[pve-devel] rfc : pve-network : idea to generate and reload config accross the nodes

[Dietmar Maurer]

> I have rethinked about it, I have (again ;) a new idea for implementation.
> 
> The main problem is how to test a change at datacenter level, as we need to test the local configuration of each node.
> 
> and it's not currently in /etc/pve  ,  but in /etc/network/interfaces of each node.

I am not sure it this is a real problem. I think the cluster wide vnet config is the relevant config. If a node is unable to apply that config, the node needs to get fixed.

I think of this like deploying a network configuration with ansible (or other tools).

> I think, something easy, is that we could have a copy of each /etc/network/interfaces of each node in /etc/pve/nodes/<nodename>/interfaces.
> (could be done we a change is done in gui local netowrk, or local network daemon copy it at regular interval in case of manual change for example).
> 
> 
> Like this, it's very easy, when a network change is one at datacenter level, we can directly test it on all network interfaces of all nodes ( /etc/pve/nodes/*/interfaces). (in the api endpoint),

I is still unclear to me how you do those tests? AFAIK, ifreload does not have a --dry-run option. Even when it has such option, it would need access to the local node? (to see what interfaces exists, ...).

So if you really need/want to test before apply, we could add and API call for that:

POST /api2/json/nodes/<node>/test_network_changes

We can then add a TEST button to the GUI, or call those this test API on all nodes before we apply changes.

> and then write directly the conf. (no need vnet.new tmp file).

I think network configuration is really complex, and we should avoid to do anything automatically.
I would prefer and "APPLY" button, so that I have full control over when network changes happen.
Maybe an extra "TEST" button would be also helpful.