1 package PVE
::LXC
::Config
;
5 use Fcntl
qw(O_RDONLY);
7 use PVE
::AbstractConfig
;
8 use PVE
::Cluster
qw(cfs_register_file);
9 use PVE
::DataCenterConfig
;
10 use PVE
::GuestHelpers
;
12 use PVE
::JSONSchema
qw(get_standard_option);
15 use base
qw(PVE::AbstractConfig);
17 use constant {FIFREEZE
=> 0xc0045877,
18 FITHAW
=> 0xc0045878};
20 my $nodename = PVE
::INotify
::nodename
();
21 my $lock_handles = {};
22 my $lockdir = "/run/lock/lxc";
24 mkdir "/etc/pve/nodes/$nodename/lxc";
25 my $MAX_MOUNT_POINTS = 256;
26 my $MAX_UNUSED_DISKS = $MAX_MOUNT_POINTS;
28 # BEGIN implemented abstract methods from PVE::AbstractConfig
34 sub __config_max_unused_disks
{
37 return $MAX_UNUSED_DISKS;
40 sub config_file_lock
{
41 my ($class, $vmid) = @_;
43 return "$lockdir/pve-config-${vmid}.lock";
47 my ($class, $vmid, $node) = @_;
49 $node = $nodename if !$node;
50 return "nodes/$node/lxc/$vmid.conf";
53 sub mountpoint_backup_enabled
{
54 my ($class, $mp_key, $mountpoint) = @_;
59 if ($mp_key eq 'rootfs') {
62 } elsif ($mountpoint->{type
} ne 'volume') {
64 $reason = 'not a volume';
65 } elsif ($mountpoint->{backup
}) {
72 return wantarray ?
($enabled, $reason) : $enabled;
76 my ($class, $feature, $conf, $storecfg, $snapname, $running, $backup_only) = @_;
80 if ($feature eq 'copy' || $feature eq 'clone') {
81 $opts = {'valid_target_formats' => ['raw', 'subvol']};
84 $class->foreach_volume($conf, sub {
85 my ($ms, $mountpoint) = @_;
87 return if $err; # skip further test
88 return if $backup_only && !$class->mountpoint_backup_enabled($ms, $mountpoint);
91 if !PVE
::Storage
::volume_has_feature
($storecfg, $feature,
92 $mountpoint->{volume
},
93 $snapname, $running, $opts);
99 sub __snapshot_save_vmstate
{
100 my ($class, $vmid, $conf, $snapname, $storecfg) = @_;
101 die "implement me - snapshot_save_vmstate\n";
104 sub __snapshot_activate_storages
{
105 my ($class, $conf, $include_vmstate) = @_;
107 my $storecfg = PVE
::Storage
::config
();
108 my $opts = $include_vmstate ?
{ 'extra_keys' => ['vmstate'] } : {};
109 my $storage_hash = {};
111 $class->foreach_volume_full($conf, $opts, sub {
112 my ($vs, $mountpoint) = @_;
114 return if $mountpoint->{type
} ne 'volume';
116 my ($storeid) = PVE
::Storage
::parse_volume_id
($mountpoint->{volume
});
117 $storage_hash->{$storeid} = 1;
120 PVE
::Storage
::activate_storage_list
($storecfg, [ sort keys $storage_hash->%* ]);
123 sub __snapshot_check_running
{
124 my ($class, $vmid) = @_;
125 return PVE
::LXC
::check_running
($vmid);
128 sub __snapshot_check_freeze_needed
{
129 my ($class, $vmid, $config, $save_vmstate) = @_;
131 my $ret = $class->__snapshot_check_running($vmid);
135 # implements similar functionality to fsfreeze(8)
136 sub fsfreeze_mountpoint
{
137 my ($path, $thaw) = @_;
139 my $op = $thaw ?
'thaw' : 'freeze';
140 my $ioctl = $thaw ? FITHAW
: FIFREEZE
;
142 sysopen my $fd, $path, O_RDONLY
or die "failed to open $path: $!\n";
144 if (!ioctl($fd, $ioctl, 0)) {
148 die "fs$op '$path' failed - $ioctl_err\n" if defined $ioctl_err;
151 sub __snapshot_freeze
{
152 my ($class, $vmid, $unfreeze) = @_;
154 my $conf = $class->load_config($vmid);
155 my $storagecfg = PVE
::Storage
::config
();
158 $class->foreach_volume($conf, sub {
159 my ($ms, $mountpoint) = @_;
161 return if $mountpoint->{type
} ne 'volume';
163 if (PVE
::Storage
::volume_snapshot_needs_fsfreeze
($storagecfg, $mountpoint->{volume
})) {
164 push @$freeze_mps, $mountpoint->{mp
};
168 my $freeze_mountpoints = sub {
171 return if scalar(@$freeze_mps) == 0;
173 my $pid = PVE
::LXC
::find_lxc_pid
($vmid);
175 for my $mp (@$freeze_mps) {
176 eval{ fsfreeze_mountpoint
("/proc/${pid}/root/${mp}", $thaw); };
182 eval { PVE
::LXC
::thaw
($vmid); };
184 $freeze_mountpoints->(1);
186 PVE
::LXC
::freeze
($vmid);
187 PVE
::LXC
::sync_container_namespace
($vmid);
188 $freeze_mountpoints->(0);
192 sub __snapshot_create_vol_snapshot
{
193 my ($class, $vmid, $ms, $mountpoint, $snapname) = @_;
195 my $storecfg = PVE
::Storage
::config
();
197 return if $snapname eq 'vzdump' &&
198 !$class->mountpoint_backup_enabled($ms, $mountpoint);
200 PVE
::Storage
::volume_snapshot
($storecfg, $mountpoint->{volume
}, $snapname);
203 sub __snapshot_delete_remove_drive
{
204 my ($class, $snap, $remove_drive) = @_;
206 if ($remove_drive eq 'vmstate') {
207 die "implement me - saving vmstate\n";
209 my $value = $snap->{$remove_drive};
210 my $mountpoint = $class->parse_volume($remove_drive, $value, 1);
211 delete $snap->{$remove_drive};
213 $class->add_unused_volume($snap, $mountpoint->{volume
})
214 if $mountpoint && ($mountpoint->{type
} eq 'volume');
218 sub __snapshot_delete_vmstate_file
{
219 my ($class, $snap, $force) = @_;
221 die "implement me - saving vmstate\n";
224 sub __snapshot_delete_vol_snapshot
{
225 my ($class, $vmid, $ms, $mountpoint, $snapname, $unused) = @_;
227 return if $snapname eq 'vzdump' &&
228 !$class->mountpoint_backup_enabled($ms, $mountpoint);
230 my $storecfg = PVE
::Storage
::config
();
231 PVE
::Storage
::volume_snapshot_delete
($storecfg, $mountpoint->{volume
}, $snapname);
232 push @$unused, $mountpoint->{volume
};
235 sub __snapshot_rollback_vol_possible
{
236 my ($class, $mountpoint, $snapname, $blockers) = @_;
238 my $storecfg = PVE
::Storage
::config
();
239 PVE
::Storage
::volume_rollback_is_possible
(
241 $mountpoint->{volume
},
247 sub __snapshot_rollback_vol_rollback
{
248 my ($class, $mountpoint, $snapname) = @_;
250 my $storecfg = PVE
::Storage
::config
();
251 PVE
::Storage
::volume_snapshot_rollback
($storecfg, $mountpoint->{volume
}, $snapname);
254 sub __snapshot_rollback_vm_stop
{
255 my ($class, $vmid) = @_;
257 PVE
::LXC
::vm_stop
($vmid, 1)
258 if $class->__snapshot_check_running($vmid);
261 sub __snapshot_rollback_vm_start
{
262 my ($class, $vmid, $vmstate, $data);
264 die "implement me - save vmstate\n";
267 sub __snapshot_rollback_get_unused
{
268 my ($class, $conf, $snap) = @_;
272 $class->foreach_volume($conf, sub {
273 my ($vs, $volume) = @_;
275 return if $volume->{type
} ne 'volume';
278 my $volid = $volume->{volume
};
280 $class->foreach_volume($snap, sub {
281 my ($ms, $mountpoint) = @_;
284 return if ($mountpoint->{type
} ne 'volume');
287 if ($mountpoint->{volume
} && $mountpoint->{volume
} eq $volid);
290 push @$unused, $volid if !$found;
296 # END implemented abstract methods from PVE::AbstractConfig
298 # BEGIN JSON config code
300 cfs_register_file
('/lxc/', \
&parse_pct_config
, \
&write_pct_config
);
303 my $valid_mount_option_re = qr/(noatime|lazytime|nodev|nosuid|noexec)/;
305 sub is_valid_mount_option
{
307 return $option =~ $valid_mount_option_re;
314 format
=> 'pve-lxc-mp-string',
315 format_description
=> 'volume',
316 description
=> 'Volume, device or directory to mount into the container.',
320 format
=> 'disk-size',
321 format_description
=> 'DiskSize',
322 description
=> 'Volume size (read only value).',
327 description
=> 'Explicitly enable or disable ACL support.',
333 description
=> 'Extra mount options for rootfs/mps.',
334 format_description
=> 'opt[;opt...]',
335 pattern
=> qr/$valid_mount_option_re(;$valid_mount_option_re)*/,
339 description
=> 'Read-only mount point',
344 description
=> 'Enable user quotas inside the container (not supported with zfs subvolumes)',
349 description
=> 'Will include this volume to a storage replica job.',
355 description
=> 'Mark this non-volume mount point as available on multiple nodes (see \'nodes\')',
356 verbose_description
=> "Mark this non-volume mount point as available on all nodes.\n\nWARNING: This option does not share the mount point automatically, it assumes it is shared already!",
362 PVE
::JSONSchema
::register_standard_option
('pve-ct-rootfs', {
363 type
=> 'string', format
=> $rootfs_desc,
364 description
=> "Use volume as container root.",
368 # IP address with optional interface suffix for link local ipv6 addresses
369 PVE
::JSONSchema
::register_format
('lxc-ip-with-ll-iface', \
&verify_ip_with_ll_iface
);
370 sub verify_ip_with_ll_iface
{
371 my ($addr, $noerr) = @_;
373 if (my ($addr, $iface) = ($addr =~ /^(fe80:[^%]+)%(.*)$/)) {
374 if (PVE
::JSONSchema
::pve_verify_ip
($addr, 1)
375 && PVE
::JSONSchema
::pve_verify_iface
($iface, 1))
381 return PVE
::JSONSchema
::pve_verify_ip
($addr, $noerr);
385 my $features_desc = {
389 description
=> "Allow mounting file systems of specific types."
390 ." This should be a list of file system types as used with the mount command."
391 ." Note that this can have negative effects on the container's security."
392 ." With access to a loop device, mounting a file can circumvent the mknod"
393 ." permission of the devices cgroup, mounting an NFS file system can"
394 ." block the host's I/O completely and prevent it from rebooting, etc.",
395 format_description
=> 'fstype;fstype;...',
396 pattern
=> qr/[a-zA-Z0-9_; ]+/,
402 description
=> "Allow nesting."
403 ." Best used with unprivileged containers with additional id mapping."
404 ." Note that this will expose procfs and sysfs contents of the host"
411 description
=> "For unprivileged containers only: Allow the use of the keyctl() system call."
412 ." This is required to use docker inside a container."
413 ." By default unprivileged containers will see this system call as non-existent."
414 ." This is mostly a workaround for systemd-networkd, as it will treat it as a fatal"
415 ." error when some keyctl() operations are denied by the kernel due to lacking permissions."
416 ." Essentially, you can choose between running systemd-networkd or docker.",
422 description
=> "Allow using 'fuse' file systems in a container."
423 ." Note that interactions between fuse and the freezer cgroup can potentially cause I/O deadlocks.",
429 description
=> "Allow unprivileged containers to use mknod() to add certain device nodes."
430 ." This requires a kernel with seccomp trap to user space support (5.3 or newer)."
431 ." This is experimental.",
437 description
=> "Mount /sys in unprivileged containers as `rw` instead of `mixed`."
438 ." This can break networking under newer (>= v245) systemd-network use."
446 description
=> "Lock/unlock the VM.",
447 enum
=> [qw(backup create destroyed disk fstrim migrate mounted rollback snapshot snapshot-delete)],
452 description
=> "Specifies whether a VM will be started during system bootup.",
455 startup
=> get_standard_option
('pve-startup-order'),
459 description
=> "Enable/disable Template.",
465 enum
=> ['amd64', 'i386', 'arm64', 'armhf'],
466 description
=> "OS architecture type.",
472 enum
=> [qw(debian devuan ubuntu centos fedora opensuse archlinux alpine gentoo unmanaged)],
473 description
=> "OS type. This is used to setup configuration inside the container, and corresponds to lxc setup scripts in /usr/share/lxc/config/<ostype>.common.conf. Value 'unmanaged' can be used to skip and OS specific setup.",
478 description
=> "Attach a console device (/dev/console) to the container.",
484 description
=> "Specify the number of tty available to the container",
492 description
=> "The number of cores assigned to the container. A container can use all available cores by default.",
499 description
=> "Limit of CPU usage.\n\nNOTE: If the computer has 2 CPUs, it has a total of '2' CPU time. Value '0' indicates no CPU limit.",
507 description
=> "CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. Number is relative to the weights of all the other running VMs.\n\nNOTE: You can disable fair-scheduler configuration by setting this to 0.",
515 description
=> "Amount of RAM for the VM in MB.",
522 description
=> "Amount of SWAP for the VM in MB.",
528 description
=> "Set a host name for the container.",
529 type
=> 'string', format
=> 'dns-name',
535 description
=> "Description for the Container. Shown in the web-interface CT's summary."
536 ." This is saved as comment inside the configuration file.",
537 maxLength
=> 1024 * 8,
541 type
=> 'string', format
=> 'dns-name-list',
542 description
=> "Sets DNS search domains for a container. Create will automatically use the setting from the host if you neither set searchdomain nor nameserver.",
546 type
=> 'string', format
=> 'lxc-ip-with-ll-iface-list',
547 description
=> "Sets DNS server IP address for a container. Create will automatically use the setting from the host if you neither set searchdomain nor nameserver.",
551 type
=> 'string', format
=> 'pve-ct-timezone',
552 description
=> "Time zone to use in the container. If option isn't set, then nothing will be done. Can be set to 'host' to match the host time zone, or an arbitrary time zone option from /usr/share/zoneinfo/zone.tab",
554 rootfs
=> get_standard_option
('pve-ct-rootfs'),
557 type
=> 'string', format
=> 'pve-configid',
559 description
=> "Parent snapshot name. This is used internally, and should not be modified.",
563 description
=> "Timestamp for snapshots.",
569 description
=> "Console mode. By default, the console command tries to open a connection to one of the available tty devices. By setting cmode to 'console' it tries to attach to /dev/console instead. If you set cmode to 'shell', it simply invokes a shell inside the container (no login).",
571 enum
=> ['shell', 'console', 'tty'],
577 description
=> "Sets the protection flag of the container. This will prevent the CT or CT's disk remove/update operation.",
583 description
=> "Makes the container run as unprivileged user. (Should not be modified manually.)",
589 format
=> $features_desc,
590 description
=> "Allow containers access to advanced features.",
595 format
=> 'pve-volume-id',
596 description
=> 'Script that will be exectued during various steps in the containers lifetime.',
599 type
=> 'string', format
=> 'pve-tag-list',
600 description
=> 'Tags of the Container. This is only meta information.',
606 description
=> "Try to be more verbose. For now this only enables debug log-level on start.",
611 my $valid_lxc_conf_keys = {
612 'lxc.apparmor.profile' => 1,
613 'lxc.apparmor.allow_incomplete' => 1,
614 'lxc.apparmor.allow_nesting' => 1,
615 'lxc.apparmor.raw' => 1,
616 'lxc.selinux.context' => 1,
620 'lxc.signal.halt' => 1,
621 'lxc.signal.reboot' => 1,
622 'lxc.signal.stop' => 1,
625 'lxc.console.logfile' => 1,
626 'lxc.console.path' => 1,
628 'lxc.devtty.dir' => 1,
629 'lxc.hook.autodev' => 1,
632 'lxc.mount.fstab' => 1,
633 'lxc.mount.entry' => 1,
634 'lxc.mount.auto' => 1,
635 'lxc.rootfs.path' => 'lxc.rootfs.path is auto generated from rootfs',
636 'lxc.rootfs.mount' => 1,
637 'lxc.rootfs.options' => 'lxc.rootfs.options is not supported' .
638 ', please use mount point options in the "rootfs" key',
644 'lxc.seccomp.profile' => 1,
645 'lxc.seccomp.notify.proxy' => 1,
646 'lxc.seccomp.notify.cookie' => 1,
648 'lxc.hook.pre-start' => 1,
649 'lxc.hook.pre-mount' => 1,
650 'lxc.hook.mount' => 1,
651 'lxc.hook.start' => 1,
652 'lxc.hook.stop' => 1,
653 'lxc.hook.post-stop' => 1,
654 'lxc.hook.clone' => 1,
655 'lxc.hook.destroy' => 1,
656 'lxc.hook.version' => 1,
657 'lxc.log.level' => 1,
659 'lxc.start.auto' => 1,
660 'lxc.start.delay' => 1,
661 'lxc.start.order' => 1,
663 'lxc.environment' => 1,
665 # All these are namespaced via CLONE_NEWIPC (see namespaces(7)).
666 'lxc.sysctl.fs.mqueue' => 1,
667 'lxc.sysctl.kernel.msgmax' => 1,
668 'lxc.sysctl.kernel.msgmnb' => 1,
669 'lxc.sysctl.kernel.msgmni' => 1,
670 'lxc.sysctl.kernel.sem' => 1,
671 'lxc.sysctl.kernel.shmall' => 1,
672 'lxc.sysctl.kernel.shmmax' => 1,
673 'lxc.sysctl.kernel.shmmni' => 1,
674 'lxc.sysctl.kernel.shm_rmid_forced' => 1,
677 my $deprecated_lxc_conf_keys = {
678 # Deprecated (removed with lxc 3.0):
679 'lxc.aa_profile' => 'lxc.apparmor.profile',
680 'lxc.aa_allow_incomplete' => 'lxc.apparmor.allow_incomplete',
681 'lxc.console' => 'lxc.console.path',
682 'lxc.devttydir' => 'lxc.tty.dir',
683 'lxc.haltsignal' => 'lxc.signal.halt',
684 'lxc.rebootsignal' => 'lxc.signal.reboot',
685 'lxc.stopsignal' => 'lxc.signal.stop',
686 'lxc.id_map' => 'lxc.idmap',
687 'lxc.init_cmd' => 'lxc.init.cmd',
688 'lxc.loglevel' => 'lxc.log.level',
689 'lxc.logfile' => 'lxc.log.file',
690 'lxc.mount' => 'lxc.mount.fstab',
691 'lxc.network.type' => 'lxc.net.INDEX.type',
692 'lxc.network.flags' => 'lxc.net.INDEX.flags',
693 'lxc.network.link' => 'lxc.net.INDEX.link',
694 'lxc.network.mtu' => 'lxc.net.INDEX.mtu',
695 'lxc.network.name' => 'lxc.net.INDEX.name',
696 'lxc.network.hwaddr' => 'lxc.net.INDEX.hwaddr',
697 'lxc.network.ipv4' => 'lxc.net.INDEX.ipv4.address',
698 'lxc.network.ipv4.gateway' => 'lxc.net.INDEX.ipv4.gateway',
699 'lxc.network.ipv6' => 'lxc.net.INDEX.ipv6.address',
700 'lxc.network.ipv6.gateway' => 'lxc.net.INDEX.ipv6.gateway',
701 'lxc.network.script.up' => 'lxc.net.INDEX.script.up',
702 'lxc.network.script.down' => 'lxc.net.INDEX.script.down',
703 'lxc.pts' => 'lxc.pty.max',
704 'lxc.se_context' => 'lxc.selinux.context',
705 'lxc.seccomp' => 'lxc.seccomp.profile',
706 'lxc.tty' => 'lxc.tty.max',
707 'lxc.utsname' => 'lxc.uts.name',
710 sub is_valid_lxc_conf_key
{
711 my ($vmid, $key) = @_;
712 if ($key =~ /^lxc\.limit\./) {
713 warn "vm $vmid - $key: lxc.limit.* was renamed to lxc.prlimit.*\n";
716 if (defined(my $new_name = $deprecated_lxc_conf_keys->{$key})) {
717 warn "vm $vmid - $key is deprecated and was renamed to $new_name\n";
720 my $validity = $valid_lxc_conf_keys->{$key};
721 return $validity if defined($validity);
722 return 1 if $key =~ /^lxc\.cgroup2?\./ # allow all cgroup values
723 || $key =~ /^lxc\.prlimit\./ # allow all prlimits
724 || $key =~ /^lxc\.net\./; # allow custom network definitions
728 our $netconf_desc = {
732 description
=> "Network interface type.",
737 format_description
=> 'string',
738 description
=> 'Name of the network device as seen from inside the container. (lxc.network.name)',
739 pattern
=> '[-_.\w\d]+',
743 format_description
=> 'bridge',
744 description
=> 'Bridge to attach the network device to.',
745 pattern
=> '[-_.\w\d]+',
748 hwaddr
=> get_standard_option
('mac-addr', {
749 description
=> 'The interface MAC address. This is dynamically allocated by default, but you can set that statically if needed, for example to always have the same link-local IPv6 address. (lxc.network.hwaddr)',
753 description
=> 'Maximum transfer unit of the interface. (lxc.network.mtu)',
754 minimum
=> 64, # minimum ethernet frame is 64 bytes
759 format
=> 'pve-ipv4-config',
760 format_description
=> '(IPv4/CIDR|dhcp|manual)',
761 description
=> 'IPv4 address in CIDR format.',
767 format_description
=> 'GatewayIPv4',
768 description
=> 'Default gateway for IPv4 traffic.',
773 format
=> 'pve-ipv6-config',
774 format_description
=> '(IPv6/CIDR|auto|dhcp|manual)',
775 description
=> 'IPv6 address in CIDR format.',
781 format_description
=> 'GatewayIPv6',
782 description
=> 'Default gateway for IPv6 traffic.',
787 description
=> "Controls whether this interface's firewall rules should be used.",
794 description
=> "VLAN tag for this interface.",
799 pattern
=> qr/\d+(?:;\d+)*/,
800 format_description
=> 'vlanid[;vlanid...]',
801 description
=> "VLAN ids to pass through the interface",
806 format_description
=> 'mbps',
807 description
=> "Apply rate limiting to the interface",
811 PVE
::JSONSchema
::register_format
('pve-lxc-network', $netconf_desc);
813 my $MAX_LXC_NETWORKS = 32;
814 for (my $i = 0; $i < $MAX_LXC_NETWORKS; $i++) {
815 $confdesc->{"net$i"} = {
817 type
=> 'string', format
=> $netconf_desc,
818 description
=> "Specifies network interfaces for the container.",
822 PVE
::JSONSchema
::register_format
('pve-ct-timezone', \
&verify_ct_timezone
);
823 sub verify_ct_timezone
{
824 my ($timezone, $noerr) = @_;
826 return if $timezone eq 'host'; # using host settings
828 PVE
::JSONSchema
::pve_verify_timezone
($timezone);
831 PVE
::JSONSchema
::register_format
('pve-lxc-mp-string', \
&verify_lxc_mp_string
);
832 sub verify_lxc_mp_string
{
833 my ($mp, $noerr) = @_;
837 # /. or /.. at the end
838 # ../ at the beginning
840 if($mp =~ m
@/\.\
.?
/@ ||
843 return undef if $noerr;
844 die "$mp contains illegal character sequences\n";
853 description
=> 'Whether to include the mount point in backups.',
854 verbose_description
=> 'Whether to include the mount point in backups '.
855 '(only used for volume mount points).',
860 format
=> 'pve-lxc-mp-string',
861 format_description
=> 'Path',
862 description
=> 'Path to the mount point as seen from inside the container '.
863 '(must not contain symlinks).',
864 verbose_description
=> "Path to the mount point as seen from inside the container.\n\n".
865 "NOTE: Must not contain any symlinks for security reasons."
868 PVE
::JSONSchema
::register_format
('pve-ct-mountpoint', $mp_desc);
874 format
=> 'pve-volume-id',
875 format_description
=> 'volume',
876 description
=> 'The volume that is not used currently.',
880 for (my $i = 0; $i < $MAX_MOUNT_POINTS; $i++) {
881 $confdesc->{"mp$i"} = {
883 type
=> 'string', format
=> $mp_desc,
884 description
=> "Use volume as container mount point. Use the special " .
885 "syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume.",
890 for (my $i = 0; $i < $MAX_UNUSED_DISKS; $i++) {
891 $confdesc->{"unused$i"} = {
893 type
=> 'string', format
=> $unused_desc,
894 description
=> "Reference to unused volumes. This is used internally, and should not be modified manually.",
898 sub parse_pct_config
{
899 my ($filename, $raw) = @_;
901 return undef if !defined($raw);
904 digest
=> Digest
::SHA
::sha1_hex
($raw),
909 $filename =~ m
|/lxc/(\d
+).conf
$|
910 || die "got strange filename '$filename'";
918 my @lines = split(/\n/, $raw);
919 foreach my $line (@lines) {
920 next if $line =~ m/^\s*$/;
922 if ($line =~ m/^\[pve:pending\]\s*$/i) {
923 $section = 'pending';
924 $conf->{description
} = $descr if $descr;
926 $conf = $res->{$section} = {};
928 } elsif ($line =~ m/^\[([a-z][a-z0-9_\-]+)\]\s*$/i) {
930 $conf->{description
} = $descr if $descr;
932 $conf = $res->{snapshots
}->{$section} = {};
936 if ($line =~ m/^\#(.*)\s*$/) {
937 $descr .= PVE
::Tools
::decode_text
($1) . "\n";
941 if ($line =~ m/^(lxc\.[a-z0-9_\-\.]+)(:|\s*=)\s*(.*?)\s*$/) {
944 my $validity = is_valid_lxc_conf_key
($vmid, $key);
945 if ($validity eq 1) {
946 push @{$conf->{lxc
}}, [$key, $value];
947 } elsif (my $errmsg = $validity) {
948 warn "vm $vmid - $key: $errmsg\n";
950 warn "vm $vmid - unable to parse config: $line\n";
952 } elsif ($line =~ m/^(description):\s*(.*\S)\s*$/) {
953 $descr .= PVE
::Tools
::decode_text
($2);
954 } elsif ($line =~ m/snapstate:\s*(prepare|delete)\s*$/) {
955 $conf->{snapstate
} = $1;
956 } elsif ($line =~ m/^delete:\s*(.*\S)\s*$/) {
958 if ($section eq 'pending') {
959 $conf->{delete} = $value;
961 warn "vm $vmid - property 'delete' is only allowed in [pve:pending]\n";
963 } elsif ($line =~ m/^([a-z][a-z_]*\d*):\s*(.+?)\s*$/) {
966 eval { $value = PVE
::LXC
::Config-
>check_type($key, $value); };
967 warn "vm $vmid - unable to parse value of '$key' - $@" if $@;
968 $conf->{$key} = $value;
970 warn "vm $vmid - unable to parse config: $line\n";
974 $conf->{description
} = $descr if $descr;
976 delete $res->{snapstate
}; # just to be sure
981 sub write_pct_config
{
982 my ($filename, $conf) = @_;
984 delete $conf->{snapstate
}; # just to be sure
986 my $volidlist = PVE
::LXC
::Config-
>get_vm_volumes($conf);
987 my $used_volids = {};
988 foreach my $vid (@$volidlist) {
989 $used_volids->{$vid} = 1;
992 # remove 'unusedX' settings if the volume is still used
993 foreach my $key (keys %$conf) {
994 my $value = $conf->{$key};
995 if ($key =~ m/^unused/ && $used_volids->{$value}) {
996 delete $conf->{$key};
1000 my $generate_raw_config = sub {
1005 # add description as comment to top of file
1006 my $descr = $conf->{description
} || '';
1007 foreach my $cl (split(/\n/, $descr)) {
1008 $raw .= '#' . PVE
::Tools
::encode_text
($cl) . "\n";
1011 foreach my $key (sort keys %$conf) {
1012 next if $key eq 'digest' || $key eq 'description' ||
1013 $key eq 'pending' || $key eq 'snapshots' ||
1014 $key eq 'snapname' || $key eq 'lxc';
1015 my $value = $conf->{$key};
1016 die "detected invalid newline inside property '$key'\n"
1018 $raw .= "$key: $value\n";
1021 if (my $lxcconf = $conf->{lxc
}) {
1022 foreach my $entry (@$lxcconf) {
1023 my ($k, $v) = @$entry;
1031 my $raw = &$generate_raw_config($conf);
1033 if (scalar(keys %{$conf->{pending
}})){
1034 $raw .= "\n[pve:pending]\n";
1035 $raw .= &$generate_raw_config($conf->{pending
});
1038 foreach my $snapname (sort keys %{$conf->{snapshots
}}) {
1039 $raw .= "\n[$snapname]\n";
1040 $raw .= &$generate_raw_config($conf->{snapshots
}->{$snapname});
1046 sub update_pct_config
{
1047 my ($class, $vmid, $conf, $running, $param, $delete, $revert) = @_;
1049 my $storage_cfg = PVE
::Storage
::config
();
1051 foreach my $opt (@$revert) {
1052 delete $conf->{pending
}->{$opt};
1053 $class->remove_from_pending_delete($conf, $opt); # also remove from deletion queue
1056 # write updates to pending section
1057 my $modified = {}; # record modified options
1059 foreach my $opt (@$delete) {
1060 if (!defined($conf->{$opt}) && !defined($conf->{pending
}->{$opt})) {
1061 warn "cannot delete '$opt' - not set in current configuration!\n";
1064 $modified->{$opt} = 1;
1065 if ($opt eq 'memory' || $opt eq 'rootfs' || $opt eq 'ostype') {
1066 die "unable to delete required option '$opt'\n";
1067 } elsif ($opt =~ m/^unused(\d+)$/) {
1068 $class->check_protection($conf, "can't remove CT $vmid drive '$opt'");
1069 } elsif ($opt =~ m/^mp(\d+)$/) {
1070 $class->check_protection($conf, "can't remove CT $vmid drive '$opt'");
1071 } elsif ($opt eq 'unprivileged') {
1072 die "unable to delete read-only option: '$opt'\n";
1074 $class->add_to_pending_delete($conf, $opt);
1077 my $check_content_type = sub {
1079 my $sid = PVE
::Storage
::parse_volume_id
($mp->{volume
});
1080 my $storage_config = PVE
::Storage
::storage_config
($storage_cfg, $sid);
1081 die "storage '$sid' does not allow content type 'rootdir' (Container)\n"
1082 if !$storage_config->{content
}->{rootdir
};
1085 foreach my $opt (sort keys %$param) { # add/change
1086 $modified->{$opt} = 1;
1087 my $value = $param->{$opt};
1088 if ($opt =~ m/^mp(\d+)$/ || $opt eq 'rootfs') {
1089 $class->check_protection($conf, "can't update CT $vmid drive '$opt'");
1090 my $mp = $class->parse_volume($opt, $value);
1091 $check_content_type->($mp) if ($mp->{type
} eq 'volume');
1092 } elsif ($opt eq 'hookscript') {
1093 PVE
::GuestHelpers
::check_hookscript
($value);
1094 } elsif ($opt eq 'nameserver') {
1095 $value = PVE
::LXC
::verify_nameserver_list
($value);
1096 } elsif ($opt eq 'searchdomain') {
1097 $value = PVE
::LXC
::verify_searchdomain_list
($value);
1098 } elsif ($opt eq 'unprivileged') {
1099 die "unable to modify read-only option: '$opt'\n";
1101 $conf->{pending
}->{$opt} = $value;
1102 $class->remove_from_pending_delete($conf, $opt);
1105 my $changes = $class->cleanup_pending($conf);
1109 $class->vmconfig_hotplug_pending($vmid, $conf, $storage_cfg, $modified, $errors);
1111 $class->vmconfig_apply_pending($vmid, $conf, $storage_cfg, $modified, $errors);
1118 my ($class, $key, $value) = @_;
1120 die "unknown setting '$key'\n" if !$confdesc->{$key};
1122 my $type = $confdesc->{$key}->{type
};
1124 if (!defined($value)) {
1125 die "got undefined value\n";
1128 if ($value =~ m/[\n\r]/) {
1129 die "property contains a line feed\n";
1132 if ($type eq 'boolean') {
1133 return 1 if ($value eq '1') || ($value =~ m/^(on|yes|true)$/i);
1134 return 0 if ($value eq '0') || ($value =~ m/^(off|no|false)$/i);
1135 die "type check ('boolean') failed - got '$value'\n";
1136 } elsif ($type eq 'integer') {
1137 return int($1) if $value =~ m/^(\d+)$/;
1138 die "type check ('integer') failed - got '$value'\n";
1139 } elsif ($type eq 'number') {
1140 return $value if $value =~ m/^(\d+)(\.\d+)?$/;
1141 die "type check ('number') failed - got '$value'\n";
1142 } elsif ($type eq 'string') {
1143 if (my $fmt = $confdesc->{$key}->{format
}) {
1144 PVE
::JSONSchema
::check_format
($fmt, $value);
1149 die "internal error"
1154 # add JSON properties for create and set function
1155 sub json_config_properties
{
1156 my ($class, $prop) = @_;
1158 foreach my $opt (keys %$confdesc) {
1159 next if $opt eq 'parent' || $opt eq 'snaptime';
1160 next if $prop->{$opt};
1161 $prop->{$opt} = $confdesc->{$opt};
1167 my $parse_ct_mountpoint_full = sub {
1168 my ($class, $desc, $data, $noerr) = @_;
1173 eval { $res = PVE
::JSONSchema
::parse_property_string
($desc, $data) };
1175 return undef if $noerr;
1179 if (defined(my $size = $res->{size
})) {
1180 $size = PVE
::JSONSchema
::parse_size
($size);
1181 if (!defined($size)) {
1182 return undef if $noerr;
1183 die "invalid size: $size\n";
1185 $res->{size
} = $size;
1188 $res->{type
} = $class->classify_mountpoint($res->{volume
});
1193 sub print_ct_mountpoint
{
1194 my ($class, $info, $nomp) = @_;
1195 my $skip = [ 'type' ];
1196 push @$skip, 'mp' if $nomp;
1197 return PVE
::JSONSchema
::print_property_string
($info, $mp_desc, $skip);
1201 my ($class, $key, $volume_string, $noerr) = @_;
1203 if ($key eq 'rootfs') {
1204 my $res = $parse_ct_mountpoint_full->($class, $rootfs_desc, $volume_string, $noerr);
1205 $res->{mp
} = '/' if defined($res);
1207 } elsif ($key =~ m/^mp\d+$/) {
1208 return $parse_ct_mountpoint_full->($class, $mp_desc, $volume_string, $noerr);
1209 } elsif ($key =~ m/^unused\d+$/) {
1210 return $parse_ct_mountpoint_full->($class, $unused_desc, $volume_string, $noerr);
1213 die "parse_volume - unknown type: $key\n" if !$noerr;
1219 my ($class, $key, $volume) = @_;
1221 return $class->print_ct_mountpoint($volume, $key eq 'rootfs');
1230 sub print_lxc_network
{
1231 my ($class, $net) = @_;
1232 return PVE
::JSONSchema
::print_property_string
($net, $netconf_desc);
1235 sub parse_lxc_network
{
1236 my ($class, $data) = @_;
1240 return $res if !$data;
1242 $res = PVE
::JSONSchema
::parse_property_string
($netconf_desc, $data);
1244 $res->{type
} = 'veth';
1245 if (!$res->{hwaddr
}) {
1246 my $dc = PVE
::Cluster
::cfs_read_file
('datacenter.cfg');
1247 $res->{hwaddr
} = PVE
::Tools
::random_ether_addr
($dc->{mac_prefix
});
1253 sub parse_features
{
1254 my ($class, $data) = @_;
1255 return {} if !$data;
1256 return PVE
::JSONSchema
::parse_property_string
($features_desc, $data);
1260 my ($class, $name) = @_;
1262 return defined($confdesc->{$name});
1264 # END JSON config code
1266 my $LXC_FASTPLUG_OPTIONS= {
1278 sub vmconfig_hotplug_pending
{
1279 my ($class, $vmid, $conf, $storecfg, $selection, $errors) = @_;
1281 my $pid = PVE
::LXC
::find_lxc_pid
($vmid);
1282 my $rootdir = "/proc/$pid/root";
1284 my $add_hotplug_error = sub {
1285 my ($opt, $msg) = @_;
1286 $errors->{$opt} = "unable to hotplug $opt: $msg";
1289 foreach my $opt (sort keys %{$conf->{pending
}}) { # add/change
1290 next if $selection && !$selection->{$opt};
1291 if ($LXC_FASTPLUG_OPTIONS->{$opt}) {
1292 $conf->{$opt} = delete $conf->{pending
}->{$opt};
1296 my $cgroup = PVE
::LXC
::CGroup-
>new($vmid);
1298 # There's no separate swap size to configure, there's memory and "total"
1299 # memory (iow. memory+swap). This means we have to change them together.
