public inbox for pve-devel@lists.proxmox.com
 help / color / mirror / Atom feed
From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH pve-manager v3 15/18] api: network: add include_sdn / fabric type
Date: Thu, 22 May 2025 18:17:26 +0200	[thread overview]
Message-ID: <20250522161731.537011-71-s.hanreich@proxmox.com> (raw)
In-Reply-To: <20250522161731.537011-1-s.hanreich@proxmox.com>

In order to be able to show SDN networks in the network selector
dropdowns, we introduce a new type ('include_sdn') to the API endpoint
that lists network interfaces of a node. The return value for existing
parameters stays unchanged to preserve backwards-compatibility.
Callers have to explicitly pass the new type if they want SDN networks
included in the response as well. Only fabrics for which the current
user has any SDN permission (Audit/Use/Modify) are listed.

There is also a new type that only lists fabrics ('fabric'), which
works analogous to the current type filters.

There was a separate type for vnets as well, that is not used anywhere
but was defunct due to a missing check in the endpoint. This has now
been fixed and supplying vnet as the type should now only return
vnets.

This commit is preparation for integrating the fabrics with several
parts in the UI, such as the Ceph installation wizard and the
migration settings, which use the pveNetworkSelector component that
uses this endpoint to query available network interfaces.

Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
 PVE/API2/Network.pm | 41 ++++++++++++++++++++++++++++++++---------
 1 file changed, 32 insertions(+), 9 deletions(-)

diff --git a/PVE/API2/Network.pm b/PVE/API2/Network.pm
index 2ff729f7a..944c1a068 100644
--- a/PVE/API2/Network.pm
+++ b/PVE/API2/Network.pm
@@ -37,7 +37,7 @@ my $bond_mode_enum = [
     'lacp-balance-tcp', # OVS
     ];
 
-my $network_type_enum = ['bridge', 'bond', 'eth', 'alias', 'vlan',
+my $network_type_enum = ['bridge', 'bond', 'eth', 'alias', 'vlan', 'fabric',
 			 'OVSBridge', 'OVSBond', 'OVSPort', 'OVSIntPort', 'vnet'];
 
 my $confdesc = {
@@ -214,7 +214,7 @@ __PACKAGE__->register_method({
 	    type => {
 		description => "Only list specific interface types.",
 		type => 'string',
-		enum => [ @$network_type_enum, 'any_bridge', 'any_local_bridge' ],
+		enum => [ @$network_type_enum, 'any_bridge', 'any_local_bridge', 'include_sdn' ],
 		optional => 1,
 	    },
 	},
@@ -363,22 +363,45 @@ __PACKAGE__->register_method({
 
 	if (my $tfilter = $param->{type}) {
 	    my $vnets;
+	    my $fabrics;
 
-	    if ($have_sdn && $tfilter eq 'any_bridge') {
+	    if ($have_sdn && $tfilter =~ /^(any_bridge|include_sdn|vnet)$/) {
 		$vnets = PVE::Network::SDN::get_local_vnets(); # returns already access-filtered
 	    }
 
-	    for my $k (sort keys $ifaces->%*) {
-		my $type = $ifaces->{$k}->{type};
-		my $is_bridge = $type eq 'bridge' || $type eq 'OVSBridge';
-		my $bridge_match = $is_bridge && $tfilter =~ /^any(_local)?_bridge$/;
-		my $match = $tfilter eq $type || $bridge_match;
-		delete $ifaces->{$k} if !$match;
+	    if ($have_sdn && $tfilter =~ /^(include_sdn|fabric)$/) {
+		my $local_node = PVE::INotify::nodename();
+
+		$fabrics = PVE::Network::SDN::Fabrics::config(1)
+		    ->get_interfaces_for_node($local_node);
+	    }
+
+	    if ($tfilter ne 'include_sdn') {
+		for my $k (sort keys $ifaces->%*) {
+		    my $type = $ifaces->{$k}->{type};
+		    my $is_bridge = $type eq 'bridge' || $type eq 'OVSBridge';
+		    my $bridge_match = $is_bridge && $tfilter =~ /^any(_local)?_bridge$/;
+		    my $match = $tfilter eq $type || $bridge_match;
+		    delete $ifaces->{$k} if !$match;
+		}
 	    }
 
 	    if (defined($vnets)) {
 		$ifaces->{$_} = $vnets->{$_} for keys $vnets->%*
 	    }
+
+	    if (defined($fabrics)) {
+		for my $fabric_id (keys %$fabrics) {
+		    next if !$rpcenv->check_any(
+			$authuser,
+			"/sdn/fabrics/$fabric_id",
+			['SDN.Audit', 'SDN.Use', 'SDN.Allocate'],
+			1
+		    );
+
+		    $ifaces->{$fabric_id} = $fabrics->{$fabric_id};
+		}
+	    }
 	}
 
 	#always check bridge access
-- 
2.39.5


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel


  parent reply	other threads:[~2025-05-22 16:24 UTC|newest]

