public inbox for pve-devel@lists.proxmox.com
 help / color / mirror / Atom feed
* [pve-devel] [PATCH docs 0/3] network: update & reword
@ 2022-05-30 12:40 Aaron Lauterer
  2022-05-30 12:40 ` [pve-devel] [PATCH docs 1/3] network: remove ifup ifdown as it won't reattach guests Aaron Lauterer
                   ` (3 more replies)
  0 siblings, 4 replies; 6+ messages in thread
From: Aaron Lauterer @ 2022-05-30 12:40 UTC (permalink / raw)
  To: pve-devel

Update the network section to
- remove mentioning ifup & ifdown as it can break connections of running
guests
- ifupdown2 is default now, we can remove the install guide etc
- rework the introduction to make a few conecpts clear to people that
are not used to it yet

Aaron Lauterer (3):
  network: remove ifup ifdown as it won't reattach guests
  network: adapt apply config section to PVE 7
  network: rework introduction for people with less experience

 pve-network.adoc | 61 ++++++++++++++++++++++++------------------------
 1 file changed, 30 insertions(+), 31 deletions(-)

-- 
2.30.2





^ permalink raw reply	[flat|nested] 6+ messages in thread

* [pve-devel] [PATCH docs 1/3] network: remove ifup ifdown as it won't reattach guests
  2022-05-30 12:40 [pve-devel] [PATCH docs 0/3] network: update & reword Aaron Lauterer
@ 2022-05-30 12:40 ` Aaron Lauterer
  2022-05-30 12:40 ` [pve-devel] [PATCH docs 2/3] network: adapt apply config section to PVE 7 Aaron Lauterer
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 6+ messages in thread
From: Aaron Lauterer @ 2022-05-30 12:40 UTC (permalink / raw)
  To: pve-devel

Mentioning 'ifup' and 'ifdown' can lead to users running into situations
where they take down one interface, for example an vmbrX. In this
situation the connection to the guests will be lost and not
reestablished automatically if the interface is brought up again with
'ifup'. The better way to apply network changes is to run 'ifreload -a'.

Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com>
---
 pve-network.adoc | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/pve-network.adoc b/pve-network.adoc
index c5e9a17..a33b90c 100644
--- a/pve-network.adoc
+++ b/pve-network.adoc
@@ -12,9 +12,6 @@ complete format description. All {pve} tools try hard to keep direct
 user modifications, but using the GUI is still preferable, because it
 protects you from errors.
 
-Once the network is configured, you can use the Debian traditional tools `ifup`
-and `ifdown` commands to bring interfaces up and down.
-
 Apply Network Changes
 ~~~~~~~~~~~~~~~~~~~~~
 
-- 
2.30.2





^ permalink raw reply	[flat|nested] 6+ messages in thread

* [pve-devel] [PATCH docs 2/3] network: adapt apply config section to PVE 7
  2022-05-30 12:40 [pve-devel] [PATCH docs 0/3] network: update & reword Aaron Lauterer
  2022-05-30 12:40 ` [pve-devel] [PATCH docs 1/3] network: remove ifup ifdown as it won't reattach guests Aaron Lauterer
@ 2022-05-30 12:40 ` Aaron Lauterer
  2022-05-30 12:40 ` [pve-devel] [PATCH docs 3/3] network: rework introduction for people with less experience Aaron Lauterer
  2022-05-30 12:50 ` [pve-devel] [PATCH docs 0/3] network: update & reword Thomas Lamprecht
  3 siblings, 0 replies; 6+ messages in thread
From: Aaron Lauterer @ 2022-05-30 12:40 UTC (permalink / raw)
  To: pve-devel

ifupdown2 is now installed by default, we can therefore omit the whole
installation part

also mention the CLI variant for users who like to edit the network
config directly or are using some config management tools

Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com>
---
 pve-network.adoc | 32 +++++++++-----------------------
 1 file changed, 9 insertions(+), 23 deletions(-)

diff --git a/pve-network.adoc b/pve-network.adoc
index a33b90c..0eabb87 100644
--- a/pve-network.adoc
+++ b/pve-network.adoc
@@ -24,34 +24,20 @@ inaccessible.
 Reboot Node to apply
 ^^^^^^^^^^^^^^^^^^^^
 
-With the default installed `ifupdown` network managing package you need to
-reboot to commit any pending network changes. Most of the time, the basic {pve}
-network setup is stable and does not change often, so rebooting should not be
-required often.
+One way to apply a new network configuration is to reboot the node.
 
 Reload Network with ifupdown2
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-With the optional `ifupdown2` network managing package you also can reload the
-network configuration live, without requiring a reboot.
+With the 'ifupdown2' package (default since {pve} 7), it is possible to apply
+network configuration changes without a reboot. If you change the network
+configuration via the GUI, you can click the 'Apply Configuration' button. Run
+the following command if you make changes directly to the
+`/etc/network/interfaces` file:
 
-Since {pve} 6.1 you can apply pending network changes over the web-interface,
-using the 'Apply Configuration' button in the 'Network' panel of a node.
-
-To install 'ifupdown2' ensure you have the latest {pve} updates installed, then
-
-WARNING: installing 'ifupdown2' will remove 'ifupdown', but as the removal
-scripts of 'ifupdown' before version '0.8.35+pve1' have a issue where network
-is fully stopped on removal footnote:[Introduced with Debian Buster:
-https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945877] you *must* ensure
-that you have a up to date 'ifupdown' package version.
-
-For the installation itself you can then simply do:
-
- apt install ifupdown2
-
-With that you're all set. You can also switch back to the 'ifupdown' variant at
-any time, if you run into issues.
+----
+ ifreload -a
+----
 
 Naming Conventions
 ~~~~~~~~~~~~~~~~~~
-- 
2.30.2





