Merge branch 'master' into ncm_network_nmstate_dummy_fix

ncm-network/src/main/pan/components/network/types/network.pan

@@ -0,0 +1,97 @@
+declaration template components/network/types/network;
+
+include 'pan/types';
+include 'quattor/functions/network';
+
+final variable QUATTOR_TYPES_NETWORK_BACKEND ?= 'initscripts';
+
+include format('components/network/types/network/backend/%s', QUATTOR_TYPES_NETWORK_BACKEND);
+
+include 'components/network/types/network/interface';
+
+@documentation{
+    Define vip interfaces for configuring loopback interface. Used with frr/zebra configuration
+}
+type network_vip = {
+    "interfaces" : valid_interface[]
+    "ip"         : type_ip
+    "fqdn"       ? type_fqdn
+    "netmask"    ? type_ip
+    "broadcast"  ? type_ip
+};
+
+@documentation{
+    router
+}
+type network_router = string[];
+
+@documentation{
+    IPv6 global settings
+}
+type network_ipv6 = {
+    "enabled" ? boolean
+    "default_gateway" ? type_ip
+    "gatewaydev" ? valid_interface # sets IPV6_DEFAULTDEV
+};
+
+@documentation{
+    Host network configuration
+
+    These values are used to generate /etc/sysconfig/network
+    when using ncm-network (unless specified otherwise).
+}
+type structure_network = {
+    "domainname" : type_fqdn
+    "hostname" : type_shorthostname
+    "realhostname" ? string with is_shorthostname(SELF) || is_fqdn(SELF)
+    "default_gateway" ? type_ip
+    @{When default_gateway is not set, the component will try to guess the default
+      gateway using the first configured gateway set on an interface.
+      The default is true for backward compatible behaviour.}
+    "guess_default_gateway" ? boolean
+    "gatewaydev" ? valid_interface
+    @{Per interface network settings.
+      These values are used to generate the /etc/sysconfig/network-scripts/ifcfg-<interface> files
+      when using ncm-network.}
+    "interfaces" : network_interface{}
+    "nameserver" ? type_ip[]
+    "nisdomain" ? string(1..64) with match(SELF, '^\S+$')
+    @{Setting nozeroconf to true stops an interface from being assigned an automatic address in the 169.254.0.0 subnet.}
+    "nozeroconf" ? boolean
+    @{The default behaviour for all interfaces wrt setting the MAC address (see interface set_hwaddr attribute).
+      The component default is false.}
+    "set_hwaddr" ? boolean
+    "nmcontrolled" ? boolean
+    "allow_nm" ? boolean
+    @{let NetworkManager manage the dns (only for nmstate)}
+    "nm_manage_dns" : boolean = false
+    @{let ncm-network cleanup inactive connections (only for nmstate)}
+    "nm_clean_inactive_conn" : boolean = true
+    "primary_ip" ? string
+    "routers" ? network_router{}
+    "ipv6" ? network_ipv6
+    "manage_vips" : boolean = false
+    "vips" ? network_vip{}
+    @{Manage custom routing table entries; key is the name; value is the id}
+    "routing_table" ? long(1..252){} with {
+        if (exists(SELF['main']) || exists(SELF['local']) || exists(SELF['default']) || exists(SELF['unspec'])) {
+            error("No reserved names in routing table");
+        };
+        true;
+    }
+} with {
+    if (exists(SELF['default_gateway'])) {
+        reachable = false;
+        # is there any interface that can reach it?
+        foreach (name; data; SELF['interfaces']) {
+            if (exists(data['ip']) && exists(data['netmask']) &&
+                ip_in_network(SELF['default_gateway'], data['ip'], data['netmask'])) {
+                reachable = true;
+            };
+        };
+        if (!reachable) {
+            error("No interface with ip/mask found to reach default gateway");
+        };
+    };
+    true;
+};

ncm-network/src/main/pan/components/network/types/network/backend/initscripts.pan

@@ -0,0 +1,3 @@
+declaration template components/network/types/network/backend/initscripts;
+
+@{implement types specific for initscripts / network.pm}

ncm-network/src/main/pan/components/network/types/network/backend/nmstate.pan

@@ -0,0 +1,3 @@
+declaration template components/network/types/network/backend/nmstate;
+
+@{implement types specific for nmstate / nmstate.pm}

ncm-network/src/main/pan/components/network/types/network/ethtool.pan

@@ -0,0 +1,68 @@
+declaration template components/network/types/network/ethtool;
+
+@documentation{
+    interface ethtool offload
+}
+type network_ethtool_offload = {
+    "rx" ? choice('on', 'off')
+    "tx" ? choice('on', 'off')
+    @{Set the TCP segment offload parameter to "off" or "on"}
+    "tso" ? choice('on', 'off')
+    "gro" ? choice('on', 'off')
+    "gso" ? choice('on', 'off')
+};
+
+@documentation{
+    Set the ethernet transmit or receive buffer ring counts.
+    See ethtool --show-ring for the values.
+}
+type network_ethtool_ring = {
+    "rx" ? long
+    "tx" ? long
+    "rx-mini" ? long
+    "rx-jumbo" ? long
+};
+
+@documentation{
+    Set the number of channels.
+    See ethtool --show-channels for the values.
+}
+type network_ethtool_channels = {
+    "rx" ? long(0..)
+    "tx" ? long(0..)
+    "other" ? long(0..)
+    "combined" ? long(0..)
+};
+
+@documentation{
+    ethtool wol p|u|m|b|a|g|s|d...
+    from the man page
+        Sets Wake-on-LAN options.  Not all devices support this.  The argument to this option is a string
+        of characters specifying which options to enable.
+            p  Wake on phy activity
+            u  Wake on unicast messages
+            m  Wake on multicast messages
+            b  Wake on broadcast messages
+            a  Wake on ARP
+            g  Wake on MagicPacket(tm)
+            s  Enable SecureOn(tm) password for MagicPacket(tm)
+            d  Disable (wake on nothing).  This option clears all previous option
+}
+type network_ethtool_wol = string with match (SELF, '^(p|u|m|b|a|g|s|d)+$');
+
+@documentation{
+    ethtool
+}
+type network_ethtool = {
+    "wol" ? network_ethtool_wol
+    "autoneg" ? choice('on', 'off')
+    "duplex" ? choice('half', 'full')
+    "speed" ? long
+    "channels" ? network_ethtool_channels
+};
+
+type network_interface_ethtool = {
+    "offload" ? network_ethtool_offload
+    "ring" ? network_ethtool_ring
+    "ethtool" ? network_ethtool
+};

ncm-network/src/main/pan/components/network/types/network/interface.pan

@@ -0,0 +1,171 @@
+declaration template components/network/types/network/interface;
+
+@{Generate error if network backend is not supported.
+  First argument is the component backend (ncm-module).
+  Optional 2nd is extra message
+}
+function network_exclude_backend = {
+    module = value('/software/components/network/ncm-module', '');
+    msg = if (ARGC < 2) '' else format(': %s', ARGV[1]);
+    if (module == ARGV[0]) {
+        error("Not supported in backend module %s%s", module, msg)
+    };
+    true;
+};
+
+include 'components/network/types/network/ethtool';
+include 'components/network/types/network/route';
+include 'components/network/types/network/rule';
+include 'components/network/types/network/ovs';
+include 'components/network/types/network/tunnel';
+
+
+@documentation{
+    Interface alias
+}
+type network_interface_alias = {
+    "ip" ? type_ip
+    "netmask" : type_ip
+    "broadcast" ? type_ip
+    "fqdn" ? type_fqdn
+};
+
+@documentation{
+    Describes the bonding options for configuring channel bonding on EL5 and similar.
+}
+type network_bonding_options = {
+    "mode" : long(0..6)
+    "miimon" : long
+    "updelay" ? long
+    "downdelay" ? long
+    "primary" ? valid_interface
+    "lacp_rate" ? long(0..1)
+    "xmit_hash_policy" ? choice('0', '1', '2', 'layer2', 'layer2+3', 'layer3+4')
+} with {
+    if ( SELF['mode'] == 1 || SELF['mode'] == 5 || SELF['mode'] == 6 ) {
+        if ( ! exists(SELF["primary"]) ) {
+            error("Bonding configured but no primary is defined.");
+        };
+    } else {
+        if ( exists(SELF["primary"]) ) {
+            error("Primary is defined but this is not allowed with this bonding mode.");
+        };
+    };
+    true;
+};
+
+@documentation{
+    describes the bridging options
+    (the parameters for /sys/class/net/<br>/brport)
+}
+type network_bridging_options = {
+    "bpdu_guard" ? long
+    "flush" ? long
+    "hairpin_mode" ? long
+    "multicast_fast_leave" ? long
+    "multicast_router" ? long
+    "path_cost" ? long
+    "priority" ? long
+    "root_block" ? long
+};
+
+
+type network_interface_type = choice(
+    'Ethernet', 'Bridge', 'Tap', 'xDSL', 'IPIP', 'Infiniband',
+    'OVSBridge', 'OVSPort', 'OVSIntPort', 'OVSBond', 'OVSTunnel', 'OVSPatchPort'
+    );
+
+@documentation{
+    network interface
+}
+type network_interface = {
+    "ip" ? type_ip
+    "gateway" ? type_ip
+    "netmask" ? type_ip
+    "broadcast" ? type_ip
+    "driver" ? string
+    "bootproto" ? choice('static', 'bootp', 'dhcp', 'none')
+    "onboot" ? boolean
+    "type" ? network_interface_type
+    "device" ? string
+    "mtu" ? long
+    "master" ? string
+    "bonding_opts" ? network_bonding_options
+    @{Routes for this interface.
+      These values are used to generate the /etc/sysconfig/network-scripts/route[6]-<interface> files
+      as used by ifup-routes when using ncm-network.
+      This allows for mixed IPv4 and IPv6 configuration}
+    "route" ? network_route[]
+    @{Rules for this interface.
+      These values are used to generate the /etc/sysconfig/network-scripts/rule[6]-<interface> files
+      as used by ifup-routes when using ncm-network.
+      This allows for mixed IPv4 and IPv6 configuration}
+    "rule" ? network_rule[]
+    @{Aliases for this interface.
+      These values are used to generate the /etc/sysconfig/network-scripts/ifcfg-<interface>:<key> files
+      as used by ifup-aliases when using ncm-network.}
+    "aliases" ? network_interface_alias{}
+    @{Explicitly set the MAC address. The MAC address is taken from /hardware/cards/nic/<interface>/hwaddr.}
+    "set_hwaddr" ? boolean
+
+
+    @{Is a VLAN device. If the device name starts with vlan, this is always true.}
+    "vlan" ? boolean
+    @{If the device name starts with vlan, this has to be set.
+      It is set (but ignored by ifup) if it the device is not named vlan}
+    "physdev" ? valid_interface
+
+    "fqdn" ? string
+    "network_environment" ? string
+    "network_type" ? string
+    "nmcontrolled" ? boolean
+    @{Set DEFROUTE, is the default for ipv6_defroute}
+    "defroute" ? boolean
+
+    "bridge" ? valid_interface
+    "linkdelay" ? long # LINKDELAY
+    "stp" ? boolean # enable/disable stp on bridge (true: STP=on)
+    "delay" ? long # brctl setfd DELAY
+    "bridging_opts" ? network_bridging_options
+
+    "bond_ifaces" ? string[]
+
+    "ipv4_failure_fatal" ? boolean
+    "ipv6_autoconf" ? boolean
+    "ipv6_failure_fatal" ? boolean
+    "ipv6_mtu" ? long(1280..65536)
+    "ipv6_privacy" ? choice('rfc3041')
+    "ipv6_rtr" ? boolean
+    @{Set IPV6_DEFROUTE, defaults to defroute value}
+    "ipv6_defroute" ? boolean
+    "ipv6addr" ? type_network_name
+    "ipv6addr_secondaries" ? type_network_name[]
+    "ipv6init" ? boolean
+
+    include network_interface_ethtool
+    include network_interface_ovs
+    include network_interface_tunnel
+} with {
+    network_interface_ovs_validate(SELF);
+    network_interface_tunnel_validate(SELF);
+
+    if ( exists(SELF['bond_ifaces']) ) {
+        foreach (i; iface; SELF['bond_ifaces']) {
+            if ( !exists("/system/network/interfaces/" + iface) ) {
+                error("The " + iface + " interface is used by bond_ifaces, but does not exist");
+            };
+        };
+    };
+    if (exists(SELF['ip']) && exists(SELF['netmask'])) {
+        if (exists(SELF['gateway']) && ! ip_in_network(SELF['gateway'], SELF['ip'], SELF['netmask'])) {
+            error('networkinterface has gateway %s not reachable from ip %s with netmask %s',
+                            SELF['gateway'], SELF['ip'], SELF['netmask']);
+        };
+        if (exists(SELF['broadcast']) && ! ip_in_network(SELF['broadcast'], SELF['ip'], SELF['netmask'])) {
+            error('networkinterface has broadcast %s not reachable from ip %s with netmask %s',
+                            SELF['broadcast'], SELF['ip'], SELF['netmask']);
+        };
+    };
+
+    true;
+};

