]> git.proxmox.com Git - pve-manager.git/blob - PVE/API2/VZDump.pm
projects / pve-manager.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
update shipped appliance info index
[pve-manager.git] / PVE / API2 / VZDump.pm
1 package PVE::API2::VZDump;
2
3 use strict;
4 use warnings;
5
6 use PVE::AccessControl;
7 use PVE::Cluster;
8 use PVE::Exception qw(raise_param_exc);
9 use PVE::INotify;
10 use PVE::JSONSchema qw(get_standard_option);
11 use PVE::RPCEnvironment;
12 use PVE::Storage;
13 use PVE::Tools qw(extract_param);
14 use PVE::VZDump::Common;
15 use PVE::VZDump;
16
17 use PVE::API2::Backup;
18 use PVE::API2Tools;
19
20 use Data::Dumper; # fixme: remove
21
22 use base qw(PVE::RESTHandler);
23
24 my sub assert_param_permission_vzdump {
25 my ($rpcenv, $user, $param) = @_;
26 return if $user eq 'root@pam'; # always OK
27
28 PVE::API2::Backup::assert_param_permission_common($rpcenv, $user, $param);
29
30 if (defined($param->{maxfiles}) || defined($param->{'prune-backups'})) {
31 if (my $storeid = PVE::VZDump::get_storage_param($param)) {
32 $rpcenv->check($user, "/storage/$storeid", [ 'Datastore.Allocate' ]);
33 }
34 }
35 }
36
37 __PACKAGE__->register_method ({
38 name => 'vzdump',
39 path => '',
40 method => 'POST',
41 description => "Create backup.",
42 permissions => {
43 description => "The user needs 'VM.Backup' permissions on any VM, and "
44 ."'Datastore.AllocateSpace' on the backup storage (and fleecing storage when fleecing "
45 ."is used). The 'tmpdir', 'dumpdir' and 'script' parameters are restricted to the "
46 ."'root\@pam' user. The 'maxfiles' and 'prune-backups' settings require "
47 ."'Datastore.Allocate' on the backup storage. The 'bwlimit', 'performance' and "
48 ."'ionice' parameters require 'Sys.Modify' on '/'.",
49 user => 'all',
50 },
51 protected => 1,
52 proxyto => 'node',
53 parameters => {
54 additionalProperties => 0,
55 properties => PVE::VZDump::Common::json_config_properties({
56 stdout => {
57 type => 'boolean',
58 description => "Write tar to stdout, not to a file.",
59 optional => 1,
60 },
61 }),
62 },
63 returns => { type => 'string' },
64 code => sub {
65 my ($param) = @_;
66
67 my $rpcenv = PVE::RPCEnvironment::get();
68
69 my $user = $rpcenv->get_user();
70
71 my $nodename = PVE::INotify::nodename();
72
73 if ($rpcenv->{type} ne 'cli') {
74 raise_param_exc({ node => "option is only allowed on the command line interface."})
75 if $param->{node} && $param->{node} ne $nodename;
76
77 raise_param_exc({ stdout => "option is only allowed on the command line interface."})
78 if $param->{stdout};
79 }
80
81 assert_param_permission_vzdump($rpcenv, $user, $param);
82
83 PVE::VZDump::verify_vzdump_parameters($param, 1);
84
85 # silent exit if we run on wrong node
86 return 'OK' if $param->{node} && $param->{node} ne $nodename;
87
88 my $cmdline = PVE::VZDump::Common::command_line($param);
89
90 my $vmids_per_node = PVE::VZDump::get_included_guests($param);
91
92 my $local_vmids = delete $vmids_per_node->{$nodename} // [];
93
94 # include IDs for deleted guests, and visibly fail later
95 my $orphaned_vmids = delete $vmids_per_node->{''} // [];
96 push @{$local_vmids}, @{$orphaned_vmids};
97
98 my $skiplist = [ map { @$_ } values $vmids_per_node->%* ];
99
100 if($param->{stop}){
101 PVE::VZDump::stop_running_backups();
102 return 'OK' if !scalar(@{$local_vmids});
103 }
104
105 # silent exit if specified VMs run on other nodes
106 return "OK" if !scalar(@{$local_vmids}) && !$param->{all};
107
108 PVE::VZDump::parse_mailto_exclude_path($param);
109
110 die "you can only backup a single VM with option --stdout\n"
111 if $param->{stdout} && scalar(@{$local_vmids}) != 1;
112
113 if (my $storeid = PVE::VZDump::get_storage_param($param)) {
114 $rpcenv->check($user, "/storage/$storeid", [ 'Datastore.AllocateSpace' ]);
115 }
116
117 my $worker = sub {
118 my $upid = shift;
119
120 $SIG{INT} = $SIG{TERM} = $SIG{QUIT} = $SIG{HUP} = $SIG{PIPE} = sub {
121 die "interrupted by signal\n";
122 };
123
124 $param->{vmids} = $local_vmids;
125 my $vzdump = PVE::VZDump->new($cmdline, $param, $skiplist);
126
127 my $LOCK_FH = eval {
128 $vzdump->getlock($upid); # only one process allowed
129 };
130 if (my $err = $@) {
131 $vzdump->send_notification([], 0, $err);
132 exit(-1);
133 }
134
135 if (defined($param->{ionice})) {
136 if ($param->{ionice} > 7) {
137 PVE::VZDump::run_command(undef, "ionice -c3 -p $$");
138 } else {
139 PVE::VZDump::run_command(undef, "ionice -c2 -n$param->{ionice} -p $$");
140 }
141 }
142 $vzdump->exec_backup($rpcenv, $user);
143
144 close($LOCK_FH);
145 };
146
147 open STDOUT, '>/dev/null' if $param->{quiet} && !$param->{stdout};
148 open STDERR, '>/dev/null' if $param->{quiet};
149
150 if ($rpcenv->{type} eq 'cli') {
151 if ($param->{stdout}) {
152
153 open my $saved_stdout, ">&STDOUT"
154 || die "can't dup STDOUT: $!\n";
155
156 open STDOUT, '>&STDERR' ||
157 die "unable to redirect STDOUT: $!\n";
158
159 $param->{stdout} = $saved_stdout;
160 }
161 }
162
163 my $taskid;
164 $taskid = $local_vmids->[0] if scalar(@{$local_vmids}) == 1;
165
166 return $rpcenv->fork_worker('vzdump', $taskid, $user, $worker);
167 }});
168
169 __PACKAGE__->register_method ({
170 name => 'defaults',
171 path => 'defaults',
172 method => 'GET',
173 description => "Get the currently configured vzdump defaults.",
174 permissions => {
175 description => "The user needs 'Datastore.Audit' or 'Datastore.AllocateSpace' " .
