Dnsmasq.pm
> > create mode 100644 src/PVE/Network/SDN/Dhcp/Makefile
> > create mode 100644 src/PVE/Network/SDN/Dhcp/Plugin.pm
> >
> >
> > Summary over all repositories:
> > 11 files changed, 380 insertions(+), 3 deletions(-)
> >
> > --
> > murpp v0.4.0
> >
> >
> > _______________________________________________
> > pve-devel mailing list
> > pve-devel@lists.proxmox.com
> > https://antiphishing.cetsi.fr/proxy/v3?i=SHV0Y1JZQjNyckJFa3dUQiblhF5YcUqtiWCaK_ri0kk&r=T0hnMlUyVEgwNmlmdHc1NSqeTQ1pLQVNn4UvDLnWe4fCxNuytxXrtkvXRfHgEH29SgNUOJTfU-F2je9BBTq-sg&f=V3p0eFlQOUZ4czh2enpJS6vlBYwhEUcOwTmUN-Hu71ZWogcUGH-slS7gYzVrVVB6_wb2zNaC4g2GRLF4nWvKLw&u=https%3A//lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel&k=ZVd0
> >
>
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2023-09-13 8:18 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-08 13:42 Stefan Hanreich
2023-09-08 13:42 ` [pve-devel] [RFC pve-cluster 1/6] cluster files: add dhcp.cfg Stefan Hanreich
2023-09-08 13:43 ` [pve-devel] [RFC pve-manager 2/6] sdn: regenerate DHCP config on reload Stefan Hanreich
2023-09-08 13:43 ` [pve-devel] [RFC pve-network 3/6] sdn: dhcp: add abstract class for DHCP plugins Stefan Hanreich
2023-09-08 13:43 ` [pve-devel] [RFC pve-network 4/6] sdn: dhcp: subnet: add DHCP options to subnet configuration Stefan Hanreich
2023-09-11 4:03 ` DERUMIER, Alexandre
2023-09-13 8:37 ` Stefan Hanreich
2023-09-08 13:43 ` [pve-devel] [RFC pve-network 5/6] sdn: dhcp: add DHCP plugin for dnsmasq Stefan Hanreich
2023-09-08 13:43 ` [pve-devel] [RFC pve-network 6/6] sdn: dhcp: regenerate config for DHCP servers on reload Stefan Hanreich
2023-09-11 3:53 ` [pve-devel] [RFC cluster/manager/network 0/6] Add support for DHCP servers to SDN DERUMIER, Alexandre
2023-09-13 8:18 ` DERUMIER, Alexandre [this message]
2023-09-13 8:54 ` Stefan Hanreich
2023-09-13 9:26 ` DERUMIER, Alexandre
2023-09-13 11:37 ` Thomas Lamprecht
2023-09-13 11:43 ` DERUMIER, Alexandre
2023-09-13 11:50 ` Stefan Hanreich
2023-09-13 12:40 ` Thomas Lamprecht
2023-09-13 12:50 ` DERUMIER, Alexandre
2023-09-13 13:05 ` Stefan Hanreich
2023-09-13 13:21 ` DERUMIER, Alexandre
2023-09-13 13:48 ` Stefan Hanreich
2023-09-13 13:52 ` Stefan Hanreich
2023-09-14 13:15 ` DERUMIER, Alexandre
2023-09-20 21:48 ` DERUMIER, Alexandre
2023-09-26 11:20 ` Stefan Hanreich
2023-09-26 13:07 ` DERUMIER, Alexandre
2023-09-26 14:12 ` Stefan Hanreich
2023-09-26 16:55 ` DERUMIER, Alexandre
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=39db1d13a7384faf7338ba45c78e2816c520284b.camel@groupe-cyllene.com \
--to=alexandre.derumier@groupe-cyllene.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal