X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=src%2FPVE%2FLXC%2FConfig.pm;h=7c10f4dea5fb425a6940921a191d5898cb269c45;hb=717f70b763644f1a7f6c2ced9bcc05e56c7da7f2;hp=ef4c24b131e9c9b53460b11db0dc6faebfda1d8e;hpb=1d9369fdb0e143afa1564f4e128973d091e2be6b;p=pve-container.git diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm index ef4c24b..7c10f4d 100644 --- a/src/PVE/LXC/Config.pm +++ b/src/PVE/LXC/Config.pm @@ -16,7 +16,7 @@ my $lock_handles = {}; my $lockdir = "/run/lock/lxc"; mkdir $lockdir; mkdir "/etc/pve/nodes/$nodename/lxc"; -my $MAX_MOUNT_POINTS = 10; +my $MAX_MOUNT_POINTS = 256; my $MAX_UNUSED_DISKS = $MAX_MOUNT_POINTS; # BEGIN implemented abstract methods from PVE::AbstractConfig @@ -44,6 +44,18 @@ sub cfs_config_path { return "nodes/$node/lxc/$vmid.conf"; } +sub mountpoint_backup_enabled { + my ($class, $mp_key, $mountpoint) = @_; + + return 1 if $mp_key eq 'rootfs'; + + return 0 if $mountpoint->{type} ne 'volume'; + + return 1 if $mountpoint->{backup}; + + return 0; +} + sub has_feature { my ($class, $feature, $conf, $storecfg, $snapname, $running, $backup_only) = @_; my $err; @@ -52,7 +64,7 @@ sub has_feature { my ($ms, $mountpoint) = @_; return if $err; # skip further test - return if $backup_only && $ms ne 'rootfs' && !$mountpoint->{backup}; + return if $backup_only && !$class->mountpoint_backup_enabled($ms, $mountpoint); $err = 1 if !PVE::Storage::volume_has_feature($storecfg, $feature, @@ -97,7 +109,9 @@ sub __snapshot_create_vol_snapshot { my $storecfg = PVE::Storage::config(); - return if $snapname eq 'vzdump' && $ms ne 'rootfs' && !$mountpoint->{backup}; + return if $snapname eq 'vzdump' && + !$class->mountpoint_backup_enabled($ms, $mountpoint); + PVE::Storage::volume_snapshot($storecfg, $mountpoint->{volume}, $snapname); } @@ -110,7 +124,9 @@ sub __snapshot_delete_remove_drive { my $value = $snap->{$remove_drive}; my $mountpoint = $remove_drive eq 'rootfs' ? $class->parse_ct_rootfs($value, 1) : $class->parse_ct_mountpoint($value, 1); delete $snap->{$remove_drive}; - $class->add_unused_volume($snap, $mountpoint->{volume}); + + $class->add_unused_volume($snap, $mountpoint->{volume}) + if ($mountpoint->{type} eq 'volume'); } } @@ -123,6 +139,9 @@ sub __snapshot_delete_vmstate_file { sub __snapshot_delete_vol_snapshot { my ($class, $vmid, $ms, $mountpoint, $snapname, $unused) = @_; + return if $snapname eq 'vzdump' && + !$class->mountpoint_backup_enabled($ms, $mountpoint); + my $storecfg = PVE::Storage::config(); PVE::Storage::volume_snapshot_delete($storecfg, $mountpoint->{volume}, $snapname); push @$unused, $mountpoint->{volume}; @@ -145,7 +164,7 @@ sub __snapshot_rollback_vol_rollback { sub __snapshot_rollback_vm_stop { my ($class, $vmid) = @_; - PVE::Tools::run_command(['/usr/bin/lxc-stop', '-n', $vmid, '--kill']) + PVE::LXC::vm_stop($vmid, 1) if $class->__snapshot_check_running($vmid); } @@ -155,6 +174,35 @@ sub __snapshot_rollback_vm_start { die "implement me - save vmstate\n"; } +sub __snapshot_rollback_get_unused { + my ($class, $conf, $snap) = @_; + + my $unused = []; + + $class->__snapshot_foreach_volume($conf, sub { + my ($vs, $volume) = @_; + + return if $volume->{type} ne 'volume'; + + my $found = 0; + my $volid = $volume->{volume}; + + $class->__snapshot_foreach_volume($snap, sub { + my ($ms, $mountpoint) = @_; + + return if $found; + return if ($mountpoint->{type} ne 'volume'); + + $found = 1 + if ($mountpoint->{volume} && $mountpoint->{volume} eq $volid); + }); + + push @$unused, $volid if !$found; + }); + + return $unused; +} + sub __snapshot_foreach_volume { my ($class, $conf, $func) = @_; @@ -175,12 +223,6 @@ my $rootfs_desc = { format_description => 'volume', description => 'Volume, device or directory to mount into the container.', }, - backup => { - type => 'boolean', - format_description => '[1|0]', - description => 'Whether to include the mountpoint in backups.', - optional => 1, - }, size => { type => 'string', format => 'disk-size', @@ -190,22 +232,32 @@ my $rootfs_desc = { }, acl => { type => 'boolean', - format_description => 'acl', description => 'Explicitly enable or disable ACL support.', optional => 1, }, ro => { type => 'boolean', - format_description => 'ro', - description => 'Read-only mountpoint (not supported with bind mounts)', + description => 'Read-only mount point', optional => 1, }, quota => { type => 'boolean', - format_description => '[0|1]', description => 'Enable user quotas inside the container (not supported with zfs subvolumes)', optional => 1, }, + replicate => { + type => 'boolean', + description => 'Will include this volume to a storage replica job.', + optional => 1, + default => 1, + }, + shared => { + type => 'boolean', + description => 'Mark this non-volume mount point as available on multiple nodes (see \'nodes\')', + verbose_description => "Mark this non-volume mount point as available on all nodes.\n\nWARNING: This option does not share the mount point automatically, it assumes it is shared already!", + optional => 1, + default => 0, + }, }; PVE::JSONSchema::register_standard_option('pve-ct-rootfs', { @@ -225,7 +277,7 @@ my $confdesc = { optional => 1, type => 'string', description => "Lock/unlock the VM.", - enum => [qw(migrate backup snapshot rollback)], + enum => [qw(mounted migrate backup snapshot rollback)], }, onboot => { optional => 1, @@ -250,7 +302,7 @@ my $confdesc = { ostype => { optional => 1, type => 'string', - enum => ['debian', 'ubuntu', 'centos', 'fedora', 'opensuse', 'archlinux', 'alpine', 'unmanaged'], + enum => [qw(debian ubuntu centos fedora opensuse archlinux alpine gentoo unmanaged)], description => "OS type. This is used to setup configuration inside the container, and corresponds to lxc setup scripts in /usr/share/lxc/config/.common.conf. Value 'unmanaged' can be used to skip and OS specific setup.", }, console => { @@ -267,10 +319,17 @@ my $confdesc = { maximum => 6, default => 2, }, + cores => { + optional => 1, + type => 'integer', + description => "The number of cores assigned to the container. A container can use all available cores by default.", + minimum => 1, + maximum => 128, + }, cpulimit => { optional => 1, type => 'number', - description => "Limit of CPU usage. Note if the computer has 2 CPUs, it has a total of '2' CPU time. Value '0' indicates no CPU limit.", + description => "Limit of CPU usage.\n\nNOTE: If the computer has 2 CPUs, it has a total of '2' CPU time. Value '0' indicates no CPU limit.", minimum => 0, maximum => 128, default => 0, @@ -306,7 +365,7 @@ my $confdesc = { description => { optional => 1, type => 'string', - description => "Container description. Only used on the configuration web interface.", + description => "Container description. Only used on the configuration web interface.", }, searchdomain => { optional => 1, @@ -353,48 +412,37 @@ my $confdesc = { }; my $valid_lxc_conf_keys = { + 'lxc.apparmor.profile' => 1, + 'lxc.apparmor.allow_incomplete' => 1, + 'lxc.selinux.context' => 1, 'lxc.include' => 1, 'lxc.arch' => 1, - 'lxc.utsname' => 1, - 'lxc.haltsignal' => 1, - 'lxc.rebootsignal' => 1, - 'lxc.stopsignal' => 1, - 'lxc.init_cmd' => 1, - 'lxc.network.type' => 1, - 'lxc.network.flags' => 1, - 'lxc.network.link' => 1, - 'lxc.network.mtu' => 1, - 'lxc.network.name' => 1, - 'lxc.network.hwaddr' => 1, - 'lxc.network.ipv4' => 1, - 'lxc.network.ipv4.gateway' => 1, - 'lxc.network.ipv6' => 1, - 'lxc.network.ipv6.gateway' => 1, - 'lxc.network.script.up' => 1, - 'lxc.network.script.down' => 1, - 'lxc.pts' => 1, + 'lxc.uts.name' => 1, + 'lxc.signal.halt' => 1, + 'lxc.signal.reboot' => 1, + 'lxc.signal.stop' => 1, + 'lxc.init.cmd' => 1, + 'lxc.pty.max' => 1, 'lxc.console.logfile' => 1, - 'lxc.console' => 1, - 'lxc.tty' => 1, - 'lxc.devttydir' => 1, + 'lxc.console.path' => 1, + 'lxc.tty.max' => 1, + 'lxc.devtty.dir' => 1, 'lxc.hook.autodev' => 1, 'lxc.autodev' => 1, 'lxc.kmsg' => 1, - 'lxc.mount' => 1, + 'lxc.mount.fstab' => 1, 'lxc.mount.entry' => 1, 'lxc.mount.auto' => 1, - 'lxc.rootfs' => 'lxc.rootfs is auto generated from rootfs', + 'lxc.rootfs.path' => 'lxc.rootfs.path is auto generated from rootfs', 'lxc.rootfs.mount' => 1, 'lxc.rootfs.options' => 'lxc.rootfs.options is not supported' . - ', please use mountpoint options in the "rootfs" key', + ', please use mount point options in the "rootfs" key', # lxc.cgroup.* + # lxc.prlimit.* 'lxc.cap.drop' => 1, 'lxc.cap.keep' => 1, - 'lxc.aa_profile' => 1, - 'lxc.aa_allow_incomplete' => 1, - 'lxc.se_context' => 1, - 'lxc.seccomp' => 1, - 'lxc.id_map' => 1, + 'lxc.seccomp.profile' => 1, + 'lxc.idmap' => 1, 'lxc.hook.pre-start' => 1, 'lxc.hook.pre-mount' => 1, 'lxc.hook.mount' => 1, @@ -403,8 +451,8 @@ my $valid_lxc_conf_keys = { 'lxc.hook.post-stop' => 1, 'lxc.hook.clone' => 1, 'lxc.hook.destroy' => 1, - 'lxc.loglevel' => 1, - 'lxc.logfile' => 1, + 'lxc.log.level' => 1, + 'lxc.log.file' => 1, 'lxc.start.auto' => 1, 'lxc.start.delay' => 1, 'lxc.start.order' => 1, @@ -412,7 +460,58 @@ my $valid_lxc_conf_keys = { 'lxc.environment' => 1, }; -my $netconf_desc = { +my $deprecated_lxc_conf_keys = { + # Deprecated (removed with lxc 3.0): + 'lxc.aa_profile' => 'lxc.apparmor.profile', + 'lxc.aa_allow_incomplete' => 'lxc.apparmor.allow_incomplete', + 'lxc.console' => 'lxc.console.path', + 'lxc.devttydir' => 'lxc.tty.dir', + 'lxc.haltsignal' => 'lxc.signal.halt', + 'lxc.rebootsignal' => 'lxc.signal.reboot', + 'lxc.stopsignal' => 'lxc.signal.stop', + 'lxc.id_map' => 'lxc.idmap', + 'lxc.init_cmd' => 'lxc.init.cmd', + 'lxc.loglevel' => 'lxc.log.level', + 'lxc.logfile' => 'lxc.log.file', + 'lxc.mount' => 'lxc.mount.fstab', + 'lxc.network.type' => 'lxc.net.INDEX.type', + 'lxc.network.flags' => 'lxc.net.INDEX.flags', + 'lxc.network.link' => 'lxc.net.INDEX.link', + 'lxc.network.mtu' => 'lxc.net.INDEX.mtu', + 'lxc.network.name' => 'lxc.net.INDEX.name', + 'lxc.network.hwaddr' => 'lxc.net.INDEX.hwaddr', + 'lxc.network.ipv4' => 'lxc.net.INDEX.ipv4.address', + 'lxc.network.ipv4.gateway' => 'lxc.net.INDEX.ipv4.gateway', + 'lxc.network.ipv6' => 'lxc.net.INDEX.ipv6.address', + 'lxc.network.ipv6.gateway' => 'lxc.net.INDEX.ipv6.gateway', + 'lxc.network.script.up' => 'lxc.net.INDEX.script.up', + 'lxc.network.script.down' => 'lxc.net.INDEX.script.down', + 'lxc.pts' => 'lxc.pty.max', + 'lxc.se_context' => 'lxc.selinux.context', + 'lxc.seccomp' => 'lxc.seccomp.profile', + 'lxc.tty' => 'lxc.tty.max', + 'lxc.utsname' => 'lxc.uts.name', +}; + +sub is_valid_lxc_conf_key { + my ($vmid, $key) = @_; + if ($key =~ /^lxc\.limit\./) { + warn "vm $vmid - $key: lxc.limit.