X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=src%2FPVE%2FCLI%2Fpct.pm;h=ab7af33b57c5d8986eb72492b5fdb9cadddc3505;hb=e08ac1a030138ffe15a3f68e96364570ff180171;hp=bb632c1838783dad11b87b80ba19fb22181148cf;hpb=44a9faced0685dd222cbbe3a91c2750c43a788a3;p=pve-container.git diff --git a/src/PVE/CLI/pct.pm b/src/PVE/CLI/pct.pm index bb632c1..ab7af33 100755 --- a/src/PVE/CLI/pct.pm +++ b/src/PVE/CLI/pct.pm @@ -3,8 +3,13 @@ package PVE::CLI::pct; use strict; use warnings; +use POSIX; +use Fcntl; +use File::Copy 'copy'; + use PVE::SafeSyslog; use PVE::Tools qw(extract_param); +use PVE::CpuSet; use PVE::Cluster; use PVE::INotify; use PVE::RPCEnvironment; @@ -27,6 +32,62 @@ my $upid_exit = sub { exit($status eq 'OK' ? 0 : -1); }; +sub setup_environment { + PVE::RPCEnvironment->setup_default_cli_env(); +} + +__PACKAGE__->register_method ({ + name => 'status', + path => 'status', + method => 'GET', + description => "Show CT status.", + parameters => { + additionalProperties => 0, + properties => { + vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }), + verbose => { + description => "Verbose output format", + type => 'boolean', + optional => 1, + } + }, + }, + returns => { type => 'null'}, + code => sub { + my ($param) = @_; + + # test if CT exists + my $conf = PVE::LXC::Config->load_config ($param->{vmid}); + + my $vmstatus = PVE::LXC::vmstatus($param->{vmid}); + my $stat = $vmstatus->{$param->{vmid}}; + if ($param->{verbose}) { + foreach my $k (sort (keys %$stat)) { + my $v = $stat->{$k}; + next if !defined($v); + print "$k: $v\n"; + } + } else { + my $status = $stat->{status} || 'unknown'; + print "status: $status\n"; + } + + return undef; + }}); + +sub param_mapping { + my ($name) = @_; + + my $mapping = { + 'create_vm' => [ + PVE::CLIHandler::get_standard_mapping('pve-password'), + 'ssh-public-keys', + ], + }; + + return $mapping->{$name}; +} + __PACKAGE__->register_method ({ name => 'unlock', path => 'unlock', @@ -44,11 +105,7 @@ __PACKAGE__->register_method ({ my $vmid = $param->{vmid}; - PVE::LXC::lock_container($vmid, 5, sub { - my $conf = PVE::LXC::load_config($vmid); - delete $conf->{lock}; - PVE::LXC::write_config($vmid, $conf); - }); + PVE::LXC::Config->remove_lock($vmid); return undef; }}); @@ -62,6 +119,13 @@ __PACKAGE__->register_method ({ additionalProperties => 0, properties => { vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid_running }), + escape => { + description => "Escape sequence prefix. For example to use as the escape sequence pass '^b'.", + default => '^a', + type => 'string', + pattern => '\^?[a-z]', + optional => 1, + }, }, }, returns => { type => 'null' }, @@ -70,9 +134,9 @@ __PACKAGE__->register_method ({ my ($param) = @_; # test if container exists on this node - my $conf = PVE::LXC::load_config($param->{vmid}); + my $conf = PVE::LXC::Config->load_config($param->{vmid}); - my $cmd = PVE::LXC::get_console_command($param->{vmid}, $conf); + my $cmd = PVE::LXC::get_console_command($param->{vmid}, $conf, $param->{escape}); exec(@$cmd); }}); @@ -92,10 +156,14 @@ __PACKAGE__->register_method ({ code => sub { my ($param) = @_; + my $vmid = $param->{vmid}; + # test if container exists on this node - PVE::LXC::load_config($param->{vmid}); + PVE::LXC::Config->load_config($vmid); + + die "Error: container '$vmid' not running!\n" if !PVE::LXC::check_running($vmid); - exec('lxc-attach', '-n', $param->{vmid}); + exec('lxc-attach', '-n', $vmid); }}); __PACKAGE__->register_method ({ @@ -116,7 +184,7 @@ __PACKAGE__->register_method ({ my ($param) = @_; # test if container exists on this node - PVE::LXC::load_config($param->{vmid}); + PVE::LXC::Config->load_config($param->{vmid}); if (!