^ permalink raw reply	[flat|nested] 6+ messages in thread

* [pve-devel] [PATCH docs 3/3] network: rework introduction for people with less experience
  2022-05-30 12:40 [pve-devel] [PATCH docs 0/3] network: update & reword Aaron Lauterer
  2022-05-30 12:40 ` [pve-devel] [PATCH docs 1/3] network: remove ifup ifdown as it won't reattach guests Aaron Lauterer
  2022-05-30 12:40 ` [pve-devel] [PATCH docs 2/3] network: adapt apply config section to PVE 7 Aaron Lauterer
@ 2022-05-30 12:40 ` Aaron Lauterer
  2022-05-30 12:50 ` [pve-devel] [PATCH docs 0/3] network: update & reword Thomas Lamprecht
  3 siblings, 0 replies; 6+ messages in thread
From: Aaron Lauterer @ 2022-05-30 12:40 UTC (permalink / raw)
  To: pve-devel

Mentioning explicitly, that the vmbr interfaces can be thought of as a
virtual switch and what can be done overall in the introduction will
hopefully help new users to grasp the networking more quickly.

Also mention the SDN to point people in that direction if they need it

Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com>
---
 pve-network.adoc | 28 ++++++++++++++++++++++------
 1 file changed, 22 insertions(+), 6 deletions(-)

diff --git a/pve-network.adoc b/pve-network.adoc
index 0eabb87..98a5fb5 100644
--- a/pve-network.adoc
+++ b/pve-network.adoc
@@ -5,13 +5,26 @@ ifdef::wiki[]
 :pve-toplevel:
 endif::wiki[]
 
-Network configuration can be done either via the GUI, or by manually
-editing the file `/etc/network/interfaces`, which contains the
-whole network configuration. The  `interfaces(5)` manual page contains the
-complete format description. All {pve} tools try hard to keep direct
-user modifications, but using the GUI is still preferable, because it
+{pve} is using the Linux network stack. This provides a lot of flexibility on
+how to set up the network on the {pve} nodes. The configuration can be done
+either via the GUI, or by manually editing the file `/etc/network/interfaces`,
+which contains the whole network configuration. The  `interfaces(5)` manual
+page contains the complete format description. All {pve} tools try hard to keep
+direct user modifications, but using the GUI is still preferable, because it
 protects you from errors.
 
