[pve-devel] [PATCH ifupdown2 3/4] allow vlan subinterface in vlan aware bridge

-bridge.patch @@ -0,0 +1,49 @@ +From e4c6c2ace429d34ed0cda21fe4a08c67a7047d67 Mon Sep 17 00:00:00 2001 +From: Alexandre Derumier +Date: Mon, 1 Apr 2019 09:17:11 +0200 +Subject: [PATCH pve-network 1/2] allow vlan subinterface in a vlan-aware + bridge + +for stacked/qinq vlan, it's perfectly fine to have a vlan

[pve-devel] [PATCH ifupdown2 1/4] ifupdown2 : bump to 1.2.5

--- Makefile | 2 +- debian/changelog | 6 ++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 91cb755..4d749be 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ PACKAGE=ifupdown2 -VER=1.2.2 +VER=1.2.5 PKGREL=1+pvetest1 SRCDIR=ifupdown2

[pve-devel] [PATCH ifupdown2 2/4] config: keep ifreload_down_changed=0

bug introduce is commit https://git.proxmox.com/?p=ifupdown2.git;a=commit;h=b58be4449b3a009ba8324e3f414f2355fcf94c06 We don't stop/start interface on config change, but only apply changes. (to avoid stop/start bridge as we don't track tap/veth) --- debian/patches/pve/0001-config-tuning.patch |

[pve-devel] [PATCH ifupdown2 0/4] ifupdown2 update and bugfix

please update ifupdown2 mirror to 1.2.5-1 Alexandre Derumier (4): ifupdown2 : bump to 1.2.5 config: keep ifreload_down_changed=0 allow vlan subinterface in vlan aware bridge bridge up : skip tap|veth|fwpr Makefile | 2 +- debian/changelog

Re: [pve-devel] applied: [PATCH pve-network 2/2] vnetplugin: on_delete_hook : verify if vnet exist in vm && ct

add something common like read_vm_config($node), with $node optional) - Mail original - De: "dietmar" À: "pve-devel" , "aderumier" Envoyé: Vendredi 5 Avril 2019 06:21:15 Objet: applied: [pve-devel] [PATCH pve-network 2/2] vnetplugin: on_delet

Re: [pve-devel] applied: [PATCH pve-network 2/2] vnetplugin: on_delete_hook : verify if vnet exist in vm && ct

plugin: on_delete_hook : verify if vnet exist in vm && ct applied, few questions inline - i am not really happy with this patch. > On 04 April 2019 at 16:12 Alexandre Derumier wrote: > > > --- > PVE/API2/Network/Network.pm | 3 +- > PVE/Network/Network/VnetPlugin.pm | 58

Re: [pve-devel] rfc : pve-network : idea to generate and reload config accross the nodes

to generate and reload config accross the nodes > On 04 April 2019 at 12:16 Stoiko Ivanov wrote: > > > On Thu, 4 Apr 2019 11:57:38 +0200 (CEST) > Alexandre DERUMIER wrote: > > > > But how does it work ? who is currently listening for changes in > > > pmx

[pve-devel] [PATCH pve-network 2/2] vnetplugin: on_delete_hook : verify if vnet exist in vm && ct

--- PVE/API2/Network/Network.pm | 3 +- PVE/Network/Network/VnetPlugin.pm | 58 +++ 2 files changed, 60 insertions(+), 1 deletion(-) diff --git a/PVE/API2/Network/Network.pm b/PVE/API2/Network/Network.pm index 7a8b299..6ea8fe2 100644 ---

[pve-devel] [PATCH pve-network 1/2] rename vnet "name" option to "alias"

and use it with ifupdown2 alias. --- PVE/Network/Network/VlanPlugin.pm | 2 ++ PVE/Network/Network/VnetPlugin.pm | 6 +++--- PVE/Network/Network/VxlanMulticastPlugin.pm | 2 ++ 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/PVE/Network/Network/VlanPlugin.pm

Re: [pve-devel] rfc : pve-network : idea to generate and reload config accross the nodes

> But how does it work ? who is currently listening for changes in pmxcfs ? > (through inotify?) >>This is low-level C-code inside pmxcfs (corosync). Please not that INotify >>does not work at all >>on /etc/pve/ - instead, we use versions numbers to track changes (see >>/etc/pve/.version). ok

Re: [pve-devel] rfc : pve-network : idea to generate and reload config accross the nodes

>>So the idea is to detect network.cfg changes inside pmxcfs, and if we detect >>changes >>do a network reload. >> >>That way we can apply the config without an additional daemon - sounds good. Sound good. (so we can do changes in network.cfg.tmp, still have the test button(api call to each

[pve-devel] [PATCH pve-network 1/5] vnetplugin: make tag && transportzone non optional

--- PVE/Network/Network/VnetPlugin.pm | 9 +++-- 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/PVE/Network/Network/VnetPlugin.pm b/PVE/Network/Network/VnetPlugin.pm index c2a4020..a1d49a7 100644 --- a/PVE/Network/Network/VnetPlugin.pm +++ b/PVE/Network/Network/VnetPlugin.pm

[pve-devel] [PATCH pve-network 0/5] add some apis verifications

Alexandre Derumier (5): vnetplugin: make tag && transportzone non optional vxlanmulticast plugin : make uplink-id && multicast addres non optional vlanplugin : make uplink-id non optional add on_delete_hook add on_update_hook PVE/API2/Network/Network.pm

[pve-devel] [PATCH pve-network 2/5] vxlanmulticast plugin : make uplink-id && multicast addres non optional

--- PVE/Network/Network/VxlanMulticastPlugin.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/PVE/Network/Network/VxlanMulticastPlugin.pm b/PVE/Network/Network/VxlanMulticastPlugin.pm index bcdc133..99383e5 100644 --- a/PVE/Network/Network/VxlanMulticastPlugin.pm +++

[pve-devel] [PATCH pve-network 5/5] add on_update_hook

do nothing for now --- PVE/API2/Network/Network.pm | 10 -- PVE/Network/Network/Plugin.pm | 6 ++ PVE/Network/Network/VlanPlugin.pm | 8 PVE/Network/Network/VnetPlugin.pm | 6 ++

[pve-devel] [PATCH pve-network 3/5] vlanplugin : make uplink-id non optional

--- PVE/Network/Network/VlanPlugin.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PVE/Network/Network/VlanPlugin.pm b/PVE/Network/Network/VlanPlugin.pm index fd53617..6a84f71 100644 --- a/PVE/Network/Network/VlanPlugin.pm +++ b/PVE/Network/Network/VlanPlugin.pm @@ -47,7

[pve-devel] [PATCH pve-network 4/5] add on_delete_hook

empty for now --- PVE/API2/Network/Network.pm | 6 ++ PVE/Network/Network/Plugin.pm | 6 ++ PVE/Network/Network/VlanPlugin.pm | 6 ++ PVE/Network/Network/VnetPlugin.pm | 6 ++ PVE/Network/Network/VxlanMulticastPlugin.pm | 6 ++

Re: [pve-devel] rfc : pve-network : idea to generate and reload config accross the nodes

> What do you mean by locally assigned ? manually with ip command ? > because it's be overwritten by network service restart/reload. (if the > interface is define in /etc/network/interfaces) >>So you are sure that ifupdown2 can verify a network config on a remote node? I don't think we can

[pve-devel] [PATCH v2 pve-network] add missing Network.pm

forgot to add them in last patches --- PVE/API2/Network/Network.pm | 236 PVE/Network/Network.pm | 64 2 files changed, 300 insertions(+) create mode 100644 PVE/API2/Network/Network.pm create mode 100644 PVE/Network/Network.pm

Re: [pve-devel] rfc : pve-network : idea to generate and reload config accross the nodes

> >>Even when it has such option, it would need access to the local node? (to > >>see what interfaces exists, ...). > Yes, that's why my last proposition what to have a of local copy > configuration to /etc/pve/. (to be able to test with only 1api call, without > calling each node) >>My

[pve-devel] [PATCH pve-network] add missing Network.pm

forgot to add them in last patches --- PVE/API2/Network/Network.pm | 236 PVE/Network/Network.pm | 64 2 files changed, 300 insertions(+) create mode 100644 PVE/API2/Network/Network.pm create mode 100644 PVE/Network/Network.pm

[pve-devel] [PATCH pve-network] fix generateconfig.pl test

--- test/generateconfig.pl | 31 +-- 1 file changed, 21 insertions(+), 10 deletions(-) diff --git a/test/generateconfig.pl b/test/generateconfig.pl index 3279838..cf55192 100644 --- a/test/generateconfig.pl +++ b/test/generateconfig.pl @@ -3,14 +3,15 @@ use warnings;

[pve-devel] [PATCH V2 pve-cluster] add 'networks.cfg' to observed files

--- data/PVE/Cluster.pm | 1 + 1 file changed, 1 insertion(+) diff --git a/data/PVE/Cluster.pm b/data/PVE/Cluster.pm index 1d8ac85..05864da 100644 --- a/data/PVE/Cluster.pm +++ b/data/PVE/Cluster.pm @@ -90,6 +90,7 @@ my $observed = { 'ha/fence.cfg' => 1, 'status.cfg' => 1,

[pve-devel] [PATCH V3 pve-manager 1/1] api2 : cluster: add network

--- PVE/API2/Cluster.pm | 7 +++ 1 file changed, 7 insertions(+) diff --git a/PVE/API2/Cluster.pm b/PVE/API2/Cluster.pm index c72a075b..649b5859 100644 --- a/PVE/API2/Cluster.pm +++ b/PVE/API2/Cluster.pm @@ -23,6 +23,7 @@ use PVE::Firewall; use PVE::API2::Firewall::Cluster; use

[pve-devel] [PATCH V3 pve-manager 0/1] add network cluster api

changelog v3: merge cluster && vnet api paths to /cluster/network changelog V2: change api paths to /cluster/network/transport /cluster/network/vnet Alexandre Derumier (1): api2 : cluster: add network PVE/API2/Cluster.pm | 7 +++ 1 file changed, 7 insertions(+) --

[pve-devel] [PATCH v5 pve-common 2/5] INotify : add vnet as bridge type

--- src/PVE/INotify.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index d1c563f..fe6cad8 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -1049,7 +1049,7 @@ sub __read_etc_network_interfaces { } else {

[pve-devel] [PATCH v5 pve-common 4/5] INotify: check duplicate interface name by family

--- src/PVE/INotify.pm | 4 1 file changed, 4 insertions(+) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index 0dae177..70c34b1 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -914,6 +914,10 @@ sub __read_etc_network_interfaces { my $f = { method => $3 }; #

[pve-devel] [PATCH v5 pve-common 3/5] INotify: add vrf support

--- src/PVE/INotify.pm | 29 - 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index fe6cad8..0dae177 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -955,6 +955,8 @@ sub __read_etc_network_interfaces {

[pve-devel] [PATCH v5 pve-common 5/5] json schema : add pve-network-id

fix me : fix parsing of vnet(\d+) different than other plugins --- src/PVE/JSONSchema.pm | 18 ++ 1 file changed, 18 insertions(+) diff --git a/src/PVE/JSONSchema.pm b/src/PVE/JSONSchema.pm index f0fc2aa..1b45398 100644 --- a/src/PVE/JSONSchema.pm +++ b/src/PVE/JSONSchema.pm @@

[pve-devel] [PATCH v5 pve-common 0/5] INotify network interfaces improvments

changelog v5: jsonschema : merge pve-transport-id && pve-vnet-id to pve-network-id changelog v4: add pve-net-id in jsonschema for network vnet api changelog v3: add pve-transport-id in jsonschema for network transport api Alexandre Derumier (5): INotify : add uplink-id option INoti

[pve-devel] [PATCH v5 pve-common 1/5] INotify : add uplink-id option

uplink-id is an integer it's used to abstract the interface name (could be different on differents hosts) and map it to a transportzone. uplink-id is only allowed on physical interfaces (bond,eth,vlan) as it's used for traffic to external example: auto eth0 iface eth0 inet manual

[pve-devel] [PATCH pve-network] merge Transport && Vnet to PVE::Network::Network

config is now merged in /etc/pve/networks.cfg Vnet is a Plugin --- PVE/API2/Makefile | 4 - PVE/API2/Network/Makefile | 2 +- PVE/API2/Network/Transport.pm | 235 - PVE/API2/Network/Vnet.pm

Re: [pve-devel] applied: [PATCH pve-network 0/3] vnet api && cleanups

vnet1 ... So yes, I can merge both files. /etc/pve/network/vnet.cfg ? /etc/pve/network.cfg ? - Mail original - De: "dietmar" À: "pve-devel" , "Alexandre Derumier" Envoyé: Mercredi 3 Avril 2019 06:28:51 Objet: applied: [pve-devel] [PATCH pve-netwo

Re: [pve-devel] rfc : pve-network : idea to generate and reload config accross the nodes

>>I is still unclear to me how you do those tests? AFAIK, ifreload does not >>have a --dry-run option. with ifupdown2, ifreload -a --no-act. (+ tests with our currrent read_networt_interface code) >>Even when it has such option, it would need access to the local node? (to see >>what interfaces

[pve-devel] [PATCH pve-network 3/3] api2: add networkconfig

/cluster/network/vnet /cluster/network/transport --- PVE/API2/Makefile | 3 +++ PVE/API2/NetworkConfig.pm | 62 +++ 2 files changed, 65 insertions(+) create mode 100644 PVE/API2/NetworkConfig.pm diff --git a/PVE/API2/Makefile

[pve-devel] [PATCH V2 pve-manager 0/1] add network/transport api

changelog V2: change api paths to /cluster/network/transport /cluster/network/vnet Alexandre Derumier (1): api2 : cluster: add network PVE/API2/Cluster.pm | 7 +++ 1 file changed, 7 insertions(+) -- 2.11.0 ___ pve-devel mailing list pve

[pve-devel] [PATCH pve-network 2/3] move transport plugins to Network/Transport/

--- PVE/API2/Network/Transport.pm | 32 +++--- PVE/Network/Makefile | 6 ++-- PVE/Network/Transport.pm | 12 PVE/Network/Transport/Makefile | 9 ++ PVE/Network/{ =>

[pve-devel] [PATCH pve-network 1/3] add vnet api

also for now, use classic sectionconfig format vnet: vnet1 ipv4 10.0.0.1 ipv6 2a03:2880:f003:c07:face:b00c::2 mtu 1500 tag 2 vnet: vnet2 ipv6 2a03:2880:f003:c07:face:b00c::2 name network2 tag 3 transportzone vlanzone1 ---

[pve-devel] [PATCH v4 pve-common 5/6] jsonschema : add pve-transport-id

--- src/PVE/JSONSchema.pm | 16 1 file changed, 16 insertions(+) diff --git a/src/PVE/JSONSchema.pm b/src/PVE/JSONSchema.pm index f0fc2aa..1ef3b96 100644 --- a/src/PVE/JSONSchema.pm +++ b/src/PVE/JSONSchema.pm @@ -79,6 +79,11 @@ register_standard_option('pve-storage-id', {

[pve-devel] [PATCH v4 pve-common 4/6] INotify: check duplicate interface name by family

--- src/PVE/INotify.pm | 4 1 file changed, 4 insertions(+) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index 0dae177..70c34b1 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -914,6 +914,10 @@ sub __read_etc_network_interfaces { my $f = { method => $3 }; #

[pve-devel] [PATCH pve-network 0/3] vnet api && cleanups

add vnet api reorganize plugins to Network/Transport aa Network/Vnet Alexandre Derumier (3): add vnet api move transport plugins to Network/Transport/ api2: add networkconfig PVE/API2/Makefile | 3 + PVE/API2/Network/Makefile

[pve-devel] [PATCH V2 pve-manager 1/1] api2 : cluster: add network

--- PVE/API2/Cluster.pm | 7 +++ 1 file changed, 7 insertions(+) diff --git a/PVE/API2/Cluster.pm b/PVE/API2/Cluster.pm index c72a075b..71b5071d 100644 --- a/PVE/API2/Cluster.pm +++ b/PVE/API2/Cluster.pm @@ -23,6 +23,7 @@ use PVE::Firewall; use PVE::API2::Firewall::Cluster; use

[pve-devel] [PATCH v4 pve-common 2/6] INotify : add vnet as bridge type

--- src/PVE/INotify.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index d1c563f..fe6cad8 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -1049,7 +1049,7 @@ sub __read_etc_network_interfaces { } else {

[pve-devel] [PATCH v4 pve-common 3/6] INotify: add vrf support

--- src/PVE/INotify.pm | 29 - 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index fe6cad8..0dae177 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -955,6 +955,8 @@ sub __read_etc_network_interfaces {

[pve-devel] [PATCH v4 pve-common 1/6] INotify : add uplink-id option

uplink-id is an integer it's used to abstract the interface name (could be different on differents hosts) and map it to a transportzone. uplink-id is only allowed on physical interfaces (bond,eth,vlan) as it's used for traffic to external example: auto eth0 iface eth0 inet manual

[pve-devel] [PATCH v4 pve-common 6/6] jsonschema : add pve-vnet-id format

--- src/PVE/JSONSchema.pm | 16 1 file changed, 16 insertions(+) diff --git a/src/PVE/JSONSchema.pm b/src/PVE/JSONSchema.pm index 1ef3b96..4b0e273 100644 --- a/src/PVE/JSONSchema.pm +++ b/src/PVE/JSONSchema.pm @@ -84,6 +84,11 @@ register_standard_option('pve-transport-id', {

[pve-devel] [PATCH v4 pve-common 0/6] INotify network interfaces improvments

changelog v4: add pve-net-id in jsonschema for network vnet api changelog v3: add pve-transport-id in jsonschema for network transport api Alexandre Derumier (6): INotify : add uplink-id option INotify : add vnet as bridge type INotify: add vrf support INotify: check duplicate

[pve-devel] [PATCH V3 pve-common 3/5] INotify: add vrf support

--- src/PVE/INotify.pm | 29 - 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index fe6cad8..0dae177 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -955,6 +955,8 @@ sub __read_etc_network_interfaces {

[pve-devel] [PATCH pve-manager 1/1] api2: add network/transport api

--- PVE/API2.pm | 6 ++ 1 file changed, 6 insertions(+) diff --git a/PVE/API2.pm b/PVE/API2.pm index 38baf133..ec8150bd 100644 --- a/PVE/API2.pm +++ b/PVE/API2.pm @@ -15,6 +15,7 @@ use PVE::API2::Nodes; use PVE::API2::Pool; use PVE::API2::AccessControl; use PVE::API2::Storage::Config;

[pve-devel] [PATCH V3 pve-common 5/5] jsonschema : add pve-transport-id

--- src/PVE/JSONSchema.pm | 16 1 file changed, 16 insertions(+) diff --git a/src/PVE/JSONSchema.pm b/src/PVE/JSONSchema.pm index f0fc2aa..1ef3b96 100644 --- a/src/PVE/JSONSchema.pm +++ b/src/PVE/JSONSchema.pm @@ -79,6 +79,11 @@ register_standard_option('pve-storage-id', {

[pve-devel] [PATCH V3 pve-common 4/5] INotify: check duplicate interface name by family

--- src/PVE/INotify.pm | 4 1 file changed, 4 insertions(+) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index 0dae177..70c34b1 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -914,6 +914,10 @@ sub __read_etc_network_interfaces { my $f = { method => $3 }; #

[pve-devel] [PATCH V3 pve-common 2/5] INotify : add vnet as bridge type

--- src/PVE/INotify.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index d1c563f..fe6cad8 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -1049,7 +1049,7 @@ sub __read_etc_network_interfaces { } else {

[pve-devel] [PATCH pve-network 0/2] fix && network transport api

- Add a small fix on vlanplugin vlan-aware option - Implement network transport api Alexandre Derumier (2): vlanplugin : fix vlan-aware option add network transport api PVE/API2/Makefile | 5 + PVE/API2/Network/Makefile | 8 ++ PVE/API2/Network/Transport.pm

[pve-devel] [PATCH pve-network 1/2] vlanplugin : fix vlan-aware option

--- PVE/Network/VlanPlugin.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PVE/Network/VlanPlugin.pm b/PVE/Network/VlanPlugin.pm index a349890..6f76f18 100644 --- a/PVE/Network/VlanPlugin.pm +++ b/PVE/Network/VlanPlugin.pm @@ -85,7 +85,7 @@ sub generate_network_config {

[pve-devel] [PATCH V3 pve-common 0/5] INotify network interfaces improvments

changelog: add pve-transport-id in jsonschema for network transport api Alexandre Derumier (5): INotify : add uplink-id option INotify : add vnet as bridge type INotify: add vrf support INotify: check duplicate interface name by family jsonschema : add pve-transport-id src/PVE

[pve-devel] [PATCH pve-manager 0/1] add network/transport api

Needed by pve-network transport api Alexandre Derumier (1): api2: add network/transport api PVE/API2.pm | 6 ++ 1 file changed, 6 insertions(+) -- 2.11.0 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin

[pve-devel] [PATCH pve-network 2/2] add network transport api

--- PVE/API2/Makefile | 5 + PVE/API2/Network/Makefile | 8 ++ PVE/API2/Network/Transport.pm | 235 PVE/Makefile| 1 + PVE/Network/Plugin.pm | 9 +- PVE/Network/Transport.pm

[pve-devel] [PATCH V3 pve-common 1/5] INotify : add uplink-id option

uplink-id is an integer it's used to abstract the interface name (could be different on differents hosts) and map it to a transportzone. uplink-id is only allowed on physical interfaces (bond,eth,vlan) as it's used for traffic to external example: auto eth0 iface eth0 inet manual

Re: [pve-devel] [PATCH v6 qemu-server 2/3] add QemuMigrateExternal.pm

pve-devel] [PATCH v6 qemu-server 2/3] add QemuMigrateExternal.pm The VM created in the 'prepare' sub never gets deleted if it fails there already. Cleanup only happens for phases 1, 2 and 3. On 4/1/19 7:26 AM, Alexandre DERUMIER wrote: >>> oh, and this all lacks a bit of cleanups o

Re: [pve-devel] rfc : pve-network : idea to generate and reload config accross the nodes

ok, update status to ok. So, user can wait some seconds, and check the status of nodes at datacenter level. Seem to be simplier. What do you think about this ? - Mail original - De: "Alexandre Derumier" À: "dietmar" Cc: "pve-devel" Envoyé: Lu

Re: [pve-devel] rfc : pve-network : idea to generate and reload config accross the nodes

ply change, and report error in his status file. if ok, update status to ok. So, user can wait some seconds, and check the status of nodes at datacenter level. Seem to be simplier. What do you think about this ? - Mail original - De: "Alexandre Derumier" À: "dietma

Re: [pve-devel] rfc : pve-network : idea to generate and reload config accross the nodes

dation, and apply config. Then the local deamon will try to apply config when node is up again. In case of error, It'll report it through his status file. - Mail original - De: "dietmar" À: "Alexandre Derumier" , "pve-devel" Envoyé: Lundi 1 Avril 2019 12:00:13 Objet

