Lukas Wagner [Tue, 21 Nov 2023 12:52:37 +0000 (13:52 +0100)]
vzdump: support 'notification-mode' parameter
This parameter lets us choose between the 'legacy' notification
system (sendmail to some email addresses) and the 'new' notification
system (pub-sub based system with targets and matchers).
'auto' (default) will use the 'legacy' system if a mail address is
provided and the 'new' system if not.
This is allows users to opt-in/opt-out from the new notification
system, which might be a bit chatty by default.
ui: ceph pool edit: rework with controller and formulas
instead of relying purely on listeners that then manually change other
components, we can use binds, formulas and a basic controller.
This makes it quite a bit easier to let multiple components react to
changes.
A cbind is used for the size component to set the initial start value.
Other options, like using setValue in the controller init, will trigger
the change listener and therefore can affect the min size without any
user interaction.
Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com> Tested-by: Maximiliano Sandoval <m.sandoval@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
fix #2515: ui: ceph pool create: use configured defaults for size and min_size
Instead of hard coded defaults for the size and min_size parameter,
check if we have defaults configured in the ceph.conf or config db and
use those.
There are clusters where different defaults are needed. For example if
the cluster spans two rooms and needs to survive the loss of one. A
size/min_size of 4/2 are common defaults in such a situation.
Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com> Tested-by: Maximiliano Sandoval <m.sandoval@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This new endpoint allows to get the values of config keys that are
either set in the config db or the ceph.conf file.
Values that are set in the ceph.conf file have priority over values set
in the conifg db via 'ceph config set'.
Expects the --config-keys parameter as a semicolon separated list of
"<section>:<config key>" where the section is a section in the ceph.conf
or config db. For example: global:osd_pool_default_size
Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com> Tested-by: Maximiliano Sandoval <m.sandoval@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Tue, 21 Nov 2023 13:16:34 +0000 (14:16 +0100)]
ui: vm wizard: reword label for extra drive for virtio-drivers
while a user can attach anything, we change the defaults for, e.g.,
scsi controller or network to virtio if this is ticked, so try to hint
that a bit better
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominik Csapak [Tue, 21 Nov 2023 08:35:51 +0000 (09:35 +0100)]
ui: qemu wizard: use better boot order for second cd drive
in the case we add a second cd drive (for windows), we don't want the
backend logic to only include the first one, since we cannot know
which is bootable and which is (probably) the virtio iso.
so instead, emulate the backend logic for the wizard but include both cd
drives in that case, otherwise let the backend decide like before
Dominik Csapak [Mon, 20 Nov 2023 15:45:43 +0000 (16:45 +0100)]
ui: vm wizard: allow second iso for windows vms
Having a second CD-drive is useful for adding the virtio-win driver
ISO for new installs, and thus we change the default disk type to scsi
and network type to VirtIO.
Add special logic to the OSTypeInputPanel when 'insideWizard' is true
to add an additional checkbox + iso selector
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
since poolid can now contain `/`, it's not possible to use it (properly) as
path parameter anymore.
accordingly:
- merge `read_pool` (`GET /pools/{poolid}`) into 'index' (`GET
/pools/?poolid={poolid}`) (requires clients to extract the only member of the returned array if they want to query an individual pool)
- move `update_pool` to `/pools`, deprecating the old variant with path parameter
- move `delete_pool` to `/pools`, deprecating the old variant with path parameter
- deprecate `read_pool` API endpoint
pool creation is blocked for nested pools where the parent does not already
exist. similarly, the checks for deletion are extended to block deletion if
sub-pools still exist.
the old API endpoints continue to work for non-nested pools. `pvesh ls /pools`
is semi-broken for nested pools, listing the entries, but no methods on them,
since they reference the old API. fixing this would require extending the REST
handling to support a new type of child reference.
Dominik Csapak [Mon, 20 Nov 2023 08:02:42 +0000 (09:02 +0100)]
ui: fix zero-sized panels on fresh chrome start
it seems in new versions of chrome , this triggers too early on a fresh
start (when autostarting a pve tab), resulting in the
'viewWidth'/'viewHeight' being zero pixels. This means we set the width
of the left and the height of the bottom panel to zero pixels, making
them functionally invisible.
To prevent that, check that the 'viewWidth'/'viewHeight' is big enough
so that the panels still have least 50 pixels left before setting their
size.
Reported in the Forum:
https://forum.proxmox.com/threads/136636/
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
[ TL: point to forum thread ] Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Lukas Wagner [Tue, 14 Nov 2023 12:59:42 +0000 (13:59 +0100)]
api: notification: add disable and origin params
'disable' can be set to disable a matcher/target.
'origin' signals whether the configuration entry
was created by the user or whether it was built-in/
built-in-and-modified.
Lukas Wagner [Tue, 14 Nov 2023 12:59:41 +0000 (13:59 +0100)]
notify: add API routes for smtp endpoints
The Perl part of the API methods primarily defines the API schema,
checks for any needed privileges and then calls the actual Rust
implementation exposed via perlmod. Any errors returned by the Rust
code are translated into PVE::Exception, so that the API call fails
with the correct HTTP error code.
Lukas Wagner [Tue, 14 Nov 2023 12:59:34 +0000 (13:59 +0100)]
ui: dc: remove unneeded notification events panel
The notification event settings are replaced by notification matchers,
which will combine the notification routing and filtering into a
single concept.
As reported in the community forum and reproduced locally, issuing a
QEMU guest agent command would lead to an error when proxying to
another node:
> root@pve8a2 ~ # pvesh create /nodes/pve8a1/qemu/126/agent/exec --command 'whoami'
> Wide character in die at /usr/share/perl5/PVE/RESTHandler.pm line 918.
> proxy handler failed: Agent error: Guest agent command failed, error was 'Failed to execute child process “ARRAY(0x55842bb161a0)” (No such file or directory)'
Fix it, by splitting up array references correctly.
Stefan Lendl [Fri, 17 Nov 2023 14:26:13 +0000 (15:26 +0100)]
gitignore: add more build artefacts to ignore list and anchor to root
Signed-off-by: Stefan Lendl <s.lendl@proxmox.com>
[ TL: fix subject & use more specific glob ] Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Aaron Lauterer [Wed, 8 Nov 2023 12:10:34 +0000 (13:10 +0100)]
api: osd: destroy: remove mclock max iops settings
Ceph does a quick benchmark when creating a new OSD and stores the
osd_mclock_max_capacity_iops_{ssd,hdd} settings in the config DB.
When destroying the OSD, Ceph does not automatically remove these
settings. Keeping them can be problematic if a new OSD with potentially
more performance is added and ends up getting the same OSD ID.
Therefore, we remove these settings ourselves when destroying an OSD.
Removing both variants, hdd and ssd should be fine, as the MON does not
complain if the setting does not exist.
Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com> Tested-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
ship default link config to disable systemd link mac-policy
since debian 11, systemd is changing behaviour of MAC address of
bridge, but also bond, where the mac is generated randomly instead
inherit from the first slave.
We tried to fix that with ifupdown2, but that seems to produce some
regressions and independent of that there was still another problem.
Namely, if a bridge don't have any slaves, systemd is keeping bridge
offline.
That mean that a dhcp daemon like kea can't bind on a standalone
bridge (used for s-nat for example), until a tap interface is started.
So, set up a systemd link config to disable the systemd mac policy by
default (this don't break already fixed ifupdown2 mac).
Funnily CentOS && Fedora also disable it already:
https://fedoraproject.org/wiki/Changes/MAC_Address_Policy_none
https://gitlab.com/redhat/centos-stream/rpms/systemd/-/blob/c8953519504bf2e694bfbc2b02a456c1056f252e/0028-udev-net-setup-link-change-the-default-MACAddressPol.patch#L43
Before this patch:
```
~ ip a sh dev vmbr1
vmbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 10
```
After this patch:
```
~ ip a sh dev vmbr1
vmbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
```
Signed-off-by: Alexandre Derumier <alexandre.derumier@groupe-cyllene.com>
[ TL: move to /usr/lib/.. where distro files belong and add comment ] Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
- set degraded as warning instead working
- set undersized as warning instead error
- rename error as critical
- add "busy" (info-blue) color for working state
- use warning (orange) color for warning state
Signed-off-by: Alexandre Derumier <aderumier@odiso.com> Tested-By: Aaron Lauterer <a.lauterer@proxmox.com> Reviewed-By: Aaron Lauterer <a.lauterer@proxmox.com>
[ TL: fold in CSS class addition ] Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Christian Ebner [Wed, 9 Aug 2023 10:55:28 +0000 (12:55 +0200)]
fix #4442: Add date-time filtering for firewall logs
Extend the current firewall log view to add date time based filtering.
