]>
Commit | Line | Data |
---|---|---|
f76a2828 DM |
1 | package PVE::API2::LXC; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | ||
6 | use PVE::SafeSyslog; | |
7 | use PVE::Tools qw(extract_param run_command); | |
8 | use PVE::Exception qw(raise raise_param_exc); | |
9 | use PVE::INotify; | |
9c2d4ce9 | 10 | use PVE::Cluster qw(cfs_read_file); |
f76a2828 DM |
11 | use PVE::AccessControl; |
12 | use PVE::Storage; | |
13 | use PVE::RESTHandler; | |
14 | use PVE::RPCEnvironment; | |
15 | use PVE::LXC; | |
5c752bbf | 16 | use PVE::HA::Config; |
f76a2828 DM |
17 | use PVE::JSONSchema qw(get_standard_option); |
18 | use base qw(PVE::RESTHandler); | |
19 | ||
20 | use Data::Dumper; # fixme: remove | |
21 | ||
22 | my $get_container_storage = sub { | |
23 | my ($stcfg, $vmid, $lxc_conf) = @_; | |
24 | ||
25 | my $path = $lxc_conf->{'lxc.rootfs'}; | |
26 | my ($vtype, $volid) = PVE::Storage::path_to_volume_id($stcfg, $path); | |
27 | my ($sid, $volname) = PVE::Storage::parse_volume_id($volid, 1) if $volid; | |
28 | return wantarray ? ($sid, $volname, $path) : $sid; | |
29 | }; | |
30 | ||
31 | my $check_ct_modify_config_perm = sub { | |
32 | my ($rpcenv, $authuser, $vmid, $pool, $key_list) = @_; | |
5c752bbf | 33 | |
f76a2828 DM |
34 | return 1 if $authuser ne 'root@pam'; |
35 | ||
36 | foreach my $opt (@$key_list) { | |
37 | ||
38 | if ($opt eq 'cpus' || $opt eq 'cpuunits' || $opt eq 'cpulimit') { | |
39 | $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.CPU']); | |
40 | } elsif ($opt eq 'disk') { | |
41 | $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Disk']); | |
42 | } elsif ($opt eq 'memory' || $opt eq 'swap') { | |
43 | $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Memory']); | |
5c752bbf | 44 | } elsif ($opt =~ m/^net\d+$/ || $opt eq 'nameserver' || |
f76a2828 DM |
45 | $opt eq 'searchdomain' || $opt eq 'hostname') { |
46 | $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Network']); | |
47 | } else { | |
48 | $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Options']); | |
49 | } | |
50 | } | |
51 | ||
52 | return 1; | |
53 | }; | |
54 | ||
55 | ||
56 | __PACKAGE__->register_method({ | |
5c752bbf DM |
57 | name => 'vmlist', |
58 | path => '', | |
f76a2828 DM |
59 | method => 'GET', |
60 | description => "LXC container index (per node).", | |
61 | permissions => { | |
62 | description => "Only list CTs where you have VM.Audit permissons on /vms/<vmid>.", | |
63 | user => 'all', | |
64 | }, | |
65 | proxyto => 'node', | |
66 | protected => 1, # /proc files are only readable by root | |
67 | parameters => { | |
68 | additionalProperties => 0, | |
69 | properties => { | |
70 | node => get_standard_option('pve-node'), | |
71 | }, | |
72 | }, | |
73 | returns => { | |
74 | type => 'array', | |
75 | items => { | |
76 | type => "object", | |
77 | properties => {}, | |
78 | }, | |
79 | links => [ { rel => 'child', href => "{vmid}" } ], | |
80 | }, | |
81 | code => sub { | |
82 | my ($param) = @_; | |
83 | ||
84 | my $rpcenv = PVE::RPCEnvironment::get(); | |
85 | my $authuser = $rpcenv->get_user(); | |
86 | ||
87 | my $vmstatus = PVE::LXC::vmstatus(); | |
88 | ||
89 | my $res = []; | |
90 | foreach my $vmid (keys %$vmstatus) { | |
91 | next if !$rpcenv->check($authuser, "/vms/$vmid", [ 'VM.Audit' ], 1); | |
92 | ||
93 | my $data = $vmstatus->{$vmid}; | |
94 | $data->{vmid} = $vmid; | |
95 | push @$res, $data; | |
96 | } | |
97 | ||
98 | return $res; | |
5c752bbf | 99 | |
f76a2828 DM |
100 | }}); |
101 | ||
9c2d4ce9 | 102 | __PACKAGE__->register_method({ |
5c752bbf DM |
103 | name => 'create_vm', |
104 | path => '', | |
9c2d4ce9 DM |
105 | method => 'POST', |
106 | description => "Create or restore a container.", | |
107 | permissions => { | |
108 | user => 'all', # check inside | |
109 | description => "You need 'VM.Allocate' permissions on /vms/{vmid} or on the VM pool /pool/{pool}. " . | |
110 | "For restore, it is enough if the user has 'VM.Backup' permission and the VM already exists. " . | |
111 | "You also need 'Datastore.AllocateSpace' permissions on the storage.", | |
112 | }, | |
113 | protected => 1, | |
114 | proxyto => 'node', | |
115 | parameters => { | |
116 | additionalProperties => 0, | |
117 | properties => PVE::LXC::json_config_properties({ | |
118 | node => get_standard_option('pve-node'), | |
119 | vmid => get_standard_option('pve-vmid'), | |
120 | ostemplate => { | |
121 | description => "The OS template or backup file.", | |
5c752bbf | 122 | type => 'string', |
9c2d4ce9 DM |
123 | maxLength => 255, |
124 | }, | |
5c752bbf DM |
125 | password => { |
126 | optional => 1, | |
9c2d4ce9 DM |
127 | type => 'string', |
128 | description => "Sets root password inside container.", | |
168d6b07 | 129 | minLength => 5, |
9c2d4ce9 DM |
130 | }, |
131 | storage => get_standard_option('pve-storage-id', { | |
132 | description => "Target storage.", | |
133 | default => 'local', | |
134 | optional => 1, | |
135 | }), | |
136 | force => { | |
5c752bbf | 137 | optional => 1, |
9c2d4ce9 DM |
138 | type => 'boolean', |
139 | description => "Allow to overwrite existing container.", | |
140 | }, | |
141 | restore => { | |
5c752bbf | 142 | optional => 1, |
9c2d4ce9 DM |
143 | type => 'boolean', |
144 | description => "Mark this as restore task.", | |
145 | }, | |
5c752bbf | 146 | pool => { |
9c2d4ce9 DM |
147 | optional => 1, |
148 | type => 'string', format => 'pve-poolid', | |
149 | description => "Add the VM to the specified pool.", | |
150 | }, | |
151 | }), | |
152 | }, | |
5c752bbf | 153 | returns => { |
9c2d4ce9 DM |
154 | type => 'string', |
155 | }, | |
156 | code => sub { | |
157 | my ($param) = @_; | |
158 | ||
159 | my $rpcenv = PVE::RPCEnvironment::get(); | |
160 | ||
161 | my $authuser = $rpcenv->get_user(); | |
162 | ||
163 | my $node = extract_param($param, 'node'); | |
164 | ||
165 | my $vmid = extract_param($param, 'vmid'); | |
166 | ||
167 | my $basecfg_fn = PVE::LXC::config_file($vmid); | |
168 | ||
169 | my $same_container_exists = -f $basecfg_fn; | |
170 | ||
171 | my $restore = extract_param($param, 'restore'); | |
172 | ||
173 | my $force = extract_param($param, 'force'); | |
174 | ||
175 | if (!($same_container_exists && $restore && $force)) { | |
176 | PVE::Cluster::check_vmid_unused($vmid); | |
177 | } | |
5c752bbf | 178 | |
9c2d4ce9 DM |
179 | my $password = extract_param($param, 'password'); |
180 | ||
181 | my $storage = extract_param($param, 'storage') || 'local'; | |
182 | ||
183 | my $pool = extract_param($param, 'pool'); | |
5c752bbf | 184 | |
9c2d4ce9 DM |
185 | my $storage_cfg = cfs_read_file("storage.cfg"); |
186 | ||
187 | my $scfg = PVE::Storage::storage_check_node($storage_cfg, $storage, $node); | |
188 | ||
189 | raise_param_exc({ storage => "storage '$storage' does not support container root directories"}) | |
190 | if !$scfg->{content}->{rootdir}; | |
191 | ||
192 | my $private = PVE::Storage::get_private_dir($storage_cfg, $storage, $vmid); | |
193 | ||
194 | if (defined($pool)) { | |
195 | $rpcenv->check_pool_exist($pool); | |
196 | $rpcenv->check_perm_modify($authuser, "/pool/$pool"); | |
5c752bbf | 197 | } |
9c2d4ce9 DM |
198 | |
199 | if ($rpcenv->check($authuser, "/vms/$vmid", ['VM.Allocate'], 1)) { | |
200 | # OK | |
201 | } elsif ($pool && $rpcenv->check($authuser, "/pool/$pool", ['VM.Allocate'], 1)) { | |
202 | # OK | |
203 | } elsif ($restore && $force && $same_container_exists && | |
204 | $rpcenv->check($authuser, "/vms/$vmid", ['VM.Backup'], 1)) { | |
205 | # OK: user has VM.Backup permissions, and want to restore an existing VM | |
206 | } else { | |
207 | raise_perm_exc(); | |
208 | } | |
209 | ||
210 | &$check_ct_modify_config_perm($rpcenv, $authuser, $vmid, $pool, [ keys %$param]); | |
211 | ||
212 | PVE::Storage::activate_storage($storage_cfg, $storage); | |
213 | ||
214 | my $ostemplate = extract_param($param, 'ostemplate'); | |
5c752bbf | 215 | |
9c2d4ce9 DM |
216 | my $archive; |
217 | ||
218 | if ($ostemplate eq '-') { | |
5c752bbf | 219 | die "archive pipe not implemented\n" |
9c2d4ce9 DM |
220 | # $archive = '-'; |
221 | } else { | |
222 | $rpcenv->check_volume_access($authuser, $storage_cfg, $vmid, $ostemplate); | |
223 | $archive = PVE::Storage::abs_filesystem_path($storage_cfg, $ostemplate); | |
224 | } | |
225 | ||
9c2d4ce9 | 226 | my $conf = {}; |
5c752bbf | 227 | |
93285df8 DM |
228 | $param->{hostname} ||= "CT$vmid"; |
229 | $param->{memory} ||= 512; | |
44da0641 | 230 | $param->{swap} = 512 if !defined($param->{swap}); |
93285df8 DM |
231 | |
232 | PVE::LXC::update_lxc_config($vmid, $conf, 0, $param); | |
233 | ||
234 | # assigng default names, so that we can configure network with LXCSetup | |
235 | foreach my $k (keys %$conf) { | |
236 | next if $k !~ m/^net(\d+)$/; | |
237 | my $d = $conf->{$k}; | |
238 | my $ind = $1; | |
239 | $d->{name} = "eth$ind"; | |
240 | } | |
241 | ||
9c2d4ce9 DM |
242 | my $code = sub { |
243 | my $temp_conf_fn = PVE::LXC::write_temp_config($vmid, $conf); | |
244 | ||
245 | my $cmd = ['lxc-create', '-f', $temp_conf_fn, '-t', 'pve', '-n', $vmid, | |
246 | '--', '--archive', $archive]; | |
247 | ||
168d6b07 DM |
248 | if (defined($password)) { |
249 | push $cmd, '--password', $password | |
250 | } | |
251 | ||
9c2d4ce9 DM |
252 | eval { PVE::Tools::run_command($cmd); }; |
253 | my $err = $@; | |
254 | ||
255 | unlink $temp_conf_fn; | |
256 | ||
257 | die $err if $err; | |
258 | }; | |
5c752bbf | 259 | |
9c2d4ce9 DM |
260 | my $realcmd = sub { PVE::LXC::lock_container($vmid, 1, $code); }; |
261 | ||
5c752bbf | 262 | return $rpcenv->fork_worker($param->{restore} ? 'vzrestore' : 'vzcreate', |
9c2d4ce9 | 263 | $vmid, $authuser, $realcmd); |
5c752bbf | 264 | |
9c2d4ce9 DM |
265 | }}); |
266 | ||
f76a2828 | 267 | my $vm_config_perm_list = [ |
5c752bbf DM |
268 | 'VM.Config.Disk', |
269 | 'VM.Config.CPU', | |
270 | 'VM.Config.Memory', | |
271 | 'VM.Config.Network', | |
f76a2828 DM |
272 | 'VM.Config.Options', |
273 | ]; | |
274 | ||
275 | __PACKAGE__->register_method({ | |
5c752bbf DM |
276 | name => 'update_vm', |
277 | path => '{vmid}/config', | |
f76a2828 DM |
278 | method => 'PUT', |
279 | protected => 1, | |
280 | proxyto => 'node', | |
281 | description => "Set container options.", | |
282 | permissions => { | |
283 | check => ['perm', '/vms/{vmid}', $vm_config_perm_list, any => 1], | |
284 | }, | |
285 | parameters => { | |
286 | additionalProperties => 0, | |
287 | properties => PVE::LXC::json_config_properties( | |
288 | { | |
289 | node => get_standard_option('pve-node'), | |
290 | vmid => get_standard_option('pve-vmid'), | |
ec52ac21 DM |
291 | delete => { |
292 | type => 'string', format => 'pve-configid-list', | |
293 | description => "A list of settings you want to delete.", | |
294 | optional => 1, | |
295 | }, | |
f76a2828 DM |
296 | digest => { |
297 | type => 'string', | |
298 | description => 'Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.', | |
299 | maxLength => 40, | |
5c752bbf | 300 | optional => 1, |
f76a2828 DM |
301 | } |
302 | }), | |
303 | }, | |
304 | returns => { type => 'null'}, | |
305 | code => sub { | |
306 | my ($param) = @_; | |
307 | ||
308 | my $rpcenv = PVE::RPCEnvironment::get(); | |
309 | ||
310 | my $authuser = $rpcenv->get_user(); | |
311 | ||
312 | my $node = extract_param($param, 'node'); | |
313 | ||
314 | my $vmid = extract_param($param, 'vmid'); | |
315 | ||
316 | my $digest = extract_param($param, 'digest'); | |
317 | ||
318 | die "no options specified\n" if !scalar(keys %$param); | |
319 | ||
ec52ac21 DM |
320 | my $delete_str = extract_param($param, 'delete'); |
321 | my @delete = PVE::Tools::split_list($delete_str); | |
5c752bbf | 322 | |
ec52ac21 | 323 | &$check_ct_modify_config_perm($rpcenv, $authuser, $vmid, undef, [@delete]); |
5c752bbf | 324 | |
ec52ac21 DM |
325 | foreach my $opt (@delete) { |
326 | raise_param_exc({ delete => "you can't use '-$opt' and " . | |
327 | "-delete $opt' at the same time" }) | |
328 | if defined($param->{$opt}); | |
5c752bbf | 329 | |
ec52ac21 DM |
330 | if (!PVE::LXC::option_exists($opt)) { |
331 | raise_param_exc({ delete => "unknown option '$opt'" }); | |
332 | } | |
333 | } | |
334 | ||
f76a2828 DM |
335 | &$check_ct_modify_config_perm($rpcenv, $authuser, $vmid, undef, [keys %$param]); |
336 | ||
337 | my $code = sub { | |
338 | ||
339 | my $conf = PVE::LXC::load_config($vmid); | |
340 | ||
341 | PVE::Tools::assert_if_modified($digest, $conf->{digest}); | |
342 | ||
93285df8 | 343 | my $running = PVE::LXC::check_running($vmid); |
ec52ac21 | 344 | |
93285df8 | 345 | PVE::LXC::update_lxc_config($vmid, $conf, $running, $param, \@delete); |
ec52ac21 DM |
346 | |
347 | PVE::LXC::write_config($vmid, $conf); | |
f76a2828 DM |
348 | }; |
349 | ||
350 | PVE::LXC::lock_container($vmid, undef, $code); | |
351 | ||
352 | return undef; | |
353 | }}); | |
354 | ||
355 | __PACKAGE__->register_method ({ | |
5c752bbf | 356 | subclass => "PVE::API2::Firewall::CT", |
f76a2828 DM |
357 | path => '{vmid}/firewall', |
358 | }); | |
359 | ||
360 | __PACKAGE__->register_method({ | |
361 | name => 'vmdiridx', | |
5c752bbf | 362 | path => '{vmid}', |
f76a2828 DM |
363 | method => 'GET', |
364 | proxyto => 'node', | |
365 | description => "Directory index", | |
366 | permissions => { | |
367 | user => 'all', | |
368 | }, | |
369 | parameters => { | |
370 | additionalProperties => 0, | |
371 | properties => { | |
372 | node => get_standard_option('pve-node'), | |
373 | vmid => get_standard_option('pve-vmid'), | |
374 | }, | |
375 | }, | |
376 | returns => { | |
377 | type => 'array', | |
378 | items => { | |
379 | type => "object", | |
380 | properties => { | |
381 | subdir => { type => 'string' }, | |
382 | }, | |
383 | }, | |
384 | links => [ { rel => 'child', href => "{subdir}" } ], | |
385 | }, | |
386 | code => sub { | |
387 | my ($param) = @_; | |
388 | ||
389 | # test if VM exists | |
e901d418 | 390 | my $conf = PVE::LXC::load_config($param->{vmid}); |
f76a2828 DM |
391 | |
392 | my $res = [ | |
393 | { subdir => 'config' }, | |
fff3a342 DM |
394 | { subdir => 'status' }, |
395 | { subdir => 'vncproxy' }, | |
396 | { subdir => 'vncwebsocket' }, | |
397 | { subdir => 'spiceproxy' }, | |
398 | { subdir => 'migrate' }, | |
f76a2828 DM |
399 | # { subdir => 'initlog' }, |
400 | { subdir => 'rrd' }, | |
401 | { subdir => 'rrddata' }, | |
402 | { subdir => 'firewall' }, | |
403 | ]; | |
5c752bbf | 404 | |
f76a2828 DM |
405 | return $res; |
406 | }}); | |
407 | ||
408 | __PACKAGE__->register_method({ | |
5c752bbf DM |
409 | name => 'rrd', |
410 | path => '{vmid}/rrd', | |
f76a2828 DM |
411 | method => 'GET', |
412 | protected => 1, # fixme: can we avoid that? | |
413 | permissions => { | |
414 | check => ['perm', '/vms/{vmid}', [ 'VM.Audit' ]], | |
415 | }, | |
416 | description => "Read VM RRD statistics (returns PNG)", | |
417 | parameters => { | |
418 | additionalProperties => 0, | |
419 | properties => { | |
420 | node => get_standard_option('pve-node'), | |
421 | vmid => get_standard_option('pve-vmid'), | |
422 | timeframe => { | |
423 | description => "Specify the time frame you are interested in.", | |
424 | type => 'string', | |
425 | enum => [ 'hour', 'day', 'week', 'month', 'year' ], | |
426 | }, | |
427 | ds => { | |
428 | description => "The list of datasources you want to display.", | |
429 | type => 'string', format => 'pve-configid-list', | |
430 | }, | |
431 | cf => { | |
432 | description => "The RRD consolidation function", | |
433 | type => 'string', | |
434 | enum => [ 'AVERAGE', 'MAX' ], | |
435 | optional => 1, | |
436 | }, | |
437 | }, | |
438 | }, | |
439 | returns => { | |
440 | type => "object", | |
441 | properties => { | |
442 | filename => { type => 'string' }, | |
443 | }, | |
444 | }, | |
445 | code => sub { | |
446 | my ($param) = @_; | |
447 | ||
448 | return PVE::Cluster::create_rrd_graph( | |
5c752bbf | 449 | "pve2-vm/$param->{vmid}", $param->{timeframe}, |
f76a2828 | 450 | $param->{ds}, $param->{cf}); |
5c752bbf | 451 | |
f76a2828 DM |
452 | }}); |
453 | ||
454 | __PACKAGE__->register_method({ | |
5c752bbf DM |
455 | name => 'rrddata', |
456 | path => '{vmid}/rrddata', | |
f76a2828 DM |
457 | method => 'GET', |
458 | protected => 1, # fixme: can we avoid that? | |
459 | permissions => { | |
460 | check => ['perm', '/vms/{vmid}', [ 'VM.Audit' ]], | |
461 | }, | |
462 | description => "Read VM RRD statistics", | |
463 | parameters => { | |
464 | additionalProperties => 0, | |
465 | properties => { | |
466 | node => get_standard_option('pve-node'), | |
467 | vmid => get_standard_option('pve-vmid'), | |
468 | timeframe => { | |
469 | description => "Specify the time frame you are interested in.", | |
470 | type => 'string', | |
471 | enum => [ 'hour', 'day', 'week', 'month', 'year' ], | |
472 | }, | |
473 | cf => { | |
474 | description => "The RRD consolidation function", | |
475 | type => 'string', | |
476 | enum => [ 'AVERAGE', 'MAX' ], | |
477 | optional => 1, | |
478 | }, | |
479 | }, | |
480 | }, | |
481 | returns => { | |
482 | type => "array", | |
483 | items => { | |
484 | type => "object", | |
485 | properties => {}, | |
486 | }, | |
487 | }, | |
488 | code => sub { | |
489 | my ($param) = @_; | |
490 | ||
491 | return PVE::Cluster::create_rrd_data( | |
492 | "pve2-vm/$param->{vmid}", $param->{timeframe}, $param->{cf}); | |
493 | }}); | |
494 | ||
495 | ||
496 | __PACKAGE__->register_method({ | |
5c752bbf DM |
497 | name => 'vm_config', |
498 | path => '{vmid}/config', | |
f76a2828 DM |
499 | method => 'GET', |
500 | proxyto => 'node', | |
501 | description => "Get container configuration.", | |
502 | permissions => { | |
503 | check => ['perm', '/vms/{vmid}', [ 'VM.Audit' ]], | |
504 | }, | |
505 | parameters => { | |
506 | additionalProperties => 0, | |
507 | properties => { | |
508 | node => get_standard_option('pve-node'), | |
509 | vmid => get_standard_option('pve-vmid'), | |
510 | }, | |
511 | }, | |
5c752bbf | 512 | returns => { |
f76a2828 DM |
513 | type => "object", |
514 | properties => { | |
515 | digest => { | |
516 | type => 'string', | |
517 | description => 'SHA1 digest of configuration file. This can be used to prevent concurrent modifications.', | |
518 | } | |
519 | }, | |
520 | }, | |
521 | code => sub { | |
522 | my ($param) = @_; | |
523 | ||
524 | my $lxc_conf = PVE::LXC::load_config($param->{vmid}); | |
525 | ||
526 | # NOTE: we only return selected/converted values | |
5c752bbf | 527 | |
b80dd50a | 528 | my $conf = PVE::LXC::lxc_conf_to_pve($param->{vmid}, $lxc_conf); |
f76a2828 DM |
529 | |
530 | my $stcfg = PVE::Cluster::cfs_read_file("storage.cfg"); | |
531 | ||
532 | my ($sid, undef, $path) = &$get_container_storage($stcfg, $param->{vmid}, $lxc_conf); | |
533 | $conf->{storage} = $sid || $path; | |
534 | ||
f76a2828 DM |
535 | return $conf; |
536 | }}); | |
537 | ||
538 | __PACKAGE__->register_method({ | |
5c752bbf DM |
539 | name => 'destroy_vm', |
540 | path => '{vmid}', | |
f76a2828 DM |
541 | method => 'DELETE', |
542 | protected => 1, | |
543 | proxyto => 'node', | |
544 | description => "Destroy the container (also delete all uses files).", | |
545 | permissions => { | |
546 | check => [ 'perm', '/vms/{vmid}', ['VM.Allocate']], | |
547 | }, | |
548 | parameters => { | |
549 | additionalProperties => 0, | |
550 | properties => { | |
551 | node => get_standard_option('pve-node'), | |
552 | vmid => get_standard_option('pve-vmid'), | |
553 | }, | |
554 | }, | |
5c752bbf | 555 | returns => { |
f76a2828 DM |
556 | type => 'string', |
557 | }, | |
558 | code => sub { | |
559 | my ($param) = @_; | |
560 | ||
561 | my $rpcenv = PVE::RPCEnvironment::get(); | |
562 | ||
563 | my $authuser = $rpcenv->get_user(); | |
564 | ||
565 | my $vmid = $param->{vmid}; | |
566 | ||
567 | # test if container exists | |
568 | my $conf = PVE::LXC::load_config($param->{vmid}); | |
569 | ||
570 | my $realcmd = sub { | |
571 | my $cmd = ['lxc-destroy', '-n', $vmid ]; | |
572 | ||
573 | run_command($cmd); | |
574 | ||
575 | PVE::AccessControl::remove_vm_from_pool($vmid); | |
576 | }; | |
577 | ||
578 | return $rpcenv->fork_worker('vzdestroy', $vmid, $authuser, $realcmd); | |
579 | }}); | |
580 | ||
fff3a342 DM |
581 | my $sslcert; |
582 | ||
583 | __PACKAGE__->register_method ({ | |
584 | name => 'vncproxy', | |
585 | path => '{vmid}/vncproxy', | |
586 | method => 'POST', | |
587 | protected => 1, | |
588 | permissions => { | |
589 | check => ['perm', '/vms/{vmid}', [ 'VM.Console' ]], | |
590 | }, | |
