ostype => {
optional => 1,
type => 'string',
- enum => ['debian', 'ubuntu', 'centos', 'fedora', 'opensuse', 'archlinux'],
+ enum => ['debian', 'ubuntu', 'centos', 'fedora', 'opensuse', 'archlinux', 'alpine'],
description => "OS type. Corresponds to lxc setup scripts in /usr/share/lxc/config/<ostype>.common.conf.",
},
console => {
my $custom_idmap = grep { $_->[0] eq 'lxc.id_map' } @{$conf->{lxc}};
my $ostype = $conf->{ostype} || die "missing 'ostype' - internal error";
- if ($ostype =~ /^(?:debian | ubuntu | centos | fedora | opensuse | archlinux)$/x) {
- $raw .= "lxc.include = /usr/share/lxc/config/$ostype.common.conf\n";
+ if ($ostype =~ /^(?:debian | ubuntu | centos | fedora | opensuse | archlinux | alpine)$/x) {
+ my $inc ="/usr/share/lxc/config/$ostype.common.conf";
+ $inc ="/usr/share/lxc/config/common.conf" if !-f $inc;
+ $raw .= "lxc.include = $inc\n";
if ($unprivileged || $custom_idmap) {
- $raw .= "lxc.include = /usr/share/lxc/config/$ostype.userns.conf\n"
+ $inc = "/usr/share/lxc/config/$ostype.userns.conf";
+ $inc = "/usr/share/lxc/config/userns.conf" if !-f $inc;
+ $raw .= "lxc.include = $inc\n"
}
} else {
die "implement me (ostype $ostype)";
return join(' ', @list);
}
+sub is_volume_in_use {
+ my ($config, $volid) = @_;
+ my $used = 0;
+
+ foreach_mountpoint($config, sub {
+ my ($ms, $mountpoint) = @_;
+ return if $used;
+ if ($mountpoint->{type} eq 'volume' && $mountpoint->{volume} eq $volid) {
+ $used = 1;
+ }
+ });
+
+ return $used;
+}
+
sub add_unused_volume {
my ($config, $volid) = @_;
} elsif ($opt =~ m/^mp(\d+)$/) {
next if $hotplug_error->($opt);
check_protection($conf, "can't remove CT $vmid drive '$opt'");
- my $mountpoint = parse_ct_mountpoint($conf->{$opt});
- if ($mountpoint->{type} eq 'volume') {
- add_unused_volume($conf, $mountpoint->{volume})
- }
+ my $mp = parse_ct_mountpoint($conf->{$opt});
delete $conf->{$opt};
+ if ($mp->{type} eq 'volume' && !is_volume_in_use($conf, $mp->{volume})) {
+ add_unused_volume($conf, $mp->{volume});
+ }
} elsif ($opt eq 'unprivileged') {
die "unable to delete read-only option: '$opt'\n";
} else {
} elsif ($opt =~ m/^mp(\d+)$/) {
next if $hotplug_error->($opt);
check_protection($conf, "can't update CT $vmid drive '$opt'");
+ my $old = $conf->{$opt};
$conf->{$opt} = $value;
+ if (defined($old)) {
+ my $mp = parse_ct_mountpoint($old);
+ if ($mp->{type} eq 'volume' && !is_volume_in_use($conf, $mp->{volume})) {
+ add_unused_volume($conf, $mp->{volume});
+ }
+ }
$new_disks = 1;
} elsif ($opt eq 'rootfs') {
next if $hotplug_error->($opt);
check_protection($conf, "can't update CT $vmid drive '$opt'");
+ my $old = $conf->{$opt};
$conf->{$opt} = $value;
+ if (defined($old)) {
+ my $mp = parse_ct_rootfs($old);
+ if ($mp->{type} eq 'volume' && !is_volume_in_use($conf, $mp->{volume})) {
+ add_unused_volume($conf, $mp->{volume});
+ }
+ }
} elsif ($opt eq 'unprivileged') {
die "unable to modify read-only option: '$opt'\n";
} else {
next if $k eq 'lock';
next if $k eq 'digest';
next if $k eq 'description';
+ next if $k =~ m/^unused\d+$/;
$dest->{$k} = $source->{$k};
}
};
-my $snapshot_prepare = sub {
- my ($vmid, $snapname, $comment) = @_;
+my $snapshot_apply_config = sub {
+ my ($conf, $snap) = @_;
+
+ # copy snapshot list
+ my $newconf = {
+ snapshots => $conf->{snapshots},
+ };
+
+ # keep description and list of unused disks
+ foreach my $k (keys %$conf) {
+ next if !($k =~ m/^unused\d+$/ || $k eq 'description');
+ $newconf->{$k} = $conf->{$k};
+ }
+
+ &$snapshot_copy_config($snap, $newconf);
+
+ return $newconf;
+};
+
+my $snapshot_save_vmstate = sub {
+ die "implement me - snapshot_save_vmstate\n";
+};
+
+sub snapshot_prepare {
+ my ($vmid, $snapname, $save_vmstate, $comment) = @_;
my $snap;
if defined($conf->{snapshots}->{$snapname});
my $storecfg = PVE::Storage::config();
+
+ # workaround until mp snapshots are implemented
my $feature = $snapname eq 'vzdump' ? 'vzdump' : 'snapshot';
die "snapshot feature is not available\n" if !has_feature($feature, $conf, $storecfg);
$snap = $conf->{snapshots}->{$snapname} = {};
+ if ($save_vmstate && check_running($vmid)) {
+ &$snapshot_save_vmstate($vmid, $conf, $snapname, $storecfg);
+ }
+
&$snapshot_copy_config($conf, $snap);
- $snap->{'snapstate'} = "prepare";
- $snap->{'snaptime'} = time();
- $snap->{'description'} = $comment if $comment;
- $conf->{snapshots}->{$snapname} = $snap;
+ $snap->{snapstate} = "prepare";
+ $snap->{snaptime} = time();
+ $snap->{description} = $comment if $comment;
write_config($vmid, $conf);
};
lock_config($vmid, $updatefn);
return $snap;
-};
+}
-my $snapshot_commit = sub {
+sub snapshot_commit {
my ($vmid, $snapname) = @_;
my $updatefn = sub {
die "missing snapshot lock\n"
if !($conf->{lock} && $conf->{lock} eq 'snapshot');
- die "snapshot '$snapname' does not exist\n"
- if !defined($conf->{snapshots}->{$snapname});
+ my $snap = $conf->{snapshots}->{$snapname};
+ die "snapshot '$snapname' does not exist\n" if !defined($snap);
die "wrong snapshot state\n"
- if !($conf->{snapshots}->{$snapname}->{'snapstate'} &&
- $conf->{snapshots}->{$snapname}->{'snapstate'} eq "prepare");
+ if !($snap->{snapstate} && $snap->{snapstate} eq "prepare");
- delete $conf->{snapshots}->{$snapname}->{'snapstate'};
+ delete $snap->{snapstate};
delete $conf->{lock};
- $conf->{parent} = $snapname;
- write_config($vmid, $conf);
+ my $newconf = &$snapshot_apply_config($conf, $snap);
+
+ $newconf->{parent} = $snapname;
+
+ write_config($vmid, $newconf);
};
- lock_config($vmid ,$updatefn);
-};
+ lock_config($vmid, $updatefn);
+}
sub has_feature {
my ($feature, $conf, $storecfg, $snapname) = @_;
}
sub snapshot_create {
- my ($vmid, $snapname, $comment) = @_;
+ my ($vmid, $snapname, $save_vmstate, $comment) = @_;
- my $snap = &$snapshot_prepare($vmid, $snapname, $comment);
+ my $snap = snapshot_prepare($vmid, $snapname, $save_vmstate, $comment);
my $conf = load_config($vmid);
die "$err\n";
}
- &$snapshot_commit($vmid, $snapname);
+ snapshot_commit($vmid, $snapname);
}
# Note: $drivehash is only set when called from snapshot_create.
sub snapshot_delete {
my ($vmid, $snapname, $force, $drivehash) = @_;
- my $snap;
-
- my $conf;
-
- my $updatefn = sub {
-
- $conf = load_config($vmid);
-
- die "you can't delete a snapshot if vm is a template\n"
- if is_template($conf);
-
- $snap = $conf->{snapshots}->{$snapname};
-
- if (!$drivehash) {
- check_lock($conf);
- }
-
- die "snapshot '$snapname' does not exist\n" if !defined($snap);
-
- $snap->{snapstate} = 'delete';
+ my $prepare = 1;
- write_config($vmid, $conf);
- };
-
- lock_config($vmid, $updatefn);
-
- my $storecfg = PVE::Storage::config();
+ my $snap;
my $unlink_parent = sub {
-
my ($confref, $new_parent) = @_;
if ($confref->{parent} && $confref->{parent} eq $snapname) {
}
};
- my $del_snap = sub {
+ my $updatefn = sub {
+ my ($remove_drive) = @_;
- $conf = load_config($vmid);
+ my $conf = load_config($vmid);
- if ($drivehash) {
- delete $conf->{lock};
- } else {
+ if (!$drivehash) {
check_lock($conf);
+ die "you can't delete a snapshot if vm is a template\n"
+ if is_template($conf);
}
- my $parent = $conf->{snapshots}->{$snapname}->{parent};
- foreach my $snapkey (keys %{$conf->{snapshots}}) {
- &$unlink_parent($conf->{snapshots}->{$snapkey}, $parent);
+ $snap = $conf->{snapshots}->{$snapname};
+
+ die "snapshot '$snapname' does not exist\n" if !defined($snap);
+
+ # remove parent refs
+ if (!$prepare) {
+ &$unlink_parent($conf, $snap->{parent});
+ foreach my $sn (keys %{$conf->{snapshots}}) {
+ next if $sn eq $snapname;
+ &$unlink_parent($conf->{snapshots}->{$sn}, $snap->{parent});
+ }
}
- &$unlink_parent($conf, $parent);
+ if ($remove_drive) {
+ if ($remove_drive eq 'vmstate') {
+ die "implement me - saving vmstate\n";
+ } else {
+ die "implement me - remove drive\n";
+ }
+ }
- delete $conf->{snapshots}->{$snapname};
+ if ($prepare) {
+ $snap->{snapstate} = 'delete';
+ } else {
+ delete $conf->{snapshots}->{$snapname};
+ delete $conf->{lock} if $drivehash;
+ }
write_config($vmid, $conf);
};
- my $rootfs = $conf->{snapshots}->{$snapname}->{rootfs};
- my $rootinfo = parse_ct_rootfs($rootfs);
- my $volid = $rootinfo->{volume};
+ lock_config($vmid, $updatefn);
+
+ # now remove vmstate file
+ # never set for LXC!
+ my $storecfg = PVE::Storage::config();
+
+ if ($snap->{vmstate}) {
+ die "implement me - saving vmstate\n";
+ };
+ # now remove all volume snapshots
+ # only rootfs for now!
eval {
+ my $rootfs = $snap->{rootfs};
+ my $rootinfo = parse_ct_rootfs($rootfs);
+ my $volid = $rootinfo->{volume};
PVE::Storage::volume_snapshot_delete($storecfg, $volid, $snapname);
};
- my $err = $@;
-
- if(!$err || ($err && $force)) {
- lock_config($vmid, $del_snap);
- if ($err) {
- die "Can't delete snapshot: $vmid $snapname $err\n";
- }
+ if (my $err = $@) {
+ die $err if !$force;
+ warn $err;
}
+
+ # now cleanup config
+ $prepare = 0;
+ lock_config($vmid, $updatefn);
}
sub snapshot_rollback {
my ($vmid, $snapname) = @_;
+ my $prepare = 1;
+
my $storecfg = PVE::Storage::config();
my $conf = load_config($vmid);
- die "you can't rollback if vm is a template\n" if is_template($conf);
+ my $get_snapshot_config = sub {
+
+ die "you can't rollback if vm is a template\n" if is_template($conf);
+
+ my $res = $conf->{snapshots}->{$snapname};
+
+ die "snapshot '$snapname' does not exist\n" if !defined($res);
- my $snap = $conf->{snapshots}->{$snapname};
+ return $res;
+ };
- die "snapshot '$snapname' does not exist\n" if !defined($snap);
+ my $snap = &$get_snapshot_config();
+ # only for rootfs for now!
my $rootfs = $snap->{rootfs};
my $rootinfo = parse_ct_rootfs($rootfs);
my $volid = $rootinfo->{volume};
my $updatefn = sub {
- die "unable to rollback to incomplete snapshot (snapstate = $snap->{snapstate})\n"
- if $snap->{snapstate};
+ $conf = load_config($vmid);
- check_lock($conf);
+ $snap = &$get_snapshot_config();
- system("lxc-stop -n $vmid --kill") if check_running($vmid);
+ die "unable to rollback to incomplete snapshot (snapstate = $snap->{snapstate})\n"
+ if $snap->{snapstate};
+
+ if ($prepare) {
+ check_lock($conf);
+ system("lxc-stop -n $vmid --kill") if check_running($vmid);
+ }
die "unable to rollback vm $vmid: vm is running\n"
if check_running($vmid);
- $conf->{lock} = 'rollback';
+ if ($prepare) {
+ $conf->{lock} = 'rollback';
+ } else {
+ die "got wrong lock\n" if !($conf->{lock} && $conf->{lock} eq 'rollback');
+ delete $conf->{lock};
+ }
my $forcemachine;
- # copy snapshot config to current config
-
- my $tmp_conf = $conf;
- &$snapshot_copy_config($tmp_conf->{snapshots}->{$snapname}, $conf);
- $conf->{snapshots} = $tmp_conf->{snapshots};
- delete $conf->{snaptime};
- delete $conf->{snapname};
- $conf->{parent} = $snapname;
+ if (!$prepare) {
+ # copy snapshot config to current config
+ $conf = &$snapshot_apply_config($conf, $snap);
+ $conf->{parent} = $snapname;
+ }
write_config($vmid, $conf);
- };
- my $unlockfn = sub {
- delete $conf->{lock};
- write_config($vmid, $conf);
+ if (!$prepare && $snap->{vmstate}) {
+ die "implement me - save vmstate";
+ }
};
lock_config($vmid, $updatefn);
+ # only rootfs for now!
PVE::Storage::volume_snapshot_rollback($storecfg, $volid, $snapname);
- lock_config($vmid, $unlockfn);
+ $prepare = 0;
+ lock_config($vmid, $updatefn);
}
sub template_create {
return $device;
}
+sub bindmount {
+ my ($dir, $dest, $ro, @extra_opts) = @_;
+ PVE::Tools::run_command(['mount', '-o', 'bind', @extra_opts, $dir, $dest]);
+ if ($ro) {
+ eval { PVE::Tools::run_command(['mount', '-o', 'bind,remount,ro', $dest]); };
+ if (my $err = $@) {
+ warn "bindmount error\n";
+ # don't leave writable bind-mounts behind...
+ PVE::Tools::run_command(['umount', $dest]);
+ die $err;
+ }
+ }
+}
+
# use $rootdir = undef to just return the corresponding mount path
sub mountpoint_mount {
my ($mountpoint, $rootdir, $storage_cfg, $snapname) = @_;
if (defined($mountpoint->{acl})) {
$optstring .= ($mountpoint->{acl} ? 'acl' : 'noacl');
}
- if ($mountpoint->{ro}) {
- $optstring .= ',' if $optstring;
- $optstring .= 'ro';
- }
+ my $readonly = $mountpoint->{ro};
my @extra_opts = ('-o', $optstring);
die "cannot mount subvol snapshots for storage type '$scfg->{type}'\n";
}
} else {
- if ($mountpoint->{ro}) {
- die "read-only bind mounts not supported\n";
- }
- PVE::Tools::run_command(['mount', '-o', 'bind', @extra_opts, $path, $mount_path]);
+ bindmount($path, $mount_path, $readonly, @extra_opts);
warn "cannot enable quota control for bind mounted subvolumes\n" if $quota;
}
}
if ($quota) {
push @extra_opts, '-o', 'usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0';
}
+ push @extra_opts, '-o', 'ro' if $readonly;
PVE::Tools::run_command(['mount', @extra_opts, $path, $mount_path]);
}
}
die "unsupported image format '$format'\n";
}
} elsif ($type eq 'device') {
+ push @extra_opts, '-o', 'ro' if $readonly;
PVE::Tools::run_command(['mount', @extra_opts, $volid, $mount_path]) if $mount_path;
return wantarray ? ($volid, 0, $volid) : $volid;
} elsif ($type eq 'bind') {
- if ($mountpoint->{ro}) {
- die "read-only bind mounts not supported\n";
- # Theoretically we'd have to execute both:
- # mount -o bind $a $b
- # mount -o bind,remount,ro $a $b
- }
die "directory '$volid' does not exist\n" if ! -d $volid;
&$check_mount_path($volid);
- PVE::Tools::run_command(['mount', '-o', 'bind', @extra_opts, $volid, $mount_path]) if $mount_path;
+ bindmount($volid, $mount_path, $readonly, @extra_opts) if $mount_path;
warn "cannot enable quota control for bind mounts\n" if $quota;
return wantarray ? ($volid, 0, undef) : $volid;
}