@{$param->{'extra-args'}}) { die "missing command"; @@ -143,7 +211,7 @@ __PACKAGE__->register_method ({ optional => 1, type => 'string', description => "A volume on which to run the filesystem check", - enum => [PVE::LXC::mountpoint_names()], + enum => [PVE::LXC::Config->mountpoint_names()], }, }, }, @@ -160,13 +228,13 @@ __PACKAGE__->register_method ({ # critical path: all of this will be done while the container is locked my $do_fsck = sub { - my $conf = PVE::LXC::load_config($vmid); + my $conf = PVE::LXC::Config->load_config($vmid); my $storage_cfg = PVE::Storage::config(); - defined($conf->{$device}) || die "cannot run command on unexisting mountpoint $device\n"; + defined($conf->{$device}) || die "cannot run command on non-existing mount point $device\n"; - my $mount_point = $device eq 'rootfs' ? PVE::LXC::parse_ct_rootfs($conf->{$device}) : - PVE::LXC::parse_ct_mountpoint($conf->{$device}); + my $mount_point = $device eq 'rootfs' ? PVE::LXC::Config->parse_ct_rootfs($conf->{$device}) : + PVE::LXC::Config->parse_ct_mountpoint($conf->{$device}); my $volid = $mount_point->{volume}; @@ -199,7 +267,529 @@ __PACKAGE__->register_method ({ PVE::Tools::run_command($command); }; - PVE::LXC::lock_container($vmid, undef, $do_fsck); + PVE::LXC::Config->lock_config($vmid, $do_fsck); + return undef; + }}); + +__PACKAGE__->register_method({ + name => 'mount', + path => 'mount', + method => 'POST', + description => "Mount the container's filesystem on the host. " . + "This will hold a lock on the container and is meant for emergency maintenance only " . + "as it will prevent further operations on the container other than start and stop.", + parameters => { + additionalProperties => 0, + properties => { + vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }), + }, + }, + returns => { type => 'null' }, + code => sub { + my ($param) = @_; + + my $rpcenv = PVE::RPCEnvironment::get(); + + my $vmid = extract_param($param, 'vmid'); + my $storecfg = PVE::Storage::config(); + PVE::LXC::Config->lock_config($vmid, sub { + my $conf = PVE::LXC::Config->set_lock($vmid, 'mounted'); + PVE::LXC::mount_all($vmid, $storecfg, $conf); + }); + + print "mounted CT $vmid in '/var/lib/lxc/$vmid/rootfs'\n"; + return undef; + }}); + +__PACKAGE__->register_method({ + name => 'unmount', + path => 'unmount', + method => 'POST', + description => "Unmount the container's filesystem.", + parameters => { + additionalProperties => 0, + properties => { + vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }), + }, + }, + returns => { type => 'null' }, + code => sub { + my ($param) = @_; + + my $rpcenv = PVE::RPCEnvironment::get(); + + my $vmid = extract_param($param, 'vmid'); + my $storecfg = PVE::Storage::config(); + PVE::LXC::Config->lock_config($vmid, sub { + my $conf = PVE::LXC::Config->load_config($vmid); + PVE::LXC::umount_all($vmid, $storecfg, $conf, 0); + PVE::LXC::Config->remove_lock($vmid, 'mounted'); + }); + return undef; + }}); + +__PACKAGE__->register_method({ + name => 'df', + path => 'df', + method => 'GET', + description => "Get the container's current disk usage.", + parameters => { + additionalProperties => 0, + properties => { + vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }), + }, + }, + returns => { type => 'null' }, + code => sub { + my ($param) = @_; + + my $rpcenv = PVE::RPCEnvironment::get(); + + # JSONSchema's format_size is exact, this uses floating point numbers + my $format = sub { + my ($size) = @_; + return $size if $size < 1024.; + $size /= 1024.; + return sprintf('%.1fK', ${size}) if $size < 1024.; + $size /= 1024.; + return sprintf('%.1fM', ${size}) if $size < 1024.; + $size /= 1024.; + return sprintf('%.1fG', ${size}) if $size < 1024.; + $size /= 1024.; + return sprintf('%.1fT', ${size}) if $size < 1024.; + }; + + my $vmid = extract_param($param, 'vmid'); + PVE::LXC::Config->lock_config($vmid, sub { + my $pid = eval { PVE::LXC::find_lxc_pid($vmid) }; + my ($conf, $rootdir, $storecfg, $mounted); + if ($@ || !$pid) { + $conf = PVE::LXC::Config->set_lock($vmid, 'mounted'); + $rootdir = "/var/lib/lxc/$vmid/rootfs"; + $storecfg = PVE::Storage::config(); + PVE::LXC::mount_all($vmid, $storecfg, $conf); + $mounted = 1; + } else { + $conf = PVE::LXC::Config->load_config($vmid); + $rootdir = "/proc/$pid/root"; + } + + my @list = [qw(MP Volume Size Used Avail Use% Path)]; + my @len = map { length($_) } @{$list[0]}; + + eval { + PVE::LXC::Config->foreach_mountpoint($conf, sub { + my ($name, $mp) = @_; + my $path = $mp->{mp}; + + my $df = PVE::Tools::df("$rootdir/$path", 3); + my $total = $format->($df->{total}); + my $used = $format->($df->{used}); + my $avail = $format->($df->{avail}); + + my $pc = sprintf('%.1f', $df->{used}/$df->{total}); + + my $entry = [ $name, $mp->{volume}, $total, $used, $avail, $pc, $path ]; + push @list, $entry; + + foreach my $i (0..5) { + $len[$i] = length($entry->[$i]) + if $len[$i] < length($entry->[$i]); + } + }); + + my $format = "%-$len[0]s %-$len[1]s %$len[2]s %$len[3]s %$len[4]s %$len[5]s %s\n"; + printf($format, @$_) foreach @list; + }; + warn $@ if $@; + + if ($mounted) { + PVE::LXC::umount_all($vmid, $storecfg, $conf, 0); + PVE::LXC::Config->remove_lock($vmid, 'mounted'); + } + }); + return undef; + }}); + +# File creation with specified ownership and permissions. +# User and group can be names or decimal numbers. +# Permissions are explicit (not affected by umask) and can be numeric with the +# usual 0/0x prefixes for octal/hex. +sub create_file { + my ($path, $perms, $user, $group) = @_; + my ($uid, $gid); + if (defined($user)) { + if ($user =~ /^\d+$/) { + $uid = int($user); + } else { + $uid = getpwnam($user) or die "failed to get uid for: $user\n" + } + } + if (defined($group)) { + if ($group =~ /^\d+$/) { + $gid = int($group); + } else { + $gid = getgrnam($group) or die "failed to get gid for: $group\n" + } + } + + if (defined($perms)) { + $! = 0; + my ($mode, $unparsed) = POSIX::strtoul($perms, 0); + die "invalid mode: '$perms'\n" if $perms eq '' || $unparsed > 0 || $!; + $perms = $mode; + } + + my $fd; + if (sysopen($fd, $path, O_WRONLY | O_CREAT | O_EXCL, 0)) { + $perms = 0666 & ~umask if !defined($perms); + } else { + # If the path previously existed then we do not care about left-over + # file descriptors even if the permissions/ownership is changed. + sysopen($fd, $path, O_WRONLY | O_CREAT | O_TRUNC) + or die "failed to create file: $path: $!\n"; + } + + my $trunc = 0; + + if (defined($perms)) { + $trunc = 1; + chmod($perms, $fd); + } + + if (defined($uid) || defined($gid)) { + $trunc = 1; + my ($fuid, $fgid) = (stat($fd))[4,5] if !defined($uid) || !defined($gid); + $uid = $fuid if !defined($uid); + $gid = $fgid if !defined($gid); + chown($uid, $gid, $fd) + or die "failed to change file owner: $!\n"; + } + return $fd; +} + +__PACKAGE__->register_method ({ + name => 'rescan', + path => 'rescan', + method => 'POST', + description => "Rescan all storages and update disk sizes and unused disk images.", + parameters => { + additionalProperties => 0, + properties => { + vmid => get_standard_option('pve-vmid', { + optional => 1, + completion => \&PVE::LXC::complete_ctid, + }), + dryrun => { + type => 'boolean', + optional => 1, + default => 0, + description => 'Do not actually write changes out to conifg.', + }, + }, + }, + returns => { type => 'null'}, + code => sub { + my ($param) = @_; + + my $dryrun = $param->{dryrun}; + + print "NOTE: running in dry-run mode, won't write changes out!\n" if $dryrun; + + PVE::LXC::rescan($param->{vmid}, 0, $dryrun); + + return undef; + }}); + +__PACKAGE__->register_method({ + name => 'pull', + path => 'pull', + method => 'PUT', + description => "Copy a file from the container to the local system.", + parameters => { + additionalProperties => 0, + properties => { + vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }), + path => { + type => 'string', + description => "Path to a file inside the container to pull.", + }, + destination => { + type => 'string', + description => "Destination", + }, + user => { + type => 'string', + description => 'Owner user name or id.', + optional => 1, + }, + group => { + type => 'string', + description => 'Owner group name or id.', + optional => 1, + }, + perms => { + type => 'string', + description => "File permissions to use (octal by default, prefix with '0x' for hexadecimal).", + optional => 1, + }, + }, + }, + returns => { + type => 'string', + description => "the task ID.", + }, + code => sub { + my ($param) = @_; + + my $rpcenv = PVE::RPCEnvironment::get(); + + my $vmid = extract_param($param, 'vmid'); + my $path = extract_param($param, 'path'); + my $dest = extract_param($param, 'destination'); + + my $perms = extract_param($param, 'perms'); + # assume octal as default + $perms = "0$perms" if defined($perms) && $perms !~m/^0/; + my $user = extract_param($param, 'user'); + my $group = extract_param($param, 'group'); + + my $code = sub { + my $running = PVE::LXC::check_running($vmid); + die "can only pull files from a running VM" if !$running; + + my $realcmd = sub { + my $pid = PVE::LXC::find_lxc_pid($vmid); + # Avoid symlink issues by opening the files from inside the + # corresponding namespaces. + my $destfd = create_file($dest, $perms, $user, $group); + + sysopen my $mntnsfd, "/proc/$pid/ns/mnt", O_RDONLY + or die "failed to open the container's mount namespace\n"; + PVE::Tools::setns(fileno($mntnsfd), PVE::Tools::CLONE_NEWNS) + or die "failed to enter the container's mount namespace\n"; + close($mntnsfd); + chdir('/') or die "failed to change to container root directory\n"; + + open my $srcfd, '<', $path + or die "failed to open $path: $!\n"; + + copy($srcfd, $destfd); + }; + + # This avoids having to setns() back to our namespace. + return $rpcenv->fork_worker('pull_file', $vmid, undef, $realcmd); + }; + + return PVE::LXC::Config->lock_config($vmid, $code); + }}); + +__PACKAGE__->register_method({ + name => 'push', + path => 'push', + method => 'PUT', + description => "Copy a local file to the container.", + parameters => { + additionalProperties => 0, + properties => { + vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }), + file => { + type => 'string', + description => "Path to a local file.", + }, + destination => { + type => 'string', + description => "Destination inside the container to write to.", + }, + user => { + type => 'string', + description => 'Owner user name or id. When using a name it must exist inside the container.', + optional => 1, + }, + group => { + type => 'string', + description => 'Owner group name or id. When using a name it must exist inside the container.', + optional => 1, + }, + perms => { + type => 'string', + description => "File permissions to use (octal by default, prefix with '0x' for hexadecimal).", + optional => 1, + }, + }, + }, + returns => { + type => 'string', + description => "the task ID.", + }, + code => sub { + my ($param) = @_; + + my $rpcenv = PVE::RPCEnvironment::get(); + + my $vmid = extract_param($param, 'vmid'); + my $file = extract_param($param, 'file'); + my $dest = extract_param($param, 'destination'); + + my $perms = extract_param($param, 'perms'); + # assume octal as default + $perms = "0$perms" if defined($perms) && $perms !~m/^0/; + my $user = extract_param($param, 'user'); + my $group = extract_param($param, 'group'); + + my $code = sub { + my $running = PVE::LXC::check_running($vmid); + die "can only push files to a running CT\n" if !