Thread overview: 79+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-05-22 16:16 [pve-devel] [PATCH access-control/cluster/docs/gui-tests/manager/network/proxmox{, -firewall, -ve-rs, -perl-rs, -widget-toolkit} v3 00/75] Add SDN Fabrics Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox v3 1/4] network-types: initial commit Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox v3 2/4] network-types: make cidr and mac-address types usable by the api Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox v3 3/4] network-types: add api types for ipv4/6 Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox v3 4/4] api-macro: add allof schema to enum Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-firewall v3 1/1] firewall: nftables: migrate to proxmox-network-types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 01/21] config: use proxmox_serde perl helpers Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 02/21] ve-config: move types to proxmox-network-types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 03/21] sdn-types: initial commit Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 04/21] frr: create proxmox-frr crate Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 05/21] frr: add common frr types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 06/21] frr: add openfabric types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 07/21] frr: add ospf types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 08/21] frr: add route-map types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 09/21] frr: add generic types over openfabric and ospf Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 10/21] config: sdn: fabrics: add section types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 11/21] config: sdn: fabrics: add node " Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 12/21] config: sdn: fabrics: add interface name struct Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 13/21] config: sdn: fabrics: add openfabric properties Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 14/21] config: sdn: fabrics: add ospf properties Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 15/21] config: sdn: fabrics: add api types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 16/21] config: sdn: fabrics: add section config Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 17/21] config: sdn: fabrics: add fabric config Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 18/21] common: sdn: fabrics: implement validation Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 19/21] sdn: fabrics: config: add conversion from / to section config Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 20/21] sdn: fabrics: implement FRR configuration generation Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 21/21] ve-config: add integrations tests Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-perl-rs v3 1/5] pve-rs: Add PVE::RS::SDN::Fabrics module Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-perl-rs v3 2/5] pve-rs: sdn: fabrics: add api methods Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-perl-rs v3 3/5] pve-rs: sdn: fabrics: add frr config generation Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-perl-rs v3 4/5] pve-rs: sdn: fabrics: add helper to generate ifupdown2 configuration Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-perl-rs v3 5/5] pve-rs: sdn: fabrics: add helper for network API endpoint Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-cluster v3 1/1] cfs: add fabrics.cfg to observed files Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-access-control v3 1/1] permissions: add ACL paths for SDN fabrics Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 01/21] sdn: fix value returned by pending_config Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 02/21] debian: add dependency to proxmox-perl-rs Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 03/21] fabrics: add fabrics module Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 04/21] refactor: controller: move frr methods into helper Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 05/21] frr: add new helpers for reloading frr configuration Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 06/21] controllers: define new api for frr config generation Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 07/21] sdn: add frr config generation helpers Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 08/21] sdn: api: add check for rewriting frr configuration Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 09/21] test: isis: add test for standalone configuration Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 10/21] sdn: frr: add daemon status to frr helper Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 11/21] sdn: commit fabrics config to running configuration Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 12/21] fabrics: generate ifupdown configuration Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 13/21] fabrics: add jsonschema for fabrics and nodes Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 14/21] api: fabrics: add root-level module Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 15/21] api: fabrics: add fabric submodule Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 16/21] api: fabrics: add node submodule Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 17/21] api: fabrics: add fabricnode submodule Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 18/21] controller: evpn: add fabrics integration Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 19/21] zone: vxlan: " Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 20/21] test: fabrics: add test cases for ospf and openfabric + evpn Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 21/21] frr: bump frr config version to 10.2.2 Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH proxmox-widget-toolkit v3 1/1] network selector: add type parameter Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 01/18] api: use new sdn config generation functions Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 02/18] ui: fabrics: add model definitions for fabrics Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 03/18] fabric: add common interface panel Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 04/18] fabric: add OpenFabric interface properties Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 05/18] fabric: add OSPF " Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 06/18] fabric: add generic node edit panel Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 07/18] fabric: add OpenFabric node edit Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 08/18] fabric: add OSPF " Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 09/18] fabric: add generic fabric edit panel Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 10/18] fabric: add OpenFabric " Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 11/18] fabric: add OSPF " Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 12/18] fabrics: Add main FabricView Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 13/18] utils: avoid line-break in pending changes message Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 14/18] ui: permissions: add ACL path for fabrics Stefan Hanreich
2025-05-22 16:17 ` Stefan Hanreich [this message]
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 16/18] ui: add sdn networks to ceph / migration Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 17/18] ui: sdn: add evpn controller fabric integration Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 18/18] ui: sdn: vxlan: add fabric property Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-gui-tests v3 1/1] pve: add sdn/fabrics screenshots Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-docs v3 1/1] fabrics: add initial documentation for sdn fabrics Stefan Hanreich
2025-06-12 15:01 ` [pve-devel] [PATCH access-control/cluster/docs/gui-tests/manager/network/proxmox{, -firewall, -ve-rs, -perl-rs, -widget-toolkit} v3 00/75] Add SDN Fabrics Hannes Duerr
2025-06-26  7:04   ` Gabriel Goller
2025-06-26  8:02     ` Stefan Hanreich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250522161731.537011-71-s.hanreich@proxmox.com \
    --to=s.hanreich@proxmox.com \
    --cc=pve-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal