From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 4AD6A63FF9 for ; Mon, 5 Oct 2020 17:11:08 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 4650B1DD56 for ; Mon, 5 Oct 2020 17:10:25 +0200 (CEST) Received: from kvmformation1.odiso.net (globalOdiso.M6Lille.odiso.net [89.248.211.242]) by firstgate.proxmox.com (Proxmox) with ESMTP id 30B2A1C858 for ; Mon, 5 Oct 2020 17:09:15 +0200 (CEST) Received: by kvmformation1.odiso.net (Postfix, from userid 0) id 5622FE76AA; Mon, 5 Oct 2020 17:09:14 +0200 (CEST) From: Alexandre Derumier To: pve-devel@lists.proxmox.com Date: Mon, 5 Oct 2020 17:09:06 +0200 Message-Id: <20201005150912.463000-30-aderumier@odiso.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20201005150912.463000-1-aderumier@odiso.com> References: <20201005150912.463000-1-aderumier@odiso.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 1 AWL -0.176 Adjusted score from AWL reputation of From: address HEADER_FROM_DIFFERENT_DOMAINS 0.248 From and EnvelopeFrom 2nd level mail domains are different KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery methods KHOP_HELO_FCRDNS 0.398 Relay HELO differs from its IP's reverse DNS SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_NONE 0.001 SPF: sender does not publish an SPF Record Subject: [pve-devel] [PATCH v10 pve-network 29/35] move dns options from subnets to zone X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2020 15:11:08 -0000 Signed-off-by: Alexandre Derumier --- PVE/API2/Network/SDN/Subnets.pm | 17 +++++++- PVE/API2/Network/SDN/Zones.pm | 21 ++++++++++ PVE/Network/SDN/Dns/Plugin.pm | 1 + PVE/Network/SDN/Dns/PowerdnsPlugin.pm | 58 ++++++++++++++++++++++++++- PVE/Network/SDN/SubnetPlugin.pm | 41 ++++--------------- PVE/Network/SDN/Subnets.pm | 43 ++++++++++++-------- PVE/Network/SDN/VnetPlugin.pm | 5 +++ PVE/Network/SDN/Vnets.pm | 17 ++++++-- PVE/Network/SDN/Zones.pm | 16 ++++++++ PVE/Network/SDN/Zones/EvpnPlugin.pm | 3 ++ PVE/Network/SDN/Zones/FaucetPlugin.pm | 3 ++ PVE/Network/SDN/Zones/QinQPlugin.pm | 3 ++ PVE/Network/SDN/Zones/SimplePlugin.pm | 22 +++++++++- PVE/Network/SDN/Zones/VlanPlugin.pm | 5 ++- PVE/Network/SDN/Zones/VxlanPlugin.pm | 3 ++ 15 files changed, 199 insertions(+), 59 deletions(-) diff --git a/PVE/API2/Network/SDN/Subnets.pm b/PVE/API2/Network/SDN/Subnets.pm index 34fb714..5ea4fc4 100644 --- a/PVE/API2/Network/SDN/Subnets.pm +++ b/PVE/API2/Network/SDN/Subnets.pm @@ -11,6 +11,7 @@ use PVE::Network::SDN; use PVE::Network::SDN::Subnets; use PVE::Network::SDN::SubnetPlugin; use PVE::Network::SDN::Vnets; +use PVE::Network::SDN::Zones; use PVE::Network::SDN::Ipams; use PVE::Network::SDN::Ipams::Plugin; @@ -178,6 +179,12 @@ __PACKAGE__->register_method ({ sub { my $cfg = PVE::Network::SDN::Subnets::config(); + my $zone_cfg = PVE::Network::SDN::Zones::config(); + my $vnet_cfg = PVE::Network::SDN::Vnets::config(); + my $vnet = $param->{vnet}; + my $zoneid = $vnet_cfg->{ids}->{$vnet}->{zone}; + my $zone = $zone_cfg->{ids}->{$zoneid}; + my $opts = PVE::Network::SDN::SubnetPlugin->check_config($id, $param, 1, 1); my $scfg = undef; @@ -186,7 +193,7 @@ __PACKAGE__->register_method ({ } $cfg->{ids}->{$id} = $opts; - PVE::Network::SDN::SubnetPlugin->on_update_hook($id, $opts); + PVE::Network::SDN::SubnetPlugin->on_update_hook($zone, $id, $opts); PVE::Network::SDN::Subnets::write_config($cfg); @@ -216,6 +223,12 @@ __PACKAGE__->register_method ({ sub { my $cfg = PVE::Network::SDN::Subnets::config(); + my $zone_cfg = PVE::Network::SDN::Zones::config(); + my $vnet_cfg = PVE::Network::SDN::Vnets::config(); + my $vnet = $param->{vnet}; + my $zoneid = $vnet_cfg->{ids}->{$vnet}->{zone}; + my $zone = $zone_cfg->{ids}->{$zoneid}; + my $scfg = &$api_sdn_subnets_config($cfg, $id); PVE::SectionConfig::assert_if_modified($cfg, $digest); @@ -225,7 +238,7 @@ __PACKAGE__->register_method ({ raise_param_exc({ ipam => "you can't change ipam"}) if $opts->{ipam} && $scfg->{ipam} && $opts->{ipam} ne $scfg->{ipam}; - PVE::Network::SDN::SubnetPlugin->on_update_hook($id, $opts, $scfg); + PVE::Network::SDN::SubnetPlugin->on_update_hook($zone, $id, $opts, $scfg); PVE::Network::SDN::Subnets::write_config($cfg); diff --git a/PVE/API2/Network/SDN/Zones.pm b/PVE/API2/Network/SDN/Zones.pm index 512945c..cbfa9fe 100644 --- a/PVE/API2/Network/SDN/Zones.pm +++ b/PVE/API2/Network/SDN/Zones.pm @@ -9,6 +9,7 @@ use PVE::Cluster qw(cfs_read_file cfs_write_file); use PVE::Network::SDN; use PVE::Network::SDN::Vnets; use PVE::Network::SDN::Zones; +use PVE::Network::SDN::Dns; use PVE::Network::SDN::Zones::Plugin; use PVE::Network::SDN::Zones::VlanPlugin; use PVE::Network::SDN::Zones::QinQPlugin; @@ -20,6 +21,7 @@ use PVE::Network::SDN::Zones::SimplePlugin; use Storable qw(dclone); use PVE::JSONSchema qw(get_standard_option); use PVE::RPCEnvironment; +use PVE::Exception qw(raise raise_param_exc); use PVE::RESTHandler; @@ -83,6 +85,9 @@ __PACKAGE__->register_method ({ properties => { zone => { type => 'string'}, type => { type => 'string'}, mtu => { type => 'integer', optional => 1 }, + dns => { type => 'string', optional => 1}, + reversedns => { type => 'string', optional => 1}, + dnszone => { type => 'string', optional => 1}, pending => { optional => 1}, state => { type => 'string', optional => 1}, nodes => { type => 'string', optional => 1}, @@ -198,11 +203,19 @@ __PACKAGE__->register_method ({ my $zone_cfg = PVE::Network::SDN::Zones::config(); my $controller_cfg = PVE::Network::SDN::Controllers::config(); + my $dns_cfg = PVE::Network::SDN::Dns::config(); my $scfg = undef; if ($scfg = PVE::Network::SDN::Zones::sdn_zones_config($zone_cfg, $id, 1)) { die "sdn zone object ID '$id' already defined\n"; } + + my $dnsserver = $opts->{dns}; + my $reversednsserver = $opts->{reversedns}; + my $dnszone = $opts->{dnszone}; + raise_param_exc({ dns => "$dnsserver don't exist"}) if $dnsserver && !$dns_cfg->{ids}->{$dnsserver}; + raise_param_exc({ reversedns => "$reversednsserver don't exist"}) if $reversednsserver && !$dns_cfg->{ids}->{$reversednsserver}; + raise_param_exc({ dnszone => "missing dns server"}) if $dnszone && !$dnsserver; $zone_cfg->{ids}->{$id} = $opts; $plugin->on_update_hook($id, $zone_cfg, $controller_cfg); @@ -236,6 +249,7 @@ __PACKAGE__->register_method ({ my $zone_cfg = PVE::Network::SDN::Zones::config(); my $controller_cfg = PVE::Network::SDN::Controllers::config(); + my $dns_cfg = PVE::Network::SDN::Dns::config(); PVE::SectionConfig::assert_if_modified($zone_cfg, $digest); @@ -248,6 +262,13 @@ __PACKAGE__->register_method ({ $scfg->{$k} = $opts->{$k}; } + my $dnsserver = $opts->{dns}; + my $reversednsserver = $opts->{reversedns}; + my $dnszone = $opts->{dnszone}; + raise_param_exc({ dns => "$dnsserver don't exist"}) if $dnsserver && !$dns_cfg->{ids}->{$dnsserver}; + raise_param_exc({ reversedns => "$reversednsserver don't exist"}) if $reversednsserver && !$dns_cfg->{ids}->{$reversednsserver}; + raise_param_exc({ dnszone => "missing dns server"}) if $dnszone && !$dnsserver; + $plugin->on_update_hook($id, $zone_cfg, $controller_cfg); PVE::Network::SDN::Zones::write_config($zone_cfg); diff --git a/PVE/Network/SDN/Dns/Plugin.pm b/PVE/Network/SDN/Dns/Plugin.pm index baa9316..be399b0 100644 --- a/PVE/Network/SDN/Dns/Plugin.pm +++ b/PVE/Network/SDN/Dns/Plugin.pm @@ -42,6 +42,7 @@ my $defaultData = { type => 'string', format => 'pve-configid', }, ttl => { type => 'integer', optional => 1 }, + reversev6mask => { type => 'integer', optional => 1 }, dns => get_standard_option('pve-sdn-dns-id', { completion => \&PVE::Network::SDN::Dns::complete_sdn_dns }), }, diff --git a/PVE/Network/SDN/Dns/PowerdnsPlugin.pm b/PVE/Network/SDN/Dns/PowerdnsPlugin.pm index f02c2f1..5b98e87 100644 --- a/PVE/Network/SDN/Dns/PowerdnsPlugin.pm +++ b/PVE/Network/SDN/Dns/PowerdnsPlugin.pm @@ -7,6 +7,7 @@ use PVE::Cluster; use PVE::Tools; use JSON; use Net::IP; +use NetAddr::IP; use base('PVE::Network::SDN::Dns::Plugin'); @@ -22,6 +23,9 @@ sub properties { key => { type => 'string', }, + reversemaskv6 => { + type => 'integer' + }, }; } @@ -31,6 +35,8 @@ sub options { url => { optional => 0}, key => { optional => 0 }, ttl => { optional => 1 }, + reversemaskv6 => { optional => 1, description => "force a different netmask for the ipv6 reverse zone name." }, + }; } @@ -81,7 +87,8 @@ sub add_ptr_record { my $headers = ['Content-Type' => 'application/json; charset=UTF-8', 'X-API-Key' => $key]; $hostname .= "."; - my $reverseip = join(".", reverse(split(/\./, $ip))).".in-addr.arpa."; + my $reverseip = Net::IP->new($ip)->reverse_ip(); + my $type = "PTR"; my $record = { content => $hostname, @@ -140,7 +147,8 @@ sub del_ptr_record { my $key = $plugin_config->{key}; my $headers = ['Content-Type' => 'application/json; charset=UTF-8', 'X-API-Key' => $key]; - my $reverseip = join(".", reverse(split(/\./, $ip))).".in-addr.arpa."; + my $reverseip = Net::IP->new($ip)->reverse_ip(); + my $type = "PTR"; my $rrset = { name => $reverseip, @@ -177,6 +185,52 @@ sub verify_zone { } } +sub get_reversedns_zone { + my ($class, $plugin_config, $subnetid, $ip) = @_; + + my ($network, $mask) = split(/-/, $subnetid); + + my $cidr = "$ip/$mask"; + my $zone = ""; + + if (Net::IP::ip_is_ipv4($ip)) { + my ($ipblock1, $ipblock2, $ipblock3, $ipblock4) = split(/\./, $ip); + + my $ipv4 = new NetAddr::IP($cidr); + #private addresse #powerdns built-in private zone : serve-rfc1918 + if($ipv4->is_rfc1918()) { + if ($ipblock1 == 192) { + $zone = "168.192.in-addr.arpa."; + } elsif ($ipblock1 == 172) { + $zone = "16-31.172.in-addr.arpa."; + } elsif ($ipblock1 == 10) { + $zone = "10.in-addr.arpa."; + } + + } else { + #public ipv4 : RIPE,ARIN,AFRNIC + #. Delegations can be managed in IPv4 on bit boundaries (/8, /16 or /24s), and IPv6 networks can be managed on nibble boundaries (every 4 bits of the IPv6 address) + #One or more /24 type zones need to be created if your address space has a prefix length between /17 and /24. + # If your prefix length is between /16 and /9 you will have to request one or more delegations for /16 type zones. + + if ($mask <= 24) { + $zone = "$ipblock3.$ipblock2.$ipblock1.in-addr.arpa."; + } elsif ($mask <= 16) { + $zone = "$ipblock2.$ipblock1.in-addr.arpa."; + } elsif ($mask <= 8) { + $zone = "$ipblock1.in-addr.arpa."; + } + } + } else { + $mask = $plugin_config->{reversemaskv6} if $plugin_config->{reversemaskv6}; + die "reverse dns zone mask need to be a multiple of 4" if ($mask % 4); + my $networkv6 = NetAddr::IP->new($cidr)->network(); + $zone = Net::IP->new($networkv6)->reverse_ip(); + } + + return $zone; +} + sub on_update_hook { my ($class, $plugin_config) = @_; diff --git a/PVE/Network/SDN/SubnetPlugin.pm b/PVE/Network/SDN/SubnetPlugin.pm index 8a216b6..f57a5e9 100644 --- a/PVE/Network/SDN/SubnetPlugin.pm +++ b/PVE/Network/SDN/SubnetPlugin.pm @@ -71,22 +71,6 @@ sub properties { # type => 'string', # description => "static routes [network=:gateway=,network=:gateway=,... ]", # }, - dns => { - type => 'string', - description => "dns api server", - }, - reversedns => { - type => 'string', - description => "reverse dns api server", - }, - dnszone => { - type => 'string', format => 'dns-name', - description => "dns domain zone ex: mydomain.com", - }, - reversednszone => { - type => 'string', format => 'dns-name', - description => "reverse dns zone ex: 0.168.192.in-addr.arpa", - }, dnszoneprefix => { type => 'string', format => 'dns-name', description => "dns domain zone prefix ex: 'adm' -> .adm.mydomain.com", @@ -104,17 +88,13 @@ sub options { gateway => { optional => 1 }, # routes => { optional => 1 }, snat => { optional => 1 }, - dns => { optional => 1 }, - reversedns => { optional => 1 }, - dnszone => { optional => 1 }, - reversednszone => { optional => 1 }, dnszoneprefix => { optional => 1 }, ipam => { optional => 0 }, }; } sub on_update_hook { - my ($class, $subnetid, $subnet, $old_subnet) = @_; + my ($class, $zone, $subnetid, $subnet, $old_subnet) = @_; my $cidr = $subnetid =~ s/-/\//r; my $subnet_matcher = subnet_matcher($cidr); @@ -122,10 +102,9 @@ sub on_update_hook { my $vnetid = $subnet->{vnet}; my $gateway = $subnet->{gateway}; my $ipam = $subnet->{ipam}; - my $dns = $subnet->{dns}; - my $dnszone = $subnet->{dnszone}; - my $reversedns = $subnet->{reversedns}; - my $reversednszone = $subnet->{reversednszone}; + my $dns = $zone->{dns}; + my $dnszone = $zone->{dnszone}; + my $reversedns = $zone->{reversedns}; my $old_gateway = $old_subnet->{gateway} if $old_subnet; @@ -139,12 +118,6 @@ sub on_update_hook { #for /32 pointopoint, we allow gateway outside the subnet raise_param_exc({ gateway => "$gateway is not in subnet $subnetid"}) if $gateway && !$subnet_matcher->($gateway) && $mask != 32; - raise_param_exc({ dns => "missing dns provider"}) if $dnszone && !$dns; - raise_param_exc({ dnszone => "missing dns zone"}) if $dns && !$dnszone; - raise_param_exc({ reversedns => "missing dns provider"}) if $reversednszone && !$reversedns; - raise_param_exc({ reversednszone => "missing dns zone"}) if $reversedns && !$reversednszone; - raise_param_exc({ reversedns => "missing forward dns zone"}) if $reversednszone && !$dnszone; - if ($ipam) { my $ipam_cfg = PVE::Network::SDN::Ipams::config(); my $plugin_config = $ipam_cfg->{ids}->{$ipam}; @@ -155,18 +128,18 @@ sub on_update_hook { #delete on removal if (!defined($gateway) && $old_gateway) { eval { - PVE::Network::SDN::Subnets::del_ip($subnetid, $old_subnet, $old_gateway); + PVE::Network::SDN::Subnets::del_ip($zone, $subnetid, $old_subnet, $old_gateway); }; warn if $@; } if(!$old_gateway || $gateway && $gateway ne $old_gateway) { - PVE::Network::SDN::Subnets::add_ip($subnetid, $subnet, $gateway); + PVE::Network::SDN::Subnets::add_ip($zone, $subnetid, $subnet, $gateway); } #delete old ip after update if($gateway && $old_gateway && $gateway ne $old_gateway) { eval { - PVE::Network::SDN::Subnets::del_ip($subnetid, $old_subnet, $old_gateway); + PVE::Network::SDN::Subnets::del_ip($zone, $subnetid, $old_subnet, $old_gateway); }; warn if $@; } diff --git a/PVE/Network/SDN/Subnets.pm b/PVE/Network/SDN/Subnets.pm index 0f14f6f..aa7c6c1 100644 --- a/PVE/Network/SDN/Subnets.pm +++ b/PVE/Network/SDN/Subnets.pm @@ -93,6 +93,17 @@ my $verify_dns_zone = sub { $plugin->verify_zone($plugin_config, $zone); }; +my $get_reversedns_zone = sub { + my ($subnetid, $dns, $ip) = @_; + + return if !$subnetid || !$dns || !$ip; + + my $dns_cfg = PVE::Network::SDN::Dns::config(); + my $plugin_config = $dns_cfg->{ids}->{$dns}; + my $plugin = PVE::Network::SDN::Dns::Plugin->lookup($plugin_config->{type}); + $plugin->get_reversedns_zone($plugin_config, $subnetid, $ip); +}; + my $add_dns_record = sub { my ($zone, $dns, $hostname, $dnszoneprefix, $ip) = @_; return if !