Re: [pve-devel] [PATCH v2 pve-container] POC : add/del/update ip from vnet-subnet-ipam

[Alexandre DERUMIER <aderumier@odiso.com>]

>>When trying this I got the gateway IP returned for both, as CT IP and gateway IP. 
>>Did not checked this patch closer, but I figured that this behavior is caused by 
>>the SDN code. 

mmm, that's strange. 

When you create or update the subnet, the gateway ip you define on the subnet should be registered in the ipam.
(you have enable an ipam right ?)


Then, when you create CT, without any ip, it'll try to find first available ip in ipam.
(So if the gateway was not registered in ipam (bug maybe), that could explain why you have it both).

for internal ipam, i'm writing ipam database in /etc/pve/priv/ipam.db. (BTW,I'm not sure that it's the best path location)





>>On another node, do you think it makes sense to have vnets, subnets, IPam, DNS completely 
>>split and separated from each other? I mean, it is flexible, but a user needs to do a lot 
>>of, almost boilerplate-like, work to get this started. 
>>Advanced users may profit from this, maybe we just need a "simple wizard" for the easiest 
>>beginner case.. 

Well for subnet, you can assign multiple subnets by vnet, so yes, it's really need to by separated.
(Somebody at hertzner for example, buying subnets or /32 failovers ips, and want to add them to a vnet)
IPAM/DNS, are more reusable configurations. (like api url,key,....). So I think you'll define 1 or 2 of them max.

I think subnet+ipam+dns are ip features.
zones,vnets,controller are physical network features


But, yes, a gui wizard could be great for fast setup. 


----- Mail original -----
De: "Thomas Lamprecht" <t.lamprecht@proxmox.com>
À: "Proxmox VE development discussion" <pve-devel@lists.proxmox.com>, "aderumier" <aderumier@odiso.com>
Envoyé: Lundi 7 Septembre 2020 18:40:39
Objet: Re: [pve-devel] [PATCH v2 pve-container] POC : add/del/update ip from vnet-subnet-ipam

On 24.08.20 18:49, Alexandre Derumier wrote: 
> This is a POC to call ip to retreive ip address from ipam. 
> 
> (it's really just a poc && buggt , it need to be improve for vnet changes, pending config apply/revert,...) 

When trying this I got the gateway IP returned for both, as CT IP and gateway IP. 
Did not checked this patch closer, but I figured that this behavior is caused by 
the SDN code. 

Using a simple zone with PVE IPam and snat subnet "10.12.13.0/24" with GW "10.12.13.1" 
as test. 

On another node, do you think it makes sense to have vnets, subnets, IPam, DNS completely 
split and separated from each other? I mean, it is flexible, but a user needs to do a lot 
of, almost boilerplate-like, work to get this started. 
Advanced users may profit from this, maybe we just need a "simple wizard" for the easiest 
beginner case..