]> git.proxmox.com Git - pve-storage.git/blob - PVE/CLI/pvesm.pm
projects / pve-storage.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
pbs: allow setting up a master key
[pve-storage.git] / PVE / CLI / pvesm.pm
1 package PVE::CLI::pvesm;
2
3 use strict;
4 use warnings;
5
6 use POSIX qw(O_RDONLY O_WRONLY O_CREAT O_TRUNC);
7 use Fcntl ':flock';
8 use File::Path;
9 use MIME::Base64 qw(encode_base64);
10
11 use IO::Socket::IP;
12 use IO::Socket::UNIX;
13 use Socket qw(SOCK_STREAM);
14
15 use PVE::SafeSyslog;
16 use PVE::Cluster;
17 use PVE::INotify;
18 use PVE::RPCEnvironment;
19 use PVE::Storage;
20 use PVE::Tools qw(extract_param);
21 use PVE::API2::Storage::Config;
22 use PVE::API2::Storage::Content;
23 use PVE::API2::Storage::PruneBackups;
24 use PVE::API2::Storage::Scan;
25 use PVE::API2::Storage::Status;
26 use PVE::JSONSchema qw(get_standard_option);
27 use PVE::PTY;
28
29 use PVE::CLIHandler;
30
31 use base qw(PVE::CLIHandler);
32
33 my $KNOWN_EXPORT_FORMATS = ['raw+size', 'tar+size', 'qcow2+size', 'vmdk+size', 'zfs'];
34
35 my $nodename = PVE::INotify::nodename();
36
37 sub param_mapping {
38 my ($name) = @_;
39
40 my $password_map = PVE::CLIHandler::get_standard_mapping('pve-password', {
41 func => sub {
42 my ($value) = @_;
43 return $value if $value;
44 return PVE::PTY::read_password("Enter Password: ");
45 },
46 });
47
48 my $enc_key_map = {
49 name => 'encryption-key',
50 desc => 'a file containing an encryption key, or the special value "autogen"',
51 func => sub {
52 my ($value) = @_;
53 return $value if $value eq 'autogen';
54 return PVE::Tools::file_get_contents($value);
55 }
56 };
57
58 my $master_key_map = {
59 name => 'master-pubkey',
60 desc => 'a file containing a PEM-formatted master public key',
61 func => sub {
62 my ($value) = @_;
63 return encode_base64(PVE::Tools::file_get_contents($value), '');
64 }
65 };
66
67
68 my $mapping = {
69 'cifsscan' => [ $password_map ],
70 'cifs' => [ $password_map ],
71 'pbs' => [ $password_map ],
72 'create' => [ $password_map, $enc_key_map, $master_key_map ],
73 'update' => [ $password_map, $enc_key_map, $master_key_map ],
74 };
75 return $mapping->{$name};
76 }
77
78 sub setup_environment {
79 PVE::RPCEnvironment->setup_default_cli_env();
80 }
81
82 __PACKAGE__->register_method ({
83 name => 'apiinfo',
84 path => 'apiinfo',
85 method => 'GET',
86 description => "Returns APIVER and APIAGE.",
87 parameters => {
88 additionalProperties => 0,
89 properties => {},
90 },
91 returns => {
92 type => 'object',
93 properties => {
94 apiver => { type => 'integer' },
95 apiage => { type => 'integer' },
96 },
97 },
98 code => sub {
99 return {
100 apiver => PVE::Storage::APIVER,
101 apiage => PVE::Storage::APIAGE,
102 };
103 }
104 });
105
106 __PACKAGE__->register_method ({
107 name => 'path',
108 path => 'path',
109 method => 'GET',
110 description => "Get filesystem path for specified volume",
111 parameters => {
112 additionalProperties => 0,
113 properties => {
114 volume => {
115 description => "Volume identifier",
116 type => 'string', format => 'pve-volume-id',
117 completion => \&PVE::Storage::complete_volume,
118 },
119 },
120 },
121 returns => { type => 'null' },
122
123 code => sub {
124 my ($param) = @_;
125
126 my $cfg = PVE::Storage::config();
127
128 my $path = PVE::Storage::path ($cfg, $param->{volume});
129
130 print "$path\n";
131
132 return undef;
133
134 }});
135
136 __PACKAGE__->register_method ({
137 name => 'extractconfig',
138 path => 'extractconfig',
139 method => 'GET',
140 description => "Extract configuration from vzdump backup archive.",
141 permissions => {
142 description => "The user needs 'VM.Backup' permissions on the backed up guest ID, and 'Datastore.AllocateSpace' on the backup storage.",
143 user => 'all',
144 },
145 protected => 1,
146 parameters => {
147 additionalProperties => 0,
148 properties => {
149 volume => {
150 description => "Volume identifier",
151 type => 'string',
152 completion => \&PVE::Storage::complete_volume,
153 },
154 },
155 },
156 returns => { type => 'null' },
157 code => sub {
158 my ($param) = @_;
159 my $volume = $param->{volume};
160
161 my $rpcenv = PVE::RPCEnvironment::get();
162 my $authuser = $rpcenv->get_user();
163
164 my $storage_cfg = PVE::Storage::config();
165 PVE::Storage::check_volume_access($rpcenv, $authuser, $storage_cfg, undef, $volume);
166
167 my $config_raw = PVE::Storage::extract_vzdump_config($storage_cfg, $volume);
168
169 print "$config_raw\n";
170 return;
171 }});
172
173 my $print_content = sub {
174 my ($list) = @_;
175
176 my ($maxlenname, $maxsize) = (0, 0);
177 foreach my $info (@$list) {
178 my $volid = $info->{volid};
179 my $sidlen = length ($volid);
180 $maxlenname = $sidlen if $sidlen > $maxlenname;
181 $maxsize = $info->{size} if ($info->{size} // 0) > $maxsize;
182 }
183 my $sizemaxdigits = length($maxsize);
184
185 my $basefmt = "%-${maxlenname}s %-7s %-9s %${sizemaxdigits}s";
186 printf "$basefmt %s\n", "Volid", "Format", "Type", "Size", "VMID";
187
188 foreach my $info (@$list) {
189 next if !$info->{vmid};
190 my $volid = $info->{volid};
191
192 printf "$basefmt %d\n", $volid, $info->{format}, $info->{content}, $info->{size}, $info->{vmid};
193 }
194
195 foreach my $info (sort { $a->{format} cmp $b->{format} } @$list) {
196 next if $info->{vmid};
197 my $volid = $info->{volid};
198
199 printf "$basefmt\n", $volid, $info->{format}, $info->{content}, $info->{size};
200 }
201 };
202
203 my $print_status = sub {
204 my $res = shift;
205
206 my $maxlen = 0;
207 foreach my $res (@$res) {
208 my $storeid = $res->{storage};
209 $maxlen = length ($storeid) if length ($storeid) > $maxlen;
210 }
211 $maxlen+=1;
212
213 printf "%-${maxlen}s %10s %10s %15s %15s %15s %8s\n", 'Name', 'Type',
214 'Status', 'Total', 'Used', 'Available', '%';
215
216 foreach my $res (sort { $a->{storage} cmp $b->{storage} } @$res) {
217 my $storeid = $res->{storage};
218
219 my $active = $res->{active} ? 'active' : 'inactive';
220 my ($per, $per_fmt) = (0, '% 7.2f%%');
221 $per = ($res->{used}*100)/$res->{total} if $res->{total} > 0;
222
223 if (!$res->{enabled}) {
224 $per = 'N/A';
225 $per_fmt = '% 8s';
226 $active = 'disabled';
227 }
228
229 printf "%-${maxlen}s %10s %10s %15d %15d %15d $per_fmt\n", $storeid,
230 $res->{type}, $active, $res->{total}/1024, $res->{used}/1024,
231 $res->{avail}/1024, $per;
232 }
233 };
234
235 __PACKAGE__->register_method ({
236 name => 'export',
237 path => 'export',
238 method => 'GET',
239 description => "Used internally to export a volume.",
240 protected => 1,
241 parameters => {
242 additionalProperties => 0,
243 properties => {
244 volume => {
245 description => "Volume identifier",
246 type => 'string',
247 completion => \&PVE::Storage::complete_volume,
248 },
249 format => {
250 description => "Export stream format",
251 type => 'string',
252 enum => $KNOWN_EXPORT_FORMATS,
253 },
254 filename => {
255 description => "Destination file name",
256 type => 'string',
257 },
258 base => {
259 description => "Snapshot to start an incremental stream from",
260 type => 'string',
261 pattern => qr/[a-z0-9_\-]{1,40}/i,
262 maxLength => 40,
263 optional => 1,
264 },
265 snapshot => {
266 description => "Snapshot to export",
267 type => 'string',
268 pattern => qr/[a-z0-9_\-]{1,40}/i,
269 maxLength => 40,
270 optional => 1,
271 },
272 'with-snapshots' => {
273 description =>
274 "Whether to include intermediate snapshots in the stream",
275 type => 'boolean',
276 optional => 1,
277 default => 0,
278 },
279 },
280 },
281 returns => { type => 'null' },
282 code => sub {
283 my ($param) = @_;
284
285 my $filename = $param->{filename};
286
287 my $outfh;
288 if ($filename eq '-') {
289 $outfh = \*STDOUT;
290 } else {
291 sysopen($outfh, $filename, O_CREAT|O_WRONLY|O_TRUNC)
292 or die "open($filename): $!\n";
293 }
294
295 eval {
296 my $cfg = PVE::Storage::config();
297 PVE::Storage::volume_export($cfg, $outfh, $param->{volume}, $param->{format},
298 $param->{snapshot}, $param->{base}, $param->{'with-snapshots'});
299 };
300 my $err = $@;
301 if ($filename ne '-') {
302 close($outfh);
303 unlink($filename) if $err;
304 }
305 die $err if $err;
306 return;
307 }
308 });
309
310 __PACKAGE__->register_method ({
311 name => 'import',
312 path => 'import',
313 method => 'PUT',
314 description => "Used internally to import a volume.",
315 protected => 1,
316 parameters => {
317 additionalProperties => 0,
318 properties => {
319 volume => {
320 description => "Volume identifier",
321 type => 'string',
322 completion => \&PVE::Storage::complete_volume,
323 },
324 format => {
325 description => "Import stream format",
326 type => 'string',
327 enum => $KNOWN_EXPORT_FORMATS,
328 },
329 filename => {
330 description => "Source file name. For '-' stdin is used, the " .
331 "tcp://<IP-or-CIDR> format allows to use a TCP connection, " .
332 "the unix://PATH-TO-SOCKET format a UNIX socket as input." .
333 "Else, the file is treated as common file.",
334 type => 'string',
335 },
336 base => {
337 description => "Base snapshot of an incremental stream",
338 type => 'string',
339 pattern => qr/[a-z0-9_\-]{1,40}/i,
340 maxLength => 40,
341 optional => 1,
342 },
343 'with-snapshots' => {
344 description =>
345 "Whether the stream includes intermediate snapshots",
346 type => 'boolean',
347 optional => 1,
348 default => 0,
349 },
350 'delete-snapshot' => {
351 description => "A snapshot to delete on success",
352 type => 'string',
353 pattern => qr/[a-z0-9_\-]{1,80}/i,
354 maxLength => 80,
355 optional => 1,
356 },
357 'allow-rename' => {
358 description => "Choose a new volume ID if the requested " .