1300 my $hotplug_memory_done;
1301 my $hotplug_memory = sub {
1302 my ($wanted_memory, $wanted_swap) = @_;
1304 $wanted_memory = int($wanted_memory * 1024 * 1024) if defined($wanted_memory);
1305 $wanted_swap = int($wanted_swap * 1024 * 1024) if defined($wanted_swap);
1306 $cgroup->change_memory_limit($wanted_memory, $wanted_swap);
1308 $hotplug_memory_done = 1;
1311 my $pending_delete_hash = $class->parse_pending_delete($conf->{pending
}->{delete});
1312 # FIXME: $force deletion is not implemented for CTs
1313 foreach my $opt (sort keys %$pending_delete_hash) {
1314 next if $selection && !$selection->{$opt};
1316 if ($LXC_FASTPLUG_OPTIONS->{$opt}) {
1318 } elsif ($opt =~ m/^unused(\d+)$/) {
1319 PVE
::LXC
::delete_mountpoint_volume
($storecfg, $vmid, $conf->{$opt})
1320 if !$class->is_volume_in_use($conf, $conf->{$opt}, 1, 1);
1321 } elsif ($opt eq 'swap') {
1322 $hotplug_memory->(undef, 0);
1323 } elsif ($opt eq 'cpulimit') {
1324 $cgroup->change_cpu_quota(undef, undef); # reset, cgroup module can better decide values
1325 } elsif ($opt eq 'cpuunits') {
1326 $cgroup->change_cpu_shares(undef, $confdesc->{cpuunits
}->{default});
1327 } elsif ($opt =~ m/^net(\d)$/) {
1329 PVE
::Network
::veth_delete
("veth${vmid}i$netid");
1331 die "skip\n"; # skip non-hotpluggable opts
1335 $add_hotplug_error->($opt, $err) if $err ne "skip\n";
1337 delete $conf->{$opt};
1338 $class->remove_from_pending_delete($conf, $opt);
1342 foreach my $opt (sort keys %{$conf->{pending
}}) {
1343 next if $opt eq 'delete'; # just to be sure
1344 next if $selection && !$selection->{$opt};
1345 my $value = $conf->{pending
}->{$opt};
1347 if ($opt eq 'cpulimit') {
1348 my $quota = 100000 * $value;
1349 $cgroup->change_cpu_quota(int(100000 * $value), 100000);
1350 } elsif ($opt eq 'cpuunits') {
1351 $cgroup->change_cpu_shares($value, $confdesc->{cpuunits
}->{default});
1352 } elsif ($opt =~ m/^net(\d+)$/) {
1354 my $net = $class->parse_lxc_network($value);
1355 $value = $class->print_lxc_network($net);
1356 PVE
::LXC
::update_net
($vmid, $conf, $opt, $net, $netid, $rootdir);
1357 } elsif ($opt eq 'memory' || $opt eq 'swap') {
1358 if (!$hotplug_memory_done) { # don't call twice if both opts are passed
1359 $hotplug_memory->($conf->{pending
}->{memory
}, $conf->{pending
}->{swap
});
1361 } elsif ($opt =~ m/^mp(\d+)$/) {
1362 if (!PVE
::LXC
::Tools
::can_use_new_mount_api
()) {
1366 if (exists($conf->{$opt})) {
1367 die "skip\n"; # don't try to hotplug over existing mp
1370 $class->apply_pending_mountpoint($vmid, $conf, $opt, $storecfg, 1);
1371 # apply_pending_mountpoint modifies the value if it creates a new disk
1372 $value = $conf->{pending
}->{$opt};
1374 die "skip\n"; # skip non-hotpluggable
1378 $add_hotplug_error->($opt, $err) if $err ne "skip\n";
1380 $conf->{$opt} = $value;
1381 delete $conf->{pending
}->{$opt};
1386 sub vmconfig_apply_pending
{
1387 my ($class, $vmid, $conf, $storecfg, $selection, $errors) = @_;
1389 my $add_apply_error = sub {
1390 my ($opt, $msg) = @_;
1391 my $err_msg = "unable to apply pending change $opt : $msg";
1392 $errors->{$opt} = $err_msg;
1396 my $pending_delete_hash = $class->parse_pending_delete($conf->{pending
}->{delete});
1397 # FIXME: $force deletion is not implemented for CTs
1398 foreach my $opt (sort keys %$pending_delete_hash) {
1399 next if $selection && !$selection->{$opt};
1401 if ($opt =~ m/^mp(\d+)$/) {
1402 my $mp = $class->parse_volume($opt, $conf->{$opt});
1403 if ($mp->{type
} eq 'volume') {
1404 $class->add_unused_volume($conf, $mp->{volume
})
1405 if !$class->is_volume_in_use($conf, $conf->{$opt}, 1, 1);
1407 } elsif ($opt =~ m/^unused(\d+)$/) {
1408 PVE
::LXC
::delete_mountpoint_volume
($storecfg, $vmid, $conf->{$opt})
1409 if !$class->is_volume_in_use($conf, $conf->{$opt}, 1, 1);
1413 $add_apply_error->($opt, $err);
1415 delete $conf->{$opt};
1416 $class->remove_from_pending_delete($conf, $opt);
1420 $class->cleanup_pending($conf);
1422 foreach my $opt (sort keys %{$conf->{pending
}}) { # add/change
1423 next if $opt eq 'delete'; # just to be sure
1424 next if $selection && !$selection->{$opt};
1426 if ($opt =~ m/^mp(\d+)$/) {
1427 $class->apply_pending_mountpoint($vmid, $conf, $opt, $storecfg, 0);
1428 } elsif ($opt =~ m/^net(\d+)$/) {
1430 my $net = $class->parse_lxc_network($conf->{pending
}->{$opt});
1431 $conf->{pending
}->{$opt} = $class->print_lxc_network($net);
1435 $add_apply_error->($opt, $err);
1437 $conf->{$opt} = delete $conf->{pending
}->{$opt};
1442 my $rescan_volume = sub {
1443 my ($storecfg, $mp) = @_;
1445 $mp->{size
} = PVE
::Storage
::volume_size_info
($storecfg, $mp->{volume
}, 5);
1447 warn "Could not rescan volume size - $@\n" if $@;
1450 sub apply_pending_mountpoint
{
1451 my ($class, $vmid, $conf, $opt, $storecfg, $running) = @_;
1453 my $mp = $class->parse_volume($opt, $conf->{pending
}->{$opt});
1454 my $old = $conf->{$opt};
1455 if ($mp->{type
} eq 'volume') {
1456 if ($mp->{volume
} =~ $PVE::LXC
::NEW_DISK_RE
) {
1457 my $original_value = $conf->{pending
}->{$opt};
1458 my $vollist = PVE
::LXC
::create_disks
(
1461 { $opt => $original_value },
1466 # Re-parse mount point:
1467 my $mp = $class->parse_volume($opt, $conf->{pending
}->{$opt});
1469 PVE
::LXC
::mountpoint_hotplug
($vmid, $conf, $opt, $mp, $storecfg);
1473 PVE
::LXC
::destroy_disks
($storecfg, $vollist);
1474 # The pending-changes code collects errors but keeps on looping through further
1475 # pending changes, so unroll the change in $conf as well if destroy_disks()
1477 $conf->{pending
}->{$opt} = $original_value;
1482 die "skip\n" if $running && defined($old); # TODO: "changing" mount points?
