[pve-devel] applied-series: Re: [PATCH kernel-meta 1/2] pve-efiboot-tool: format: fix handling of disk/by-id
On 5/19/20 9:59 AM, Aaron Lauterer wrote: > The format command will fail when using other paths like > /dev/disk/by-id/ instead of /dev/sdXY directly. It cannot find > the path /sys/block///partition path. > > The part name in /dev/disk/by-id is a symlink to /dev/sdXY. At that > point we already have the symlink resolved to the real path. It is > stored in `bdev`. > > Signed-off-by: Aaron Lauterer > --- > bin/pve-efiboot-tool | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > applied series, thanks! ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied-series: Re: [PATCH manager 1/2] ui: fix missing change from 'pve-' to 'pmx-' models
On 5/29/20 1:07 PM, Dominik Csapak wrote: > we forgot to change these > > Signed-off-by: Dominik Csapak > --- > www/manager6/dc/AuthView.js | 2 +- > www/manager6/dc/RoleView.js | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) > > applied series, thanks! ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH manager 2/2] error message on failed config dump command
On 6/2/20 2:57 PM, Alwin Antreich wrote:
> On Tue, Jun 02, 2020 at 02:05:26PM +0200, Thomas Lamprecht wrote:
>> On 5/28/20 4:41 PM, Alwin Antreich wrote:
>>> Prior Ceph Nautilus the ceph config dump command was not available.
>>> This patch provides a more meaningful info for the user.
>>>
>>
>> what is the verbatim error message you get from ceph in that case?
>>
>> As you're now assuming that any error is dump not available, even if
>> it could be something totally different?
> It said: __mon_command failed - command not known (500)__. I just want
> to give a clearer message, not that the mon_command is not known.
>
Hmm OK, I'd actually improve this then in our librados perl XS wrapper,
i.e., with:
diff --git a/PVE/RADOS.pm b/PVE/RADOS.pm
index 11af8a6..463abc7 100644
--- a/PVE/RADOS.pm
+++ b/PVE/RADOS.pm
@@ -265,7 +265,8 @@ sub mon_command {
my $json = encode_json($cmd);
-my $raw = &$sendcmd($self, 'M', $json);
+my $raw = eval { $sendcmd->($self, 'M', $json) };
+die "error with '$cmd->{prefix}': $@" if $@;
if ($cmd->{format} && $cmd->{format} eq 'json') {
return length($raw) ? decode_json($raw) : undef;
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH manager 2/2] error message on failed config dump command
On Tue, Jun 02, 2020 at 02:05:26PM +0200, Thomas Lamprecht wrote: > On 5/28/20 4:41 PM, Alwin Antreich wrote: > > Prior Ceph Nautilus the ceph config dump command was not available. > > This patch provides a more meaningful info for the user. > > > > what is the verbatim error message you get from ceph in that case? > > As you're now assuming that any error is dump not available, even if > it could be something totally different? It said: __mon_command failed - command not known (500)__. I just want to give a clearer message, not that the mon_command is not known. ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH manager 1/2] Make PVE6 compatible with supported ceph versions
On 5/28/20 4:41 PM, Alwin Antreich wrote:
> Luminous, Nautilus and Octopus. In Octopus the mon_status was dropped.
> Also the ceph status was cleaned up and doesn't provide the mgrmap and
> monmap.
>
> The rados queries used in the ceph status API endpoints (cluster / node)
> were factored out and merged to one place.
>
> Signed-off-by: Alwin Antreich
> ---
> note: as discussed off-list with Dominik, the status API call could also
> be split into multiple API calls. To provide mgrmap, monmap and
> status separately.
>
> PVE/API2/Ceph.pm | 5 +
> PVE/API2/Ceph/MON.pm | 6 +++---
> PVE/API2/Ceph/OSD.pm | 2 +-
> PVE/API2/Cluster/Ceph.pm | 5 +
> PVE/Ceph/Tools.pm | 13 +
> www/manager6/ceph/StatusDetail.js | 7 ---
> 6 files changed, 23 insertions(+), 15 deletions(-)
>
> diff --git a/PVE/API2/Ceph.pm b/PVE/API2/Ceph.pm
> index 85a04101..afc1bdbd 100644
> --- a/PVE/API2/Ceph.pm
> +++ b/PVE/API2/Ceph.pm
> @@ -580,10 +580,7 @@ __PACKAGE__->register_method ({
>
> PVE::Ceph::Tools::check_ceph_inited();
>
> - my $rados = PVE::RADOS->new();
> - my $status = $rados->mon_command({ prefix => 'status' });
> - $status->{health} = $rados->mon_command({ prefix => 'health', detail =>
> 'detail' });
> - return $status;
> + return PVE::Ceph::Tools::ceph_cluster_status();
> }});
>
> __PACKAGE__->register_method ({
> diff --git a/PVE/API2/Ceph/MON.pm b/PVE/API2/Ceph/MON.pm
> index 3baeac52..b33b8700 100644
> --- a/PVE/API2/Ceph/MON.pm
> +++ b/PVE/API2/Ceph/MON.pm
> @@ -130,7 +130,7 @@ __PACKAGE__->register_method ({
> my $monhash = PVE::Ceph::Services::get_services_info("mon", $cfg,
> $rados);
>
> if ($rados) {
> - my $monstat = $rados->mon_command({ prefix => 'mon_status' });
> + my $monstat = $rados->mon_command({ prefix => 'quorum_status' });
>
> my $mons = $monstat->{monmap}->{mons};
> foreach my $d (@$mons) {
> @@ -338,7 +338,7 @@ __PACKAGE__->register_method ({
> my $monsection = "mon.$monid";
>
> my $rados = PVE::RADOS->new();
> - my $monstat = $rados->mon_command({ prefix => 'mon_status' });
> + my $monstat = $rados->mon_command({ prefix => 'quorum_status' });
> my $monlist = $monstat->{monmap}->{mons};
> my $monhash = PVE::Ceph::Services::get_services_info('mon', $cfg,
> $rados);
>
> @@ -356,7 +356,7 @@ __PACKAGE__->register_method ({
> # reopen with longer timeout
> $rados = PVE::RADOS->new(timeout =>
> PVE::Ceph::Tools::get_config('long_rados_timeout'));
> $monhash = PVE::Ceph::Services::get_services_info('mon', $cfg,
> $rados);
> - $monstat = $rados->mon_command({ prefix => 'mon_status' });
> + $monstat = $rados->mon_command({ prefix => 'quorum_status' });
> $monlist = $monstat->{monmap}->{mons};
>
> my $addr;
> diff --git a/PVE/API2/Ceph/OSD.pm b/PVE/API2/Ceph/OSD.pm
> index a514c502..ceaed129 100644
> --- a/PVE/API2/Ceph/OSD.pm
> +++ b/PVE/API2/Ceph/OSD.pm
> @@ -344,7 +344,7 @@ __PACKAGE__->register_method ({
>
> # get necessary ceph infos
> my $rados = PVE::RADOS->new();
> - my $monstat = $rados->mon_command({ prefix => 'mon_status' });
> + my $monstat = $rados->mon_command({ prefix => 'quorum_status' });
>
> die "unable to get fsid\n" if !$monstat->{monmap} ||
> !$monstat->{monmap}->{fsid};
> my $fsid = $monstat->{monmap}->{fsid};
> diff --git a/PVE/API2/Cluster/Ceph.pm b/PVE/API2/Cluster/Ceph.pm
> index e18d421e..c0277221 100644
> --- a/PVE/API2/Cluster/Ceph.pm
> +++ b/PVE/API2/Cluster/Ceph.pm
> @@ -142,10 +142,7 @@ __PACKAGE__->register_method ({
>
> PVE::Ceph::Tools::check_ceph_inited();
>
> - my $rados = PVE::RADOS->new();
> - my $status = $rados->mon_command({ prefix => 'status' });
> - $status->{health} = $rados->mon_command({ prefix => 'health', detail =>
> 'detail' });
> - return $status;
> + return PVE::Ceph::Tools::ceph_cluster_status();
> }
> });
>
> diff --git a/PVE/Ceph/Tools.pm b/PVE/Ceph/Tools.pm
> index 3273c7d1..b4a83f2e 100644
> --- a/PVE/Ceph/Tools.pm
> +++ b/PVE/Ceph/Tools.pm
> @@ -468,4 +468,17 @@ sub get_real_flag_name {
> return $flagmap->{$flag} // $flag;
> }
>
> +sub ceph_cluster_status {
> +my ($rados) = @_;
> +$rados = PVE::RADOS->new() if !$rados;
> +
> +my $status = $rados->mon_command({ prefix => 'status' });
> +
> +$status->{health} = $rados->mon_command({ prefix => 'health', detail =>
> 'detail' });
> +$status->{monmap} = $rados->mon_command({ prefix => 'mon dump' });
Guarding this could be one way but at least doing it only if $status->{xy} isn't
already defined would avoid (useless?) extra calls in the nautilus case?
> +$status->{mgrmap} = $rados->mon_command({ prefix => 'mgr dump' });
> +
> +return $status;
> +}
> +
> 1;
> dif
Re: [pve-devel] [PATCH manager 2/2] error message on failed config dump command
On 5/28/20 4:41 PM, Alwin Antreich wrote:
> Prior Ceph Nautilus the ceph config dump command was not available.
> This patch provides a more meaningful info for the user.
>
what is the verbatim error message you get from ceph in that case?
As you're now assuming that any error is dump not available, even if
it could be something totally different?
> Signed-off-by: Alwin Antreich
> ---
> PVE/API2/Ceph.pm | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/PVE/API2/Ceph.pm b/PVE/API2/Ceph.pm
> index afc1bdbd..fc4ee535 100644
> --- a/PVE/API2/Ceph.pm
> +++ b/PVE/API2/Ceph.pm
> @@ -231,7 +231,8 @@ __PACKAGE__->register_method ({
> PVE::Ceph::Tools::check_ceph_inited();
>
> my $rados = PVE::RADOS->new();
> - my $res = $rados->mon_command( { prefix => 'config dump', format =>
> 'json' });
> + my $res = eval { $rados->mon_command( { prefix => 'config dump', format
> => 'json' }) };
> + die "ceph config dump not available, $@\n" if $@;
> foreach my $entry (@$res) {
> $entry->{can_update_at_runtime} = $entry->{can_update_at_runtime}?
> 1 : 0; # JSON::true/false -> 1/0
> }
>
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: Re: [PATCH manager 2/2] css: remove icon colors
On 5/28/20 1:02 PM, Dominik Csapak wrote: > they are now in the widget-toolkit > > Signed-off-by: Dominik Csapak > --- > www/css/ext6-pve.css | 25 - > 1 file changed, 25 deletions(-) > > applied, thanks! ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: Re: [PATCH manager 1/2] ui: Replication: use render_duration from widget-toolkit
On 5/28/20 1:02 PM, Dominik Csapak wrote: > Signed-off-by: Dominik Csapak > --- > www/manager6/Utils.js| 27 --- > www/manager6/grid/Replication.js | 2 +- > 2 files changed, 1 insertion(+), 28 deletions(-) > > applied, thanks! ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH docs] pvesm: Add example & clarification for export
The literal usage of "qcow2+size" as well as what the command is supposed to do has confused users [0]. [0] https://forum.proxmox.com/threads/trying-to-convert-raw-disk-to-vmdk-using-pvesm.70046/ --- It has also confused me and I think some other devs, too. pvesm.adoc | 8 1 file changed, 8 insertions(+) diff --git a/pvesm.adoc b/pvesm.adoc index b76ce87..612c0eb 100644 --- a/pvesm.adoc +++ b/pvesm.adoc @@ -357,6 +357,14 @@ Show file system path for a volume pvesm path +Exporting the volume `local:103/vm-103-disk-0.qcow2` to the file `target`. +This is mostly used internally with `pvesm import`. +The stream format qcow2+size is different to the qcow2 format. +Consequently, the exported file cannot simply be attached to a VM. +This also holds for the other formats. + + pvesm export local:103/vm-103-disk-0.qcow2 qcow2+size target --with-snapshots 1 + ifdef::wiki[] See Also -- 2.20.1 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH storage] doc: Clarify that pvesm export is mostly internal
---
PVE/CLI/pvesm.pm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/PVE/CLI/pvesm.pm b/PVE/CLI/pvesm.pm
index 30bdcf6..8c86714 100755
--- a/PVE/CLI/pvesm.pm
+++ b/PVE/CLI/pvesm.pm
@@ -204,7 +204,7 @@ __PACKAGE__->register_method ({
name => 'export',
path => 'export',
method => 'GET',
-description => "Export a volume.",
+description => "Used internally to export a volume.",
protected => 1,
parameters => {
additionalProperties => 0,
@@ -279,7 +279,7 @@ __PACKAGE__->register_method ({
name => 'import',
path => 'import',
method => 'PUT',
-description => "Import a volume.",
+description => "Used internally to import a volume.",
protected => 1,
parameters => {
additionalProperties => 0,
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH pve-manager 2/2] sdn: vlan : add mtu field
Signed-off-by: Alexandre Derumier
---
www/manager6/sdn/zones/VlanEdit.js | 10 ++
1 file changed, 10 insertions(+)
diff --git a/www/manager6/sdn/zones/VlanEdit.js
b/www/manager6/sdn/zones/VlanEdit.js
index 9060b4e5..79b6bc39 100644
--- a/www/manager6/sdn/zones/VlanEdit.js
+++ b/www/manager6/sdn/zones/VlanEdit.js
@@ -33,6 +33,16 @@ Ext.define('PVE.sdn.zones.VlanInputPanel', {
fieldLabel: 'Bridge',
allowBlank: false,
},
+ {
+xtype: 'proxmoxintegerfield',
+name: 'mtu',
+minValue: 100,
+maxValue: 65000,
+fieldLabel: 'MTU',
+skipEmptyText: true,
+allowBlank: true,
+emptyText: 'auto'
+ },
{
xtype: 'pveNodeSelector',
name: 'nodes',
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH pve-manager 1/2] sdn: add vlan aware option to vnet
Signed-off-by: Alexandre Derumier
---
www/manager6/sdn/VnetEdit.js | 7 +++
www/manager6/sdn/VnetView.js | 5 +
2 files changed, 12 insertions(+)
diff --git a/www/manager6/sdn/VnetEdit.js b/www/manager6/sdn/VnetEdit.js
index 9ef2b1c0..c5e3859d 100644
--- a/www/manager6/sdn/VnetEdit.js
+++ b/www/manager6/sdn/VnetEdit.js
@@ -55,6 +55,13 @@ Ext.define('PVE.sdn.VnetInputPanel', {
fieldLabel: gettext('Tag'),
allowBlank: false,
},
+ {
+ xtype: 'proxmoxcheckbox',
+ name: 'vlanaware',
+ uncheckedValue: 0,
+ checked: false,
+ fieldLabel: gettext('VLAN aware')
+ },
{
xtype: 'textfield',
name: 'mac',
diff --git a/www/manager6/sdn/VnetView.js b/www/manager6/sdn/VnetView.js
index c8b0576a..c670ad70 100644
--- a/www/manager6/sdn/VnetView.js
+++ b/www/manager6/sdn/VnetView.js
@@ -92,6 +92,11 @@ Ext.define('PVE.sdn.VnetView', {
flex: 1,
dataIndex: 'tag',
},
+ {
+ header: gettext('VLAN aware'),
+ flex: 1,
+ dataIndex: 'vlanaware',
+ },
{
header: 'IPv4/CIDR',
flex: 1,
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH pve-manager 0/2] sdn: vlanaware + vlan mtu
Patch1 is a resend with fix Patch2 add missing mtu option to vlan plugin Alexandre Derumier (2): sdn: add vlan aware option to vnet sdn: vlan : add mtu field www/manager6/sdn/VnetEdit.js | 7 +++ www/manager6/sdn/VnetView.js | 5 + www/manager6/sdn/zones/VlanEdit.js | 10 ++ 3 files changed, 22 insertions(+) -- 2.20.1 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: Re: [PATCH qemu-server] fix #2748: make order of interfaces consistent
On 5/28/20 4:48 PM, Mira Limbeck wrote: > As perl hashes have random order, sort them before iterating through. > This makes the output of 'qm cloudinit dump network' consistent > between calls if the config has not changed. > > Signed-off-by: Mira Limbeck > --- > PVE/QemuServer/Cloudinit.pm | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > applied, thanks! ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied-series: Re: [PATCH qemu-server 1/2] create_disks: fix uninitialized warning
On 6/2/20 10:46 AM, Fabian Grünbichler wrote: > Signed-off-by: Fabian Grünbichler > --- > PVE/API2/Qemu.pm | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > applied, thanks! ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 pve-network 2/7] vlan: ovs: use dot1q-tunnel when vlanaware is enabled
Signed-off-by: Alexandre Derumier
---
PVE/Network/SDN/Zones/VlanPlugin.pm | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/PVE/Network/SDN/Zones/VlanPlugin.pm
b/PVE/Network/SDN/Zones/VlanPlugin.pm
index 8364451..987c553 100644
--- a/PVE/Network/SDN/Zones/VlanPlugin.pm
+++ b/PVE/Network/SDN/Zones/VlanPlugin.pm
@@ -61,7 +61,12 @@ sub generate_sdn_config {
@iface_config = ();
push @iface_config, "ovs_type OVSIntPort";
push @iface_config, "ovs_bridge $bridge";
- push @iface_config, "ovs_options tag=$tag";
+ if($vnet->{vlanaware}) {
+ push @iface_config, "ovs_options vlan_mode=dot1q-tunnel tag=$tag";
+ } else {
+ push @iface_config, "ovs_options tag=$tag";
+ }
+
push(@{$config->{$vnet_uplink}}, @iface_config) if
!$config->{$vnet_uplink};
@iface_config = ();
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 pve-network 1/7] add vnet vlan-aware option
Some users would like to be able to defined vlans at
vm level, or allow trunks, on top of already
tagged vnet. (including vlan on top of vxlan tunnel)
Allow it on all layer2 plugins, and add a warn
for evpn layer3 plugin.
Signed-off-by: Alexandre Derumier
---
PVE/Network/SDN/VnetPlugin.pm| 5 +
PVE/Network/SDN/Zones.pm | 14 +
PVE/Network/SDN/Zones/EvpnPlugin.pm | 1 +
PVE/Network/SDN/Zones/Plugin.pm | 31 +---
PVE/Network/SDN/Zones/QinQPlugin.pm | 4
PVE/Network/SDN/Zones/VlanPlugin.pm | 4
PVE/Network/SDN/Zones/VxlanPlugin.pm | 4
7 files changed, 24 insertions(+), 39 deletions(-)
diff --git a/PVE/Network/SDN/VnetPlugin.pm b/PVE/Network/SDN/VnetPlugin.pm
index 179bfa4..2433013 100644
--- a/PVE/Network/SDN/VnetPlugin.pm
+++ b/PVE/Network/SDN/VnetPlugin.pm
@@ -58,6 +58,10 @@ sub properties {
type => 'integer',
description => "vlan or vxlan id",
},
+ vlanaware => {
+ type => 'boolean',
+ description => 'Allow vm VLANs to pass through this vnet.',
+ },
alias => {
type => 'string',
description => "alias name of the vnet",
@@ -89,6 +93,7 @@ sub options {
ipv4 => { optional => 1 },
ipv6 => { optional => 1 },
mac => { optional => 1 },
+vlanaware => { optional => 1 },
};
}
diff --git a/PVE/Network/SDN/Zones.pm b/PVE/Network/SDN/Zones.pm
index 436b103..b8dc54c 100644
--- a/PVE/Network/SDN/Zones.pm
+++ b/PVE/Network/SDN/Zones.pm
@@ -214,18 +214,6 @@ sub status {
return($zone_status, $vnet_status);
}
-sub get_bridge_vlan {
-my ($vnetid) = @_;
-
-my $vnet = PVE::Network::SDN::Vnets::get_vnet($vnetid);
-
-return ($vnetid, undef) if !$vnet; # fallback for classic bridge
-
-my $plugin_config = get_plugin_config($vnet);
-my $plugin =
PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
-return $plugin->get_bridge_vlan($plugin_config, $vnetid, $vnet->{tag});
-}
-
sub tap_create {
my ($iface, $bridge) = @_;
@@ -270,7 +258,7 @@ sub tap_plug {
if $plugin_config->{nodes} &&
!defined($plugin_config->{nodes}->{$nodename});
my $plugin =
PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
-$plugin->tap_plug($plugin_config, $vnet, $iface, $bridge, $firewall,
$rate);
+$plugin->tap_plug($plugin_config, $vnet, $tag, $iface, $bridge, $firewall,
$trunks, $rate);
}
1;
diff --git a/PVE/Network/SDN/Zones/EvpnPlugin.pm
b/PVE/Network/SDN/Zones/EvpnPlugin.pm
index 973e8e0..95fbb64 100644
--- a/PVE/Network/SDN/Zones/EvpnPlugin.pm
+++ b/PVE/Network/SDN/Zones/EvpnPlugin.pm
@@ -50,6 +50,7 @@ sub generate_sdn_config {
my $vrfvxlan = $plugin_config->{'vrf-vxlan'};
die "missing vxlan tag" if !$tag;
+warn "vlan-aware vnet can't be enabled with evpn plugin" if
$vnet->{vlanaware};
my @peers = split(',', $controller->{'peers'});
my ($ifaceip, $iface) =
PVE::Network::SDN::Zones::Plugin::find_local_ip_interface_peers(\@peers);
diff --git a/PVE/Network/SDN/Zones/Plugin.pm b/PVE/Network/SDN/Zones/Plugin.pm
index 9ea7a50..0633b78 100644
--- a/PVE/Network/SDN/Zones/Plugin.pm
+++ b/PVE/Network/SDN/Zones/Plugin.pm
@@ -205,44 +205,23 @@ sub status {
}
-sub get_bridge_vlan {
-my ($class, $plugin_config, $vnetid, $tag) = @_;
-
-my $bridge = $vnetid;
-$tag = undef;
-
-die "bridge $bridge is missing" if !-d "/sys/class/net/$bridge/";
-
-return ($bridge, $tag);
-}
-
sub tap_create {
my ($class, $plugin_config, $vnet, $iface, $vnetid) = @_;
-my $tag = $vnet->{tag};
-my ($bridge, undef) = $class->get_bridge_vlan($plugin_config, $vnetid,
$tag);
-die "unable to get bridge setting\n" if !$bridge;
-
-PVE::Network::tap_create($iface, $bridge);
+PVE::Network::tap_create($iface, $vnetid);
}
sub veth_create {
my ($class, $plugin_config, $vnet, $veth, $vethpeer, $vnetid, $hwaddr) =
@_;
-my $tag = $vnet->{tag};
-my ($bridge, undef) = $class->get_bridge_vlan($plugin_config, $vnetid,
$tag);
-die "unable to get bridge setting\n" if !$bridge;
-
-PVE::Network::veth_create($veth, $vethpeer, $bridge, $hwaddr);
+PVE::Network::veth_create($veth, $vethpeer, $vnetid, $hwaddr);
}
sub tap_plug {
-my ($class, $plugin_config, $vnet, $iface, $vnetid, $firewall, $rate) = @_;
-
-my $tag = $vnet->{tag};
+my ($class, $plugin_config, $vnet, $tag, $iface, $vnetid, $firewall,
$trunks, $rate) = @_;
-($vnetid, $tag) = $class->get_bridge_vlan($plugin_config, $vnetid, $tag);
-my $trunks = undef;
+my $vlan_aware =
PVE::Tools::file_read_firstline("/sys/class/net/$vnetid/bridge/vlan_filtering");
+die "vm vlans are not allowed on vnet $vnetid" if !$vlan_aware && ($tag ||
$trunks);
PVE::Network::tap_plug($iface, $vnetid, $tag, $firewall, $trunks, $rate);
}
diff --git a/PVE/Network/SDN/Zones/QinQPlugin.pm
b/PVE/Network
[pve-devel] [PATCH V2 pve-network 3/7] qinq|vlan: ovs: add ovsint interfaces to ovs-ports list
if not, on reload, interfaces are unplug/replugged with packet
loss.
Signed-off-by: Alexandre Derumier
---
PVE/Network/SDN/Zones/QinQPlugin.pm | 4
PVE/Network/SDN/Zones/VlanPlugin.pm | 6 +-
2 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/PVE/Network/SDN/Zones/QinQPlugin.pm
b/PVE/Network/SDN/Zones/QinQPlugin.pm
index dcec6b4..20c0986 100644
--- a/PVE/Network/SDN/Zones/QinQPlugin.pm
+++ b/PVE/Network/SDN/Zones/QinQPlugin.pm
@@ -74,6 +74,10 @@ sub generate_sdn_config {
push @iface_config, "ovs_options vlan_mode=dot1q-tunnel tag=$stag
other_config:qinq-ethtype=$vlanprotocol";
push(@{$config->{$svlan_iface}}, @iface_config) if
!$config->{$svlan_iface};
+ #redefine main ovs bridge, ifupdown2 will merge ovs_ports
+ @iface_config = ();
+ push @iface_config, "ovs_ports $svlan_iface";
+ push(@{$config->{$bridge}}, @iface_config);
#zone vlan aware bridge
@iface_config = ();
diff --git a/PVE/Network/SDN/Zones/VlanPlugin.pm
b/PVE/Network/SDN/Zones/VlanPlugin.pm
index 987c553..aeff1a4 100644
--- a/PVE/Network/SDN/Zones/VlanPlugin.pm
+++ b/PVE/Network/SDN/Zones/VlanPlugin.pm
@@ -66,9 +66,13 @@ sub generate_sdn_config {
} else {
push @iface_config, "ovs_options tag=$tag";
}
-
push(@{$config->{$vnet_uplink}}, @iface_config) if
!$config->{$vnet_uplink};
+ #redefine main ovs bridge, ifupdown2 will merge ovs_ports
+ @iface_config = ();
+ push @iface_config, "ovs_ports $vnet_uplink";
+ push(@{$config->{$bridge}}, @iface_config);
+
@iface_config = ();
push @iface_config, "ovs_type OVSBridge";
push @iface_config, "ovs_ports $vnet_uplink";
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 pve-network 7/7] vlan: ovs : vlanaware: use 802.1q for tunnel
Signed-off-by: Alexandre Derumier
---
PVE/Network/SDN/Zones/VlanPlugin.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/PVE/Network/SDN/Zones/VlanPlugin.pm
b/PVE/Network/SDN/Zones/VlanPlugin.pm
index 0abe8da..edb132c 100644
--- a/PVE/Network/SDN/Zones/VlanPlugin.pm
+++ b/PVE/Network/SDN/Zones/VlanPlugin.pm
@@ -65,7 +65,7 @@ sub generate_sdn_config {
push @iface_config, "ovs_bridge $bridge";
push @iface_config, "ovs_mtu $mtu" if $mtu;
if($vnet->{vlanaware}) {