359 "volume ID already exists, instead of throwing an error.",
360 type => 'boolean',
361 optional => 1,
362 default => 0,
363 },
364 },
365 },
366 returns => { type => 'string' },
367 code => sub {
368 my ($param) = @_;
369
370 my $filename = $param->{filename};
371
372 my $infh;
373 if ($filename eq '-') {
374 $infh = \*STDIN;
375 } elsif ($filename =~ m!^tcp://(([^/]+)(/\d+)?)$!) {
376 my ($cidr, $ip, $subnet) = ($1, $2, $3);
377 if ($subnet) { # got real CIDR notation, not just IP
378 my $ips = PVE::Network::get_local_ip_from_cidr($cidr);
379 die "Unable to get any local IP address in network '$cidr'\n"
380 if scalar(@$ips) < 1;
381 die "Got multiple local IP address in network '$cidr'\n"
382 if scalar(@$ips) > 1;
383
384 $ip = $ips->[0];
385 }
386 my $family = PVE::Tools::get_host_address_family($ip);
387 my $port = PVE::Tools::next_migrate_port($family, $ip);
388
389 my $sock_params = {
390 Listen => 1,
391 ReuseAddr => 1,
392 Proto => &Socket::IPPROTO_TCP,
393 GetAddrInfoFlags => 0,
394 LocalAddr => $ip,
395 LocalPort => $port,
396 };
397 my $socket = IO::Socket::IP->new(%$sock_params)
398 or die "failed to open socket: $!\n";
399
400 print "$ip\n$port\n"; # tell remote where to connect
401 *STDOUT->flush();
402
403 my $prev_alarm = alarm 0;
404 local $SIG{ALRM} = sub { die "timed out waiting for client\n" };
405 alarm 30;
406 my $client = $socket->accept; # Wait for a client
407 alarm $prev_alarm;
408 close($socket);
409
410 $infh = \*$client;
411 } elsif ($filename =~ m!^unix://(.*)$!) {
412 my $socket_path = $1;
413 my $socket = IO::Socket::UNIX->new(
414 Type => SOCK_STREAM(),
415 Local => $socket_path,
416 Listen => 1,
417 ) or die "failed to open socket: $!\n";
418
419 print "ready\n";
420 *STDOUT->flush();
421
422 my $prev_alarm = alarm 0;
423 local $SIG{ALRM} = sub { die "timed out waiting for client\n" };
424 alarm 30;
425 my $client = $socket->accept; # Wait for a client
426 alarm $prev_alarm;
427 close($socket);
428
429 $infh = \*$client;
430 } else {
431 sysopen($infh, $filename, O_RDONLY)
432 or die "open($filename): $!\n";
433 }
434
435 my $cfg = PVE::Storage::config();
436 my $volume = $param->{volume};
437 my $delete = $param->{'delete-snapshot'};
438 my $imported_volid = PVE::Storage::volume_import($cfg, $infh, $volume, $param->{format},
439 $param->{base}, $param->{'with-snapshots'}, $param->{'allow-rename'});
440 PVE::Storage::volume_snapshot_delete($cfg, $imported_volid, $delete)
441 if defined($delete);
442 return $imported_volid;
443 }
444 });
445
446 __PACKAGE__->register_method ({
447 name => 'prunebackups',
448 path => 'prunebackups',
449 method => 'GET',
450 description => "Prune backups. Only those using the standard naming scheme are considered. " .
451 "If no keep options are specified, those from the storage configuration are used.",
452 protected => 1,
453 proxyto => 'node',
454 parameters => {
455 additionalProperties => 0,
456 properties => {
457 'dry-run' => {
458 description => "Only show what would be pruned, don't delete anything.",
459 type => 'boolean',
460 optional => 1,
461 },
462 node => get_standard_option('pve-node'),
463 storage => get_standard_option('pve-storage-id', {
464 completion => \&PVE::Storage::complete_storage_enabled,
465 }),
466 %{$PVE::Storage::Plugin::prune_backups_format},
467 type => {
468 description => "Either 'qemu' or 'lxc'. Only consider backups for guests of this type.",
469 type => 'string',
470 optional => 1,
471 enum => ['qemu', 'lxc'],
472 },
473 vmid => get_standard_option('pve-vmid', {
474 description => "Only consider backups for this guest.",
475 optional => 1,
476 completion => \&PVE::Cluster::complete_vmid,
477 }),
478 },
479 },
480 returns => {
481 type => 'object',
482 properties => {
483 dryrun => {
484 description => 'If it was a dry run or not. The list will only be defined in that case.',
485 type => 'boolean',
486 },
487 list => {
488 type => 'array',
489 items => {
490 type => 'object',
491 properties => {
492 volid => {
493 description => "Backup volume ID.",
494 type => 'string',
495 },
496 'ctime' => {
497 description => "Creation time of the backup (seconds since the UNIX epoch).",
498 type => 'integer',
499 },
500 'mark' => {
501 description => "Whether the backup would be kept or removed. For backups that don't " .
502 "use the standard naming scheme, it's 'protected'.",
503 type => 'string',
504 },
505 type => {
506 description => "One of 'qemu', 'lxc', 'openvz' or 'unknown'.",
507 type => 'string',
508 },
509 'vmid' => {
510 description => "The VM the backup belongs to.",
511 type => 'integer',
512 optional => 1,
513 },
514 },
515 },
516 },
517 },
518 },
519 code => sub {
520 my ($param) = @_;
521
522 my $dryrun = extract_param($param, 'dry-run') ? 1 : 0;
523
524 my $keep_opts;
525 foreach my $keep (keys %{$PVE::Storage::Plugin::prune_backups_format}) {
526 $keep_opts->{$keep} = extract_param($param, $keep) if defined($param->{$keep});
527 }
528 $param->{'prune-backups'} = PVE::JSONSchema::print_property_string(
529 $keep_opts, $PVE::Storage::Plugin::prune_backups_format) if $keep_opts;
530
531 my $list = [];
532 if ($dryrun) {
533 $list = PVE::API2::Storage::PruneBackups->dryrun($param);
534 } else {
535 PVE::API2::Storage::PruneBackups->delete($param);
536 }
537
538 return {
539 dryrun => $dryrun,
540 list => $list,
541 };
542 }});
543
544 my $print_api_result = sub {
545 my ($data, $schema, $options) = @_;
546 PVE::CLIFormatter::print_api_result($data, $schema, undef, $options);
547 };
548
549 our $cmddef = {
550 add => [ "PVE::API2::Storage::Config", 'create', ['type', 'storage'] ],
551 set => [ "PVE::API2::Storage::Config", 'update', ['storage'] ],
552 remove => [ "PVE::API2::Storage::Config", 'delete', ['storage'] ],
553 status => [ "PVE::API2::Storage::Status", 'index', [],
554 { node => $nodename }, $print_status ],
555 list => [ "PVE::API2::Storage::Content", 'index', ['storage'],
556 { node => $nodename }, $print_content ],
557 alloc => [ "PVE::API2::Storage::Content", 'create', ['storage', 'vmid', 'filename', 'size'],
558 { node => $nodename }, sub {
559 my $volid = shift;
560 print "successfully created '$volid'\n";
561 }],
562 free => [ "PVE::API2::Storage::Content", 'delete', ['volume'],
563 { node => $nodename } ],
564 scan => {
565 nfs => [ "PVE::API2::Storage::Scan", 'nfsscan', ['server'], { node => $nodename }, sub {
566 my $res = shift;
567
568 my $maxlen = 0;
569 foreach my $rec (@$res) {
570 my $len = length ($rec->{path});
571 $maxlen = $len if $len > $maxlen;
572 }
573 foreach my $rec (@$res) {
574 printf "%-${maxlen}s %s\n", $rec->{path}, $rec->{options};
575 }
576 }],
577 cifs => [ "PVE::API2::Storage::Scan", 'cifsscan', ['server'], { node => $nodename }, sub {
578 my $res = shift;
579
580 my $maxlen = 0;
581 foreach my $rec (@$res) {
582 my $len = length ($rec->{share});
583 $maxlen = $len if $len > $maxlen;
584 }
585 foreach my $rec (@$res) {
586 printf "%-${maxlen}s %s\n", $rec->{share}, $rec->{description};
587 }
588 }],
589 glusterfs => [ "PVE::API2::Storage::Scan", 'glusterfsscan', ['server'], { node => $nodename }, sub {
590 my $res = shift;
591
592 foreach my $rec (@$res) {
593 printf "%s\n", $rec->{volname};
594 }
595 }],
596 iscsi => [ "PVE::API2::Storage::Scan", 'iscsiscan', ['portal'], { node => $nodename }, sub {
597 my $res = shift;
598
599 my $maxlen = 0;
600 foreach my $rec (@$res) {
601 my $len = length ($rec->{target});
602 $maxlen = $len if $len > $maxlen;
603 }
604 foreach my $rec (@$res) {
605 printf "%-${maxlen}s %s\n", $rec->{target}, $rec->{portal};
606 }
607 }],
608 lvm => [ "PVE::API2::Storage::Scan", 'lvmscan', [], { node => $nodename }, sub {
609 my $res = shift;
610 foreach my $rec (@$res) {
611 printf "$rec->{vg}\n";
612 }
613 }],
614 lvmthin => [ "PVE::API2::Storage::Scan", 'lvmthinscan', ['vg'], { node => $nodename }, sub {
615 my $res = shift;
616 foreach my $rec (@$res) {
617 printf "$rec->{lv}\n";
618 }
619 }],
620 pbs => [
621 "PVE::API2::Storage::Scan",
622 'pbsscan',
623 ['server', 'username'],
624 { node => $nodename },
625 $print_api_result,
626 $PVE::RESTHandler::standard_output_options,
627 ],
628 zfs => [ "PVE::API2::Storage::Scan", 'zfsscan', [], { node => $nodename }, sub {
629 my $res = shift;
630
631 foreach my $rec (@$res) {
632 printf "$rec->{pool}\n";
633 }
634 }],
635 },
636 nfsscan => { alias => 'scan nfs' },
637 cifsscan => { alias => 'scan cifs' },
638 glusterfsscan => { alias => 'scan glusterfs' },
639 iscsiscan => { alias => 'scan iscsi' },
640 lvmscan => { alias => 'scan lvm' },
641 lvmthinscan => { alias => 'scan lvmthin' },
642 zfsscan => { alias => 'scan zfs' },
643 path => [ __PACKAGE__, 'path', ['volume']],
644 extractconfig => [__PACKAGE__, 'extractconfig', ['volume']],
645 export => [ __PACKAGE__, 'export', ['volume', 'format', 'filename']],
646 import => [ __PACKAGE__, 'import', ['volume', 'format', 'filename'], {}, sub {
647 my $volid = shift;
648 print PVE::Storage::volume_imported_message($volid);
649 }],
650 apiinfo => [ __PACKAGE__, 'apiinfo', [], {}, sub {
651 my $res = shift;
652
653 print "APIVER $res->{apiver}\n";
654 print "APIAGE $res->{apiage}\n";
655 }],
656 'prune-backups' => [ __PACKAGE__, 'prunebackups', ['storage'], { node => $nodename }, sub {
657 my $res = shift;
658
659 my ($dryrun, $list) = ($res->{dryrun}, $res->{list});
660
661 return if !$dryrun;
662
663 if (!scalar(@{$list})) {
664 print "No backups found\n";
665 return;
666 }
667
668 print "NOTE: this is only a preview and might not be what a subsequent\n" .
669 "prune call does if backups are removed/added in the meantime.\n\n";
670
671 my @sorted = sort {
672 my $vmcmp = PVE::Tools::safe_compare($a->{vmid}, $b->{vmid}, sub { $_[0] <=> $_[1] });
673 return $vmcmp if $vmcmp ne 0;
674 return $a->{ctime} <=> $b->{ctime};
675 } @{$list};
676
677 my $maxlen = 0;
678 foreach my $backup (@sorted) {
679 my $volid = $backup->{volid};
680 $maxlen = length($volid) if length($volid) > $maxlen;
681 }
682 $maxlen+=1;
683
684 printf("%-${maxlen}s %15s %10s\n", 'Backup', 'Backup-ID', 'Prune-Mark');
685 foreach my $backup (@sorted) {
686 my $type = $backup->{type};
687 my $vmid = $backup->{vmid};
688 my $backup_id = defined($vmid) ? "$type/$vmid" : "$type";
689 printf("%-${maxlen}s %15s %10s\n", $backup->{volid}, $backup_id, $backup->{mark});
690 }
691 }],
692 };
693
694 1;
Storage library