From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 8F90E64395 for ; Sun, 19 Jul 2020 13:09:29 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 8DBB625C86 for ; Sun, 19 Jul 2020 13:09:29 +0200 (CEST) Received: from mailpro.odiso.net (mailpro.odiso.net [89.248.211.110]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 3444E25C6C for ; Sun, 19 Jul 2020 13:09:28 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by mailpro.odiso.net (Postfix) with ESMTP id E950811962E6; Sun, 19 Jul 2020 13:09:21 +0200 (CEST) Received: from mailpro.odiso.net ([127.0.0.1]) by localhost (mailpro.odiso.net [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id 4aUUBKfsuYVw; Sun, 19 Jul 2020 13:09:21 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by mailpro.odiso.net (Postfix) with ESMTP id D076111962E7; Sun, 19 Jul 2020 13:09:21 +0200 (CEST) X-Virus-Scanned: amavisd-new at mailpro.odiso.com Received: from mailpro.odiso.net ([127.0.0.1]) by localhost (mailpro.odiso.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id kTB1yUPliyLB; Sun, 19 Jul 2020 13:09:21 +0200 (CEST) Received: from pve.fritz.box (unknown [213.211.148.86]) by mailpro.odiso.net (Postfix) with ESMTPSA id 9FD6D11962E6; Sun, 19 Jul 2020 13:09:21 +0200 (CEST) From: Alexandre Derumier To: pve-devel@pve.proxmox.com Date: Sun, 19 Jul 2020 13:09:15 +0200 Message-Id: <20200719110915.9155-3-aderumier@odiso.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200719110915.9155-1-aderumier@odiso.com> References: <20200719110915.9155-1-aderumier@odiso.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-SPAM-LEVEL: Spam detection results: 0 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_DNSWL_NONE -0.0001 Sender listed at https://www.dnswl.org/, no trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [PATCH pve-docs 2/2] sdn : add subnet/ipam documentation X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jul 2020 11:09:29 -0000 Signed-off-by: Alexandre Derumier --- pvesdn.adoc | 65 ++++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 59 insertions(+), 6 deletions(-) diff --git a/pvesdn.adoc b/pvesdn.adoc index ed8652d..5aeb0c0 100644 --- a/pvesdn.adoc +++ b/pvesdn.adoc @@ -64,6 +64,9 @@ On the web-interface SDN feature have 4 main sections = for the configuration =20 * Controller: For complex setups to control Layer 3 routing =20 +* Subnets: Used to defined ip networks on Vnets. + +* Ipams: Allow to use external tools for ip managements (vm/ct ips) =20 [[pvesdn_config_main_sdn]] SDN @@ -117,12 +120,7 @@ VNet properties are: * VLAN Aware: Allow to add an extra VLAN tag in the virtual machine or container vNIC configurations or allow the guest OS to manage the VLAN= 's tag. =20 -* IPv4: an anycast IPv4 address, it will be configured on the underlying= bridge - on each node part of the Zone. It's only useful for `bgp-evpn` routing= . - -* IPv6: an anycast IPv6 address, it will be configured on the underlying= bridge - on each node part of the Zone. It's only useful for `bgp-evpn` routing= . - +* Subnets: A list of associated subnets for this Vnet =20 [[pvesdn_config_controllers]] Controllers @@ -269,6 +267,61 @@ gateway, but, for example, sent traffic to external = BGP routers, which handle (reverse) routing then dynamically you can use. For example `192.168.0.253,192.168.0.254' =20 +[[pvesdn_config_subnet]] +Subnets +~~~~~~~ + +A Subnet allow to define an ip network (ipv4 or ipv6). + + +Subnet properties are: + +* ID: a cidr network address. Ex: 10.0.0.0/8 + +* Gateway: ip address for the default gateway of the network.=20 + On layer3 vnets (simple/evpn plugins), it'll be deployed on t= he vnet. + =20 +* Snat: Enable Snat for layer3 vnets (simple/evpn plugins) for this subn= et. + +* Ipam: Optional, if you want to use an ipam tool for this subnet. + +[[pvesdn_config_ipam]] +Ipams +~~~~~ +IPAM (IP address management) tools, are used to manage/assign ips on you= r devices on the network. +It can be used to find free ip address when you create a vm/ct for examp= le (not yet implemented). + + +[[pvesdn_ipam_plugins]] +Ipam Plugins +------------- + +[[pvesdn_ipam_plugin_phpipam]] +PHPIpam plugin +~~~~~~~~~~~~~~ +https://phpipam.net/ + +You need to create an application in phpipam, and add an api token with = admin permission + +PHPipam properties are: + +* Url: The rest api url : http://phpipam.domain.com/api// +* Token: your api token +* Section: An integer id. Sections are group of subnets in phpipam.=20 + Default install have sectionid=3D1 for customers + +Netbox Ipam plugin +~~~~~~~~~~~~~~~~~~ +https://github.com/netbox-community/netbox + +you need to create an api token in netbox +https://netbox.readthedocs.io/en/stable/api/authentication + +PHPipam properties are: + +* Url: The rest api url: http://yournetbox.domain.com/api +* Token: your api token + =20 [[pvesdn_local_deployment_monitoring]] Local Deployment Monitoring --=20 2.20.1