+A 'vmbr' interface is needed to connect guests to the underlying physical
+network.  They are a Linux bridge which can be thought of as a virtual switch
+to which the guests and physical interfaces are connected to.  This section
+provides some examples on how the network can be set up to accomodate different
+use cases like redundancy with a xref:sysadmin_network_bond['bond'],
+xref:sysadmin_network_vlan['vlans'] or
+xref:sysadmin_network_routed['routed'] and
+xref:sysadmin_network_masquerading['NAT'] setups.
+
+The xref:chapter_pvesdn[Software Defined Network] is an option for more complex
+virtual networks in {pve} clusters.
+
 Apply Network Changes
 ~~~~~~~~~~~~~~~~~~~~~
 
@@ -150,6 +163,7 @@ physical network. The network, in turn, sees each virtual machine as
 having its own MAC, even though there is only one network cable
 connecting all of these VMs to the network.
 
+[[sysadmin_network_routed]]
 Routed Configuration
 ~~~~~~~~~~~~~~~~~~~~
 
@@ -192,6 +206,7 @@ iface vmbr0 inet static
 ----
 
 
+[[sysadmin_network_masquerading]]
 Masquerading (NAT) with `iptables`
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
@@ -244,7 +259,7 @@ https://lwn.net/Articles/370152/[Patch on netdev-list introducing conntrack zone
 https://blog.lobraun.de/2019/05/19/prox/[Blog post with a good explanation by using TRACE in the raw table]
 
 
-
+[[sysadmin_network_bond]]
 Linux Bond
 ~~~~~~~~~~
 
@@ -382,6 +397,7 @@ iface vmbr0 inet static
 ----
 
 
+[[sysadmin_network_vlan]]
 VLAN 802.1Q
 ~~~~~~~~~~~
 
-- 
2.30.2





^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [pve-devel] [PATCH docs 0/3] network: update & reword
  2022-05-30 12:40 [pve-devel] [PATCH docs 0/3] network: update & reword Aaron Lauterer
                   ` (2 preceding siblings ...)
  2022-05-30 12:40 ` [pve-devel] [PATCH docs 3/3] network: rework introduction for people with less experience Aaron Lauterer
@ 2022-05-30 12:50 ` Thomas Lamprecht
  2022-05-30 12:53   ` Aaron Lauterer
  3 siblings, 1 reply; 6+ messages in thread
From: Thomas Lamprecht @ 2022-05-30 12:50 UTC (permalink / raw)
  To: Proxmox VE development discussion, Aaron Lauterer

Am 30/05/2022 um 14:40 schrieb Aaron Lauterer:
> - ifupdown2 is default now, we can remove the install guide etc

only for people coming from the PVE iso, but not for those installing PVE on top of
a vanilla Debian installation. Albeit, one could argue that we could still remove
it here and add a recommendation for installing ifupdown2 in the respective wiki[0].

[0]: https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_11_Bullseye




^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [pve-devel] [PATCH docs 0/3] network: update & reword
  2022-05-30 12:50 ` [pve-devel] [PATCH docs 0/3] network: update & reword Thomas Lamprecht
@ 2022-05-30 12:53   ` Aaron Lauterer
  0 siblings, 0 replies; 6+ messages in thread
From: Aaron Lauterer @ 2022-05-30 12:53 UTC (permalink / raw)
  To: Thomas Lamprecht, Proxmox VE development discussion



On 5/30/22 14:50, Thomas Lamprecht wrote:
> Am 30/05/2022 um 14:40 schrieb Aaron Lauterer:
>> - ifupdown2 is default now, we can remove the install guide etc
> 
> only for people coming from the PVE iso, but not for those installing PVE on top of
> a vanilla Debian installation. Albeit, one could argue that we could still remove
> it here and add a recommendation for installing ifupdown2 in the respective wiki[0].

Ah thanks. I'll reword it a bit and keep the install guide (maybe a bit shorter 
as a note) for those people, just in case and update the wiki page as well.

> 
> [0]: https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_11_Bullseye




^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2022-05-30 12:53 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-30 12:40 [pve-devel] [PATCH docs 0/3] network: update & reword Aaron Lauterer
2022-05-30 12:40 ` [pve-devel] [PATCH docs 1/3] network: remove ifup ifdown as it won't reattach guests Aaron Lauterer
2022-05-30 12:40 ` [pve-devel] [PATCH docs 2/3] network: adapt apply config section to PVE 7 Aaron Lauterer
2022-05-30 12:40 ` [pve-devel] [PATCH docs 3/3] network: rework introduction for people with less experience Aaron Lauterer
2022-05-30 12:50 ` [pve-devel] [PATCH docs 0/3] network: update & reword Thomas Lamprecht
2022-05-30 12:53   ` Aaron Lauterer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal