X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=PVE%2FAPI2%2FQemu.pm;h=c9b2f677e8b6d1edbca4e31d92378ab14207d107;hb=71fc647ff981c01803e6b6b2f42447dbdeee6ac5;hp=d8c9726620bb1a71c8417566a3ba94fa076a71cc;hpb=f0dbdb6896839639caa071c287de92e89c2f88ae;p=qemu-server.git diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm index d8c9726..c9b2f67 100644 --- a/PVE/API2/Qemu.pm +++ b/PVE/API2/Qemu.pm @@ -149,17 +149,18 @@ my $create_disks = sub { die "no storage ID specified (and no default storage)\n" if !$storeid; my $scfg = PVE::Storage::storage_config($storecfg, $storeid); my $name = "vm-$vmid-cloudinit"; + my $fmt = undef; if ($scfg->{path}) { - $name .= ".qcow2"; - $fmt = 'qcow2'; - }else{ - $fmt = 'raw'; + $fmt = $disk->{format} // "qcow2"; + $name .= ".$fmt"; + } else { + $fmt = $disk->{format} // "raw"; } - # Initial disk created with 4MB, every time it is regenerated the disk is aligned to 4MB again. - my $cloudinit_iso_size = 4; # in MB - my $volid = PVE::Storage::vdisk_alloc($storecfg, $storeid, $vmid, - $fmt, $name, $cloudinit_iso_size*1024); + + # Initial disk created with 4 MB and aligned to 4MB on regeneration + my $ci_size = PVE::QemuServer::Cloudinit::CLOUDINIT_DISK_SIZE; + my $volid = PVE::Storage::vdisk_alloc($storecfg, $storeid, $vmid, $fmt, $name, $ci_size/1024); $disk->{file} = $volid; $disk->{media} = 'cdrom'; push @$vollist, $volid; @@ -307,10 +308,12 @@ my $check_vm_modify_config_perm = sub { return 1 if $authuser eq 'root@pam'; foreach my $opt (@$key_list) { - # disk checks need to be done somewhere else + # some checks (e.g., disk, serial port, usb) need to be done somewhere + # else, as there the permission can be value dependend next if PVE::QemuServer::is_valid_drivename($opt); next if $opt eq 'cdrom'; - next if $opt =~ m/^unused\d+$/; + next if $opt =~ m/^(?:unused|serial|usb)\d+$/; + if ($cpuoptions->{$opt} || $opt =~ m/^numa\d+$/) { $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.CPU']); @@ -331,7 +334,7 @@ my $check_vm_modify_config_perm = sub { } elsif ($cloudinitoptions->{$opt} || ($opt =~ m/^(?:net|ipconfig)\d+$/)) { $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Network']); } else { - # catches usb\d+, hostpci\d+, args, lock, etc. + # catches hostpci\d+, args, lock, etc. # new options will be checked here die "only root can set '$opt' config\n"; } @@ -554,14 +557,21 @@ __PACKAGE__->register_method({ PVE::QemuConfig->check_protection($conf, $emsg); die "$emsg vm is running\n" if PVE::QemuServer::check_running($vmid); - die "$emsg vm is a template\n" if PVE::QemuConfig->is_template($conf); my $realcmd = sub { PVE::QemuServer::restore_archive($archive, $vmid, $authuser, { storage => $storage, pool => $pool, unique => $unique, - bwlimit => $bwlimit, }); + bwlimit => $bwlimit, + }); + my $restored_conf = PVE::QemuConfig->load_config($vmid); + # Convert restored VM to template if backup was VM template + if (PVE::QemuConfig->is_template($restored_conf)) { + warn "Convert to template.