From: "lou.lecrivain--- via pve-devel" <pve-devel@lists.proxmox.com>
To: pve-devel@lists.proxmox.com
Cc: lou.lecrivain@orange.fr, jonatan.crystall@gwdg.de
Subject: [pve-devel] [PATCH pve-network v3 1/3] ipam: nautobot: base plugin
Date: Thu, 6 Mar 2025 12:08:29 +0100 [thread overview]
Message-ID: <mailman.833.1741261422.293.pve-devel@lists.proxmox.com> (raw)
In-Reply-To: <20250306110831.6426-1-lou.lecrivain@orange.fr>
[-- Attachment #1: Type: message/rfc822, Size: 16598 bytes --]
From: lou.lecrivain@orange.fr
To: pve-devel@lists.proxmox.com
Cc: h.duerr@proxmox.com, jonatan.crystall@gwdg.de, Lou Lecrivain <lou.lecrivain@wdz.de>
Subject: [PATCH pve-network v3 1/3] ipam: nautobot: base plugin
Date: Thu, 6 Mar 2025 12:08:29 +0100
Message-ID: <20250306110831.6426-2-lou.lecrivain@orange.fr>
From: Lou Lecrivain <lou.lecrivain@wdz.de>
This is the initial Nautobot plugin, based on the Netbox
plugin implementation.
Signed-off-by: lou lecrivain <lou.lecrivain@wdz.de>
---
src/PVE/API2/Network/SDN/Ipams.pm | 1 +
src/PVE/Network/SDN/Ipams.pm | 3 +
src/PVE/Network/SDN/Ipams/Makefile | 2 +-
src/PVE/Network/SDN/Ipams/NautobotPlugin.pm | 413 ++++++++++++++++++++
4 files changed, 418 insertions(+), 1 deletion(-)
create mode 100644 src/PVE/Network/SDN/Ipams/NautobotPlugin.pm
diff --git a/src/PVE/API2/Network/SDN/Ipams.pm b/src/PVE/API2/Network/SDN/Ipams.pm
index 27ead02..8074512 100644
--- a/src/PVE/API2/Network/SDN/Ipams.pm
+++ b/src/PVE/API2/Network/SDN/Ipams.pm
@@ -12,6 +12,7 @@ use PVE::Network::SDN::Ipams::Plugin;
use PVE::Network::SDN::Ipams::PVEPlugin;
use PVE::Network::SDN::Ipams::PhpIpamPlugin;
use PVE::Network::SDN::Ipams::NetboxPlugin;
+use PVE::Network::SDN::Ipams::NautobotPlugin;
use PVE::Network::SDN::Dhcp;
use PVE::Network::SDN::Vnets;
use PVE::Network::SDN::Zones;
diff --git a/src/PVE/Network/SDN/Ipams.pm b/src/PVE/Network/SDN/Ipams.pm
index c689b8f..2ecb75e 100644
--- a/src/PVE/Network/SDN/Ipams.pm
+++ b/src/PVE/Network/SDN/Ipams.pm
@@ -12,11 +12,14 @@ use PVE::Network;
use PVE::Network::SDN::Ipams::PVEPlugin;
use PVE::Network::SDN::Ipams::NetboxPlugin;
+use PVE::Network::SDN::Ipams::NautobotPlugin;
use PVE::Network::SDN::Ipams::PhpIpamPlugin;
use PVE::Network::SDN::Ipams::Plugin;
+
PVE::Network::SDN::Ipams::PVEPlugin->register();
PVE::Network::SDN::Ipams::NetboxPlugin->register();
+PVE::Network::SDN::Ipams::NautobotPlugin->register();
PVE::Network::SDN::Ipams::PhpIpamPlugin->register();
PVE::Network::SDN::Ipams::Plugin->init();
diff --git a/src/PVE/Network/SDN/Ipams/Makefile b/src/PVE/Network/SDN/Ipams/Makefile
index 4e7d65f..75e5b9a 100644
--- a/src/PVE/Network/SDN/Ipams/Makefile
+++ b/src/PVE/Network/SDN/Ipams/Makefile
@@ -1,4 +1,4 @@
-SOURCES=Plugin.pm PhpIpamPlugin.pm NetboxPlugin.pm PVEPlugin.pm
+SOURCES=Plugin.pm PhpIpamPlugin.pm NetboxPlugin.pm PVEPlugin.pm NautobotPlugin.pm
PERL5DIR=${DESTDIR}/usr/share/perl5
diff --git a/src/PVE/Network/SDN/Ipams/NautobotPlugin.pm b/src/PVE/Network/SDN/Ipams/NautobotPlugin.pm
new file mode 100644
index 0000000..58f7c68
