]> git.proxmox.com Git - pve-cluster.git/blob - data/PVE/DataCenterConfig.pm
projects / pve-cluster.git / blob
? search:


77cc73cee2b75c3f97d3023c5beaab88503f1443
[pve-cluster.git] / data / PVE / DataCenterConfig.pm
1 package PVE::DataCenterConfig;
2
3 use strict;
4 use warnings;
5
6 use PVE::JSONSchema;
7 use PVE::Tools;
8 use PVE::Cluster;
9
10 my $migration_format = {
11 type => {
12 default_key => 1,
13 type => 'string',
14 enum => ['secure', 'insecure'],
15 description => "Migration traffic is encrypted using an SSH tunnel by " .
16 "default. On secure, completely private networks this can be " .
17 "disabled to increase performance.",
18 default => 'secure',
19 },
20 network => {
21 optional => 1,
22 type => 'string', format => 'CIDR',
23 format_description => 'CIDR',
24 description => "CIDR of the (sub) network that is used for migration."
25 },
26 };
27
28 my $ha_format = {
29 shutdown_policy => {
30 type => 'string',
31 enum => ['freeze', 'failover', 'conditional'],
32 description => "The policy for HA services on node shutdown. 'freeze' disables auto-recovery, 'failover' ensures recovery, 'conditional' recovers on poweroff and freezes on reboot. Running HA Services will always get stopped first on shutdown.",
33 verbose_description => "Describes the policy for handling HA services on poweroff or reboot of a node. Freeze will always freeze services which are still located on the node on shutdown, those services won't be recovered by the HA manager. Failover will not mark the services as frozen and thus the services will get recovered to other nodes, if the shutdown node does not come up again quickly (< 1min). 'conditional' chooses automatically depending on the type of shutdown, i.e., on a reboot the service will be frozen but on a poweroff the service will stay as is, and thus get recovered after about 2 minutes.",
34 default => 'conditional',
35 }
36 };
37
38 my $u2f_format = {
39 appid => {
40 type => 'string',
41 description => "U2F AppId URL override. Defaults to the origin.",
42 format_description => 'APPID',
43 optional => 1,
44 },
45 origin => {
46 type => 'string',
47 description => "U2F Origin override. Mostly useful for single nodes with a single URL.",
48 format_description => 'URL',
49 optional => 1,
50 },
51 };
52
53
54 PVE::JSONSchema::register_format('mac-prefix', \&pve_verify_mac_prefix);
55 sub pve_verify_mac_prefix {
56 my ($mac_prefix, $noerr) = @_;
57
58 if ($mac_prefix !~ m/^[a-f0-9][02468ace](?::[a-f0-9]{2}){0,2}:?$/i) {
59 return undef if $noerr;
60 die "value is not a valid unicast MAC address prefix\n";
61 }
62 return $mac_prefix;
63 }
64
65 my $datacenter_schema = {
66 type => "object",
67 additionalProperties => 0,
68 properties => {
69 keyboard => {
70 optional => 1,
71 type => 'string',
72 description => "Default keybord layout for vnc server.",
73 enum => PVE::Tools::kvmkeymaplist(),
74 },
75 language => {
76 optional => 1,
77 type => 'string',
78 description => "Default GUI language.",
79 enum => [
80 'ca',
81 'da',
82 'de',
83 'en',
84 'es',
85 'eu',
86 'fa',
87 'fr',
88 'he',
89 'it',
90 'ja',
91 'nb',
92 'nn',
93 'pl',
94 'pt_BR',
95 'ru',
96 'sl',
97 'sv',
98 'tr',
99 'zh_CN',
100 'zh_TW',
101 ],
102 },
103 http_proxy => {
104 optional => 1,
105 type => 'string',
106 description => "Specify external http proxy which is used for downloads (example: 'http://username:password\@host:port/')",
107 pattern => "http://.*",
108 },
109 migration_unsecure => {
110 optional => 1,
111 type => 'boolean',
112 description => "Migration is secure using SSH tunnel by default. " .
113 "For secure private networks you can disable it to speed up " .
114 "migration. Deprecated, use the 'migration' property instead!",
115 },
116 migration => {
117 optional => 1,
118 type => 'string', format => $migration_format,
119 description => "For cluster wide migration settings.",
120 },
121 console => {
122 optional => 1,
123 type => 'string',
124 description => "Select the default Console viewer. You can either use the builtin java applet (VNC; deprecated and maps to html5), an external virt-viewer comtatible application (SPICE), an HTML5 based vnc viewer (noVNC), or an HTML5 based console client (xtermjs). If the selected viewer is not available (e.g. SPICE not activated for the VM), the fallback is noVNC.",
125 enum => ['applet', 'vv', 'html5', 'xtermjs'],
126 },
127 email_from => {
128 optional => 1,
129 type => 'string',
130 format => 'email-opt',
131 description => "Specify email address to send notification from (default is root@\$hostname)",
132 },
133 max_workers => {
134 optional => 1,
135 type => 'integer',
136 minimum => 1,
137 description => "Defines how many workers (per node) are maximal started ".
138 " on actions like 'stopall VMs' or task from the ha-manager.",
139 },
140 fencing => {
141 optional => 1,
142 type => 'string',
143 default => 'watchdog',
144 enum => [ 'watchdog', 'hardware', 'both' ],
145 description => "Set the fencing mode of the HA cluster. Hardware mode " .
146 "needs a valid configuration of fence devices in /etc/pve/ha/fence.cfg." .
147 " With both all two modes are used." .
148 "\n\nWARNING: 'hardware' and 'both' are EXPERIMENTAL & WIP",
149 },
150 ha => {
151 optional => 1,
152 type => 'string', format => $ha_format,
153 description => "Cluster wide HA settings.",
154 },
155 mac_prefix => {
156 optional => 1,
157 type => 'string',
158 format => 'mac-prefix',
159 description => 'Prefix for autogenerated MAC addresses.',
160 },
161 bwlimit => PVE::JSONSchema::get_standard_option('bwlimit'),
162 u2f => {
163 optional => 1,
164 type => 'string',
165 format => $u2f_format,
166 description => 'u2f',
167 },
168 },
169 };
170
171 # make schema accessible from outside (for documentation)
172 sub get_datacenter_schema { return $datacenter_schema };
173
174 sub parse_datacenter_config {
175 my ($filename, $raw) = @_;
176
177 my $res = PVE::JSONSchema::parse_config($datacenter_schema, $filename, $raw // '');
178
179 if (my $migration = $res->{migration}) {
180 $res->{migration} = PVE::JSONSchema::parse_property_string($migration_format, $migration);
181 }
182
183 if (my $ha = $res->{ha}) {
184 $res->{ha} = PVE::JSONSchema::parse_property_string($ha_format, $ha);
185 }
186
187 if (my $u2f = $res->{u2f}) {
188 $res->{u2f} = PVE::JSONSchema::parse_property_string($u2f_format, $u2f);
189 }
190
191 # for backwards compatibility only, new migration property has precedence
192 if (defined($res->{migration_unsecure})) {
193 if (defined($res->{migration}->{type})) {
194 warn "deprecated setting 'migration_unsecure' and new 'migration: type' " .
195 "set at same time! Ignore 'migration_unsecure'\n";
196 } else {
197 $res->{migration}->{type} = ($res->{migration_unsecure}) ? 'insecure' : 'secure';
198 }
199 }
200
201 # for backwards compatibility only, applet maps to html5
202 if (defined($res->{console}) && $res->{console} eq 'applet') {
203 $res->{console} = 'html5';
204 }
205
206 return $res;
207 }
208
209 sub write_datacenter_config {
210 my ($filename, $cfg) = @_;
211
212 # map deprecated setting to new one
213 if (defined($cfg->{migration_unsecure}) && !defined($cfg->{migration})) {
214 my $migration_unsecure = delete $cfg->{migration_unsecure};
215 $cfg->{migration}->{type} = ($migration_unsecure) ? 'insecure' : 'secure';
216 }
217
218 # map deprecated applet setting to html5
219 if (defined($cfg->{console}) && $cfg->{console} eq 'applet') {
220 $cfg->{console} = 'html5';
221 }
222
223 if (ref($cfg->{migration})) {
224 my $migration = $cfg->{migration};
225 $cfg->{migration} = PVE::JSONSchema::print_property_string($migration, $migration_format);
226 }
227
228 if (ref($cfg->{ha})) {
229 my $ha = $cfg->{ha};
230 $cfg->{ha} = PVE::JSONSchema::print_property_string($ha, $ha_format);
231 }
232
233 if (ref($cfg->{u2f})) {
234 my $u2f = $cfg->{u2f};
235 $cfg->{u2f} = PVE::JSONSchema::print_property_string($u2f, $u2f_format);
236 }
237
238 return PVE::JSONSchema::dump_config($datacenter_schema, $filename, $cfg);
239 }
240
241 PVE::Cluster::cfs_register_file('datacenter.cfg',
242 \&parse_datacenter_config,
243 \&write_datacenter_config);
244
245 1;
Cluster FS and Tools