\n"; + eval { PVE::QemuServer::template_create($vmid, $restored_conf) }; + warn $@ if $@; + } PVE::AccessControl::add_vm_to_pool($vmid, $pool) if $pool; @@ -1190,6 +1200,22 @@ my $update_vm_api = sub { if defined($conf->{pending}->{$opt}); PVE::QemuServer::vmconfig_delete_pending_option($conf, $opt, $force); PVE::QemuConfig->write_config($vmid, $conf); + } elsif ($opt =~ m/^serial\d+$/) { + if ($conf->{$opt} eq 'socket') { + $rpcenv->check_vm_perm($authuser, $vmid, undef, ['VM.Config.HWType']); + } elsif ($authuser ne 'root@pam') { + die "only root can delete '$opt' config for real devices\n"; + } + PVE::QemuServer::vmconfig_delete_pending_option($conf, $opt, $force); + PVE::QemuConfig->write_config($vmid, $conf); + } elsif ($opt =~ m/^usb\d+$/) { + if ($conf->{$opt} =~ m/spice/) { + $rpcenv->check_vm_perm($authuser, $vmid, undef, ['VM.Config.HWType']); + } elsif ($authuser ne 'root@pam') { + die "only root can delete '$opt' config for real devices\n"; + } + PVE::QemuServer::vmconfig_delete_pending_option($conf, $opt, $force); + PVE::QemuConfig->write_config($vmid, $conf); } else { PVE::QemuServer::vmconfig_delete_pending_option($conf, $opt, $force); PVE::QemuConfig->write_config($vmid, $conf); @@ -1215,6 +1241,20 @@ my $update_vm_api = sub { if defined($conf->{pending}->{$opt}); &$create_disks($rpcenv, $authuser, $conf->{pending}, $arch, $storecfg, $vmid, undef, {$opt => $param->{$opt}}); + } elsif ($opt =~ m/^serial\d+/) { + if ((!defined($conf->{$opt}) || $conf->{$opt} eq 'socket') && $param->{$opt} eq 'socket') { + $rpcenv->check_vm_perm($authuser, $vmid, undef, ['VM.Config.HWType']); + } elsif ($authuser ne 'root@pam') { + die "only root can modify '$opt' config for real devices\n"; + } + $conf->{pending}->{$opt} = $param->{$opt}; + } elsif ($opt =~ m/^usb\d+/) { + if ((!defined($conf->{$opt}) || $conf->{$opt} =~ m/spice/) && $param->{$opt} =~ m/spice/) { + $rpcenv->check_vm_perm($authuser, $vmid, undef, ['VM.Config.HWType']); + } elsif ($authuser ne 'root@pam') { + die "only root can modify '$opt' config for real devices\n"; + } + $conf->{pending}->{$opt} = $param->{$opt}; } else { $conf->{pending}->{$opt} = $param->{$opt}; } @@ -1981,38 +2021,26 @@ __PACKAGE__->register_method({ my ($param) = @_; my $rpcenv = PVE::RPCEnvironment::get(); - my $authuser = $rpcenv->get_user(); my $node = extract_param($param, 'node'); - my $vmid = extract_param($param, 'vmid'); my $machine = extract_param($param, 'machine'); - my $stateuri = extract_param($param, 'stateuri'); - raise_param_exc({ stateuri => "Only root may use this option." }) - if $stateuri && $authuser ne 'root@pam'; - - my $skiplock = extract_param($param, 'skiplock'); - raise_param_exc({ skiplock => "Only root may use this option." }) - if $skiplock && $authuser ne 'root@pam'; - - my $migratedfrom = extract_param($param, 'migratedfrom'); - raise_param_exc({ migratedfrom => "Only root may use this option." }) - if $migratedfrom && $authuser ne 'root@pam'; - - my $migration_type = extract_param($param, 'migration_type'); - raise_param_exc({ migration_type => "Only root may use this option." }) - if $migration_type && $authuser ne 'root@pam'; - - my $migration_network = extract_param($param, 'migration_network'); - raise_param_exc({ migration_network => "Only root may use this option." }) - if $migration_network && $authuser ne 'root@pam'; + my $get_root_param = sub { + my $value = extract_param($param, $_[0]); + raise_param_exc({ "$_[0]" => "Only root may use this option." }) + if $value && $authuser ne 'root@pam'; + return $value; + }; - my $targetstorage = extract_param($param, 'targetstorage'); - raise_param_exc({ targetstorage => "Only root may use this option." }) - if $targetstorage && $authuser ne 'root@pam'; + my $stateuri = $get_root_param->('stateuri'); + my $skiplock = $get_root_param->('skiplock'); + my $migratedfrom = $get_root_param->('migratedfrom'); + my $migration_type = $get_root_param->('migration_type'); + my $migration_network = $get_root_param->('migration_network'); + my $targetstorage = $get_root_param->('targetstorage'); raise_param_exc({ targetstorage => "targetstorage can only by used with migratedfrom." }) if $targetstorage && !$migratedfrom; @@ -2030,20 +2058,14 @@ __PACKAGE__->register_method({ my $storecfg = PVE::Storage::config(); - if (PVE::HA::Config::vm_is_ha_managed($vmid) && !$stateuri && - $rpcenv->{type} ne 'ha') { - + if (PVE::HA::Config::vm_is_ha_managed($vmid) && !$stateuri && $rpcenv->{type} ne 'ha') { my $hacmd = sub { my $upid = shift; - my $service = "vm:$vmid"; - - my $cmd = ['ha-manager', 'set', $service, '--state', 'started']; - print "Requesting HA start for VM $vmid\n"; + my $cmd = ['ha-manager', 'set', "vm:$vmid", '--state', 'started']; PVE::Tools::run_command($cmd); - return; }; @@ -2058,7 +2080,6 @@ __PACKAGE__->register_method({ PVE::QemuServer::vm_start($storecfg, $vmid, $stateuri, $skiplock, $migratedfrom, undef, $machine, $spice_ticket, $migration_network, $migration_type, $targetstorage); - return; }; @@ -2106,11 +2127,9 @@ __PACKAGE__->register_method({ my ($param) = @_; my $rpcenv = PVE::RPCEnvironment::get(); - my $authuser = $rpcenv->get_user(); my $node = extract_param($param, 'node'); - my $vmid = extract_param($param, 'vmid'); my $skiplock = extract_param($param, 'skiplock'); @@ -2133,14 +2152,10 @@ __PACKAGE__->register_method({ my $hacmd = sub { my $upid = shift; - my $service = "vm:$vmid"; - - my $cmd = ['ha-manager', 'set', $service, '--state', 'stopped']; - print "Requesting HA stop for VM $vmid\n"; + my $cmd = ['ha-manager', 'set', "vm:$vmid", '--state', 'stopped']; PVE::Tools::run_command($cmd); - return; }; @@ -2154,7 +2169,6 @@ __PACKAGE__->register_method({ PVE::QemuServer::vm_stop($storecfg, $vmid, $skiplock, 0, $param->{timeout}, 0, 1, $keepActive, $migratedfrom); - return; }; @@ -2257,11 +2271,9 @@ __PACKAGE__->register_method({ my ($param) = @_; my $rpcenv = PVE::RPCEnvironment::get(); - my $authuser = $rpcenv->get_user(); my $node = extract_param($param, 'node'); - my $vmid = extract_param($param, 'vmid'); my $skiplock = extract_param($param, 'skiplock'); @@ -2282,9 +2294,8 @@ __PACKAGE__->register_method({ # # checking the qmp status here to get feedback to the gui/cli/api # and the status query should not take too long - my $qmpstatus; - eval { - $qmpstatus = PVE::QemuServer::vm_qmp_command($vmid, { execute => "query-status" }, 0); + my $qmpstatus = eval { + PVE::QemuServer::vm_qmp_command($vmid, { execute => "query-status" }, 0); }; my $err = $@ if $@; @@ -2297,20 +2308,15 @@ __PACKAGE__->register_method({ } } - if (PVE::HA::Config::vm_is_ha_managed($vmid) && - ($rpcenv->{type} ne 'ha')) { + if (PVE::HA::Config::vm_is_ha_managed($vmid) && $rpcenv->{type} ne 'ha') { my $hacmd = sub { my $upid = shift; - my $service = "vm:$vmid"; - - my $cmd = ['ha-manager', 'set', $service, '--state', 'stopped']; - print "Requesting HA stop for VM $vmid\n"; + my $cmd = ['ha-manager', 'set', "vm:$vmid", '--state', 'stopped']; PVE::Tools::run_command($cmd); - return; }; @@ -2325,7 +2331,6 @@ __PACKAGE__->register_method({ PVE::QemuServer::vm_stop($storecfg, $vmid, $skiplock, 0, $param->{timeout}, $shutdown, $param->{forceStop}, $keepActive); - return; }; @@ -2371,11 +2376,9 @@ __PACKAGE__->register_method({ my ($param) = @_; my $rpcenv = PVE::RPCEnvironment::get(); - my $authuser = $rpcenv->get_user(); my $node = extract_param($param, 'node'); - my $vmid = extract_param($param, 'vmid'); my $todisk = extract_param($param, 'todisk') // 0; @@ -2391,8 +2394,6 @@ __PACKAGE__->register_method({ die "Cannot suspend HA managed VM to disk\n" if $todisk && PVE::HA::Config::vm_is_ha_managed($vmid); - my $taskname = $todisk ? 'qmsuspend' : 'qmpause'; - my $realcmd = sub { my $upid = shift; @@ -2403,6 +2404,7 @@ __PACKAGE__->register_method({ return; }; + my $taskname = $todisk ? 'qmsuspend' : 'qmpause'; return $rpcenv->fork_worker($taskname, $vmid, $authuser, $realcmd); }}); @@ -3101,6 +3103,127 @@ __PACKAGE__->register_method({ return PVE::QemuConfig->lock_config($vmid, $updatefn); }}); +my $check_vm_disks_local = sub { + my ($storecfg, $vmconf, $vmid) = @_; + + my $local_disks = {}; + + # add some more information to the disks e.g. cdrom + PVE::QemuServer::foreach_volid($vmconf, sub { + my ($volid, $attr) = @_; + + my ($storeid, $volname) = PVE::Storage::parse_volume_id($volid, 1); + if ($storeid) { + my $scfg = PVE::Storage::storage_config($storecfg, $storeid); + return if $scfg->{shared}; + } + # The shared attr here is just a special case where the vdisk + # is marked as shared manually + return if $attr->{shared}; + return if $attr->{cdrom} and $volid eq "none"; + + if (exists $local_disks->{$volid}) { + @{$local_disks->{$volid}}{keys %$attr} = values %$attr + } else { + $local_disks->{$volid} = $attr; + # ensure volid is present in case it's needed + $local_disks->{$volid}->{volid} = $volid; + } + }); + + return $local_disks; +}; + +__PACKAGE__->register_method({ + name => 'migrate_vm_precondition', + path => '{vmid}/migrate', + method => 'GET', + protected => 1, + proxyto => 'node', + description => "Get preconditions for migration.", + permissions => { + check => ['perm', '/vms/{vmid}', [ 'VM.Migrate' ]], + }, + parameters => { + additionalProperties => 0, + properties => { + node => get_standard_option('pve-node'), + vmid => get_standard_option('pve-vmid', { completion => \&PVE::QemuServer::complete_vmid }), + target => get_standard_option('pve-node', { + description => "Target node.", + completion => \&PVE::Cluster::complete_migration_target, + optional => 1, + }), + }, + }, + returns => { + type => "object", + properties => { + running => { type => 'boolean' }, + allowed_nodes => { + type => 'array', + optional => 1, + description => "List nodes allowed for offline migration with same local storage as source node, only passed if VM is offline" + }, + local_disks => { + type => 'array', + description => "List local disks including CD-Rom, unsused and not referenced disks" + }, + local_resources => { + type => 'array', + description => "List local resources e.g. pci, usb" + } + }, + }, + code => sub { + my ($param) = @_; + + my $rpcenv = PVE::RPCEnvironment::get(); + + my $authuser = $rpcenv->get_user(); + + PVE::Cluster::check_cfs_quorum(); + + my $res = {}; + + my $vmid = extract_param($param, 'vmid'); + my $target = extract_param($param, 'target'); + my $localnode = PVE::INotify::nodename(); + + + # test if VM exists + my $vmconf = PVE::QemuConfig->load_config($vmid); + my $storecfg = PVE::Storage::config(); + + + # try to detect errors early + PVE::QemuConfig->check_lock($vmconf); + + $res->{running} = PVE::QemuServer::check_running($vmid) ? 1:0; + + # if vm is not running, return target nodes where local storage is available + # for offline migration + if (!$res->{running}) { + my $shared_nodes = PVE::QemuServer::shared_nodes($vmconf, $storecfg); + + delete $shared_nodes->{$localnode} if $shared_nodes->{$localnode}; + + $res->{allowed_nodes} = [ keys %$shared_nodes ]; + } + + + my $local_disks = &$check_vm_disks_local($storecfg, $vmconf, $vmid); + $res->{local_disks} = [ values %$local_disks ];; + + my $local_resources = PVE::QemuServer::check_local_resources($vmconf, 1); + + $res->{local_resources} = $local_resources; + + return $res; + + + }}); + __PACKAGE__->register_method({ name => 'migrate_vm', path => '{vmid}/migrate', @@ -3116,7 +3239,7 @@ __PACKAGE__->register_method({ properties => { node => get_standard_option('pve-node'), vmid => get_standard_option('pve-vmid', { completion => \&PVE::QemuServer::complete_vmid }), - target => get_standard_option('pve-node', { + target => get_standard_option('pve-node', { description => "Target node.", completion => \&PVE::Cluster::complete_migration_target, }), @@ -3168,7 +3291,6 @@ __PACKAGE__->register_method({ my ($param) = @_; my $rpcenv = PVE::RPCEnvironment::get(); - my $authuser = $rpcenv->get_user(); my $target = extract_param($param, 'target'); @@ -3222,14 +3344,10 @@ __PACKAGE__->register_method({ my $hacmd = sub { my $upid = shift; - my $service = "vm:$vmid"; - - my $cmd = ['ha-manager', 'migrate', $service, $target]; - print "Requesting HA migration for VM $vmid to node $target\n"; + my $cmd = ['ha-manager', 'migrate', "vm:$vmid", $target]; PVE::Tools::run_command($cmd); - return; }; @@ -3374,7 +3492,7 @@ __PACKAGE__->register_method({ my (undef, undef, undef, undef, undef, undef, $format) = PVE::Storage::parse_volname($storecfg, $drive->{file}); - die "can't resize volume: $disk if snapshot exists\n" + die "can't resize volume: $disk if snapshot exists\n" if %{$conf->{snapshots}} && $format eq 'qcow2'; my $volid = $drive->{file}; @@ -3561,7 +3679,7 @@ __PACKAGE__->register_method({ my $realcmd = sub { PVE::Cluster::log_msg('info', $authuser, "snapshot VM $vmid: $snapname"); - PVE::QemuConfig->snapshot_create($vmid, $snapname, $param->{vmstate}, + PVE::QemuConfig->snapshot_create($vmid, $snapname, $param->{vmstate}, $param->{description}); }; @@ -3862,4 +3980,36 @@ __PACKAGE__->register_method({ return undef; }}); +__PACKAGE__->register_method({ + name => 'cloudinit_generated_config_dump', + path => '{vmid}/cloudinit/dump', + method => 'GET', + proxyto => 'node', + description => "Get automatically generated cloudinit config.", + permissions => { + check => ['perm', '/vms/{vmid}', [ 'VM.Audit' ]], + }, + parameters => { + additionalProperties => 0, + properties => { + node => get_standard_option('pve-node'), + vmid => get_standard_option('pve-vmid', { completion => \&PVE::QemuServer::complete_vmid }), + type => { + description => 'Config type.', + type => 'string', + enum => ['user', 'network', 'meta'], + }, + }, + }, + returns => { + type => 'string', + }, + code => sub { + my ($param) = @_; + + my $conf = PVE::QemuConfig->load_config($param->{vmid}); + + return PVE::QemuServer::Cloudinit::dump_cloudinit_config($conf, $param->{vmid}, $param->{type}); + }}); + 1;