Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CA-396743: Don't allow NBD on boot from SAN devices, and fix Network.managed to reflect PIF.managed #5917

Merged
merged 4 commits into from
Sep 10, 2024
Merged

CA-396743: Don't allow NBD on boot from SAN devices, and fix Network.managed to reflect PIF.managed #5917

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
5446171
CA-396743: log non managed devices in PIF.scan
edwintorok Aug 6, 2024
5acf001
CA-396743: make Network.managed reflect PIF.managed
edwintorok Aug 6, 2024
2c7bc39
CA-396743: forbid setting NBD purpose on unmanaged networks
edwintorok Aug 6, 2024
1adffbd
CA-396743: fix bridge name for unmanaged devices
edwintorok Aug 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions ocaml/xapi/xapi_network.ml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -439,6 +439,7 @@ let assert_can_add_purpose ~__context ~network:_ ~current:_ newval =
assert_no_net_has_bad_porpoise [`nbd]

let add_purpose ~__context ~self ~value =
assert_network_is_managed ~__context ~self ;
let current = Db.Network.get_purpose ~__context ~self in
if not (List.mem value current) then (
assert_can_add_purpose ~__context ~network:self ~current value ;
Expand Down
13 changes: 9 additions & 4 deletions ocaml/xapi/xapi_pif.ml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -347,7 +347,8 @@ let assert_fcoe_not_in_use ~__context ~self =
()
)

let find_or_create_network (bridge : string) (device : string) ~__context =
let find_or_create_network (bridge : string) (device : string) ~managed
~__context =
let nets =
Db.Network.get_refs_where ~__context
~expr:(Eq (Field "bridge", Literal bridge))
Expand All @@ -362,7 +363,7 @@ let find_or_create_network (bridge : string) (device : string) ~__context =
Db.Network.create ~__context ~ref:net_ref ~uuid:net_uuid
~current_operations:[] ~allowed_operations:[]
~name_label:(Helpers.choose_network_name_for_pif device)
~name_description:"" ~mTU:1500L ~purpose:[] ~bridge ~managed:true
~name_description:"" ~mTU:1500L ~purpose:[] ~bridge ~managed
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the managed field in network object a duplication of the field managed of PIF objects?
In other words, if a PIF is managed, its connected network must be managed?

Copy link
Contributor

@Vincent-lau Vincent-lau Aug 8, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe they are separate, one is for the network bridge which connects things together, while the other one is for configuring the interface (bring the interface up/down, etc). Although it seems that in this case the created pif has the same managed field as the network

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Previously we only ever introduce a managed network, even if we create an unmanaged PIF, is this ok?

~other_config:[] ~blobs:[] ~tags:[] ~default_locking_mode:`unlocked
~assigned_ips:[]
in
Expand Down Expand Up @@ -457,13 +458,13 @@ let db_forget ~__context ~self = Db.PIF.destroy ~__context ~self
let introduce_internal ?network ?(physical = true) ~t:_ ~__context ~host ~mAC
~mTU ~device ~vLAN ~vLAN_master_of ?metrics ~managed
?(disallow_unplug = false) () =
let bridge = bridge_naming_convention device in
let bridge = if managed then bridge_naming_convention device else "" in
(* If we are not told which network to use,
* apply the default convention *)
let net_ref =
match network with
| None ->
find_or_create_network bridge device ~__context
find_or_create_network bridge device ~managed ~__context
| Some x ->
x
in
Expand Down Expand Up @@ -667,6 +668,8 @@ let scan ~__context ~host =
([], [])
)
in
debug "non-managed devices=%s" (String.concat "," non_managed_devices) ;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should new log lines contain __FUNCTION__ to help locating the context?

debug "disallow-unplug devices=%s" (String.concat "," disallow_unplug_devices) ;
Xapi_stdext_threads.Threadext.Mutex.execute scan_m (fun () ->
let t = make_tables ~__context ~host in
let devices_not_yet_represented_by_pifs =
Expand All @@ -681,6 +684,8 @@ let scan ~__context ~host =
let mTU = Int64.of_int (Net.Interface.get_mtu dbg device) in
let managed = not (List.mem device non_managed_devices) in
let disallow_unplug = List.mem device disallow_unplug_devices in
debug "About to introduce %s, managed=%b, disallow-unplug=%b" device
managed disallow_unplug ;
let (_ : API.ref_PIF) =
introduce_internal ~t ~__context ~host ~mAC ~mTU ~vLAN:(-1L)
~vLAN_master_of:Ref.null ~device ~managed ~disallow_unplug ()
Expand Down
6 changes: 0 additions & 6 deletions ocaml/xapi/xapi_pif.mli
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -175,12 +175,6 @@ val assert_usable_for_management :
-> unit
(** Ensure the PIF can be used for management. *)

val find_or_create_network :
string -> string -> __context:Context.t -> [`network] Ref.t
(** If a network for the given bridge already exists, then return a reference to this network,
* otherwise create a new network and return its reference.
*)

(** Convenient lookup tables for scanning etc *)
type tables

Expand Down
Loading