]> git.proxmox.com Git - pve-container.git/blame - src/PVE/CLI/pct.pm
projects / pve-container.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
d/control: bump version dependency to libpve-guest-common-perl
[pve-container.git] / src / PVE / CLI / pct.pm
CommitLineData
9beee926 1package PVE::CLI::pct;
179b842e 2
9beee926
DM		 3use strict;
4use warnings;
5
b95bf64b
WB		 6use POSIX;
7use Fcntl;
8use File::Copy 'copy';
9
9beee926
DM		 10use PVE::SafeSyslog;
11use PVE::Tools qw(extract_param);
c87b1505 12use PVE::CpuSet;
9beee926
DM		 13use PVE::Cluster;
14use PVE::INotify;
15use PVE::RPCEnvironment;
16use PVE::JSONSchema qw(get_standard_option);
17use PVE::CLIHandler;
18use PVE::API2::LXC;
19use PVE::API2::LXC::Config;
20use PVE::API2::LXC::Status;
21use PVE::API2::LXC::Snapshot;
22
9beee926
DM		 23use base qw(PVE::CLIHandler);
24
25my $nodename = PVE::INotify::nodename();
26
27my $upid_exit = sub {
28 my $upid = shift;
29 my $status = PVE::Tools::upid_read_status($upid);
30 exit($status eq 'OK' ? 0 : -1);
31};
32
52e1f0cb
DM		 33sub setup_environment {
34 PVE::RPCEnvironment->setup_default_cli_env();
35}
36
699ee9b2
DC		 37__PACKAGE__->register_method ({
38 name => 'status',
39 path => 'status',
40 method => 'GET',
41 description => "Show CT status.",
42 parameters => {
43 additionalProperties => 0,
44 properties => {
45 vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }),
46 verbose => {
47 description => "Verbose output format",
48 type => 'boolean',
49 optional => 1,
50 }
51 },
52 },
53 returns => { type => 'null'},
54 code => sub {
55 my ($param) = @_;
56
57 # test if CT exists
58 my $conf = PVE::LXC::Config->load_config ($param->{vmid});
59
60 my $vmstatus = PVE::LXC::vmstatus($param->{vmid});
61 my $stat = $vmstatus->{$param->{vmid}};
62 if ($param->{verbose}) {
63 foreach my $k (sort (keys %$stat)) {
64 my $v = $stat->{$k};
65 next if !defined($v);
66 print "$k: $v\n";
67 }
68 } else {
69 my $status = $stat->{status} || 'unknown';
70 print "status: $status\n";
71 }
72
73 return undef;
74 }});
75
6085e45b 76sub param_mapping {
34ddbf08
FG		 77 my ($name) = @_;
78
79 my $mapping = {
6085e45b
DC		 80 'create_vm' => [
81 PVE::CLIHandler::get_standard_mapping('pve-password'),
82 'ssh-public-keys',
83 ],
34ddbf08
FG		 84 };
85
6085e45b 86 return $mapping->{$name};
34ddbf08
FG		 87}
88
c72bd0ba
WL		 89__PACKAGE__->register_method ({
90 name => 'unlock',
91 path => 'unlock',
92 method => 'PUT',
93 description => "Unlock the VM.",
94 parameters => {
95 additionalProperties => 0,
96 properties => {
97 vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }),
98 },
99 },
100 returns => { type => 'null'},
101 code => sub {
102 my ($param) = @_;
103
104 my $vmid = $param->{vmid};
105
ad408fe1 106 PVE::LXC::Config->remove_lock($vmid);
c72bd0ba
WL		 107
108 return undef;
109 }});
110
9beee926
DM		 111__PACKAGE__->register_method ({
112 name => 'console',
113 path => 'console',
114 method => 'GET',
115 description => "Launch a console for the specified container.",
116 parameters => {
117 additionalProperties => 0,
118 properties => {
119 vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid_running }),
65213b67
TM		 120 escape => {
121 description => "Escape sequence prefix. For example to use <Ctrl+b q> as the escape sequence pass '^b'.",
122 default => '^a',
123 type => 'string',
124 pattern => '\^?[a-z]',
125 optional => 1,
126 },
9beee926
DM		 127 },
128 },
129 returns => { type => 'null' },
130
131 code => sub {
132 my ($param) = @_;
133
134 # test if container exists on this node
67afe46e 135 my $conf = PVE::LXC::Config->load_config($param->{vmid});
9beee926 136
65213b67 137 my $cmd = PVE::LXC::get_console_command($param->{vmid}, $conf, $param->{escape});
9beee926
DM		 138 exec(@$cmd);
139 }});
140
141__PACKAGE__->register_method ({
142 name => 'enter',
143 path => 'enter',
144 method => 'GET',
145 description => "Launch a shell for the specified container.",
146 parameters => {
147 additionalProperties => 0,
148 properties => {
149 vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid_running }),
150 },
151 },
152 returns => { type => 'null' },
153
154 code => sub {
155 my ($param) = @_;
156
d4b3eead
TL		 157 my $vmid = $param->{vmid};
158
9beee926 159 # test if container exists on this node
67afe46e 160 PVE::LXC::Config->load_config($vmid);
d4b3eead
TL		 161
162 die "Error: container '$vmid' not running!\n" if !PVE::LXC::check_running($vmid);
9beee926 163
d4b3eead 164 exec('lxc-attach', '-n', $vmid);
9beee926
DM		 165 }});
166
167__PACKAGE__->register_method ({
168 name => 'exec',
169 path => 'exec',
170 method => 'GET',
171 description => "Launch a command inside the specified container.",
172 parameters => {
173 additionalProperties => 0,
174 properties => {
4b09527c 175 vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid_running }),
9beee926
DM		 176 'extra-args' => get_standard_option('extra-args'),
177 },
178 },
179 returns => { type => 'null' },
180
181 code => sub {
182 my ($param) = @_;
183
184 # test if container exists on this node
67afe46e 185 PVE::LXC::Config->load_config($param->{vmid});
9beee926
DM		 186
187 if (!@{$param->{'extra-args'}}) {
188 die "missing command";
189 }
190 exec('lxc-attach', '-n', $param->{vmid}, '--', @{$param->{'extra-args'}});
191 }});
192
5ef9e3d1 193__PACKAGE__->register_method ({
f8327ed5
EK		 194 name => 'fsck',
195 path => 'fsck',
196 method => 'PUT',
5ef9e3d1 197 description => "Run a filesystem check (fsck) on a container volume.",
f8327ed5
EK		 198 parameters => {
199 additionalProperties => 0,
200 properties => {
201 vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid_stopped }),
202 force => {
203 optional => 1,
204 type => 'boolean',
205 description => "Force checking, even if the filesystem seems clean",
206 default => 0,
207 },
208 device => {
209 optional => 1,
210 type => 'string',
211 description => "A volume on which to run the filesystem check",
d250604f 212 enum => [PVE::LXC::Config->mountpoint_names()],
f8327ed5
EK		 213 },
214 },
215 },
216 returns => { type => 'null' },
217 code => sub {
218
219 my ($param) = @_;
220 my $vmid = $param->{'vmid'};
221 my $device = defined($param->{'device'}) ? $param->{'device'} : 'rootfs';
222
223 my $command = ['fsck', '-a', '-l'];
224 push(@$command, '-f') if $param->{force};
225
226 # critical path: all of this will be done while the container is locked
227 my $do_fsck = sub {
228
67afe46e 229 my $conf = PVE::LXC::Config->load_config($vmid);
f8327ed5
EK		 230 my $storage_cfg = PVE::Storage::config();
231
235dbdf3 232 defined($conf->{$device}) || die "cannot run command on non-existing mount point $device\n";
f8327ed5 233
1b4cf758
FG		 234 my $mount_point = $device eq 'rootfs' ? PVE::LXC::Config->parse_ct_rootfs($conf->{$device}) :
235 PVE::LXC::Config->parse_ct_mountpoint($conf->{$device});
44a9face 236
f8327ed5
EK		 237 my $volid = $mount_point->{volume};
238
239 my $path;
240 my $storage_id = PVE::Storage::parse_volume_id($volid, 1);
241
242 if ($storage_id) {
f8327ed5 243 my (undef, undef, undef, undef, undef, undef, $format) =
da9e487b 244 PVE::Storage::parse_volname($storage_cfg, $volid);
f8327ed5 245
da9e487b
DM		 246 die "unable to run fsck for '$volid' (format == $format)\n"
247 if $format ne 'raw';
f8327ed5
EK		 248
249 $path = PVE::Storage::path($storage_cfg, $volid);
250
251 } else {
da9e487b 252 if (($volid =~ m|^/.+|) && (-b $volid)) {
f8327ed5
EK		 253 # pass block devices directly
254 $path = $volid;
255 } else {
da9e487b 256 die "path '$volid' does not point to a block device\n";
f8327ed5
EK		 257 }
258 }
259
260 push(@$command, $path);
261
da9e487b
DM		 262 PVE::LXC::check_running($vmid) &&
263 die "cannot run fsck on active container\n";
264
f8327ed5
EK		 265 PVE::Tools::run_command($command);
266 };
267
67afe46e 268 PVE::LXC::Config->lock_config($vmid, $do_fsck);
f8327ed5
EK		 269 return undef;
270 }});
271
c93be6ed
WB		 272__PACKAGE__->register_method({
273 name => 'mount',
274 path => 'mount',
275 method => 'POST',
276 description => "Mount the container's filesystem on the host. " .
277 "This will hold a lock on the container and is meant for emergency maintenance only " .
278 "as it will prevent further operations on the container other than start and stop.",
279 parameters => {
280 additionalProperties => 0,
281 properties => {
282 vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }),
283 },
284 },
285 returns => { type => 'null' },
286 code => sub {
287 my ($param) = @_;
288
289 my $rpcenv = PVE::RPCEnvironment::get();
290
291 my $vmid = extract_param($param, 'vmid');
292 my $storecfg = PVE::Storage::config();
67afe46e
FG		 293 PVE::LXC::Config->lock_config($vmid, sub {
294 my $conf = PVE::LXC::Config->set_lock($vmid, 'mounted');
c93be6ed
WB		 295 PVE::LXC::mount_all($vmid, $storecfg, $conf);
296 });
8632d8eb
TL		 297
298 print "mounted CT $vmid in '/var/lib/lxc/$vmid/rootfs'\n";
c93be6ed
WB		 299 return undef;
300 }});
301
302__PACKAGE__->register_method({
303 name => 'unmount',
304 path => 'unmount',
305 method => 'POST',
306 description => "Unmount the container's filesystem.",
307 parameters => {
308 additionalProperties => 0,
309 properties => {
310 vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }),
311 },
312 },
313 returns => { type => 'null' },
314 code => sub {
315 my ($param) = @_;
316
317 my $rpcenv = PVE::RPCEnvironment::get();
318
319 my $vmid = extract_param($param, 'vmid');
320 my $storecfg = PVE::Storage::config();
67afe46e
FG		 321 PVE::LXC::Config->lock_config($vmid, sub {
322 my $conf = PVE::LXC::Config->load_config($vmid);
c93be6ed 323 PVE::LXC::umount_all($vmid, $storecfg, $conf, 0);
67afe46e 324 PVE::LXC::Config->remove_lock($vmid, 'mounted');
c93be6ed
WB		 325 });
326 return undef;
327 }});
328
c6b59656
WB		 329__PACKAGE__->register_method({
330 name => 'df',
331 path => 'df',
332 method => 'GET',
333 description => "Get the container's current disk usage.",
334 parameters => {
335 additionalProperties => 0,
336 properties => {
337 vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }),
338 },
339 },
340 returns => { type => 'null' },
341 code => sub {
342 my ($param) = @_;
343
344 my $rpcenv = PVE::RPCEnvironment::get();
345
346 # JSONSchema's format_size is exact, this uses floating point numbers
347 my $format = sub {
348 my ($size) = @_;
349 return $size if $size < 1024.;
350 $size /= 1024.;
351 return sprintf('%.1fK', ${size}) if $size < 1024.;
352 $size /= 1024.;
353 return sprintf('%.1fM', ${size}) if $size < 1024.;
354 $size /= 1024.;
355 return sprintf('%.1fG', ${size}) if $size < 1024.;
356 $size /= 1024.;
357 return sprintf('%.1fT', ${size}) if $size < 1024.;
358 };
359
360 my $vmid = extract_param($param, 'vmid');
