]> git.proxmox.com Git - pve-manager.git/blob - PVE/CLI/pve5to6.pm
projects / pve-manager.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
5to6 add color support
[pve-manager.git] / PVE / CLI / pve5to6.pm
1 package PVE::CLI::pve5to6;
2
3 use strict;
4 use warnings;
5
6 use PVE::API2::APT;
7 use PVE::API2::Ceph;
8 use PVE::API2::LXC;
9 use PVE::API2::Qemu;
10
11 use PVE::Ceph::Tools;
12 use PVE::Cluster;
13 use PVE::Corosync;
14 use PVE::INotify;
15 use PVE::JSONSchema;
16 use PVE::RPCEnvironment;
17 use PVE::Storage;
18 use PVE::Tools;
19
20 use Term::ANSIColor;
21
22 use PVE::CLIHandler;
23
24 use base qw(PVE::CLIHandler);
25
26 my $nodename = PVE::INotify::nodename();
27
28 sub setup_environment {
29 PVE::RPCEnvironment->setup_default_cli_env();
30 }
31
32 my $min_pve_rel = '5.4';
33 my $min_pve_pkgrel = 2;
34
35 my $counters = {
36 pass => 0,
37 skip => 0,
38 warn => 0,
39 fail => 0,
40 };
41
42 my $log_line = sub {
43 my ($level, $line) = @_;
44
45 $counters->{$level}++ if defined($level) && defined($counters->{$level});
46
47 print uc($level), ': ' if defined($level);
48 print "$line\n";
49 };
50
51 sub log_pass {
52 print color('green');
53 $log_line->('pass', @_);
54 print color('reset');
55 }
56
57 sub log_info {
58 $log_line->('info', @_);
59 }
60 sub log_skip {
61 $log_line->('skip', @_);
62 }
63 sub log_warn {
64 print color('yellow');
65 $log_line->('warn', @_);
66 print color('reset');
67 }
68 sub log_fail {
69 print color('red');
70 $log_line->('fail', @_);
71 print color('reset');
72 }
73
74 my $get_pkg = sub {
75 my ($pkg) = @_;
76
77 my $versions = eval { PVE::API2::APT->versions({ node => $nodename }); };
78
79 if (!defined($versions)) {
80 my $msg = "unable to retrieve package version information";
81 $msg .= "- $@" if $@;
82 log_fail("$msg");
83 return undef;
84 }
85
86 my $pkgs = [ grep { $_->{Package} eq $pkg } @$versions ];
87 if (!defined $pkgs || $pkgs == 0) {
88 log_fail("unable to determine installed $pkg version.");
89 return undef;
90 } else {
91 return $pkgs->[0];
92 }
93 };
94
95 sub check_pve_packages {
96 print "CHECKING VERSION INFORMATION FOR PVE PACKAGES\n";
97
98 print "\nChecking for package updates..\n";
99 my $updates = eval { PVE::API2::APT->list_updates({ node => $nodename }); };
100 if (!defined($updates)) {
101 log_warn("$@") if $@;
102 log_fail("unable to retrieve list of package updates!");
103 } elsif (@$updates > 0) {
104 my $pkgs = join(', ', map { $_->{Package} } @$updates);
105 log_warn("updates for the following packages are available: $pkgs");
106 } else {
107 log_pass("all packages uptodate");
108 }
109
110 print "\nChecking proxmox-ve package version..\n";
111 if (defined(my $proxmox_ve = $get_pkg->('proxmox-ve'))) {
112 my $min_pve_ver = "$min_pve_rel-$min_pve_pkgrel";
113
114 if ($proxmox_ve->{OldVersion} =~ m/^$min_pve_rel-(\d+)/ && $1 >= $min_pve_pkgrel) {
115 log_pass("proxmox-ve package has version >= $min_pve_ver");
116 } else {
117 log_fail("proxmox-ve package is too old, please upgrade to >= $min_pve_ver!");
118 }
119 }
120 }
121
122 sub check_storage_health {
123 print "\nCHECKING CONFIGURED STORAGES\n\n";
124 my $cfg = PVE::Storage::config();
125
126 my $ctime = time();
127
128 my $info = PVE::Storage::storage_info($cfg);
129
130 foreach my $storeid (keys %$info) {
131 my $d = $info->{$storeid};
132 if ($d->{enabled}) {
133 if ($d->{active}) {
134 log_pass("storage '$storeid' enabled and active.");
135 } else {
136 log_warn("storage '$storeid' enabled but not active!");
137 }
138 } else {
139 log_skip("storage '$storeid' disabled.");
140 }
141 }
142 }
143
144 sub check_cluster_corosync {
145 print "\nCHECKING CLUSTER HEALTH/SETTINGS\n\n";
146
147 if (!PVE::Corosync::check_conf_exists(1)) {
148 log_skip("standalone node.");
149 return;
150 }
151
152 if (PVE::Cluster::check_cfs_quorum(1)) {
153 log_pass("Cluster is quorate.");
154 } else {
155 log_fail("Cluster lost quorum!");
156 }
157
158 my $conf = PVE::Cluster::cfs_read_file('corosync.conf');
159 my $conf_nodelist = PVE::Corosync::nodelist($conf);
160
161 if (!defined($conf_nodelist)) {
162 log_fail("unable to retrieve nodelist from corosync.conf");
163 } elsif (grep { $conf_nodelist->{$_}->{quorum_votes} != 1 } keys %$conf_nodelist) {
164 log_warn("non-default quorum_votes distribution detected!");
165 }
166
167 my $cfs_nodelist = PVE::Cluster::get_clinfo()->{nodelist};
168 my $offline_nodes = grep { $cfs_nodelist->{$_}->{online} != 1 } keys %$cfs_nodelist;
169 if ($offline_nodes > 0) {
170 log_fail("$offline_nodes nodes are offline!");
171 }
172
173 my $conf_nodelist_count = scalar(keys %$conf_nodelist);
174 my $cfs_nodelist_count = scalar(keys %$cfs_nodelist);
175 log_warn("cluster consists of less than three nodes!")
176 if $conf_nodelist_count < 3;
177
178 log_fail("corosync.conf ($conf_nodelist_count) and pmxcfs ($cfs_nodelist_count) don't agree about size of nodelist.")
179 if $conf_nodelist_count != $cfs_nodelist_count;
180
181 foreach my $cs_node (keys %$conf_nodelist) {
182 my $entry = $conf_nodelist->{$cs_node};
183 log_fail("No name entry for node '$cs_node' in corosync.conf.")
184 if !defined($entry->{name});
185 log_fail("No nodeid configured for node '$cs_node' in corosync.conf.")
186 if !defined($entry->{nodeid});
187
188 my $verify_ring_ip = sub {
189 my $key = shift;
190 my $ring = $entry->{$key};
191 if (defined($ring) && !PVE::JSONSchema::pve_verify_ip($ring, 1)) {
192 log_fail("$key '$ring' of node '$cs_node' is not an IP address, consider replacing it with the currently resolved IP address.");
193 }
194 };
195 $verify_ring_ip->('ring0_addr');
196 $verify_ring_ip->('ring1_addr');
197 }
198
199 my $totem = $conf->{main}->{totem};
200
201 my $transport = $totem->{transport};
202 if (defined($transport)) {
203 log_fail("Corosync transport expliclitly set to '$transport' instead of implicit default!");
204 }
205
206 if ((!defined($totem->{secauth}) || $totem->{secauth} ne 'on') && (!defined($totem->{crypto_cipher}) || $totem->{crypto_cipher} eq 'none')) {
207 log_fail("Corosync authentication/encryption is not explicitly enabled (secauth / crypto_cipher / crypto_hash)!");
208 }
209
210 if (defined($totem->{crypto_cipher}) && $totem->{crypto_cipher} eq '3des') {
211 log_fail("Corosync encryption cipher set to '3des', no longer supported in Corosync 3.x!");
212 }
213
214 my $prefix_info = sub { my $line = shift; log_info("$line"); };
215 eval {
216 print "\n";
217 log_info("Printing detailed cluster status..");
218 PVE::Tools::run_command(['corosync-quorumtool', '-siH'], outfunc => $prefix_info, errfunc => $prefix_info);
219 };
220
221 print "\nCHECKING INSTALLED COROSYNC VERSION\n\n";
222 if (defined(my $corosync = $get_pkg->('corosync'))) {
223 if ($corosync->{OldVersion} =~ m/^2\./) {
224 log_fail("corosync 2.x installed, cluster-wide upgrade to 3.x needed!");
225 } elsif ($corosync->{OldVersion} =~ m/^3\./) {
226 log_pass("corosync 3.x installed.");
227 } else {
228 log_fail("unexpected corosync version installed: $corosync->{OldVersion}!");
229 }
230 }
231 }
232
233 sub check_ceph {
234 print "\nCHECKING HYPER-CONVERGED CEPH STATUS\n\n";
235
236 if (PVE::Ceph::Tools::check_ceph_inited(1)) {
237 log_info("hyper-converged ceph setup detected!");
238 } else {
239 log_skip("no hyper-converged ceph setup detected!");
240 return;
241 }
242
243 log_info("getting Ceph status/health information..");
244 my $ceph_status = eval { PVE::API2::Ceph->status({ node => $nodename }); };
245 my $osd_flags = eval { PVE::API2::Ceph->get_flags({ node => $nodename }); };
246 my $noout;
247 $noout = $osd_flags =~ m/noout/ if $osd_flags;
248
249 if (!$ceph_status || !$ceph_status->{health}) {
250 log_fail("unable to determine Ceph status!");
251 } else {
252 my $ceph_health = $ceph_status->{health}->{status};
253 if (!$ceph_health) {
254 log_fail("unable to determine Ceph health!");
255 } elsif ($ceph_health eq 'HEALTH_OK') {
256 log_pass("Ceph health reported as 'HEALTH_OK'.");
257 } elsif ($ceph_health eq 'HEALTH_WARN' && $noout && (keys %{$ceph_status->{health}->{checks}} == 1)) {
258 log_pass("Ceph health reported as 'HEALTH_WARN' with a single failing check and 'noout' flag set.");
259 } else {
260 log_warn("Ceph health reported as '$ceph_health'");
261 }
262 }
263
264 log_info("getting Ceph OSD flags..");
265 eval {
266 if (!$osd_flags) {
267 log_fail("unable to get Ceph OSD flags!");
268 } else {
269 if ($osd_flags =~ m/recovery_deletes/ && $osd_flags =~ m/purged_snapdirs/) {
270 log_pass("all PGs have been scrubbed at least once while running Ceph Luminous.");
271 } else {
272 log_fail("missing 'recovery_deletes' and/or 'purged_snapdirs' flag, scrub of all PGs required before upgrading to Nautilus!");
273 }
274 if ($noout) {
275 log_pass("noout flag set to prevent rebalancing during cluster-wide upgrades.");
276 } else {
277 log_warn("noout flag not set - recommended to prevent rebalancing during upgrades.");
278 }
279 }
280 };
281
282 log_info("getting Ceph daemon versions..");
283 my $ceph_versions = eval { PVE::Ceph::Tools::get_cluster_versions(undef, 1); };
284 if (!$ceph_versions) {
285 log_fail("unable to determine Ceph daemon versions!");
286 } else {
287 my $services = [
288 { 'key' => 'mon', 'name' => 'monitor' },
289 { 'key' => 'mgr', 'name' => 'manager' },
290 { 'key' => 'mds', 'name' => 'MDS' },
291 { 'key' => 'osd', 'name' => 'OSD' },
292 ];
293
294 foreach my $service (@$services) {
295 my $name = $service->{name};
296 if (my $service_versions = $ceph_versions->{$service->{key}}) {
297 if (keys %$service_versions == 0) {
298 log_skip("no running instances detected for daemon type $name.");
299 } elsif (keys %$service_versions == 1) {
300 log_pass("single running version detected for daemon type $name.");
301 } else {
302 log_warn("multiple running versions detected for daemon type $name!");
303 }
304 } else {
305 log_skip("unable to determine versions of running Ceph $name instances.");
306 }
307 }
308
309 my $overall_versions = $ceph_versions->{overall};
310 if (!$overall_versions) {
311 log_warn("unable to determine overall Ceph daemon versions!");
312 } elsif (keys %$overall_versions == 1) {
313 log_pass("single running overall version detected for all Ceph daemon types.");
314 } else {
315 log_warn("overall version mismatch detected, check 'ceph versions' output for details!");
316 }
317 }
318 }
319
320 sub check_misc {
321 print "\nMISCELLANEOUS CHECKS\n\n";
322 my $ssh_config = eval { PVE::Tools::file_get_contents('/root/.ssh/config') };
323 if (defined($ssh_config)) {
324 log_fail("Unsupported SSH Cipher configured for root in /root/.ssh/config: $1")
325 if $ssh_config =~ /^Ciphers .*(blowfish|arcfour|3des).*$/m;
326 } else {
327 log_skip("No SSH config file found.");
328 }
329
330 my $root_free = PVE::Tools::df('/', 10);
331 log_warn("Less than 2G free space on root file system.")
332 if defined($root_free) && $root_free->{avail} < 2*1024*1024*1024;
333
334 my $running_guests = 0;
335 my $vms = eval { PVE::API2::Qemu->vmlist({ node => $nodename }) };
336 log_warn("Failed to retrieve information about this node's VMs - $@") if $@;
337 $running_guests += grep { $_->{status} eq 'running' } @$vms
338 if defined($vms);
339 my $cts = eval { PVE::API2::LXC->vmlist({ node => $nodename }) };
340 log_warn("Failed to retrieve information about this node's CTs - $@") if $@;
341 $running_guests += grep { $_->{status} eq 'running' } @$cts
342 if defined($cts);
343 log_warn("$running_guests running guests detected - consider migrating/stopping them.")
344 if $running_guests > 0;
345 }
346
347 __PACKAGE__->register_method ({
348 name => 'checklist',
349 path => 'checklist',
350 method => 'GET',
351 description => 'Check (pre-/post-)upgrade conditions.',
352 parameters => {
353 additionalProperties => 0,
354 properties => {
355 },
356 },
357 returns => { type => 'null' },
358 code => sub {
359 my ($param) = @_;
360
361 check_pve_packages();
362 check_cluster_corosync();
363 check_ceph();
364 check_storage_health();
365 check_misc();
366
367 print "\n\nSUMMARY:\n";
368 print colored("PASSED: $counters->{pass}\n", 'green');
369 print "SKIPPED: $counters->{skip}\n";
370 print colored("WARNINGS: $counters->{warn}\n", 'yellow');
371 print colored("FAILURES: $counters->{fail}\n", 'red');
372
373 print colored("\nATTENTION: Please check the output for detailed information!\n", 'red')
374 if ($counters->{warn} > 0 || $counters->{fail} > 0);
375
376 return undef;
377 }});
378
379 our $cmddef = {
380 checklist => [ __PACKAGE__, 'checklist', [], {}],
381 };
382
383 1;
The Proxmox VE Management API and Web UI