- push @iface_config, "ovs_options vlan_mode=dot1q-tunnel tag=$tag";
+ push @iface_config, "ovs_options vlan_mode=dot1q-tunnel
other_config:qinq-ethtype=802.1q tag=$tag";
} else {
push @iface_config, "ovs_options tag=$tag";
}
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 pve-network 6/7] vlan: ovs: remove twice defined ovsbridge ports
Signed-off-by: Alexandre Derumier
---
PVE/Network/SDN/Zones/VlanPlugin.pm | 5 -
1 file changed, 5 deletions(-)
diff --git a/PVE/Network/SDN/Zones/VlanPlugin.pm
b/PVE/Network/SDN/Zones/VlanPlugin.pm
index 3bff970..0abe8da 100644
--- a/PVE/Network/SDN/Zones/VlanPlugin.pm
+++ b/PVE/Network/SDN/Zones/VlanPlugin.pm
@@ -76,11 +76,6 @@ sub generate_sdn_config {
push @iface_config, "ovs_ports $vnet_uplink";
push(@{$config->{$bridge}}, @iface_config);
- @iface_config = ();
- push @iface_config, "ovs_type OVSBridge";
- push @iface_config, "ovs_ports $vnet_uplink";
- push(@{$config->{$bridge}}, @iface_config) if !$config->{$bridge};
-
} elsif ($vlan_aware) {
# eth0vlanaware bridge vmbr0--(vmbr0.X tag)>vnet>vm
$vnet_uplink = "$bridge.$tag";
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 pve-network 4/7] catch errors on sdn config generation
Signed-off-by: Alexandre Derumier
---
PVE/Network/SDN/Zones.pm| 8 +++-
PVE/Network/SDN/Zones/QinQPlugin.pm | 1 +
PVE/Network/SDN/Zones/VlanPlugin.pm | 2 ++
3 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/PVE/Network/SDN/Zones.pm b/PVE/Network/SDN/Zones.pm
index b8dc54c..552b334 100644
--- a/PVE/Network/SDN/Zones.pm
+++ b/PVE/Network/SDN/Zones.pm
@@ -109,7 +109,13 @@ sub generate_etc_network_config {
}
my $plugin =
PVE::Network::SDN::Zones::Plugin->lookup($plugin_config->{type});
- $plugin->generate_sdn_config($plugin_config, $zone, $id, $vnet,
$controller, $interfaces_config, $config);
+ eval {
+ $plugin->generate_sdn_config($plugin_config, $zone, $id, $vnet,
$controller, $interfaces_config, $config);
+ };
+ if($@) {
+ warn "zone $zone : vnet $id : $@";
+ next;
+ }
}
my $raw_network_config = "\#version:$version\n";
diff --git a/PVE/Network/SDN/Zones/QinQPlugin.pm
b/PVE/Network/SDN/Zones/QinQPlugin.pm
index 20c0986..2ae2649 100644
--- a/PVE/Network/SDN/Zones/QinQPlugin.pm
+++ b/PVE/Network/SDN/Zones/QinQPlugin.pm
@@ -52,6 +52,7 @@ sub generate_sdn_config {
my $vlanprotocol = $plugin_config->{'vlan-protocol'};
my $ctag = $vnet->{tag};
my $alias = $vnet->{alias};
+die "can't find bridge $bridge" if !-d "/sys/class/net/$bridge";
my $vlan_aware =
PVE::Tools::file_read_firstline("/sys/class/net/$bridge/bridge/vlan_filtering");
my $is_ovs = 1 if !-d "/sys/class/net/$bridge/brif";
diff --git a/PVE/Network/SDN/Zones/VlanPlugin.pm
b/PVE/Network/SDN/Zones/VlanPlugin.pm
index aeff1a4..d3dc857 100644
--- a/PVE/Network/SDN/Zones/VlanPlugin.pm
+++ b/PVE/Network/SDN/Zones/VlanPlugin.pm
@@ -41,6 +41,8 @@ sub generate_sdn_config {
my ($class, $plugin_config, $zoneid, $vnetid, $vnet, $controller,
$interfaces_config, $config) = @_;
my $bridge = $plugin_config->{bridge};
+die "can't find bridge $bridge" if !-d "/sys/class/net/$bridge";
+
my $vlan_aware =
PVE::Tools::file_read_firstline("/sys/class/net/$bridge/bridge/vlan_filtering");
my $is_ovs = 1 if !-d "/sys/class/net/$bridge/brif";
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 pve-network 0/7] vlanaware vnets
This ass support for vlan-aware vnets. patch1 && 2 were already submit on the mailing patch3 is a small fix to avoid packet lost on reload with ovs + qinq|vlan plugins changelog v2: add more fixes for ovs Alexandre Derumier (7): add vnet vlan-aware option vlan: ovs: use dot1q-tunnel when vlanaware is enabled qinq|vlan: ovs: add ovsint interfaces to ovs-ports list catch errors on sdn config generation vlan|qinq: add mtu to ovsint link port vlan: ovs: remove twice defined ovsbridge ports vlan: ovs : vlanaware: use 802.1q for tunnel PVE/Network/SDN/VnetPlugin.pm| 5 + PVE/Network/SDN/Zones.pm | 22 +++- PVE/Network/SDN/Zones/EvpnPlugin.pm | 1 + PVE/Network/SDN/Zones/Plugin.pm | 31 +--- PVE/Network/SDN/Zones/QinQPlugin.pm | 10 + PVE/Network/SDN/Zones/VlanPlugin.pm | 17 --- PVE/Network/SDN/Zones/VxlanPlugin.pm | 4 7 files changed, 47 insertions(+), 43 deletions(-) -- 2.20.1 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 pve-network 5/7] vlan|qinq: add mtu to ovsint link port
Signed-off-by: Alexandre Derumier
---
PVE/Network/SDN/Zones/QinQPlugin.pm | 1 +
PVE/Network/SDN/Zones/VlanPlugin.pm | 1 +
2 files changed, 2 insertions(+)
diff --git a/PVE/Network/SDN/Zones/QinQPlugin.pm
b/PVE/Network/SDN/Zones/QinQPlugin.pm
index 2ae2649..73c2e84 100644
--- a/PVE/Network/SDN/Zones/QinQPlugin.pm
+++ b/PVE/Network/SDN/Zones/QinQPlugin.pm
@@ -72,6 +72,7 @@ sub generate_sdn_config {
@iface_config = ();
push @iface_config, "ovs_type OVSIntPort";
push @iface_config, "ovs_bridge $bridge";
+ push @iface_config, "ovs_mtu $mtu" if $mtu;
push @iface_config, "ovs_options vlan_mode=dot1q-tunnel tag=$stag
other_config:qinq-ethtype=$vlanprotocol";
push(@{$config->{$svlan_iface}}, @iface_config) if
!$config->{$svlan_iface};
diff --git a/PVE/Network/SDN/Zones/VlanPlugin.pm
b/PVE/Network/SDN/Zones/VlanPlugin.pm
index d3dc857..3bff970 100644
--- a/PVE/Network/SDN/Zones/VlanPlugin.pm
+++ b/PVE/Network/SDN/Zones/VlanPlugin.pm
@@ -63,6 +63,7 @@ sub generate_sdn_config {
@iface_config = ();
push @iface_config, "ovs_type OVSIntPort";
push @iface_config, "ovs_bridge $bridge";
+ push @iface_config, "ovs_mtu $mtu" if $mtu;
if($vnet->{vlanaware}) {
push @iface_config, "ovs_options vlan_mode=dot1q-tunnel tag=$tag";
} else {
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server 1/2] create_disks: fix uninitialized warning
Signed-off-by: Fabian Grünbichler
---
PVE/API2/Qemu.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index fd51bf3..5e6fd42 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -1095,7 +1095,7 @@ my $update_vm_api = sub {
return if PVE::QemuServer::drive_is_cdrom($drive);
my ($storeid, $volname) = PVE::Storage::parse_volume_id($volid, 1);
- return if $volname eq 'cloudinit';
+ return if defined($volname) && $volname eq 'cloudinit';
my $format;
if ($volid =~ $NEW_DISK_RE) {
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server 2/2] fix #2774: add early check for non-managed volumes
when checking whether a to-be-added drive's and the VM's replication
status are matching. otherwise, we end up in a failing generic
'parse_volume_id' with no mention of the actual reason.
adding 'replicate=0' to the new drive string fixes the underlying issue
with and without this patch, so this is just a cosmetic/usability
improvement.
Signed-off-by: Fabian Grünbichler
---
PVE/API2/Qemu.pm | 3 +++
1 file changed, 3 insertions(+)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 5e6fd42..974ee3b 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -1095,6 +1095,9 @@ my $update_vm_api = sub {
return if PVE::QemuServer::drive_is_cdrom($drive);
my ($storeid, $volname) = PVE::Storage::parse_volume_id($volid, 1);
+ die "cannot add non-managed/pass-through volume to a replicated VM\n"
+ if !defined($storeid);
+
return if defined($volname) && $volname eq 'cloudinit';
my $format;
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 ifupdown2 00/10] 3.0.0-1 version
Hi, This patch series update ifupdown2 to 3.0.0-1. Please bump the proxmox git mirror to 3.0.0-1 tag. Main change python2 to python3 conversion. I have tested it since 2 weeks with differents sdn setup, I don't have seen regression. I have added extra patches from master branch, on top of 3.0.0-1 tag. They are some fix for ovs plugin, and some new interfaces like veth pair are supported too. (I need them for sdn). changelog v2: add missing 0008-openvswitch-ovs-ports-condone-regex-exclude-tap-veth.patch Alexandre Derumier (10): remove extra patches rebase 0001-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch rebase 0007-networking.service-fix-dependencies-and-ordering.patch remove 0008-add-openvswitch-addon.patch add extra patch: 0002-nllistener-increase-buffer.patch add extra patch: 0003-ovs-multiple-ovsport.patch add extra patch: 0004-fix-start-networking-permission.patch control: update python3 changelog: bump to 3.0.0-1 add patch 0008-openvswitch-ovs-ports-condone-regex-exclude-tap-veth.patch debian/changelog | 6 + debian/control| 13 +- ...g-option-to-common_argparse-to-avoid.patch | 44 -- .../0001-ovs-ovs-ports-condone-regex.patch| 66 ++ .../extra/0002-fix-default-forwarding.patch | 100 --- .../0002-nllistener-increase-buffer.patch | 25 + .../extra/0003-ovs-multiple-ovsport.patch | 53 ++ ...0004-fix-start-networking-permission.patch | 13 + ...-veth-fwpr-interfaces-from-bridge-on.patch | 29 +- ...ervice-fix-dependencies-and-ordering.patch | 17 +- .../pve/0008-add-openvswitch-addon.patch | 595 -- ...ports-condone-regex-exclude-tap-veth.patch | 34 + debian/patches/series | 8 +- 13 files changed, 226 insertions(+), 777 deletions(-) delete mode 100644 debian/patches/extra/0001-argv-move-nldebug-option-to-common_argparse-to-avoid.patch create mode 100644 debian/patches/extra/0001-ovs-ovs-ports-condone-regex.patch delete mode 100644 debian/patches/extra/0002-fix-default-forwarding.patch create mode 100644 debian/patches/extra/0002-nllistener-increase-buffer.patch create mode 100644 debian/patches/extra/0003-ovs-multiple-ovsport.patch create mode 100644 debian/patches/extra/0004-fix-start-networking-permission.patch delete mode 100644 debian/patches/pve/0008-add-openvswitch-addon.patch create mode 100644 debian/patches/pve/0008-openvswitch-ovs-ports-condone-regex-exclude-tap-veth.patch -- 2.20.1 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 ifupdown2 08/10] control: update python3
Signed-off-by: Alexandre Derumier
---
debian/control | 13 +++--
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/debian/control b/debian/control
index 62358f6..5a95659 100644
--- a/debian/control
+++ b/debian/control
@@ -5,12 +5,13 @@ Maintainer: Proxmox Support Team
Build-Depends: debhelper (>=9),
dh-systemd,
dh-python,
- python-all,
- python-setuptools,
- python-docutils
+ python3,
+ python3-all,
+ python3-setuptools,
+ python3-docutils
Standards-Version: 3.9.8
Homepage: https://github.com/cumulusnetworks/ifupdown2
-X-Python-Version: >= 2.7
+X-Python-Version: >= 3.7
Package: ifupdown2
Architecture: all
@@ -18,8 +19,8 @@ Provides: ifupdown
Conflicts: ifupdown
Replaces: ifupdown
Breaks: libpve-common-perl (<< 6.0-14)
-Depends: ${python:Depends}, ${misc:Depends}, iproute2, python-argcomplete,
python-ipaddr
-Suggests: isc-dhcp-client, bridge-utils, ethtool, python-gvgen, python-mako
+Depends: ${python3:Depends}, ${misc:Depends}, iproute2
+Suggests: isc-dhcp-client, bridge-utils, ethtool, python3-gvgen, python3-mako
Description: Network Interface Management tool similar to ifupdown
ifupdown2 is ifupdown re-written in Python. It replaces ifupdown and provides
the same user interface as ifupdown for network interface configuration.
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 ifupdown2 07/10] add extra patch: 0004-fix-start-networking-permission.patch
https://github.com/CumulusNetworks/ifupdown2/commit/5cbe13d17a28e1ce4a411092f0bd659360406572 Signed-off-by: Alexandre Derumier --- .../0004-fix-start-networking-permission.patch | 13 + debian/patches/series | 1 + 2 files changed, 14 insertions(+) create mode 100644 debian/patches/extra/0004-fix-start-networking-permission.patch diff --git a/debian/patches/extra/0004-fix-start-networking-permission.patch b/debian/patches/extra/0004-fix-start-networking-permission.patch new file mode 100644 index 000..5357e31 --- /dev/null +++ b/debian/patches/extra/0004-fix-start-networking-permission.patch @@ -0,0 +1,13 @@ +From 5cbe13d17a28e1ce4a411092f0bd659360406572 Mon Sep 17 00:00:00 2001 +From: bauen1 +Date: Fri, 15 May 2020 17:16:04 +0200 +Subject: [PATCH] allow systemd to execute the helper script + +--- + ifupdown2/sbin/start-networking | 0 + 1 file changed, 0 insertions(+), 0 deletions(-) + mode change 100644 => 100755 ifupdown2/sbin/start-networking + +diff --git a/ifupdown2/sbin/start-networking b/ifupdown2/sbin/start-networking +old mode 100644 +new mode 100755 diff --git a/debian/patches/series b/debian/patches/series index e6a1270..92b4af5 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,6 +1,7 @@ extra/0001-ovs-ovs-ports-condone-regex.patch extra/0002-nllistener-increase-buffer.patch extra/0003-ovs-multiple-ovsport.patch +extra/0004-fix-start-networking-permission.patch pve/0001-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch pve/0002-add-dummy-mtu-bridgevlanport-modules.patch pve/0003-allow-vlan-subinterface-in-a-vlan-aware-bridge.patch -- 2.20.1 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 ifupdown2 05/10] add extra patch: 0002-nllistener-increase-buffer.patch
https://github.com/CumulusNetworks/ifupdown2/commit/523b347ad49234efb7787f6f084070034de7e977 Signed-off-by: Alexandre Derumier --- .../0002-nllistener-increase-buffer.patch | 25 +++ debian/patches/series | 1 + 2 files changed, 26 insertions(+) create mode 100644 debian/patches/extra/0002-nllistener-increase-buffer.patch diff --git a/debian/patches/extra/0002-nllistener-increase-buffer.patch b/debian/patches/extra/0002-nllistener-increase-buffer.patch new file mode 100644 index 000..72a4f06 --- /dev/null +++ b/debian/patches/extra/0002-nllistener-increase-buffer.patch @@ -0,0 +1,25 @@ +From 523b347ad49234efb7787f6f084070034de7e977 Mon Sep 17 00:00:00 2001 +From: Alexandre Derumier +Date: Wed, 27 May 2020 15:49:49 +0200 +Subject: [PATCH] nllistener: increase netlink buffer to 64k + +Currently 4k buffer is too small to handle some netlink messages + +(Like bridge vlans for example, with 32k messages detected). +--- + ifupdown2/nlmanager/nllistener.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ifupdown2/nlmanager/nllistener.py b/ifupdown2/nlmanager/nllistener.py +index b40b058..e319dc4 100644 +--- a/ifupdown2/nlmanager/nllistener.py b/ifupdown2/nlmanager/nllistener.py +@@ -44,7 +44,7 @@ class NetlinkListener(Thread): + # As defined in asm/socket.h + _SO_ATTACH_FILTER = 26 + +-RECV_BUFFER = 4096 # 1024 * 1024 ++RECV_BUFFER = 65536 # 1024 * 1024 + + def __init__(self, manager, groups, pid_offset=1, error_notification=False, rcvbuf_sz=1000, bpf_filter=None): + """ diff --git a/debian/patches/series b/debian/patches/series index 8363c15..e57723c 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,4 +1,5 @@ extra/0001-ovs-ovs-ports-condone-regex.patch +extra/0002-nllistener-increase-buffer.patch pve/0001-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch pve/0002-add-dummy-mtu-bridgevlanport-modules.patch pve/0003-allow-vlan-subinterface-in-a-vlan-aware-bridge.patch -- 2.20.1 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 ifupdown2 02/10] rebase 0001-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch
Signed-off-by: Alexandre Derumier
---
...-veth-fwpr-interfaces-from-bridge-on.patch | 29 +--
1 file changed, 8 insertions(+), 21 deletions(-)
diff --git
a/debian/patches/pve/0001-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch
b/debian/patches/pve/0001-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch
index 869f0f3..36b256e 100644
---
a/debian/patches/pve/0001-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch
+++
b/debian/patches/pve/0001-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch
@@ -1,43 +1,30 @@
-From 874ba884a7ff8f0059e069aac2855c2ffd5cacd2 Mon Sep 17 00:00:00 2001
+From e048d4f3c6516c4b7519112de13f79f70d56d44b Mon Sep 17 00:00:00 2001
From: Alexandre Derumier
Date: Wed, 16 May 2018 02:11:45 +0200
-Subject: [PATCH 1/7] don't remove (tap|veth|fwpr) interfaces from bridge on
- ifup bridge
+Subject: [PATCH] don't remove (tap|veth|fwpr) interfaces from bridge on ifup
+ bridge
as proxmox don't defined them in /etc/network/interfaces
Signed-off-by: Thomas Lamprecht
Signed-off-by: Alexandre Derumier
---
- debian/rules | 2 +-
ifupdown2/addons/bridge.py | 4
- 2 files changed, 5 insertions(+), 1 deletion(-)
+ 1 file changed, 4 insertions(+)
-diff --git a/debian/rules b/debian/rules
-index 6274b3a..dfd460f 100755
a/debian/rules
-+++ b/debian/rules
-@@ -1,6 +1,6 @@
- #!/usr/bin/make -f
-
--#export DH_VERBOSE=1
-+export DH_VERBOSE=1
- export PYBUILD_NAME=ifupdown2
- export PYBUILD_INSTALL_ARGS=--install-lib=/usr/share/
--install-scripts=/usr/share/
-
diff --git a/ifupdown2/addons/bridge.py b/ifupdown2/addons/bridge.py
-index 00b1eaa..35944ac 100644
+index d990b66..365e87d 100644
--- a/ifupdown2/addons/bridge.py
+++ b/ifupdown2/addons/bridge.py
-@@ -440,6 +440,7 @@ class bridge(Addon, moduleBase):
+@@ -439,6 +439,7 @@ class bridge(Addon, moduleBase):
"bridge-ports-condone-regex": {
"help": "bridge ports to ignore/condone when reloading
config / removing interfaces",
"required": False,
+"default": "^(tap|veth|fwpr)",
"example": ["bridge-ports-condone-regex
^[a-zA-Z0-9]+_v[0-9]{1,4}$"]
},
- }
-@@ -1006,6 +1007,9 @@ class bridge(Addon, moduleBase):
+ "bridge-vlan-vni-map": {
+@@ -1013,6 +1014,9 @@ class bridge(Addon, moduleBase):