$running; + + my $conf = PVE::LXC::Config->load_config($vmid); + my $unprivileged = $conf->{unprivileged}; + + my $realcmd = sub { + my $pid = PVE::LXC::find_lxc_pid($vmid); + # We open the file then enter the container's mount - and for + # unprivileged containers - user namespace and then create the + # file. This avoids symlink attacks as a symlink cannot point + # outside the namespace and our own access is equivalent to the + # container-local's root user. Also the user-passed -user and + # -group parameters will use the container-local's user and + # group names. + sysopen my $srcfd, $file, O_RDONLY + or die "failed to open $file for reading\n"; + + sysopen my $mntnsfd, "/proc/$pid/ns/mnt", O_RDONLY + or die "failed to open the container's mount namespace\n"; + my $usernsfd; + if ($unprivileged) { + sysopen $usernsfd, "/proc/$pid/ns/user", O_RDONLY + or die "failed to open the container's user namespace\n"; + } + + PVE::Tools::setns(fileno($mntnsfd), PVE::Tools::CLONE_NEWNS) + or die "failed to enter the container's mount namespace\n"; + close($mntnsfd); + chdir('/') or die "failed to change to container root directory\n"; + + if ($unprivileged) { + PVE::Tools::setns(fileno($usernsfd), PVE::Tools::CLONE_NEWUSER) + or die "failed to enter the container's user namespace\n"; + close($usernsfd); + POSIX::setgid(0) or die "setgid failed: $!\n"; + POSIX::setuid(0) or die "setuid failed: $!\n"; + } + + my $destfd = create_file($dest, $perms, $user, $group); + copy($srcfd, $destfd); + }; + + # This avoids having to setns() back to our namespace. + return $rpcenv->fork_worker('push_file', $vmid, undef, $realcmd); + }; + + return PVE::LXC::Config->lock_config($vmid, $code); + }}); + +__PACKAGE__->register_method ({ + name => 'cpusets', + path => 'cpusets', + method => 'GET', + description => "Print the list of assigned CPU sets.", + parameters => { + additionalProperties => 0, + properties => {}, + }, + returns => { type => 'null'}, + code => sub { + my ($param) = @_; + + my $cgv1 = PVE::LXC::get_cgroup_subsystems(); + if (!$cgv1->{cpuset}) { + print "cpuset cgroup not available\n"; + return undef; + } + + my $ctlist = PVE::LXC::config_list(); + + my $len = 0; + my $id_len = 0; + my $res = {}; + + foreach my $vmid (sort keys %$ctlist) { + next if ! -d "/sys/fs/cgroup/cpuset/lxc/$vmid"; + + my $cpuset = eval { PVE::CpuSet->new_from_cgroup("lxc/$vmid"); }; + if (my $err = $@) { + warn $err; + next; + } + my @cpuset_members = $cpuset->members(); + + my $line = ': '; + + my $last = $cpuset_members[-1]; + + for (my $id = 0; $id <= $last; $id++) { + my $empty = ' ' x length("$id"); + $line .= ' ' . ($cpuset->has($id) ? $id : $empty); + } + $len = length($line) if length($line) > $len; + $id_len = length($vmid) if length($vmid) > $id_len; + + $res->{$vmid} = $line; + } + + my @vmlist = sort keys %$res; + + if (scalar(@vmlist)) { + my $header = '-' x ($len + $id_len) . "\n"; + + print $header; + foreach my $vmid (@vmlist) { + print sprintf("%${id_len}i%s\n", $vmid, $res->{$vmid}); + } + print $header; + + } else { + print "no running containers\n"; + } + + return undef; + }}); + +__PACKAGE__->register_method ({ + name => 'fstrim', + path => 'fstrim', + method => 'POST', + description => "Run fstrim on a chosen CT and its mountpoints.", + parameters => { + additionalProperties => 0, + properties => { + vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }), + }, + }, + returns => { type => 'null' }, + code => sub { + + my ($param) = @_; + my $vmid = $param->{'vmid'}; + + my $rootdir = "/var/lib/lxc/$vmid/rootfs"; + + my $storecfg = PVE::Storage::config(); + my $conf = PVE::LXC::Config->set_lock($vmid, 'fstrim'); + PVE::LXC::mount_all($vmid, $storecfg, $conf); + eval { + my $path = ""; + PVE::LXC::Config->foreach_mountpoint($conf, sub { + my ($name, $mp) = @_; + $path = $mp->{mp}; + my $cmd = ["fstrim", "-v", "$rootdir$path"]; + PVE::Tools::run_command($cmd); + }); + }; + + PVE::LXC::umount_all($vmid, $storecfg, $conf, 0); + PVE::LXC::Config->remove_lock($vmid, 'fstrim'); + return undef; }}); @@ -207,10 +797,10 @@ our $cmddef = { list=> [ 'PVE::API2::LXC', 'vmlist', [], { node => $nodename }, sub { my $res = shift; return if !scalar(@$res); - my $format = "%-10s %-10s %-20s\n"; - printf($format, 'VMID', 'Status', 'Name'); + my $format = "%-10s %-10s %-12s %-20s\n"; + printf($format, 'VMID', 'Status', 'Lock', 'Name'); foreach my $d (sort {$a->{vmid} <=> $b->{vmid} } @$res) { - printf($format, $d->{vmid}, $d->{status}, $d->{name}); + printf($format, $d->{vmid}, $d->{status}, $d->{lock}, $d->{name}); } }], config => [ "PVE::API2::LXC::Config", 'vm_config', ['vmid'], @@ -218,12 +808,19 @@ our $cmddef = { my $config = shift; foreach my $k (sort (keys %$config)) { next if $k eq 'digest'; + next if $k eq 'lxc'; my $v = $config->{$k}; if ($k eq 'description') { $v = PVE::Tools::encode_text($v); } print "$k: $v\n"; } + if (defined($config->{'lxc'})) { + my $lxc_list = $config->{'lxc'}; + foreach my $lxc_opt (@$lxc_list) { + print "$lxc_opt->[0]: $lxc_opt->[1]\n" + } + } }], set => [ 'PVE::API2::LXC::Config', 'update_vm', ['vmid'], { node => $nodename }], @@ -238,14 +835,25 @@ our $cmddef = { shutdown => [ 'PVE::API2::LXC::Status', 'vm_shutdown', ['vmid'], { node => $nodename }, $upid_exit], stop => [ 'PVE::API2::LXC::Status', 'vm_stop', ['vmid'], { node => $nodename }, $upid_exit], + clone => [ "PVE::API2::LXC", 'clone_vm', ['vmid', 'newid'], { node => $nodename }, $upid_exit ], migrate => [ "PVE::API2::LXC", 'migrate_vm', ['vmid', 'target'], { node => $nodename }, $upid_exit], + move_volume => [ "PVE::API2::LXC", 'move_volume', ['vmid', 'volume', 'storage'], { node => $nodename }, $upid_exit ], + status => [ __PACKAGE__, 'status', ['vmid']], console => [ __PACKAGE__, 'console', ['vmid']], enter => [ __PACKAGE__, 'enter', ['vmid']], unlock => [ __PACKAGE__, 'unlock', ['vmid']], exec => [ __PACKAGE__, 'exec', ['vmid', 'extra-args']], fsck => [ __PACKAGE__, 'fsck', ['vmid']], - + + mount => [ __PACKAGE__, 'mount', ['vmid']], + unmount => [ __PACKAGE__, 'unmount', ['vmid']], + push => [ __PACKAGE__, 'push', ['vmid', 'file', 'destination']], + pull => [ __PACKAGE__, 'pull', ['vmid', 'path', 'destination']], + + df => [ __PACKAGE__, 'df', ['vmid']], + rescan => [ __PACKAGE__, 'rescan', []], + destroy => [ 'PVE::API2::LXC', 'destroy_vm', ['vmid'], { node => $nodename }, $upid_exit ], @@ -268,69 +876,12 @@ our $cmddef = { rollback => [ "PVE::API2::LXC::Snapshot", 'rollback', ['vmid', 'snapname'], { node => $nodename } , $upid_exit ], template => [ "PVE::API2::LXC", 'template', ['vmid'], { node => $nodename }], -}; - - -1; - -__END__ - -=head1 NAME - -pct - Tool to manage Linux Containers (LXC) on Proxmox VE - -=head1 SYNOPSIS - -=include synopsis - -=head1 DESCRIPTION - -pct is a tool to manages Linux Containers (LXC). You can create -and destroy containers, and control execution -(start/stop/suspend/resume). Besides that, you can use pct to set -parameters in the associated config file, like network configuration or -memory. - -=head1 EXAMPLES -Create a container based on a Debian template -(provided you downloaded the template via the webgui before) + cpusets => [ __PACKAGE__, 'cpusets', []], -pct create 100 /var/lib/vz/template/cache/debian-8.0-standard_8.0-1_amd64.tar.gz + fstrim => [ __PACKAGE__, 'fstrim', ['vmid']], -Start a container - -pct start 100 - -Start a login session via getty - -pct console 100 - -Enter the lxc namespace and run a shell as root user - -pct enter 100 - -Display the configuration - -pct config 100 - -Add a network interface called eth0, bridged to the host bridge vmbr0, -set the address and gateway, while it's running - -pct set 100 -net0 name=eth0,bridge=vmbr0,ip=192.168.15.147/24,gw=192.168.15.1 - -Reduce the memory of the container to 512MB - -pct set -memory 512 100 - -=head1 FILES - -/etc/pve/lxc/.conf - -Configuration file for the container - -=head1 SEE ALSO +}; -L>, L> -=include pve_copyright +1;