"description" : "Adds a node to the cluster configuration. This call is for internal use.",
"method" : "POST",
"name" : "addnode",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "apiversion" : {
+ "description" : "The JOIN_API_VERSION of the new node.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
"force" : {
"description" : "Do not throw error if node already exists.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "link[n]" : {
+ "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
+ "format" : {
+ "address" : {
+ "default_key" : 1,
+ "description" : "Hostname (or IP) of this corosync link address.",
+ "format" : "address",
+ "format_description" : "IP",
+ "type" : "string"
+ },
+ "priority" : {
+ "default" : 0,
+ "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
- "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
- "format" : "address",
+ "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
+ "format" : {
+ "address" : {
+ "default_key" : 1,
+ "description" : "Hostname (or IP) of this corosync link address.",
+ "format" : "address",
+ "format_description" : "IP",
+ "type" : "string"
+ },
+ "priority" : {
+ "default" : 0,
+ "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
- "description" : "Joins this node into an existing cluster.",
+ "allowtoken" : 1,
+ "description" : "Joins this node into an existing cluster. If no links are given, default to IP resolved by node's hostname on single link (fallback fails for clusters with multiple links).",
+ "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
+ "format" : {
+ "address" : {
+ "default_key" : 1,
+ "description" : "Hostname (or IP) of this corosync link address.",
+ "format" : "address",
+ "format_description" : "IP",
+ "type" : "string"
+ },
+ "priority" : {
+ "default" : 0,
+ "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
+ "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
+ "format" : {
+ "address" : {
+ "default_key" : 1,
+ "description" : "Hostname (or IP) of this corosync link address.",
+ "format" : "address",
+ "format_description" : "IP",
+ "type" : "string"
+ },
+ "priority" : {
+ "default" : 0,
+ "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
+ "description" : "Can be used to prevent concurrent modifications.",
+ "type" : "string"
+ },
+ "group" : {
+ "description" : "The HA group identifier.",
+ "format" : "pve-configid",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "max_relocate" : {
+ "description" : "Maximal number of service relocate tries when a service failes to start.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "max_restart" : {
+ "description" : "Maximal number of tries to restart the service on a node after its start failed.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "sid" : {
+ "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
+ "description" : "The policy for HA services on node shutdown. 'freeze' disables auto-recovery, 'failover' ensures recovery, 'conditional' recovers on poweroff and freezes on reboot. 'migrate' will migrate running services to other nodes, if possible. With 'freeze' or 'failover', HA Services will always get stopped first on shutdown.",
+ "enum" : [
+ "freeze",
+ "failover",
+ "conditional",
+ "migrate"
+ ],
+ "type" : "string",
+ "verbose_description" : "Describes the policy for handling HA services on poweroff or reboot of a node. Freeze will always freeze services which are still located on the node on shutdown, those services won't be recovered by the HA manager. Failover will not mark the services as frozen and thus the services will get recovered to other nodes, if the shutdown node does not come up again quickly (< 1min). 'conditional' chooses automatically depending on the type of shutdown, i.e., on a reboot the service will be frozen but on a poweroff the service will stay as is, and thus get recovered after about 2 minutes. Migrate will try to move all running services to another node when a reboot or shutdown was triggered. The poweroff process will only continue once no running services are located on the node anymore. If the node comes up again, the service will be moved back to the previously powered-off node, at least if no other migration, reloaction or recovery took place."
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "shutdown_policy=<enum>"
+ },
"http_proxy" : {
"description" : "Specify external http proxy which is used for downloads (example: 'http://username:password@host:port/')",
+ "description" : "[node] IP of the resolved nodename.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "level" : {
+ "description" : "[node] Proxmox VE Subscription level, indicates if eligible for enterprise support as well as access to the stable Proxmox VE Enterprise Repository.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "local" : {
+ "description" : "[node] Indicates if this is the responding node.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "name" : {
+ "type" : "string"
+ },
+ "nodeid" : {
+ "description" : "[node] ID of the node from the corosync configuration.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "nodes" : {
+ "description" : "[cluster] Nodes count, including offline nodes.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "online" : {
+ "description" : "[node] Indicates if the node is online or offline.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "quorate" : {
+ "description" : "[cluster] Indicates if there is a majority of nodes online to make decisions",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"type" : {
+ "description" : "Indicates the type, either cluster or node. The type defines the object properties e.g. quorate available for type cluster.",
+ "enum" : [
+ "cluster",
+ "node"
+ ],
"type" : "string"
+ },
+ "version" : {
+ "description" : "[cluster] Current version of the corosync configuration file.",
- "description" : "Get current virtual machine configuration. This does not include pending configuration changes (see 'pending' API).",
+ "allowtoken" : 1,
+ "description" : "Get the virtual machine configuration with pending configuration changes applied. Set the 'current' parameter to get the current configuration instead.",
+ "description" : "cloud-init: Specify custom files to replace the automatically generated ones at start.",
+ "format" : "pve-qm-cicustom",
+ "optional" : 1,
+ "type" : "string"
+ },
"cipassword" : {
"description" : "cloud-init: Password to assign the user. Using this is generally not recommended. Use ssh keys instead. Also note that older cloud-init versions do not support hashed passwords.",
- "description" : "List of additional CPU flags separated by ';'. Use '+FLAG' to enable, '-FLAG' to disable a flag. Currently supported flags: 'pcid', 'spec-ctrl', 'ibpb', 'ssbd', 'virt-ssbd', 'amd-ssbd', 'amd-no-ssb', 'pdpe1gb'.",
+ "description" : "Script that will be executed during various steps in the vms lifetime.",
+ "format" : "pve-volume-id",
+ "optional" : 1,
+ "type" : "string"
+ },
"hostpci[n]" : {
"description" : "Map host PCI devices into guest.",
"format" : "pve-qm-hostpci",
"optional" : 1,
"type" : "string",
- "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer\npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer\npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "description" : "Inter-VM shared memory. Useful for direct communication between VMs, or to the host.",
+ "format" : {
+ "name" : {
+ "description" : "The name of the file. Will be prefixed with 'pve-shm-'. Default is the VMID. Will be deleted when the VM is stopped.",
+ "format_description" : "string",
+ "optional" : 1,
+ "pattern" : "[a-zA-Z0-9\\-]+",
+ "type" : "string"
+ },
+ "size" : {
+ "description" : "The size of the file in MB.",
+ "minimum" : 1,
+ "type" : "integer"
+ }
+ },
+ "optional" : 1,
+ "type" : "string"
+ },
"keyboard" : {
"default" : null,
"description" : "Keybord layout for vnc server. Default is read from the '/etc/pve/datacenter.cfg' configuration file.It should not be necessary to set it.",
"description" : "Bridge to attach the network device to. The Proxmox VE standard bridge\nis called 'vmbr0'.\n\nIf you do not specify a bridge, we create a kvm user (NATed) network\ndevice, which provides DHCP and DNS services. The following addresses\nare used:\n\n 10.0.2.2 Gateway\n 10.0.2.3 DNS Server\n 10.0.2.4 SMB Server\n\nThe DHCP server assign addresses to the guest starting from 10.0.2.15.\n",
- "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6/3.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
+ "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6 - 5.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
},
"parallel[n]" : {
"description" : "Map host parallel devices (n is 0 to 2).",
+ "description" : "Configure a VirtIO-based Random Number Generator.",
+ "format" : {
+ "max_bytes" : {
+ "default" : 1024,
+ "description" : "Maximum bytes of entropy injected into the guest every 'period' milliseconds. Prefer a lower value when using /dev/random as source. Use 0 to disable limiting (potentially dangerous!).",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "period" : {
+ "default" : 1000,
+ "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "source" : {
+ "default_key" : 1,
+ "description" : "The file on the host to gather entropy from. In most cases /dev/urandom should be preferred over /dev/random to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. /dev/hwrng can be used to pass through a hardware RNG from the host.",
+ "enum" : [
+ "/dev/urandom",
+ "/dev/random",
+ "/dev/hwrng"
+ ],
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string"
+ },
"sata[n]" : {
"description" : "Use volume as SATA hard disk or CD-ROM (n is 0 to 5).",
"verbose_description" : "Enable/disable the USB tablet device. This device is usually needed to allow absolute mouse positioning with VNC. Else the mouse runs out of sync with normal VNC clients. If you're running lots of console-only guests on one host, you may consider disabling this to save some context switches. This is turned off by default if you use spice (-vga=qxl)."
},
+ "tags" : {
+ "description" : "Tags of the VM. This is only meta information.",
- "description" : "Specifies whether if given host option is a USB3 device or port (this does currently not work reliably with spice redirection and is then ignored).",
+ "description" : "Specifies whether if given host option is a USB3 device or port.",
"description" : "cloud-init: Password to assign the user. Using this is generally not recommended. Use ssh keys instead. Also note that older cloud-init versions do not support hashed passwords.",
- "description" : "List of additional CPU flags separated by ';'. Use '+FLAG' to enable, '-FLAG' to disable a flag. Currently supported flags: 'pcid', 'spec-ctrl', 'ibpb', 'ssbd', 'virt-ssbd', 'amd-ssbd', 'amd-no-ssb', 'pdpe1gb'.",
- "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer\npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer\npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
"description" : "cloud-init: Specify IP addresses and gateways for the corresponding interface.\n\nIP addresses use CIDR notation, gateways are optional but need an IP of the same type specified.\n\nThe special string 'dhcp' can be used for IP addresses to use DHCP, in which case no explicit gateway should be provided.\nFor IPv6 the special string 'auto' can be used to use stateless autoconfiguration.\n\nIf cloud-init is enabled and neither an IPv4 nor an IPv6 address is specified, it defaults to using dhcp on IPv4.\n",
+ "description" : "Inter-VM shared memory. Useful for direct communication between VMs, or to the host.",
+ "format" : {
+ "name" : {
+ "description" : "The name of the file. Will be prefixed with 'pve-shm-'. Default is the VMID. Will be deleted when the VM is stopped.",
+ "format_description" : "string",
+ "optional" : 1,
+ "pattern" : "[a-zA-Z0-9\\-]+",
+ "type" : "string"
+ },
+ "size" : {
+ "description" : "The size of the file in MB.",
+ "minimum" : 1,
+ "type" : "integer"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "size=<integer> [,name=<string>]"
+ },
"keyboard" : {
"default" : null,
"description" : "Keybord layout for vnc server. Default is read from the '/etc/pve/datacenter.cfg' configuration file.It should not be necessary to set it.",
"description" : "Bridge to attach the network device to. The Proxmox VE standard bridge\nis called 'vmbr0'.\n\nIf you do not specify a bridge, we create a kvm user (NATed) network\ndevice, which provides DHCP and DNS services. The following addresses\nare used:\n\n 10.0.2.2 Gateway\n 10.0.2.3 DNS Server\n 10.0.2.4 SMB Server\n\nThe DHCP server assign addresses to the guest starting from 10.0.2.15.\n",
- "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6/3.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
+ "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6 - 5.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
},
"parallel[n]" : {
"description" : "Map host parallel devices (n is 0 to 2).",
+ "description" : "Configure a VirtIO-based Random Number Generator.",
+ "format" : {
+ "max_bytes" : {
+ "default" : 1024,
+ "description" : "Maximum bytes of entropy injected into the guest every 'period' milliseconds. Prefer a lower value when using /dev/random as source. Use 0 to disable limiting (potentially dangerous!).",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "period" : {
+ "default" : 1000,
+ "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "source" : {
+ "default_key" : 1,
+ "description" : "The file on the host to gather entropy from. In most cases /dev/urandom should be preferred over /dev/random to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. /dev/hwrng can be used to pass through a hardware RNG from the host.",
"verbose_description" : "Enable/disable the USB tablet device. This device is usually needed to allow absolute mouse positioning with VNC. Else the mouse runs out of sync with normal VNC clients. If you're running lots of console-only guests on one host, you may consider disabling this to save some context switches. This is turned off by default if you use spice (-vga=qxl)."
},
+ "tags" : {
+ "description" : "Tags of the VM. This is only meta information.",
- "description" : "Specifies whether if given host option is a USB3 device or port (this does currently not work reliably with spice redirection and is then ignored).",
+ "description" : "Specifies whether if given host option is a USB3 device or port.",
"description" : "Set virtual machine options (synchrounous API) - You should consider using the POST method instead for any actions involving hotplug or storage allocation.",
"description" : "cloud-init: Password to assign the user. Using this is generally not recommended. Use ssh keys instead. Also note that older cloud-init versions do not support hashed passwords.",
- "description" : "List of additional CPU flags separated by ';'. Use '+FLAG' to enable, '-FLAG' to disable a flag. Currently supported flags: 'pcid', 'spec-ctrl', 'ibpb', 'ssbd', 'virt-ssbd', 'amd-ssbd', 'amd-no-ssb', 'pdpe1gb'.",
- "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer\npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer\npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
"description" : "cloud-init: Specify IP addresses and gateways for the corresponding interface.\n\nIP addresses use CIDR notation, gateways are optional but need an IP of the same type specified.\n\nThe special string 'dhcp' can be used for IP addresses to use DHCP, in which case no explicit gateway should be provided.\nFor IPv6 the special string 'auto' can be used to use stateless autoconfiguration.\n\nIf cloud-init is enabled and neither an IPv4 nor an IPv6 address is specified, it defaults to using dhcp on IPv4.\n",
+ "description" : "Inter-VM shared memory. Useful for direct communication between VMs, or to the host.",
+ "format" : {
+ "name" : {
+ "description" : "The name of the file. Will be prefixed with 'pve-shm-'. Default is the VMID. Will be deleted when the VM is stopped.",
+ "format_description" : "string",
+ "optional" : 1,
+ "pattern" : "[a-zA-Z0-9\\-]+",
+ "type" : "string"
+ },
+ "size" : {
+ "description" : "The size of the file in MB.",
+ "minimum" : 1,
+ "type" : "integer"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "size=<integer> [,name=<string>]"
+ },
"keyboard" : {
"default" : null,
"description" : "Keybord layout for vnc server. Default is read from the '/etc/pve/datacenter.cfg' configuration file.It should not be necessary to set it.",
"description" : "Bridge to attach the network device to. The Proxmox VE standard bridge\nis called 'vmbr0'.\n\nIf you do not specify a bridge, we create a kvm user (NATed) network\ndevice, which provides DHCP and DNS services. The following addresses\nare used:\n\n 10.0.2.2 Gateway\n 10.0.2.3 DNS Server\n 10.0.2.4 SMB Server\n\nThe DHCP server assign addresses to the guest starting from 10.0.2.15.\n",
- "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6/3.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
+ "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6 - 5.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
},
"parallel[n]" : {
"description" : "Map host parallel devices (n is 0 to 2).",
+ "description" : "Configure a VirtIO-based Random Number Generator.",
+ "format" : {
+ "max_bytes" : {
+ "default" : 1024,
+ "description" : "Maximum bytes of entropy injected into the guest every 'period' milliseconds. Prefer a lower value when using /dev/random as source. Use 0 to disable limiting (potentially dangerous!).",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "period" : {
+ "default" : 1000,
+ "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "source" : {
+ "default_key" : 1,
+ "description" : "The file on the host to gather entropy from. In most cases /dev/urandom should be preferred over /dev/random to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. /dev/hwrng can be used to pass through a hardware RNG from the host.",
"verbose_description" : "Enable/disable the USB tablet device. This device is usually needed to allow absolute mouse positioning with VNC. Else the mouse runs out of sync with normal VNC clients. If you're running lots of console-only guests on one host, you may consider disabling this to save some context switches. This is turned off by default if you use spice (-vga=qxl)."
