[pve-devel] rfc : pve-network : idea to generate and reload config accross the nodes

Alexandre DERUMIER aderumier at odiso.com
Wed Apr 3 08:07:45 CEST 2019 

>>I is still unclear to me how you do those tests? AFAIK, ifreload does not have a --dry-run option. 
with ifupdown2, ifreload -a --no-act.
(+ tests with our currrent read_networt_interface code)

>>Even when it has such option, it would need access to the local node? (to see what interfaces exists, ...). 
Yes, that's why my last proposition what to have a of local copy configuration to /etc/pve/. (to be able to test with only 1api call, without calling each node)


>>I am not sure it this is a real problem. I think the cluster wide vnet config is the relevant config. If a node is unable to apply that config, the node needs to get fixed. 
>>I think of this like deploying a network configuration with ansible (or other tools). 

Do you have an idea where to report a local error configuration ? 
I was thinking about diplaying transport/vnets in main tree (like storage), and display error on it. (maybe with compare the running local network config and what is defined in /etc/pve/network/ ). (for presentation, maybe like a storage with volumes, we could have a transport with vnets). Not sure it's a good idea ?



>>So if you really need/want to test before apply, we could add and API call for that: 
>>POST /api2/json/nodes/<node>/test_network_changes 
>>We can then add a TEST button to the GUI, or call those this test API on all nodes before we apply changes. 

Ok, I was not sure about this way. So let's go for this.




>>I think network configuration is really complex, and we should avoid to do anything automatically. 
>>I would prefer and "APPLY" button, so that I have full control over when network changes happen. 
>>Maybe an extra "TEST" button would be also helpful. 

Ok, I'll look this way.



----- Mail original -----
De: "dietmar" <dietmar at proxmox.com>
À: "pve-devel" <pve-devel at pve.proxmox.com>, "aderumier" <aderumier at odiso.com>
Envoyé: Mercredi 3 Avril 2019 07:03:09
Objet: Re: [pve-devel] rfc : pve-network : idea to generate and reload config accross the nodes

> I have rethinked about it, I have (again ;) a new idea for implementation. 
> 
> The main problem is how to test a change at datacenter level, as we need to test the local configuration of each node. 
> 
> and it's not currently in /etc/pve , but in /etc/network/interfaces of each node. 

I am not sure it this is a real problem. I think the cluster wide vnet config is the relevant config. If a node is unable to apply that config, the node needs to get fixed. 

I think of this like deploying a network configuration with ansible (or other tools). 

> I think, something easy, is that we could have a copy of each /etc/network/interfaces of each node in /etc/pve/nodes/<nodename>/interfaces. 
> (could be done we a change is done in gui local netowrk, or local network daemon copy it at regular interval in case of manual change for example). 
> 
> 
> Like this, it's very easy, when a network change is one at datacenter level, we can directly test it on all network interfaces of all nodes ( /etc/pve/nodes/*/interfaces). (in the api endpoint), 

I is still unclear to me how you do those tests? AFAIK, ifreload does not have a --dry-run option. Even when it has such option, it would need access to the local node? (to see what interfaces exists, ...). 

So if you really need/want to test before apply, we could add and API call for that: 

POST /api2/json/nodes/<node>/test_network_changes 

We can then add a TEST button to the GUI, or call those this test API on all nodes before we apply changes. 

> and then write directly the conf. (no need vnet.new tmp file). 

>>I think network configuration is really complex, and we should avoid to do anything automatically. 
>>I would prefer and "APPLY" button, so that I have full control over when network changes happen. 
>>Maybe an extra "TEST" button would be also helpful. 

Ok. (Anyway

More information about the pve-devel mailing list