361 PVE::LXC::Config->lock_config($vmid, sub {
362 my $pid = eval { PVE::LXC::find_lxc_pid($vmid) };
363 my ($conf, $rootdir, $storecfg, $mounted);
364 if ($@ || !$pid) {
365 $conf = PVE::LXC::Config->set_lock($vmid, 'mounted');
366 $rootdir = "/var/lib/lxc/$vmid/rootfs";
367 $storecfg = PVE::Storage::config();
368 PVE::LXC::mount_all($vmid, $storecfg, $conf);
369 $mounted = 1;
370 } else {
371 $conf = PVE::LXC::Config->load_config($vmid);
372 $rootdir = "/proc/$pid/root";
373 }
374
375 my @list = [qw(MP Volume Size Used Avail Use% Path)];
376 my @len = map { length($_) } @{$list[0]};
377
378 eval {
379 PVE::LXC::Config->foreach_mountpoint($conf, sub {
380 my ($name, $mp) = @_;
381 my $path = $mp->{mp};
382
383 my $df = PVE::Tools::df("$rootdir/$path", 3);
384 my $total = $format->($df->{total});
385 my $used = $format->($df->{used});
386 my $avail = $format->($df->{avail});
387
388 my $pc = sprintf('%.1f', $df->{used}/$df->{total});
389
390 my $entry = [ $name, $mp->{volume}, $total, $used, $avail, $pc, $path ];
391 push @list, $entry;
392
393 foreach my $i (0..5) {
394 $len[$i] = length($entry->[$i])
395 if $len[$i] < length($entry->[$i]);
396 }
397 });
398
399 my $format = "%-$len[0]s %-$len[1]s %$len[2]s %$len[3]s %$len[4]s %$len[5]s %s\n";
400 printf($format, @$_) foreach @list;
401 };
402 warn $@ if $@;
403
404 if ($mounted) {
405 PVE::LXC::umount_all($vmid, $storecfg, $conf, 0);
406 PVE::LXC::Config->remove_lock($vmid, 'mounted');
407 }
408 });
409 return undef;
410 }});
411
b95bf64b
WB		 412# File creation with specified ownership and permissions.
413# User and group can be names or decimal numbers.
414# Permissions are explicit (not affected by umask) and can be numeric with the
415# usual 0/0x prefixes for octal/hex.
416sub create_file {
417 my ($path, $perms, $user, $group) = @_;
418 my ($uid, $gid);
419 if (defined($user)) {
420 if ($user =~ /^\d+$/) {
421 $uid = int($user);
422 } else {
423 $uid = getpwnam($user) or die "failed to get uid for: $user\n"
424 }
425 }
426 if (defined($group)) {
427 if ($group =~ /^\d+$/) {
428 $gid = int($group);
429 } else {
430 $gid = getgrnam($group) or die "failed to get gid for: $group\n"
431 }
432 }
433
434 if (defined($perms)) {
435 $! = 0;
436 my ($mode, $unparsed) = POSIX::strtoul($perms, 0);
437 die "invalid mode: '$perms'\n" if $perms eq '' || $unparsed > 0 || $!;
438 $perms = $mode;
439 }
440
441 my $fd;
442 if (sysopen($fd, $path, O_WRONLY | O_CREAT | O_EXCL, 0)) {
443 $perms = 0666 & ~umask if !defined($perms);
444 } else {
445 # If the path previously existed then we do not care about left-over
446 # file descriptors even if the permissions/ownership is changed.
447 sysopen($fd, $path, O_WRONLY | O_CREAT | O_TRUNC)
448 or die "failed to create file: $path: $!\n";
449 }
450
451 my $trunc = 0;
452
453 if (defined($perms)) {
454 $trunc = 1;
455 chmod($perms, $fd);
456 }
457
458 if (defined($uid) || defined($gid)) {
459 $trunc = 1;
460 my ($fuid, $fgid) = (stat($fd))[4,5] if !defined($uid) || !defined($gid);
461 $uid = $fuid if !defined($uid);
462 $gid = $fgid if !defined($gid);
463 chown($uid, $gid, $fd)
464 or die "failed to change file owner: $!\n";
465 }
466 return $fd;
467}
468
6827e44d
AA		 469__PACKAGE__->register_method ({
470 name => 'rescan',
471 path => 'rescan',
472 method => 'POST',
473 description => "Rescan all storages and update disk sizes and unused disk images.",
474 parameters => {
475 additionalProperties => 0,
476 properties => {
477 vmid => get_standard_option('pve-vmid', {
478 optional => 1,
479 completion => \&PVE::LXC::complete_ctid,
480 }),
481 dryrun => {
482 type => 'boolean',
483 optional => 1,
484 default => 0,
485 description => 'Do not actually write changes out to conifg.',
486 },
487 },
488 },
489 returns => { type => 'null'},
490 code => sub {
491 my ($param) = @_;
492
493 my $dryrun = $param->{dryrun};
494
495 print "NOTE: running in dry-run mode, won't write changes out!\n" if $dryrun;
496
497 PVE::LXC::rescan($param->{vmid}, 0, $dryrun);
498
499 return undef;
500 }});
501
b95bf64b
WB		 502__PACKAGE__->register_method({
503 name => 'pull',
504 path => 'pull',
505 method => 'PUT',
506 description => "Copy a file from the container to the local system.",
507 parameters => {
508 additionalProperties => 0,
509 properties => {
510 vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }),
511 path => {
512 type => 'string',
513 description => "Path to a file inside the container to pull.",
514 },
515 destination => {
516 type => 'string',
517 description => "Destination",
518 },
519 user => {
520 type => 'string',
521 description => 'Owner user name or id.',
522 optional => 1,
523 },
524 group => {
525 type => 'string',
526 description => 'Owner group name or id.',
527 optional => 1,
528 },
529 perms => {
530 type => 'string',
893e40de 531 description => "File permissions to use (octal by default, prefix with '0x' for hexadecimal).",
b95bf64b
WB		 532 optional => 1,
533 },
534 },
535 },
536 returns => {
537 type => 'string',
538 description => "the task ID.",
539 },
540 code => sub {
541 my ($param) = @_;
542
543 my $rpcenv = PVE::RPCEnvironment::get();
544
545 my $vmid = extract_param($param, 'vmid');
546 my $path = extract_param($param, 'path');
547 my $dest = extract_param($param, 'destination');
548
549 my $perms = extract_param($param, 'perms');
fa0ab908
DM		 550 # assume octal as default
551 $perms = "0$perms" if defined($perms) && $perms !~m/^0/;
b95bf64b
WB		 552 my $user = extract_param($param, 'user');
553 my $group = extract_param($param, 'group');
554
555 my $code = sub {
556 my $running = PVE::LXC::check_running($vmid);
557 die "can only pull files from a running VM" if !$running;
558
559 my $realcmd = sub {
560 my $pid = PVE::LXC::find_lxc_pid($vmid);
561 # Avoid symlink issues by opening the files from inside the
562 # corresponding namespaces.
563 my $destfd = create_file($dest, $perms, $user, $group);
564
565 sysopen my $mntnsfd, "/proc/$pid/ns/mnt", O_RDONLY
566 or die "failed to open the container's mount namespace\n";
567 PVE::Tools::setns(fileno($mntnsfd), PVE::Tools::CLONE_NEWNS)
568 or die "failed to enter the container's mount namespace\n";
569 close($mntnsfd);
570 chdir('/') or die "failed to change to container root directory\n";
571
572 open my $srcfd, '<', $path
573 or die "failed to open $path: $!\n";
574
575 copy($srcfd, $destfd);
576 };
577
578 # This avoids having to setns() back to our namespace.
579 return $rpcenv->fork_worker('pull_file', $vmid, undef, $realcmd);
580 };
581
67afe46e 582 return PVE::LXC::Config->lock_config($vmid, $code);
b95bf64b
WB		 583 }});
584
585__PACKAGE__->register_method({
586 name => 'push',
587 path => 'push',
588 method => 'PUT',
589 description => "Copy a local file to the container.",
590 parameters => {
591 additionalProperties => 0,
592 properties => {
593 vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }),
594 file => {
595 type => 'string',
596 description => "Path to a local file.",
597 },
598 destination => {
599 type => 'string',
600 description => "Destination inside the container to write to.",
601 },
602 user => {
603 type => 'string',
604 description => 'Owner user name or id. When using a name it must exist inside the container.',
605 optional => 1,
606 },
607 group => {
608 type => 'string',
609 description => 'Owner group name or id. When using a name it must exist inside the container.',
610 optional => 1,
611 },
612 perms => {
613 type => 'string',
893e40de 614 description => "File permissions to use (octal by default, prefix with '0x' for hexadecimal).",
b95bf64b
WB		 615 optional => 1,
616 },
617 },
618 },
619 returns => {
620 type => 'string',
621 description => "the task ID.",
622 },
623 code => sub {
624 my ($param) = @_;
625
626 my $rpcenv = PVE::RPCEnvironment::get();
627
628 my $vmid = extract_param($param, 'vmid');
629 my $file = extract_param($param, 'file');
630 my $dest = extract_param($param, 'destination');
631
632 my $perms = extract_param($param, 'perms');
fa0ab908
DM		 633 # assume octal as default
634 $perms = "0$perms" if defined($perms) && $perms !~m/^0/;
b95bf64b
WB		 635 my $user = extract_param($param, 'user');
636 my $group = extract_param($param, 'group');
637
638 my $code = sub {
639 my $running = PVE::LXC::check_running($vmid);
5a883bff 640 die "can only push files to a running CT\n" if !$running;
b95bf64b 641
67afe46e 642 my $conf = PVE::LXC::Config->load_config($vmid);
b95bf64b
WB		 643 my $unprivileged = $conf->{unprivileged};
644
645 my $realcmd = sub {
646 my $pid = PVE::LXC::find_lxc_pid($vmid);
647 # We open the file then enter the container's mount - and for
648 # unprivileged containers - user namespace and then create the
649 # file. This avoids symlink attacks as a symlink cannot point
650 # outside the namespace and our own access is equivalent to the
651 # container-local's root user. Also the user-passed -user and
652 # -group parameters will use the container-local's user and
653 # group names.
654 sysopen my $srcfd, $file, O_RDONLY
655 or die "failed to open $file for reading\n";
656
657 sysopen my $mntnsfd, "/proc/$pid/ns/mnt", O_RDONLY
658 or die "failed to open the container's mount namespace\n";
659 my $usernsfd;
660 if ($unprivileged) {
661 sysopen $usernsfd, "/proc/$pid/ns/user", O_RDONLY
662 or die "failed to open the container's user namespace\n";
663 }
664
665 PVE::Tools::setns(fileno($mntnsfd), PVE::Tools::CLONE_NEWNS)
666 or die "failed to enter the container's mount namespace\n";
667 close($mntnsfd);
668 chdir('/') or die "failed to change to container root directory\n";
669
670 if ($unprivileged) {
671 PVE::Tools::setns(fileno($usernsfd), PVE::Tools::CLONE_NEWUSER)
672 or die "failed to enter the container's user namespace\n";
673 close($usernsfd);
674 POSIX::setgid(0) or die "setgid failed: $!\n";
675 POSIX::setuid(0) or die "setuid failed: $!\n";
676 }
677
678 my $destfd = create_file($dest, $perms, $user, $group);
679 copy($srcfd, $destfd);
680 };
681
682 # This avoids having to setns() back to our namespace.
683 return $rpcenv->fork_worker('push_file', $vmid, undef, $realcmd);
684 };
685
67afe46e 686 return PVE::LXC::Config->lock_config($vmid, $code);
b95bf64b
WB		 687 }});
688
c87b1505
DM		 689__PACKAGE__->register_method ({
690 name => 'cpusets',
691 path => 'cpusets',
692 method => 'GET',
693 description => "Print the list of assigned CPU sets.",
694 parameters => {
695 additionalProperties => 0,
696 properties => {},
697 },
698 returns => { type => 'null'},
699 code => sub {
700 my ($param) = @_;
701
0b6a2f0e
WB		 702 my $cgv1 = PVE::LXC::get_cgroup_subsystems();
703 if (!$cgv1->{cpuset}) {
704 print "cpuset cgroup not available\n";
705 return undef;
706 }
707
c87b1505
DM		 708 my $ctlist = PVE::LXC::config_list();
709
710 my $len = 0;
711 my $id_len = 0;
712 my $res = {};
713
714 foreach my $vmid (sort keys %$ctlist) {
715 next if ! -d "/sys/fs/cgroup/cpuset/lxc/$vmid";
716
717 my $cpuset = eval { PVE::CpuSet->new_from_cgroup("lxc/$vmid"); };
718 if (my $err = $@) {
719 warn $err;
720 next;
721 }
722 my @cpuset_members = $cpuset->members();
723
724 my $line = ': ';
725
726 my $last = $cpuset_members[-1];
727
728 for (my $id = 0; $id <= $last; $id++) {
729 my $empty = ' ' x length("$id");
730 $line .= ' ' . ($cpuset->has($id) ? $id : $empty);
731 }
732 $len = length($line) if length($line) > $len;
733 $id_len = length($vmid) if length($vmid) > $id_len;
734
735 $res->{$vmid} = $line;
736 }
737
486fe362 738 my @vmlist = sort keys %$res;
c87b1505 739
486fe362
DM		 740 if (scalar(@vmlist)) {
741 my $header = '-' x ($len + $id_len) . "\n";
742
743 print $header;
744 foreach my $vmid (@vmlist) {
745 print sprintf("%${id_len}i%s\n", $vmid, $res->{$vmid});
746 }
747 print $header;
748
749 } else {
750 print "no running containers\n";
c87b1505 751 }
c87b1505
DM		 752
753 return undef;
754 }});
755
e08ac1a0
OB		 756__PACKAGE__->register_method ({
757 name => 'fstrim',
758 path => 'fstrim',
759 method => 'POST',
760 description => "Run fstrim on a chosen CT and its mountpoints.",
761 parameters => {
762 additionalProperties => 0,
763 properties => {
764 vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }),
765 },
766 },
767 returns => { type => 'null' },
768 code => sub {
769
770 my ($param) = @_;
771 my $vmid = $param->{'vmid'};
772
773 my $rootdir = "/var/lib/lxc/$vmid/rootfs";
774
775 my $storecfg = PVE::Storage::config();
776 my $conf = PVE::LXC::Config->set_lock($vmid, 'fstrim');
e08ac1a0
OB		 777 eval {
778 my $path = "";
a179d3a7 779 PVE::LXC::mount_all($vmid, $storecfg, $conf);
e08ac1a0
OB		 780 PVE::LXC::Config->foreach_mountpoint($conf, sub {
781 my ($name, $mp) = @_;
782 $path = $mp->{mp};
783 my $cmd = ["fstrim", "-v", "$rootdir$path"];
784 PVE::Tools::run_command($cmd);
785 });
786 };
a179d3a7 787 warn $@ if $@;
e08ac1a0
OB		 788
789 PVE::LXC::umount_all($vmid, $storecfg, $conf, 0);
790 PVE::LXC::Config->remove_lock($vmid, 'fstrim');
791
792 return undef;
793 }});
794
9beee926
DM		 795our $cmddef = {
796 list=> [ 'PVE::API2::LXC', 'vmlist', [], { node => $nodename }, sub {
797 my $res = shift;
798 return if !scalar(@$res);
d0226204
WB		 799 my $format = "%-10s %-10s %-12s %-20s\n";
800 printf($format, 'VMID', 'Status', 'Lock', 'Name');
9beee926 801 foreach my $d (sort {$a->{vmid} <=> $b->{vmid} } @$res) {
d0226204 802 printf($format, $d->{vmid}, $d->{status}, $d->{lock}, $d->{name});
9beee926
DM		 803 }
804 }],
805 config => [ "PVE::API2::LXC::Config", 'vm_config', ['vmid'],
806 { node => $nodename }, sub {
807 my $config = shift;
808 foreach my $k (sort (keys %$config)) {
809 next if $k eq 'digest';
8a778340 810 next if $k eq 'lxc';
