Always create a vnet bridge for each vnet, and avoid to tag vm port directly.
As we don't manage tap|veth vlan tag in /etc/network/interfaces, this could break on reload if user change vlan value on a vnet. ovs --- eth0----ovs vmbr0--(ovsintport tag)---->vnet---->vm vlanawarebridge --------------- eth0----vlanaware bridge vmbr0--(vmbr0.X tag)---->vnet---->vm non-vlanaware bridge -------------------- keep vmbrXvY for compatibility with existing network eth0<---->eth0.X----vmbr0v10------vnet---->vm Signed-off-by: Alexandre Derumier <aderum...@odiso.com> --- PVE/Network/SDN/Zones/VlanPlugin.pm | 90 +++++++++++++++++++---------- 1 file changed, 59 insertions(+), 31 deletions(-) diff --git a/PVE/Network/SDN/Zones/VlanPlugin.pm b/PVE/Network/SDN/Zones/VlanPlugin.pm index b0d3784..9d459cd 100644 --- a/PVE/Network/SDN/Zones/VlanPlugin.pm +++ b/PVE/Network/SDN/Zones/VlanPlugin.pm @@ -43,34 +43,78 @@ sub generate_sdn_config { my $bridge = $plugin_config->{bridge}; my $vlan_aware = PVE::Tools::file_read_firstline("/sys/class/net/$bridge/bridge/vlan_filtering"); my $is_ovs = 1 if !-d "/sys/class/net/$bridge/brif"; - return if $vlan_aware || $is_ovs; my $tag = $vnet->{tag}; my $alias = $vnet->{alias}; my $mtu = $plugin_config->{mtu} if $plugin_config->{mtu}; - my $bridgevlan = $bridge."v".$tag; - my @bridge_ifaces = (); - my $dir = "/sys/class/net/$bridge/brif"; - PVE::Tools::dir_glob_foreach($dir, '(((eth|bond)\d+|en[^.]+)(\.\d+)?)', sub { - push @bridge_ifaces, $_[0]; - }); + my $vnet_uplink = "ln_".$vnetid; + my $vnet_uplinkpeer = "pr_".$vnetid; - my $bridge_ports = ""; - $bridge_ports = "none" if scalar(@bridge_ifaces) == 0; + my @iface_config = (); + + if($is_ovs) { + + # keep vmbrXvY for compatibility with existing network + # eth0----ovs vmbr0--(ovsintport tag)---->vnet---->vm + + @iface_config = (); + push @iface_config, "ovs_type OVSIntPort"; + push @iface_config, "ovs_bridge $bridge"; + push @iface_config, "ovs_options tag=$tag"; + push(@{$config->{$vnet_uplink}}, @iface_config) if !$config->{$vnet_uplink}; + + @iface_config = (); + push @iface_config, "ovs_type OVSBridge"; + push @iface_config, "ovs_ports $vnet_uplink"; + push(@{$config->{$bridge}}, @iface_config) if !$config->{$bridge}; - foreach my $bridge_iface (@bridge_ifaces) { - $bridge_ports .= " $bridge_iface.$tag"; + } elsif ($vlan_aware) { + # eth0----vlanaware bridge vmbr0--(vmbr0.X tag)---->vnet---->vm + $vnet_uplink = "$bridge.$tag"; + } else { + + # keep vmbrXvY for compatibility with existing network + # eth0<---->eth0.X----vmbr0v10------vnet---->vm + + my $bridgevlan = $bridge."v".$tag; + + my @bridge_ifaces = (); + my $dir = "/sys/class/net/$bridge/brif"; + PVE::Tools::dir_glob_foreach($dir, '(((eth|bond)\d+|en[^.]+)(\.\d+)?)', sub { + push @bridge_ifaces, $_[0]; + }); + + my $bridge_ports = ""; + foreach my $bridge_iface (@bridge_ifaces) { + $bridge_ports .= " $bridge_iface.$tag"; + } + + @iface_config = (); + push @iface_config, "link-type veth"; + push @iface_config, "veth-peer-name $vnet_uplinkpeer"; + push(@{$config->{$vnet_uplink}}, @iface_config) if !$config->{$vnet_uplink}; + + @iface_config = (); + push @iface_config, "link-type veth"; + push @iface_config, "veth-peer-name $vnet_uplink"; + push(@{$config->{$vnet_uplinkpeer}}, @iface_config) if !$config->{$vnet_uplinkpeer}; + + @iface_config = (); + push @iface_config, "bridge_ports $bridge_ports $vnet_uplinkpeer"; + push @iface_config, "bridge_stp off"; + push @iface_config, "bridge_fd 0"; + push(@{$config->{$bridgevlan}}, @iface_config) if !$config->{$bridgevlan}; } - #vnet bridge (keep vmbrXvY for compatibility) - my @iface_config = (); - push @iface_config, "bridge_ports $bridge_ports"; + #vnet bridge + @iface_config = (); + push @iface_config, "bridge_ports $vnet_uplink"; push @iface_config, "bridge_stp off"; push @iface_config, "bridge_fd 0"; push @iface_config, "mtu $mtu" if $mtu; push @iface_config, "alias $alias" if $alias; - push(@{$config->{$bridgevlan}}, @iface_config) if !$config->{$vnetid}; + push(@{$config->{$vnetid}}, @iface_config) if !$config->{$vnetid}; return $config; } @@ -95,22 +139,6 @@ sub status { } } -sub get_bridge_vlan { - my ($class, $plugin_config, $vnetid, $tag) = @_; - - my $bridge = $plugin_config->{bridge}; - - die "bridge $bridge is missing" if !-d "/sys/class/net/$bridge/"; - - my $vlan_aware = PVE::Tools::file_read_firstline("/sys/class/net/$bridge/bridge/vlan_filtering"); - my $is_ovs = 1 if !-d "/sys/class/net/$bridge/brif"; - - - return ($bridge."v".$tag, undef) if !$is_ovs && !$vlan_aware; - - return ($bridge, $tag); -} - 1; -- 2.20.1 _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel