[pve-devel] [PATCH pve-network 5/5] api: add rollback endpoint

Fri, 28 Feb 2025 05:06:43 -0800 

This adds the functionality of rolling back the pending configuration
to the currently running configuration, resetting all changes made
since last applying the SDN configuration. This is mainly thought as
an escape hatch for failed PDM transactions.

You can invoke the endpoint via CLI:

  pvesh create /cluster/sdn/rollback [--lock-secret X [--release-lock]]

If a lock is currently held on the configuration and you want to
forcibly rollback, you need to release the lock first via the
lock_release API endpoint.

Signed-off-by: Stefan Hanreich <s.hanre...@proxmox.com>
---
 src/PVE/API2/Network/SDN.pm | 49 +++++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)

diff --git a/src/PVE/API2/Network/SDN.pm b/src/PVE/API2/Network/SDN.pm
index 3377f76..0f1c547 100644
--- a/src/PVE/API2/Network/SDN.pm
+++ b/src/PVE/API2/Network/SDN.pm
@@ -180,6 +180,55 @@ __PACKAGE__->register_method({
     }
 });
 
+__PACKAGE__->register_method({
+    name => 'rollback',
+    protected => 1,
+    path => 'rollback',
+    method => 'POST',
+    description => "Rollback pending changes to SDN configuration",
+    permissions => {
+       check => ['perm', '/sdn', ['SDN.Allocate']],
+    },
+    parameters => {
+       additionalProperties => 0,
+       properties => {
+           'lock-secret' => get_standard_option('pve-sdn-lock-secret'),
+           'release-lock' => {
+               type => 'boolean',
+               optional => 1,
+               default => 1,
+               description => 'When lock-secret has been provided and 
configuration successfully rollbacked, release the lock automatically 
afterwards',
+           }
+       },
+    },
+    returns => {
+       type => 'null',
+    },
+    code => sub {
+       my ($param) = @_;
+
+       my $lock_secret = extract_param($param, 'lock-secret');
+       my $release_lock = extract_param($param, 'release-lock');
+
+       my $rollback = sub {
+           my $running_config = PVE::Network::SDN::running_config();
+
+           PVE::Network::SDN::Zones::write_config($running_config->{zones});
+           PVE::Network::SDN::Vnets::write_config($running_config->{vnets});
+           
PVE::Network::SDN::Subnets::write_config($running_config->{subnets});
+           
PVE::Network::SDN::Controllers::write_config($running_config->{controllers});
+
+           PVE::Network::SDN::delete_global_lock() if $lock_secret && 
$release_lock;
+       };
+
+       PVE::Network::SDN::lock_sdn_config(
+           $rollback,
+           "could not rollback SDN configuration",
+           $lock_secret
+       );
+    }
+});
+
 __PACKAGE__->register_method ({
     name => 'reload',
     protected => 1,
-- 
2.39.5


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

Reply via email to