From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9])
	by lore.proxmox.com (Postfix) with ESMTPS id 2E8CD1FF17C
	for <inbox@lore.proxmox.com>; Wed, 25 Jun 2025 18:00:30 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 5D0BA199C1;
	Wed, 25 Jun 2025 17:58:33 +0200 (CEST)
From: Fiona Ebner <f.ebner@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Wed, 25 Jun 2025 17:56:28 +0200
Message-ID: <20250625155751.268047-6-f.ebner@proxmox.com>
X-Mailer: git-send-email 2.47.2
In-Reply-To: <20250625155751.268047-1-f.ebner@proxmox.com>
References: <20250625155751.268047-1-f.ebner@proxmox.com>
MIME-Version: 1.0
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.030 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
Subject: [pve-devel] [PATCH qemu-server 05/31] assume that SDN is available
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pve-devel-bounces@lists.proxmox.com
Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com>

pve-manager >= 8.2.10 has a hard dependency on libpve-network-perl
which includes the required modules.

Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
---
 src/PVE/QemuServer.pm | 143 +++++++++++++++---------------------------
 src/usr/pve-bridge    |  21 ++-----
 2 files changed, 56 insertions(+), 108 deletions(-)

diff --git a/src/PVE/QemuServer.pm b/src/PVE/QemuServer.pm
index 513652d6..97a9ad5a 100644
--- a/src/PVE/QemuServer.pm
+++ b/src/PVE/QemuServer.pm
@@ -35,6 +35,8 @@ use PVE::GuestHelpers qw(safe_string_ne safe_num_ne safe_boolean_ne);
 use PVE::Mapping::Dir;
 use PVE::Mapping::PCI;
 use PVE::Mapping::USB;
+use PVE::Network::SDN::Vnets;
+use PVE::Network::SDN::Zones;
 use PVE::INotify;
 use PVE::JSONSchema qw(get_standard_option parse_property_string);
 use PVE::ProcFSTools;
@@ -80,13 +82,6 @@ use PVE::QemuServer::StateFile;
 use PVE::QemuServer::USB;
 use PVE::QemuServer::Virtiofs qw(max_virtiofs start_all_virtiofsd);
 
-my $have_sdn;
-eval {
-    require PVE::Network::SDN::Zones;
-    require PVE::Network::SDN::Vnets;
-    $have_sdn = 1;
-};
-
 my $have_ha_config;
 eval {
     require PVE::HA::Config;
@@ -5011,14 +5006,12 @@ sub vmconfig_hotplug_pending {
             } elsif ($opt =~ m/^net(\d+)$/) {
                 die "skip\n" if !$hotplug_features->{network};
                 vm_deviceunplug($vmid, $conf, $opt);
-                if ($have_sdn) {
-                    my $net = PVE::QemuServer::parse_net($conf->{$opt});
-                    PVE::Network::SDN::Vnets::del_ips_from_mac(
-                        $net->{bridge},
-                        $net->{macaddr},
-                        $conf->{name},
-                    );
-                }
+                my $net = PVE::QemuServer::parse_net($conf->{$opt});
+                PVE::Network::SDN::Vnets::del_ips_from_mac(
+                    $net->{bridge},
+                    $net->{macaddr},
+                    $conf->{name},
+                );
             } elsif (is_valid_drivename($opt)) {
                 die "skip\n"
                     if !$hotplug_features->{disk} || $opt =~ m/(efidisk|ide|sata|tpmstate)(\d+)/;
@@ -5252,17 +5245,15 @@ sub vmconfig_apply_pending {
             } elsif (defined($conf->{$opt}) && is_valid_drivename($opt)) {
                 vmconfig_delete_or_detach_drive($vmid, $storecfg, $conf, $opt, $force);
             } elsif (defined($conf->{$opt}) && $opt =~ m/^net\d+$/) {
-                if ($have_sdn) {
-                    my $net = PVE::QemuServer::parse_net($conf->{$opt});
-                    eval {
-                        PVE::Network::SDN::Vnets::del_ips_from_mac(
-                            $net->{bridge},
-                            $net->{macaddr},
-                            $conf->{name},
-                        );
-                    };
-                    warn if $@;
-                }
+                my $net = PVE::QemuServer::parse_net($conf->{$opt});
+                eval {
+                    PVE::Network::SDN::Vnets::del_ips_from_mac(
+                        $net->{bridge},
+                        $net->{macaddr},
+                        $conf->{name},
+                    );
+                };
+                warn if $@;
             }
         };
         if (my $err = $@) {
@@ -5288,8 +5279,6 @@ sub vmconfig_apply_pending {
                     parse_drive($opt, $conf->{$opt}),
                 );
             } elsif (defined($conf->{pending}->{$opt}) && $opt =~ m/^net\d+$/) {
-                return if !$have_sdn; # return from eval if SDN is not available
-
                 my $new_net = PVE::QemuServer::parse_net($conf->{pending}->{$opt});
                 if ($conf->{$opt}) {
                     my $old_net = PVE::QemuServer::parse_net($conf->{$opt});
@@ -5370,14 +5359,11 @@ sub vmconfig_update_net {
             die "skip\n" if !$hotplug;
             vm_deviceunplug($vmid, $conf, $opt);
 
-            if ($have_sdn) {
-                PVE::Network::SDN::Vnets::del_ips_from_mac(
-                    $oldnet->{bridge},
-                    $oldnet->{macaddr},
-                    $conf->{name},
-                );
-            }
-
+            PVE::Network::SDN::Vnets::del_ips_from_mac(
+                $oldnet->{bridge},
+                $oldnet->{macaddr},
+                $conf->{name},
+            );
         } else {
 
             die "internal error" if $opt !~ m/net(\d+)/;
@@ -5400,42 +5386,29 @@ sub vmconfig_update_net {
                 }
 
                 if (safe_string_ne($oldnet->{bridge}, $newnet->{bridge})) {
-                    if ($have_sdn) {
-                        PVE::Network::SDN::Vnets::del_ips_from_mac(
-                            $oldnet->{bridge},
-                            $oldnet->{macaddr},
-                            $conf->{name},
-                        );
-                        PVE::Network::SDN::Vnets::add_next_free_cidr(
-                            $newnet->{bridge},
-                            $conf->{name},
-                            $newnet->{macaddr},
-                            $vmid,
-                            undef,
-                            1,
-                        );
-                    }
+                    PVE::Network::SDN::Vnets::del_ips_from_mac(
+                        $oldnet->{bridge},
+                        $oldnet->{macaddr},
+                        $conf->{name},
+                    );
+                    PVE::Network::SDN::Vnets::add_next_free_cidr(
+                        $newnet->{bridge},
+                        $conf->{name},
+                        $newnet->{macaddr},
+                        $vmid,
+                        undef,
+                        1,
+                    );
                 }
 
-                if ($have_sdn) {
-                    PVE::Network::SDN::Zones::tap_plug(
-                        $iface,
-                        $newnet->{bridge},
-                        $newnet->{tag},
-                        $newnet->{firewall},
-                        $newnet->{trunks},
-                        $newnet->{rate},
-                    );
-                } else {
-                    PVE::Network::tap_plug(
-                        $iface,
-                        $newnet->{bridge},
-                        $newnet->{tag},
-                        $newnet->{firewall},
-                        $newnet->{trunks},
-                        $newnet->{rate},
-                    );
-                }
+                PVE::Network::SDN::Zones::tap_plug(
+                    $iface,
+                    $newnet->{bridge},
+                    $newnet->{tag},
+                    $newnet->{firewall},
+                    $newnet->{trunks},
+                    $newnet->{rate},
+                );
 
             } elsif (safe_num_ne($oldnet->{rate}, $newnet->{rate})) {
                 # Rate can be applied on its own but any change above needs to
@@ -5458,14 +5431,12 @@ sub vmconfig_update_net {
     }
 
     if ($hotplug) {
-        if ($have_sdn) {
-            PVE::Network::SDN::Vnets::add_next_free_cidr(
-                $newnet->{bridge}, $conf->{name}, $newnet->{macaddr}, $vmid, undef, 1,
-            );
-            PVE::Network::SDN::Vnets::add_dhcp_mapping(
-                $newnet->{bridge}, $newnet->{macaddr}, $vmid, $conf->{name},
-            );
-        }
+        PVE::Network::SDN::Vnets::add_next_free_cidr(
+            $newnet->{bridge}, $conf->{name}, $newnet->{macaddr}, $vmid, undef, 1,
+        );
+        PVE::Network::SDN::Vnets::add_dhcp_mapping(
+            $newnet->{bridge}, $newnet->{macaddr}, $vmid, $conf->{name},
+        );
         vm_deviceplug($storecfg, $conf, $vmid, $opt, $newnet, $arch, $machine_type);
     } else {
         die "skip\n";
@@ -9147,11 +9118,7 @@ sub add_nets_bridge_fdb {
             log_warn("Interface '$iface' not attached to any bridge.");
             next;
         }
-        if ($have_sdn) {
-            PVE::Network::SDN::Zones::add_bridge_fdb($iface, $mac, $bridge);
-        } elsif (-d "/sys/class/net/$bridge/bridge") { # avoid fdb management with OVS for now
-            PVE::Network::add_bridge_fdb($iface, $mac);
-        }
+        PVE::Network::SDN::Zones::add_bridge_fdb($iface, $mac, $bridge);
     }
 }
 
@@ -9166,19 +9133,13 @@ sub del_nets_bridge_fdb {
         my $mac = $net->{macaddr} or next;
 
         my $bridge = $net->{bridge};
-        if ($have_sdn) {
-            PVE::Network::SDN::Zones::del_bridge_fdb($iface, $mac, $bridge);
-        } elsif (-d "/sys/class/net/$bridge/bridge") { # avoid fdb management with OVS for now
-            PVE::Network::del_bridge_fdb($iface, $mac);
-        }
+        PVE::Network::SDN::Zones::del_bridge_fdb($iface, $mac, $bridge);
     }
 }
 
 sub create_ifaces_ipams_ips {
     my ($conf, $vmid) = @_;
 
-    return if !$have_sdn;
-
     foreach my $opt (keys %$conf) {
         if ($opt =~ m/^net(\d+)$/) {
             my $value = $conf->{$opt};
@@ -9196,8 +9157,6 @@ sub create_ifaces_ipams_ips {
 sub delete_ifaces_ipams_ips {
     my ($conf, $vmid) = @_;
 
-    return if !$have_sdn;
-
     foreach my $opt (keys %$conf) {
         if ($opt =~ m/^net(\d+)$/) {
             my $net = PVE::QemuServer::parse_net($conf->{$opt});
diff --git a/src/usr/pve-bridge b/src/usr/pve-bridge
index 299be1f3..2608e1a0 100755
--- a/src/usr/pve-bridge
+++ b/src/usr/pve-bridge
@@ -5,16 +5,10 @@ use warnings;
 
 use PVE::QemuServer;
 use PVE::Tools qw(run_command);
-use PVE::Network;
+use PVE::Network::SDN::Vnets;
+use PVE::Network::SDN::Zones;
 use PVE::Firewall;
 
-my $have_sdn;
-eval {
-    require PVE::Network::SDN::Zones;
-    require PVE::Network::SDN::Vnets;
-    $have_sdn = 1;
-};
-
 my $iface = shift;
 
 my $hotplug = 0;
@@ -48,13 +42,8 @@ die "unable to parse network config '$netid'\n" if !$net;
 # The nftable-based implementation from the newer proxmox-firewall does not requires FW bridges
 my $create_firewall_bridges = $net->{firewall} && !PVE::Firewall::is_nftables();
 
-if ($have_sdn) {
-    PVE::Network::SDN::Vnets::add_dhcp_mapping($net->{bridge}, $net->{macaddr}, $vmid, $conf->{name});
-    PVE::Network::SDN::Zones::tap_create($iface, $net->{bridge});
-    PVE::Network::SDN::Zones::tap_plug($iface, $net->{bridge}, $net->{tag}, $create_firewall_bridges, $net->{trunks}, $net->{rate});
-} else {
-    PVE::Network::tap_create($iface, $net->{bridge});
-    PVE::Network::tap_plug($iface, $net->{bridge}, $net->{tag}, $create_firewall_bridges, $net->{trunks}, $net->{rate});
-}
+PVE::Network::SDN::Vnets::add_dhcp_mapping($net->{bridge}, $net->{macaddr}, $vmid, $conf->{name});
+PVE::Network::SDN::Zones::tap_create($iface, $net->{bridge});
+PVE::Network::SDN::Zones::tap_plug($iface, $net->{bridge}, $net->{tag}, $create_firewall_bridges, $net->{trunks}, $net->{rate});
 
 exit 0;
-- 
2.47.2



_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel