>> In second step, we could also add dhcp server features, with static ip/mac 
>> leases. (Kea dhcp seem a good candidate). 
>> with 1 local dhcp server by node. (only responding to local vms) 
>> for bgp-evpn it's easy because we already have a anycast gateway ip, so it 
>> can be use by dhcp server. 
>> for vlan && layer2 plugin, I wonder if we could also assign some kind of 
>> anycast ip (same ip on each host/vnet), but with filtering 
>> (iptables,ebtables,....) 
>> I could also works to implement cloudinit network metadata. 
>
>I would prefer to delegate that part to the VM (cloudinit). 
yes, I'm really not sure about dhcp to get it working in every setup. (mainly 
on layer2, but maybe some isolation with namespace is possible)

If dhcp is able to running on local host, I think it's really a better way to 
manage ip, dns, routes, and others network settings.

I'm just dreaming of something easy like for containers ip management :)



>>Also, I like the idea that IPAM has a plugin architecture. So it is up to the 
>>plugin to 
>>provide a dhcp service? 

I'm still unsure about this. The ipam softwares really only manage subnets, and 
allocated ip.

I think dhcp code should go in the vnet/zone plugin. (maybe some sdn have their 
own dhcp implementation).

We could also enable dhcp without ipam, on a specific subnet/vnet, with full 
dynamic ip.
(and maybe also add nat feature here if needed)


Zone plugin -> dhcp implementation

subnet option (dhcp: enable/disable,  nat: enable/disable)  ---> vnet





> subnet: subnet1 
> cidr 192.168.0.0/24 
> allocation-pools 192.168.0.10-17, 192.168.0.70-10, 192.168.0.100 (default is 
> the full cidr without network/broadcast address) 

>>I thought IP addresses should be managed by the IPAM plugin? 
>>Why would we specify them here? 



I was not sure about permissions handling, it could be great to be able to 
restrict users to use some ips or range of ip,
in a subnet. (I mainly thinking about public ipv4, where you can't segments 
sub-subnet and loose 2ips for network/broadcast address.)
But maybe it's something unrelated to this allocation-pools option.
I would like to be able to have:

Users buy/reserved X ip address, and can use them (and only them) in his vm.

Maybe it can be simply manage with ressources pools, where you reserved ips 
from ipam, and write them a resource pool.





----- Mail original -----
De: "dietmar" <diet...@proxmox.com>
À: "pve-devel" <pve-devel@pve.proxmox.com>, "aderumier" <aderum...@odiso.com>
Envoyé: Dimanche 21 Juin 2020 08:59:22
Objet: Re: [pve-devel] RFC: sdn: add ip management (IPAM -DHCP) ideas

comments inline 

> When user will create a new vm or add a nic to the vm, he could choose ip 
> address "auto", 
> and the next available ip addresse will be returned with the ipam driver. 

Each NIC may have an associated network allocation pool, where "auto" tries to 
figure 
out the correct pool autimagically. 

> User could also choose a specific ip address with verification of 
> availability. 

I though this is addition to the network allocation pool. If set, it tries to 
allocate a specific 
IP address inside the allocation pool. 

> In second step, we could also add dhcp server features, with static ip/mac 
> leases. (Kea dhcp seem a good candidate). 
> with 1 local dhcp server by node. (only responding to local vms) 
> for bgp-evpn it's easy because we already have a anycast gateway ip, so it 
> can be use by dhcp server. 
> for vlan && layer2 plugin, I wonder if we could also assign some kind of 
> anycast ip (same ip on each host/vnet), but with filtering 
> (iptables,ebtables,....) 
> I could also works to implement cloudinit network metadata. 

I would prefer to delegate that part to the VM (cloudinit). 

Also, I like the idea that IPAM has a plugin architecture. So it is up to the 
plugin to 
provide a dhcp service? 

> Here some implementations doc in openstack && openebula 

Thanks for the links! 

> Somes notes/ideas for the implementation/config: 
> ---------------------------------------------- 
> /etc/pve/sdn/subnets.cfg 
> ------------------------- 
> 
> subnet: subnet1 
> cidr 192.168.0.0/24 
> allocation-pools 192.168.0.10-17, 192.168.0.70-10, 192.168.0.100 (default is 
> the full cidr without network/broadcast address) 

I thought IP addresses should be managed by the IPAM plugin? 
Why would we specify them here? 

_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

Reply via email to