From 81a3384d549f91afab40bf8785576f502334d0ea Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Fri, 18 Nov 2022 07:57:28 +0100 Subject: [PATCH] update static/schema information Signed-off-by: Thomas Lamprecht --- api-viewer/apidata.js | 753 +++++++++++++++++++++++++++++++++++-- datacenter.cfg.5-opts.adoc | 48 ++- pct-network-opts.adoc | 2 +- pct.1-synopsis.adoc | 45 +++ pct.conf.5-opts.adoc | 2 +- pve-firewall-macros.adoc | 9 + qm.1-synopsis.adoc | 41 +- qm.conf.5-opts.adoc | 4 +- 8 files changed, 866 insertions(+), 38 deletions(-) diff --git a/api-viewer/apidata.js b/api-viewer/apidata.js index 63c38da..7a5c34b 100644 --- a/api-viewer/apidata.js +++ b/api-viewer/apidata.js @@ -2596,6 +2596,12 @@ const apiSchema = [ "parameters" : { "additionalProperties" : 0, "properties" : { + "force" : { + "description" : "Delete all members of the IPSet, if there are any.", + "optional" : 1, + "type" : "boolean", + "typetext" : "" + }, "name" : { "description" : "IP set name.", "maxLength" : 64, @@ -8434,6 +8440,11 @@ const apiSchema = [ "returns" : { "items" : { "properties" : { + "cgroup-mode" : { + "description" : "The cgroup mode the node operates under (when type == node).", + "optional" : 1, + "type" : "integer" + }, "content" : { "description" : "Allowed storage content types (when type == storage).", "format" : "pve-storage-content-list", @@ -8595,7 +8606,7 @@ const apiSchema = [ "info" : { "GET" : { "allowtoken" : 1, - "description" : "Get datacenter options.", + "description" : "Get datacenter options. Without 'Sys.Audit' on '/' not all options are returned.", "method" : "GET", "name" : "get_options", "parameters" : { @@ -8608,7 +8619,8 @@ const apiSchema = [ [ "Sys.Audit" ] - ] + ], + "user" : "all" }, "returns" : { "type" : "object" @@ -8676,6 +8688,24 @@ const apiSchema = [ "optional" : 1, "type" : "string" }, + "crs" : { + "description" : "Cluster resource scheduling settings.", + "format" : { + "ha" : { + "default" : "basic", + "description" : "Use this resource scheduler mode for HA.", + "enum" : [ + "basic", + "static" + ], + "type" : "string", + "verbose_description" : "Configures how the HA manager should select nodes to start or recover services. With 'basic', only the number of services is used, with 'static', static CPU and memory configuration of services is considered." + } + }, + "optional" : 1, + "type" : "string", + "typetext" : "ha=" + }, "delete" : { "description" : "A list of settings you want to delete.", "format" : "pve-configid-list", @@ -8863,6 +8893,50 @@ const apiSchema = [ "type" : "string", "typetext" : "[lower=] [,upper=]" }, + "registered-tags" : { + "description" : "A list of tags that require a `Sys.Modify` on '/' to set and delete. Tags set here that are also in 'user-tag-access' also require `Sys.Modify`.", + "optional" : 1, + "pattern" : "(?:(?^i:[a-z0-9_][a-z0-9_\\-\\+\\.]*);)*(?^i:[a-z0-9_][a-z0-9_\\-\\+\\.]*)", + "type" : "string", + "typetext" : "[;...]" + }, + "tag-style" : { + "description" : "Tag style options.", + "format" : { + "color-map" : { + "description" : "Manual color mapping for tags (semicolon separated).", + "optional" : 1, + "pattern" : "(?:(?^i:[a-z0-9_][a-z0-9_\\-\\+\\.]*):[0-9a-fA-F]{6}(?::[0-9a-fA-F]{6})?)(?:;(?:(?^i:[a-z0-9_][a-z0-9_\\-\\+\\.]*):[0-9a-fA-F]{6}(?::[0-9a-fA-F]{6})?))*", + "type" : "string", + "typetext" : ":[:][;=...]" + }, + "ordering" : { + "default" : "alphabetical", + "description" : "Controls the sorting of the tags in the web ui.", + "enum" : [ + "config", + "alphabetical" + ], + "optional" : 1, + "type" : "string" + }, + "shape" : { + "default" : "circle", + "description" : "Tag shape for the web ui tree. 'full' draws the full tag. 'circle' draws only a circle with the background color. 'dense' only draws a small rectancle (useful when many tags are assigned to each guest).'none' disables showing the tags.", + "enum" : [ + "full", + "circle", + "dense", + "none" + ], + "optional" : 1, + "type" : "string" + } + }, + "optional" : 1, + "type" : "string", + "typetext" : "[color-map=:[:][;=...]] [,ordering=] [,shape=]" + }, "u2f" : { "description" : "u2f", "format" : { @@ -8883,11 +8957,45 @@ const apiSchema = [ "type" : "string", "typetext" : "[appid=] [,origin=]" }, + "user-tag-access" : { + "description" : "Privilege options for user-settable tags", + "format" : { + "user-allow" : { + "default" : "free", + "description" : "Controls tag usage for users without `Sys.Modify` on `/` by either allowing `none`, a `list`, already `existing` or anything (`free`).", + "enum" : [ + "none", + "list", + "existing", + "free" + ], + "optional" : 1, + "type" : "string", + "verbose_description" : "Controls which tags can be set or deleted on resources a user controls (such as guests). Users with the `Sys.Modify` privilege on `/` are always unrestricted. 'none' no tags are usable. 'list' tasg from 'user-allow'list' are usable. 'existing' like list, but already existing tags of resources are also usable.'free' no tag restrictions." + }, + "user-allow-list" : { + "description" : "List of tags users are allowed to set and delete (semicolon separated) for 'user-allow' values 'list' and 'existing'.", + "optional" : 1, + "pattern" : "(?^i:[a-z0-9_][a-z0-9_\\-\\+\\.]*)(?:;(?^i:[a-z0-9_][a-z0-9_\\-\\+\\.]*))*", + "type" : "string", + "typetext" : "[;...]" + } + }, + "optional" : 1, + "type" : "string", + "typetext" : "[user-allow=] [,user-allow-list=[;...]]" + }, "webauthn" : { "description" : "webauthn configuration", "format" : { + "allow-subdomains" : { + "default" : 1, + "description" : "Whether to allow the origin to be a subdomain, rather than the exact URL.", + "optional" : 1, + "type" : "boolean" + }, "id" : { - "description" : "Relying part ID. Must be the domain name without protocol, port or location. Changing this *will* break existing credentials.", + "description" : "Relying party ID. Must be the domain name without protocol, port or location. Changing this *will* break existing credentials.", "format_description" : "DOMAINNAME", "optional" : 1, "type" : "string" @@ -8907,7 +9015,7 @@ const apiSchema = [ }, "optional" : 1, "type" : "string", - "typetext" : "[id=] [,origin=] [,rp=]" + "typetext" : "[allow-subdomains=<1|0>] [,id=] [,origin=] [,rp=]" } } }, @@ -10152,6 +10260,12 @@ const apiSchema = [ "parameters" : { "additionalProperties" : 0, "properties" : { + "force" : { + "description" : "Delete all members of the IPSet, if there are any.", + "optional" : 1, + "type" : "boolean", + "typetext" : "" + }, "name" : { "description" : "IP set name.", "maxLength" : 64, @@ -12503,7 +12617,7 @@ const apiSchema = [ "type" : "boolean" }, "affinity" : { - "description" : "List of host cores used to execute guest processes.", + "description" : "List of host cores used to execute guest processes, for example: 0,5,8-11", "format" : "pve-cpuset", "optional" : 1, "type" : "string" @@ -13334,7 +13448,7 @@ const apiSchema = [ }, "queues" : { "description" : "Number of packet queues to be used on the device.", - "maximum" : 16, + "maximum" : 64, "minimum" : 0, "optional" : 1, "type" : "integer" @@ -14745,7 +14859,7 @@ const apiSchema = [ "typetext" : "" }, "affinity" : { - "description" : "List of host cores used to execute guest processes.", + "description" : "List of host cores used to execute guest processes, for example: 0,5,8-11", "format" : "pve-cpuset", "optional" : 1, "type" : "string", @@ -15646,7 +15760,7 @@ const apiSchema = [ }, "queues" : { "description" : "Number of packet queues to be used on the device.", - "maximum" : 16, + "maximum" : 64, "minimum" : 0, "optional" : 1, "type" : "integer" @@ -17162,7 +17276,7 @@ const apiSchema = [ "typetext" : "" }, "affinity" : { - "description" : "List of host cores used to execute guest processes.", + "description" : "List of host cores used to execute guest processes, for example: 0,5,8-11", "format" : "pve-cpuset", "optional" : 1, "type" : "string", @@ -18055,7 +18169,7 @@ const apiSchema = [ }, "queues" : { "description" : "Number of packet queues to be used on the device.", - "maximum" : 16, + "maximum" : 64, "minimum" : 0, "optional" : 1, "type" : "integer" @@ -19722,24 +19836,17 @@ const apiSchema = [ "returns" : { "items" : { "properties" : { - "delete" : { - "description" : "Indicates a pending delete request if present and not 0. The value 2 indicates a force-delete request.", - "maximum" : 2, - "minimum" : 0, - "optional" : 1, - "type" : "integer" - }, "key" : { "description" : "Configuration option name.", "type" : "string" }, - "pending" : { - "description" : "Pending value.", + "new" : { + "description" : "The new pending value.", "optional" : 1, "type" : "string" }, - "value" : { - "description" : "Current value.", + "old" : { + "description" : "Value as it was used to generate the current cloudinit image.", "optional" : 1, "type" : "string" } @@ -21976,6 +22083,100 @@ const apiSchema = [ "path" : "/nodes/{node}/qemu/{vmid}/migrate", "text" : "migrate" }, + { + "info" : { + "POST" : { + "allowtoken" : 1, + "description" : "Migrate virtual machine to a remote cluster. Creates a new migration task. EXPERIMENTAL feature!", + "method" : "POST", + "name" : "remote_migrate_vm", + "parameters" : { + "additionalProperties" : 0, + "properties" : { + "bwlimit" : { + "default" : "migrate limit from datacenter or storage config", + "description" : "Override I/O bandwidth limit (in KiB/s).", + "minimum" : "0", + "optional" : 1, + "type" : "integer", + "typetext" : " (0 - N)" + }, + "delete" : { + "default" : 0, + "description" : "Delete the original VM and related data after successful migration. By default the original VM is kept on the source cluster in a stopped state.", + "optional" : 1, + "type" : "boolean", + "typetext" : "" + }, + "node" : { + "description" : "The cluster node name.", + "format" : "pve-node", + "type" : "string", + "typetext" : "" + }, + "online" : { + "description" : "Use online/live migration if VM is running. Ignored if VM is stopped.", + "optional" : 1, + "type" : "boolean", + "typetext" : "" + }, + "target-bridge" : { + "description" : "Mapping from source to target bridges. Providing only a single bridge ID maps all source bridges to that bridge. Providing the special value '1' will map each source bridge to itself.", + "format" : "bridge-pair-list", + "type" : "string", + "typetext" : "" + }, + "target-endpoint" : { + "description" : "Remote target endpoint", + "format" : "proxmox-remote", + "type" : "string", + "typetext" : "apitoken= ,host= [,fingerprint=] [,port=]" + }, + "target-storage" : { + "description" : "Mapping from source to target storages. Providing only a single storage ID maps all source storages to that storage. Providing the special value '1' will map each source storage to itself.", + "format" : "storage-pair-list", + "optional" : 0, + "type" : "string", + "typetext" : "" + }, + "target-vmid" : { + "description" : "The (unique) ID of the VM.", + "format" : "pve-vmid", + "minimum" : 1, + "optional" : 1, + "type" : "integer", + "typetext" : " (1 - N)" + }, + "vmid" : { + "description" : "The (unique) ID of the VM.", + "format" : "pve-vmid", + "minimum" : 1, + "type" : "integer", + "typetext" : " (1 - N)" + } + } + }, + "permissions" : { + "check" : [ + "perm", + "/vms/{vmid}", + [ + "VM.Migrate" + ] + ] + }, + "protected" : 1, + "proxyto" : "node", + "returns" : { + "description" : "the task ID.", + "type" : "string" + } + } + }, + "leaf" : 1, + "path" : "/nodes/{node}/qemu/{vmid}/remote_migrate", + "text" : "remote_migrate" + }, { "info" : { "POST" : { @@ -22684,6 +22885,144 @@ const apiSchema = [ "leaf" : 1, "path" : "/nodes/{node}/qemu/{vmid}/template", "text" : "template" + }, + { + "info" : { + "POST" : { + "allowtoken" : 1, + "description" : "Migration tunnel endpoint - only for internal use by VM migration.", + "method" : "POST", + "name" : "mtunnel", + "parameters" : { + "additionalProperties" : 0, + "properties" : { + "bridges" : { + "description" : "List of network bridges to check availability. Will be checked again for actually used bridges during migration.", + "format" : "pve-bridge-id-list", + "optional" : 1, + "type" : "string", + "typetext" : "" + }, + "node" : { + "description" : "The cluster node name.", + "format" : "pve-node", + "type" : "string", + "typetext" : "" + }, + "storages" : { + "description" : "List of storages to check permission and availability. Will be checked again for all actually used storages during migration.", + "format" : "pve-storage-id-list", + "optional" : 1, + "type" : "string", + "typetext" : "" + }, + "vmid" : { + "description" : "The (unique) ID of the VM.", + "format" : "pve-vmid", + "minimum" : 1, + "type" : "integer", + "typetext" : " (1 - N)" + } + } + }, + "permissions" : { + "check" : [ + "and", + [ + "perm", + "/vms/{vmid}", + [ + "VM.Allocate" + ] + ], + [ + "perm", + "/", + [ + "Sys.Incoming" + ] + ] + ], + "description" : "You need 'VM.Allocate' permissions on '/vms/{vmid}' and Sys.Incoming on '/'. Further permission checks happen during the actual migration." + }, + "protected" : 1, + "returns" : { + "additionalProperties" : 0, + "properties" : { + "socket" : { + "type" : "string" + }, + "ticket" : { + "type" : "string" + }, + "upid" : { + "type" : "string" + } + } + } + } + }, + "leaf" : 1, + "path" : "/nodes/{node}/qemu/{vmid}/mtunnel", + "text" : "mtunnel" + }, + { + "info" : { + "GET" : { + "allowtoken" : 1, + "description" : "Migration tunnel endpoint for websocket upgrade - only for internal use by VM migration.", + "method" : "GET", + "name" : "mtunnelwebsocket", + "parameters" : { + "additionalProperties" : 0, + "properties" : { + "node" : { + "description" : "The cluster node name.", + "format" : "pve-node", + "type" : "string", + "typetext" : "" + }, + "socket" : { + "description" : "unix socket to forward to", + "type" : "string", + "typetext" : "" + }, + "ticket" : { + "description" : "ticket return by initial 'mtunnel' API call, or retrieved via 'ticket' tunnel command", + "type" : "string", + "typetext" : "" + }, + "vmid" : { + "description" : "The (unique) ID of the VM.", + "format" : "pve-vmid", + "minimum" : 1, + "type" : "integer", + "typetext" : " (1 - N)" + } + } + }, + "permissions" : { + "description" : "You need to pass a ticket valid for the selected socket. Tickets can be created via the mtunnel API call, which will check permissions accordingly.", + "user" : "all" + }, + "returns" : { + "properties" : { + "port" : { + "optional" : 1, + "type" : "string" + }, + "socket" : { + "optional" : 1, + "type" : "string" + } + }, + "type" : "object" + } + } + }, + "leaf" : 1, + "path" : "/nodes/{node}/qemu/{vmid}/mtunnelwebsocket", + "text" : "mtunnelwebsocket" } ], "info" : { @@ -22927,7 +23266,7 @@ const apiSchema = [ "typetext" : "" }, "affinity" : { - "description" : "List of host cores used to execute guest processes.", + "description" : "List of host cores used to execute guest processes, for example: 0,5,8-11", "format" : "pve-cpuset", "optional" : 1, "type" : "string", @@ -23828,7 +24167,7 @@ const apiSchema = [ }, "queues" : { "description" : "Number of packet queues to be used on the device.", - "maximum" : 16, + "maximum" : 64, "minimum" : 0, "optional" : 1, "type" : "integer" @@ -25678,6 +26017,7 @@ const apiSchema = [ }, "mtu" : { "description" : "Maximum transfer unit of the interface. (lxc.network.mtu)", + "maximum" : 65535, "minimum" : 64, "optional" : 1, "type" : "integer" @@ -26184,6 +26524,7 @@ const apiSchema = [ }, "mtu" : { "description" : "Maximum transfer unit of the interface. (lxc.network.mtu)", + "maximum" : 65535, "minimum" : 64, "optional" : 1, "type" : "integer" @@ -28380,6 +28721,12 @@ const apiSchema = [ "parameters" : { "additionalProperties" : 0, "properties" : { + "force" : { + "description" : "Delete all members of the IPSet, if there are any.", + "optional" : 1, + "type" : "boolean", + "typetext" : "" + }, "name" : { "description" : "IP set name.", "maxLength" : 64, @@ -29567,6 +29914,113 @@ const apiSchema = [ "path" : "/nodes/{node}/lxc/{vmid}/spiceproxy", "text" : "spiceproxy" }, + { + "info" : { + "POST" : { + "allowtoken" : 1, + "description" : "Migrate the container to another cluster. Creates a new migration task. EXPERIMENTAL feature!", + "method" : "POST", + "name" : "remote_migrate_vm", + "parameters" : { + "additionalProperties" : 0, + "properties" : { + "bwlimit" : { + "default" : "migrate limit from datacenter or storage config", + "description" : "Override I/O bandwidth limit (in KiB/s).", + "minimum" : "0", + "optional" : 1, + "type" : "number", + "typetext" : " (0 - N)" + }, + "delete" : { + "default" : 0, + "description" : "Delete the original CT and related data after successful migration. By default the original CT is kept on the source cluster in a stopped state.", + "optional" : 1, + "type" : "boolean", + "typetext" : "" + }, + "node" : { + "description" : "The cluster node name.", + "format" : "pve-node", + "type" : "string", + "typetext" : "" + }, + "online" : { + "description" : "Use online/live migration.", + "optional" : 1, + "type" : "boolean", + "typetext" : "" + }, + "restart" : { + "description" : "Use restart migration", + "optional" : 1, + "type" : "boolean", + "typetext" : "" + }, + "target-bridge" : { + "description" : "Mapping from source to target bridges. Providing only a single bridge ID maps all source bridges to that bridge. Providing the special value '1' will map each source bridge to itself.", + "format" : "bridge-pair-list", + "type" : "string", + "typetext" : "" + }, + "target-endpoint" : { + "description" : "Remote target endpoint", + "format" : "proxmox-remote", + "type" : "string", + "typetext" : "apitoken= ,host= [,fingerprint=] [,port=]" + }, + "target-storage" : { + "description" : "Mapping from source to target storages. Providing only a single storage ID maps all source storages to that storage. Providing the special value '1' will map each source storage to itself.", + "format" : "storage-pair-list", + "optional" : 0, + "type" : "string", + "typetext" : "" + }, + "target-vmid" : { + "description" : "The (unique) ID of the VM.", + "format" : "pve-vmid", + "minimum" : 1, + "optional" : 1, + "type" : "integer", + "typetext" : " (1 - N)" + }, + "timeout" : { + "default" : 180, + "description" : "Timeout in seconds for shutdown for restart migration", + "optional" : 1, + "type" : "integer", + "typetext" : "" + }, + "vmid" : { + "description" : "The (unique) ID of the VM.", + "format" : "pve-vmid", + "minimum" : 1, + "type" : "integer", + "typetext" : " (1 - N)" + } + } + }, + "permissions" : { + "check" : [ + "perm", + "/vms/{vmid}", + [ + "VM.Migrate" + ] + ] + }, + "protected" : 1, + "proxyto" : "node", + "returns" : { + "description" : "the task ID.", + "type" : "string" + } + } + }, + "leaf" : 1, + "path" : "/nodes/{node}/lxc/{vmid}/remote_migrate", + "text" : "remote_migrate" + }, { "info" : { "POST" : { @@ -31418,6 +31872,144 @@ const apiSchema = [ "leaf" : 1, "path" : "/nodes/{node}/lxc/{vmid}/pending", "text" : "pending" + }, + { + "info" : { + "POST" : { + "allowtoken" : 1, + "description" : "Migration tunnel endpoint - only for internal use by CT migration.", + "method" : "POST", + "name" : "mtunnel", + "parameters" : { + "additionalProperties" : 0, + "properties" : { + "bridges" : { + "description" : "List of network bridges to check availability. Will be checked again for actually used bridges during migration.", + "format" : "pve-bridge-id-list", + "optional" : 1, + "type" : "string", + "typetext" : "" + }, + "node" : { + "description" : "The cluster node name.", + "format" : "pve-node", + "type" : "string", + "typetext" : "" + }, + "storages" : { + "description" : "List of storages to check permission and availability. Will be checked again for all actually used storages during migration.", + "format" : "pve-storage-id-list", + "optional" : 1, + "type" : "string", + "typetext" : "" + }, + "vmid" : { + "description" : "The (unique) ID of the VM.", + "format" : "pve-vmid", + "minimum" : 1, + "type" : "integer", + "typetext" : " (1 - N)" + } + } + }, + "permissions" : { + "check" : [ + "and", + [ + "perm", + "/vms/{vmid}", + [ + "VM.Allocate" + ] + ], + [ + "perm", + "/", + [ + "Sys.Incoming" + ] + ] + ], + "description" : "You need 'VM.Allocate' permissions on '/vms/{vmid}' and Sys.Incoming on '/'. Further permission checks happen during the actual migration." + }, + "protected" : 1, + "returns" : { + "additionalProperties" : 0, + "properties" : { + "socket" : { + "type" : "string" + }, + "ticket" : { + "type" : "string" + }, + "upid" : { + "type" : "string" + } + } + } + } + }, + "leaf" : 1, + "path" : "/nodes/{node}/lxc/{vmid}/mtunnel", + "text" : "mtunnel" + }, + { + "info" : { + "GET" : { + "allowtoken" : 1, + "description" : "Migration tunnel endpoint for websocket upgrade - only for internal use by VM migration.", + "method" : "GET", + "name" : "mtunnelwebsocket", + "parameters" : { + "additionalProperties" : 0, + "properties" : { + "node" : { + "description" : "The cluster node name.", + "format" : "pve-node", + "type" : "string", + "typetext" : "" + }, + "socket" : { + "description" : "unix socket to forward to", + "type" : "string", + "typetext" : "" + }, + "ticket" : { + "description" : "ticket return by initial 'mtunnel' API call, or retrieved via 'ticket' tunnel command", + "type" : "string", + "typetext" : "" + }, + "vmid" : { + "description" : "The (unique) ID of the VM.", + "format" : "pve-vmid", + "minimum" : 1, + "type" : "integer", + "typetext" : " (1 - N)" + } + } + }, + "permissions" : { + "description" : "You need to pass a ticket valid for the selected socket. Tickets can be created via the mtunnel API call, which will check permissions accordingly.", + "user" : "all" + }, + "returns" : { + "properties" : { + "port" : { + "optional" : 1, + "type" : "string" + }, + "socket" : { + "optional" : 1, + "type" : "string" + } + }, + "type" : "object" + } + } + }, + "leaf" : 1, + "path" : "/nodes/{node}/lxc/{vmid}/mtunnelwebsocket", + "text" : "mtunnelwebsocket" } ], "info" : { @@ -31940,6 +32532,7 @@ const apiSchema = [ }, "mtu" : { "description" : "Maximum transfer unit of the interface. (lxc.network.mtu)", + "maximum" : 65535, "minimum" : 64, "optional" : 1, "type" : "integer" @@ -33528,6 +34121,11 @@ const apiSchema = [ "returns" : { "items" : { "properties" : { + "application_metadata" : { + "optional" : 1, + "title" : "Associated Applications", + "type" : "object" + }, "autoscale_status" : { "optional" : 1, "title" : "Autoscale Status", @@ -34307,6 +34905,77 @@ const apiSchema = [ "leaf" : 1, "path" : "/nodes/{node}/ceph/rules", "text" : "rules" + }, + { + "info" : { + "GET" : { + "allowtoken" : 1, + "description" : "Heuristical check if it is safe to perform an action.", + "method" : "GET", + "name" : "cmd_safety", + "parameters" : { + "additionalProperties" : 0, + "properties" : { + "action" : { + "description" : "Action to check", + "enum" : [ + "stop", + "destroy" + ], + "type" : "string" + }, + "id" : { + "description" : "ID of the service", + "type" : "string", + "typetext" : "" + }, + "node" : { + "description" : "The cluster node name.", + "format" : "pve-node", + "type" : "string", + "typetext" : "" + }, + "service" : { + "description" : "Service type", + "enum" : [ + "osd", + "mon", + "mds" + ], + "type" : "string" + } + } + }, + "permissions" : { + "check" : [ + "perm", + "/", + [ + "Sys.audit" + ] + ] + }, + "protected" : 1, + "proxyto" : "node", + "returns" : { + "properties" : { + "safe" : { + "description" : "If it is safe to run the command.", + "type" : "boolean" + }, + "status" : { + "description" : "Status message given by Ceph.", + "optional" : 1, + "type" : "string" + } + }, + "type" : "object" + } + } + }, + "leaf" : 1, + "path" : "/nodes/{node}/ceph/cmd-safety", + "text" : "cmd-safety" } ], "info" : { @@ -39777,6 +40446,23 @@ const apiSchema = [ "type" : "string", "typetext" : "" }, + "draid-config" : { + "format" : { + "data" : { + "description" : "The number of data devices per redundancy group. (dRAID)", + "minimum" : 1, + "type" : "integer" + }, + "spares" : { + "description" : "Number of dRAID spares.", + "minimum" : 0, + "type" : "integer" + } + }, + "optional" : 1, + "type" : "string", + "typetext" : "data= ,spares=" + }, "name" : { "description" : "The storage identifier.", "format" : "pve-storage-id", @@ -39797,7 +40483,10 @@ const apiSchema = [ "raid10", "raidz", "raidz2", - "raidz3" + "raidz3", + "draid", + "draid2", + "draid3" ], "type" : "string" } @@ -43433,9 +44122,9 @@ const apiSchema = [ "default" : "login", "description" : "Run specific command or default to login.", "enum" : [ - "upgrade", "login", - "ceph_install" + "ceph_install", + "upgrade" ], "optional" : 1, "type" : "string" @@ -43529,9 +44218,9 @@ const apiSchema = [ "default" : "login", "description" : "Run specific command or default to login.", "enum" : [ - "upgrade", "login", - "ceph_install" + "ceph_install", + "upgrade" ], "optional" : 1, "type" : "string" @@ -43655,9 +44344,9 @@ const apiSchema = [ "default" : "login", "description" : "Run specific command or default to login.", "enum" : [ - "upgrade", "login", - "ceph_install" + "ceph_install", + "upgrade" ], "optional" : 1, "type" : "string" @@ -46786,6 +47475,10 @@ const apiSchema = [ "optional" : 1, "type" : "boolean" }, + "Sys.Incoming" : { + "optional" : 1, + "type" : "boolean" + }, "Sys.Modify" : { "optional" : 1, "type" : "boolean" diff --git a/datacenter.cfg.5-opts.adoc b/datacenter.cfg.5-opts.adoc index 4565acc..45b51d9 100644 --- a/datacenter.cfg.5-opts.adoc +++ b/datacenter.cfg.5-opts.adoc @@ -26,6 +26,14 @@ bandwidth limit in KiB/s for restoring