Emmanuel Kasper [Tue, 3 May 2016 10:43:12 +0000 (12:43 +0200)]
When starting in debug mode, starts the daemon without going through systemctl
This fixes the problem that debug options for daemons were ignored and sets
the following behaviour for the daemons when -debug 1 is given
* start on foreground with debug ouput on the console
* do not start a sytemd unit
Starting the systemd unit in debug mode makes less sense because:
* systemd will put the daemon in the background
* systemd ignores environment variables so the only way to start
the daemon with options would be through reading a config file
this would previously convert properties that matched
'^([a-z]+)(\d+)$' even if they were not part of an indexed
properties series (which always start with 0).
This fixes previously wrongly converted properties:
-smbios1
-server2
this would previously skip (i.e., ignore) properties that
matched '^([a-z]+)(\d+)$' even if they were not part of an
indexed properties series (which always start with 0).
This fixes previously missing API dump occurrences of:
-smbios1
-comments6
-netmask6
-gateway6
-address6
-dns1
-dns2
-dns3
-server1
-server2
tap_unplug() is only called in hotplugging functions which
perform a tap_plug() afterwards, and and in qemu-server's
bridge-down script.
The OVS port cleanup for non-firewall ports was done only in
tap_plug(), which means that in the case when qemu exits and
the tap device disappears, the OVS port for it stays.
With this patch the cleanup happens in both tap_unplug() and
tap_plug() to avoid problems with upgrades on systems
where there have already been ports leaked.
Replace 'string' with 'filepath' for mapped params
For the CLI man pages and documentation, mapped parameters
('content' strings in API2 which are loaded from file paths
in CLI) get special treatment and are displayed with the
type 'filepath'.
Handle string parameter to file content replacement
This is modelled after the way read_password() is used to
wrap -password parameters on the command line. If a mapping
for a certain API method and parameter is defined in the
sub class of CLIHandler.pm, the parameter is interpreted as
a file path on the command line and the parameter is
filled with the string contents of the referenced file.
This allows us to use the same API schema once in API2, but
overwrite the behaviour for individual parameters in the CLI
tools when desired.
Use case: networks for kvm use a <model>=<macaddr> scheme
where the model represents the network card. The schema
previously could not represent this, so we now introduce a
'group' key which works similar to an alias with the
difference that the data structure also gets an entry named
after the group filled with the name of the key that was
used to fill it.
Usage:
{
virtio => { group => 'model' },
e1000 => { group => 'model' },
model => {
type => 'string',
pattern => ... # pattern for mac address
...
}
}
Now the string 'virtio=aa:bb:cc:dd:ee:ff' gets parsed into:
{
model => 'virtio',
virtio => 'aa:bb:cc:dd:ee:ff'
}
Error examples:
With bad value:
virtio: value does not match the regex pattern
Missing group:
model: property is missing and it is not optional
parse_net() however used the 'macaddr' key for the mac
address, which can be achieved by aliasing 'model' to
'macaddr':
{
virtio => { group => 'model' },
e1000 => { group => 'model' },
model => { alias => 'macaddr' },
macaddr => {
type => 'string',
pattern => ... # pattern for mac address
...
}
}
Then the above string will be parsed into:
{
model => 'virtio',
macaddr => 'aa:bb:cc:dd:ee:ff'
}
The error output now always shows the 'macaddr' key:
Error examples:
With bad value:
macaddr: value does not match the regex pattern
Missing group:
macaddr: property is missing and it is not optional
In order to support specifying no mac address we can now set
model.default_key = 1 and macaddr.optional = 1.
That way `virtio,bridge=vmbr2` gets parsed correctly into
just a model with no macaddr. This works because default
keys as aliases have previously not been supported and would
not have been aliased accordingly. This case is now also
taken into account when printing default keys, which is now
skipped if it is also an alias.
Any action we take in tap_plug() when using OVS will undo
our rate limiting, which means any hotplug change must
restore the previous rate setting.
Since this means tap_plug() would always be followed by a
tap_rate_limit() call anyway we just include the rate
parameter here and let the caller decide whether the full
tap_plug() is required or the simple tap_rate_limit()
suffices.
This hook runs before and after creating volume snapshots,
as well as after unfreezing. Only needed for Qemu right now,
so the base case in PVE::AbstractConfig is a noop.
This class contains common code formerly duplicated in
PVE::LXC and PVE::QemuServer, as well as abstract methods
that must be implemented for LXC and Qemu seperately.
Currently implemented in PVE::LXC::Config, Qemu refactoring
will follow.
Dominik Csapak [Fri, 12 Feb 2016 10:43:23 +0000 (11:43 +0100)]
limit vmid with JSON format
if we do not do this, vmids < 100 (not really bad) and
vmids > 999999999 are possible, which can lead to vms which you can
only get rid of, if you delete the config files manually
also this makes the api consistent with the webgui for vmids
Fix #882: active state of interfaces depends on ipv6
read_etc_network_interfaces used the content of
/proc/net/if_inet6 to decide whether an interface's state is
"active", which means an interface is only active when it
has an ipv6 address, thus using net.ipv6.conf.*.disable_ipv6
on an interface will cause it to show as inactive in the web
interface.
We now filter the interfaces found in /proc/dev/net by their
IFF_UP flag read via an SIOCGIFFLAGS ioctl().
This was already implemented in PVE::LXC::lock_aquire() and
lock_release(). Enabling refcounting in the general
PVE::Tools::lock_file() and lock_file_full() methods allows
us to use one code base for flocking.
Furthermore, we could get rid of various xx_no_lock methods
that were required because the old non-refcounting version
did not support nested flocks (the inner most flock would
close the file handle and thus release the flock).
Thomas Lamprecht [Wed, 16 Dec 2015 09:38:20 +0000 (10:38 +0100)]
Output also lockname if it cannot be acquired
If we can't acquire the lock in lock_file_full and get interrupted
by a signal inqeual to EINTR (e.g. SIGTERM), output also it's name
in the error message to allow better debugging.
Also fix a typo.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Wed, 16 Dec 2015 09:38:19 +0000 (10:38 +0100)]
allow fall back to default completion
This allows a fall back to the default completion, which completes
possible paths/files, if nothing can be generated from the PVE
completion handler ($print_bash_completion) or if the user starts
to entry a path.
This is especially useful for restore or create commands which can
take an archive file as argument.
The bash-completions get generated at each package build through the
respective Makefile, so to let this change come in effect the package
needs to be rebuild and installed (and the respective file from
/usr/share/bash-completion/completions/<pve cli tool> needs to be
sourced again (or simply open a new terminal))
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
They were leaking into processes blocking full restarts of
the daemons.
Note that perl's fcntl doesn't work on numeric
filedescriptors (neither does POSIX::fcntl, which even stays
silent about it and returns EBADF without ever trying to
actually perform the fcntl syscall), so the socket handles
need to be stored ($daemon_sockets).
The flag is added back when the socket gets reopened.