[kvm] Add information about IPv6 tap address when kvm uses tap

/reviewed-on nexedi/slapos!469

[kvm] Add information about IPv6 tap address when kvm uses tap
/reviewed-on nexedi/slapos!469
9345c81b · Thomas Gambier · 9fe041b4 · 71b2a378 · 9345c81b · 9345c81b
Commit 9345c81b authored Dec 11, 2018 by Thomas Gambier 🚴🏼
5 changed files
--- a/slapos/recipe/slapconfiguration.py
+++ b/slapos/recipe/slapconfiguration.py
@@ -89,18 +89,8 @@ class Recipe(object):
      One of the IPv4 addresses.
    ipv6-random
      One of the IPv6 addresses.
-    tap
-      Set of TAP interfaces.
-    tap-network-information-dict
-      Dict of set of all TAP network information
-    tap-ipv4
-      ipv4 allowed for this TAP
-    tap-gateway
-      ipv4 of gateway interface of this TAP
-    tap-netmask
-      ipv4 netmask address of this TAP
-    tap-network
-      ipv4 network address of this TAP
+    global_ipv4_network
+      The global IPv4 network
    configuration
      Dict of all parameters.
    storage-dict
@@ -112,6 +102,8 @@ class Recipe(object):
      anyway, and are available through "configuration" output key.
    instance-state
      The instance state.
+
+    Also note that all information from resource file will be appended
  """

  # XXX: used to detect if a configuration key is a valid section key. This
@@ -215,20 +207,6 @@ class Recipe(object):
          options['ipv4-random'] = list(ipv4_set)[0].encode('UTF-8')
      if ipv6_set:
          options['ipv6-random'] = list(ipv6_set)[0].encode('UTF-8')
-      if route_ipv4_set:
-        options['tap-ipv4'] = list(route_ipv4_set)[0].encode('UTF-8')
-        options['tap-network-information-dict'] = dict(ipv4=route_ipv4_set,
-                                    netmask=route_mask_set,
-                                    gateway=route_gw_set,
-                                    network=route_network_set)
-      else:
-        options['tap-network-information-dict'] = {}
-      if route_gw_set:
-        options['tap-gateway'] = list(route_gw_set)[0].encode('UTF-8')
-      if route_mask_set:
-        options['tap-netmask'] = list(route_mask_set)[0].encode('UTF-8')
-      if route_network_set:
-        options['tap-network'] = list(route_network_set)[0].encode('UTF-8')

      storage_home = options.get('storage-home')
      storage_dict = {}
@@ -245,8 +223,6 @@ class Recipe(object):
            storage_dict[filename] = storage_link
      options['storage-dict'] = storage_dict

-      options['tap'] = tap_set
-
      # The external information transfered from Slap Master has been processed
      # so we extend with information gathered from partition resource file
      if hasattr(slapformat.Partition, "resource_file"):

--- a/software/kvm/instance-kvm-cluster.cfg.jinja2.in
+++ b/software/kvm/instance-kvm-cluster.cfg.jinja2.in
@@ -135,8 +135,12 @@ return =
 {{ '  ' }}monitor-base-url
 {% if str(kvm_parameter_dict.get('use-tap', 'True')).lower() == 'true' -%}
 {{ '  ' }}tap-ipv4
+{{ '  ' }}tap-ipv6
+{{ '  ' }}ipv6-network-info

-{% do publish_dict.__setitem__(instance_name ~ '-lan', '${' ~ section ~ ':connection-tap-ipv4}') -%}
+{% do publish_dict.__setitem__(instance_name ~ '-ipv4', '${' ~ section ~ ':connection-tap-ipv4}') -%}
+{% do publish_dict.__setitem__(instance_name ~ '-ipv6', '${' ~ section ~ ':connection-tap-ipv4}') -%}
+{% do publish_dict.__setitem__(instance_name ~ '-ipv6-info', '${' ~ section ~ ':connection-ipv6-network-info}') -%}
 {% do kvm_hostname_list.append(instance_name ~ ' ' ~ '${' ~ section ~ ':connection-tap-ipv4}') -%}
 {% endif -%}
 {% do monitor_base_url_dict.__setitem__(instance_name, '${' ~ section ~ ':connection-monitor-base-url}') -%}

--- a/software/kvm/instance-kvm.cfg.jinja2
+++ b/software/kvm/instance-kvm.cfg.jinja2
@@ -87,7 +87,7 @@ nbd-port = ${slap-parameter:nbd-port}
 nbd2-host = ${slap-parameter:nbd2-host}
 nbd2-port = ${slap-parameter:nbd2-port}

-tap-interface = ${slap-network-information:network-interface}
+tap-interface = {{ tap_name }}

 disk-size = ${slap-parameter:disk-size}
 disk-type = ${slap-parameter:disk-type}
@@ -132,7 +132,7 @@ external-disk-number = ${slap-parameter:external-disk-number}
 external-disk-size = ${slap-parameter:external-disk-size}
 external-disk-format = ${slap-parameter:external-disk-format}

-{% if enable_http == 'true' or ( use_tap == 'true' and tap_network_dict.has_key('ipv4') ) -%}
+{% if enable_http == 'true' or ( use_tap == 'true' and tap_ipv4_addr != "") -%}
 httpd-port = ${slap-parameter:httpd-port}
 {% else -%}
 httpd-port = 0
@@ -410,6 +410,10 @@ password = {{ slapparameter_dict['monitor-password'] }}
 {% endif -%}
 interface-url = {{ slapparameter_dict.get('monitor-interface-url', 'https://monitor.app.officejs.com') }}

+# this helper just gives a blank line to insert in multiline values
+[helper]
+blank-line =
+
 [publish-connection-information]
 <= monitor-publish
 recipe = slapos.cookbook:publish
@@ -418,9 +422,9 @@ backend-url = https://[${novnc-instance:ip}]:${novnc-instance:port}/vnc.html?hos
 url = ${request-slave-frontend:connection-url}/vnc.html?host=${request-slave-frontend:connection-domainname}&port=${request-slave-frontend:connection-port}&encrypt=1&path=${request-slave-frontend:connection-resource}&password=${kvm-controller-parameter-dict:vnc-passwd}
 {% set disk_number = len(storage_dict) -%}
 maximum-extra-disk-amount = {{ disk_number }}
-{% set iface = 'eth0' -%}
+{% set iface = 'ens3' -%}
 {% if use_nat == 'true' -%}
-{%   set iface = 'eth1' -%}
+{%   set iface = 'ens4' -%}
 {%   if nat_rule_list -%}
 # Publish NAT port mapping status
 {%     for port in nat_rule_list.split(' ') -%}
@@ -438,7 +442,8 @@ nat-rule-url-{{port}} = [${slap-network-information:global-ipv6}]:${6tunnel-{{ex
 {%   endif -%}
 {% endif -%}
 {% if use_tap == 'true' -%}
-tap-ipv4 = ${slap-network-information:tap-ipv4}
+tap-ipv4 = {{tap_ipv4_addr}}
+tap-ipv6 = {{tap_ipv6_addr}}
 {% endif -%}

 {% set kvm_http = 'http://${slap-network-information:local-ipv4}:' ~ slapparameter_dict.get('httpd-port', 8081) -%}
@@ -447,42 +452,80 @@ tap-ipv4 = ${slap-network-information:tap-ipv4}
 {%     set kvm_http = 'http://10.0.2.100' -%}
 {%   endif %}
 {%   if slapparameter_dict.get('authorized-key', '') and slapparameter_dict.get('type', '') == 'cluster' -%}
-7_info = Get the publick key file in your VM with the command: wget {{ kvm_http }}/authorized_keys
+key_info = Get the publick key file in your VM with the command: wget {{ kvm_http }}/authorized_keys
 {%   endif %}
 {% endif %}

-{% if use_tap == 'true' and tap_network_dict.has_key('ipv4') -%}
-1_info = Use these configurations below to configure interface {{ iface }} in your VM.
-2_info = ${network-config:ifconfig}
-3_info = ${network-config:route-iface}
-4_info = ${network-config:route-network}
-5_info = ${network-config:route-default}
+{% if use_tap == 'true' and tap_ipv4_addr != "" -%}
+ipv4-network-info =
+  Use these configurations below to configure IPv4 on interface {{ iface }} in your VM.
+  IFACE={{ iface }}
+  ${network-config-ipv4:ifconfig}
+  ${network-config-ipv4:route-iface}
+  ${network-config-ipv4:route-network}
+  ${network-config-ipv4:route-default}
 {% if enable_http == 'true' %}
-6_info = Or run in your VM the command: wget -O- {{ kvm_http }}/netconfig.sh | /bin/sh -
+  ${helper:blank-line}
+  Or run in your VM the command: wget -O- {{ kvm_http }}/netconfig.sh | /bin/sh -
+{% endif %}
 {% endif %}