guests from backups Select the default Console viewer. You can either use the builtin java applet (VNC; deprecated and maps to html5), an external virt-viewer comtatible application (SPICE), an HTML5 based vnc viewer (noVNC), or an HTML5 based console client (xtermjs). If the selected viewer is not available (e.g. SPICE not activated for the VM), the fallback is noVNC. +`crs`: `ha=` :: + +Cluster resource scheduling settings. + +`ha`=`` ('default =' `basic`);; + +Configures how the HA manager should select nodes to start or recover services. With 'basic', only the number of services is used, with 'static', static CPU and memory configuration of services is considered. + `description`: `` :: Datacenter description. Shown in the web-interface datacenter notes panel. This is saved as comment inside the configuration file. @@ -96,6 +104,26 @@ Lower, inclusive boundary for free next-id API range. Upper, exclusive boundary for free next-id API range. +`registered-tags`: `[;...]` :: + +A list of tags that require a `Sys.Modify` on '/' to set and delete. Tags set here that are also in 'user-tag-access' also require `Sys.Modify`. + +`tag-style`: `[color-map=:[:][;=...]] [,ordering=] [,shape=]` :: + +Tag style options. + +`color-map`=`:[:][;=...]` ;; + +Manual color mapping for tags (semicolon separated). + +`ordering`=`` ('default =' `alphabetical`);; + +Controls the sorting of the tags in the web ui. + +`shape`=`` ('default =' `circle`);; + +Tag shape for the web ui tree. 'full' draws the full tag. 'circle' draws only a circle with the background color. 'dense' only draws a small rectancle (useful when many tags are assigned to each guest).'none' disables showing the tags. + `u2f`: `[appid=] [,origin=]` :: u2f @@ -108,13 +136,29 @@ U2F AppId URL override. Defaults to the origin. U2F Origin override. Mostly useful for single nodes with a single URL. -`webauthn`: `[id=] [,origin=] [,rp=]` :: +`user-tag-access`: `[user-allow=] [,user-allow-list=[;...]]` :: + +Privilege options for user-settable tags + +`user-allow`=`` ('default =' `free`);; + +Controls which tags can be set or deleted on resources a user controls (such as guests). Users with the `Sys.Modify` privilege on `/` are always unrestricted. 'none' no tags are usable. 'list' tasg from 'user-allow'list' are usable. 'existing' like list, but already existing tags of resources are also usable.'free' no tag restrictions. + +`user-allow-list`=`[;...]` ;; + +List of tags users are allowed to set and delete (semicolon separated) for 'user-allow' values 'list' and 'existing'. + +`webauthn`: `[allow-subdomains=<1|0>] [,id=] [,origin=] [,rp=]` :: webauthn configuration +`allow-subdomains`=`` ('default =' `1`);; + +Whether to allow the origin to be a subdomain, rather than the exact URL. + `id`=`` ;; -Relying part ID. Must be the domain name without protocol, port or location. Changing this *will* break existing credentials. +Relying party ID. Must be the domain name without protocol, port or location. Changing this *will* break existing credentials. `origin`=`` ;; diff --git a/pct-network-opts.adoc b/pct-network-opts.adoc index 3a4e020..3bf7c34 100644 --- a/pct-network-opts.adoc +++ b/pct-network-opts.adoc @@ -30,7 +30,7 @@ IPv4 address in CIDR format. IPv6 address in CIDR format. -`mtu`=` (64 - N)` ;; +`mtu`=` (64 - 65535)` ;; Maximum transfer unit of the interface. (lxc.network.mtu) diff --git a/pct.1-synopsis.adoc b/pct.1-synopsis.adoc index e8a4846..6ed21a6 100644 --- a/pct.1-synopsis.adoc +++ b/pct.1-synopsis.adoc @@ -531,6 +531,51 @@ The (unique) ID of the VM. Wait maximal timeout seconds for the shutdown. +*pct remote-migrate* ` [] --target-bridge --target-storage ` `[OPTIONS]` + +Migrate container to a remote cluster. Creates a new migration task. +EXPERIMENTAL feature! + +``: ` (1 - N)` :: + +The (unique) ID of the VM. + +``: ` (1 - N)` :: + +The (unique) ID of the VM. + +``: `apitoken= ,host= [,fingerprint=] [,port=]` :: + +Remote target endpoint + +`--bwlimit` ` (0 - N)` ('default =' `migrate limit from datacenter or storage config`):: + +Override I/O bandwidth limit (in KiB/s). + +`--delete` `` ('default =' `0`):: + +Delete the original CT and related data after successful migration. By default the original CT is kept on the source cluster in a stopped state. + +`--online` `` :: + +Use online/live migration. + +`--restart` `` :: + +Use restart migration + +`--target-bridge` `` :: + +Mapping from source to target bridges. Providing only a single bridge ID maps all source bridges to that bridge. Providing the special value '1' will map each source bridge to itself. + +`--target-storage` `` :: + +Mapping from source to target storages. Providing only a single storage ID maps all source storages to that storage. Providing the special value '1' will map each source storage to itself. + +`--timeout` `` ('default =' `180`):: + +Timeout in seconds for shutdown for restart migration + *pct rescan* `[OPTIONS]` Rescan all storages and update disk sizes and unused disk images. diff --git a/pct.conf.5-opts.adoc b/pct.conf.5-opts.adoc index cf52b5e..6bc7e6c 100644 --- a/pct.conf.5-opts.adoc +++ b/pct.conf.5-opts.adoc @@ -160,7 +160,7 @@ IPv4 address in CIDR format. IPv6 address in CIDR format. -`mtu`=` (64 - N)` ;; +`mtu`=` (64 - 65535)` ;; Maximum transfer unit of the interface. (lxc.network.mtu) diff --git a/pve-firewall-macros.adoc b/pve-firewall-macros.adoc index 87309ca..56c6660 100644 --- a/pve-firewall-macros.adoc +++ b/pve-firewall-macros.adoc @@ -637,6 +637,15 @@ |PARAM|tcp|783| |=========================================================== +[horizontal] +'SPICEproxy':: Proxmox VE SPICE display proxy traffic + +[width="100%",options="header"] +|=========================================================== +|Action|proto|dport|sport +|PARAM|tcp|3128| +|=========================================================== + [horizontal] 'SSH':: Secure shell traffic diff --git a/qm.1-synopsis.adoc b/qm.1-synopsis.adoc index b9189d1..e49665b 100644 --- a/qm.1-synopsis.adoc +++ b/qm.1-synopsis.adoc @@ -129,7 +129,7 @@ Enable/disable ACPI. `--affinity` `` :: -List of host cores used to execute guest processes. +List of host cores used to execute guest processes, for example: 0,5,8-11 `--agent` `[enabled=]<1|0> [,fstrim_cloned_disks=<1|0>] [,type=]` :: @@ -840,6 +840,43 @@ The (unique) ID of the VM. Wait maximal timeout seconds for the shutdown. +*qm remote-migrate* ` [] --target-bridge --target-storage ` `[OPTIONS]` + +Migrate virtual machine to a remote cluster. Creates a new migration task. +EXPERIMENTAL feature! + +``: ` (1 - N)` :: + +The (unique) ID of the VM. + +``: ` (1 - N)` :: + +The (unique) ID of the VM. + +``: `apitoken= ,host= [,fingerprint=] [,port=]` :: + +Remote target endpoint + +`--bwlimit` ` (0 - N)` ('default =' `migrate limit from datacenter or storage config`):: + +Override I/O bandwidth limit (in KiB/s). + +`--delete` `` ('default =' `0`):: + +Delete the original VM and related data after successful migration. By default the original VM is kept on the source cluster in a stopped state. + +`--online` `` :: + +Use online/live migration if VM is running. Ignored if VM is stopped. + +`--target-bridge` `` :: + +Mapping from source to target bridges. Providing only a single bridge ID maps all source bridges to that bridge. Providing the special value '1' will map each source bridge to itself. + +`--target-storage` `` :: + +Mapping from source to target storages. Providing only a single storage ID maps all source storages to that storage. Providing the special value '1' will map each source storage to itself. + *qm rescan* An alias for 'qm disk rescan'. @@ -924,7 +961,7 @@ Enable/disable ACPI. `--affinity` `` :: -List of host cores used to execute guest processes. +List of host cores used to execute guest processes, for example: 0,5,8-11 `--agent` `[enabled=]<1|0> [,fstrim_cloned_disks=<1|0>] [,type=]` :: diff --git a/qm.conf.5-opts.adoc b/qm.conf.5-opts.adoc index 33dd6ac..853fd7a 100644 --- a/qm.conf.5-opts.adoc +++ b/qm.conf.5-opts.adoc @@ -4,7 +4,7 @@ Enable/disable ACPI. `affinity`: `` :: -List of host cores used to execute guest processes. +List of host cores used to execute guest processes, for example: 0,5,8-11 `agent`: `[enabled=]<1|0> [,fstrim_cloned_disks=<1|0>] [,type=]` :: @@ -574,7 +574,7 @@ Network Card Model. The 'virtio' model provides the best performance with very l Force MTU, for VirtIO only. Set to '1' to use the bridge MTU -`queues`=` (0 - 16)` ;; +`queues`=` (0 - 64)` ;; Number of packet queues to be used on the device. -- 2.39.2