$zone || !$dns || !$hostname || !$ip; @@ -144,21 +155,19 @@ my $del_dns_ptr_record = sub { }; sub next_free_ip { - my ($subnetid, $subnet, $hostname) = @_; + my ($zone, $subnetid, $subnet, $hostname) = @_; my $cidr = undef; my $ip = undef; my $ipamid = $subnet->{ipam}; - my $dns = $subnet->{dns}; - my $dnszone = $subnet->{dnszone}; - my $reversedns = $subnet->{reversedns}; - my $reversednszone = $subnet->{reversednszone}; + my $dns = $zone->{dns}; + my $dnszone = $zone->{dnszone}; + my $reversedns = $zone->{reversedns}; my $dnszoneprefix = $subnet->{dnszoneprefix}; #verify dns zones before ipam &$verify_dns_zone($dnszone, $dns); - &$verify_dns_zone($reversednszone, $reversedns); if($ipamid) { my $ipam_cfg = PVE::Network::SDN::Ipams::config(); @@ -172,6 +181,8 @@ sub next_free_ip { } eval { + my $reversednszone = &$get_reversedns_zone($subnetid, $reversedns, $ip); + #add dns &$add_dns_record($dnszone, $dns, $hostname, $dnszoneprefix, $ip); #add reverse dns @@ -189,15 +200,15 @@ sub next_free_ip { } sub add_ip { - my ($subnetid, $subnet, $ip, $hostname) = @_; + my ($zone, $subnetid, $subnet, $ip, $hostname) = @_; return if !$subnet || !$ip; my $ipamid = $subnet->{ipam}; - my $dns = $subnet->{dns}; - my $dnszone = $subnet->{dnszone}; - my $reversedns = $subnet->{reversedns}; - my $reversednszone = $subnet->{reversednszone}; + my $dns = $zone->{dns}; + my $dnszone = $zone->{dnszone}; + my $reversedns = $zone->{reversedns}; + my $reversednszone = &$get_reversedns_zone($subnetid, $reversedns, $ip); my $dnszoneprefix = $subnet->{dnszoneprefix}; #verify dns zones before ipam @@ -231,15 +242,15 @@ sub add_ip { } sub del_ip { - my ($subnetid, $subnet, $ip, $hostname) = @_; + my ($zone, $subnetid, $subnet, $ip, $hostname) = @_; return if !$subnet; my $ipamid = $subnet->{ipam}; - my $dns = $subnet->{dns}; - my $dnszone = $subnet->{dnszone}; - my $reversedns = $subnet->{reversedns}; - my $reversednszone = $subnet->{reversednszone}; + my $dns = $zone->{dns}; + my $dnszone = $zone->{dnszone}; + my $reversedns = $zone->{reversedns}; + my $reversednszone = &$get_reversedns_zone($subnetid, $reversedns, $ip); my $dnszoneprefix = $subnet->{dnszoneprefix}; &$verify_dns_zone($dnszone, $dns); diff --git a/PVE/Network/SDN/VnetPlugin.pm b/PVE/Network/SDN/VnetPlugin.pm index 47fd4d4..8481f0d 100644 --- a/PVE/Network/SDN/VnetPlugin.pm +++ b/PVE/Network/SDN/VnetPlugin.pm @@ -100,6 +100,11 @@ sub on_delete_hook { sub on_update_hook { my ($class, $vnetid, $vnet_cfg, $subnet_cfg) = @_; + + #fixme : don't allow change zone if subnets are defined + #fixme : don't vlanaware change if subnets are defined +# my $subnets = PVE::Network::SDN::Vnets::get_subnets($vnetid); + # verify that tag is not already defined in another vnet if (defined($vnet_cfg->{ids}->{$vnetid}->{tag})) { my $tag = $vnet_cfg->{ids}->{$vnetid}->{tag}; diff --git a/PVE/Network/SDN/Vnets.pm b/PVE/Network/SDN/Vnets.pm index 96aa422..3b49ada 100644 --- a/PVE/Network/SDN/Vnets.pm +++ b/PVE/Network/SDN/Vnets.pm @@ -6,6 +6,7 @@ use warnings; use PVE::Cluster qw(cfs_read_file cfs_write_file cfs_lock_file); use Net::IP; use PVE::Network::SDN::Subnets; +use PVE::Network::SDN::Zones; use PVE::Network::SDN::VnetPlugin; PVE::Network::SDN::VnetPlugin->register(); @@ -79,6 +80,10 @@ sub get_subnets { sub get_next_free_ip { my ($vnetid, $hostname, $ipversion) = @_; + my $vnet = PVE::Network::SDN::Vnets::get_vnet($vnetid); + my $zoneid = $vnet->{zone}; + my $zone = PVE::Network::SDN::Zones::get_zone($zoneid); + $ipversion = 4 if !$ipversion; my $subnets = PVE::Network::SDN::Vnets::get_subnets($vnetid, 1); my $ip = undef; @@ -92,7 +97,7 @@ sub get_next_free_ip { $subnetcount++; if ($subnet->{ipam}) { eval { - $ip = PVE::Network::SDN::Subnets::next_free_ip($subnetid, $subnet, $hostname); + $ip = PVE::Network::SDN::Subnets::next_free_ip($zone, $subnetid, $subnet, $hostname); }; warn $@ if $@; } @@ -107,22 +112,28 @@ sub add_ip { my ($vnetid, $cidr, $hostname) = @_; my $subnets = PVE::Network::SDN::Vnets::get_subnets($vnetid, 1); + my $vnet = PVE::Network::SDN::Vnets::get_vnet($vnetid); + my $zoneid = $vnet->{zone}; + my $zone = PVE::Network::SDN::Zones::get_zone($zoneid); my ($ip, $mask) = split(/\//, $cidr); my ($subnetid, $subnet) = PVE::Network::SDN::Subnets::find_ip_subnet($ip, $subnets); - PVE::Network::SDN::Subnets::add_ip($subnetid, $subnet, $ip, $hostname); + PVE::Network::SDN::Subnets::add_ip($zone, $subnetid, $subnet, $ip, $hostname); } sub del_ip { my ($vnetid, $cidr, $hostname) = @_; my $subnets = PVE::Network::SDN::Vnets::get_subnets($vnetid, 1); + my $vnet = PVE::Network::SDN::Vnets::get_vnet($vnetid); + my $zoneid = $vnet->{zone}; + my $zone = PVE::Network::SDN::Zones::get_zone($zoneid); my ($ip, $mask) = split(/\//, $cidr); my ($subnetid, $subnet) = PVE::Network::SDN::Subnets::find_ip_subnet($ip, $subnets); - PVE::Network::SDN::Subnets::del_ip($subnetid, $subnet, $ip, $hostname); + PVE::Network::SDN::Subnets::del_ip($zone, $subnetid, $subnet, $ip, $hostname); } 1; diff --git a/PVE/Network/SDN/Zones.pm b/PVE/Network/SDN/Zones.pm index cef4dd2..1f225dc 100644 --- a/PVE/Network/SDN/Zones.pm +++ b/PVE/Network/SDN/Zones.pm @@ -72,6 +72,22 @@ sub complete_sdn_zone { return $cmdname eq 'add' ? [] : [ PVE::Network::SDN::sdn_zones_ids($cfg) ]; } +sub get_zone { + my ($zoneid, $running) = @_; + + my $cfg = {}; + if($running) { + my $cfg = PVE::Network::SDN::config(); + $cfg = $cfg->{vnets}; + } else { + $cfg = PVE::Network::SDN::Zones::config(); + } + + my $zone = PVE::Network::SDN::Zones::sdn_zones_config($cfg, $zoneid, 1); + + return $zone; +} + sub generate_etc_network_config { diff --git a/PVE/Network/SDN/Zones/EvpnPlugin.pm