[pve-devel] [PATCH pve-manager v4 14/17] api: network: add include_sdn / fabric type
Gabriel Goller
g.goller at proxmox.com
Wed Jul 2 16:50:56 CEST 2025
From: Stefan Hanreich <s.hanreich at proxmox.com>
In order to be able to show SDN networks in the network selector
dropdowns, we introduce a new type ('include_sdn') to the API endpoint
that lists network interfaces of a node. The return value for existing
parameters stays unchanged to preserve backwards-compatibility.
Callers have to explicitly pass the new type if they want SDN networks
included in the response as well. Only fabrics for which the current
user has any SDN permission (Audit/Use/Modify) are listed.
There is also a new type that only lists fabrics ('fabric'), which
works analogous to the current type filters.
There was a separate type for vnets as well, that is not used anywhere
but was defunct due to a missing check in the endpoint. This has now
been fixed and supplying vnet as the type should now only return
vnets.
This commit is preparation for integrating the fabrics with several
parts in the UI, such as the Ceph installation wizard and the
migration settings, which use the pveNetworkSelector component that
uses this endpoint to query available network interfaces.
Signed-off-by: Stefan Hanreich <s.hanreich at proxmox.com>
---
PVE/API2/Network.pm | 41 +++++++++++++++++++++++++++++++++--------
1 file changed, 33 insertions(+), 8 deletions(-)
diff --git a/PVE/API2/Network.pm b/PVE/API2/Network.pm
index dfefd2143ebe..c49be5b1a694 100644
--- a/PVE/API2/Network.pm
+++ b/PVE/API2/Network.pm
@@ -43,6 +43,7 @@ my $network_type_enum = [
'eth',
'alias',
'vlan',
+ 'fabric',
'OVSBridge',
'OVSBond',
'OVSPort',
@@ -245,7 +246,7 @@ __PACKAGE__->register_method({
type => {
description => "Only list specific interface types.",
type => 'string',
- enum => [@$network_type_enum, 'any_bridge', 'any_local_bridge'],
+ enum => [@$network_type_enum, 'any_bridge', 'any_local_bridge', 'include_sdn'],
optional => 1,
},
},
@@ -394,22 +395,46 @@ __PACKAGE__->register_method({
if (my $tfilter = $param->{type}) {
my $vnets;
+ my $fabrics;
- if ($have_sdn && $tfilter eq 'any_bridge') {
+ if ($have_sdn && $tfilter =~ /^(any_bridge|include_sdn|vnet)$/) {
$vnets = PVE::Network::SDN::get_local_vnets(); # returns already access-filtered
}
- for my $k (sort keys $ifaces->%*) {
- my $type = $ifaces->{$k}->{type};
- my $is_bridge = $type eq 'bridge' || $type eq 'OVSBridge';
- my $bridge_match = $is_bridge && $tfilter =~ /^any(_local)?_bridge$/;
- my $match = $tfilter eq $type || $bridge_match;
- delete $ifaces->{$k} if !$match;
+ if ($have_sdn && $tfilter =~ /^(include_sdn|fabric)$/) {
+ my $local_node = PVE::INotify::nodename();
+
+ $fabrics =
+ PVE::Network::SDN::Fabrics::config(1)->get_interfaces_for_node($local_node);
+ }
+
+ if ($tfilter ne 'include_sdn') {
+ for my $k (sort keys $ifaces->%*) {
+ my $type = $ifaces->{$k}->{type};
+ my $is_bridge = $type eq 'bridge' || $type eq 'OVSBridge';
+ my $bridge_match = $is_bridge && $tfilter =~ /^any(_local)?_bridge$/;
+ my $match = $tfilter eq $type || $bridge_match;
+ delete $ifaces->{$k} if !$match;
+ }
}
if (defined($vnets)) {
$ifaces->{$_} = $vnets->{$_} for keys $vnets->%*;
}
+
+ if (defined($fabrics)) {
+ for my $fabric_id (keys %$fabrics) {
+ next
+ if !$rpcenv->check_any(
+ $authuser,
+ "/sdn/fabrics/$fabric_id",
+ ['SDN.Audit', 'SDN.Use', 'SDN.Allocate'],
+ 1,
+ );
+
+ $ifaces->{$fabric_id} = $fabrics->{$fabric_id};
+ }
+ }
}
#always check bridge access
--
2.39.5
More information about the pve-devel
mailing list