Re: [pve-devel] [PATCH proxmox-perl-rs v4 4/5] pve-rs: sdn: fabrics: add helper to generate ifupdown2 configuration

[Wolfgang Bumiller <w.bumiller@proxmox.com>]

On Wed, Jul 02, 2025 at 04:50:17PM +0200, Gabriel Goller wrote:
> From: Stefan Hanreich <s.hanreich@proxmox.com>
> 
> SDN fabrics can be used to configure IP addresses on interfaces
> directly, so we need to generate the respective ifupdown2
> configuration from the fabrics configuration. We also set some
> additional properties that are required for interfaces that are part
> of a fabric (IP forwarding). We use dummy interfaces, instead of
> loopback interfaces, for configuring the router IP of the node, so for
> each fabric we generate a dummy interface that carries the IP.
> 
> Currently this is a simple implementation that builds a String from
> the SDN fabrics configuration, but in the future we intend to create a
> full-fledged crate for reading / writing ifupdown2 configuration
> files.
> 
> Co-authored-by: Gabriel Goller <g.goller@proxmox.com>
> Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
> ---
>  pve-rs/Cargo.toml                  |   2 +
>  pve-rs/src/bindings/sdn/fabrics.rs | 104 +++++++++++++++++++++++++++++
>  2 files changed, 106 insertions(+)
> 
> diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml
> index 19c7431206e9..6917ae511927 100644
> --- a/pve-rs/Cargo.toml
> +++ b/pve-rs/Cargo.toml
> @@ -33,9 +33,11 @@ proxmox-apt = { version = "0.99", features = ["cache"] }
>  proxmox-apt-api-types = "2"
>  proxmox-base64 = "1"
>  proxmox-config-digest = "1"
> +proxmox-frr = { version = "0.1" }
>  proxmox-http = { version = "1", features = ["client-sync", "client-trait"] }
>  proxmox-http-error = "1"
>  proxmox-log = "1"
> +proxmox-network-types = "0.1"
>  proxmox-notify = { version = "1", features = ["pve-context"] }
>  proxmox-openid = "1"
>  proxmox-resource-scheduling = "1"
> diff --git a/pve-rs/src/bindings/sdn/fabrics.rs b/pve-rs/src/bindings/sdn/fabrics.rs
> index a7a740f5aac9..099c1a7ab515 100644
> --- a/pve-rs/src/bindings/sdn/fabrics.rs
> +++ b/pve-rs/src/bindings/sdn/fabrics.rs
> @@ -6,6 +6,8 @@ pub mod pve_rs_sdn_fabrics {
>      //! / writing the configuration, as well as for generating ifupdown2 and FRR configuration.
>  
>      use std::collections::{BTreeMap, HashSet};
> +    use std::fmt::Write;
> +    use std::net::IpAddr;
>      use std::ops::Deref;
>      use std::sync::Mutex;
>  
> @@ -15,6 +17,7 @@ pub mod pve_rs_sdn_fabrics {
>  
>      use perlmod::Value;
>      use proxmox_frr::serializer::to_raw_config;
> +    use proxmox_network_types::ip_address::Cidr;
>      use proxmox_section_config::typed::SectionConfigData;
>      use proxmox_ve_config::common::valid::Validatable;
>  
> @@ -349,4 +352,105 @@ pub mod pve_rs_sdn_fabrics {
>  
>          to_raw_config(&frr_config)
>      }
> +
> +    /// Helper method to generate the default /e/n/i config for a given CIDR.

^ Not sure we want to shorten it like that, but at least put backticks
around `/e/n/i` ;-)

> +    fn render_interface(name: &str, cidr: Cidr, is_dummy: bool) -> Result<String, Error> {
> +        let mut interface = String::new();
> +
> +        writeln!(interface)?;

^ In our doc generator I recently removed all the leading newlines (and
the trailing ones except for the one ending the final line) because the
inconsistency across the building blocks became an unmaintainable mess.

Do we really want to start off with a newline here, rather than just say
"this creates one stanza and it's the caller's responsibility to not
merge it together with whatever comes before it"?

Also this is IMO kind of a cryptic way (which includes error handling!)
or starting with `let mut interface = "\n".to_string();`. (Or heck even
`let interface = format!("\nauto {name}\n");`)

> +        writeln!(interface, "auto {name}")?;
> +        match cidr {
> +            Cidr::Ipv4(_) => writeln!(interface, "iface {name} inet static")?,
> +            Cidr::Ipv6(_) => writeln!(interface, "iface {name} inet6 static")?,
> +        }
> +        writeln!(interface, "\taddress {cidr}")?;
> +        if is_dummy {
> +            writeln!(interface, "\tlink-type dummy")?;
> +        }
> +        writeln!(interface, "\tip-forward 1")?;
> +
> +        Ok(interface)
> +    }
> +
> +    /// Class method: Generate the ifupdown2 configuration for a given node.
> +    #[export]
> +    fn get_interfaces_etc_network_config(
> +        #[try_from_ref] this: &PerlFabricConfig,
> +        node_id: NodeId,
> +    ) -> Result<String, Error> {
> +        let config = this.fabric_config.lock().unwrap();
> +        let mut interfaces = String::new();
> +
> +        let node_fabrics = config.values().filter_map(|entry| {
> +            entry
> +                .get_node(&node_id)
> +                .map(|node| (entry.fabric(), node))
> +                .ok()
> +        });
> +
> +        for (fabric, node) in node_fabrics {
> +            // dummy interface
> +            if let Some(ip) = node.ip() {
> +                let interface = render_interface(
> +                    &format!("dummy_{}", fabric.id()),
> +                    Cidr::new_v4(ip, 32)?,
> +                    true,
> +                )?;
> +                write!(interfaces, "{interface}")?;
> +            }
> +            if let Some(ip6) = node.ip6() {
> +                let interface = render_interface(
> +                    &format!("dummy_{}", fabric.id()),
> +                    Cidr::new_v6(ip6, 128)?,
> +                    true,
> +                )?;
> +                write!(interfaces, "{interface}")?;
> +            }
> +            match node {
> +                ConfigNode::Openfabric(node_section) => {
> +                    for interface in node_section.properties().interfaces() {
> +                        if let Some(ip) = interface.ip() {
> +                            let interface =
> +                                render_interface(interface.name(), Cidr::from(ip), false)?;
> +                            write!(interfaces, "{interface}")?;
> +                        }
> +                        if let Some(ip) = interface.ip6() {
> +                            let interface =
> +                                render_interface(interface.name(), Cidr::from(ip), false)?;
> +                            write!(interfaces, "{interface}")?;
> +                        }
> +
> +                        // If not ip is configured, add auto and empty iface to bring interface up
> +                        if let (None, None) = (interface.ip(), interface.ip6()) {
> +                            writeln!(interfaces)?;
> +                            writeln!(interfaces, "auto {}", interface.name())?;
> +                            writeln!(interfaces, "iface {}", interface.name())?;
> +                            writeln!(interfaces, "\tip-forward 1")?;
> +                        }
> +                    }
> +                }
> +                ConfigNode::Ospf(node_section) => {
> +                    for interface in node_section.properties().interfaces() {
> +                        if let Some(ip) = interface.ip() {
> +                            let interface =
> +                                render_interface(interface.name(), Cidr::from(ip), false)?;
> +                            write!(interfaces, "{interface}")?;
> +                        } else {
> +                            let interface = render_interface(
> +                                interface.name(),
> +                                Cidr::from(IpAddr::from(
> +                                    node.ip()
> +                                        .ok_or(anyhow::anyhow!("there has to be a ipv4 address"))?,

^ use `ok_or_else` here please, unless there's a documented guarantee
that this is cheap and does not allocate?

> +                                )),
> +                                false,
> +                            )?;
> +                            write!(interfaces, "{interface}")?;
> +                        }
> +                    }
> +                }
> +            }
> +        }
> +
> +        Ok(interfaces)
> +    }
>  }
> -- 
> 2.39.5


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel