]>
git.proxmox.com Git - pve-container.git/log
Wolfgang Bumiller [Mon, 24 Jul 2017 07:18:27 +0000 (09:18 +0200)]
bump version to 2.0-15
Wolfgang Bumiller [Mon, 24 Jul 2017 07:13:49 +0000 (09:13 +0200)]
ubuntu: recognize 17.10
Wolfgang Bumiller [Mon, 24 Jul 2017 06:49:44 +0000 (08:49 +0200)]
debian: recognize all stretch versions, translate buster/sid to 10
Dietmar Maurer [Wed, 28 Jun 2017 10:50:58 +0000 (12:50 +0200)]
bump version to 2.0-14
Dietmar Maurer [Wed, 28 Jun 2017 11:23:28 +0000 (13:23 +0200)]
snapshot-test.pm: ignore existing replication config
Wolfgang Bumiller [Tue, 27 Jun 2017 13:00:10 +0000 (15:00 +0200)]
allow disks on shared storages on replicated VMs
Wolfgang Bumiller [Tue, 27 Jun 2017 09:51:10 +0000 (11:51 +0200)]
refuse to add non-replicatable disks to replicating VMs
Unless replication is explicitly disabled for them.
Thomas Lamprecht [Wed, 21 Jun 2017 05:20:12 +0000 (07:20 +0200)]
API HA tasks: we request states not execute them
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Wolfgang Bumiller [Mon, 26 Jun 2017 11:55:02 +0000 (13:55 +0200)]
use COMMON_TAR_FLAGS from pve-storage
Wolfgang Bumiller [Mon, 26 Jun 2017 11:55:01 +0000 (13:55 +0200)]
create: open templates as real root
When creating an unprivileged container previously couldn't
open template files the unprivileged namespace did not have
access to. This fixes that.
Note that we cannot pass the file via stdin since tar will
then refuse to extract compressed archives automatically.
Wolfgang Bumiller [Mon, 26 Jun 2017 07:32:58 +0000 (09:32 +0200)]
remove unused next_free_nbd_dev function
Dietmar Maurer [Thu, 22 Jun 2017 10:56:20 +0000 (12:56 +0200)]
bump version to 2.0-13
Wolfgang Bumiller [Thu, 22 Jun 2017 10:24:40 +0000 (12:24 +0200)]
migrate: pass the with_snapshots parameter
Dietmar Maurer [Thu, 22 Jun 2017 07:11:17 +0000 (09:11 +0200)]
bump version to 2.0-12
Dietmar Maurer [Wed, 21 Jun 2017 10:32:50 +0000 (12:32 +0200)]
PVE::LXC::Migrate - use replication job, transfer replication state
Dietmar Maurer [Wed, 21 Jun 2017 09:14:35 +0000 (11:14 +0200)]
PVE::LXC::Migrate - add missing "use PVE::LXC::Config;"
Dominik Csapak [Wed, 14 Jun 2017 11:25:41 +0000 (13:25 +0200)]
use full module path for storage_config
because it is not in the local scope
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Dietmar Maurer [Tue, 13 Jun 2017 10:18:10 +0000 (12:18 +0200)]
get_replicatable_volumes: add unused volumes
Dietmar Maurer [Tue, 13 Jun 2017 09:22:01 +0000 (11:22 +0200)]
get_replicatable_volumes: add additional tests
- skip volumes on shared storage
- die if $mptype ne 'volume'
- skip volumes if we do not 'own' them
Dietmar Maurer [Tue, 13 Jun 2017 07:15:35 +0000 (09:15 +0200)]
get_replicatable_volumes: pass $vmid parameter
Dietmar Maurer [Mon, 12 Jun 2017 09:12:02 +0000 (11:12 +0200)]
src/PVE/API2/LXC.pm: aquire guest_migration_lock inside worker
Wolfgang Link [Mon, 12 Jun 2017 08:38:21 +0000 (10:38 +0200)]
Add a migration lock to avoid a replication on rollback-time.
