From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id mJFwHzBreWG4IwAAgWs5BA (envelope-from ) for ; Wed, 27 Oct 2021 17:07:28 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id GNQ0GzBreWFaTQAAB5/wlQ (envelope-from ) for ; Wed, 27 Oct 2021 15:07:28 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 09D433694F for ; Wed, 27 Oct 2021 17:07:28 +0200 (CEST) Received: from localhost ([::1]:60094 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mfkWV-0007nn-4M for larch@yhetil.org; Wed, 27 Oct 2021 11:07:27 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:42212) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mfjTJ-0005pn-HR for guix-patches@gnu.org; Wed, 27 Oct 2021 10:00:10 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:38492) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mfjTI-0004eT-5n for guix-patches@gnu.org; Wed, 27 Oct 2021 10:00:05 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1mfjTG-0000FM-B1; Wed, 27 Oct 2021 10:00:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#51440] [PATCH 00/10] Declarative static networking interface Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: julien@lepiller.eu, guix-patches@gnu.org Resent-Date: Wed, 27 Oct 2021 14:00:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 51440 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 51440@debbugs.gnu.org Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= , Julien Lepiller X-Debbugs-Original-To: guix-patches@gnu.org X-Debbugs-Original-Xcc: Julien Lepiller Received: via spool by submit@debbugs.gnu.org id=B.1635343174860 (code B ref -1); Wed, 27 Oct 2021 14:00:02 +0000 Received: (at submit) by debbugs.gnu.org; 27 Oct 2021 13:59:34 +0000 Received: from localhost ([127.0.0.1]:50037 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mfjSo-0000Do-AF for submit@debbugs.gnu.org; Wed, 27 Oct 2021 09:59:34 -0400 Received: from lists.gnu.org ([209.51.188.17]:34660) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mfjSm-0000De-C3 for submit@debbugs.gnu.org; Wed, 27 Oct 2021 09:59:33 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:42134) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mfjSl-0004ZL-Va for guix-patches@gnu.org; Wed, 27 Oct 2021 09:59:31 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:37832) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mfjSk-0004ag-Vv; Wed, 27 Oct 2021 09:59:31 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:Date:Subject:To:From:in-reply-to: references; bh=eO6PxoXTDnqRtHxcrmmY/QY73k1nb+Y98hVvC6ZiSk0=; b=CusXH/ocOkS6ii RjhMU/trn4fjVoDVNqWQt4w/8ylPLPBcaGfazfodCOJYxaC7a69dA1BZzb03Dr7XI/1Cge/sG7vw9 /4FQSPl5s1UFztA6GyEO5W+jmdBT4fO+B40BdK/9of3DSmjzX22yZSTt03ugTWCrVO+D0E6x7sRSg J/jwoFUqx9awC3QnjO1IN4lBLfl1wS1j83kt3G0ZaaUOaFMRajji07yFg5E0/DWISOHk/aydrbUw7 g6ymmcdBATunoNAtALzXkAAu1DLTC9jcbV4t4Q1i2f58JJcM08xC6m5T+CabKtg/Po9wlUVWeygN+ XRfxWwpOasLZJG/kCbkA==; Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201]:54230 helo=gnu.org) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mfjSk-0007wg-IK; Wed, 27 Oct 2021 09:59:30 -0400 From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Date: Wed, 27 Oct 2021 15:59:18 +0200 Message-Id: <20211027135918.18833-1-ludo@gnu.org> X-Mailer: git-send-email 2.33.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1635347248; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=eO6PxoXTDnqRtHxcrmmY/QY73k1nb+Y98hVvC6ZiSk0=; b=USpfeBxnn4CSWDD1EoM6vx1tyYGaBXgrEthzl2fqNJqDm3izkPRcO6MMSRjIH3+5aCrSSc aRn7XCgcN8M33N/y8qEpwSzjhu9pXHPS10v0IEhULNxaQeQZ1T7o2An2KQ0txybXGj6DSd VAOkVXyuPnb1WCLOEX6kDbgqC7SUmFOO9N+BiAOzFiZj89x9alOijW3q0Pi8N7JA6sobzp i/s5uEAzaJvu8wm6cXtSY7pgY+OCAweb3p/ma4Mk5atiGjtBrtHnar0WkXa2XyzlSwkcnQ WZRDBVBPliccwX2VNFU619pPAmZCg0/mXAFlPiJPX9cBoSSAY9QqsajcZ7/IRQ== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1635347248; a=rsa-sha256; cv=none; b=qyn9NV9VLt1OgGKUUcPNjm+nvglkKhVNSbhE1zMcg5nzvMu+oC7ZCX/9x1uCK9Mw3VIpCp p3rDYCl3UkvyOES9VWhCypR8CWMFYiVdSTo1KW+nVTtOTo5kfoaWJJcQKSW8iJU8wk4oaq 5PVsESQlcTDvgTfkBDJyT5i+AgpQY2WJReSACnOxxP5cAw2l8r/h7UatK/sPgB+RBUrM4l 0OITQaUmJ4buOosu1i8X//LOiay962qOZtHRL4cXX5YjehPNL/1OtVJzJBSOW2WeOredD/ 0LscS2b9WBC3f+GJjEFTH3xWBvGZe1rSkk6RRYQN4in81iEUjnsBM+YNRLxE7w== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gnu.org header.s=fencepost-gnu-org header.b="CusXH/oc"; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Spam-Score: -0.43 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gnu.org header.s=fencepost-gnu-org header.b="CusXH/oc"; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Queue-Id: 09D433694F X-Spam-Score: -0.43 X-Migadu-Scanner: scn0.migadu.com X-TUID: aU+h02LW8FJE Hi! This patch set builds on Julien’s neat Guile-Netlink to finally provide a proper static networking configuration interface. One can now write things like: (service static-networking-service-type ;; Network configuration for one NIC, IPv4 + IPv6. (static-networking (addresses (list (network-address (device "eno1") (value "10.0.2.15/24")) (network-address (device "eno1") (value "2001:123:4567:101::1")))) (routes (list (network-route (destination "default") (gateway "10.0.2.2")) (network-route (destination "default") (gateway "2020:321:4567:42::1")))) (name-servers '("10.0.2.3")))) For the record, the ‘static-networking-service’ procedure currently in ‘master’ is IPv4-only and would not allow you to assign more than one address to an interface anyway, among other limitations. These long-overdue patches close an embarrassing gap. The interface provided here is a direct mapping of that of Guile-Netlink, which is the same as that of the ‘ip’ command, itself closely modeled after Linux’s internal interfaces AIUI. Thus, it should be roughly as expressive as ‘ip’, but declarative. I’m not a network person though, so I’d appreciate if more knowledgeable people would take a look at the interface. In particular, I’d like to have examples of ‘links’ to include in the manual—I’m not quite sure how to use that. Ideas? This patches preserve backward-compatibility: the ‘static-networking-service’ procedure still works the same. There’s one observable difference though: there’s only one ‘networking’ Shepherd service now; you no longer get ‘networking-eno1’ and similar. The ‘static-networking’ constructor was public since commit c9436025a90b86047ba2203d58bbf238f8f9b2f9 but undocumented; thus I changed the fields of without worrying about compatibility. I tested this with: make check-system \ TESTS="static-networking openvswitch ganeti-kvm dhcpd childhurd" I would appreciate more testing, including tests on the bare metal for IPv6 support. Ensuring portability to GNU/Hurd took me more time than I’d have thought, but it works. “Links” are not supported there, and only “default” routes are supported. I took a detour in commit “Use Guile-Netlink on GNU/Linux”: that patch shows that I was blissfully hoping to use good’ol ioctls on GNU/Hurd, but that turned out to be a dead end because they don’t support IPv6 (which really isn’t a surprise but I don’t know, I must have been lacking focus at that point of my journey!). With all this I think we should be able to do “cool things with containers”, but again, that’s not my area of expertise so please do chime in if you container networking is your thing. Feedback welcome! Ludo’. Ludovic Courtès (10): tests: Add 'static-networking' test. tests: openvswitch: Check whether ovs0 is up. doc: Add new "Networking Setup" node for the main setup options. gnu: guile-netlink: Allow cross-compilation. services: static-networking: Use Guile-Netlink on GNU/Linux. services: secret-service: Turn into a Shepherd service. services: static-networking: Change interface to mimic netlink. services: Define '%qemu-static-networking'. services: Define '%loopback-static-networking'. tests: Replace uses of deprecated 'static-networking-service'. doc/guix.texi | 505 ++++++++++++++++++++++---------- gnu/build/hurd-boot.scm | 10 +- gnu/build/secret-service.scm | 17 +- gnu/packages/guile-xyz.scm | 11 +- gnu/services/base.scm | 391 +++++++++++++++++++------ gnu/services/virtualization.scm | 45 ++- gnu/system/hurd.scm | 12 +- gnu/system/install.scm | 5 +- gnu/tests/ganeti.scm | 7 +- gnu/tests/networking.scm | 141 ++++++++- 10 files changed, 851 insertions(+), 293 deletions(-) base-commit: 0a42998a50e8bbe9e49142b21a570db00efe7491 -- 2.33.0