Commit Graph

35 Commits

Author SHA1 Message Date
Joshua Boniface f326fd99e2 Properly fix IPv4 no-DHCP networking 2020-01-06 22:31:37 -05:00
Joshua Boniface bbfadac5e1 Fix dnsmasq options for DHCP-disabled networks 2020-01-06 16:04:26 -05:00
Joshua Boniface 7b3e267f7a Implement bridge_device for bridged VNIs
Required due to #64. Bridged networks were being created on top of a
vLAN if the Cluster network was a vLAN device, rather than being created
on the underlying device. This came from a previous revision of the
cluster architecture guidelines where Cluster was supposed to be a raw
device rather than a vLAN. This fixed the problem by implementing a
configuration field for a "bridge_device", a NIC device that can then
have the bridged vLANs created on top of it.

Fixes #64
2020-01-06 14:44:56 -05:00
Joshua Boniface 78f053d81f Recreate network in aggregator if DNS changes 2019-12-13 00:03:47 -05:00
Joshua Boniface 0a8dd30a48 Restart dnsmasq when network details change 2019-12-12 23:51:22 -05:00
Joshua Boniface 88a181b20d Allow metadata API in nft rules 2019-12-11 17:04:29 -05:00
Joshua Boniface 1fb560e996 Add DNS nameservers to networks 2019-12-08 23:55:45 -05:00
Joshua Boniface 03447d3374 Update copyright string year to include 2019 2019-10-13 12:09:51 -04:00
Joshua Boniface 7380f45b1b Improve dnsmasq interface handling
listen-address is enough; adding interface too causes weird issues where
dnsmasq is listening on an IPv6 global wildcard too which conflicts with
the PowerDNS instance.
2019-07-31 10:03:56 -04:00
Joshua Boniface 3e591bd09e Remove extra whitespaces on blank lines 2019-06-25 22:33:23 -04:00
Joshua Boniface 85a5a8a0c9 Disable tx offloading on bridge interfaces
Reference: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717215#68

Without this, DHCP fails when traversing only the local bridge, for
Debian Jessie or earlier (and possibly other OSes as well), due to the
missing UDP checksums. This disables the offload and hence reenables
the checksums even on the software-only bridge.

Also rearranged the steps and added comments arround this section to
better clarify what each command is doing.
2019-06-25 12:36:37 -04:00
Joshua Boniface 46a416bc78 Use a proper variable for vni_mtu 2019-06-18 00:01:12 -04:00
Joshua Boniface e70255dbd6 Support configurable interface MTUs
MTUs were hardcoded at 9000, which breaks if the underlying interface
or network switch does not support jumbo frames, a possible deployment
limitation. This has non-obvious consequences due to MTU mismatches
for certain services (Ceph, Zookeeper, etc.).

This commit adds support for configurable MTUs for each interface,
set in pvcd.yaml. The example has been updated to reflect this, with
a default of 1500 (the Ethernet standard).

This commit also adds autoconfiguration of the VNI device MTU based
on the `vni_mtu` value, the same for bridge networks and minus 50
(rather than 200 from the hardcoded value, based on the following
resource [1]) for VXLAN networks.

[1] http://ipengineer.net/2014/06/vxlan-mtu-vs-ip-mtu-consideration/
2019-06-17 23:34:48 -04:00
Joshua Boniface deb4247e25 Only remove gateways when managed 2019-03-17 13:19:44 -04:00
Joshua Boniface 3df8365851 Only manage DHCP on managed networks 2019-03-17 12:36:39 -04:00
Joshua Boniface c52a1845e3 Don't create gateways or rules unless managed 2019-03-17 12:33:54 -04:00
Joshua Boniface 12bc3acf85 Use vmbr name for Bridge interfaces 2019-03-17 00:19:01 -04:00
Joshua Boniface 946442ae38 Add support for bridge-only VNIs 2019-03-15 13:54:11 -04:00
Joshua Boniface 411dc22384 Add newly-required auth-server directive in dnsmasq 2018-12-05 23:54:16 -05:00
Joshua Boniface 397c61f6bf Disable DAD on bridge NICs 2018-11-27 22:19:14 -05:00
Joshua Boniface 38c9e71144 Fix last few options for DHCPv6
Closes #26
2018-11-20 20:59:48 -05:00
Joshua Boniface b1d0b6e62f Fix up the remaining DHCPv6 setup 2018-11-18 00:55:34 -05:00
Joshua Boniface 4c1e1b4622 Make everything work with dual-stack 2018-11-14 00:26:52 -05:00
Joshua Boniface d8796fd6d6 Move IP creation/removal to common function 2018-10-27 16:31:31 -04:00
Joshua Boniface 73755ae4a9 Allow NTP in to the router in NFT 2018-10-25 11:43:38 -04:00
Joshua Boniface 12c55d6b7a Just push out the gateway for NTP since mcast won't work 2018-10-24 01:13:47 -04:00
Joshua Boniface 7d9426dd65 Add NTP to dnsmasq DHCP; move mkdir of dnsmasq_hostsdir to init 2018-10-24 01:04:04 -04:00
Joshua Boniface 187a572c13 Make a whole bunch of things work 2018-10-17 20:05:22 -04:00
Joshua Boniface 87d1c7513e Add floating IPs and better termination of daemons 2018-10-17 00:23:43 -04:00
Joshua Boniface 1b49f70b3c Tweaks to the dameon operation 2018-10-15 22:22:34 -04:00
Joshua Boniface c13a4e84af Add DNS aggregator via PowerDNS and sqlite3 2018-10-15 21:09:40 -04:00
Joshua Boniface a5c76c5d41 Use new-style class definitions 2018-10-14 22:14:29 -04:00
Joshua Boniface a3b1445bf1 Support configuring upstream interface on coordinators 2018-10-14 21:58:19 -04:00
Joshua Boniface 2e2459c63c Some cleanups and fix bridge interface bug 2018-10-14 18:35:57 -04:00
Joshua Boniface f198f62563 Massive rejigger into single daemon
Completely restructure the daemon code to move the 4 discrete daemons
into a single daemon that can be run on every hypervisor. Introduce the
idea of a static list of "coordinator" nodes which are configured at
install time to run Zookeeper and FRR in router mode, and which are
allowed to take on client network management duties (gateway, DHCP, DNS,
etc.) while also allowing them to run VMs (i.e. no dedicated "router"
nodes required).
2018-10-14 02:40:54 -04:00