Dietmar Maurer [Mon, 12 Jun 2017 07:13:27 +0000 (09:13 +0200)]
PVE::LXC::Config - implement $cleanup flag for get_replicatable_volumes
Wolfgang Bumiller [Tue, 6 Jun 2017 08:03:58 +0000 (10:03 +0200)]
migrate: implement insecure storage migration
Wolfgang Bumiller [Fri, 2 Jun 2017 07:16:53 +0000 (09:16 +0200)]
bump version to 2.0-11
Dominik Csapak [Wed, 24 May 2017 10:30:48 +0000 (12:30 +0200)]
allow width and height parameter for vncproxy
so that the novnc console can request a different screen size
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Dietmar Maurer [Wed, 31 May 2017 07:31:41 +0000 (09:31 +0200)]
bump version to 2.0-10
Dietmar Maurer [Wed, 31 May 2017 06:21:08 +0000 (08:21 +0200)]
migrate: aquire guest_migration_lock during
To block replication jobs.
Dietmar Maurer [Tue, 23 May 2017 16:05:12 +0000 (18:05 +0200)]
do not allow destroy if there are replication jobs
Dietmar Maurer [Tue, 23 May 2017 15:35:35 +0000 (17:35 +0200)]
remove 'replicate' configuration - we will store that in another file
Thomas Lamprecht [Wed, 10 May 2017 13:03:46 +0000 (15:03 +0200)]
use Syscall module instead of raw syscall numbers
Raw syscall numbers were not platform independent, so replace them
with the new PVE::Syscall module which gets the syscall numbers from
syscall.ph, which provides the platform local values.
we cannot directly use syscall.ph as it is no normal perl module and
so it's usage requires special handling
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Wolfgang Bumiller [Tue, 23 May 2017 07:04:44 +0000 (09:04 +0200)]
migrate: pass ssh_info to storage_migrate
Fabian Grünbichler [Wed, 17 May 2017 10:14:15 +0000 (12:14 +0200)]
build: run tests when building
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Wed, 17 May 2017 10:14:14 +0000 (12:14 +0200)]
tests: exit with -1 in case of failures
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Wed, 17 May 2017 10:14:13 +0000 (12:14 +0200)]
tests: fix broken snapshot delete tests
these broke when the additonal "snapshot-delete" lock was
introduced.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Wed, 17 May 2017 10:14:12 +0000 (12:14 +0200)]
tests: use all target to run tests
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Dietmar Maurer [Sat, 6 May 2017 14:29:24 +0000 (16:29 +0200)]
check replicate feature on any config update
Dietmar Maurer [Sat, 6 May 2017 13:40:37 +0000 (15:40 +0200)]
get_replicatable_volumes: replacemnet for PVE::ReplicationTools::get_syncable_guestdisks()
correctly scan for volumes inside snapshots.
This will also solve the cyclic package dependency propblem.
Dietmar Maurer [Sat, 6 May 2017 09:26:02 +0000 (11:26 +0200)]
use a single replicate property (format pve-replicate)
and remove that replication job status update code. This should be
handled by the replication code itself.
Dietmar Maurer [Sat, 6 May 2017 09:06:35 +0000 (11:06 +0200)]
Revert "Integrate storage replica in lxc migration."
This reverts commit
05309cdf3f460733ec00184c0f45350f854d3737 .
The commit changes the configuration before the VM is actually
migrated, so it is possible to have a wrong configuration when
migration fails for some reason. Also, I am quite unsure if
this automatic target change is really wanted. The patch also
contains wrong refereces to $self->{opts}->{node}.
Dietmar Maurer [Sat, 6 May 2017 09:05:21 +0000 (11:05 +0200)]
Revert "migrate: cleanup replica volume skip condition"
This reverts commit
e8b22494e9f2b7d5afd663f91b1574a097c66bf0 .
Dietmar Maurer [Tue, 2 May 2017 09:50:46 +0000 (11:50 +0200)]
bump version to 2.0-9
Dietmar Maurer [Tue, 2 May 2017 09:46:36 +0000 (11:46 +0200)]
Revert "fix 1153: let crypt() handle unicode CT passwords"
This reverts commit
cfa3086d95c3a39b584b2d60aa53938e1f30b3dc .
We now corectly encode all parameter as utf8, so the previous
code is now correct.
Dietmar Maurer [Tue, 2 May 2017 05:00:38 +0000 (07:00 +0200)]
bump version to 2.0-8
Dietmar Maurer [Tue, 2 May 2017 04:34:41 +0000 (06:34 +0200)]
add support for Ubuntu 17.04 (zesty)
Wolfgang Bumiller [Fri, 28 Apr 2017 12:00:44 +0000 (14:00 +0200)]
bump version to 2.0-7
Wolfgang Bumiller [Fri, 28 Apr 2017 08:46:27 +0000 (10:46 +0200)]
cleanup replication config update
Wolfgang Bumiller [Fri, 28 Apr 2017 08:43:37 +0000 (10:43 +0200)]
migrate: cleanup replica volume skip condition
Wolfgang Link [Mon, 24 Apr 2017 15:15:38 +0000 (17:15 +0200)]
Destroy all remote and local replication datasets when a CT will destroyed.
Wolfgang Link [Mon, 24 Apr 2017 15:15:37 +0000 (17:15 +0200)]
Integrate storage replica in lxc migration.
Now it is possible to migrate a CT when replica is enabled.
It will reduce replication to an minimal amount.
Wolfgang Link [Mon, 24 Apr 2017 15:15:36 +0000 (17:15 +0200)]
Insert new properties in the LXC config for the PVE Storage Replica.
Wolfgang Bumiller [Thu, 27 Apr 2017 12:03:46 +0000 (14:03 +0200)]
buildsys: clean: remove *.buildinfo
Wolfgang Bumiller [Mon, 24 Apr 2017 12:08:40 +0000 (14:08 +0200)]
config: whitelist lxc.limit.*
Dietmar Maurer [Fri, 7 Apr 2017 04:10:52 +0000 (06:10 +0200)]
bump version to 2.0-6
Wolfgang Bumiller [Thu, 6 Apr 2017 07:26:40 +0000 (09:26 +0200)]
fix suse version 13 check being inverted
Dietmar Maurer [Thu, 6 Apr 2017 04:28:39 +0000 (06:28 +0200)]
bump version to 2.0-5
Dietmar Maurer [Thu, 6 Apr 2017 04:26:22 +0000 (06:26 +0200)]
allow opensuse >= 42
Thomas Lamprecht [Wed, 22 Mar 2017 09:11:13 +0000 (10:11 +0100)]
pct: improve error message output of die
Dietmar Maurer [Thu, 16 Mar 2017 11:58:18 +0000 (12:58 +0100)]
bump version to 2.0-4
Dietmar Maurer [Thu, 16 Mar 2017 11:52:12 +0000 (12:52 +0100)]
add console fix for debian containers using systemd
Wolfgang Bumiller [Tue, 14 Mar 2017 08:28:04 +0000 (09:28 +0100)]
bump version to 2.0-3
Wolfgang Bumiller [Tue, 14 Mar 2017 08:26:41 +0000 (09:26 +0100)]
don't create deprecated rsa1 ssh keys
Fabian Grünbichler [Fri, 10 Mar 2017 12:50:35 +0000 (13:50 +0100)]
bump version to 2.0-2
Wolfgang Bumiller [Fri, 10 Mar 2017 10:25:41 +0000 (11:25 +0100)]
poststop: use a reboot trigger file
Since the STOPPED state is set before cgroup cleanup we need
a better way to restart a container: We now install an
ExecStopPost snippet into the lxc@.service which when
encountering a reboot trigger file
(/var/lib/lxc/$vmid/reboot) performs a systemctl restart.
Wolfgang Bumiller [Fri, 10 Mar 2017 10:25:40 +0000 (11:25 +0100)]
Revert "poststop: reboot: wait for lxc to exit before rebooting"
This reverts commit
ff867097e8a5ea1ab6ff1d5cbc381a4212c37254 .
Fabian Grünbichler [Thu, 9 Mar 2017 14:32:54 +0000 (15:32 +0100)]
bump version to 2.0-1
Fabian Grünbichler [Thu, 9 Mar 2017 14:32:48 +0000 (15:32 +0100)]
buildsys: update make upload target for stretch
Fabian Grünbichler [Thu, 9 Mar 2017 14:21:02 +0000 (15:21 +0100)]
bump version to 1.0-95
Fabian Grünbichler [Thu, 9 Mar 2017 14:18:02 +0000 (15:18 +0100)]
buildsys: update make upload target
Wolfgang Bumiller [Thu, 9 Mar 2017 13:54:28 +0000 (14:54 +0100)]
poststop: reboot: wait for lxc to exit before rebooting
otherwise it'll leak cgroup directories...
Note that we need to escape the lxc@.service context (by
entering a new scope) as well as close our ties to the lxc
monitor (the stdout pipe), otherwise this never finishes
properly.
Dominik Csapak [Tue, 28 Feb 2017 11:06:36 +0000 (12:06 +0100)]
add keeplocale parameter to vncproxy run_command
to not overwrite the LC_* environment variables
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Thomas Lamprecht [Thu, 16 Feb 2017 16:55:29 +0000 (17:55 +0100)]
Create: fix architecture detection in restore_archive
For detecting a CT templates architecture we used the `file -b -L`
output from the PVE host side.
If the container has a link:
/bin/sh -> /bin/bash
(Alpine Linux does that, for example) the '-L' flag from file
resolves the $rootfs/bin/sh to /bin/bash and thus checks the
architecture of bash on the PVE system, which is always 64 bit.
Add a helper which chroots in the rootfs to avoid problems with
absolute symlinks and use 'open' to avoid relative symlink problems
read the first 5 bytes from /bin/sh, 4 bytes for the ELF magic number
and the fifth for the ELF class, which tells us if we have a 32
(class 1) or 64 (class 2) bit ELF binary.
Return this information as an exit code to the parent.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Fri, 10 Feb 2017 19:53:54 +0000 (20:53 +0100)]
pct: remove leftover outdated POD content
gets generated by pve-docs
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Wolfgang Bumiller [Tue, 7 Feb 2017 14:03:24 +0000 (15:03 +0100)]
also expect ENOTDIR when opening dirs with O_NOFOLLOW
open with O_DIRECTORY on newer kernel uses ENOTDIR instead
of ELOOP for symlinks
Wolfgang Bumiller [Tue, 7 Feb 2017 14:02:46 +0000 (15:02 +0100)]
don't pull HA modules for doc-generation
Wolfgang Bumiller [Tue, 7 Feb 2017 14:01:59 +0000 (15:01 +0100)]
run tests with lxc-usernsexec; build-depend on lxc or lxc-pve
Wolfgang Bumiller [Tue, 7 Feb 2017 12:37:39 +0000 (13:37 +0100)]
buildsys: make job safety
Wolfgang Bumiller [Thu, 2 Feb 2017 13:15:06 +0000 (14:15 +0100)]
bump version to 1.0-94
Wolfgang Bumiller [Thu, 2 Feb 2017 10:02:36 +0000 (11:02 +0100)]
use the lxc@ service file provded by lxc
Until now the lxc-start process was sort of a danglign
process in the pvedaemon.service cgroup when a container was
started from the web UI causing long stalls when trying to
restart pvedaemon and potential container kills. (Mostly
problematic when issuing package upgrades).
We now start containers via the lxc@ service file giving
them their own service cgroup.
The downside is that we'll have to patch the lxc@ service
file in the lxc package to Type=forking without the -F
option otherwise all of the the containers' console outputs
will end up in the logs...
Fabian Grünbichler [Mon, 23 Jan 2017 12:20:30 +0000 (13:20 +0100)]
fix 1153: let crypt() handle unicode CT passwords
according to "perldoc -f crypt", crypt() should downgrade
unicode strings anyway:
If using crypt() on a Unicode string (which potentially has
characters with codepoints above 255), Perl tries to make
sense of the situation by trying to downgrade (a copy of)
the string back to an eight-bit byte string before calling
crypt() (on that copy). If that works, good. If not,
crypt() dies with "Wide character in crypt".
login via Spice and ssh works now at least, the noVNC /
vncterm combo seems to be broken because of an unrelated
unicode issue..
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Wed, 25 Jan 2017 08:40:46 +0000 (09:40 +0100)]
bump version to 1.0-93
Fabian Grünbichler [Wed, 25 Jan 2017 08:39:52 +0000 (09:39 +0100)]
add dependency on libpve-guest-common-perl
Dietmar Maurer [Thu, 19 Jan 2017 08:18:20 +0000 (09:18 +0100)]
bump version to 1.0-92
Dietmar Maurer [Wed, 18 Jan 2017 16:18:54 +0000 (17:18 +0100)]
use new PVE::Storage::check_volume_access()
Fabian Grünbichler [Tue, 17 Jan 2017 13:12:34 +0000 (14:12 +0100)]
fix #1253: display SSH fingerprints on CT setup
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Dietmar Maurer [Thu, 12 Jan 2017 12:22:30 +0000 (13:22 +0100)]
bump version to 1.0-91
Dietmar Maurer [Thu, 12 Jan 2017 12:20:06 +0000 (13:20 +0100)]
add setup_environment hook to CLIHandler class
Dietmar Maurer [Tue, 27 Dec 2016 08:03:40 +0000 (09:03 +0100)]
bump version to 1.0-90
Dietmar Maurer [Tue, 27 Dec 2016 07:53:46 +0000 (08:53 +0100)]
Revert "Do not skip unprivileged config parameter when restoring a container"
This reverts commit
ca187102dfca383a1125106fef744d3ba525023c .
We extract the backup archive before we read the config, so above patch
generates containers with wrong permissions.
Dietmar Maurer [Wed, 21 Dec 2016 10:56:35 +0000 (11:56 +0100)]
bump version to 1.0-89
Wolfgang Bumiller [Mon, 12 Dec 2016 09:11:55 +0000 (10:11 +0100)]
vzdump: use --make-rslave instead of --make-rprivate
In a stop mode backup of a running container the container
is started from this namespace, so making it private can
cause mount point leaks.
Dietmar Maurer [Tue, 20 Dec 2016 09:34:15 +0000 (10:34 +0100)]
supress warning when we try to delete a non-existent option
such warnings are just confusing ...
Dominik Csapak [Thu, 15 Dec 2016 11:49:37 +0000 (12:49 +0100)]
fix #1226: show the right amount of memory usage
we moved the lxc cgroup settings in a sub namespace, but did not use the
total_cache value for subtracting so we showed a wrong used amount
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Fabian Grünbichler [Thu, 15 Dec 2016 15:10:55 +0000 (16:10 +0100)]
fix #1225: restore without config changes for VMUser
this makes the behaviour similar to VM restore operations
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Tue, 13 Dec 2016 11:14:28 +0000 (12:14 +0100)]
document bind/device mp permissions better
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Dietmar Maurer [Sat, 17 Dec 2016 15:34:46 +0000 (16:34 +0100)]
fix typo
Dietmar Maurer [Fri, 9 Dec 2016 09:13:34 +0000 (10:13 +0100)]
bump version to 1.0-88
Wolfgang Bumiller [Fri, 9 Dec 2016 08:54:24 +0000 (09:54 +0100)]
setup: allow fedora 22-25
This should allow vanilla lxc templates to work without the
double-console issue by removing their getty@.service
replacement. (Since we instead fixup
container-getty@.service)
Dietmar Maurer [Fri, 9 Dec 2016 07:08:11 +0000 (08:08 +0100)]
setup: more general approach to tty paths
Unprivileged containers always use an empty lxc.devttydir
option (iow. don't use the /dev/lxc/ subdirectory).
Alpine and Gentoo don't support it in general.
Define a devttydir() sub in Setup::Base which by default
returns "lxc/" or an empty string depending on whether it is
an unprivileged container. Gentoo and Alpine override it
with one which always returns an empty string.
Dietmar Maurer [Fri, 2 Dec 2016 11:12:54 +0000 (12:12 +0100)]
bump version to 1.0-87