Leaving files in /tmp was mostly useful for debugging
purposes initially. Also /tmp is a rather insecure option
for this for a final version, so use
/run/pve/cloudinit/$vmid, and move the file writing into
commit_cloudinit_disk() which now takes a hash mapping file
paths to contents, to not duplicate the temp-file logic for
the different citypes.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
With configdrives we end up with the /etc/network/interfaces
file containing the interface names we use on the disk, ie.
eth0/eth1/..., which doesn't work on systems which do not
use this name.
With the 'nocloud' image type we can provide a
network-config in yaml which matches mac addresses. Ideally
we'd use version 2, but debian stretch ships with a too old
cloud-init for this, so for now we're writing version 1.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
move: don't error out with "you can't move a cdrom"
clone: always full-clone cloud-init images
They get completely replaced anyway at the next start, so
there's no point in keeping them.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
*) always replace old cloudinit images
*) apply pending cloudinit changes when generating a new
image
For cloudinit we now always use vdisk_free before
vdisk_alloc in order to always replace old images, this
allows us to hotplug a new drive by setting it to
`none,media=cdrom` first (to eject the disk), then setting
it back to 'storage:cloudinit' to have a new image generated
after applying the currently pending changes.
We now have a patch on top of qemu to allow 'qemu-img dd'
to read from stdin when specifying input and output sizes,
as well as a way to tell it that the size of the source is
not known.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Thomas Lamprecht [Thu, 22 Feb 2018 09:55:39 +0000 (10:55 +0100)]
d/control: control: on newer pve-qemu-kvm 2.9.1-9
The NBD drive mirror workaround requires this, also the new -IBRS
machine types, and EPYC cpu models are only available in the newer
qemu versions
Also ensures that we can now allow to hot-unplug virtio-scsi disk
with iothread active, as the fix for it is also in v2.9.1
(virtio-scsi: Unset hotplug handler when unrealize)
Dominik Csapak [Tue, 20 Feb 2018 08:43:44 +0000 (09:43 +0100)]
return error from guest-agent
in case of e.g. a non-existant guest-agent command, it would return
{ error: {someerrorobject} }
but we did only include the 'return' property
in case we do not get any and the error property is set,
return that
i looked at all the paths were we use the QMPClient, and either
we have our own callback for the result,
or we do not rely on the result being empty upon an error, so this
should not break anything
Dominik Csapak [Fri, 16 Feb 2018 11:06:36 +0000 (12:06 +0100)]
make an api call for each guest agent command
with a 'register_command' sub, which generates an api call
we call it for each command in the list, and one time for
the old general {vmid}/agent endpoint (for compatibility)
permissions/methods are the same as previously, but can
be overriden
socat tunnel for nbd mirror was introduce here
https://pve.proxmox.com/pipermail/pve-devel/2017-January/024777.html
to workaround when nbd client was hanging on non responding nbd server.
We have added a 30s timeout on socat tunnel, but when we migrate
multiple disks, it can break migration if for example first disk
is already finished and don't send any new datas in the tunnel.
The connect timeout bug has been fixed in qemu 2.9,
so we can remove the socat tunnel now.
With shared=1, (live) migration ignores the disk and assumes it is
present on all target nodes. This works similar to shared=1 on LXC
mountpoints.
Signed-off-by: Chris Hofstaedtler <chris.hofstaedtler@deduktiva.com> Reviewed-by: Thomas Lamprecht <t.lamprecht@proxmox.com> Tested-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Mon, 22 Jan 2018 09:52:11 +0000 (10:52 +0100)]
avoid harmful '<>' pattern, explicitly read from STDIN
Fixes problems in CLIHandler using the code pattern:
while (my $line = <>) {
...
}
For why this causes only _now_ problems lets first look how <>
behaves:
"The null filehandle <> is special: [...] Input from <> comes either
from standard input, or from each file listed on the command line.
Here's how it works: the first time <> is evaluated, the @ARGV array
is checked, and if it is empty, $ARGV[0] is set to "-" , which when
opened gives you standard input. The @ARGV array is then processed
as a list of filenames." - 'perldoc perlop'
Recent changes in the CLIHandler code changed how we modfiied @ARGV
Earlier we assumed that the first argument must be the command and
thus shifted it out of @ARGV, now we can have multiple levels of
(sub)commands. This change also changed how we handle @ARGV, we do
not unshift anything but go through the arguments until we got to
the final command and copy the rest of @ARGV as we know that this
must be the commandos arguments.
For '<>' this means that ARGV was still fully populated and perl
tried to open element as a file, which naturally failed.
Thus the change in pve-common only exposed this 'dangerous' code
pattern.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Shows each parameter value pair in a new line with a backslash at the
end, so it's still possible to copy, paste and execute it, while
being easier to read and edit by humans. This is opt in.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
increase start timeout when hugepages are enabled.
Hugepages can take some time to be allocated by qemu at start (60s for 120G of 1G hugepages).
This patch increase start timeout to 5min when hugepages are enabled.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> Fixes: 2bfbee039bbe ("include format for efidisk") Reviewed-by: Thomas Lamprecht <t.lamprecht@proxmox.com> Tested-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominik Csapak [Thu, 16 Nov 2017 08:20:56 +0000 (09:20 +0100)]
do not add unused disk when already as unused on another storage
when having an unused disk on a storage for which there are multiple
definitions, we added it again on another storage when that storage
was alphabetically before the already existing one
this happens for example when using our automatically generated
ceph storages: 'pool_ct' and 'pool_vm' and having a vm with
an unused disk
with this patch, we also leave the unused disks in the hash
Dominik Csapak [Fri, 10 Nov 2017 08:47:43 +0000 (09:47 +0100)]
check if ga runs before a fsfreeze-freeze/thaw
since the guest-fsfreeze-freeze command has a timeout of 1 hour,
we want to check if the guest-agent even runs before executing that,
or else we wait 1 hour and then continue
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> Reviewed-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
'These options take an integer value and control the "cpu.shares"
control group attribute. The allowed range is 2 to 262144. Defaults to
1024.' – man 5 systemd.resource-control
Dominik Csapak [Fri, 13 Oct 2017 08:00:53 +0000 (10:00 +0200)]
check if base volumes are unused before deleting a template
we only checked if a vm had in use base disks when deleting them,
at which point we do not stop to delete the vm even when a
disk deletion fails, which means we could successfully delete the config
and all not used (base) disks of a template, resulting in left over vm disks
This includes:
* a test script
* the manifests generated by exports from a VmWare Workstation
* disk images are generated from qemu-img, with a 2KB size
(it is possible to inspect the disk images with od -bc
they contain a VMDK header and the rest are null characters)
perls 'local' must be either used in front of each $SIG{...}
assignments or they must be put in a list, else it affects only the
first variable and the rest are *not* in local context.
In all cases the global signal handlers we overwrote were in cli programs or
forked workers, not in daemons.
Thomas Lamprecht [Mon, 11 Sep 2017 06:40:28 +0000 (08:40 +0200)]
create_disks: refactor out and improve efidisk creation
factor out code in a new create_efidisk submethod, as else this code
is hardly readable as the efidisk0 case is a special case. Refer from
putting all this specialised handling directly to the much shorter
code for all other cases.
Also the disk was created with a specific format and then a format
detection on the newly created disk was done, which is pretty
useless, clear that up.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Fix #1441: Do not unplug controllers when the mirroring is finished
This should not be needed since we call 'block-job-complete' before
in qemu_drive_mirror_monitor(), and after benchmarking it does not
appear to be needed nor provide a measurable improvement when shutting
down the source.
restore_vma_archive: do not overwrite global signal handlers
perls 'local' must be either used in front of each $SIG{...}
assignments or they must be put in a list, else it affects only the
first variable and the rest are *not* in local context.
This may cause weird behaviour where daemons seemingly do not get
terminating signals delivered correctly and thus may not shutdown
gracefully anymore.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
API/clone: do not overwrite global signal handlers
perls 'local' must be either used in front of each $SIG{...}
assignments or they must be put in a list, else it affects only the
first variable and the rest are *not* in local context.
This may cause weird behaviour where daemons seemingly do not get
terminating signals delivered correctly and thus may not shutdown
gracefully anymore.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Wed, 14 Jun 2017 13:52:19 +0000 (15:52 +0200)]
remove legacy sparsecp
sparsecp gets only used in qmextract, which is part of the old backup
method (pre PVE 2.3).
Do not remove qmextract for now people could still have backups from
< PVE 2.3 around.
They could be restored manually, but we shouldn't make restoring
complicated. Thus replace sparsecp with `cp sparse=always`.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Wed, 14 Jun 2017 13:52:18 +0000 (15:52 +0200)]
remove unused obsolete vmtar
This was used by the pre-VMA backup methods, as the new backup
process was introduced in PVE 2.3 (04.03.2013) and this would be only
used for creating new backups it can be removed safely.
Fixes Debian stretch build on the ARM64 architecture.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Philip Abernethy [Mon, 21 Aug 2017 09:47:18 +0000 (11:47 +0200)]
Fix #1125. Check for KVM support before starting VM
Moved the check to the beginning of the function.
VMs configured to use KVM won't start if KVM is not available.
VMs not configured to use KVM will start regardless.