Dominik Csapak [Wed, 13 Nov 2019 09:15:57 +0000 (10:15 +0100)]
fix #2462: ACMEAccount: make tos in get_tos optional
the code returns undef in case there is no 'tos', and the code
calling this api call handles a non-existing tos already, but
fails in that case becasue of the failing return value verification
Stefan Reiter [Thu, 21 Nov 2019 12:22:16 +0000 (13:22 +0100)]
Fix #2476: Fix auto-ballooning QMP command
Commit 77123edbd0 (statd: refactor update_node_status) changed $target
in pvestatd's auto_balloning sub into a variable:
my $target = int($res->{$vmid});
but then uses it in a string as a parameter to the $log function:
$log->("BALLOON $vmid to $target (%d)\n", $target - $current);
This surprisingly causes the variable to be incorrectly converted into a
JSON string by perl's to_json (called in QMPClient after mon_cmd):
{"value":"1234"}
instead of
{"value":1234}
which causes QEMU to report the parameter as invalid:
"Invalid parameter type for 'value', expected: integer"
This behaviour is made even trickier, since $target internally is still
considered more of an 'int' (although that's a weak claim in perl
anyway), showing up without quotes in Dumper et. al. - but the perldoc
for to_json scheds some light:
simple scalars
Simple Perl scalars (any scalar that is not a reference) are the
most difficult objects to encode: this module will encode undefined
scalars as JSON "null" values, scalars that have last been used in a
string context before encoding as JSON strings, and anything else as
number value
So coerce to_json to treat $target as an integer by using it as one and
everything is fine again.
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
Thomas Lamprecht [Thu, 21 Nov 2019 09:57:49 +0000 (10:57 +0100)]
api/ceph: skip merging metadata if hostname is undefined
It's a bit hard to figure out the exact constellation required for
this to happen, but we saw it in live systems when one node was dead
in a three node cluster.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Matt Dunwoodie [Tue, 19 Nov 2019 14:25:55 +0000 (01:25 +1100)]
Add 'type' option to AgentFeatureSelector
This adds an extra field to the AgentFeatureSelector that reflects the
change in qemu-server.
Changes since previous version:
* Use map rather than if/else if/else for type display string.
* Use Proxmox.Utils.unknownText for unknown type (should not occur with
regular use).
* Keep existing fields as boxLabel rather than fieldLabel, as they
look crammed with fieldLabel.
* Use __default__ for default option, to save space and replicate
behaviour in other places.
* Store option in advancedItems as it is a special case.
Even though the map only contains one item, it will be easily added to
in the future. There is only one item as there is no need to have a
string for "virtio" as it is not displayed because of __default__.
Thomas Lamprecht [Tue, 19 Nov 2019 12:15:27 +0000 (13:15 +0100)]
fix #844: allow to pre-delay start-all-marked guests on boot
Add a simple ExecStartPre command which reads the local node config,
and if a delay is set the helper sleeps that long then exists.
The systemd-unit approach was chosen as this ensures that we really
only delay when doing the startall on node boot. The pve-guests
service does not allows manual stops, starts or restarts, it can only
be pulled in by the multi-user.target
Mark this command with "-" to tell systemd that errors of it should
not cause an abort, it's a best-effort approach.
The journal from a 2 second delay would look like:
> Nov 19 13:13:48 dev6 systemd[1]: Starting PVE guests...
> Nov 19 13:13:48 dev6 pve-startall-delay[2318]: Delaying on-boot 'startall' command for 2 second(s).
> ...
> Nov 19 13:13:50 dev6 pve-guests[2339]: <root@pam> starting task UPID:dev6:00000924:00000529:5DD3DC7E:startall::root@pam:
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominic Jäger [Tue, 21 May 2019 11:16:13 +0000 (13:16 +0200)]
Fix #352: Limit the length of backup logs for mails
When creating a backup the log part can make the mail too big to be
transferred. To ensure delivery, two measures are taken:
1. Always omit the status lines
2. Omit the whole log part if a mail becomes (too) big
Additionally, add a check for missing log files.
Co-developed-by: Thomas Lamprecht <t.lamprecht@proxmox.com> Signed-off-by: Dominic Jäger <d.jaeger@proxmox.com>
The data passed to this closure was never free'd, depending on the
count of VM/CTs one could get >1 MB of RSS (!) memory leaked per
statd status cycle update run...
We could also use Scalar::Util's weaken, to weak a copy of this
variable, but as a simple undef works lets do that with a comment..
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Mon, 18 Nov 2019 18:07:19 +0000 (19:07 +0100)]
statd: increase RSS difference required for restart
it seems that we have a reference leak or the like somewhere in the
(graphite?) status plugin, while the recent transaction based update
mechanism made it slightly better, it's still bad with a lot of VMs..
Until we can track that down, or abandon perl for good, avoid to
frequent restarts by allowing statd to grow 15 MB of memory usage
after initial calibration (it's memory usage at the 10th cycle)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Sat, 16 Nov 2019 15:17:07 +0000 (16:17 +0100)]
move common metric server management part to own module
For now it only handles the plugin registration and the two recently
integrated helpers.
But, this is a prepartation to move the external metrics server
update mechanic from a stateless always-newly-connect-send-disconnect
to a statefull transaction based mechanis; see later patches
keep the PVE::Status::Plugin use in pvestatd, as we read the cfs
hosted status.cfg there, and the parser is defined by the common
status plugin base module.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Fri, 15 Nov 2019 16:24:45 +0000 (17:24 +0100)]
api: ceph/metadata: add structured node versions
include the version as string and as parts, as we do the split
already. Also include the build commit, so if we re-release a ceph
version, we can differ here too.
Use node as key, to make the new entry a bit more general, could be
easily expanded with other infos, if required.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Fri, 15 Nov 2019 13:33:56 +0000 (14:33 +0100)]
api: ceph version: actually get full version
add and change the return signature for the wantarray case, which can
safely done as this is only used once (statd), and there only the
first elemen, the full version string, is used - so no breakage
potential there
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
status/graphite: refactor write_graphite to send all at once
Instead of doing multiple sends, for each status metric line one,
assemble it all in a string and send it out in a single go.
Per VM/CT/Node we had >10 lines to send, so this is quite the
reduction. But, also note that thanks to Nagler's delay algorithm
this may not had a big effect for TCP, as it buffered those small
writes anyhow.
For UDP it can reduce the packet count on the line dramatically,
though.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
status/graphite: just use setsockopt to set timeouts
after rethinking this it felt weird, sockets already can to this
themself, so I checked out the IO::Socket::Timeout module, and yeah,
it's just a OOP wrapper for this, hiding the "scary" struct pack.
So instead of adding that as dependency lets do it ourself.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominik Csapak [Thu, 31 Oct 2019 08:33:44 +0000 (09:33 +0100)]
gui: lxc/MPEdit: save and use the mountpoint propertyString
this way, backend only settings do not get lost (like 'size', 'shared')
when editing in the gui
this was most obvious with the new pending options, as every time
we edited a mp, we lost its size, and even setting the options
to exactly the same as the originals, we still had the mp as
'pending', but without the size
status/graphite: reduce default timeout to 1 second
This is for TCP only, and TCP needs roughly 1.5 time of the Round
Trip Time for connection setup, So, with 1 second timeout we're still
good for connections with 660 ms latency in-between.
The assumption is that most of the time the status server is
relatively near (same datacenter, or region), and connections to it
are datacenter grade, and not like a spotty GPRS modem.
So, reduce this timeout to ensure that we do not block to long.
If anybody needs higher timeouts they can just change the default
anyway.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
rather than reducing the total job count during execution (and that
not for all cases) do some checks first and pass only the known good
nodes to the for-each-node-POST-request loop, so we can omit all
checks there.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Wed, 30 Oct 2019 17:22:26 +0000 (18:22 +0100)]
pveversion: track libspice-server1 (again)
Removed in commit 248b121b22313c894b2db2d6869c0de49650c0dc as we
wanted to re-use Debian Busters upstream version, but we re-uploaded
our own again. And besides that, this version would be still
interesting if it was not uploaded by us..
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Oguz Bektas [Tue, 29 Oct 2019 14:50:17 +0000 (15:50 +0100)]
ui: qemu: update grid button status with events from correct store
as we noticed at the container side, we should use diffStore in order
to update the button status without delay.
Effectively alls ObjectGrids, and thus their descendants,
PendingObjectGrids use a DiffStore, where we have two effective
stores, a remote store and a local, in-memory, proxy store.
Co-developed-by: Dominik Csapak <d.csapak@proxmox.com> Signed-off-by: Oguz Bektas <o.bektas@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Wed, 16 Oct 2019 09:05:36 +0000 (11:05 +0200)]
aplinfo: see trusted keys as build product, always assembly
Don't track the binary trustedkeys.gpg but see it just as normal
build product with the armored keys as source.
This ensures we always ship those from TRUSTED_KEYS variable, not
more, not less.
Instead of the "gpg import+export in temporary home dir" just
de-armor and concatenate them our self, that's what happens anyway.
This could be even simplified by just using base64 -d on the pubkeys,
after the non base64 stuff was trimmed, that would omit our need for
gpg here completely.
Thanks to Wolfgang B. for giving the idea to just do simple stuff :)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Stoiko Ivanov [Wed, 23 Oct 2019 16:10:28 +0000 (18:10 +0200)]
add versioned postinst run of newaliases
When installing from ISO '/etc/aliases' gets written correctly, however
postfix needs '/etc/aliases.db' (generated by running newaliases)
in order to work.
added to the postinst script to fix the issue for users having installed from
the ISO before this fix.
Thomas Lamprecht [Wed, 23 Oct 2019 16:18:08 +0000 (18:18 +0200)]
ui: window settings: use column layout
This change shouldn't be noticeable, main advantage is that we can
add a top or botton spanning row for hints or a save/restore feature
(in the future)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
radio groups set and get Value helper are objects, as they are
expected to be key, value, where key is a field-name of the radio
group and values is the inputValue from the radiobutton to be set.
So ensure we extract only the value in the change event handler, as
we do not want to save the whole object. But on restoring (setValue)
we need to wrap it as object again, else radiogroup won't know what
field we want to set..
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Mira Limbeck [Mon, 7 Oct 2019 10:07:47 +0000 (12:07 +0200)]
fix #2364: allow offline migration with local cloudinit disk
As the cloudinit disk itself does not get copied on an offline
migration, just the config, there's no conflict. Ignore the local
cloudinit disk on offline migration. Also adds a useful message when
trying to live migrate with a local cloudinit disk.
Signed-off-by: Mira Limbeck <m.limbeck@proxmox.com>
Christian Ebner [Tue, 15 Oct 2019 11:00:22 +0000 (13:00 +0200)]
vzdump: move code needed for cfs register of vzdump.cron to guest-common
This moves the cfs register code for vzdump.cron to the
pve-guest-common package. Therefore, it relies on the corresponding
patches in pve-guest-common and pve-docs as build dependencies.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
api: subscription: use rpcenv for permission check
commit a69749a6a1fc1f18442ec0a475495bb00adb322c had a valid cause but
unnecessarily used the static PVE::AccessControl::check_permissions.
As the RPCEnvironment based check method has a "$noerr" parameter and
we already have a rpcenv instance readily available, we can use that
one just fine.
this is the last caller of PVE::AccessControl::check_permissions(),
which is the last caller of PVE::AccessControl::permission(). both can
thus be dropped altogether.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Thu, 10 Oct 2019 09:53:36 +0000 (11:53 +0200)]
ui: vm opts: clarify QGA option
To make it more clear that PVE does not somehow magically injects a
QHA into the VM, but that this can be set if one has installed the
QGA in the VM themself.
So slightly adapt the label by prepending "Use" and adding a hint for
further details.
Also ensure we call it the real name everywhere, i.e., "QEMU Guest
Agent", this makes it a bit more consistent and easier to find
information for users.
Suggested-by: Aaron Lauterer <t.lamprecht@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>