1 package PVE
::API2
::Qemu
;
8 use PVE
::Tools
qw(extract_param);
9 use PVE
::Exception
qw(raise raise_param_exc);
11 use PVE
::JSONSchema
qw(get_standard_option);
14 use PVE
::RPCEnvironment
;
15 use PVE
::AccessControl
;
18 use Data
::Dumper
; # fixme: remove
20 use base
qw(PVE::RESTHandler);
22 my $opt_force_description = "Force physical removal. Without this, we simple remove the disk from the config file and create an additional configuration entry called 'unused[n]', which contains the volume ID. Unlink of unused[n] always cause physical removal.";
24 my $resolve_cdrom_alias = sub {
27 if (my $value = $param->{cdrom
}) {
28 $value .= ",media=cdrom" if $value !~ m/media=/;
29 $param->{ide2
} = $value;
30 delete $param->{cdrom
};
34 __PACKAGE__-
>register_method({
38 description
=> "Virtual machine index (per node).",
40 protected
=> 1, # qemu pid files are only readable by root
42 additionalProperties
=> 0,
44 node
=> get_standard_option
('pve-node'),
53 links
=> [ { rel
=> 'child', href
=> "{vmid}" } ],
58 my $vmstatus = PVE
::QemuServer
::vmstatus
();
60 return PVE
::RESTHandler
::hash_to_array
($vmstatus, 'vmid');
64 __PACKAGE__-
>register_method({
68 description
=> "Create new virtual machine.",
72 additionalProperties
=> 0,
73 properties
=> PVE
::QemuServer
::json_config_properties
(
75 node
=> get_standard_option
('pve-node'),
76 vmid
=> get_standard_option
('pve-vmid'),
79 returns
=> { type
=> 'null'},
83 my $node = extract_param
($param, 'node');
87 my $vmid = extract_param
($param, 'vmid');
89 my $filename = PVE
::QemuServer
::config_file
($vmid);
90 # first test (befor locking)
91 die "unable to create vm $vmid: config file already exists\n"
94 my $storecfg = PVE
::Storage
::config
();
96 &$resolve_cdrom_alias($param);
98 foreach my $opt (keys %$param) {
99 if (PVE
::QemuServer
::valid_drivename
($opt)) {
100 my $drive = PVE
::QemuServer
::parse_drive
($opt, $param->{$opt});
101 raise_param_exc
({ $opt => "unable to parse drive options" }) if !$drive;
103 PVE
::QemuServer
::cleanup_drive_path
($opt, $storecfg, $drive);
104 $param->{$opt} = PVE
::QemuServer
::print_drive
($vmid, $drive);
108 PVE
::QemuServer
::add_random_macs
($param);
110 #fixme: ? syslog ('info', "VM $vmid creating new virtual machine");
116 # second test (after locking test is accurate)
117 die "unable to create vm $vmid: config file already exists\n"
120 $vollist = PVE
::QemuServer
::create_disks
($storecfg, $vmid, $param);
122 # try to be smart about bootdisk
123 my @disks = PVE
::QemuServer
::disknames
();
125 foreach my $ds (reverse @disks) {
126 next if !$param->{$ds};
127 my $disk = PVE
::QemuServer
::parse_drive
($ds, $param->{$ds});
128 next if PVE
::QemuServer
::drive_is_cdrom
($disk);
132 if (!$param->{bootdisk
} && $firstdisk) {
133 $param->{bootdisk
} = $firstdisk;
136 PVE
::QemuServer
::create_conf_nolock
($vmid, $param);
139 eval { PVE
::QemuServer
::lock_config
($vmid, $createfn); };
143 foreach my $volid (@$vollist) {
144 eval { PVE
::Storage
::vdisk_free
($storecfg, $volid); };
147 die "create failed - $err";
153 __PACKAGE__-
>register_method({
158 description
=> "Directory index",
160 additionalProperties
=> 0,
162 node
=> get_standard_option
('pve-node'),
163 vmid
=> get_standard_option
('pve-vmid'),
171 subdir
=> { type
=> 'string' },
174 links
=> [ { rel
=> 'child', href
=> "{subdir}" } ],
180 { subdir
=> 'config' },
181 { subdir
=> 'status' },
182 { subdir
=> 'unlink' },
183 { subdir
=> 'vncproxy' },
185 { subdir
=> 'rrddata' },
191 __PACKAGE__-
>register_method({
193 path
=> '{vmid}/rrd',
195 protected
=> 1, # fixme: can we avoid that?
197 path
=> '/vms/{vmid}',
198 privs
=> [ 'VM.Audit' ],
200 description
=> "Read VM RRD statistics (returns PNG)",
202 additionalProperties
=> 0,
204 node
=> get_standard_option
('pve-node'),
205 vmid
=> get_standard_option
('pve-vmid'),
207 description
=> "Specify the time frame you are interested in.",
209 enum
=> [ 'hour', 'day', 'week', 'month', 'year' ],
212 description
=> "The list of datasources you want to display.",
213 type
=> 'string', format
=> 'pve-configid-list',
216 description
=> "The RRD consolidation function",
218 enum
=> [ 'AVERAGE', 'MAX' ],
226 filename
=> { type
=> 'string' },
232 return PVE
::Cluster
::create_rrd_graph
(
233 "pve2-vm/$param->{vmid}", $param->{timeframe
},
234 $param->{ds
}, $param->{cf
});
238 __PACKAGE__-
>register_method({
240 path
=> '{vmid}/rrddata',
242 protected
=> 1, # fixme: can we avoid that?
244 path
=> '/vms/{vmid}',
245 privs
=> [ 'VM.Audit' ],
247 description
=> "Read VM RRD statistics",
249 additionalProperties
=> 0,
251 node
=> get_standard_option
('pve-node'),
252 vmid
=> get_standard_option
('pve-vmid'),
254 description
=> "Specify the time frame you are interested in.",
256 enum
=> [ 'hour', 'day', 'week', 'month', 'year' ],
259 description
=> "The RRD consolidation function",
261 enum
=> [ 'AVERAGE', 'MAX' ],
276 return PVE
::Cluster
::create_rrd_data
(
277 "pve2-vm/$param->{vmid}", $param->{timeframe
}, $param->{cf
});
281 __PACKAGE__-
>register_method({
283 path
=> '{vmid}/config',
286 description
=> "Get virtual machine configuration.",
288 additionalProperties
=> 0,
290 node
=> get_standard_option
('pve-node'),
291 vmid
=> get_standard_option
('pve-vmid'),
301 my $conf = PVE
::QemuServer
::load_config
($param->{vmid
});
306 __PACKAGE__-
>register_method({
308 path
=> '{vmid}/config',
312 description
=> "Set virtual machine options.",
314 additionalProperties
=> 0,
315 properties
=> PVE
::QemuServer
::json_config_properties
(
317 node
=> get_standard_option
('pve-node'),
318 vmid
=> get_standard_option
('pve-vmid'),
320 description
=> "Ignore locks - only root is allowed to use this option.",
325 type
=> 'string', format
=> 'pve-configid-list',
326 description
=> "A list of settings you want to delete.",
331 description
=> $opt_force_description,
333 requires
=> 'delete',
337 returns
=> { type
=> 'null'},
341 my $rpcenv = PVE
::RPCEnvironment
::get
();
343 my $user = $rpcenv->get_user();
345 my $node = extract_param
($param, 'node');
347 # fixme: fork worker?
349 my $vmid = extract_param
($param, 'vmid');
351 my $skiplock = extract_param
($param, 'skiplock');
352 raise_param_exc
({ skiplock
=> "Only root may use this option." }) if $user ne 'root@pam';
354 my $delete = extract_param
($param, 'delete');
355 my $force = extract_param
($param, 'force');
357 die "no options specified\n" if !$delete && !scalar(keys %$param);
359 my $storecfg = PVE
::Storage
::config
();
361 &$resolve_cdrom_alias($param);
366 foreach my $opt (keys %$param) {
367 if (PVE
::QemuServer
::valid_drivename
($opt)) {
368 my $drive = PVE
::QemuServer
::parse_drive
($opt, $param->{$opt});
369 raise_param_exc
({ $opt => "unable to parse drive options" }) if !$drive;
370 if ($drive->{file
} eq 'eject') {
372 delete $param->{$opt};
376 PVE
::QemuServer
::cleanup_drive_path
($opt, $storecfg, $drive);
377 $param->{$opt} = PVE
::QemuServer
::print_drive
($vmid, $drive);
379 if (PVE
::QemuServer
::drive_is_cdrom
($drive)) {
380 $cdchange->{$opt} = PVE
::QemuServer
::get_iso_path
($storecfg, $vmid, $drive->{file
});
385 foreach my $opt (PVE
::Tools
::split_list
($delete)) {
386 $opt = 'ide2' if $opt eq 'cdrom';
387 die "you can't use '-$opt' and '-delete $opt' at the same time\n"
388 if defined($param->{$opt});
391 PVE
::QemuServer
::add_random_macs
($param);
397 my $conf = PVE
::QemuServer
::load_config
($vmid);
399 PVE
::QemuServer
::check_lock
($conf) if !$skiplock;
401 foreach my $opt (keys %$eject) {
403 my $drive = PVE
::QemuServer
::parse_drive
($opt, $conf->{$opt});
404 $cdchange->{$opt} = undef if PVE
::QemuServer
::drive_is_cdrom
($drive);
406 raise_param_exc
({ $opt => "eject failed - drive does not exist." });
410 foreach my $opt (keys %$param) {
411 next if !PVE
::QemuServer
::valid_drivename
($opt);
412 next if !$conf->{$opt};
413 my $old_drive = PVE
::QemuServer
::parse_drive
($opt, $conf->{$opt});
414 next if PVE
::QemuServer
::drive_is_cdrom
($old_drive);
415 my $new_drive = PVE
::QemuServer
::parse_drive
($opt, $param->{$opt});
416 if ($new_drive->{file
} ne $old_drive->{file
}) {
418 eval { ($path, $owner) = PVE
::Storage
::path
($storecfg, $old_drive->{file
}); };
419 if ($owner && ($owner == $vmid)) {
420 PVE
::QemuServer
::add_unused_volume
($conf, $param, $old_drive->{file
});
427 foreach my $opt (PVE
::Tools
::split_list
($delete)) {
428 $opt = 'ide2' if $opt eq 'cdrom';
429 if (!PVE
::QemuServer
::option_exists
($opt)) {
430 raise_param_exc
({ delete => "unknown option '$opt'" });
432 next if !defined($conf->{$opt});
433 if (PVE
::QemuServer
::valid_drivename
($opt)) {
434 my $drive = PVE
::QemuServer
::parse_drive
($opt, $conf->{$opt});
435 if (PVE
::QemuServer
::drive_is_cdrom
($drive)) {
436 $cdchange->{$opt} = undef;
438 my $volid = $drive->{file
};
440 if ($volid !~ m
|^/|) {
442 eval { ($path, $owner) = PVE
::Storage
::path
($storecfg, $volid); };
443 if ($owner && ($owner == $vmid)) {
445 push @$vollist, $volid;
447 PVE
::QemuServer
::add_unused_volume
($conf, $param, $volid);
452 } elsif ($opt =~ m/^unused/) {
453 push @$vollist, $conf->{$opt};
459 PVE
::QemuServer
::create_disks
($storecfg, $vmid, $param);
461 PVE
::QemuServer
::change_config_nolock
($vmid, $param, $unset, 1);
463 return if !PVE
::QemuServer
::check_running
($vmid);
465 foreach my $opt (keys %$cdchange) {
466 my $qdn = PVE
::QemuServer
::qemu_drive_name
($opt, 'cdrom');
467 my $path = $cdchange->{$opt};
468 PVE
::QemuServer
::vm_monitor_command
($vmid, "eject $qdn", 0);
469 PVE
::QemuServer
::vm_monitor_command
($vmid, "change $qdn \"$path\"", 0) if $path;
473 PVE::QemuServer::lock_config($vmid, $updatefn);
475 foreach my $volid (@$vollist) {
476 eval { PVE::Storage::vdisk_free($storecfg, $volid); };
485 __PACKAGE__->register_method({
486 name => 'destroy_vm',
491 description => "Destroy the vm
(also
delete all used
/owned volumes
).",
493 additionalProperties => 0,
495 node => get_standard_option('pve-node'),
496 vmid => get_standard_option('pve-vmid'),
499 returns => { type => 'null' },
503 my $rpcenv = PVE::RPCEnvironment::get();
505 my $user = $rpcenv->get_user();
507 my $vmid = $param->{vmid};
509 my $skiplock = $param->{skiplock};
510 raise_param_exc({ skiplock => "Only root may
use this option
." })
511 if $user ne 'root@pam';
513 my $storecfg = PVE::Storage::config();
515 PVE::QemuServer::vm_destroy($storecfg, $vmid, $skiplock);
520 __PACKAGE__->register_method({
522 path => '{vmid}/unlink',
526 description => "Unlink
/delete disk images
.",
528 additionalProperties => 0,
530 node => get_standard_option('pve-node'),
531 vmid => get_standard_option('pve-vmid'),
533 type => 'string', format => 'pve-configid-list',
534 description => "A list of disk IDs you want to
delete.",
538 description => $opt_force_description,
543 returns => { type => 'null'},
547 $param->{delete} = extract_param($param, 'idlist');
549 __PACKAGE__->update_vm($param);
556 __PACKAGE__->register_method({
558 path => '{vmid}/vncproxy',
562 path => '/vms/{vmid}',
563 privs => [ 'VM.Console' ],
565 description => "Creates a TCP VNC proxy connections
.",
567 additionalProperties => 0,
569 node => get_standard_option('pve-node'),
570 vmid => get_standard_option('pve-vmid'),
574 additionalProperties => 0,
576 user => { type => 'string' },
577 ticket => { type => 'string' },
578 cert => { type => 'string' },
579 port => { type => 'integer' },
580 upid => { type => 'string' },
586 my $rpcenv = PVE::RPCEnvironment::get();
588 my $user = $rpcenv->get_user();
589 my $ticket = PVE::AccessControl::assemble_ticket($user);
591 my $vmid = $param->{vmid};
592 my $node = $param->{node};
594 $sslcert = PVE::Tools::file_get_contents("/etc/pve
/pve-root-ca
.pem
", 8192)
597 my $port = PVE::Tools::next_vnc_port();
601 if ($node ne PVE::INotify::nodename()) {
602 $remip = PVE::Cluster::remote_node_ip($node);
605 # NOTE: kvm VNC traffic is already TLS encrypted,
606 # so we select the fastest chipher here (or 'none'?)
607 my $remcmd = $remip ? ['/usr/bin/ssh', '-T', '-o', 'BatchMode=yes',
608 '-c', 'blowfish-cbc', $remip] : [];
615 syslog('info', "starting vnc proxy
$upid\n");
617 my $qmcmd = [@$remcmd, "/usr/sbin
/qm
", 'vncproxy', $vmid];
619 my $qmstr = join(' ', @$qmcmd);
621 # also redirect stderr (else we get RFB protocol errors)
622 my @cmd = ('/bin/nc', '-l', '-p', $port, '-w', $timeout, '-c', "$qmstr 2>/dev/null
");
624 my $cmdstr = join(' ', @cmd);
625 syslog('info', "CMD3
: $cmdstr");
627 if (system(@cmd) != 0) {
628 my $msg = "VM
$vmid vnc proxy failed
- $?";
636 my $upid = $rpcenv->fork_worker('vncproxy', $vmid, $user, $realcmd);
647 __PACKAGE__->register_method({
649 path => '{vmid}/status',
652 protected => 1, # qemu pid files are only readable by root
653 description => "Get virtual machine status
.",
655 additionalProperties => 0,
657 node => get_standard_option('pve-node'),
658 vmid => get_standard_option('pve-vmid'),
661 returns => { type => 'object' },
666 my $conf = PVE::QemuServer::load_config($param->{vmid});
668 my $vmstatus = PVE::QemuServer::vmstatus($param->{vmid});
670 return $vmstatus->{$param->{vmid}};
673 __PACKAGE__->register_method({
674 name => 'vm_command',
675 path => '{vmid}/status',
679 description => "Set virtual machine status
.",
681 additionalProperties => 0,
683 node => get_standard_option('pve-node'),
684 vmid => get_standard_option('pve-vmid'),
686 description => "Ignore locks
- only root
is allowed to
use this option
.",
692 enum => [qw(start stop reset shutdown cad suspend resume) ],
696 returns
=> { type
=> 'null'},
700 my $rpcenv = PVE
::RPCEnvironment
::get
();
702 my $user = $rpcenv->get_user();
704 my $node = extract_param
($param, 'node');
706 # fixme: proxy to correct node
707 # fixme: fork worker?
709 my $vmid = extract_param
($param, 'vmid');
711 my $skiplock = extract_param
($param, 'skiplock');
712 raise_param_exc
({ skiplock
=> "Only root may use this option." })
713 if $user ne 'root@pam';
715 my $command = $param->{command
};
717 my $storecfg = PVE
::Storage
::config
();
719 if ($command eq 'start') {
720 my $statefile = undef; # fixme: --incoming parameter
721 PVE
::QemuServer
::vm_start
($storecfg, $vmid, $statefile, $skiplock);
722 } elsif ($command eq 'stop') {
723 PVE
::QemuServer
::vm_stop
($vmid, $skiplock);
724 } elsif ($command eq 'reset') {
725 PVE
::QemuServer
::vm_reset
($vmid, $skiplock);
726 } elsif ($command eq 'shutdown') {
727 PVE
::QemuServer
::vm_shutdown
($vmid, $skiplock);
728 } elsif ($command eq 'suspend') {
729 PVE
::QemuServer
::vm_suspend
($vmid, $skiplock);
730 } elsif ($command eq 'resume') {
731 PVE
::QemuServer
::vm_resume
($vmid, $skiplock);
732 } elsif ($command eq 'cad') {
733 PVE
::QemuServer
::vm_cad
($vmid, $skiplock);
735 raise_param_exc
({ command
=> "unknown command '$command'" })