--- /dev/null
+++ b/src/PVE/Network/SDN/Ipams/NautobotPlugin.pm
@@ -0,0 +1,413 @@
+package PVE::Network::SDN::Ipams::NautobotPlugin;
+
+use strict;
+use warnings;
+use PVE::INotify;
+use PVE::Cluster;
+use PVE::Tools;
+use NetAddr::IP;
+
+use base('PVE::Network::SDN::Ipams::Plugin');
+
+sub type {
+ return 'nautobot';
+}
+
+sub properties {
+ return {
+ namespace => {
+ type => 'string',
+ },
+ };
+}
+
+sub options {
+ return {
+ url => { optional => 0 },
+ token => { optional => 0 },
+ namespace => { optional => 0 },
+ };
+}
+
+sub default_ip_status {
+ return 'Active';
+}
+
+sub default_headers {
+ my ($plugin_config) = @_;
+ my $token = $plugin_config->{token};
+
+ return [
+ 'Content-Type' => "application/json", 'Authorization' => "token $token",
+ 'Accept' => "application/json"
+ ];
+}
+
+# implem
+
+sub add_subnet {
+ my ($class, $plugin_config, undef, $subnet, $noerr) = @_;
+
+ my $cidr = $subnet->{cidr};
+ my $gateway = $subnet->{gateway};
+ my $url = $plugin_config->{url};
+ my $namespace = $plugin_config->{namespace};
+ my $headers = default_headers($plugin_config);
+
+ my $internalid = get_prefix_id($url, $cidr, $headers, $noerr);
+
+ #create subnet
+ if (!$internalid) {
+ my $params = {
+ prefix => $cidr, namespace => $namespace,
+ status => default_ip_status()
+ };
+
+ eval {
+ my $result = PVE::Network::SDN::api_request(
+ "POST", "$url/ipam/prefixes/", $headers, $params);
+ };
+ if ($@) {
+ die "error adding subnet to ipam: $@" if !$noerr;
+ }
+ }
+}
+
+sub del_subnet {
+ my ($class, $plugin_config, $subnetid, $subnet, $noerr) = @_;
+
+ my $cidr = $subnet->{cidr};
+ my $url = $plugin_config->{url};
+ my $headers = default_headers($plugin_config);
+
+ my $internalid = get_prefix_id($url, $cidr, $headers, $noerr);
+ return if !$internalid;
+
+ # TODO check that prefix is empty before deletion
+ return;
+
+ eval {
+ PVE::Network::SDN::api_request(
+ "DELETE", "$url/ipam/prefixes/$internalid/", $headers);
+ };
+ if ($@) {
+ die "error deleting subnet in Nautobot: $@" if !$noerr;
+ }
+}
+
+sub add_ip {
+ my ($class, $plugin_config, undef, $subnet, $ip, $hostname, $mac, undef,
+ $is_gateway, $noerr) = @_;
+
+ my $mask = $subnet->{mask};
+ my $url = $plugin_config->{url};
+ my $namespace = $plugin_config->{namespace};
+ my $headers = default_headers($plugin_config);
+
+ my $description = undef;
+ if ($is_gateway) {
+ $description = 'gateway'
+ } elsif ($mac) {
+ $description = "mac:$mac";
+ }
+
+ my $params = {
+ address => "$ip/$mask", type => "dhcp", dns_name => $hostname,
+ description => $description, namespace => $namespace,
+ status => default_ip_status()};
+
+ eval {
+ PVE::Network::SDN::api_request(
+ "POST", "$url/ipam/ip-addresses/", $headers, $params);
+ };
+
+ if ($@) {
+ if($is_gateway) {
+ die "error adding subnet ip to ipam: ip $ip already exists: $@"
+ if !$noerr && !is_ip_gateway($url, $ip, $headers, $noerr);
+ } else {
+ die "error adding subnet ip to ipam: ip $ip already exists: $@"
+ if !$noerr;
+ }
+ }
+}
+
+sub add_next_freeip {