},
+ "tags" : {
+ "description" : "Tags of the VM. This is only meta information.",
- "description" : "Specifies whether if given host option is a USB3 device or port (this does currently not work reliably with spice redirection and is then ignored).",
+ "description" : "Specifies whether if given host option is a USB3 device or port.",
- "description" : "Target storage for the migration. (Can be '1' to use the same storage id as on the source node.)",
+ "description" : "Mapping from source to target storages. Providing only a single storage ID maps all source storages to that storage. Providing the special value '1' will map each source storage to itself.",
"description" : "Stop virtual machine. The qemu process will exit immediately. Thisis akin to pulling the power plug of a running computer and may damage the VM data",
"description" : "Shutdown virtual machine. This is similar to pressing the power button on a physical machine.This will send an ACPI event for the guest OS, which should then proceed to a clean shutdown.",
+ "description" : "You need 'VM.PowerMgmt' on /vms/{vmid}, and if you have set 'todisk', you need also 'VM.Config.Disk' on /vms/{vmid} and 'Datastore.AllocateSpace' on the storage for the vmstate."
+ "description" : "Mapping from source to target storages. Providing only a single storage ID maps all source storages to that storage. Providing the special value '1' will map each source storage to itself.",
+ "description" : "The backup archive. Either the file system path to a .tar or .vma file (use '-' to pipe data from stdin) or a proxmox storage backup volume identifier.",
"description" : "cloud-init: Password to assign the user. Using this is generally not recommended. Use ssh keys instead. Also note that older cloud-init versions do not support hashed passwords.",
- "description" : "List of additional CPU flags separated by ';'. Use '+FLAG' to enable, '-FLAG' to disable a flag. Currently supported flags: 'pcid', 'spec-ctrl', 'ibpb', 'ssbd', 'virt-ssbd', 'amd-ssbd', 'amd-no-ssb', 'pdpe1gb'.",
- "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer\npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer\npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
"description" : "cloud-init: Specify IP addresses and gateways for the corresponding interface.\n\nIP addresses use CIDR notation, gateways are optional but need an IP of the same type specified.\n\nThe special string 'dhcp' can be used for IP addresses to use DHCP, in which case no explicit gateway should be provided.\nFor IPv6 the special string 'auto' can be used to use stateless autoconfiguration.\n\nIf cloud-init is enabled and neither an IPv4 nor an IPv6 address is specified, it defaults to using dhcp on IPv4.\n",
+ "description" : "Inter-VM shared memory. Useful for direct communication between VMs, or to the host.",
+ "format" : {
+ "name" : {
+ "description" : "The name of the file. Will be prefixed with 'pve-shm-'. Default is the VMID. Will be deleted when the VM is stopped.",
+ "format_description" : "string",
+ "optional" : 1,
+ "pattern" : "[a-zA-Z0-9\\-]+",
+ "type" : "string"
+ },
+ "size" : {
+ "description" : "The size of the file in MB.",
+ "minimum" : 1,
+ "type" : "integer"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "size=<integer> [,name=<string>]"
+ },
"keyboard" : {
"default" : null,
"description" : "Keybord layout for vnc server. Default is read from the '/etc/pve/datacenter.cfg' configuration file.It should not be necessary to set it.",
"description" : "Bridge to attach the network device to. The Proxmox VE standard bridge\nis called 'vmbr0'.\n\nIf you do not specify a bridge, we create a kvm user (NATed) network\ndevice, which provides DHCP and DNS services. The following addresses\nare used:\n\n 10.0.2.2 Gateway\n 10.0.2.3 DNS Server\n 10.0.2.4 SMB Server\n\nThe DHCP server assign addresses to the guest starting from 10.0.2.15.\n",
- "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6/3.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
+ "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6 - 5.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
},
"parallel[n]" : {
"description" : "Map host parallel devices (n is 0 to 2).",
+ "description" : "Configure a VirtIO-based Random Number Generator.",
+ "format" : {
+ "max_bytes" : {
+ "default" : 1024,
+ "description" : "Maximum bytes of entropy injected into the guest every 'period' milliseconds. Prefer a lower value when using /dev/random as source. Use 0 to disable limiting (potentially dangerous!).",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "period" : {
+ "default" : 1000,
+ "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "source" : {
+ "default_key" : 1,
+ "description" : "The file on the host to gather entropy from. In most cases /dev/urandom should be preferred over /dev/random to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. /dev/hwrng can be used to pass through a hardware RNG from the host.",
"verbose_description" : "Enable/disable the USB tablet device. This device is usually needed to allow absolute mouse positioning with VNC. Else the mouse runs out of sync with normal VNC clients. If you're running lots of console-only guests on one host, you may consider disabling this to save some context switches. This is turned off by default if you use spice (-vga=qxl)."