b/PVE/Network/SDN/Zones/EvpnPlugin.pm index 2191008..3cb083b 100644 --- a/PVE/Network/SDN/Zones/EvpnPlugin.pm +++ b/PVE/Network/SDN/Zones/EvpnPlugin.pm @@ -37,6 +37,9 @@ sub options { 'vrf-vxlan' => { optional => 0 }, 'controller' => { optional => 0 }, mtu => { optional => 1 }, + dns => { optional => 1 }, + reversedns => { optional => 1 }, + dnszone => { optional => 1 }, }; } diff --git a/PVE/Network/SDN/Zones/FaucetPlugin.pm b/PVE/Network/SDN/Zones/FaucetPlugin.pm index ef422ca..1b70a57 100644 --- a/PVE/Network/SDN/Zones/FaucetPlugin.pm +++ b/PVE/Network/SDN/Zones/FaucetPlugin.pm @@ -26,6 +26,9 @@ sub options { 'dp-id' => { optional => 0 }, # 'uplink-id' => { optional => 0 }, 'controller' => { optional => 0 }, + dns => { optional => 1 }, + reversedns => { optional => 1 }, + dnszone => { optional => 1 }, }; } diff --git a/PVE/Network/SDN/Zones/QinQPlugin.pm b/PVE/Network/SDN/Zones/QinQPlugin.pm index c828af4..8507ae6 100644 --- a/PVE/Network/SDN/Zones/QinQPlugin.pm +++ b/PVE/Network/SDN/Zones/QinQPlugin.pm @@ -40,6 +40,9 @@ sub options { 'bridge' => { optional => 0 }, 'mtu' => { optional => 1 }, 'vlan-protocol' => { optional => 1 }, + dns => { optional => 1 }, + reversedns => { optional => 1 }, + dnszone => { optional => 1 }, }; } diff --git a/PVE/Network/SDN/Zones/SimplePlugin.pm b/PVE/Network/SDN/Zones/SimplePlugin.pm index c0ab1fe..58cc1af 100644 --- a/PVE/Network/SDN/Zones/SimplePlugin.pm +++ b/PVE/Network/SDN/Zones/SimplePlugin.pm @@ -13,10 +13,30 @@ sub type { return 'simple'; } +sub properties { + return { + dns => { + type => 'string', + description => "dns api server", + }, + reversedns => { + type => 'string', + description => "reverse dns api server", + }, + dnszone => { + type => 'string', format => 'dns-name', + description => "dns domain zone ex: mydomain.com", + }, + }; +} + sub options { return { nodes => { optional => 1}, - mtu => { optional => 1 } + mtu => { optional => 1 }, + dns => { optional => 1 }, + reversedns => { optional => 1 }, + dnszone => { optional => 1 }, }; } diff --git a/PVE/Network/SDN/Zones/VlanPlugin.pm b/PVE/Network/SDN/Zones/VlanPlugin.pm index 7f90d31..fd750c9 100644 --- a/PVE/Network/SDN/Zones/VlanPlugin.pm +++ b/PVE/Network/SDN/Zones/VlanPlugin.pm @@ -33,7 +33,10 @@ sub options { return { nodes => { optional => 1}, 'bridge' => { optional => 0 }, - mtu => { optional => 1 } + mtu => { optional => 1 }, + dns => { optional => 1 }, + reversedns => { optional => 1 }, + dnszone => { optional => 1 }, }; } diff --git a/PVE/Network/SDN/Zones/VxlanPlugin.pm b/PVE/Network/SDN/Zones/VxlanPlugin.pm index 79af054..7a6687a 100644 --- a/PVE/Network/SDN/Zones/VxlanPlugin.pm +++ b/PVE/Network/SDN/Zones/VxlanPlugin.pm @@ -38,6 +38,9 @@ sub options { nodes => { optional => 1}, peers => { optional => 0 }, mtu => { optional => 1 }, + dns => { optional => 1 }, + reversedns => { optional => 1 }, + dnszone => { optional => 1 }, }; } -- 2.20.1