+ my ($class, $plugin_config, undef, $subnet, $hostname, $mac, undef,
+ $noerr) = @_;
+
+ my $cidr = $subnet->{cidr};
+
+ my $url = $plugin_config->{url};
+ my $namespace = $plugin_config->{namespace};
+ my $headers = default_headers($plugin_config);
+
+ my $internalid = get_prefix_id($url, $cidr, $headers, $noerr);
+ die "cannot find prefix $cidr in Nautobot" if !$internalid;
+
+ my $description = undef;
+ $description = "mac:$mac" if $mac;
+
+ my $params = {
+ type => "dhcp", dns_name => $hostname, description => $description,
+ namespace => $namespace, status => default_ip_status()
+ };
+
+ my $ip = eval {
+ my $result = PVE::Network::SDN::api_request(
+ "POST",
+ "$url/ipam/prefixes/$internalid/available-ips/",
+ $headers,
+ $params);
+ my ($host_ip, undef) = split(/\//, $result->{address});
+ return $host_ip;
+ };
+
+ if ($@) {
+ die "can't find free ip in subnet $cidr: $@" if !$noerr;
+ }
+ return $ip;
+}
+
+sub add_range_next_freeip {
+ my ($class, $plugin_config, $subnet, $range, $data, $noerr) = @_;
+
+ my $url = $plugin_config->{url};
+ my $namespace = $plugin_config->{namespace};
+ my $headers = default_headers($plugin_config);
+ my $cidr = $subnet->{cidr};
+
+ # ranges are not supported natively in nautobot, hence why we have
+ # to get a little hacky.
+ my $minimal_size = NetAddr::IP->new($range->{'start-address'})
+ - NetAddr::IP->new($cidr);
+ my $internalid = get_prefix_id($url, $cidr, $headers, $noerr);
+
+ my $ip = eval {
+ my $result = PVE::Network::SDN::api_request(
+ "GET",
+ "$url/ipam/prefixes/$internalid/available-ips/?limit=$minimal_size",
+ $headers);
+ # v important for NetAddr::IP comparison!
+ my @ips = map((split(/\//,$_->{address}))[0], @{$result});
+ # get 1st result
+ my $found_ip = (get_ips_within_range(
+ $range->{'start-address'},
+ $range->{'end-address'},
+ @ips))[0];
+
+ die "prefix out of space in range" if !$noerr && !$found_ip;
+
+ $class->add_ip(
+ $plugin_config, undef, $subnet, $found_ip, $data->{hostname},
+ $data->{mac}, undef, 0, 0);
+ return $found_ip;
+ };
+
+ if ($@) {
+ die "can't find free ip in range"
+ ." $range->{'start-address'}-$range->{'end-address'}: $@"
+ if !$noerr;
+ }
+ return $ip;
+}
+
+
+sub update_ip {
+ my ($class, $plugin_config, $subnetid, $subnet, $ip, $hostname, $mac,
+ undef, $is_gateway, $noerr) = @_;
+
+ my $mask = $subnet->{mask};
+ my $url = $plugin_config->{url};
+ my $namespace = $plugin_config->{namespace};
+ my $headers = default_headers($plugin_config);
+
+ my $description = undef;
+ if ($is_gateway) {
+ $description = 'gateway'
+ } elsif ($mac) {
+ $description = "mac:$mac";
+ }
+
+ my $params = {
+ address => "$ip/$mask", type => "dhcp", dns_name => $hostname,
+ description => $description, namespace => $namespace,
+ status => default_ip_status()
+ };
+
+ my $ip_id = get_ip_id($url, $ip, $headers, $noerr);
+ die "can't find ip $ip in ipam" if !$noerr && !$ip_id;
+
+ eval {
+ PVE::Network::SDN::api_request(
+ "PATCH", "$url/ipam/ip-addresses/$ip_id/", $headers, $params);
+ };