# up a compiled regex to be used in a match later. This way we try to
avoid
# a race condition where an (possibly VM) interface is created after
this
# function has been called but before the bridgeports are validated.
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 ifupdown2 06/10] add extra patch: 0003-ovs-multiple-ovsport.patch
https://github.com/CumulusNetworks/ifupdown2/pull/164
Signed-off-by: Alexandre Derumier
---
.../extra/0003-ovs-multiple-ovsport.patch | 53 +++
debian/patches/series | 1 +
2 files changed, 54 insertions(+)
create mode 100644 debian/patches/extra/0003-ovs-multiple-ovsport.patch
diff --git a/debian/patches/extra/0003-ovs-multiple-ovsport.patch
b/debian/patches/extra/0003-ovs-multiple-ovsport.patch
new file mode 100644
index 000..bb18056
--- /dev/null
+++ b/debian/patches/extra/0003-ovs-multiple-ovsport.patch
@@ -0,0 +1,53 @@
+From 6cdb2b3d220fdf60ea8d0a2982a90c583dec467e Mon Sep 17 00:00:00 2001
+From: Alexandre Derumier
+Date: Thu, 28 May 2020 11:21:55 +0200
+Subject: [PATCH] addons: openvswitch: allow multiple ovs-ports + glob/regex
+
+---
+ ifupdown2/addons/openvswitch.py | 18 +++---
+ 1 file changed, 15 insertions(+), 3 deletions(-)
+
+diff --git a/ifupdown2/addons/openvswitch.py b/ifupdown2/addons/openvswitch.py
+index 468d7df..936c871 100644
+--- a/ifupdown2/addons/openvswitch.py
b/ifupdown2/addons/openvswitch.py
+@@ -37,6 +37,12 @@ class openvswitch(Addon, moduleBase):
+ 'help': 'Interfaces to be part of this ovs bridge.',
+ 'validvals': [''],
+ 'required': False,
++"multivalue": True,
++"example": [
++"ovs-ports swp1.100 swp2.100 swp3.100",
++"ovs-ports glob swp1-3.100",
++"ovs-ports regex (swp[1|2|3].100)"
++]
+ },
+ 'ovs-type': {
+ 'help': 'ovs interface type',
+@@ -87,10 +93,15 @@ def _is_ovs_bridge (self, ifaceobj):
+ return False
+
+ def _get_ovs_ports (self, ifaceobj):
+-ovs_ports = ifaceobj.get_attr_value_first('ovs-ports')
++ovs_ports = []
++
++for port in ifaceobj.get_attr_value('ovs-ports') or []:
++ovs_ports.extend(port.split())
++
+ if ovs_ports:
+-return sorted (ovs_ports.split ())
+-return None
++return self.parse_port_list(ifaceobj.name, ' '.join(ovs_ports))
++else:
++return None
+
+ def _get_running_ovs_ports (self, iface):
+ output = utils.exec_command("/usr/bin/ovs-vsctl list-ports %s" %iface)
+@@ -152,6 +163,7 @@ def _addbridge (self, ifaceobj):
+ ovs_ports = self._get_ovs_ports(ifaceobj)
+ running_ovs_ports = self._get_running_ovs_ports(iface)
+
++missingports = []
+ if running_ovs_ports is not None and ovs_ports is not None:
+ missingports = list(set(running_ovs_ports) - set(ovs_ports))
+
diff --git a/debian/patches/series b/debian/patches/series
index e57723c..e6a1270 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,5 +1,6 @@
extra/0001-ovs-ovs-ports-condone-regex.patch
extra/0002-nllistener-increase-buffer.patch
+extra/0003-ovs-multiple-ovsport.patch
pve/0001-don-t-remove-tap-veth-fwpr-interfaces-from-bridge-on.patch
pve/0002-add-dummy-mtu-bridgevlanport-modules.patch
pve/0003-allow-vlan-subinterface-in-a-vlan-aware-bridge.patch
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 ifupdown2 09/10] changelog: bump to 3.0.0-1
Signed-off-by: Alexandre Derumier --- debian/changelog | 6 ++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index 7ca7226..ff13c56 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +ifupdown2 (3.0.0-1+pve1) pve; urgency=medium + + * Bump to 3.0.0-1 + + -- Proxmox Support Team Tue, 28 May 2020 11:10:20 +0200 + ifupdown2 (2.0.1-1+pve10) pve; urgency=medium * avoid bringing network config in sync if pve-common isn't available -- 2.20.1 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 ifupdown2 10/10] add patch 0008-openvswitch-ovs-ports-condone-regex-exclude-tap-veth.patch
Signed-off-by: Alexandre Derumier
---
...ports-condone-regex-exclude-tap-veth.patch | 34 +++
debian/patches/series | 1 +
2 files changed, 35 insertions(+)
create mode 100644
debian/patches/pve/0008-openvswitch-ovs-ports-condone-regex-exclude-tap-veth.patch
diff --git
a/debian/patches/pve/0008-openvswitch-ovs-ports-condone-regex-exclude-tap-veth.patch
b/debian/patches/pve/0008-openvswitch-ovs-ports-condone-regex-exclude-tap-veth.patch
new file mode 100644
index 000..4cfdbf6
--- /dev/null
+++
b/debian/patches/pve/0008-openvswitch-ovs-ports-condone-regex-exclude-tap-veth.patch
@@ -0,0 +1,34 @@
+From cfe5feada5532830a53031138c471541ebec813d Mon Sep 17 00:00:00 2001
+From: Alexandre Derumier
+Date: Sun, 17 May 2020 15:46:36 +0200
+Subject: [PATCH] openvswitch : ovs-ports-condone-regex : exclude tap|veth|fwln
+
+Signed-off-by: Alexandre Derumier
+---
+ ifupdown2/addons/openvswitch.py | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/ifupdown2/addons/openvswitch.py b/ifupdown2/addons/openvswitch.py
+index 468d7df..48beef3 100644
+--- a/ifupdown2/addons/openvswitch.py
b/ifupdown2/addons/openvswitch.py
+@@ -65,6 +65,7 @@ class openvswitch(Addon, moduleBase):
+ },
+ 'ovs-ports-condone-regex': {
+ "help": "ovs ports to ignore/condone when reloading
config / removing interfaces",
++"default": "^(tap|veth|fwln)",
+ "required": False,
+ "example": ["ovs-ports-condone-regex
^[a-zA-Z0-9]+_v[0-9]{1,4}$"]
+ },
+@@ -101,6 +102,8 @@ class openvswitch(Addon, moduleBase):
+
+ def _get_ovs_port_condone_regex(self, ifaceobj, get_string = False):
+ ovs_port_condone_regex =
ifaceobj.get_attr_value_first('ovs-ports-condone-regex')
++if not ovs_port_condone_regex:
++ovs_port_condone_regex =
self.get_attr_default_value('ovs-ports-condone-regex')
+ if ovs_port_condone_regex:
+ if get_string:
+ return ovs_port_condone_regex
+--
+2.20.1
+
diff --git a/debian/patches/series b/debian/patches/series
index 92b4af5..af41dfe 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -9,4 +9,5 @@ pve/0004-don-t-remove-bridge-is-tap-veth-are-still-plugged.patch
pve/0005-ifreload-down-up-vxlan-interfaces-when-ifreload_down.patch
pve/0006-config-tuning.patch
pve/0007-networking.service-fix-dependencies-and-ordering.patch
+pve/0008-openvswitch-ovs-ports-condone-regex-exclude-tap-veth.patch
pve/0010-postinst-rm-update-network-config-compatibility.patch
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH V2 ifupdown2 01/10] remove extra patches
Signed-off-by: Alexandre Derumier
---
...g-option-to-common_argparse-to-avoid.patch | 44
.../extra/0002-fix-default-forwarding.patch | 100 --
debian/patches/series | 2 -
3 files changed, 146 deletions(-)
delete mode 100644
debian/patches/extra/0001-argv-move-nldebug-option-to-common_argparse-to-avoid.patch
delete mode 100644 debian/patches/extra/0002-fix-default-forwarding.patch
diff --git
a/debian/patches/extra/0001-argv-move-nldebug-option-to-common_argparse-to-avoid.patch
b/debian/patches/extra/0001-argv-move-nldebug-option-to-common_argparse-to-avoid.patch
deleted file mode 100644
index f02574f..000
---
a/debian/patches/extra/0001-argv-move-nldebug-option-to-common_argparse-to-avoid.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From 8e9960454d58f648547fcb086a8b4352a4aa4faa Mon Sep 17 00:00:00 2001
-From: Julien Fortin
-Date: Tue, 31 Dec 2019 20:25:44 +0100
-Subject: [PATCH] argv: move --nldebug option to common_argparse to avoid
- exception in ifreload
-
-Signed-off-by: Julien Fortin
-Signed-off-by: Thomas Lamprecht
- ifupdown2/ifupdown/argv.py | 14 +++---
- 1 file changed, 7 insertions(+), 7 deletions(-)
-
-diff --git a/ifupdown2/ifupdown/argv.py b/ifupdown2/ifupdown/argv.py
-index e560b40..a96a390 100644
a/ifupdown2/ifupdown/argv.py
-+++ b/ifupdown2/ifupdown/argv.py
-@@ -148,13 +148,6 @@ class Parse:
-help='type of interface entry (iface or vlan).
'
- 'This option can be used in case of
ambiguity between '
- 'a vlan interface and an iface interface
of the same name')
--argparser.add_argument(
--"--nldebug",
--dest="nldebug",
--action="store_true",
--default=False,
--help="print netlink debug messages"
--)
-
- def update_ifupdown_argparser(self, argparser):
- """ common arg parser for ifup and ifdown """
-@@ -248,3 +241,10 @@ class Parse:
- ''' general parsing rules '''
-
- argparser.add_argument('-V', '--version', action=VersionAction,
nargs=0)
-+argparser.add_argument(
-+"--nldebug",
-+dest="nldebug",
-+action="store_true",
-+default=False,
-+help="print netlink debug messages"
-+)
---
-2.20.1
-
diff --git a/debian/patches/extra/0002-fix-default-forwarding.patch
b/debian/patches/extra/0002-fix-default-forwarding.patch
deleted file mode 100644
index c1a72a3..000
--- a/debian/patches/extra/0002-fix-default-forwarding.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-From 85a93e870777f774e5901bd4443ddff2e8eaa444 Mon Sep 17 00:00:00 2001
-From: Alexandre Derumier
-Date: Mon, 24 Feb 2020 15:18:56 +0100
-Subject: [PATCH] fix default forwarding
-
-Signed-off-by: Alexandre Derumier
- ifupdown2/addons/address.py | 70 +
- 1 file changed, 40 insertions(+), 30 deletions(-)
-
-diff --git a/ifupdown2/addons/address.py b/ifupdown2/addons/address.py
-index 83974d7..b9a16ee 100644
a/ifupdown2/addons/address.py
-+++ b/ifupdown2/addons/address.py
-@@ -821,42 +821,52 @@ class address(Addon, moduleBase):
-'bridge port' %ifaceobj.name)
- return
- setting_default_value = False
-+
-+
- if not ipforward:
- setting_default_value = True
--ipforward = (self.ipforward or
-- self.get_mod_subattr('ip-forward', 'default'))
--ipforward = int(utils.get_boolean_from_string(ipforward))
--running_ipforward = self.cache.get_netconf_forwarding(socket.AF_INET,
ifaceobj.name)
--if ipforward != running_ipforward:
--try:
--self.sysctl_set('net.ipv4.conf.%s.forwarding'
--%('/'.join(ifaceobj.name.split("."))),
--ipforward)
--except Exception as e:
--if not setting_default_value:
--ifaceobj.status = ifaceStatus.ERROR
--self.logger.error('%s: %s' %(ifaceobj.name, str(e)))
-+ ipforward = self.ipforward
-+
-+if ipforward:
-+
-+ipforward = int(utils.get_boolean_from_string(ipforward))
-+running_ipforward =
self.cache.get_netconf_forwarding(socket.AF_INET, ifaceobj.name)
-+
-+if ipforward != running_ipforward:
-+try:
-+self.sysctl_set('net.ipv4.conf.%s.forwarding'
-+%('/'.join(ifaceobj.name.split("."))),
-+ipforward)
-+except Exception as e:
-+if not setting_default_value:
-+ifaceobj.status = ifaceStatus.ERROR
-+self.logger.error('%s: %s' %(ifaceobj.name, str(e)))
-
- setting_default_value = False
-+
-+
[pve-devel] [PATCH V2 ifupdown2 04/10] remove 0008-add-openvswitch-addon.patch
openvswitch is now upstream
add extra-patch for ovs-ports-condone-regex
https://github.com/CumulusNetworks/ifupdown2/pull/157
Signed-off-by: Alexandre Derumier
---
.../0001-ovs-ovs-ports-condone-regex.patch| 66 ++
.../pve/0008-add-openvswitch-addon.patch | 595 --
debian/patches/series | 2 +-
3 files changed, 67 insertions(+), 596 deletions(-)
create mode 100644 debian/patches/extra/0001-ovs-ovs-ports-condone-regex.patch
delete mode 100644 debian/patches/pve/0008-add-openvswitch-addon.patch
diff --git a/debian/patches/extra/0001-ovs-ovs-ports-condone-regex.patch
b/debian/patches/extra/0001-ovs-ovs-ports-condone-regex.patch
new file mode 100644
index 000..745c5e0
--- /dev/null
+++ b/debian/patches/extra/0001-ovs-ovs-ports-condone-regex.patch
@@ -0,0 +1,66 @@
+From 5efdf225e1f0e2705d44f36887c3e00207dd69d2 Mon Sep 17 00:00:00 2001
+From: Alexandre Derumier
+Date: Sat, 16 May 2020 08:11:22 +0200
+Subject: [PATCH] addon: openvswitch : add ovs-ports-condone-regex option
+
+Like for bridge, add a option to skip delete a regex list of interfaces.
+(can be usefull for hypervisor, when vm interfaces are dynamically plugged)
+---
+ ifupdown2/addons/openvswitch.py | 18 ++
+ 1 file changed, 18 insertions(+)
+
+diff --git a/ifupdown2/addons/openvswitch.py b/ifupdown2/addons/openvswitch.py
+index 767d09a..468d7df 100644
+--- a/ifupdown2/addons/openvswitch.py
b/ifupdown2/addons/openvswitch.py
+@@ -63,6 +63,11 @@ class openvswitch(Addon, moduleBase):
+ 'example': ['ovs_extra set bridge ${IFACE}
other-config:hwaddr=00:59:cf:9c:84:3a -- br-set-external-id ${IFACE} bridge-id
${IFACE}']
+
+ },
++'ovs-ports-condone-regex': {
++"help": "ovs ports to ignore/condone when reloading
config / removing interfaces",
++"required": False,
++"example": ["ovs-ports-condone-regex
^[a-zA-Z0-9]+_v[0-9]{1,4}$"]
++},
+ }
+ }
+
+@@ -94,6 +99,14 @@ def _get_running_ovs_ports (self, iface):
+ return ovs_ports
+ return None
+
++def _get_ovs_port_condone_regex(self, ifaceobj, get_string = False):
++ovs_port_condone_regex =
ifaceobj.get_attr_value_first('ovs-ports-condone-regex')
++if ovs_port_condone_regex:
++if get_string:
++return ovs_port_condone_regex
++return re.compile (r"%s" % ovs_port_condone_regex)
++return None
++
+ def _ovs_vsctl(self, ifaceobj, cmdlist):
+
+ if cmdlist:
+@@ -122,6 +135,7 @@ def _addbridge (self, ifaceobj):
+ ovsoptions = ifaceobj.get_attr_value_first ('ovs-options')
+ ovsextra = ifaceobj.get_attr_value('ovs-extra')
+ ovsmtu = ifaceobj.get_attr_value_first ('ovs-mtu')
++ovsportscondoneregex = self._get_ovs_port_condone_regex(ifaceobj)
+
+ cmd_list = []
+
+@@ -137,11 +151,15 @@ def _addbridge (self, ifaceobj):
+ # on update, delete active ports not in the new port list
+ ovs_ports = self._get_ovs_ports(ifaceobj)
+ running_ovs_ports = self._get_running_ovs_ports(iface)
++
+ if running_ovs_ports is not None and ovs_ports is not None:
+ missingports = list(set(running_ovs_ports) - set(ovs_ports))
+
+ if missingports is not None:
+ for port in missingports:
++if ovsportscondoneregex and
ovsportscondoneregex.match(port):
++self.logger.info("%s: port %s will stay enslaved as
it matches with ovs-ports-condone-regex" % (ifaceobj.name, port))
++continue
+ cmd = "--if-exists del-port %s %s"%(iface, port)
+ cmd_list.append(cmd)
+
diff --git a/debian/patches/pve/0008-add-openvswitch-addon.patch
b/debian/patches/pve/0008-add-openvswitch-addon.patch
deleted file mode 100644
index 847c0bf..000
--- a/debian/patches/pve/0008-add-openvswitch-addon.patch
+++ /dev/null
@@ -1,595 +0,0 @@
-From 4311f4deb9b95e67694c04ced13782a3608a176b Mon Sep 17 00:00:00 2001
-From: Alexandre Derumier
-Date: Mon, 17 Feb 2020 13:32:18 +0100
-Subject: [PATCH] add openvswitch addon
-
-Signed-off-by: Alexandre Derumier
- etc/network/ifupdown2/addons.conf| 4 +
- ifupdown2/addons/openvswitch.py | 248
- ifupdown2/addons/openvswitch_port.py | 274 +++
- ifupdown2/lib/iproute2.py| 3 +
- ifupdown2/nlmanager/nlpacket.py | 1 +
- 5 files changed, 530 insertions(+)
- create mode 100644 ifupdown2/addons/openvswitch.py
- create mode 100644 ifupdown2/addons/openvswitch_port.py
-
-diff --git a/etc/network/ifupdown2/addons.conf
b/etc/network/ifupdown2/addons.conf
-index c43d377..8811cc2 100644
a/etc/network/ifupdown2/addons.conf
-+++ b/etc/network/ifupdown2/addons.conf
-@@ -1,3 +1,5 @@
-+pre-up,openvswitch
-+pre-up,openvswitch_
[pve-devel] [PATCH V2 ifupdown2 03/10] rebase 0007-networking.service-fix-dependencies-and-ordering.patch
Signed-off-by: Alexandre Derumier --- service-fix-dependencies-and-ordering.patch | 17 + 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/debian/patches/pve/0007-networking.service-fix-dependencies-and-ordering.patch b/debian/patches/pve/0007-networking.service-fix-dependencies-and-ordering.patch index 1c49ccd..66d1e18 100644 --- a/debian/patches/pve/0007-networking.service-fix-dependencies-and-ordering.patch +++ b/debian/patches/pve/0007-networking.service-fix-dependencies-and-ordering.patch @@ -1,4 +1,4 @@ -From 0aa90eb35e22ca156f6ab8fafd30071211bc3e50 Mon Sep 17 00:00:00 2001 +From e8ce294b4db6039216b72e353a51d1bac0c5313d Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Thu, 30 Jan 2020 12:48:23 +0100 Subject: [PATCH] networking.service: fix dependencies and ordering @@ -17,14 +17,14 @@ ONCE!! Signed-off-by: Thomas Lamprecht --- debian/ifupdown2-pre.service| 13 + - debian/ifupdown2.networking.service | 7 +-- + debian/ifupdown2.networking.service | 8 ++-- debian/rules| 1 + - 3 files changed, 19 insertions(+), 2 deletions(-) + 3 files changed, 20 insertions(+), 2 deletions(-) create mode 100644 debian/ifupdown2-pre.service diff --git a/debian/ifupdown2-pre.service b/debian/ifupdown2-pre.service new file mode 100644 -index 000..f0fb308 +index 000..b129a62 --- /dev/null +++ b/debian/ifupdown2-pre.service @@ -0,0 +1,13 @@ @@ -42,7 +42,7 @@ index 000..f0fb308 +EnvironmentFile=-/etc/default/networking +ExecStart=/bin/udevadm settle diff --git a/debian/ifupdown2.networking.service b/debian/ifupdown2.networking.service -index b2acd97..8f54dc6 100644 +index 32f21f6..a49d1ba 100644 --- a/debian/ifupdown2.networking.service +++ b/debian/ifupdown2.networking.service @@ -2,8 +2,11 @@ @@ -58,14 +58,15 @@ index b2acd97..8f54dc6 100644 [Service] Type=oneshot -@@ -15,4 +18,4 @@ ExecStop=/sbin/ifdown -a - ExecReload=/sbin/ifreload -a +@@ -16,4 +19,5 @@ ExecStop=/usr/share/ifupdown2/sbin/start-networking stop + ExecReload=/usr/share/ifupdown2/sbin/start-networking reload [Install] -WantedBy=basic.target network.target shutdown.target +WantedBy=multi-user.target network-online.target ++ diff --git a/debian/rules b/debian/rules -index 6274b3a..9168c08 100755 +index ea6f434..fcb304f 100755 --- a/debian/rules +++ b/debian/rules @@ -15,6 +15,7 @@ override_dh_install: -- 2.20.1 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: Re: [PATCH manager] api: improve node index with missing/broken cert
On 6/2/20 9:40 AM, Fabian Grünbichler wrote: > since this API endpoint is used for the node selector in the GUI, which > causes quite widespread breakage. > > Signed-off-by: Fabian Grünbichler > --- > PVE/API2/Nodes.pm | 5 - > 1 file changed, 4 insertions(+), 1 deletion(-) > > applied, thanks! ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH firewall] ebtables: keep policy of custom chains
missed that there was a bugzilla issue for this:
this fixes #2773
On Tue, 2 Jun 2020 10:06:17 +0200
Stoiko Ivanov wrote:
> currently all ebtalbes chains are created with a hardcoded policy of ACCEPT.
> This patch changes the functionality to store the configured policy of a
> chain while reading the 'ebtables-save' output and uses this policy when
> creating the command list.
>
> This is only relevant for ebtablers chains not generated by pve-firewall (the
> ones having an action of 'ignore' in the status-hash).
>
> Reported on the pve-user list:
> https://pve.proxmox.com/pipermail/pve-user/2020-May/171731.html
>
> Minimally tested with the example from the thread.
>
> Signed-off-by: Stoiko Ivanov
> ---
> src/PVE/Firewall.pm | 7 +--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
> index a2105e5..97670fd 100644
> --- a/src/PVE/Firewall.pm
> +++ b/src/PVE/Firewall.pm
> @@ -1944,9 +1944,10 @@ sub ebtables_get_chains {
> my $line = shift;
> return if $line =~ m/^#/;
> return if $line =~ m/^\s*$/;
> - if ($line =~ m/^:(\S+)\s\S+$/) {
> + if ($line =~ m/^:(\S+)\s(ACCEPT|DROP|RETURN)$/) {
> # Make sure we know chains exist even if they're empty.
> $chains->{$1} //= [];
> + $res->{$1}->{policy} = $2;
> } elsif ($line =~ m/^(?:\S+)\s(\S+)\s(?:\S+).*/) {
> my $chain = $1;
> $line =~ s/\s+$//;
> @@ -4063,6 +4064,7 @@ sub get_ruleset_status {
> if (defined($change_only_regex)) {
> $action = 'ignore' if ($chain !~ m/$change_only_regex/);
> $statushash->{$chain}->{rules} = $active_chains->{$chain}->{rules};
> + $statushash->{$chain}->{policy} =
> $active_chains->{$chain}->{policy};
> $sig = $sig->{sig};
> }
> $statushash->{$chain}->{action} = $action;
> @@ -4163,7 +4165,8 @@ sub get_ebtables_cmdlist {
> my $pve_include = 0;
> foreach my $chain (sort keys %$statushash) {
> next if ($statushash->{$chain}->{action} eq 'delete');
> - $cmdlist .= ":$chain ACCEPT\n";
> + my $policy = $statushash->{$chain}->{policy} // 'ACCEPT';
> + $cmdlist .= ":$chain $policy\n";
> $pve_include = 1 if ($chain eq 'PVEFW-FORWARD');
> }
>
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH firewall] ebtables: keep policy of custom chains
currently all ebtalbes chains are created with a hardcoded policy of ACCEPT.
This patch changes the functionality to store the configured policy of a
chain while reading the 'ebtables-save' output and uses this policy when
creating the command list.
This is only relevant for ebtablers chains not generated by pve-firewall (the
ones having an action of 'ignore' in the status-hash).
Reported on the pve-user list:
https://pve.proxmox.com/pipermail/pve-user/2020-May/171731.html
Minimally tested with the example from the thread.
Signed-off-by: Stoiko Ivanov
---
src/PVE/Firewall.pm | 7 +--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index a2105e5..97670fd 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -1944,9 +1944,10 @@ sub ebtables_get_chains {
my $line = shift;
return if $line =~ m/^#/;
return if $line =~ m/^\s*$/;
- if ($line =~ m/^:(\S+)\s\S+$/) {
+ if ($line =~ m/^:(\S+)\s(ACCEPT|DROP|RETURN)$/) {
# Make sure we know chains exist even if they're empty.
$chains->{$1} //= [];
+ $res->{$1}->{policy} = $2;
} elsif ($line =~ m/^(?:\S+)\s(\S+)\s(?:\S+).*/) {
my $chain = $1;
$line =~ s/\s+$//;
@@ -4063,6 +4064,7 @@ sub get_ruleset_status {
if (defined($change_only_regex)) {
$action = 'ignore' if ($chain !~ m/$change_only_regex/);
$statushash->{$chain}->{rules} = $active_chains->{$chain}->{rules};
+ $statushash->{$chain}->{policy} =
$active_chains->{$chain}->{policy};
$sig = $sig->{sig};
}
$statushash->{$chain}->{action} = $action;
@@ -4163,7 +4165,8 @@ sub get_ebtables_cmdlist {
my $pve_include = 0;
foreach my $chain (sort keys %$statushash) {
next if ($statushash->{$chain}->{action} eq 'delete');
- $cmdlist .= ":$chain ACCEPT\n";
+ my $policy = $statushash->{$chain}->{policy} // 'ACCEPT';
+ $cmdlist .= ":$chain $policy\n";
$pve_include = 1 if ($chain eq 'PVEFW-FORWARD');
}
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager] api: improve node index with missing/broken cert
since this API endpoint is used for the node selector in the GUI, which
causes quite widespread breakage.
Signed-off-by: Fabian Grünbichler
---
PVE/API2/Nodes.pm | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm
index 58497b2b..9008dcad 100644
--- a/PVE/API2/Nodes.pm
+++ b/PVE/API2/Nodes.pm
@@ -2261,7 +2261,10 @@ __PACKAGE__->register_method ({
foreach my $node (@$nodelist) {
my $can_audit = $rpcenv->check($authuser, "/nodes/$node", [
'Sys.Audit' ], 1);
my $entry = PVE::API2Tools::extract_node_stats($node, $members,
$rrd, !$can_audit);
- $entry->{ssl_fingerprint} =
PVE::Cluster::get_node_fingerprint($node);
+
+ $entry->{ssl_fingerprint} = eval {
PVE::Cluster::get_node_fingerprint($node) };
+ warn "$@" if $@;
+
push @$res, $entry;
}
--
2.20.1
___
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