The user can switch between live view, which shows logs from the
unrotated log file, or to filter mode, where date time based filtering,
including rotated logs can be performed.
Enable the feature by setting the property and the submit format
for since and until timestamps expected by the api.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
Thomas Lamprecht [Mon, 13 Nov 2023 13:12:33 +0000 (14:12 +0100)]
api: acme meta: require Sys.Audit on the node
As even though restricted to some specific endpoints and formats, one
can still scan HTTP, potentially also on the LAN.
We can do this here as the API call is new and was never packaged
since introduced, so this isn't a breaking change.
The TOS one will be removed with the next major release, so not a
problem anymore from then one.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Folke Gleumes [Tue, 31 Oct 2023 09:05:12 +0000 (10:05 +0100)]
api/acme: deprecate tos endpoint in favor of meta
The ToS endpoint ignored data that is needed to detect if EAB needs to
be used. Instead of adding a new endpoint that does the same request,
the tos endpoint is deprecated and replaced by the meta endpoint,
that returns all information returned by the directory.
Dominik Csapak [Thu, 9 Nov 2023 10:56:24 +0000 (11:56 +0100)]
ui: add tooltips to non-full tags globally
by using the delegate function of ExtJS' tooltips on the global
Workspace element and using the proper css selectors
this way, we can limit the tooltips to the non-full ones
(in contrast to using data-qtip on the element, which would
always be show, even for tags with the 'full' style)
Dominik Csapak [Thu, 9 Nov 2023 10:47:59 +0000 (11:47 +0100)]
ui: bulk actions: rework filters and include tags
This moves the filters out of the grid header for the BulkActions and
puts them into their own fieldset above the grid. With that, we can
easily include a tags filter (one include and one exclude list).
The filter fieldset is collapsible and shows the active filters in
parenthesis. aside from that the filter should be the same as before.
To achieve the result, we regenerate the filterFn on every change of
every filter field, and set it with an 'id' so that only that filter is
overridden each time.
To make this work, we have to change three tiny details:
* manually set the labelWidths for the fields, otherwise it breaks
the ones in the fieldset.
* change the counting in the 'getErrors' of the VMSelector, so that we
actually get the count of selected VMs, not the one from the
selectionModel
* override the plugins to '' in the BulkAction windows, so that e.g. in
the backup window we still have the filters in the grid header
(we could add a filter box there too, but that is already very crowded
and would take up too much space for now)
Folke Gleumes [Tue, 7 Nov 2023 11:38:52 +0000 (12:38 +0100)]
fix #2336: ui: adjust message for bulk start/stop/migrate
The message in the Task Log has been 'Start/Stop/Migrate all...',
which is misleading since not everything might be affected by bulk actions.
This also affects the messages send at a nodes startup and shutdown, but
since this just affects a subgroup of VMs/Containers (those who are
onboot=1) the new wording still applies better than the previous.
Aaron Lauterer [Wed, 23 Aug 2023 09:44:27 +0000 (11:44 +0200)]
fix #4631: ceph: osd: create: add osds-per-device
Allows to automatically create multiple OSDs per physical device. The
main use case are fast NVME drives that would be bottlenecked by a
single OSD service.
By using the 'ceph-volume lvm batch' command instead of the 'ceph-volume
lvm create' for multiple OSDs / device, we don't have to deal with the
split of the drive ourselves.
But this means that the parameters to specify a DB or WAL device won't
work as the 'batch' command doesn't use them. Dedicated DB and WAL
devices don't make much sense anyway if we place the OSDs on fast NVME
drives.
Some other changes to how the command is built were needed as well, as
the 'batch' command needs the path to the disk as a positional argument,
not as '--data /dev/sdX'.
We drop the '--cluster-fsid' parameter because the 'batch' command
doesn't accept it. The 'create' will fall back to reading it from the
ceph.conf file.
Removal of OSDs works as expected without any code changes. As long as
there are other OSDs on a disk, the VG & PV won't be removed, even if
'cleanup' is enabled.
