From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH pve-manager v4 04/10] api: cluster: add support for network resource type
Date: Thu, 13 Nov 2025 17:19:18 +0100 [thread overview]
Message-ID: <20251113161926.793020-16-s.hanreich@proxmox.com> (raw)
In-Reply-To: <20251113161926.793020-1-s.hanreich@proxmox.com>
pvestatd now broadcasts a new network resource type, instead of the
sdn resource type. This commit adds handling for this new network type
to the resources endpoint. In order to be able to deal with older
nodes, keep support for parsing the old sdn resource type.
Upgraded nodes will still broadcast the old format for
backwards-compatibility and nodes with this patch applied support
handling both formats. With this patch, nodes will check whether a
node is sending both formats or only the old one, and parse the
resources based on that information. Older nodes will drop the new
network resource type, but will still be able to show zones, because
the old format still gets broadcast. Newer nodes will take the
information from the network store, if available, otherwise fall back
to the SDN store.
Another reason for keeping the old format around is so we do not break
older clients, that rely on the old SDN format - removing it would be
a breaking API change.
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
PVE/API2/Cluster.pm | 106 ++++++++++++++++++++++++++++++++++++--------
1 file changed, 88 insertions(+), 18 deletions(-)
diff --git a/PVE/API2/Cluster.pm b/PVE/API2/Cluster.pm
index 479803960..eb9ddcc39 100644
--- a/PVE/API2/Cluster.pm
+++ b/PVE/API2/Cluster.pm
@@ -222,6 +222,32 @@ __PACKAGE__->register_method({
},
});
+my sub can_access_network {
+ my ($rpcenv, $network) = @_;
+ my $authuser = $rpcenv->get_user();
+
+ if ($network->{'network-type'} eq 'fabric') {
+ return $rpcenv->check_any(
+ $authuser,
+ "/sdn/fabrics/$network->{network}",
+ ['SDN.Audit', 'SDN.Allocate'],
+ 1,
+ );
+ } elsif ($network->{'network-type'} eq 'zone') {
+ return $rpcenv->check(
+ $authuser,
+ "/sdn/zones/$network->{network}",
+ ['SDN.Audit'],
+ 1,
+ );
+ }
+
+ # unknown type, so most likely introduced in a newer
+ # version - avoid leaking information by suppressing any
+ # unknown sdn types in the returned array.
+ return 0;
+}
+
__PACKAGE__->register_method({
name => 'resources',
path => 'resources',
@@ -251,7 +277,8 @@ __PACKAGE__->register_method({
type => {
description => "Resource type.",
type => 'string',
- enum => ['node', 'storage', 'pool', 'qemu', 'lxc', 'openvz', 'sdn'],
+ enum =>
+ ['node', 'storage', 'pool', 'qemu', 'lxc', 'openvz', 'sdn', 'network'],
},
status => {
description => "Resource type dependent status.",
@@ -431,6 +458,23 @@ __PACKAGE__->register_method({
optional => 1,
default => 0,
},
+ network => {
+ description => "The name of a Network entity (for type 'network').",
+ type => "string",
+ optional => 1,
+ },
+ 'network-type' => {
+ description => "The type of network resource (for type 'network').",
+ type => "string",
+ enum => ["fabric", "zone"],
+ optional => 1,
+ },
+ protocol => {
+ description =>
+ "The protocol of a fabric (for type 'network', network-type 'fabric').",
+ type => "string",
+ optional => 1,
+ },
},
},
},
@@ -584,25 +628,15 @@ __PACKAGE__->register_method({
}
if (!$param->{type} || $param->{type} eq 'sdn') {
- #add default "localnetwork" zone
- if ($rpcenv->check($authuser, "/sdn/zones/localnetwork", ['SDN.Audit'], 1)) {
- foreach my $node (@$nodelist) {
- my $local_sdn = {
- id => "sdn/$node/localnetwork",
- sdn => 'localnetwork',
- node => $node,
- type => 'sdn',
- status => 'ok',
- };
- push @$res, $local_sdn;
- }
- }
+ my $nodes = PVE::Cluster::get_node_kv("sdn");
+ my $network_nodes = PVE::Cluster::get_node_kv("network");
- if ($have_sdn) {
- my $nodes = PVE::Cluster::get_node_kv("sdn");
+ for my $node (sort keys %{$nodes}) {
+ # host is already sending the new network resource, so ignore
+ # its sdn resources
+ next if defined $network_nodes->{$node};
- for my $node (sort keys %{$nodes}) {
- my $sdns = decode_json($nodes->{$node});
+ my $sdns = decode_json($nodes->{$node});
for my $id (sort keys %{$sdns}) {
next if !$rpcenv->check($authuser, "/sdn/zones/$id", ['SDN.Audit'], 1);
@@ -620,6 +654,42 @@ __PACKAGE__->register_method({
}
}
+ if (!$param->{type} || $param->{type} eq 'network') {
+ my $nodes = PVE::Cluster::get_node_kv("network");
+
+ # add default "localnetwork" zone
+ if ($rpcenv->check($authuser, "/sdn/zones/localnetwork", ['SDN.Audit'], 1)) {
+ foreach my $node (@$nodelist) {
+ my $local_sdn = {
+ id => "network/$node/zone/localnetwork",
+ type => 'network',
+ 'network-type' => 'zone',
+ network => 'localnetwork',
+ node => $node,
+ status => 'ok',
+ };
+ push $res->@*, $local_sdn;
+ }
+ }
+
+ for my $node (sort keys $nodes->%*) {
+ my $node_config = decode_json($nodes->{$node});
+
+ for my $id (sort keys $node_config->%*) {
+ my $entry = $node_config->{$id};
+
+ next if !can_access_network($rpcenv, $entry);
+
+ push $res->@*,
+ {
+ "id" => "network/$node/$entry->{'network-type'}/$entry->{network}",
+ "node" => $node,
+ $entry->%*,
+ };
+ }
+ }
+ }
+
return $res;
},
});
--
2.47.3
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-11-13 16:20 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-13 16:19 [pve-devel] [PATCH manager/network/proxmox-perl-rs v4 00/21] Improve status reporting for SDN / networking Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH proxmox-perl-rs v4 1/2] pve-rs: update proxmox-frr dependency Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH proxmox-perl-rs v4 2/2] pve-rs: sdn status: rename network_type to network-type Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-network v4 1/9] refactor: rework api module structure for the /nodes/{node}/sdn subdir Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-network v4 2/9] fabrics: add fabrics status to SDN::status function Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-network v4 3/9] sdn: status: add zone type to sdn resource Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-network v4 4/9] api: nodes: fabrics: add endpoint for querying route status Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-network v4 5/9] api: nodes: fabrics: add endpoint for querying neighbor information Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-network v4 6/9] api: nodes: fabrics: add endpoint for querying interface status Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-network v4 7/9] api: nodes: zones: add bridge status Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-network v4 8/9] api: nodes: zones: add ip vrf endpoint for evpn zones Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-network v4 9/9] api: nodes: vnets: add mac-vrf endpoint for evpn vnets Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-manager v4 01/10] api: nodes: use new status module for sdn subdirectory Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-manager v4 02/10] refactor: ui: sdn browser: parametrize zone content panel Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-manager v4 03/10] pvestatd: add network resource to status reporting Stefan Hanreich
2025-11-13 16:19 ` Stefan Hanreich [this message]
2025-11-13 16:19 ` [pve-devel] [PATCH pve-manager v4 05/10] pvestatd: sdn: adapt to changes in " Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-manager v4 06/10] ui: resource tree: add network resource Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-manager v4 07/10] ui: network browser: Add ip-vrf panel for evpn zones Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-manager v4 08/10] ui: network browser: add mac vrf panel Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-manager v4 09/10] ui: network browser: add zone bridge view Stefan Hanreich
2025-11-13 16:19 ` [pve-devel] [PATCH pve-manager v4 10/10] ui: sdn: status view: adapt to new network resource Stefan Hanreich
2025-11-14 1:07 ` [pve-devel] applied: [PATCH manager/network/proxmox-perl-rs v4 00/21] Improve status reporting for SDN / networking Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251113161926.793020-16-s.hanreich@proxmox.com \
--to=s.hanreich@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox