]> git.proxmox.com Git - pve-storage.git/blob - PVE/API2/Storage/Config.pm
projects / pve-storage.git / blob
? search:


a7d9bf6040cbcb8b79e094dea1762f114b51e5f6
[pve-storage.git] / PVE / API2 / Storage / Config.pm
1 package PVE::API2::Storage::Config;
2
3 use strict;
4 use warnings;
5
6 use PVE::SafeSyslog;
7 use PVE::Tools qw(extract_param);
8 use PVE::Cluster qw(cfs_read_file cfs_write_file);
9 use PVE::Storage;
10 use PVE::Storage::Plugin;
11 use PVE::Storage::LVMPlugin;
12 use HTTP::Status qw(:constants);
13 use Storable qw(dclone);
14 use PVE::JSONSchema qw(get_standard_option);
15 use PVE::RPCEnvironment;
16
17 use PVE::RESTHandler;
18
19 use base qw(PVE::RESTHandler);
20
21 my @ctypes = qw(images vztmpl iso backup);
22
23 my $storage_type_enum = PVE::Storage::Plugin->lookup_types();
24
25 my $api_storage_config = sub {
26 my ($cfg, $storeid) = @_;
27
28 my $scfg = dclone(PVE::Storage::storage_config($cfg, $storeid));
29 $scfg->{storage} = $storeid;
30 $scfg->{digest} = $cfg->{digest};
31 $scfg->{content} = PVE::Storage::Plugin->encode_value($scfg->{type}, 'content', $scfg->{content});
32
33 if ($scfg->{nodes}) {
34 $scfg->{nodes} = PVE::Storage::Plugin->encode_value($scfg->{type}, 'nodes', $scfg->{nodes});
35 }
36
37 return $scfg;
38 };
39
40 my $cifs_cred_file_name = sub {
41 my ($storeid) = @_;
42
43 return "/etc/pve/priv/${storeid}.cred";
44 };
45
46 my $set_cifs_credentials = sub {
47 my ($password, $storeid) = @_;
48
49 my $cred_file = $cifs_cred_file_name->($storeid);
50
51 PVE::Tools::file_set_contents($cred_file, "password=$password\n");
52
53 return $cred_file;
54 };
55
56 __PACKAGE__->register_method ({
57 name => 'index',
58 path => '',
59 method => 'GET',
60 description => "Storage index.",
61 permissions => {
62 description => "Only list entries where you have 'Datastore.Audit' or 'Datastore.AllocateSpace' permissions on '/storage/<storage>'",
63 user => 'all',
64 },
65 parameters => {
66 additionalProperties => 0,
67 properties => {
68 type => {
69 description => "Only list storage of specific type",
70 type => 'string',
71 enum => $storage_type_enum,
72 optional => 1,
73 },
74 },
75 },
76 returns => {
77 type => 'array',
78 items => {
79 type => "object",
80 properties => { storage => { type => 'string'} },
81 },
82 links => [ { rel => 'child', href => "{storage}" } ],
83 },
84 code => sub {
85 my ($param) = @_;
86
87 my $rpcenv = PVE::RPCEnvironment::get();
88 my $authuser = $rpcenv->get_user();
89
90 my $cfg = PVE::Storage::config();
91
92 my @sids = PVE::Storage::storage_ids($cfg);
93
94 my $res = [];
95 foreach my $storeid (@sids) {
96 my $privs = [ 'Datastore.Audit', 'Datastore.AllocateSpace' ];
97 next if !$rpcenv->check_any($authuser, "/storage/$storeid", $privs, 1);
98
99 my $scfg = &$api_storage_config($cfg, $storeid);
100 next if $param->{type} && $param->{type} ne $scfg->{type};
101 push @$res, $scfg;
102 }
103
104 return $res;
105 }});
106
107 __PACKAGE__->register_method ({
108 name => 'read',
109 path => '{storage}',
110 method => 'GET',
111 description => "Read storage configuration.",
112 permissions => {
113 check => ['perm', '/storage/{storage}', ['Datastore.Allocate']],
114 },
115 parameters => {
116 additionalProperties => 0,
117 properties => {
118 storage => get_standard_option('pve-storage-id'),
119 },
120 },
121 returns => {},
122 code => sub {
123 my ($param) = @_;
124
125 my $cfg = PVE::Storage::config();
126
127 return &$api_storage_config($cfg, $param->{storage});
128 }});
129
130 __PACKAGE__->register_method ({
131 name => 'create',
132 protected => 1,
133 path => '',
134 method => 'POST',
135 description => "Create a new storage.",
136 permissions => {
137 check => ['perm', '/storage', ['Datastore.Allocate']],
138 },
139 parameters => PVE::Storage::Plugin->createSchema(),
140 returns => { type => 'null' },
141 code => sub {
142 my ($param) = @_;
143
144 my $type = extract_param($param, 'type');
145 my $storeid = extract_param($param, 'storage');
146
147 # revent an empty nodelist.
148 # fix me in section config create never need an empty entity.
149 delete $param->{nodes} if !$param->{nodes};
150
151 my $password = extract_param($param, 'password')
152 if $type eq 'cifs' && $param->{username};
153
154 if ($param->{portal}) {
155 $param->{portal} = PVE::Storage::resolv_portal($param->{portal});
156 }
157
158 my $plugin = PVE::Storage::Plugin->lookup($type);
159 my $opts = $plugin->check_config($storeid, $param, 1, 1);
160
161 PVE::Storage::lock_storage_config(
162 sub {
163
164 my $cfg = PVE::Storage::config();
165
166 if (my $scfg = PVE::Storage::storage_config($cfg, $storeid, 1)) {
167 die "storage ID '$storeid' already defined\n";
168 }
169
170 $cfg->{ids}->{$storeid} = $opts;
171
172 if ($type eq 'lvm' && $opts->{base}) {
173
174 my ($baseid, $volname) = PVE::Storage::parse_volume_id($opts->{base});
175
176 my $basecfg = PVE::Storage::storage_config ($cfg, $baseid, 1);
177 die "base storage ID '$baseid' does not exist\n" if !$basecfg;
178
179 # we only support iscsi for now
180 if (!($basecfg->{type} eq 'iscsi')) {
181 die "unsupported base type '$basecfg->{type}'";
182 }
183
184 my $path = PVE::Storage::path($cfg, $opts->{base});
185
186 PVE::Storage::activate_storage($cfg, $baseid);
187
188 PVE::Storage::LVMPlugin::lvm_create_volume_group($path, $opts->{vgname}, $opts->{shared});
189 } elsif ($type eq 'rbd' && !defined($opts->{monhost})) {
190 my $ceph_admin_keyring = '/etc/pve/priv/ceph.client.admin.keyring';
191 my $ceph_storage_keyring = "/etc/pve/priv/ceph/${storeid}.keyring";
192
193 die "ceph authx keyring file for storage '$storeid' already exists!\n"
194 if -e $ceph_storage_keyring;
195
196 eval {
197 mkdir '/etc/pve/priv/ceph';
198 PVE::Tools::file_copy($ceph_admin_keyring, $ceph_storage_keyring);
199 };
200 if (my $err = $@) {
201 unlink $ceph_storage_keyring;
202 die "failed to copy ceph authx keyring for storage '$storeid': $err\n";
203 }
204 }
205 # create a password file in /etc/pve/priv,
206 # this file is used as a cert_file at mount time.
207 my $cred_file = &$set_cifs_credentials($password, $storeid)
208 if defined($password);
209
210 eval {
211 # try to activate if enabled on local node,
212 # we only do this to detect errors/problems sooner
213 if (PVE::Storage::storage_check_enabled($cfg, $storeid, undef, 1)) {
214 PVE::Storage::activate_storage($cfg, $storeid);
215 }
216 };
217 if(my $err = $@) {
218 unlink $cred_file if defined($cred_file);
219 die $err;
220 }
221
222 PVE::Storage::write_config($cfg);
223
224 }, "create storage failed");
225
226 return undef;
227 }});
228
229 __PACKAGE__->register_method ({
230 name => 'update',
231 protected => 1,
232 path => '{storage}',
233 method => 'PUT',
234 description => "Update storage configuration.",
235 permissions => {
236 check => ['perm', '/storage', ['Datastore.Allocate']],
237 },
238 parameters => PVE::Storage::Plugin->updateSchema(),
239 returns => { type => 'null' },
240 code => sub {
241 my ($param) = @_;
242
243 my $storeid = extract_param($param, 'storage');
244 my $digest = extract_param($param, 'digest');
245
246 PVE::Storage::lock_storage_config(
247 sub {
248
249 my $cfg = PVE::Storage::config();
250
251 PVE::SectionConfig::assert_if_modified($cfg, $digest);
252
253 my $scfg = PVE::Storage::storage_config($cfg, $storeid);
254
255 my $plugin = PVE::Storage::Plugin->lookup($scfg->{type});
256 my $opts = $plugin->check_config($storeid, $param, 0, 1);
257
258 foreach my $k (%$opts) {
259 $scfg->{$k} = $opts->{$k};
260 }
261
262 PVE::Storage::write_config($cfg);
263
264 }, "update storage failed");
265
266 return undef;
267 }});
268
269 __PACKAGE__->register_method ({
270 name => 'delete',
271 protected => 1,
272 path => '{storage}', # /storage/config/{storage}
273 method => 'DELETE',
274 description => "Delete storage configuration.",
275 permissions => {
276 check => ['perm', '/storage', ['Datastore.Allocate']],
277 },
278 parameters => {
279 additionalProperties => 0,
280 properties => {
281 storage => get_standard_option('pve-storage-id', {
282 completion => \&PVE::Storage::complete_storage,
283 }),
284 },
285 },
286 returns => { type => 'null' },
287 code => sub {
288 my ($param) = @_;
289
290 my $storeid = extract_param($param, 'storage');
291
292 PVE::Storage::lock_storage_config(
293 sub {
294
295 my $cfg = PVE::Storage::config();
296
297 my $scfg = PVE::Storage::storage_config($cfg, $storeid);
298
299 die "can't remove storage - storage is used as base of another storage\n"
300 if PVE::Storage::storage_is_used($cfg, $storeid);
301
302 if ($scfg->{type} eq 'cifs') {
303 my $cred_file = $cifs_cred_file_name->($storeid);
304 if (-f $cred_file) {
305 unlink($cred_file) or warn "removing cifs credientials '$cred_file' failed: $!\n";
306 }
307 } elsif ($scfg->{type} eq 'rbd' && !defined($scfg->{monhost})) {
308 my $ceph_storage_keyring = "/etc/pve/priv/ceph/${storeid}.keyring";
309 if (-f $ceph_storage_keyring) {
310 unlink($ceph_storage_keyring) or warn "removing keyring of storage failed: $!\n";
311 }
312 }
313
314 delete $cfg->{ids}->{$storeid};
315
316 PVE::Storage::write_config($cfg);
317
318 }, "delete storage failed");
319
320 PVE::AccessControl::remove_storage_access($storeid);
321
322 return undef;
323 }});
324
325 1;
Storage library