-[network-config]
+{% if use_tap == 'true' and tap_ipv6_addr != "" -%}
+ipv6-network-info =
+  Use these configurations below to configure IPv6 on interface {{ iface }} in your VM.
+  IFACE={{ iface }}
+  ${network-config-ipv6:ipv6-add-address}
+  ${network-config-ipv6:ipv6-add-default-route}
+{% if enable_http == 'true' %}
+  ${helper:blank-line}
+  Or run in your VM the command: wget -O- {{ kvm_http }}/ipv6_config.sh | /bin/sh -
+{% endif %}
+{% endif %}
+
+
+{% if use_tap == 'true' and tap_ipv4_addr != "" -%}
+[network-config-ipv4]
 recipe = plone.recipe.command
 path = ${directory:public}/netconfig.sh
-ifconfig = ifconfig {{ iface }} ${slap-network-information:tap-ipv4} netmask ${slap-network-information:tap-netmask}
-route-iface = route add ${slap-network-information:tap-gateway} dev {{ iface }}
-route-network = route add -net ${slap-network-information:tap-network} netmask ${slap-network-information:tap-netmask} gw ${slap-network-information:tap-gateway}
-{%   if iface == 'eth0' -%}
-route-default = route add default gw ${slap-network-information:tap-gateway}
-{%   elif nat_restrict == 'true' -%}
-route-default = route add default gw ${slap-network-information:tap-gateway} dev {{ iface }}
+ifconfig = ifconfig $IFACE {{tap_ipv4_addr}} netmask {{tap_ipv4_netmask}}
+route-iface = route add {{tap_ipv4_gateway}} dev $IFACE
+route-network = route add -net {{tap_ipv4_network}} netmask {{tap_ipv4_netmask}} gw {{tap_ipv4_gateway}}
+{%   if nat_restrict == 'true' -%}
+route-default = route add default gw {{tap_ipv4_gateway}} dev $IFACE
 {%   elif global_ipv4_prefix -%}
-route-default = ip route add {{ global_ipv4_prefix }} via ${slap-network-information:tap-gateway} dev {{ iface }} src ${slap-network-information:tap-ipv4}
-{% else -%}
+route-default = ip route add {{ global_ipv4_prefix }} via {tap_ipv4_gateway}} dev $IFACE src {{tap_ipv4_addr}}
+{%   else -%}
 route-default =
 {%   endif -%}
 command =
-  echo "#!/bin/sh" > ${:path}
-  echo "" >> ${:path}
-  echo "${:ifconfig}" >> ${:path}
-  echo "${:route-iface}" >> ${:path}
-  echo "${:route-network}" >> ${:path}
-  echo "${:route-default}" >> ${:path}
+  cat > ${:path} << EOF
+  #!/bin/sh
+  IFACE={{ iface }}
+  #try to be compatible with OS with old names
+  grep eth0 /etc/network/interfaces &> /dev/null && [ $IFACE = ens3 ] && IFACE=eth0
+  grep eth1 /etc/network/interfaces &> /dev/null && [ $IFACE = ens4 ] && IFACE=eth1
+  ${:ifconfig}
+  ${:route-iface}
+  ${:route-network}
+  ${:route-default}
+  EOF
+update-command = ${:command}
+{% endif -%}
+
+{% if use_tap == 'true' and tap_ipv6_addr != "" -%}
+[network-config-ipv6]
+recipe = plone.recipe.command
+path = ${directory:public}/ipv6_config.sh
+ipv6-add-address = ip -6 address add {{tap_ipv6_network }} dev $IFACE
+ipv6-add-default-route =
+  ip -6 route del default ; ip -6 route add default dev $IFACE via {{tap_ipv6_gateway}}
+command =
+  cat > ${:path} << EOF
+  #!/bin/sh
+  IFACE={{ iface }}
+  ${:ipv6-add-address}
+  ${:ipv6-add-default-route}
+  EOF
 update-command = ${:command}
 {% endif -%}

@@ -513,11 +556,11 @@ mode = {{ mode }}
 [publish-host-config]
 recipe = plone.recipe.command
 name = {{ slapparameter_dict.get('name', 'localhost') }}
-{% if use_tap == 'true' and tap_network_dict.has_key('ipv4') -%}
-local-ipv4 = ${slap-network-information:tap-ipv4}
-gateway = ${slap-network-information:tap-gateway}
-netmask = ${slap-network-information:tap-network}
-network = ${slap-network-information:tap-netmask}
+{% if use_tap == 'true' and tap_ipv4_addr != "" -%}
+local-ipv4 = {{tap_ipv4_addr}}
+gateway = {{tap_ipv4_gateway}}
+netmask = {{tap_ipv4_network}}
+network = {{tap_ipv4_netmask}}
 {% else -%}
 local-ipv4 = 127.0.0.1
 gateway =
@@ -576,7 +619,7 @@ template = {{ ansible_promise_tpl }}
 rendered = ${directory:promises}/ansible_{{ name }}
 extensions = jinja2.ext.do
 context =
-  key host slap-network-information:tap-ipv4
+  key host {{ tap_ipv4_addr }}
  raw logs ${directory:public}/ansible
  raw name {{ name }}


--- a/software/kvm/instance.cfg.in
+++ b/software/kvm/instance.cfg.in
@@ -45,17 +45,16 @@ extensions = jinja2.ext.do
 mode = 0644
 extra-context =
 context =
-    key develop_eggs_directory buildout:develop-eggs-directory
-    key eggs_directory buildout:eggs-directory
-    key ipv4 slap-configuration:ipv4
-    key ipv6 slap-configuration:ipv6
-    key global_ipv4_prefix network-information:global-ipv4-network
-    key tap_network_dict slap-configuration:tap-network-information-dict
-    key storage_dict slap-configuration:storage-dict
-    key slapparameter_dict slap-configuration:configuration
-    key computer_id slap-configuration:computer
-    raw openssl_executable_location ${openssl:location}/bin/openssl
-    $${:extra-context}
+  key develop_eggs_directory buildout:develop-eggs-directory
+  key eggs_directory buildout:eggs-directory
+  key ipv4 slap-configuration:ipv4
+  key ipv6 slap-configuration:ipv6
+  key global_ipv4_prefix network-information:global-ipv4-network
+  key storage_dict slap-configuration:storage-dict
+  key slapparameter_dict slap-configuration:configuration
+  key computer_id slap-configuration:computer
+  raw openssl_executable_location ${openssl:location}/bin/openssl
+  $${:extra-context}

 [dynamic-template-kvm-cluster-parameters]

@@ -71,45 +70,45 @@ extra-context =
  raw template_monitor ${monitor2-template:rendered}

 [dynamic-template-kvm]
-recipe = slapos.recipe.template:jinja2
+<= jinja2-template-base
 template = ${template-kvm:location}/instance-kvm.cfg.jinja2
-rendered = $${buildout:directory}/template-kvm.cfg
-extensions = jinja2.ext.do
-context =
-    key develop_eggs_directory buildout:develop-eggs-directory
-    key eggs_directory buildout:eggs-directory
-    key global_ipv4_prefix network-information:global-ipv4-network
-    key slapparameter_dict slap-configuration:configuration
-    key storage_dict slap-configuration:storage-dict
-    key tap_network_dict slap-configuration:tap-network-information-dict
-    raw ansible_promise_tpl ${template-ansible-promise:location}/${template-ansible-promise:filename}
-    raw curl_executable_location ${curl:location}/bin/curl
-    raw dash_executable_location ${dash:location}/bin/dash
-    raw dcron_executable_location ${dcron:location}/sbin/crond
-    raw debian_amd64_netinst_location ${debian-amd64-netinst.iso:location}/${debian-amd64-netinst.iso:filename}
-    raw file_download_script ${file-download-script:location}/${file-download-script:filename}
-    raw logrotate_cfg ${template-logrotate-base:rendered}
-    raw novnc_location ${noVNC:location}
-    raw netcat_bin ${netcat:location}/bin/netcat
-    raw openssl_executable_location ${openssl:location}/bin/openssl
-    raw python_executable ${buildout:executable}
-    raw python_eggs_executable ${buildout:bin-directory}/${eggs:interpreter}
-    raw qemu_executable_location ${kvm:location}/bin/qemu-system-x86_64
-    raw qemu_img_executable_location ${kvm:location}/bin/qemu-img
-    raw qemu_start_promise_tpl ${template-qemu-ready:location}/${template-qemu-ready:filename}
-    raw sixtunnel_executable_location ${6tunnel:location}/bin/6tunnel
-    raw template_httpd_cfg ${template-httpd:rendered}
-    raw template_content ${template-content:location}/${template-content:filename}
-    raw template_kvm_controller_run ${template-kvm-controller:location}/${template-kvm-controller:filename}
-    raw template_kvm_run ${template-kvm-run:location}/${template-kvm-run:filename}
-    raw template_monitor ${monitor2-template:rendered}
-    raw websockify_executable_location ${buildout:directory}/bin/websockify
-    raw wipe_disk_wrapper ${buildout:directory}/bin/securedelete
+filename = template-kvm.cfg
+extra-context =
+  key tap_ipv4_addr slap-configuration:tap-ipv4-addr
+  key tap_ipv4_gateway slap-configuration:tap-ipv4-gateway
+  key tap_ipv4_netmask slap-configuration:tap-ipv4-netmask
+  key tap_ipv4_network slap-configuration:tap-ipv4-network
+  key tap_ipv6_addr slap-configuration:tap-ipv6-addr
+  key tap_ipv6_gateway slap-configuration:tap-ipv6-gateway
+  key tap_ipv6_netmask slap-configuration:tap-ipv6-netmask
+  key tap_ipv6_network slap-configuration:tap-ipv6-network
+  key tap_name slap-configuration:tap-name
+  raw ansible_promise_tpl ${template-ansible-promise:location}/${template-ansible-promise:filename}
+  raw curl_executable_location ${curl:location}/bin/curl
+  raw dash_executable_location ${dash:location}/bin/dash
+  raw dcron_executable_location ${dcron:location}/sbin/crond
+  raw debian_amd64_netinst_location ${debian-amd64-netinst.iso:location}/${debian-amd64-netinst.iso:filename}
+  raw file_download_script ${file-download-script:location}/${file-download-script:filename}
+  raw logrotate_cfg ${template-logrotate-base:rendered}
+  raw novnc_location ${noVNC:location}
+  raw netcat_bin ${netcat:location}/bin/netcat
+  raw python_executable ${buildout:executable}
+  raw python_eggs_executable ${buildout:bin-directory}/${eggs:interpreter}
+  raw qemu_executable_location ${kvm:location}/bin/qemu-system-x86_64
+  raw qemu_img_executable_location ${kvm:location}/bin/qemu-img
+  raw qemu_start_promise_tpl ${template-qemu-ready:location}/${template-qemu-ready:filename}
+  raw sixtunnel_executable_location ${6tunnel:location}/bin/6tunnel
+  raw template_httpd_cfg ${template-httpd:rendered}
+  raw template_content ${template-content:location}/${template-content:filename}
+  raw template_kvm_controller_run ${template-kvm-controller:location}/${template-kvm-controller:filename}
+  raw template_kvm_run ${template-kvm-run:location}/${template-kvm-run:filename}
+  raw template_monitor ${monitor2-template:rendered}
+  raw websockify_executable_location ${buildout:directory}/bin/websockify
+  raw wipe_disk_wrapper ${buildout:directory}/bin/securedelete
 template-parts-destination = ${template-parts:target}
 template-replicated-destination = ${template-replicated:target}
 import-list = file parts :template-parts-destination
              file replicated :template-replicated-destination
-mode = 0644

 [dynamic-template-kvm-resilient]
 recipe = slapos.recipe.template:jinja2

--- a/software/kvm/software.cfg
+++ b/software/kvm/software.cfg
@@ -90,7 +90,7 @@ command =
 [template]
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance.cfg.in
-md5sum = 5a17fc127190bbc19361c5ffb10711b3
+md5sum = 2e3fba2f0f6483e62f19a8d2616554bc
 output = ${buildout:directory}/template.cfg
 mode = 0644

@@ -99,7 +99,7 @@ recipe = hexagonit.recipe.download
 ignore-existing = true
 url = ${:_profile_base_location_}/instance-kvm.cfg.jinja2
 mode = 644
-md5sum = 0668791e78430bafdec5300b4ea8d90a
+md5sum = b74ab4ea985d44b4f1385a424958411d
 download-only = true
 on-update = true

@@ -108,7 +108,7 @@ recipe = hexagonit.recipe.download
 ignore-existing = true
 url = ${:_profile_base_location_}/instance-kvm-cluster.cfg.jinja2.in
 mode = 644
-md5sum = 1282296397d445ccae59e6de7915840c
+md5sum = c17903ba4d73361431851914f5ae549d
 download-only = true
 on-update = true