1483 $rescan_volume->($storecfg, $mp);
1485 PVE
::LXC
::mountpoint_hotplug
($vmid, $conf, $opt, $mp, $storecfg);
1487 $conf->{pending
}->{$opt} = $class->print_ct_mountpoint($mp);
1491 if (defined($old)) {
1492 my $mp = $class->parse_volume($opt, $old);
1493 if ($mp->{type
} eq 'volume') {
1494 $class->add_unused_volume($conf, $mp->{volume
})
1495 if !$class->is_volume_in_use($conf, $conf->{$opt}, 1, 1);
1500 sub classify_mountpoint
{
1501 my ($class, $vol) = @_;
1502 if ($vol =~ m!^/!) {
1503 return 'device' if $vol =~ m!^/dev/!;
1509 my $__is_volume_in_use = sub {
1510 my ($class, $config, $volid) = @_;
1513 $class->foreach_volume($config, sub {
1514 my ($ms, $mountpoint) = @_;
1516 $used = $mountpoint->{type
} eq 'volume' && $mountpoint->{volume
} eq $volid;
1522 sub is_volume_in_use_by_snapshots
{
1523 my ($class, $config, $volid) = @_;
1525 if (my $snapshots = $config->{snapshots
}) {
1526 foreach my $snap (keys %$snapshots) {
1527 return 1 if $__is_volume_in_use->($class, $snapshots->{$snap}, $volid);
1534 sub is_volume_in_use
{
1535 my ($class, $config, $volid, $include_snapshots, $include_pending) = @_;
1536 return 1 if $__is_volume_in_use->($class, $config, $volid);
1537 return 1 if $include_snapshots && $class->is_volume_in_use_by_snapshots($config, $volid);
1538 return 1 if $include_pending && $__is_volume_in_use->($class, $config->{pending
}, $volid);
1542 sub has_dev_console
{
1543 my ($class, $conf) = @_;
1545 return !(defined($conf->{console
}) && !$conf->{console
});
1549 my ($class, $conf, $keyname) = @_;
1551 if (my $lxcconf = $conf->{lxc
}) {
1552 foreach my $entry (@$lxcconf) {
1553 my ($key, undef) = @$entry;
1554 return 1 if $key eq $keyname;
1562 my ($class, $conf) = @_;
1564 return $conf->{tty
} // $confdesc->{tty
}->{default};
1568 my ($class, $conf) = @_;
1570 return $conf->{cmode
} // $confdesc->{cmode
}->{default};
1573 sub valid_volume_keys
{
1574 my ($class, $reverse) = @_;
1576 my @names = ('rootfs');
1578 for (my $i = 0; $i < $MAX_MOUNT_POINTS; $i++) {
1579 push @names, "mp$i";
1582 return $reverse ?
reverse @names : @names;
1585 sub valid_volume_keys_with_unused
{
1586 my ($class, $reverse) = @_;
1587 my @names = $class->valid_volume_keys();
1588 for (my $i = 0; $i < $MAX_UNUSED_DISKS; $i++) {
1589 push @names, "unused$i";
1591 return $reverse ?
reverse @names : @names;
1594 sub get_vm_volumes
{
1595 my ($class, $conf, $excludes) = @_;
1599 $class->foreach_volume($conf, sub {
1600 my ($ms, $mountpoint) = @_;
1602 return if $excludes && $ms eq $excludes;
1604 my $volid = $mountpoint->{volume
};
1605 return if !$volid || $mountpoint->{type
} ne 'volume';
1607 my ($sid, $volname) = PVE
::Storage
::parse_volume_id
($volid, 1);
1610 push @$vollist, $volid;
1616 sub get_replicatable_volumes
{
1617 my ($class, $storecfg, $vmid, $conf, $cleanup, $noerr) = @_;
1621 my $test_volid = sub {
1622 my ($volid, $mountpoint) = @_;
1626 my $mptype = $mountpoint->{type
};
1627 my $replicate = $mountpoint->{replicate
} // 1;
1629 if ($mptype ne 'volume') {
1630 # skip bindmounts if replicate = 0 even for cleanup,
1631 # since bind mounts could not have been replicated ever
1632 return if !$replicate;
1633 die "unable to replicate mountpoint type '$mptype'\n";
1636 my ($storeid, $volname) = PVE
::Storage
::parse_volume_id
($volid, $noerr);
1637 return if !$storeid;
1639 my $scfg = PVE
::Storage
::storage_config
($storecfg, $storeid);
1640 return if $scfg->{shared
};
1642 my ($path, $owner, $vtype) = PVE
::Storage
::path
($storecfg, $volid);
1643 return if !$owner || ($owner != $vmid);
1645 die "unable to replicate volume '$volid', type '$vtype'\n" if $vtype ne 'images';
1647 return if !$cleanup && !$replicate;
1649 if (!PVE
::Storage
::volume_has_feature
($storecfg, 'replicate', $volid)) {
1650 return if $cleanup || $noerr;
1651 die "missing replicate feature on volume '$volid'\n";
1654 $volhash->{$volid} = 1;
1657 $class->foreach_volume($conf, sub {
1658 my ($ms, $mountpoint) = @_;
1659 $test_volid->($mountpoint->{volume
}, $mountpoint);
1662 foreach my $snapname (keys %{$conf->{snapshots
}}) {
1663 my $snap = $conf->{snapshots
}->{$snapname};
1664 $class->foreach_volume($snap, sub {
1665 my ($ms, $mountpoint) = @_;
1666 $test_volid->($mountpoint->{volume
}, $mountpoint);
1670 # add 'unusedX' volumes to volhash
1671 foreach my $key (keys %$conf) {
1672 if ($key =~ m/^unused/) {
1673 $test_volid->($conf->{$key}, { type
=> 'volume', replicate
=> 1 });
1680 sub get_backup_volumes
{
1681 my ($class, $conf) = @_;
1683 my $return_volumes = [];
1685 my $test_mountpoint = sub {
1686 my ($key, $volume) = @_;
1688 my ($included, $reason) = $class->mountpoint_backup_enabled($key, $volume);
1690 push @$return_volumes, {
1692 included
=> $included,
1694 volume_config
=> $volume,
1698 PVE
::LXC
::Config-
>foreach_volume($conf, $test_mountpoint);
1700 return $return_volumes;