The '--no-auto' parameter is used to avoid the following deprecation
warning:
```
--> DEPRECATION NOTICE
--> You are using the legacy automatic disk sorting behavior
--> The Pacific release will change the default to --no-auto
--> passed data devices: 1 physical, 0 LVM
--> relative data size: 0.3333333333333333
```
Stoiko Ivanov [Wed, 11 Oct 2023 13:23:42 +0000 (15:23 +0200)]
pve7to8: check for proper grub meta-package for bootmode
This should catch installations from our ISO on non-ZFS in uefi mode,
which won't get the updated grub efi binary installed upon upgrade,
because grub-pc is installed instead of grub-efi-amd64.
Adding this to pve7to8 should make this even more visible, than the
corresponding patch for promxox-kernel-helper (warnings printed during
regular package upgrades might be overlooked more easily than
a yellow line in the major upgrade checkscript)
The if/else order was chosen to limit the nesting level of the long
messages.
ui: guest wizard: increase height to match 4:3 ratio
solving an issue where the CPU extra-flags grid had less space than
it's fixed height allowed.
While we also could have reduced that height, having a nicer ratio and
a bit more vertical "breathing room" seem slightly nicer to me.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominik Csapak [Wed, 25 Oct 2023 11:09:38 +0000 (13:09 +0200)]
ui: wizards: allow adding tags in the qemu/lxc create wizard
in the general tab in the advanced section.
For that to work, we introduce a new option for the TagEditContainer
named 'editOnly', which controls now the cancel/finish buttons,
automatically enter edit mode and disable enter/escape keypresses.
We also prevent now the loading of tags while in edit mode, so the tags
don't change while editing (this can be jarring and unexpected).
Then we wrap that all in a FieldSet that implements the Field mixin, so
we can easily use that in the wizard. There we set a maxHeight so that
the field can grow so that it still fits in the wizard.
To properly align the input with the '+' button, we have to add a custom
css class there. (In the hbox we could set the alignment, but this is
not possible in the 'column' layout)
node console: restrict all non-login commands to root@pam
and not just upgrade.
note that the only other non-login command (ceph_install) is restricted to
root@pam in the web UI anyway, and that the termproxy endpoint is lacking this
check and thus always falls back to a login prompt for non-login commands
requested by non-root users.
Aaron Lauterer [Tue, 3 Oct 2023 11:36:37 +0000 (13:36 +0200)]
report: dir2text: ignore special . and .. files
So far this hasn't been an issue as each user of dir2text wanted files
with a specific pattern. But if we want every file in the directory, we
need to skip the special files '.' and '..'.
Thomas Lamprecht [Sun, 29 Oct 2023 18:47:40 +0000 (19:47 +0100)]
ui: disable new notification UI for now, will be reworked
Lukas is currently reworking this so that we have a single panel,
where the filters are match-entries that can also provide the
functionality of the hard-coded filters in the other panel, reducing
complexity and adding flexibility.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominik Csapak [Thu, 19 Oct 2023 13:36:05 +0000 (15:36 +0200)]
ui: tags: fix focus for edit mode
such that one can tab through the editable tag fields.
We have to handle that manually, since ExtJs does not expect
contenteditable html tags for focus handling.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Christoph Heiss [Wed, 5 Jul 2023 11:12:49 +0000 (13:12 +0200)]
ui: container guest status: show distro logo and name in summary header
It fits neatly there, is rather intrusive and yet still visible at
first sight. It also solves the problem of having to create a bigger
row, so that the icon is still easily recognisable. At the default
font-size of 13pt, this really wasn't the case.
Verified that each supported distro is present in the font and the
name matches up and tested through all supported distros (including
'unmanaged').
Signed-off-by: Christoph Heiss <c.heiss@proxmox.com> Reviewed-by: Dominik Csapak <d.csapak@proxmox.com> Tested-by: Dominik Csapak <d.csapak@proxmox.com>
[ TL: html-encode, just to be sure, as reviewed by Dominik ] Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Christoph Heiss [Wed, 5 Jul 2023 11:12:48 +0000 (13:12 +0200)]
ui: container guest status: show privileged status as new row
As that info is not available through the store (which stores the
status), it must be fetched separately.
Signed-off-by: Christoph Heiss <c.heiss@proxmox.com> Reviewed-by: Dominik Csapak <d.csapak@proxmox.com> Tested-by: Dominik Csapak <d.csapak@proxmox.com>
[ TL: rework subject and avoid arror-fn for controller to keep `this`
working, as reviewed by Dominik ] Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>