* was renamed to lxc.prlimit.*\n"; + return 1; + } + if (defined(my $new_name = $deprecated_lxc_conf_keys->{$key})) { + warn "vm $vmid - $key is deprecated and was renamed to $new_name\n"; + return 1; + } + my $validity = $valid_lxc_conf_keys->{$key}; + return $validity if defined($validity); + return 1 if $key =~ /^lxc\.cgroup\./ # allow all cgroup values + || $key =~ /^lxc\.prlimit\./ # allow all prlimits + || $key =~ /^lxc\.net\./; # allow custom network definitions + return 0; +} + +our $netconf_desc = { type => { type => 'string', optional => 1, @@ -421,27 +520,26 @@ my $netconf_desc = { }, name => { type => 'string', - format_description => 'String', - description => 'Name of the network device as seen from inside the container. (lxc.network.name)', + format_description => 'string', + description => 'Name of the network device as seen from inside the container. (lxc.network.name)', pattern => '[-_.\w\d]+', }, bridge => { type => 'string', - format_description => 'vmbr', + format_description => 'bridge', description => 'Bridge to attach the network device to.', pattern => '[-_.\w\d]+', optional => 1, }, hwaddr => { type => 'string', - format_description => 'MAC', - description => 'Bridge to attach the network device to. (lxc.network.hwaddr)', + format_description => "XX:XX:XX:XX:XX:XX", + description => 'The interface MAC address. This is dynamically allocated by default, but you can set that statically if needed, for example to always have the same link-local IPv6 address. (lxc.network.hwaddr)', pattern => qr/(?:[a-f0-9]{2}:){5}[a-f0-9]{2}/i, optional => 1, }, mtu => { type => 'integer', - format_description => 'Number', description => 'Maximum transfer unit of the interface. (lxc.network.mtu)', minimum => 64, # minimum ethernet frame is 64 bytes optional => 1, @@ -449,7 +547,7 @@ my $netconf_desc = { ip => { type => 'string', format => 'pve-ipv4-config', - format_description => 'IPv4Format/CIDR', + format_description => '(IPv4/CIDR|dhcp|manual)', description => 'IPv4 address in CIDR format.', optional => 1, }, @@ -463,7 +561,7 @@ my $netconf_desc = { ip6 => { type => 'string', format => 'pve-ipv6-config', - format_description => 'IPv6Format/CIDR', + format_description => '(IPv6/CIDR|auto|dhcp|manual)', description => 'IPv6 address in CIDR format.', optional => 1, }, @@ -476,15 +574,13 @@ my $netconf_desc = { }, firewall => { type => 'boolean', - format_description => '[1|0]', description => "Controls whether this interface's firewall rules should be used.", optional => 1, }, tag => { type => 'integer', - format_description => 'VlanNo', - minimum => '2', - maximum => '4094', + minimum => 1, + maximum => 4094, description => "VLAN tag for this interface.", optional => 1, }, @@ -533,11 +629,21 @@ sub verify_lxc_mp_string { my $mp_desc = { %$rootfs_desc, + backup => { + type => 'boolean', + description => 'Whether to include the mount point in backups.', + verbose_description => 'Whether to include the mount point in backups '. + '(only used for volume mount points).', + optional => 1, + }, mp => { type => 'string', format => 'pve-lxc-mp-string', format_description => 'Path', - description => 'Path to the mountpoint as seen from inside the container.', + description => 'Path to the mount point as seen from inside the container '. + '(must not contain symlinks).', + verbose_description => "Path to the mount point as seen from inside the container.\n\n". + "NOTE: Must not contain any symlinks for security reasons." }, }; PVE::JSONSchema::register_format('pve-ct-mountpoint', $mp_desc); @@ -545,14 +651,14 @@ PVE::JSONSchema::register_format('pve-ct-mountpoint', $mp_desc); my $unuseddesc = { optional => 1, type => 'string', format => 'pve-volume-id', - description => "Reference to unused volumes.", + description => "Reference to unused volumes. This is used internally, and should not be modified manually.", }; for (my $i = 0; $i < $MAX_MOUNT_POINTS; $i++) { $confdesc->{"mp$i"} = { optional => 1, type => 'string', format => $mp_desc, - description => "Use volume as container mount point (experimental feature).", + description => "Use volume as container mount point.", optional => 1, }; } @@ -600,8 +706,8 @@ sub parse_pct_config { if ($line =~ m/^(lxc\.[a-z0-9_\-\.]+)(:|\s*=)\s*(.*?)\s*$/) { my $key = $1; my $value = $3; - my $validity = $valid_lxc_conf_keys->{$key} || 0; - if ($validity eq 1 || $key =~ m/^lxc\.cgroup\./) { + my $validity = is_valid_lxc_conf_key($vmid, $key); + if ($validity eq 1) { push @{$conf->{lxc}}, [$key, $value]; } elsif (my $errmsg = $validity) { warn "vm $vmid - $key: $errmsg\n"; @@ -716,12 +822,14 @@ sub update_pct_config { if (defined($delete)) { foreach my $opt (@$delete) { if (!exists($conf->{$opt})) { - warn "no such option: $opt\n"; + # silently ignore next; } - if ($opt eq 'hostname' || $opt eq 'memory' || $opt eq 'rootfs') { + if ($opt eq 'memory' || $opt eq 'rootfs') { die "unable to delete required option '$opt'\n"; + } elsif ($opt eq 'hostname') { + delete $conf->{$opt}; } elsif ($opt eq 'swap') { delete $conf->{$opt}; PVE::LXC::write_cgroup_value("memory", $vmid, @@ -732,6 +840,8 @@ sub update_pct_config { $opt eq 'tty' || $opt eq 'console' || $opt eq 'cmode') { next if $hotplug_error->($opt); delete $conf->{$opt}; + } elsif ($opt eq 'cores') { + delete $conf->{$opt}; # rest is handled by pvestatd } elsif ($opt eq 'cpulimit') { PVE::LXC::write_cgroup_value("cpu", $vmid, "cpu.cfs_quota_us", -1); delete $conf->{$opt}; @@ -804,12 +914,30 @@ sub update_pct_config { PVE::LXC::Config->write_config($vmid, $conf) if $running; } + my $storecfg = PVE::Storage::config(); + my $used_volids = {}; + my $check_content_type = sub { + my ($mp) = @_; + my $sid = PVE::Storage::parse_volume_id($mp->{volume}); + my $storage_config = PVE::Storage::storage_config($storecfg, $sid); + die "storage '$sid' does not allow content type 'rootdir' (Container)\n" + if !$storage_config->{content}->{rootdir}; + }; + + my $rescan_volume = sub { + my ($mp) = @_; + eval { + $mp->{size} = PVE::Storage::volume_size_info($storecfg, $mp->{volume}, 5) + if !defined($mp->{size}); + }; + warn "Could not rescan volume size - $@\n" if $@; + }; foreach my $opt (keys %$param) { my $value = $param->{$opt}; my $check_protection_msg = "can't update CT $vmid drive '$opt'"; - if ($opt eq 'hostname') { + if ($opt eq 'hostname' || $opt eq 'arch') { $conf->{$opt} = $value; } elsif ($opt eq 'onboot') { $conf->{$opt} = $value ? 1 : 0; @@ -826,14 +954,20 @@ sub update_pct_config { next if $hotplug_error->($opt); my $list = PVE::LXC::verify_searchdomain_list($value); $conf->{$opt} = $list; + } elsif ($opt eq 'cores') { + $conf->{$opt} = $value;# rest is handled by pvestatd } elsif ($opt eq 'cpulimit') { - PVE::LXC::write_cgroup_value("cpu", $vmid, "cpu.cfs_quota_us", int(100000*$value)); + if ($value == 0) { + PVE::LXC::write_cgroup_value("cpu", $vmid, "cpu.cfs_quota_us", -1); + } else { + PVE::LXC::write_cgroup_value("cpu", $vmid, "cpu.cfs_quota_us", int(100000*$value)); + } $conf->{$opt} = $value; } elsif ($opt eq 'cpuunits') { $conf->{$opt} = $value; PVE::LXC::write_cgroup_value("cpu", $vmid, "cpu.shares", $value); } elsif ($opt eq 'description') { - $conf->{$opt} = PVE::Tools::encode_text($value); + $conf->{$opt} = $value; } elsif ($opt =~ m/^net(\d+)$/) { my $netid = $1; my $net = PVE::LXC::Config->parse_lxc_network($value); @@ -850,14 +984,13 @@ sub update_pct_config { my $old = $conf->{$opt}; my $mp = PVE::LXC::Config->parse_ct_mountpoint($value); if ($mp->{type} eq 'volume') { - my $sid = PVE::Storage::parse_volume_id($mp->{volume}); - my $scfg = PVE::Storage::config(); - my $storage_config = PVE::Storage::storage_config($scfg, $sid); - die "storage '$sid' does not allow content type 'rootdir' (Container)\n" - if !$storage_config->{content}->{rootdir}; + &$check_content_type($mp); $used_volids->{$mp->{volume}} = 1; + &$rescan_volume($mp); + $conf->{$opt} = PVE::LXC::Config->print_ct_mountpoint($mp); + } else { + $conf->{$opt} = $value; } - $conf->{$opt} = $value; if (defined($old)) { my $mp = PVE::LXC::Config->parse_ct_mountpoint($old); if ($mp->{type} eq 'volume') { @@ -869,15 +1002,14 @@ sub update_pct_config { next if $hotplug_error->($opt); PVE::LXC::Config->check_protection($conf, $check_protection_msg); my $old = $conf->{$opt}; - $conf->{$opt} = $value; my $mp = PVE::LXC::Config->parse_ct_rootfs($value); if ($mp->{type} eq 'volume') { - my $sid = PVE::Storage::parse_volume_id($mp->{volume}); - my $scfg = PVE::Storage::config(); - my $storage_config = PVE::Storage::storage_config($scfg, $sid); - die "storage '$sid' does not allow content type 'rootdir' (Container)\n" - if !$storage_config->{content}->{rootdir}; + &$check_content_type($mp); $used_volids->{$mp->{volume}} = 1; + &$rescan_volume($mp); + $conf->{$opt} = PVE::LXC::Config->print_ct_mountpoint($mp, 1); + } else { + $conf->{$opt} = $value; } if (defined($old)) { my $mp = PVE::LXC::Config->parse_ct_rootfs($old); @@ -894,6 +1026,7 @@ sub update_pct_config { } else { die "implement me: $opt"; } + PVE::LXC::Config->write_config($vmid, $conf) if $running; } @@ -1033,7 +1166,10 @@ sub parse_lxc_network { $res = PVE::JSONSchema::parse_property_string($netconf_desc, $data); $res->{type} = 'veth'; - $res->{hwaddr} = PVE::Tools::random_ether_addr() if !$res->{hwaddr}; + if (!$res->{hwaddr}) { + my $dc = PVE::Cluster::cfs_read_file('datacenter.cfg'); + $res->{hwaddr} = PVE::Tools::random_ether_addr($dc->{mac_prefix}); + } return $res; } @@ -1054,8 +1190,8 @@ sub classify_mountpoint { return 'volume'; } -sub is_volume_in_use { - my ($class, $config, $volid, $include_snapshots) = @_; +my $is_volume_in_use = sub { + my ($class, $config, $volid) = @_; my $used = 0; $class->foreach_mountpoint($config, sub { @@ -1064,14 +1200,26 @@ sub is_volume_in_use { $used = $mountpoint->{type} eq 'volume' && $mountpoint->{volume} eq $volid; }); - my $snapshots = $config->{snapshots}; - if ($include_snapshots && $snapshots) { + return $used; +}; + +sub is_volume_in_use_by_snapshots { + my ($class, $config, $volid) = @_; + + if (my $snapshots = $config->{snapshots}) { foreach my $snap (keys %$snapshots) { - $used ||= $class->is_volume_in_use($snapshots->{$snap}, $volid); + return 1 if $is_volume_in_use->($class, $snapshots->{$snap}, $volid); } } - return $used; + return 0; +}; + +sub is_volume_in_use { + my ($class, $config, $volid, $include_snapshots) = @_; + return 1 if $is_volume_in_use->($class, $config, $volid); + return 1 if $include_snapshots && $class->is_volume_in_use_by_snapshots($config, $volid); + return 0; } sub has_dev_console { @@ -1080,6 +1228,19 @@ sub has_dev_console { return !