+ if ($@) {
+ die "error updating ip $ip: $@" if !$noerr;
+ }
+}
+
+
+sub del_ip {
+ my ($class, $plugin_config, undef, undef, $ip, $noerr) = @_;
+
+ return if !$ip;
+
+ my $url = $plugin_config->{url};
+ my $headers = default_headers($plugin_config);
+
+ my $ip_id = get_ip_id($url, $ip, $headers, $noerr);
+ die "can't find ip $ip in ipam" if !$ip_id && !$noerr;
+
+ eval {
+ PVE::Network::SDN::api_request(
+ "DELETE", "$url/ipam/ip-addresses/$ip_id/", $headers);
+ };
+ if ($@) {
+ die "error deleting ip $ip : $@" if !$noerr;
+ }
+}
+
+
+sub verify_api {
+ my ($class, $plugin_config) = @_;
+
+ my $url = $plugin_config->{url};
+ my $namespace = $plugin_config->{namespace};
+ my $headers = default_headers($plugin_config);
+
+ # check that the namespace exists AND that default IP active status
+ # exists AND that we have indeed API access
+ eval {
+ get_namespace_id($url, $namespace, $headers, 0)
+ // die "namespace $namespace does not exist";
+ get_status_id($url, default_ip_status(), $headers, 0)
+ // die "default IP status ". default_ip_status() . " not found";
+ };
+ if ($@) {
+ die "Can't use nautobot api: $@";
+ }
+}
+
+sub get_ips_from_mac {
+ my ($class, $plugin_config, $mac) = @_;
+
+ my $url = $plugin_config->{url};
+ my $namespace = $plugin_config->{namespace};
+ my $headers = default_headers($plugin_config);
+
+ my $ip4 = undef;
+ my $ip6 = undef;
+
+ my $data = PVE::Network::SDN::api_request(
+ "GET", "$url/ipam/ip-addresses/?q=$mac", $headers);
+ for my $ip (@{$data->{results}}) {
+ if ($ip->{ip_version} == 4 && !$ip4) {
+ ($ip4, undef) = split(/\//, $ip->{address});
+ }
+
+ if ($ip->{ip_version} == 6 && !$ip6) {
+ ($ip6, undef) = split(/\//, $ip->{address});
+ }
+ }
+
+ return ($ip4, $ip6);
+}
+
+sub on_update_hook {
+ my ($class, $plugin_config) = @_;
+
+ PVE::Network::SDN::Ipams::NautobotPlugin::verify_api(
+ $class, $plugin_config);
+}
+
+# helpers
+sub get_ips_within_range {
+ my ($start_address, $end_address, @list) = @_;
+ $start_address = NetAddr::IP->new($start_address);
+ $end_address = NetAddr::IP->new($end_address);
+ return grep($start_address <= NetAddr::IP->new($_) <= $end_address, @list);
+}
+
+sub get_ip_id {
+ my ($url, $ip, $headers, $noerr) = @_;
+
+ my $result = eval {
+ return PVE::Network::SDN::api_request(
+ "GET", "$url/ipam/ip-addresses/?q=$ip", $headers);
+ };
+ if ($@) {
+ die "error while querying for ip $ip id: $@" if !$noerr;
+ }
+
+ my $data = @{$result->{results}}[0];
+ my $ip_id = $data->{id};
+ return $ip_id;
+}
+
+sub get_prefix_id {
+ my ($url, $cidr, $headers, $noerr) = @_;
+
+ my $result = eval {
+ return PVE::Network::SDN::api_request(
+ "GET", "$url/ipam/prefixes/?q=$cidr", $headers);
+ };
+ if ($@) {
+ die "error while querying for cidr $cidr prefix id: $@" if !$noerr;
+ }
+
+ my $data = @{$result->{results}}[0];
+ my $internalid = $data->{id};
+ return $internalid;
+}
+
+sub get_namespace_id {
+ my ($url, $namespace, $headers, $noerr) = @_;
+
+ my $result = eval {
+ return PVE::Network::SDN::api_request(
+ "GET", "$url/ipam/namespaces/?q=$namespace", $headers);
+ };
+ if ($@) {
+ die "error while querying for namespace $namespace id: $@" if !$noerr;
+ }
+
+ my $data = @{$result->{results}}[0];
+ my $internalid = $data->{id};
+ return $internalid;
+}
+
+sub get_status_id {
+ my ($url, $status, $headers, $noerr) = @_;
+
+ my $result = eval {
+ return PVE::Network::SDN::api_request(
+ "GET", "$url/extras/statuses/?q=$status", $headers);
+ };
+ if ($@) {
+ die "error while querying for status $status id: $@" if !$noerr;
+ }
+
+ my $data = @{$result->{results}}[0];
+ my $internalid = $data->{id};
+ return $internalid;
+}
+
+sub is_ip_gateway {
+ my ($url, $ip, $headers, $noerr) = @_;
+
+ my $result = eval {
+ return PVE::Network::SDN::api_request(
+ "GET", "$url/ipam/ip-addresses/?q=$ip", $headers);
+ };
+ if ($@) {
+ die "error while checking if $ip is a gateway" if !$noerr;
+ }
+
+ my $data = @{$result->{results}}[0];
+ my $description = $data->{description};
+ my $is_gateway = 0; $is_gateway = 1 if $description eq 'gateway';
+ return $is_gateway;
+}
+
+1;
--
2.39.5
[-- Attachment #2: Type: text/plain, Size: 160 bytes --]
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next parent reply other threads:[~2025-03-06 11:43 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20250306110831.6426-1-lou.lecrivain@orange.fr>
2025-03-06 11:08 ` lou.lecrivain--- via pve-devel [this message]
2025-03-06 11:08 ` [pve-devel] [PATCH pve-network v3 2/3] ipam: nautobot: add testing for nautobot plugin lou.lecrivain--- via pve-devel
2025-03-06 11:08 ` [pve-devel] [PATCH pve-network v3 3/3] ipam: nautobot: add checks for prefix deletion lou.lecrivain--- via pve-devel
2025-03-06 11:10 ` [pve-devel] [PATCH] pve-docs: add documentation for Nautobot IPAM plugin lou.lecrivain--- via pve-devel
2025-03-06 11:10 ` [pve-devel] [PATCH] pve-manager: add UI dialogs for Nautobot IPAM backend lou.lecrivain--- via pve-devel
2025-03-06 12:13 ` [pve-devel] [PATCH-SERIES pve-network v3] Add Nautobot IPAM support Hannes Dürr
2025-03-06 13:11 ` Lou Lecrivain via pve-devel
[not found] ` <FR3PPF52E80A3568CB02FD718D9A4A750B885CA2@FR3PPF52E80A356.DEUP281.PROD.OUTLOOK.COM>
2025-03-06 13:14 ` Hannes Dürr
2025-03-06 12:18 ` Hannes Dürr
2025-03-19 9:21 ` Hannes Dürr
2025-03-19 10:04 ` Lou Lecrivain via pve-devel
[not found] ` <20250306110831.6426-2-lou.lecrivain@orange.fr>
2025-03-19 9:21 ` [pve-devel] [PATCH pve-network v3 1/3] ipam: nautobot: base plugin Hannes Dürr
2025-03-19 9:50 ` [pve-devel] [!!ACHTUNG extern!!] - " Lou Lecrivain via pve-devel
[not found] ` <FR2PPF45D006270BAE05B48B2B7C1D2E18F85D92@FR2PPF45D006270.DEUP281.PROD.OUTLOOK.COM>
2025-03-19 16:01 ` Hannes Duerr
2025-03-20 9:22 ` [pve-devel] [!!ACHTUNG extern!!] - " Lou Lecrivain via pve-devel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=mailman.833.1741261422.293.pve-devel@lists.proxmox.com \
--to=pve-devel@lists.proxmox.com \
--cc=jonatan.crystall@gwdg.de \
--cc=lou.lecrivain@orange.fr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal