$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.CPU']);
} elsif ($opt eq 'boot' || $opt eq 'bootdisk') {
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Disk']);
- } elsif ($opt eq 'memory' || $opt eq 'balloon') {
+ } elsif ($opt eq 'memory' || $opt eq 'balloon' || $opt eq 'shares') {
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Memory']);
} elsif ($opt eq 'args' || $opt eq 'lock') {
die "only root can set '$opt' config\n";
{ subdir => 'rrddata' },
{ subdir => 'monitor' },
{ subdir => 'snapshot' },
- { subdir => 'rollback' },
];
return $res;
$remip = PVE::Cluster::remote_node_ip($node);
}
- # NOTE: kvm VNC traffic is already TLS encrypted,
- # so we select the fastest chipher here (or 'none'?)
- my $remcmd = $remip ? ['/usr/bin/ssh', '-T', '-o', 'BatchMode=yes',
- '-c', 'blowfish-cbc', $remip] : [];
+ # NOTE: kvm VNC traffic is already TLS encrypted
+ my $remcmd = $remip ? ['/usr/bin/ssh', '-T', '-o', 'BatchMode=yes', $remip] : [];
my $timeout = 10;
my $upid = $rpcenv->fork_worker('vncproxy', $vmid, $authuser, $realcmd);
+ PVE::Tools::wait_for_vnc_port($port);
+
return {
user => $authuser,
ticket => $ticket,
return;
}});
+__PACKAGE__->register_method({
+ name => 'vm_feature',
+ path => '{vmid}/feature',
+ method => 'GET',
+ proxyto => 'node',
+ protected => 1,
+ description => "Check if feature for virtual machine is available.",
+ permissions => {
+ check => ['perm', '/vms/{vmid}', [ 'VM.Audit' ]],
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ vmid => get_standard_option('pve-vmid'),
+ feature => {
+ description => "Feature to check.",
+ type => 'string',
+ enum => [ 'snapshot', 'clone' ],
+ },
+ snapname => get_standard_option('pve-snapshot-name', {
+ optional => 1,
+ }),
+ },
+
+ },
+ returns => {
+ type => 'boolean'
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $node = extract_param($param, 'node');
+
+ my $vmid = extract_param($param, 'vmid');
+
+ my $snapname = extract_param($param, 'snapname');
+
+ my $feature = extract_param($param, 'feature');
+
+ my $running = PVE::QemuServer::check_running($vmid);
+
+ my $conf = PVE::QemuServer::load_config($vmid);
+
+ if($snapname){
+ my $snap = $conf->{snapshots}->{$snapname};
+ die "snapshot '$snapname' does not exist\n" if !defined($snap);
+ $conf = $snap;
+ }
+ my $storecfg = PVE::Storage::config();
+
+ my $hasfeature = PVE::QemuServer::has_feature($feature, $conf, $storecfg, $snapname, $running);
+ my $res = $hasfeature ? 1 : 0 ;
+ return $res;
+ }});
+
__PACKAGE__->register_method({
name => 'migrate_vm',
path => '{vmid}/migrate',
code => sub {
my ($param) = @_;
- my $conf = PVE::QemuServer::load_config($param->{vmid});
+ my $vmid = $param->{vmid};
+
+ my $conf = PVE::QemuServer::load_config($vmid);
my $snaphash = $conf->{snapshots} || {};
my $res = [];
foreach my $name (keys %$snaphash) {
- push @$res, { name => $name };
+ my $d = $snaphash->{$name};
+ my $item = {
+ name => $name,
+ snaptime => $d->{snaptime} || 0,
+ vmstate => $d->{vmstate} ? 1 : 0,
+ description => $d->{description} || '',
+ };
+ $item->{parent} = $d->{parent} if $d->{parent};
+ $item->{snapstate} = $d->{snapstate} if $d->{snapstate};
+ push @$res, $item;
}
+ my $running = PVE::QemuServer::check_running($vmid, 1) ? 1 : 0;
+ my $current = { name => 'current', digest => $conf->{digest}, running => $running };
+ $current->{parent} = $conf->{parent} if $conf->{parent};
+
+ push @$res, $current;
+
return $res;
}});
proxyto => 'node',
description => "Snapshot a VM.",
permissions => {
- check => ['perm', '/vms/{vmid}', [ 'VM.Config.Disk' ]],
+ check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot' ]],
},
parameters => {
additionalProperties => 0,
properties => {
node => get_standard_option('pve-node'),
vmid => get_standard_option('pve-vmid'),
- snapname => {
- type => 'string',
- description => "The name of the snapshot",
- maxLength => 40,
- },
+ snapname => get_standard_option('pve-snapshot-name'),
vmstate => {
optional => 1,
type => 'boolean',
type => 'boolean',
description => "Freeze the filesystem",
},
+ description => {
+ optional => 1,
+ type => 'string',
+ description => "A textual description or comment.",
+ },
},
},
returns => {
my $snapname = extract_param($param, 'snapname');
- my $vmstate = extract_param($param, 'vmstate');
-
- my $freezefs = extract_param($param, 'freezefs');
-
- # fixme: access rights?
- # &$check_storage_access($rpcenv, $authuser, $storecfg, $vmid, $conf);
- # fixme: need to implement a check to see if all storages support snapshots
+ die "unable to use snapshot name 'current' (reserved name)\n"
+ if $snapname eq 'current';
my $realcmd = sub {
PVE::Cluster::log_msg('info', $authuser, "snapshot VM $vmid: $snapname");
- PVE::QemuServer::snapshot_create($vmid, $snapname, $vmstate, $freezefs);
+ PVE::QemuServer::snapshot_create($vmid, $snapname, $param->{vmstate},
+ $param->{freezefs}, $param->{description});
};
return $rpcenv->fork_worker('qmsnapshot', $vmid, $authuser, $realcmd);
}});
+__PACKAGE__->register_method({
+ name => 'snapshot_cmd_idx',
+ path => '{vmid}/snapshot/{snapname}',
+ description => '',
+ method => 'GET',
+ permissions => {
+ user => 'all',
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ vmid => get_standard_option('pve-vmid'),
+ node => get_standard_option('pve-node'),
+ snapname => get_standard_option('pve-snapshot-name'),
+ },
+ },
+ returns => {
+ type => 'array',
+ items => {
+ type => "object",
+ properties => {},
+ },
+ links => [ { rel => 'child', href => "{cmd}" } ],
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $res = [];
+
+ push @$res, { cmd => 'rollback' };
+ push @$res, { cmd => 'config' };
+
+ return $res;
+ }});
+
+__PACKAGE__->register_method({
+ name => 'update_snapshot_config',
+ path => '{vmid}/snapshot/{snapname}/config',
+ method => 'PUT',
+ protected => 1,
+ proxyto => 'node',
+ description => "Update snapshot metadata.",
+ permissions => {
+ check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot' ]],
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ vmid => get_standard_option('pve-vmid'),
+ snapname => get_standard_option('pve-snapshot-name'),
+ description => {
+ optional => 1,
+ type => 'string',
+ description => "A textual description or comment.",
+ },
+ },
+ },
+ returns => { type => 'null' },
+ code => sub {
+ my ($param) = @_;
+
+ my $rpcenv = PVE::RPCEnvironment::get();
+
+ my $authuser = $rpcenv->get_user();
+
+ my $vmid = extract_param($param, 'vmid');
+
+ my $snapname = extract_param($param, 'snapname');
+
+ return undef if !defined($param->{description});
+
+ my $updatefn = sub {
+
+ my $conf = PVE::QemuServer::load_config($vmid);
+
+ PVE::QemuServer::check_lock($conf);
+
+ my $snap = $conf->{snapshots}->{$snapname};
+
+ die "snapshot '$snapname' does not exist\n" if !defined($snap);
+
+ $snap->{description} = $param->{description} if defined($param->{description});
+
+ PVE::QemuServer::update_config_nolock($vmid, $conf, 1);
+ };
+
+ PVE::QemuServer::lock_config($vmid, $updatefn);
+
+ return undef;
+ }});
+
+__PACKAGE__->register_method({
+ name => 'get_snapshot_config',
+ path => '{vmid}/snapshot/{snapname}/config',
+ method => 'GET',
+ proxyto => 'node',
+ description => "Get snapshot configuration",
+ permissions => {
+ check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot' ]],
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ vmid => get_standard_option('pve-vmid'),
+ snapname => get_standard_option('pve-snapshot-name'),
+ },
+ },
+ returns => { type => "object" },
+ code => sub {
+ my ($param) = @_;
+
+ my $rpcenv = PVE::RPCEnvironment::get();
+
+ my $authuser = $rpcenv->get_user();
+
+ my $vmid = extract_param($param, 'vmid');
+
+ my $snapname = extract_param($param, 'snapname');
+
+ my $conf = PVE::QemuServer::load_config($vmid);
+
+ my $snap = $conf->{snapshots}->{$snapname};
+
+ die "snapshot '$snapname' does not exist\n" if !defined($snap);
+
+ return $snap;
+ }});
+
__PACKAGE__->register_method({
name => 'rollback',
- path => '{vmid}/rollback',
+ path => '{vmid}/snapshot/{snapname}/rollback',
method => 'POST',
protected => 1,
proxyto => 'node',
description => "Rollback VM state to specified snapshot.",
permissions => {
- check => ['perm', '/vms/{vmid}', [ 'VM.Config.Disk' ]],
+ check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot' ]],
},
parameters => {
additionalProperties => 0,
properties => {
node => get_standard_option('pve-node'),
vmid => get_standard_option('pve-vmid'),
- snapname => {
- type => 'string',
- description => "The name of the snapshot",
- maxLength => 40,
- },
+ snapname => get_standard_option('pve-snapshot-name'),
},
},
returns => {
my $snapname = extract_param($param, 'snapname');
- # fixme: access rights?
-
my $realcmd = sub {
PVE::Cluster::log_msg('info', $authuser, "rollback snapshot VM $vmid: $snapname");
PVE::QemuServer::snapshot_rollback($vmid, $snapname);
proxyto => 'node',
description => "Delete a VM snapshot.",
permissions => {
- check => ['perm', '/vms/{vmid}', [ 'VM.Config.Disk' ]],
+ check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot' ]],
},
parameters => {
additionalProperties => 0,
properties => {
node => get_standard_option('pve-node'),
vmid => get_standard_option('pve-vmid'),
- snapname => {
- type => 'string',
- description => "The name of the snapshot",
- maxLength => 40,
+ snapname => get_standard_option('pve-snapshot-name'),
+ force => {
+ optional => 1,
+ type => 'boolean',
+ description => "For removal from config file, even if removing disk snapshots fails.",
},
},
},
my $snapname = extract_param($param, 'snapname');
- # fixme: access rights?
-
my $realcmd = sub {
PVE::Cluster::log_msg('info', $authuser, "delete snapshot VM $vmid: $snapname");
- PVE::QemuServer::snapshot_delete($vmid, $snapname);
+ PVE::QemuServer::snapshot_delete($vmid, $snapname, $param->{force});
};
- return $rpcenv->fork_worker('qmdelsnaphot', $vmid, $authuser, $realcmd);
+ return $rpcenv->fork_worker('qmdelsnapshot', $vmid, $authuser, $realcmd);
}});
1;