$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.CPU']);
} elsif ($opt eq 'boot' || $opt eq 'bootdisk') {
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Disk']);
- } elsif ($opt eq 'memory' || $opt eq 'balloon') {
+ } elsif ($opt eq 'memory' || $opt eq 'balloon' || $opt eq 'shares') {
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Memory']);
} elsif ($opt eq 'args' || $opt eq 'lock') {
die "only root can set '$opt' config\n";
{ subdir => 'rrd' },
{ subdir => 'rrddata' },
{ subdir => 'monitor' },
+ { subdir => 'snapshot' },
];
return $res;
my $conf = PVE::QemuServer::load_config($param->{vmid});
+ delete $conf->{snapshots};
+
return $conf;
}});
PVE::QemuServer::update_config_nolock($vmid, $conf, 1);
};
-my $safe_int_ne = sub {
+my $safe_num_ne = sub {
my ($a, $b) = @_;
return 0 if !defined($a) && !defined($b);
$conf = PVE::QemuServer::load_config($vmid); # update/reload
}
- if(&$safe_int_ne($drive->{bps}, $old_drive->{bps}) ||
- &$safe_int_ne($drive->{bps_rd}, $old_drive->{bps_rd}) ||
- &$safe_int_ne($drive->{bps_wr}, $old_drive->{bps_wr}) ||
- &$safe_int_ne($drive->{iops}, $old_drive->{iops}) ||
- &$safe_int_ne($drive->{iops_rd}, $old_drive->{iops_rd}) ||
- &$safe_int_ne($drive->{iops_wr}, $old_drive->{iops_wr})) {
- PVE::QemuServer::qemu_block_set_io_throttle($vmid,"drive-$opt",$drive->{bps}, $drive->{bps_rd}, $drive->{bps_wr}, $drive->{iops}, $drive->{iops_rd}, $drive->{iops_wr}) if !PVE::QemuServer::drive_is_cdrom($drive);
+ if(&$safe_num_ne($drive->{mbps}, $old_drive->{mbps}) ||
+ &$safe_num_ne($drive->{mbps_rd}, $old_drive->{mbps_rd}) ||
+ &$safe_num_ne($drive->{mbps_wr}, $old_drive->{mbps_wr}) ||
+ &$safe_num_ne($drive->{iops}, $old_drive->{iops}) ||
+ &$safe_num_ne($drive->{iops_rd}, $old_drive->{iops_rd}) ||
+ &$safe_num_ne($drive->{iops_wr}, $old_drive->{iops_wr})) {
+ PVE::QemuServer::qemu_block_set_io_throttle($vmid,"drive-$opt", $drive->{mbps}*1024*1024,
+ $drive->{mbps_rd}*1024*1024, $drive->{mbps_wr}*1024*1024,
+ $drive->{iops}, $drive->{iops_rd}, $drive->{iops_wr})
+ if !PVE::QemuServer::drive_is_cdrom($drive);
}
}
}
$remip = PVE::Cluster::remote_node_ip($node);
}
- # NOTE: kvm VNC traffic is already TLS encrypted,
- # so we select the fastest chipher here (or 'none'?)
- my $remcmd = $remip ? ['/usr/bin/ssh', '-T', '-o', 'BatchMode=yes',
- '-c', 'blowfish-cbc', $remip] : [];
+ # NOTE: kvm VNC traffic is already TLS encrypted
+ my $remcmd = $remip ? ['/usr/bin/ssh', '-T', '-o', 'BatchMode=yes', $remip] : [];
my $timeout = 10;
my $upid = $rpcenv->fork_worker('vncproxy', $vmid, $authuser, $realcmd);
+ PVE::Tools::wait_for_vnc_port($port);
+
return {
user => $authuser,
ticket => $ticket,
vmid => get_standard_option('pve-vmid'),
skiplock => get_standard_option('skiplock'),
stateuri => get_standard_option('pve-qm-stateuri'),
+ migratedfrom => get_standard_option('pve-node',{ optional => 1 }),
+
},
},
returns => {
raise_param_exc({ skiplock => "Only root may use this option." })
if $skiplock && $authuser ne 'root@pam';
+ my $migratedfrom = extract_param($param, 'migratedfrom');
+ raise_param_exc({ migratedfrom => "Only root may use this option." })
+ if $migratedfrom && $authuser ne 'root@pam';
+
my $storecfg = PVE::Storage::config();
if (&$vm_is_ha_managed($vmid) && !$stateuri &&
syslog('info', "start VM $vmid: $upid\n");
- PVE::QemuServer::vm_start($storecfg, $vmid, $stateuri, $skiplock);
+ PVE::QemuServer::vm_start($storecfg, $vmid, $stateuri, $skiplock, $migratedfrom);
return;
};
node => get_standard_option('pve-node'),
vmid => get_standard_option('pve-vmid'),
skiplock => get_standard_option('skiplock'),
+ migratedfrom => get_standard_option('pve-node',{ optional => 1 }),
timeout => {
description => "Wait maximal timeout seconds.",
type => 'integer',
raise_param_exc({ keepActive => "Only root may use this option." })
if $keepActive && $authuser ne 'root@pam';
+ my $migratedfrom = extract_param($param, 'migratedfrom');
+ raise_param_exc({ migratedfrom => "Only root may use this option." })
+ if $migratedfrom && $authuser ne 'root@pam';
+
+
my $storecfg = PVE::Storage::config();
if (&$vm_is_ha_managed($vmid) && $rpcenv->{type} ne 'ha') {
syslog('info', "stop VM $vmid: $upid\n");
PVE::QemuServer::vm_stop($storecfg, $vmid, $skiplock, 0,
- $param->{timeout}, 0, 1, $keepActive);
+ $param->{timeout}, 0, 1, $keepActive, $migratedfrom);
return;
};
return;
}});
+__PACKAGE__->register_method({
+ name => 'vm_feature',
+ path => '{vmid}/feature',
+ method => 'GET',
+ proxyto => 'node',
+ protected => 1,
+ description => "Check if feature for virtual machine is available.",
+ permissions => {
+ check => ['perm', '/vms/{vmid}', [ 'VM.Audit' ]],
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ vmid => get_standard_option('pve-vmid'),
+ feature => {
+ description => "Feature to check.",
+ type => 'string',
+ enum => [ 'snapshot', 'clone' ],
+ },
+ snapname => get_standard_option('pve-snapshot-name', {
+ optional => 1,
+ }),
+ },
+
+ },
+ returns => {
+ type => 'boolean'
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $node = extract_param($param, 'node');
+
+ my $vmid = extract_param($param, 'vmid');
+
+ my $snapname = extract_param($param, 'snapname');
+
+ my $feature = extract_param($param, 'feature');
+
+ my $running = PVE::QemuServer::check_running($vmid);
+
+ my $conf = PVE::QemuServer::load_config($vmid);
+
+ if($snapname){
+ my $snap = $conf->{snapshots}->{$snapname};
+ die "snapshot '$snapname' does not exist\n" if !defined($snap);
+ $conf = $snap;
+ }
+ my $storecfg = PVE::Storage::config();
+
+ my $hasfeature = PVE::QemuServer::has_feature($feature, $conf, $storecfg, $snapname, $running);
+ my $res = $hasfeature ? 1 : 0 ;
+ return $res;
+ }});
+
__PACKAGE__->register_method({
name => 'migrate_vm',
path => '{vmid}/migrate',
return undef;
}});
+__PACKAGE__->register_method({
+ name => 'snapshot_list',
+ path => '{vmid}/snapshot',
+ method => 'GET',
+ description => "List all snapshots.",
+ permissions => {
+ check => ['perm', '/vms/{vmid}', [ 'VM.Audit' ]],
+ },
+ proxyto => 'node',
+ protected => 1, # qemu pid files are only readable by root
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ vmid => get_standard_option('pve-vmid'),
+ node => get_standard_option('pve-node'),
+ },
+ },
+ returns => {
+ type => 'array',
+ items => {
+ type => "object",
+ properties => {},
+ },
+ links => [ { rel => 'child', href => "{name}" } ],
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $vmid = $param->{vmid};
+
+ my $conf = PVE::QemuServer::load_config($vmid);
+ my $snaphash = $conf->{snapshots} || {};
+
+ my $res = [];
+
+ foreach my $name (keys %$snaphash) {
+ my $d = $snaphash->{$name};
+ my $item = {
+ name => $name,
+ snaptime => $d->{snaptime} || 0,
+ vmstate => $d->{vmstate} ? 1 : 0,
+ description => $d->{description} || '',
+ };
+ $item->{parent} = $d->{parent} if $d->{parent};
+ $item->{snapstate} = $d->{snapstate} if $d->{snapstate};
+ push @$res, $item;
+ }
+
+ my $running = PVE::QemuServer::check_running($vmid, 1) ? 1 : 0;
+ my $current = { name => 'current', digest => $conf->{digest}, running => $running };
+ $current->{parent} = $conf->{parent} if $conf->{parent};
+
+ push @$res, $current;
+
+ return $res;
+ }});
+
+__PACKAGE__->register_method({
+ name => 'snapshot',
+ path => '{vmid}/snapshot',
+ method => 'POST',
+ protected => 1,
+ proxyto => 'node',
+ description => "Snapshot a VM.",
+ permissions => {
+ check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot' ]],
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ vmid => get_standard_option('pve-vmid'),
+ snapname => get_standard_option('pve-snapshot-name'),
+ vmstate => {
+ optional => 1,
+ type => 'boolean',
+ description => "Save the vmstate",
+ },
+ freezefs => {
+ optional => 1,
+ type => 'boolean',
+ description => "Freeze the filesystem",
+ },
+ description => {
+ optional => 1,
+ type => 'string',
+ description => "A textual description or comment.",
+ },
+ },
+ },
+ returns => {
+ type => 'string',
+ description => "the task ID.",
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $rpcenv = PVE::RPCEnvironment::get();
+
+ my $authuser = $rpcenv->get_user();
+
+ my $node = extract_param($param, 'node');
+
+ my $vmid = extract_param($param, 'vmid');
+
+ my $snapname = extract_param($param, 'snapname');
+
+ die "unable to use snapshot name 'current' (reserved name)\n"
+ if $snapname eq 'current';
+
+ my $realcmd = sub {
+ PVE::Cluster::log_msg('info', $authuser, "snapshot VM $vmid: $snapname");
+ PVE::QemuServer::snapshot_create($vmid, $snapname, $param->{vmstate},
+ $param->{freezefs}, $param->{description});
+ };
+
+ return $rpcenv->fork_worker('qmsnapshot', $vmid, $authuser, $realcmd);
+ }});
+
+__PACKAGE__->register_method({
+ name => 'snapshot_cmd_idx',
+ path => '{vmid}/snapshot/{snapname}',
+ description => '',
+ method => 'GET',
+ permissions => {
+ user => 'all',
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ vmid => get_standard_option('pve-vmid'),
+ node => get_standard_option('pve-node'),
+ snapname => get_standard_option('pve-snapshot-name'),
+ },
+ },
+ returns => {
+ type => 'array',
+ items => {
+ type => "object",
+ properties => {},
+ },
+ links => [ { rel => 'child', href => "{cmd}" } ],
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $res = [];
+
+ push @$res, { cmd => 'rollback' };
+ push @$res, { cmd => 'config' };
+
+ return $res;
+ }});
+
+__PACKAGE__->register_method({
+ name => 'update_snapshot_config',
+ path => '{vmid}/snapshot/{snapname}/config',
+ method => 'PUT',
+ protected => 1,
+ proxyto => 'node',
+ description => "Update snapshot metadata.",
+ permissions => {
+ check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot' ]],
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ vmid => get_standard_option('pve-vmid'),
+ snapname => get_standard_option('pve-snapshot-name'),
+ description => {
+ optional => 1,
+ type => 'string',
+ description => "A textual description or comment.",
+ },
+ },
+ },
+ returns => { type => 'null' },
+ code => sub {
+ my ($param) = @_;
+
+ my $rpcenv = PVE::RPCEnvironment::get();
+
+ my $authuser = $rpcenv->get_user();
+
+ my $vmid = extract_param($param, 'vmid');
+
+ my $snapname = extract_param($param, 'snapname');
+
+ return undef if !defined($param->{description});
+
+ my $updatefn = sub {
+
+ my $conf = PVE::QemuServer::load_config($vmid);
+
+ PVE::QemuServer::check_lock($conf);
+
+ my $snap = $conf->{snapshots}->{$snapname};
+
+ die "snapshot '$snapname' does not exist\n" if !defined($snap);
+
+ $snap->{description} = $param->{description} if defined($param->{description});
+
+ PVE::QemuServer::update_config_nolock($vmid, $conf, 1);
+ };
+
+ PVE::QemuServer::lock_config($vmid, $updatefn);
+
+ return undef;
+ }});
+
+__PACKAGE__->register_method({
+ name => 'get_snapshot_config',
+ path => '{vmid}/snapshot/{snapname}/config',
+ method => 'GET',
+ proxyto => 'node',
+ description => "Get snapshot configuration",
+ permissions => {
+ check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot' ]],
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ vmid => get_standard_option('pve-vmid'),
+ snapname => get_standard_option('pve-snapshot-name'),
+ },
+ },
+ returns => { type => "object" },
+ code => sub {
+ my ($param) = @_;
+
+ my $rpcenv = PVE::RPCEnvironment::get();
+
+ my $authuser = $rpcenv->get_user();
+
+ my $vmid = extract_param($param, 'vmid');
+
+ my $snapname = extract_param($param, 'snapname');
+
+ my $conf = PVE::QemuServer::load_config($vmid);
+
+ my $snap = $conf->{snapshots}->{$snapname};
+
+ die "snapshot '$snapname' does not exist\n" if !defined($snap);
+
+ return $snap;
+ }});
+
+__PACKAGE__->register_method({
+ name => 'rollback',
+ path => '{vmid}/snapshot/{snapname}/rollback',
+ method => 'POST',
+ protected => 1,
+ proxyto => 'node',
+ description => "Rollback VM state to specified snapshot.",
+ permissions => {
+ check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot' ]],
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ vmid => get_standard_option('pve-vmid'),
+ snapname => get_standard_option('pve-snapshot-name'),
+ },
+ },
+ returns => {
+ type => 'string',
+ description => "the task ID.",
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $rpcenv = PVE::RPCEnvironment::get();
+
+ my $authuser = $rpcenv->get_user();
+
+ my $node = extract_param($param, 'node');
+
+ my $vmid = extract_param($param, 'vmid');
+
+ my $snapname = extract_param($param, 'snapname');
+
+ my $realcmd = sub {
+ PVE::Cluster::log_msg('info', $authuser, "rollback snapshot VM $vmid: $snapname");
+ PVE::QemuServer::snapshot_rollback($vmid, $snapname);
+ };
+
+ return $rpcenv->fork_worker('qmrollback', $vmid, $authuser, $realcmd);
+ }});
+
+__PACKAGE__->register_method({
+ name => 'delsnapshot',
+ path => '{vmid}/snapshot/{snapname}',
+ method => 'DELETE',
+ protected => 1,
+ proxyto => 'node',
+ description => "Delete a VM snapshot.",
+ permissions => {
+ check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot' ]],
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ vmid => get_standard_option('pve-vmid'),
+ snapname => get_standard_option('pve-snapshot-name'),
+ force => {
+ optional => 1,
+ type => 'boolean',
+ description => "For removal from config file, even if removing disk snapshots fails.",
+ },
+ },
+ },
+ returns => {
+ type => 'string',
+ description => "the task ID.",
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $rpcenv = PVE::RPCEnvironment::get();
+
+ my $authuser = $rpcenv->get_user();
+
+ my $node = extract_param($param, 'node');
+
+ my $vmid = extract_param($param, 'vmid');
+
+ my $snapname = extract_param($param, 'snapname');
+
+ my $realcmd = sub {
+ PVE::Cluster::log_msg('info', $authuser, "delete snapshot VM $vmid: $snapname");
+ PVE::QemuServer::snapshot_delete($vmid, $snapname, $param->{force});
+ };
+
+ return $rpcenv->fork_worker('qmdelsnapshot', $vmid, $authuser, $realcmd);
+ }});
+
1;