Nick Chevsky [Thu, 8 Nov 2018 18:17:19 +0000 (13:17 -0500)]
Add "SSD emulation" property to IDE, SATA, and SCSI drives
When enabled, the "SSD emulation" feature exposes drives as
solid-state (rather than rotational) by enabling the new `ssd`
qm.conf flag [1] on the drives, which in turn sets QEMU's
`rotation_rate` property [2, 3] on the underlying devices.
This change also moves the "Discard" option out of the advanced
section and promotes it to the top of the dialog box, as proposed
by Thomas Lamprecht [4].
lxc/Features: not that keyctl is unnecessary for privileged
So that users are (hopefully) less confused why this is disabled for
privileged CTs. If we get more feature settings which only make
sense for unprivileged or privileged but not both we could split
this into sections which respective headings, but for one only I
didn't wanted to do this - so just add a boxLabel conditionally.
Cc: Dominik Csapak <d.csapak@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dietmar Maurer [Tue, 30 Oct 2018 10:36:14 +0000 (11:36 +0100)]
fix wrong permissions for subscription info
workaround to keep the subscription popup on login even without 'Sys.Audit'
permissions but remove the subscription details in the GUI for unauthorized
users.
David Limbeck [Wed, 24 Oct 2018 09:45:44 +0000 (11:45 +0200)]
add wipe_disk option when destroying ceph disk
this allows the disk to be reused as ceph disk by zeroing the first 200M
of the destroyed disk. disks are iterated separately from partitions to
prevent duplicate wipes.
Signed-off-by: David Limbeck <d.limbeck@proxmox.com>
Rhonda D'Vine [Thu, 11 Oct 2018 10:05:19 +0000 (12:05 +0200)]
Update default CIPHERS to a more current list
The default CIPHERS allowed for a fair amount of not really considered
secure anymore connections. This updated cipher list is taken from
mozilla: https://wiki.mozilla.org/Security/Server_Side_TLS
This add a new api to online reload networking configuration
with ifupdown2.
This work with native ifupdown2 modules, as ifupdown2 have
interface dependency relationships.
Some specific interfaces options can't be reloaded online
(because kernel don't implement it), it this case, we ifdown/ifup
theses interfaces. (mainly vxlan interfaces options)
Thomas Lamprecht [Tue, 11 Sep 2018 07:48:25 +0000 (09:48 +0200)]
ui: form/VMSelector: use SIMPLE mode for guest checkbox model
Switch the default mode 'MULTI' with 'SIMPLE', the same we use in the
dc/Backup guest selector. It allows to remove the 'checkOnly'
setting, which limited selection and deselection of elements on the
checkbox it self, doing nothing when clicking on rows.
Besides the friendlier and more streamlined UX this actually fixes a
bug in Firefox (confirmed in version 62, possible in other versions
too) where select/deselect di not worked when clicking in the white
area of the checkbox, but only when clicking on the surrounding
padding.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Wolfgang Link [Fri, 31 Aug 2018 06:10:58 +0000 (08:10 +0200)]
pveceph: remove 'btrfs' as fstype for new OSDs
btrfs is deprecated since Luminous and it will no more be tested.
If btrfs is used, you have to add an extra parameter to ceph.conf
to allow ceph-disk to activate btrfs OSD's.
In our default config this is not the case.
From Luminous release note [1]:
"We no longer test the FileStore ceph-osd backend in combination with
btrfs. We recommend against using btrfs. If you are using
btrfs-based OSDs and want to upgrade to luminous you will need to
add the follwing to your ceph.conf:
enable experimental unrecoverable data corrupting features = btrfs
The code is mature and unlikely to change, but we are only
continuing to test the Jewel stable branch against btrfs. We
recommend moving these OSDs to FileStore with XFS or BlueStore."
Dominik Csapak [Wed, 22 Aug 2018 08:17:17 +0000 (10:17 +0200)]
gui: allow whitespace in mp paths
we do all necessary checks in the backend, and there we allow
whitespace in mp paths, so there is no need to restrict it in
the gui to non-whitespace characters
Dominik Csapak [Fri, 17 Aug 2018 11:18:14 +0000 (13:18 +0200)]
fixe return values in /cluster/resources
openvz is deprecated but can still be a return value
maxcpu can be a real number (e.g., for CT if cpulimit is 1.5 and
cores is not set), and may not be an integer
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominik Csapak [Fri, 10 Aug 2018 11:26:58 +0000 (13:26 +0200)]
gui: zfs over iscsi: only allow inputs that are relevant
some options are only relevant for some iscsi providers
so only allow thos who are relevant to the selected provider
and rename LIO target portal group to 'Target portal group'
since it is only active when lio is chosen
Dominik Csapak [Wed, 8 Aug 2018 14:37:20 +0000 (16:37 +0200)]
fix #1837: reorganize ha panel
since the whole panel was scrollable instead of the individual ones,
selecting a ha service triggered the 'jump to focus' which made it
hard (if not impossible) to reach the edit/remove buttons for it
this patch reorganizes the panels in such a way that the status
panel is fixed height, and the content of the resource panel is
scrollable (always showing the edit/remove buttons)
to avoid not seeing the resources when one has a large number of
nodes, we make the individual panels collapsible
ui/Parser: parsePropertyString: log errors to console
allows to catch bugs faster as we get a call trace and may see this
error even when our caller doesn't handle an undefined return value
from this method.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Tue, 31 Jul 2018 08:28:06 +0000 (10:28 +0200)]
ui: storage: combine RBD external and hyperconverged add dialog
Combine both dialogues. This reduces storage choices from the
Storage -> Add menu, and thus improves usability.
We make the whole dialog also more intelligent by querying the
monitors, so that we can show them for the hyper converged case
keeping a similar interface for both cases. Further we can use this
to decide if a hyperconverged setup is possible at all.
While this information would also be available through the fact if
the pool selector has entries I wanted to show them anyway and could
make logic a bit easier using it.
pvesh: add standard_output_properties to set/create/delete
Most of those API calls return simple strings, so it does not really matter.
Nethertheless, some calls return complex data structures and we want to set
output format for them.
In pve-common the following changes happened: 0adee98 ("cli_handler: pass common output options as separate parameter") 352b7a1 ("PVE::CLIFormatter - implement new output options")
We now get the format passed via an options hash in the
output function instead of seeing it as an api call
parameter.
Similarly, --quiet is now already handled there.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Andrew Neitsch [Mon, 2 Jul 2018 14:46:15 +0000 (07:46 -0700)]
Submit pool if non-empty in lxc CreateWizard
The lxc CreateWizard ignores the pool setting. That makes creating
containers impossible for users who are restricted to using a pool. This
patch fixes that.
Thomas Lamprecht [Fri, 29 Jun 2018 11:05:02 +0000 (13:05 +0200)]
ui/storage: cifs: reoder fields
username, password and domain name are all related, they are non-pve
options related to accessing the CIFS storage and have all influence
on the pveCIFSScan component.
So group at kleast user and password together. But keep domain on the
right for the sake of balance.
Move the content type selector to the right, as the RBD and other
panels do.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Fri, 29 Jun 2018 10:55:26 +0000 (12:55 +0200)]
ui/storage: cifs: only allow entering a password if user is set
we ignore the password in the backend if no user is passed,
which can be very confusing for the user - or more important, me,
when testing cifs/storage stuff.
So change the mechanics slightly. Previously we changed the
allowBlank property of the password field if username was changed.
I set it to always required, but disable the whole field if we do not
have a username.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>