Re: [pve-devel] [PATCH v6 qemu-server 2/3] add QemuMigrateExternal.pm

for the review) - Mail original - De: "Thomas Lamprecht" À: "aderumier" Cc: "pve-devel" Envoyé: Lundi 1 Avril 2019 07:45:45 Objet: Re: [pve-devel] [PATCH v6 qemu-server 2/3] add QemuMigrateExternal.pm On 4/1/19 6:55 AM, Alexandre DERUMIER wrote: >>> I

Re: [pve-devel] rfc : pve-network : idea to generate and reload config accross the nodes

by default, if all local daemon verify version are ok (matching the vnet.cfg.), enable the apply button. Then on apply, mv /etc/pve/networks/vnet.cfg. /etc/pve/networks/vnet.cfg and local node apply with new config and reload network - Mail original - De: "Alexandre Derumie

Re: [pve-devel] rfc : pve-network : idea to generate and reload config accross the nodes

>>Can't we simply add a manual "apply" button for now? Yes, I have thinked a little bit more about it. But I really would like to have some kind of verification before apply. >>Just by using backup config files: >> >>vnet.cfg.new >>vnet.cfg I'm not sure, as we could apply the change, the

Re: [pve-devel] [PATCH v6 qemu-server 2/3] add QemuMigrateExternal.pm

mier" Envoyé: Samedi 30 Mars 2019 17:31:46 Objet: Re: [pve-devel] [PATCH v6 qemu-server 2/3] add QemuMigrateExternal.pm On 2/20/19 1:22 AM, Alexandre Derumier wrote: > --- > PVE/Makefile | 1 + > PVE/QemuMigrateExternal.pm | 872 > + >

Re: [pve-devel] [PATCH v6 qemu-server 2/3] add QemuMigrateExternal.pm

--- Mail original - De: "Thomas Lamprecht" À: "pve-devel" , "aderumier" Envoyé: Samedi 30 Mars 2019 17:27:09 Objet: Re: [pve-devel] [PATCH v6 qemu-server 2/3] add QemuMigrateExternal.pm On 2/20/19 1:22 AM, Alexandre Derumier wrote: > --- > PVE/Makefile |

[pve-devel] rfc : pve-network : idea to generate and reload config accross the nodes

Hi, I have thinked about a way to generate config and reload it to differents nodes " make changes in /etc/pve/network/*.cfg at datacenter level, network panel , click button ->verify config, this create a /etc/pve/nodes//.networkconfigstatus for all nodes (with something like

[pve-devel] [PATCH pve-network 1/3] vlanplugin: define vlan interface and fix vlan-protocol

vlan-protocol is on vlan interface, better to always define it Signed-off-by: Alexandre Derumier --- PVE/Network/VlanPlugin.pm | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/PVE/Network/VlanPlugin.pm b/PVE/Network/VlanPlugin.pm index 0bd43fe..cbeecf6 100644 --- a/PVE

[pve-devel] [PATCH pve-network 2/3] generateconfig: print config before test

easier to debug if verification fail after Signed-off-by: Alexandre Derumier --- test/generateconfig.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/generateconfig.pl b/test/generateconfig.pl index afc8fa8..0f96584 100644 --- a/test/generateconfig.pl +++ b/test

[pve-devel] [PATCH pve-common V2 3/4] INotify: add vrf support

Signed-off-by: Alexandre Derumier --- src/PVE/INotify.pm | 29 - 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index fe6cad8..0dae177 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -955,6 +955,8

[pve-devel] [PATCH pve-network 3/3] remove $interfaces arg from generate_network_config

and remove verification of existing vlan interface in VlanPlugin. (we do all verifications later reusing INotify read/write interfaces) Signed-off-by: Alexandre Derumier --- PVE/Network/VlanPlugin.pm | 4 +--- PVE/Network/VxlanMulticastPlugin.pm | 2 +- test/generateconfig.pl

[pve-devel] [PATCH pve-common V2 2/4] INotify : add vnet as bridge type

Signed-off-by: Alexandre Derumier --- src/PVE/INotify.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index d1c563f..fe6cad8 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -1049,7 +1049,7 @@ sub

[pve-devel] [PATCH pve-common V2 1/4] INotify : add uplink-id option

uplink-id 1 Signed-off-by: Alexandre Derumier --- src/PVE/INotify.pm | 18 +- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index c52d992..d1c563f 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -954,6 +954,7 @@ sub

[pve-devel] [PATCH pve-network 0/3] vlan fix && improvments

- vlan-protocol need to be defined on vlan interface, not bridge - remove check from duplicate interface in vlan plugin, and do it in INotify read network interfaces. (patch sent for in pve-common) Alexandre Derumier (3): vlanplugin: define vlan interface and fix vlan-protocol

[pve-devel] [PATCH pve-common V2 4/4] INotify: check duplicate interface name by family

Signed-off-by: Alexandre Derumier --- src/PVE/INotify.pm | 4 1 file changed, 4 insertions(+) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index 0dae177..70c34b1 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -914,6 +914,10 @@ sub __read_etc_network_interfaces

[pve-devel] [PATCH pve-network 0/6] RFC: initial pve-network package

and other network apis into this package later ? A test file is provided to generate configuration, reload is not yet implemented. I'm still looking how to handle error on local node, and how/where to apply it (new daemon ?) Alexandre Derumier (6): initial package commit add transport

[pve-devel] [PATCH pve-common 1/2] INotify : add uplink-id option

uplink-id 1 Signed-off-by: Alexandre Derumier --- src/PVE/INotify.pm | 18 +- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index c52d992..d1c563f 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -954,6 +954,7 @@ sub

[pve-devel] [PATCH pve-network 3/6] add vlan plugin

/etc/pve/network/transports.cfg vlan: vlanzone1 uplink-id 1 vlan-aware 1 vlan-allowed 2-4,6,10 vlan-protocol 802.1ad vlan: vlanzone2 uplink-id 2 vlan-aware 1 Signed-off-by: Alexandre Derumier --- PVE/Network/VlanPlugin.pm | 94

[pve-devel] [PATCH pve-network 1/6] initial package commit

Signed-off-by: Alexandre Derumier --- Makefile | 54 PVE/Makefile | 3 +++ PVE/Network/Makefile | 4 debian/changelog | 6 ++ debian/compat| 1 + debian/control | 20

[pve-devel] [PATCH pve-network 4/6] add vxlan multicast plugin

/etc/pve/network/transports.cfg vxlanmulticast: vxlanmulticastzone1 uplink-id 1 multicast-address 225.20.21.1 vxlan-allowed 4-5 Signed-off-by: Alexandre Derumier --- PVE/Network/VxlanMulticastPlugin.pm | 85

[pve-devel] [PATCH pve-common 2/2] INotify : add vnet as bridge type

Signed-off-by: Alexandre Derumier --- src/PVE/INotify.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index d1c563f..fe6cad8 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -1049,7 +1049,7 @@ sub

[pve-devel] [PATCH pve-network 5/6] add vnet

: transportzone vlanzone1 tag 3 name network2 ipv6 2a03:2880:f003:c07:face:b00c::2 vnet3: transportzone vxlanmulticastzone1 tag 10 name network3 mtu 1400 Signed-off-by: Alexandre Derumier --- PVE/Network/Vnet.pm | 94

[pve-devel] [PATCH pve-network 2/6] add transport plugin infrastructure

used to generate network configuration for differents kind of plugins (vlan,vxlan) Signed-off-by: Alexandre Derumier --- PVE/Network/Plugin.pm | 96 +++ 1 file changed, 96 insertions(+) create mode 100644 PVE/Network/Plugin.pm diff --git

[pve-devel] [PATCH pve-network 6/6] add a sample test to generate config

generate /etc/network/interfaces.d/vnet reloading is not yet implemented Signed-off-by: Alexandre Derumier --- test/generateconfig.pl | 95 ++ 1 file changed, 95 insertions(+) create mode 100644 test/generateconfig.pl diff --git a/test

[pve-devel] [PATCH pve-cluster] add 'network/vnet.cfg' && 'network/transports.cfg' to observed files

Signed-off-by: Alexandre Derumier --- data/PVE/Cluster.pm | 2 ++ 1 file changed, 2 insertions(+) diff --git a/data/PVE/Cluster.pm b/data/PVE/Cluster.pm index 1d8ac85..a41c20e 100644 --- a/data/PVE/Cluster.pm +++ b/data/PVE/Cluster.pm @@ -90,6 +90,8 @@ my $observed = { 'ha/fence.cfg' =>

Re: [pve-devel] rfc : /etc/pve/networks.cfg implementation

>>I think this would be great. ok thanks ! >>I suggest we start with simple setups, then test and extend the code and >>models ... yes, I'll first works on vlan, this is the simple part then extend it to vxlan l2 and then on vxlan l3 (with routing and vrf), where it's more complex. and last,

Re: [pve-devel] rfc : /etc/pve/networks.cfg implementation

Hi Dietmar, some news: I'm still working on it, but after some discussions with my co-workers using a lot vmware and students at last training, I have some changes for proposal. 1) in /etc/network/interfaces, don't use "transport-zone" as name for option, but use "uplink", this is the name in

Re: [pve-devel] applied: [RFC v2 firewall 1/1] fix: #2123 Logging of user defined firewall rules

>>BTW, are you sure that's it's only limiting logging ? What happen on an >>ACCEPT log for example ? sorry, respond to my myself, it's only applied on -j LOG, so it's ok. - Mail original - De: "aderumier" À: "pve-devel" Envoyé: Mardi 19 Mars 2019 16:09:56 Objet: Re: [pve-devel]

Re: [pve-devel] applied: [RFC v2 firewall 1/1] fix: #2123 Logging of user defined firewall rules

Hi, Nice work ! Could we have an option to disable rate limit or configure it (host option for example) The patch change the current behaviour on default vm log action, where we don't have limit currently. (and I really need to log all dropped/reject) BTW, are you sure that's it's only

Re: [pve-devel] proxmox training week : error starting lxc with network interface

gzilla.proxmox.com/show_bug.cgi?id=2130 it's a simple config with the wrong multicast macaddress. - Mail original - De: "Wolfgang Bumiller" À: "Alexandre Derumier" Cc: "pve-devel" Envoyé: Mardi 12 Mars 2019 08:55:30 Objet: Re: [pve-devel] proxmox

Re: [pve-devel] proxmox training week : error starting lxc with network interface

t;XC:" (for X =~ /A-F0-9/))? Indeed, odd number in second nibble don't work (1,3,5,7,...,F) - Mail original - De: "Stoiko Ivanov" À: "aderumier" Cc: "pve-devel" Envoyé: Lundi 11 Mars 2019 20:45:30 Objet: Re: [pve-devel] proxmox training week :

Re: [pve-devel] proxmox training week : error starting lxc with network interface

ot;aderumier" Cc: "pve-devel" Envoyé: Lundi 11 Mars 2019 20:45:30 Objet: Re: [pve-devel] proxmox training week : error starting lxc with network interface On Mon, 11 Mar 2019 20:17:27 +0100 (CET) Alexandre DERUMIER wrote: > >>hm - could be related to multicast mac-a

Re: [pve-devel] proxmox training week : error starting lxc with network interface

ard to find/unexpected (I had luck in choosing the correct logline to search for). We could consider checking for this when the prefix is set in datacenter.cfg? Thanks for reporting! [0]https://lists.linuxcontainers.org/pipermail/lxc-users/2010-August/000783.html [1]https://en.wikipedia.org/

Re: [pve-devel] proxmox training week : error starting lxc with network interface

Ok found the problem, I had setup a mac address prefix in datacenter: AF:BB and it seem to not work with lxc (qemu is fine) - Mail original - De: "aderumier" À: "pve-devel" Envoyé: Lundi 11 Mars 2019 17:36:03 Objet: [pve-devel] proxmox training week : error starting lxc with

[pve-devel] proxmox training week : error starting lxc with network interface

Hi, We are doing some tests in this training week, and I have a bug never seen before with lxc container, when a network interface is present in ct root@kvmformation1:~# pveversion -v proxmox-ve: 5.3-1 (running kernel: 4.15.18-11-pve) pve-manager: 5.3-11 (running version: 5.3-11/d4907f84)

[pve-devel] [PATCH v2 pve-firewall 1/2] ebtables: add arp filtering

This implemented arp filtering if ipfilter is enable https://bugzilla.proxmox.com/show_bug.cgi?id=2125 They are another filters possible (ipv4,rarp), i don't known if we need them. Signed-off-by: Alexandre Derumier --- src/PVE/Firewall.pm | 38 +- 1 file

[pve-devel] [PATCH v2 pve-firewall 0/2] ebtables: arp filtering

- split the layer2_protocols change in separate commit Alexandre Derumier (2): ebtables: add arp filtering ebtables: test layer2_protocols in an external chain src/PVE/Firewall.pm | 50 +- 1 file changed, 41 insertions(+), 9 deletions

[pve-devel] [PATCH v2 pve-firewall 2/2] ebtables: test layer2_protocols in an external chain

We need the not matching DROP outside the main tapchain, in a specific proto chain, and a ACCEPT in the main tap chain. Signed-off-by: Alexandre Derumier --- src/PVE/Firewall.pm | 12 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/PVE/Firewall.pm b/src/PVE

Re: [pve-devel] [PATCH pve-firewall] ebtables: add arp filtering

our comments, and send a V2 monday - Mail original - De: "Wolfgang Bumiller" À: "aderumier" Cc: "pve-devel" Envoyé: Vendredi 8 Mars 2019 10:25:22 Objet: Re: [pve-devel] [PATCH pve-firewall] ebtables: add arp filtering On Fri, Mar 08, 2

<    3   4   5   6   7   8   9   10   11   12   >