176 "permissions for the specified storage (or default storage if none specified). Some " .
177 "properties are only returned when the user has 'Sys.Audit' permissions for the node.",
178 user => 'all',
179 },
180 proxyto => 'node',
181 parameters => {
182 additionalProperties => 0,
183 properties => {
184 node => get_standard_option('pve-node'),
185 storage => get_standard_option('pve-storage-id', { optional => 1 }),
186 },
187 },
188 returns => {
189 type => 'object',
190 additionalProperties => 0,
191 properties => PVE::VZDump::Common::json_config_properties(),
192 },
193 code => sub {
194 my ($param) = @_;
195
196 my $node = extract_param($param, 'node');
197 my $storage = extract_param($param, 'storage');
198
199 my $rpcenv = PVE::RPCEnvironment::get();
200 my $authuser = $rpcenv->get_user();
201
202 my $res = PVE::VZDump::read_vzdump_defaults();
203
204 $res->{storage} = $storage if defined($storage);
205
206 if (!defined($res->{dumpdir}) && !defined($res->{storage})) {
207 $res->{storage} = 'local';
208 }
209
210 if (defined($res->{storage})) {
211 $rpcenv->check_any(
212 $authuser,
213 "/storage/$res->{storage}",
214 ['Datastore.Audit', 'Datastore.AllocateSpace'],
215 );
216
217 my $info = PVE::VZDump::storage_info($res->{storage});
218 for my $key (qw(dumpdir prune-backups)) {
219 $res->{$key} = $info->{$key} if defined($info->{$key});
220 }
221 }
222
223 if (defined($res->{'prune-backups'})) {
224 $res->{'prune-backups'} = PVE::JSONSchema::print_property_string(
225 $res->{'prune-backups'},
226 'prune-backups',
227 );
228 }
229
230 $res->{mailto} = join(",", @{$res->{mailto}})
231 if defined($res->{mailto});
232
233 $res->{'exclude-path'} = join(",", @{$res->{'exclude-path'}})
234 if defined($res->{'exclude-path'});
235
236 # normal backup users don't need to know these
237 if (!$rpcenv->check($authuser, "/nodes/$node", ['Sys.Audit'], 1)) {
238 delete $res->{mailto};
239 delete $res->{tmpdir};
240 delete $res->{dumpdir};
241 delete $res->{script};
242 delete $res->{ionice};
243 }
244
245 my $pool = $res->{pool};
246 if (defined($pool) &&
247 !$rpcenv->check($authuser, "/pool/$pool", ['Pool.Audit'], 1)) {
248 delete $res->{pool};
249 }
250
251 return $res;
252 }});
253
254 __PACKAGE__->register_method ({
255 name => 'extractconfig',
256 path => 'extractconfig',
257 method => 'GET',
258 description => "Extract configuration from vzdump backup archive.",
259 permissions => {
260 description => "The user needs 'VM.Backup' permissions on the backed up guest ID, and 'Datastore.AllocateSpace' on the backup storage.",
261 user => 'all',
262 },
263 protected => 1,
264 proxyto => 'node',
265 parameters => {
266 additionalProperties => 0,
267 properties => {
268 node => get_standard_option('pve-node'),
269 volume => {
270 description => "Volume identifier",
271 type => 'string',
272 completion => \&PVE::Storage::complete_volume,
273 },
274 },
275 },
276 returns => { type => 'string' },
277 code => sub {
278 my ($param) = @_;
279
280 my $volume = extract_param($param, 'volume');
281
282 my $rpcenv = PVE::RPCEnvironment::get();
283 my $authuser = $rpcenv->get_user();
284
285 my $storage_cfg = PVE::Storage::config();
286 PVE::Storage::check_volume_access(
287 $rpcenv,
288 $authuser,
289 $storage_cfg,
290 undef,
291 $volume,
292 'backup',
293 );
294
295 if (PVE::Storage::parse_volume_id($volume, 1)) {
296 my (undef, undef, $ownervm) = PVE::Storage::parse_volname($storage_cfg, $volume);
297 $rpcenv->check($authuser, "/vms/$ownervm", ['VM.Backup']);
298 }
299
300 return PVE::Storage::extract_vzdump_config($storage_cfg, $volume);
301 }});
302
303 1;
The Proxmox VE Management API and Web UI