591 | description => "Creates a TCP VNC proxy connections.", | |
592 | parameters => { | |
593 | additionalProperties => 0, | |
594 | properties => { | |
595 | node => get_standard_option('pve-node'), | |
596 | vmid => get_standard_option('pve-vmid'), | |
597 | websocket => { | |
598 | optional => 1, | |
599 | type => 'boolean', | |
600 | description => "use websocket instead of standard VNC.", | |
601 | }, | |
602 | }, | |
603 | }, | |
604 | returns => { | |
605 | additionalProperties => 0, | |
606 | properties => { | |
607 | user => { type => 'string' }, | |
608 | ticket => { type => 'string' }, | |
609 | cert => { type => 'string' }, | |
610 | port => { type => 'integer' }, | |
611 | upid => { type => 'string' }, | |
612 | }, | |
613 | }, | |
614 | code => sub { | |
615 | my ($param) = @_; | |
616 | ||
617 | my $rpcenv = PVE::RPCEnvironment::get(); | |
618 | ||
619 | my $authuser = $rpcenv->get_user(); | |
620 | ||
621 | my $vmid = $param->{vmid}; | |
622 | my $node = $param->{node}; | |
623 | ||
624 | my $authpath = "/vms/$vmid"; | |
625 | ||
626 | my $ticket = PVE::AccessControl::assemble_vnc_ticket($authuser, $authpath); | |
627 | ||
628 | $sslcert = PVE::Tools::file_get_contents("/etc/pve/pve-root-ca.pem", 8192) | |
629 | if !$sslcert; | |
630 | ||
631 | my $port = PVE::Tools::next_vnc_port(); | |
632 | ||
633 | my $remip; | |
634 | ||
635 | if ($node ne PVE::INotify::nodename()) { | |
636 | $remip = PVE::Cluster::remote_node_ip($node); | |
637 | } | |
638 | ||
639 | # NOTE: vncterm VNC traffic is already TLS encrypted, | |
640 | # so we select the fastest chipher here (or 'none'?) | |
641 | my $remcmd = $remip ? | |
642 | ['/usr/bin/ssh', '-t', $remip] : []; | |
643 | ||
644 | my $shcmd = [ '/usr/bin/dtach', '-A', | |
645 | "/var/run/dtach/vzctlconsole$vmid", | |
646 | '-r', 'winch', '-z', | |
647 | 'lxc-console', '-n', $vmid ]; | |
648 | ||
649 | my $realcmd = sub { | |
650 | my $upid = shift; | |
651 | ||
652 | syslog ('info', "starting openvz vnc proxy $upid\n"); | |
653 | ||
654 | my $timeout = 10; | |
655 | ||
656 | my $cmd = ['/usr/bin/vncterm', '-rfbport', $port, | |
657 | '-timeout', $timeout, '-authpath', $authpath, | |
658 | '-perm', 'VM.Console']; | |
659 | ||
660 | if ($param->{websocket}) { | |
661 | $ENV{PVE_VNC_TICKET} = $ticket; # pass ticket to vncterm | |
662 | push @$cmd, '-notls', '-listen', 'localhost'; | |
663 | } | |
664 | ||
665 | push @$cmd, '-c', @$remcmd, @$shcmd; | |
666 | ||
667 | run_command($cmd); | |
668 | ||
669 | return; | |
670 | }; | |
671 | ||
672 | my $upid = $rpcenv->fork_worker('vncproxy', $vmid, $authuser, $realcmd); | |
673 | ||
674 | PVE::Tools::wait_for_vnc_port($port); | |
675 | ||
676 | return { | |
677 | user => $authuser, | |
678 | ticket => $ticket, | |
679 | port => $port, | |
680 | upid => $upid, | |
681 | cert => $sslcert, | |
682 | }; | |
683 | }}); | |
684 | ||
685 | __PACKAGE__->register_method({ | |
686 | name => 'vncwebsocket', | |
687 | path => '{vmid}/vncwebsocket', | |
688 | method => 'GET', | |
689 | permissions => { | |
690 | description => "You also need to pass a valid ticket (vncticket).", | |
691 | check => ['perm', '/vms/{vmid}', [ 'VM.Console' ]], | |
692 | }, | |
693 | description => "Opens a weksocket for VNC traffic.", | |
694 | parameters => { | |
695 | additionalProperties => 0, | |
696 | properties => { | |
697 | node => get_standard_option('pve-node'), | |
698 | vmid => get_standard_option('pve-vmid'), | |
699 | vncticket => { | |
700 | description => "Ticket from previous call to vncproxy.", | |
701 | type => 'string', | |
702 | maxLength => 512, | |
703 | }, | |
704 | port => { | |
705 | description => "Port number returned by previous vncproxy call.", | |
706 | type => 'integer', | |
707 | minimum => 5900, | |
708 | maximum => 5999, | |
709 | }, | |
710 | }, | |
711 | }, | |
712 | returns => { | |
713 | type => "object", | |
714 | properties => { | |
715 | port => { type => 'string' }, | |
716 | }, | |
717 | }, | |
718 | code => sub { | |
719 | my ($param) = @_; | |
720 | ||
721 | my $rpcenv = PVE::RPCEnvironment::get(); | |
722 | ||
723 | my $authuser = $rpcenv->get_user(); | |
724 | ||
725 | my $authpath = "/vms/$param->{vmid}"; | |
726 | ||
727 | PVE::AccessControl::verify_vnc_ticket($param->{vncticket}, $authuser, $authpath); | |
728 | ||
729 | my $port = $param->{port}; | |
730 | ||
731 | return { port => $port }; | |
732 | }}); | |
733 | ||
734 | __PACKAGE__->register_method ({ | |
735 | name => 'spiceproxy', | |
736 | path => '{vmid}/spiceproxy', | |
737 | method => 'POST', | |
738 | protected => 1, | |
739 | proxyto => 'node', | |
740 | permissions => { | |
741 | check => ['perm', '/vms/{vmid}', [ 'VM.Console' ]], | |
742 | }, | |
743 | description => "Returns a SPICE configuration to connect to the CT.", | |
744 | parameters => { | |
745 | additionalProperties => 0, | |
746 | properties => { | |
747 | node => get_standard_option('pve-node'), | |
748 | vmid => get_standard_option('pve-vmid'), | |
749 | proxy => get_standard_option('spice-proxy', { optional => 1 }), | |
750 | }, | |
751 | }, | |
752 | returns => get_standard_option('remote-viewer-config'), | |
753 | code => sub { | |
754 | my ($param) = @_; | |
755 | ||
756 | my $vmid = $param->{vmid}; | |
757 | my $node = $param->{node}; | |
758 | my $proxy = $param->{proxy}; | |
759 | ||
760 | my $authpath = "/vms/$vmid"; | |
761 | my $permissions = 'VM.Console'; | |
762 | ||
763 | my $shcmd = ['/usr/bin/dtach', '-A', | |
764 | "/var/run/dtach/vzctlconsole$vmid", | |
765 | '-r', 'winch', '-z', | |
766 | 'lxc-console', '-n', $vmid]; | |
767 | ||
768 | my $title = "CT $vmid"; | |
769 | ||
770 | return PVE::API2Tools::run_spiceterm($authpath, $permissions, $vmid, $node, $proxy, $title, $shcmd); | |
771 | }}); | |
5c752bbf DM |
772 | |
773 | __PACKAGE__->register_method({ | |
774 | name => 'vmcmdidx', | |
775 | path => '{vmid}/status', | |
776 | method => 'GET', | |
777 | proxyto => 'node', | |
778 | description => "Directory index", | |
779 | permissions => { | |
780 | user => 'all', | |
781 | }, | |
782 | parameters => { | |
783 | additionalProperties => 0, | |
784 | properties => { | |
785 | node => get_standard_option('pve-node'), | |
786 | vmid => get_standard_option('pve-vmid'), | |
787 | }, | |
788 | }, | |
789 | returns => { | |
790 | type => 'array', | |
791 | items => { | |
792 | type => "object", | |
793 | properties => { | |
794 | subdir => { type => 'string' }, | |
795 | }, | |
796 | }, | |
797 | links => [ { rel => 'child', href => "{subdir}" } ], | |
798 | }, | |
799 | code => sub { | |
800 | my ($param) = @_; | |
801 | ||
802 | # test if VM exists | |
803 | my $conf = PVE::OpenVZ::load_config($param->{vmid}); | |
804 | ||
805 | my $res = [ | |
806 | { subdir => 'current' }, | |
807 | { subdir => 'start' }, | |
808 | { subdir => 'stop' }, | |
809 | { subdir => 'shutdown' }, | |
810 | { subdir => 'migrate' }, | |
811 | ]; | |
812 | ||
813 | return $res; | |
814 | }}); | |
815 | ||
816 | __PACKAGE__->register_method({ | |
817 | name => 'vm_status', | |
818 | path => '{vmid}/status/current', | |
819 | method => 'GET', | |
820 | proxyto => 'node', | |
821 | protected => 1, # openvz /proc entries are only readable by root | |
822 | description => "Get virtual machine status.", | |
823 | permissions => { | |
824 | check => ['perm', '/vms/{vmid}', [ 'VM.Audit' ]], | |
825 | }, | |
826 | parameters => { | |
827 | additionalProperties => 0, | |
828 | properties => { | |
829 | node => get_standard_option('pve-node'), | |
830 | vmid => get_standard_option('pve-vmid'), | |
831 | }, | |
832 | }, | |
833 | returns => { type => 'object' }, | |
834 | code => sub { | |
835 | my ($param) = @_; | |
836 | ||
837 | # test if VM exists | |
838 | my $conf = PVE::LXC::load_config($param->{vmid}); | |
839 | ||
840 | my $vmstatus = PVE::LXC::vmstatus($param->{vmid}); | |
841 | my $status = $vmstatus->{$param->{vmid}}; | |
842 | ||
843 | $status->{ha} = PVE::HA::Config::vm_is_ha_managed($param->{vmid}) ? 1 : 0; | |
844 | ||
845 | return $status; | |
846 | }}); | |
847 | ||
848 | __PACKAGE__->register_method({ | |
849 | name => 'vm_start', | |
850 | path => '{vmid}/status/start', | |
851 | method => 'POST', | |
852 | protected => 1, | |
853 | proxyto => 'node', | |
854 | description => "Start the container.", | |
855 | permissions => { | |
856 | check => ['perm', '/vms/{vmid}', [ 'VM.PowerMgmt' ]], | |
857 | }, | |
858 | parameters => { | |
859 | additionalProperties => 0, | |
860 | properties => { | |
861 | node => get_standard_option('pve-node'), | |
862 | vmid => get_standard_option('pve-vmid'), | |
863 | }, | |
864 | }, | |
865 | returns => { | |
866 | type => 'string', | |
867 | }, | |
868 | code => sub { | |
869 | my ($param) = @_; | |
870 | ||
871 | my $rpcenv = PVE::RPCEnvironment::get(); | |
872 | ||
873 | my $authuser = $rpcenv->get_user(); | |
874 | ||
875 | my $node = extract_param($param, 'node'); | |
876 | ||
877 | my $vmid = extract_param($param, 'vmid'); | |
878 | ||
879 | die "CT $vmid already running\n" if PVE::LXC::check_running($vmid); | |
880 | ||
881 | if (PVE::HA::Config::vm_is_ha_managed($vmid) && $rpcenv->{type} ne 'ha') { | |
882 | ||
883 | my $hacmd = sub { | |
884 | my $upid = shift; | |
885 | ||
886 | my $service = "ct:$vmid"; | |
887 | ||
888 | my $cmd = ['ha-manager', 'enable', $service]; | |
889 | ||
890 | print "Executing HA start for CT $vmid\n"; | |
891 | ||
892 | PVE::Tools::run_command($cmd); | |
893 | ||
894 | return; | |
895 | }; | |
896 | ||
897 | return $rpcenv->fork_worker('hastart', $vmid, $authuser, $hacmd); | |
898 | ||
899 | } else { | |
900 | ||
901 | my $realcmd = sub { | |
902 | my $upid = shift; | |
903 | ||
904 | syslog('info', "starting CT $vmid: $upid\n"); | |
905 | ||
906 | my $conf = PVE::LXC::load_config($vmid); | |
907 | my $stcfg = cfs_read_file("storage.cfg"); | |
908 | if (my $sid = &$get_container_storage($stcfg, $vmid, $conf)) { | |
909 | PVE::Storage::activate_storage($stcfg, $sid); | |
910 | } | |
911 | ||
912 | my $cmd = ['lxc-start', '-n', $vmid]; | |
913 | ||
914 | run_command($cmd); | |
915 | ||
916 | return; | |
917 | }; | |
918 | ||
919 | return $rpcenv->fork_worker('vzstart', $vmid, $authuser, $realcmd); | |
920 | } | |
921 | }}); | |
922 | ||
923 | __PACKAGE__->register_method({ | |
924 | name => 'vm_stop', | |
925 | path => '{vmid}/status/stop', | |
926 | method => 'POST', | |
927 | protected => 1, | |
928 | proxyto => 'node', | |
929 | description => "Stop the container.", | |
930 | permissions => { | |
931 | check => ['perm', '/vms/{vmid}', [ 'VM.PowerMgmt' ]], | |
932 | }, | |
933 | parameters => { | |
934 | additionalProperties => 0, | |
935 | properties => { | |
936 | node => get_standard_option('pve-node'), | |
937 | vmid => get_standard_option('pve-vmid'), | |
938 | }, | |
939 | }, | |
940 | returns => { | |
941 | type => 'string', | |
942 | }, | |
943 | code => sub { | |
944 | my ($param) = @_; | |
945 | ||
946 | my $rpcenv = PVE::RPCEnvironment::get(); | |
947 | ||
948 | my $authuser = $rpcenv->get_user(); | |
949 | ||
950 | my $node = extract_param($param, 'node'); | |
951 | ||
952 | my $vmid = extract_param($param, 'vmid'); | |
953 | ||
954 | die "CT $vmid not running\n" if !PVE::LXC::check_running($vmid); | |
955 | ||
956 | if (PVE::HA::Config::vm_is_ha_managed($vmid) && $rpcenv->{type} ne 'ha') { | |
957 | ||
958 | my $hacmd = sub { | |
959 | my $upid = shift; | |
960 | ||
961 | my $service = "ct:$vmid"; | |
962 | ||
963 | my $cmd = ['ha-manager', 'disable', $service]; | |
964 | ||
965 | print "Executing HA stop for CT $vmid\n"; | |
966 | ||
967 | PVE::Tools::run_command($cmd); | |
968 | ||
969 | return; | |
970 | }; | |
971 | ||
972 | return $rpcenv->fork_worker('hastop', $vmid, $authuser, $hacmd); | |
973 | ||
974 | } else { | |
975 | ||
976 | my $realcmd = sub { | |
977 | my $upid = shift; | |
978 | ||
979 | syslog('info', "stoping CT $vmid: $upid\n"); | |
980 | ||
981 | my $cmd = ['lxc-stop', '-n', $vmid, '--kill']; | |
982 | ||
983 | run_command($cmd); | |
984 | ||
985 | return; | |
986 | }; | |
987 | ||
988 | return $rpcenv->fork_worker('vzstop', $vmid, $authuser, $realcmd); | |
989 | } | |
990 | }}); | |
991 | ||
992 | __PACKAGE__->register_method({ | |
993 | name => 'vm_shutdown', | |
994 | path => '{vmid}/status/shutdown', | |
995 | method => 'POST', | |
996 | protected => 1, | |
997 | proxyto => 'node', | |
998 | description => "Shutdown the container.", | |
999 | permissions => { | |
1000 | check => ['perm', '/vms/{vmid}', [ 'VM.PowerMgmt' ]], | |
1001 | }, | |
1002 | parameters => { | |
1003 | additionalProperties => 0, | |
1004 | properties => { | |
1005 | node => get_standard_option('pve-node'), | |
1006 | vmid => get_standard_option('pve-vmid'), | |
1007 | timeout => { | |
1008 | description => "Wait maximal timeout seconds.", | |
1009 | type => 'integer', | |
1010 | minimum => 0, | |
1011 | optional => 1, | |
1012 | default => 60, | |
1013 | }, | |
1014 | forceStop => { | |
1015 | description => "Make sure the Container stops.", | |
1016 | type => 'boolean', | |
1017 | optional => 1, | |
1018 | default => 0, | |
1019 | } | |
1020 | }, | |
1021 | }, | |
1022 | returns => { | |
1023 | type => 'string', | |
1024 | }, | |
1025 | code => sub { | |
1026 | my ($param) = @_; | |
1027 | ||
1028 | my $rpcenv = PVE::RPCEnvironment::get(); | |
1029 | ||
1030 | my $authuser = $rpcenv->get_user(); | |
1031 | ||
1032 | my $node = extract_param($param, 'node'); | |
1033 | ||
1034 | my $vmid = extract_param($param, 'vmid'); | |
1035 | ||
1036 | my $timeout = extract_param($param, 'timeout'); | |
1037 | ||
1038 | die "CT $vmid not running\n" if !PVE::LXC::check_running($vmid); | |
1039 | ||
1040 | my $realcmd = sub { | |
1041 | my $upid = shift; | |
1042 | ||
1043 | syslog('info', "shutdown CT $vmid: $upid\n"); | |
1044 | ||
1045 | my $cmd = ['lxc-stop', '-n', $vmid]; | |
1046 | ||
1047 | $timeout = 60 if !defined($timeout); | |
1048 | ||
1049 | push @$cmd, '--timeout', $timeout; | |
1050 | ||
1051 | eval { run_command($cmd, timeout => $timeout+5); }; | |
1052 | my $err = $@; | |
1053 | return if !$err; | |
1054 | ||
1055 | die $err if !$param->{forceStop}; | |
1056 | ||
1057 | warn "shutdown failed - forcing stop now\n"; | |
1058 | ||
1059 | push @$cmd, '--kill'; | |
1060 | run_command($cmd); | |
1061 | ||
1062 | return; | |
1063 | }; | |
1064 | ||
1065 | my $upid = $rpcenv->fork_worker('vzshutdown', $vmid, $authuser, $realcmd); | |
1066 | ||
1067 | return $upid; | |
1068 | }}); | |
1069 | ||
1070 | __PACKAGE__->register_method({ | |
1071 | name => 'vm_suspend', | |
1072 | path => '{vmid}/status/suspend', | |
1073 | method => 'POST', | |
1074 | protected => 1, | |
1075 | proxyto => 'node', | |
1076 | description => "Suspend the container.", | |
1077 | permissions => { | |
1078 | check => ['perm', '/vms/{vmid}', [ 'VM.PowerMgmt' ]], | |
1079 | }, | |
1080 | parameters => { | |
1081 | additionalProperties => 0, | |
1082 | properties => { | |
1083 | node => get_standard_option('pve-node'), | |
1084 | vmid => get_standard_option('pve-vmid'), | |
1085 | }, | |
1086 | }, | |
1087 | returns => { | |
1088 | type => 'string', | |
1089 | }, | |
1090 | code => sub { | |
1091 | my ($param) = @_; | |
1092 | ||
1093 | my $rpcenv = PVE::RPCEnvironment::get(); | |
1094 | ||
1095 | my $authuser = $rpcenv->get_user(); | |
1096 | ||
1097 | my $node = extract_param($param, 'node'); | |
1098 | ||
1099 | my $vmid = extract_param($param, 'vmid'); | |
1100 | ||
1101 | die "CT $vmid not running\n" if !PVE::LXC::check_running($vmid); | |
1102 | ||
1103 | my $realcmd = sub { | |
1104 | my $upid = shift; | |
1105 | ||
1106 | syslog('info', "suspend CT $vmid: $upid\n"); | |
1107 | ||
1108 | my $cmd = ['lxc-checkpoint', '-n', $vmid, '-s', '-D', '/var/liv/vz/dump']; | |
1109 | ||
1110 | run_command($cmd); | |
1111 | ||
1112 | return; | |
1113 | }; | |
1114 | ||
1115 | my $upid = $rpcenv->fork_worker('vzsuspend', $vmid, $authuser, $realcmd); | |
1116 | ||
1117 | return $upid; | |
1118 | }}); | |
1119 | ||
1120 | __PACKAGE__->register_method({ | |
1121 | name => 'vm_resume', | |
1122 | path => '{vmid}/status/resume', | |
1123 | method => 'POST', | |
1124 | protected => 1, | |
1125 | proxyto => 'node', | |
1126 | description => "Resume the container.", | |
1127 | permissions => { | |
1128 | check => ['perm', '/vms/{vmid}', [ 'VM.PowerMgmt' ]], | |
1129 | }, | |
1130 | parameters => { | |
1131 | additionalProperties => 0, | |
1132 | properties => { | |
1133 | node => get_standard_option('pve-node'), | |
1134 | vmid => get_standard_option('pve-vmid'), | |
1135 | }, | |
1136 | }, | |
1137 | returns => { | |
1138 | type => 'string', | |
1139 | }, | |
1140 | code => sub { | |
1141 | my ($param) = @_; | |
1142 | ||
1143 | my $rpcenv = PVE::RPCEnvironment::get(); | |
1144 | ||
1145 | my $authuser = $rpcenv->get_user(); | |
1146 | ||
1147 | my $node = extract_param($param, 'node'); | |
1148 | ||
1149 | my $vmid = extract_param($param, 'vmid'); | |
1150 | ||
1151 | die "CT $vmid already running\n" if PVE::LXC::check_running($vmid); | |
1152 | ||
1153 | my $realcmd = sub { | |
1154 | my $upid = shift; | |
1155 | ||
1156 | syslog('info', "resume CT $vmid: $upid\n"); | |
1157 | ||
1158 | my $cmd = ['lxc-checkpoint', '-n', $vmid, '-r', '--foreground', | |
1159 | '-D', '/var/liv/vz/dump']; | |
1160 | ||
1161 | run_command($cmd); | |
1162 | ||
1163 | return; | |
1164 | }; | |
1165 | ||
1166 | my $upid = $rpcenv->fork_worker('vzresume', $vmid, $authuser, $realcmd); | |
1167 | ||
1168 | return $upid; | |
1169 | }}); | |
1170 | ||
1171 | __PACKAGE__->register_method({ | |
1172 | name => 'migrate_vm', | |
1173 | path => '{vmid}/migrate', | |
1174 | method => 'POST', | |
1175 | protected => 1, | |
1176 | proxyto => 'node', | |
1177 | description => "Migrate the container to another node. Creates a new migration task.", | |
1178 | permissions => { | |
1179 | check => ['perm', '/vms/{vmid}', [ 'VM.Migrate' ]], | |
1180 | }, | |
1181 | parameters => { | |
1182 | additionalProperties => 0, | |
1183 | properties => { | |
1184 | node => get_standard_option('pve-node'), | |
1185 | vmid => get_standard_option('pve-vmid'), | |
1186 | target => get_standard_option('pve-node', { description => "Target node." }), | |
1187 | online => { | |
1188 | type => 'boolean', | |
1189 | description => "Use online/live migration.", | |
1190 | optional => 1, | |
1191 | }, | |
1192 | }, | |
1193 | }, | |
1194 | returns => { | |
1195 | type => 'string', | |
1196 | description => "the task ID.", | |
1197 | }, | |
1198 | code => sub { | |
1199 | my ($param) = @_; | |
1200 | ||
1201 | my $rpcenv = PVE::RPCEnvironment::get(); | |
1202 | ||
1203 | my $authuser = $rpcenv->get_user(); | |
1204 | ||
1205 | my $target = extract_param($param, 'target'); | |
1206 | ||
1207 | my $localnode = PVE::INotify::nodename(); | |
1208 | raise_param_exc({ target => "target is local node."}) if $target eq $localnode; | |
1209 | ||
1210 | PVE::Cluster::check_cfs_quorum(); | |
1211 | ||
1212 | PVE::Cluster::check_node_exists($target); | |
1213 | ||
1214 | my $targetip = PVE::Cluster::remote_node_ip($target); | |
1215 | ||
1216 | my $vmid = extract_param($param, 'vmid'); | |
1217 | ||
1218 | # test if VM exists | |
1219 | PVE::LXC::load_config($vmid); | |
1220 | ||
1221 | # try to detect errors early | |
1222 | if (PVE::LXC::check_running($vmid)) { | |
1223 | die "cant migrate running container without --online\n" | |
1224 | if !$param->{online}; | |
1225 | } | |
1226 | ||
1227 | if (PVE::HA::Config::vm_is_ha_managed($vmid) && $rpcenv->{type} ne 'ha') { | |
1228 | ||
1229 | my $hacmd = sub { | |
1230 | my $upid = shift; | |
1231 | ||
1232 | my $service = "ct:$vmid"; | |
1233 | ||
1234 | my $cmd = ['ha-manager', 'migrate', $service, $target]; | |
1235 | ||
1236 | print "Executing HA migrate for CT $vmid to node $target\n"; | |
1237 | ||
1238 | PVE::Tools::run_command($cmd); | |
1239 | ||
1240 | return; | |
1241 | }; | |
1242 | ||
1243 | return $rpcenv->fork_worker('hamigrate', $vmid, $authuser, $hacmd); | |
1244 | ||
1245 | } else { | |
1246 | ||
1247 | my $realcmd = sub { | |
1248 | my $upid = shift; | |
1249 | ||
1250 | # fixme: implement lxc container migration | |
1251 | die "lxc container migration not implemented\n"; | |
1252 | ||
1253 | return; | |
1254 | }; | |
1255 | ||
1256 | return $rpcenv->fork_worker('vzmigrate', $vmid, $authuser, $realcmd); | |
1257 | } | |
1258 | }}); | |
1259 | ||
f76a2828 | 1260 | 1; |