ncm-network/src/main/pan/components/network/types/network/ovs.pan

@@ -0,0 +1,35 @@
+declaration template components/network/types/network/ovs;
+
+
+type network_interface_ovs = {
+    "ovs_bridge" ? valid_interface
+    "ovs_extra" ? string
+    "ovs_opts" ? string # See ovs-vswitchd.conf.db(5) for documentation
+    "ovs_patch_peer" ? string
+    "ovs_tunnel_opts" ? string # See ovs-vswitchd.conf.db(5) for documentation
+    "ovs_tunnel_type" ? choice('gre', 'vxlan')
+};
+
+
+@{validate the network_interface ovs config. error on error}
+function network_interface_ovs_validate = {
+    nwcfg = ARGV[0];
+    if ( exists(SELF['ovs_bridge']) && exists(SELF['type']) && SELF['type'] == 'OVSBridge') {
+        error("An OVSBridge interface cannot have the ovs_bridge option defined");
+    };
+    if ( exists(SELF['ovs_tunnel_type']) && (!exists(SELF['type']) || SELF['type'] != 'OVSTunnel')) {
+        error("ovs_tunnel_bridge is defined but the type of interface is not defined as OVSTunnel");
+    };
+    if ( exists(SELF['ovs_tunnel_opts']) && (!exists(SELF['type']) || SELF['type'] != 'OVSTunnel')) {
+        error("ovs_tunnel_opts is defined but the type of interface is not defined as OVSTunnel");
+    };
+    if ( exists(SELF['ovs_patch_peer']) && (!exists(SELF['type']) || SELF['type'] != 'OVSPatchPort')) {
+        error("ovs_patch_peer is defined but the type of interface is not defined as OVSPatchPort");
+    };
+    if ( exists(SELF['bond_ifaces']) ) {
+        if ( (!exists(SELF['type']) || SELF['type'] != 'OVSBond') ) {
+            error("bond_ifaces is defined but the type of interface is not defined as OVSBond");
+        };
+    };
+    true;
+};