9beee926
DM		 811 my $v = $config->{$k};
812 if ($k eq 'description') {
813 $v = PVE::Tools::encode_text($v);
814 }
815 print "$k: $v\n";
816 }
8a778340
FG		 817 if (defined($config->{'lxc'})) {
818 my $lxc_list = $config->{'lxc'};
819 foreach my $lxc_opt (@$lxc_list) {
820 print "$lxc_opt->[0]: $lxc_opt->[1]\n"
821 }
822 }
9beee926
DM		 823 }],
824 set => [ 'PVE::API2::LXC::Config', 'update_vm', ['vmid'], { node => $nodename }],
40626217 825
985b18ed 826 resize => [ "PVE::API2::LXC", 'resize_vm', ['vmid', 'disk', 'size'], { node => $nodename } ],
9beee926
DM		 827
828 create => [ 'PVE::API2::LXC', 'create_vm', ['vmid', 'ostemplate'], { node => $nodename }, $upid_exit ],
829 restore => [ 'PVE::API2::LXC', 'create_vm', ['vmid', 'ostemplate'], { node => $nodename, restore => 1 }, $upid_exit ],
830
831 start => [ 'PVE::API2::LXC::Status', 'vm_start', ['vmid'], { node => $nodename }, $upid_exit],
832 suspend => [ 'PVE::API2::LXC::Status', 'vm_suspend', ['vmid'], { node => $nodename }, $upid_exit],
833 resume => [ 'PVE::API2::LXC::Status', 'vm_resume', ['vmid'], { node => $nodename }, $upid_exit],
834 shutdown => [ 'PVE::API2::LXC::Status', 'vm_shutdown', ['vmid'], { node => $nodename }, $upid_exit],
835 stop => [ 'PVE::API2::LXC::Status', 'vm_stop', ['vmid'], { node => $nodename }, $upid_exit],
836
c4a33727 837 clone => [ "PVE::API2::LXC", 'clone_vm', ['vmid', 'newid'], { node => $nodename }, $upid_exit ],
9beee926 838 migrate => [ "PVE::API2::LXC", 'migrate_vm', ['vmid', 'target'], { node => $nodename }, $upid_exit],
3c0f6806 839 move_volume => [ "PVE::API2::LXC", 'move_volume', ['vmid', 'volume', 'storage'], { node => $nodename }, $upid_exit ],
9beee926 840
699ee9b2 841 status => [ __PACKAGE__, 'status', ['vmid']],
9beee926
DM		 842 console => [ __PACKAGE__, 'console', ['vmid']],
843 enter => [ __PACKAGE__, 'enter', ['vmid']],
c72bd0ba 844 unlock => [ __PACKAGE__, 'unlock', ['vmid']],
9beee926 845 exec => [ __PACKAGE__, 'exec', ['vmid', 'extra-args']],
f8327ed5 846 fsck => [ __PACKAGE__, 'fsck', ['vmid']],
b95bf64b 847
c93be6ed
WB		 848 mount => [ __PACKAGE__, 'mount', ['vmid']],
849 unmount => [ __PACKAGE__, 'unmount', ['vmid']],
b95bf64b
WB		 850 push => [ __PACKAGE__, 'push', ['vmid', 'file', 'destination']],
851 pull => [ __PACKAGE__, 'pull', ['vmid', 'path', 'destination']],
c6b59656
WB		 852
853 df => [ __PACKAGE__, 'df', ['vmid']],
6827e44d 854 rescan => [ __PACKAGE__, 'rescan', []],
c6b59656 855
9beee926
DM		 856 destroy => [ 'PVE::API2::LXC', 'destroy_vm', ['vmid'],
857 { node => $nodename }, $upid_exit ],
858
859 snapshot => [ "PVE::API2::LXC::Snapshot", 'snapshot', ['vmid', 'snapname'],
860 { node => $nodename } , $upid_exit ],
861
862 delsnapshot => [ "PVE::API2::LXC::Snapshot", 'delsnapshot', ['vmid', 'snapname'], { node => $nodename } , $upid_exit ],
863
864 listsnapshot => [ "PVE::API2::LXC::Snapshot", 'list', ['vmid'], { node => $nodename },
865 sub {
866 my $res = shift;
867 foreach my $e (@$res) {
868 my $headline = $e->{description} || 'no-description';
869 $headline =~ s/\n.*//sg;
870 my $parent = $e->{parent} // 'no-parent';
871 printf("%-20s %-20s %s\n", $e->{name}, $parent, $headline);
872 }
873 }],
874
875 rollback => [ "PVE::API2::LXC::Snapshot", 'rollback', ['vmid', 'snapname'], { node => $nodename } , $upid_exit ],
876
877 template => [ "PVE::API2::LXC", 'template', ['vmid'], { node => $nodename }],
c87b1505
DM		 878
879 cpusets => [ __PACKAGE__, 'cpusets', []],
880
e08ac1a0
OB		 881 fstrim => [ __PACKAGE__, 'fstrim', ['vmid']],
882
9beee926
DM		 883};
884
885
8861;
PVE Container Toolkit