return "nodes/$node/lxc/$vmid.conf";
}
+sub mountpoint_backup_enabled {
+ my ($class, $mp_key, $mountpoint) = @_;
+
+ return 1 if $mp_key eq 'rootfs';
+
+ return 0 if $mountpoint->{type} ne 'volume';
+
+ return 1 if $mountpoint->{backup};
+
+ return 0;
+}
+
sub has_feature {
my ($class, $feature, $conf, $storecfg, $snapname, $running, $backup_only) = @_;
my $err;
my ($ms, $mountpoint) = @_;
return if $err; # skip further test
- return if $backup_only && $ms ne 'rootfs' && !$mountpoint->{backup};
+ return if $backup_only && !$class->mountpoint_backup_enabled($ms, $mountpoint);
$err = 1
if !PVE::Storage::volume_has_feature($storecfg, $feature,
my $storecfg = PVE::Storage::config();
- return if $snapname eq 'vzdump' && $ms ne 'rootfs' && !$mountpoint->{backup};
+ return if $snapname eq 'vzdump' &&
+ !$class->mountpoint_backup_enabled($ms, $mountpoint);
+
PVE::Storage::volume_snapshot($storecfg, $mountpoint->{volume}, $snapname);
}
my $value = $snap->{$remove_drive};
my $mountpoint = $remove_drive eq 'rootfs' ? $class->parse_ct_rootfs($value, 1) : $class->parse_ct_mountpoint($value, 1);
delete $snap->{$remove_drive};
- $class->add_unused_volume($snap, $mountpoint->{volume});
+
+ $class->add_unused_volume($snap, $mountpoint->{volume})
+ if ($mountpoint->{type} eq 'volume');
}
}
sub __snapshot_delete_vol_snapshot {
my ($class, $vmid, $ms, $mountpoint, $snapname, $unused) = @_;
+ return if $snapname eq 'vzdump' &&
+ !$class->mountpoint_backup_enabled($ms, $mountpoint);
+
my $storecfg = PVE::Storage::config();
PVE::Storage::volume_snapshot_delete($storecfg, $mountpoint->{volume}, $snapname);
push @$unused, $mountpoint->{volume};
die "implement me - save vmstate\n";
}
+sub __snapshot_rollback_get_unused {
+ my ($class, $conf, $snap) = @_;
+
+ my $unused = [];
+
+ $class->__snapshot_foreach_volume($conf, sub {
+ my ($vs, $volume) = @_;
+
+ return if $volume->{type} ne 'volume';
+
+ my $found = 0;
+ my $volid = $volume->{volume};
+
+ $class->__snapshot_foreach_volume($snap, sub {
+ my ($ms, $mountpoint) = @_;
+
+ return if $found;
+ return if ($mountpoint->{type} ne 'volume');
+
+ $found = 1
+ if ($mountpoint->{volume} && $mountpoint->{volume} eq $volid);
+ });
+
+ push @$unused, $volid if !$found;
+ });
+
+ return $unused;
+}
+
sub __snapshot_foreach_volume {
my ($class, $conf, $func) = @_;
format_description => 'volume',
description => 'Volume, device or directory to mount into the container.',
},
- backup => {
- type => 'boolean',
- format_description => '[1|0]',
- description => 'Whether to include the mountpoint in backups.',
- optional => 1,
- },
size => {
type => 'string',
format => 'disk-size',
},
acl => {
type => 'boolean',
- format_description => 'acl',
description => 'Explicitly enable or disable ACL support.',
optional => 1,
},
ro => {
type => 'boolean',
- format_description => 'ro',
- description => 'Read-only mountpoint (not supported with bind mounts)',
+ description => 'Read-only mountpoint',
optional => 1,
},
quota => {
type => 'boolean',
- format_description => '[0|1]',
description => 'Enable user quotas inside the container (not supported with zfs subvolumes)',
optional => 1,
},
ostype => {
optional => 1,
type => 'string',
- enum => ['debian', 'ubuntu', 'centos', 'fedora', 'opensuse', 'archlinux', 'alpine', 'unmanaged'],
+ enum => [qw(debian ubuntu centos fedora opensuse archlinux alpine gentoo unmanaged)],
description => "OS type. This is used to setup configuration inside the container, and corresponds to lxc setup scripts in /usr/share/lxc/config/<ostype>.common.conf. Value 'unmanaged' can be used to skip and OS specific setup.",
},
console => {
cpulimit => {
optional => 1,
type => 'number',
- description => "Limit of CPU usage. Note if the computer has 2 CPUs, it has a total of '2' CPU time. Value '0' indicates no CPU limit.",
+ description => "Limit of CPU usage.\n\nNOTE: If the computer has 2 CPUs, it has a total of '2' CPU time. Value '0' indicates no CPU limit.",
minimum => 0,
maximum => 128,
default => 0,
description => {
optional => 1,
type => 'string',
- description => "Container description. Only used on the configuration web interface.",
+ description => "Container description. Only used on the configuration web interface.",
},
searchdomain => {
optional => 1,
'lxc.environment' => 1,
};
-my $netconf_desc = {
+our $netconf_desc = {
type => {
type => 'string',
optional => 1,
},
name => {
type => 'string',
- format_description => 'String',
- description => 'Name of the network device as seen from inside the container. (lxc.network.name)',
+ format_description => 'string',
+ description => 'Name of the network device as seen from inside the container. (lxc.network.name)',
pattern => '[-_.\w\d]+',
},
bridge => {
type => 'string',
- format_description => 'vmbr<Number>',
+ format_description => 'bridge',
description => 'Bridge to attach the network device to.',
pattern => '[-_.\w\d]+',
optional => 1,
},
hwaddr => {
type => 'string',
- format_description => 'MAC',
- description => 'Bridge to attach the network device to. (lxc.network.hwaddr)',
+ format_description => "XX:XX:XX:XX:XX:XX",
+ description => 'The interface MAC address. This is dynamically allocated by default, but you can set that statically if needed, for example to always have the same link-local IPv6 address. (lxc.network.hwaddr)',
pattern => qr/(?:[a-f0-9]{2}:){5}[a-f0-9]{2}/i,
optional => 1,
},
mtu => {
type => 'integer',
- format_description => 'Number',
description => 'Maximum transfer unit of the interface. (lxc.network.mtu)',
minimum => 64, # minimum ethernet frame is 64 bytes
optional => 1,
},
firewall => {
type => 'boolean',
- format_description => '[1|0]',
description => "Controls whether this interface's firewall rules should be used.",
optional => 1,
},
tag => {
type => 'integer',
- format_description => 'VlanNo',
- minimum => '2',
+ minimum => '1',
maximum => '4094',
description => "VLAN tag for this interface.",
optional => 1,
my $mp_desc = {
%$rootfs_desc,
+ backup => {
+ type => 'boolean',
+ description => 'Whether to include the mountpoint in backups.',
+ verbose_description => 'Whether to include the mountpoint in backups '.
+ '(only used for volume mountpoints).',
+ optional => 1,
+ },
mp => {
type => 'string',
format => 'pve-lxc-mp-string',
format_description => 'Path',
- description => 'Path to the mountpoint as seen from inside the container.',
+ description => 'Path to the mountpoint as seen from inside the container '.
+ '(must not contain symlinks).',
+ verbose_description => "Path to the mountpoint as seen from inside the container.\n\n".
+ "NOTE: Must not contain any symlinks for security reasons."