},
+ "tags" : {
+ "description" : "Tags of the VM. This is only meta information.",
- "description" : "Specifies whether if given host option is a USB3 device or port (this does currently not work reliably with spice redirection and is then ignored).",
+ "description" : "Specifies whether if given host option is a USB3 device or port.",
"description" : "Allow containers access to advanced features.",
"format" : {
+ "force_rw_sys" : {
+ "default" : 0,
+ "description" : "Mount /sys in unprivileged containers as `rw` instead of `mixed`. This can break networking under newer (>= v245) systemd-network use.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"fuse" : {
"default" : 0,
"description" : "Allow using 'fuse' file systems in a container. Note that interactions between fuse and the freezer cgroup can potentially cause I/O deadlocks.",
+ "description" : "Allow unprivileged containers to use mknod() to add certain device nodes. This requires a kernel with seccomp trap to user space support (5.3 or newer). This is experimental.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"mount" : {
"description" : "Allow mounting file systems of specific types. This should be a list of file system types as used with the mount command. Note that this can have negative effects on the container's security. With access to a loop device, mounting a file can circumvent the mknod permission of the devices cgroup, mounting an NFS file system can block the host's I/O completely and prevent it from rebooting, etc.",
"description" : "The interface MAC address. This is dynamically allocated by default, but you can set that statically if needed, for example to always have the same link-local IPv6 address. (lxc.network.hwaddr)",
"description" : "Allow containers access to advanced features.",
"format" : {
+ "force_rw_sys" : {
+ "default" : 0,
+ "description" : "Mount /sys in unprivileged containers as `rw` instead of `mixed`. This can break networking under newer (>= v245) systemd-network use.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"fuse" : {
"default" : 0,
"description" : "Allow using 'fuse' file systems in a container. Note that interactions between fuse and the freezer cgroup can potentially cause I/O deadlocks.",
+ "description" : "Allow unprivileged containers to use mknod() to add certain device nodes. This requires a kernel with seccomp trap to user space support (5.3 or newer). This is experimental.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"mount" : {
"description" : "Allow mounting file systems of specific types. This should be a list of file system types as used with the mount command. Note that this can have negative effects on the container's security. With access to a loop device, mounting a file can circumvent the mknod permission of the devices cgroup, mounting an NFS file system can block the host's I/O completely and prevent it from rebooting, etc.",
"description" : "Sets DNS server IP address for a container. Create will automatically use the setting from the host if you neither set searchdomain nor nameserver.",
"description" : "The interface MAC address. This is dynamically allocated by default, but you can set that statically if needed, for example to always have the same link-local IPv6 address. (lxc.network.hwaddr)",
"description" : "Sets DNS search domains for a container. Create will automatically use the setting from the host if you neither set searchdomain nor nameserver.",
+ "description" : "Get container configuration, including pending changes.",
+ "method" : "GET",
+ "name" : "vm_pending",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "minimum" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - N)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Audit"
+ ]
+ ]
+ },
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "delete" : {
+ "description" : "Indicates a pending delete request if present and not 0.",
+ "maximum" : 2,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "key" : {
+ "description" : "Configuration option name.",
+ "type" : "string"
+ },
+ "pending" : {
+ "description" : "Pending value.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "value" : {
+ "description" : "Current value.",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/lxc/{vmid}/pending",
+ "text" : "pending"
}
],
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Destroy the container (also delete all uses files).",
"method" : "DELETE",
"name" : "destroy_vm",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "force" : {
+ "default" : 0,
+ "description" : "Force destroy, even if running.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
},
+ "purge" : {
+ "default" : 0,
+ "description" : "Remove container from all related configurations. For example, backup jobs, replication jobs or HA. Related ACLs and Firewall entries will *always* be removed.",
"description" : "Allow containers access to advanced features.",
"format" : {
+ "force_rw_sys" : {
+ "default" : 0,
+ "description" : "Mount /sys in unprivileged containers as `rw` instead of `mixed`. This can break networking under newer (>= v245) systemd-network use.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"fuse" : {
"default" : 0,
"description" : "Allow using 'fuse' file systems in a container. Note that interactions between fuse and the freezer cgroup can potentially cause I/O deadlocks.",
+ "description" : "Allow unprivileged containers to use mknod() to add certain device nodes. This requires a kernel with seccomp trap to user space support (5.3 or newer). This is experimental.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"mount" : {
"description" : "Allow mounting file systems of specific types. This should be a list of file system types as used with the mount command. Note that this can have negative effects on the container's security. With access to a loop device, mounting a file can circumvent the mknod permission of the devices cgroup, mounting an NFS file system can block the host's I/O completely and prevent it from rebooting, etc.",
"description" : "Sets DNS server IP address for a container. Create will automatically use the setting from the host if you neither set searchdomain nor nameserver.",
"description" : "The interface MAC address. This is dynamically allocated by default, but you can set that statically if needed, for example to always have the same link-local IPv6 address. (lxc.network.hwaddr)",
"description" : "Sets DNS search domains for a container. Create will automatically use the setting from the host if you neither set searchdomain nor nameserver.",
- "description" : "Use bluestore instead of filestore. This is the default.",
+ "db_dev" : {
+ "description" : "Block device name for block.db.",
"optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "dev" : {
- "description" : "Block device name.",
"type" : "string",
"typetext" : "<string>"
},
- "fstype" : {
- "default" : "xfs",
- "description" : "File system type (filestore only).",
- "enum" : [
- "xfs",
- "ext4"
- ],
+ "db_size" : {
+ "default" : "bluestore_block_db_size or 10% of OSD size",
+ "description" : "Size in GiB for block.db.",
+ "minimum" : 1,
"optional" : 1,
- "type" : "string"
+ "requires" : "db_dev",
+ "type" : "number",
+ "typetext" : "<number> (1 - N)",
+ "verbose_description" : "If a block.db is requested but the size is not given, will be automatically selected by: bluestore_block_db_size from the ceph database (osd or global section) or config (osd or global section)in that order. If this is not available, it will be sized 10% of the size of the OSD device. Fails if the available size is not enough."
},
- "journal_dev" : {
- "description" : "Block device name for journal (filestore) or block.db (bluestore).",
- "optional" : 1,
+ "dev" : {
+ "description" : "Block device name.",
"type" : "string",
"typetext" : "<string>"
},
+ "encrypted" : {
+ "default" : 0,
+ "description" : "Enables encryption of the OSD.",
- "description" : "Block device name for block.wal (bluestore only).",
+ "description" : "Block device name for block.wal.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
+ },
+ "wal_size" : {
+ "default" : "bluestore_block_wal_size or 1% of OSD size",
+ "description" : "Size in GiB for block.wal.",
+ "minimum" : 0.5,
+ "optional" : 1,
+ "requires" : "wal_dev",
+ "type" : "number",
+ "typetext" : "<number> (0.5 - N)",
+ "verbose_description" : "If a block.wal is requested but the size is not given, will be automatically selected by: bluestore_block_wal_size from the ceph database (osd or global section) or config (osd or global section)in that order. If this is not available, it will be sized 1% of the size of the OSD device. Fails if the available size is not enough."
- "description" : "Disable cephx authentification.\n\nWARNING: cephx is a security feature protecting against man-in-the-middle attacks. Only consider disabling cephx if your network is private!",
+ "description" : "Disable cephx authentication.\n\nWARNING: cephx is a security feature protecting against man-in-the-middle attacks. Only consider disabling cephx if your network is private!",
- "description" : "The source file name. This parameter is usually set by the REST handler. You can only overwrite it when connecting to the trustet port on localhost.",
+ "description" : "The source file name. This parameter is usually set by the REST handler. You can only overwrite it when connecting to the trusted port on localhost.",
+ "description" : "API token expiration date (seconds since epoch). '0' means no expiration date.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "privsep" : {
+ "default" : 1,
+ "description" : "Restrict API token privileges with separate ACLs (default), or give full privileges of corresponding user.",
+ "optional" : 1,
+ "type" : "boolean"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Generate a new API token for a specific user. NOTE: returns API token value, which needs to be stored as it cannot be retrieved afterwards!",
+ "method" : "POST",
+ "name" : "generate_token",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "expire" : {
+ "default" : "same as user",
+ "description" : "API token expiration date (seconds since epoch). '0' means no expiration date.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "privsep" : {
+ "default" : 1,
+ "description" : "Restrict API token privileges with separate ACLs (default), or give full privileges of corresponding user.",
+ "description" : "Syncs users and/or groups from the configured LDAP to user.cfg. NOTE: Synced groups will have the name 'name-$realm', so make sure those groups do not exist to prevent overwriting.",
+ "method" : "POST",
+ "name" : "sync",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "dry-run" : {
+ "default" : 0,
+ "description" : "If set, does not write anything.",
+ "description" : "If set, uses the LDAP Directory as source of truth, deleting users or groups not returned from the sync. Otherwise only syncs information which is not already present, and does not deletes or modifies anything else.",
+ "optional" : "1",
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "purge" : {
+ "description" : "Remove ACLs for users or groups which were removed from the config during a sync.",
+ "optional" : "1",
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "realm" : {
+ "description" : "Authentication domain ID",
+ "format" : "pve-realm",
+ "maxLength" : 32,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "scope" : {
+ "description" : "Select what to sync.",
+ "enum" : [
+ "users",
+ "groups",
+ "both"
+ ],
+ "optional" : "1",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "and",
+ [
+ "userid-param",
+ "Realm.AllocateUser"
+ ],
+ [
+ "userid-group",
+ [
+ "User.Modify"
+ ]
+ ]
+ ],
+ "description" : "'Realm.AllocateUser' on '/access/realm/<realm>' and 'User.Modify' permissions to '/access/groups/'."
+ },
+ "protected" : 1,
+ "returns" : {
+ "description" : "Worker Task-UPID",
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/access/domains/{realm}/sync",
+ "text" : "sync"
+ }
+ ],
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Delete an authentication server.",
+ "description" : "Comma separated list of key=value pairs for specifying which LDAP attributes map to which PVE user field. For example, to map the LDAP attribute 'mail' to PVEs 'email', write 'email=mail'. By default, each PVE user field is represented by an LDAP attribute of the same name.",
+ "description" : "Comma separated list of key=value pairs for specifying which LDAP attributes map to which PVE user field. For example, to map the LDAP attribute 'mail' to PVEs 'email', write 'email=mail'. By default, each PVE user field is represented by an LDAP attribute of the same name.",
+ "description" : "Each user/token is allowed to dump their own permissions. A user can dump the permissions of another user if they have 'Sys.Audit' permission on /access.",
+ "user" : "all"
+ },
+ "returns" : {
+ "description" : "Map of \"path\" => (Map of \"privilege\" => \"propagate boolean\").",