(defined($conf->{console}) && !$conf->{console}); } +sub has_lxc_entry { + my ($class, $conf, $keyname) = @_; + + if (my $lxcconf = $conf->{lxc}) { + foreach my $entry (@$lxcconf) { + my ($key, undef) = @$entry; + return 1 if $key eq $keyname; + } + } + + return 0; +} + sub get_tty_count { my ($class, $conf) = @_; @@ -1105,28 +1266,28 @@ sub mountpoint_names { } sub foreach_mountpoint_full { - my ($class, $conf, $reverse, $func) = @_; + my ($class, $conf, $reverse, $func, @param) = @_; - foreach my $key ($class->mountpoint_names($reverse)) { + my $mps = [ grep { defined($conf->{$_}) } $class->mountpoint_names($reverse) ]; + foreach my $key (@$mps) { my $value = $conf->{$key}; - next if !defined($value); my $mountpoint = $key eq 'rootfs' ? $class->parse_ct_rootfs($value, 1) : $class->parse_ct_mountpoint($value, 1); next if !defined($mountpoint); - &$func($key, $mountpoint); + &$func($key, $mountpoint, @param); } } sub foreach_mountpoint { - my ($class, $conf, $func) = @_; + my ($class, $conf, $func, @param) = @_; - $class->foreach_mountpoint_full($conf, 0, $func); + $class->foreach_mountpoint_full($conf, 0, $func, @param); } sub foreach_mountpoint_reverse { - my ($class, $conf, $func) = @_; + my ($class, $conf, $func, @param) = @_; - $class->foreach_mountpoint_full($conf, 1, $func); + $class->foreach_mountpoint_full($conf, 1, $func, @param); } sub get_vm_volumes { @@ -1151,4 +1312,68 @@ sub get_vm_volumes { return $vollist; } -return 1; +sub get_replicatable_volumes { + my ($class, $storecfg, $vmid, $conf, $cleanup, $noerr) = @_; + + my $volhash = {}; + + my $test_volid = sub { + my ($volid, $mountpoint) = @_; + + return if !$volid; + + my $mptype = $mountpoint->{type}; + my $replicate = $mountpoint->{replicate} // 1; + + if ($mptype ne 'volume') { + # skip bindmounts if replicate = 0 even for cleanup, + # since bind mounts could not have been replicated ever + return if !$replicate; + die "unable to replicate mountpoint type '$mptype'\n"; + } + + my ($storeid, $volname) = PVE::Storage::parse_volume_id($volid, $noerr); + return if !$storeid; + + my $scfg = PVE::Storage::storage_config($storecfg, $storeid); + return if $scfg->{shared}; + + my ($path, $owner, $vtype) = PVE::Storage::path($storecfg, $volid); + return if !$owner || ($owner != $vmid); + + die "unable to replicate volume '$volid', type '$vtype'\n" if $vtype ne 'images'; + + return if !$cleanup && !$replicate; + + if (!PVE::Storage::volume_has_feature($storecfg, 'replicate', $volid)) { + return if $cleanup || $noerr; + die "missing replicate feature on volume '$volid'\n"; + } + + $volhash->{$volid} = 1; + }; + + $class->foreach_mountpoint($conf, sub { + my ($ms, $mountpoint) = @_; + $test_volid->($mountpoint->{volume}, $mountpoint); + }); + + foreach my $snapname (keys %{$conf->{snapshots}}) { + my $snap = $conf->{snapshots}->{$snapname}; + $class->foreach_mountpoint($snap, sub { + my ($ms, $mountpoint) = @_; + $test_volid->($mountpoint->{volume}, $mountpoint); + }); + } + + # add 'unusedX' volumes to volhash + foreach my $key (keys %$conf) { + if ($key =~ m/^unused/) { + $test_volid->($conf->{$key}, { type => 'volume', replicate => 1 }); + } + } + + return $volhash; +} + +1;