},
};
PVE::JSONSchema::register_format('pve-ct-mountpoint', $mp_desc);
my $unuseddesc = {
optional => 1,
type => 'string', format => 'pve-volume-id',
- description => "Reference to unused volumes.",
+ description => "Reference to unused volumes. This is used internally, and should not be modified manually.",
};
for (my $i = 0; $i < $MAX_MOUNT_POINTS; $i++) {
$confdesc->{"mp$i"} = {
optional => 1,
type => 'string', format => $mp_desc,
- description => "Use volume as container mount point (experimental feature).",
+ description => "Use volume as container mount point.",
optional => 1,
};
}
next;
}
- if ($opt eq 'hostname' || $opt eq 'memory' || $opt eq 'rootfs') {
+ if ($opt eq 'memory' || $opt eq 'rootfs') {
die "unable to delete required option '$opt'\n";
+ } elsif ($opt eq 'hostname') {
+ delete $conf->{$opt};
} elsif ($opt eq 'swap') {
delete $conf->{$opt};
PVE::LXC::write_cgroup_value("memory", $vmid,
}
my $used_volids = {};
+ my $check_content_type = sub {
+ my ($mp) = @_;
+ my $sid = PVE::Storage::parse_volume_id($mp->{volume});
+ my $scfg = PVE::Storage::config();
+ my $storage_config = PVE::Storage::storage_config($scfg, $sid);
+ die "storage '$sid' does not allow content type 'rootdir' (Container)\n"
+ if !$storage_config->{content}->{rootdir};
+ };
foreach my $opt (keys %$param) {
my $value = $param->{$opt};
next if $hotplug_error->($opt);
PVE::LXC::Config->check_protection($conf, $check_protection_msg);
my $old = $conf->{$opt};
+ my $mp = PVE::LXC::Config->parse_ct_mountpoint($value);
+ if ($mp->{type} eq 'volume') {
+ &$check_content_type($mp);
+ $used_volids->{$mp->{volume}} = 1;
+ }
$conf->{$opt} = $value;
if (defined($old)) {
my $mp = PVE::LXC::Config->parse_ct_mountpoint($old);
}
}
$new_disks = 1;
- my $mp = PVE::LXC::Config->parse_ct_mountpoint($value);
- $used_volids->{$mp->{volume}} = 1;
} elsif ($opt eq 'rootfs') {
next if $hotplug_error->($opt);
PVE::LXC::Config->check_protection($conf, $check_protection_msg);
my $old = $conf->{$opt};
$conf->{$opt} = $value;
+ my $mp = PVE::LXC::Config->parse_ct_rootfs($value);
+ if ($mp->{type} eq 'volume') {
+ &$check_content_type($mp);
+ $used_volids->{$mp->{volume}} = 1;
+ }
if (defined($old)) {
my $mp = PVE::LXC::Config->parse_ct_rootfs($old);
if ($mp->{type} eq 'volume') {
PVE::LXC::Config->add_unused_volume($conf, $mp->{volume});
}
}
- my $mp = PVE::LXC::Config->parse_ct_rootfs($value);
- $used_volids->{$mp->{volume}} = 1;
+ $new_disks = 1;
} elsif ($opt eq 'unprivileged') {
die "unable to modify read-only option: '$opt'\n";
} elsif ($opt eq 'ostype') {
$res = PVE::JSONSchema::parse_property_string($netconf_desc, $data);
$res->{type} = 'veth';
- $res->{hwaddr} = PVE::Tools::random_ether_addr() if !$res->{hwaddr};
+ if (!$res->{hwaddr}) {
+ my $dc = PVE::Cluster::cfs_read_file('datacenter.cfg');
+ $res->{hwaddr} = PVE::Tools::random_ether_addr($dc->{mac_prefix});
+ }
return $res;
}
}
sub foreach_mountpoint_full {
- my ($class, $conf, $reverse, $func) = @_;
+ my ($class, $conf, $reverse, $func, @param) = @_;
foreach my $key ($class->mountpoint_names($reverse)) {
my $value = $conf->{$key};
my $mountpoint = $key eq 'rootfs' ? $class->parse_ct_rootfs($value, 1) : $class->parse_ct_mountpoint($value, 1);
next if !defined($mountpoint);
- &$func($key, $mountpoint);
+ &$func($key, $mountpoint, @param);
}
}
sub foreach_mountpoint {
- my ($class, $conf, $func) = @_;
+ my ($class, $conf, $func, @param) = @_;
- $class->foreach_mountpoint_full($conf, 0, $func);
+ $class->foreach_mountpoint_full($conf, 0, $func, @param);
}
sub foreach_mountpoint_reverse {
- my ($class, $conf, $func) = @_;
+ my ($class, $conf, $func, @param) = @_;
- $class->foreach_mountpoint_full($conf, 1, $func);
+ $class->foreach_mountpoint_full($conf, 1, $func, @param);
}
sub get_vm_volumes {
projects / pve-container.git / blobdiff