From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH cluster/network 0/6] Add global locking and configuration rollback to SDN configuration
Date: Fri, 28 Feb 2025 14:05:43 +0100 [thread overview]
Message-ID: <20250228130549.100357-1-s.hanreich@proxmox.com> (raw)
## Introduction
This patch series lays the groundwork for the Proxmox Datacenter Manager
SDN/EVPN integration on the Proxmox VE side by introducing global locking for
the SDN configuration. It is intended to be used by the PDM implementation to
prevent concurrent changes to the SDN configuration, while the datacenter
manager is making configuration changes.
## How it works
This patch series adds three new API calls:
* POST /cluster/sdn/lock
* DELETE /cluster/sdn/lock
* POST /cluster/sdn/rollback
The SDN configuration can be locked by invoking the lock endpoint, which returns
a lock-secret when the configuration has been locked successfully. This
lock-secret needs to be used for subsequent API calls that perform configuration
changes. For this purpose, a new parameter has been added to all SDN API
endpoints that perform configuration changes. If the lock is currently set, then
API callers have to provide the lock-secret in order for the API endpoints to
work. If there is no global lock set, then the endpoints work the same as
before.
The lock-secret is stored in a new file in the pmxcfs: `/etc/pve/sdn/.lock`.
The lock can be released automatically on applying, where I added a flag that
governs whether the global lock should automatically be released on applying the
configuration. Otherwise the lock can always be removed by the release endpoint,
which has a force flag for forcibly releasing the lock without providing the
secret.
In order to provide an escape hatch in the case of errors on the PDM side, I
added the functionality of rolling back to the current running configuration,
which has not been possible before. This endpoint throws away all pending
changes. This saves us from introducing a third layer of configuration files,
while also adding a new feature to the existing SDN stack, where one had to
tediously revert all changes one-by-one if one wanted to rollback to the running
configuration. We could consider doing this automatically in the future from
PDM, or at least expose it as opt-in behavior in the PDM settings.
For now, in case of failures, users have to manually unlock the SDN
configuration and then rollback using the following API endpoints:
pvesh delete /cluster/sdn/lock --force 1
pvesh create /cluster/sdn/rollback
If we want to introduce automatic rollback, implementing it this way saves us
from having to manually revert every single change we make. We lock the SDN
configuration only if there are no pending changes (the lock endpoint includes a
flag that governs this behavior), then proceed to make our changes. If we run
into any error we can be sure that only the changes we made to the SDN
configuration are pending, so this enables us to safely roll back the
configuration changes we made and unlock the SDN configuration.
The existing lock_sdn_config function locked the running configuration file. For
backwards compatibility reasons, I left it this way. For Proxmox VE 9 we should
consider moving this to a domain-lock, as for instance done in the HA stack.
## Dependencies
* pve-network depends on pve-cluster
pve-cluster:
Stefan Hanreich (1):
cfs: add 'sdn/.lock' file
src/PVE/Cluster.pm | 1 +
src/pmxcfs/status.c | 1 +
2 files changed, 2 insertions(+)
pve-network:
Stefan Hanreich (5):
sdn: add global lock for configuration
api: add lock-secret parameter to all api calls
api: add lock secret parameter to apply endpoint
api: add lock and release endpoints for global configuration lock
api: add rollback endpoint
src/PVE/API2/Network/SDN.pm | 153 +++++++++++++++++++++++-
src/PVE/API2/Network/SDN/Controllers.pm | 18 ++-
src/PVE/API2/Network/SDN/Dns.pm | 18 ++-
src/PVE/API2/Network/SDN/Ipams.pm | 18 ++-
src/PVE/API2/Network/SDN/Subnets.pm | 19 ++-
src/PVE/API2/Network/SDN/Vnets.pm | 18 ++-
src/PVE/API2/Network/SDN/Zones.pm | 18 ++-
src/PVE/Network/SDN.pm | 75 +++++++++++-
8 files changed, 303 insertions(+), 34 deletions(-)
Summary over all repositories:
10 files changed, 305 insertions(+), 34 deletions(-)
--
Generated by git-murpp 0.8.0
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next reply other threads:[~2025-02-28 13:05 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-28 13:05 Stefan Hanreich [this message]
2025-02-28 13:05 ` [pve-devel] [PATCH pve-cluster 1/1] cfs: add 'sdn/.lock' file Stefan Hanreich
2025-02-28 13:05 ` [pve-devel] [PATCH pve-network 1/5] sdn: add global lock for configuration Stefan Hanreich
2025-02-28 13:05 ` [pve-devel] [PATCH pve-network 2/5] api: add lock-secret parameter to all api calls Stefan Hanreich
2025-02-28 13:05 ` [pve-devel] [PATCH pve-network 3/5] api: add lock secret parameter to apply endpoint Stefan Hanreich
2025-02-28 13:05 ` [pve-devel] [PATCH pve-network 4/5] api: add lock and release endpoints for global configuration lock Stefan Hanreich
2025-02-28 13:05 ` [pve-devel] [PATCH pve-network 5/5] api: add rollback endpoint Stefan Hanreich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250228130549.100357-1-s.hanreich@proxmox.com \
--to=s.hanreich@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal