From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
	by lore.proxmox.com (Postfix) with ESMTPS id 7FED81FF15F
	for <inbox@lore.proxmox.com>; Mon, 16 Dec 2024 09:35:37 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 390195E3E;
	Mon, 16 Dec 2024 09:35:45 +0100 (CET)
From: Daniel Herzig <d.herzig@proxmox.com>
To: Stefan Hanreich <s.hanreich@proxmox.com>
In-Reply-To: <c345661d-a4ac-4ce9-a03a-d5b14992c29c@proxmox.com> (Stefan
 Hanreich's message of "Thu, 12 Dec 2024 18:06:56 +0100")
References: <20241205163332.130930-1-d.herzig@proxmox.com>
 <20241205163332.130930-3-d.herzig@proxmox.com>
 <c345661d-a4ac-4ce9-a03a-d5b14992c29c@proxmox.com>
Date: Mon, 16 Dec 2024 09:35:38 +0100
Message-ID: <87zfkwf2jp.fsf@proxmox.com>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.047 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
Subject: Re: [pve-devel] [PATCH network 2/4] fix #5900: add helper functions
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Cc: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pve-devel-bounces@lists.proxmox.com
Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com>

Hey Stefan,

thanks for the feedback!

Stefan Hanreich <s.hanreich@proxmox.com> writes:

>
> If we do it this way (see top-level discussion), I think we should
> abstract this into the IpamPlugins itself, since this implementation is
> specific to the PVE Plugin, but that's just one type of IPAM plugin.
> Something like:
>
> Add a abstract method in the base Ipam plugin
> (Network/SDN/Ipams/Plugin.pm), i.e.
>
>   PVE::Network::SDN::Ipams::Plugin::vnet_has_free_ip($range, $ipversions)
>
> Then implement it for every IPAM Plugin separately.
>
> Add a helper method to the VNet that selects the correct plugin based on
> the zone setting and then iterates over all its subnets to check for
> free IPs - something like:
>
>   PVE::Network::SDN::Vnets::has_free_ip($range, $ipversions)
>
I like this thought a lot, sounds like a much cleaner and modular
solution.

>
>
> The current implementation only works for the PVE plugin and would
> actually break on zones using Netbox / Phpipam (if my brain compiler is
> correct).
>
>

Thanks for the hint -- I need to do some research on that!  The code
assumes the ~key: value~ of ~dhcp: dnsmasq~ to be exclusive for IPAM
PVE.

```
for my $zone (@$zone_ids) {
   push(@$dhcp_dnsmasq_zones, $zone)
    if (defined(${zones_cfg}->{'ids'}->{$zone}->{'dhcp'}) &&
	(${zones_cfg}->{'ids'}->{$zone}->{'dhcp'} eq 'dnsmasq'))
}
```

If this is not the case, it will affect (and not ignore as intended)
zones with Netbox/Phpipam indeed. That would be bad.

A check for ~ipam: pve~ could however be easily implemented in the same section.

>>  
>> +sub defined_dhcp_ip_count_in_zone {
>> +    my $zone_id = shift;
>
> even with 1 argument I think we prefer `my ($arg) = @_;`, but I haven't
> actually found a definitive answer in our style guide.

Thanks, not having any feelings here.

>
>> +    my $vnets_in_zone = PVE::Network::SDN::Zones::get_vnets($zone_id);
>> +    my $range_count_array;
>> +    my $res;
>> +    for my $vnet_id (keys %$vnets_in_zone) {
>> +	my $subnets_in_vnet = PVE::Network::SDN::Vnets::get_subnets($vnet_id);
>> +	for my $subnet (keys %$subnets_in_vnet) {
>> +	    my $dhcp_ranges = PVE::Network::SDN::Subnets::get_dhcp_ranges(${subnets_in_vnet}->{$subnet});
>> +	    if (scalar @$dhcp_ranges) {
>> +		for my $dhcp_range (@$dhcp_ranges) {
>
> You can just iterate over @$dhcp_ranges, get_dhcp_ranges() always
> returns an array reference. If it is empty, then there are just 0
> iterations of the loop, no need to check for existence.
>

Right, this is too timid indeed :)

>> +
>> +sub available_dhcp_ips_in_zone {
>> +    my $zone_id = shift;
>> +    my $available_ip_count = defined_dhcp_ip_count_in_zone($zone_id);
>> +    my $used_ip_count = used_dhcp_ips_in_zone($zone_id);
>> +    if (!defined($available_ip_count)) {
>> +	$available_ip_count = 0;
>> +    }
>> +    if (!defined($used_ip_count)) {
>> +	$used_ip_count = 0;
>> +    }
>
> If you define $res to be 0 as suggested above, then those checks become
> unnecessary, since 0 becomes the default value.
>

Very cool, thank you, I did not see that.  

>> +    my $vnet_ids = [ PVE::Network::SDN::Vnets::sdn_vnets_ids($vnets_cfg) ];
>
> no need for selecting the ids, you can directly iterate over the VNets:
>

Thank you  for your insights and the hints very much. I cannot claim that I'm exactly happy about
the current implementation of this patch from an aesthetical point of
view by now! I will act on it further, if we consider the
'ask-for-permission' approach in general.



_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel