]>
Commit | Line | Data |
---|---|---|
1e3baf05 DM |
1 | package PVE::API2::Qemu; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | ||
6 | use PVE::Cluster; | |
7 | use PVE::SafeSyslog; | |
8 | use PVE::Tools qw(extract_param); | |
9 | use PVE::Exception qw(raise raise_param_exc); | |
10 | use PVE::Storage; | |
11 | use PVE::JSONSchema qw(get_standard_option); | |
12 | use PVE::RESTHandler; | |
13 | use PVE::QemuServer; | |
3ea94c60 | 14 | use PVE::QemuMigrate; |
1e3baf05 DM |
15 | use PVE::RPCEnvironment; |
16 | use PVE::AccessControl; | |
17 | use PVE::INotify; | |
18 | ||
19 | use Data::Dumper; # fixme: remove | |
20 | ||
21 | use base qw(PVE::RESTHandler); | |
22 | ||
23 | my $opt_force_description = "Force physical removal. Without this, we simple remove the disk from the config file and create an additional configuration entry called 'unused[n]', which contains the volume ID. Unlink of unused[n] always cause physical removal."; | |
24 | ||
25 | my $resolve_cdrom_alias = sub { | |
26 | my $param = shift; | |
27 | ||
28 | if (my $value = $param->{cdrom}) { | |
29 | $value .= ",media=cdrom" if $value !~ m/media=/; | |
30 | $param->{ide2} = $value; | |
31 | delete $param->{cdrom}; | |
32 | } | |
33 | }; | |
34 | ||
35 | __PACKAGE__->register_method({ | |
36 | name => 'vmlist', | |
37 | path => '', | |
38 | method => 'GET', | |
39 | description => "Virtual machine index (per node).", | |
40 | proxyto => 'node', | |
41 | protected => 1, # qemu pid files are only readable by root | |
42 | parameters => { | |
43 | additionalProperties => 0, | |
44 | properties => { | |
45 | node => get_standard_option('pve-node'), | |
46 | }, | |
47 | }, | |
48 | returns => { | |
49 | type => 'array', | |
50 | items => { | |
51 | type => "object", | |
52 | properties => {}, | |
53 | }, | |
54 | links => [ { rel => 'child', href => "{vmid}" } ], | |
55 | }, | |
56 | code => sub { | |
57 | my ($param) = @_; | |
58 | ||
59 | my $vmstatus = PVE::QemuServer::vmstatus(); | |
60 | ||
61 | return PVE::RESTHandler::hash_to_array($vmstatus, 'vmid'); | |
62 | ||
63 | }}); | |
64 | ||
65 | __PACKAGE__->register_method({ | |
66 | name => 'create_vm', | |
67 | path => '', | |
68 | method => 'POST', | |
69 | description => "Create new virtual machine.", | |
70 | protected => 1, | |
71 | proxyto => 'node', | |
72 | parameters => { | |
73 | additionalProperties => 0, | |
74 | properties => PVE::QemuServer::json_config_properties( | |
75 | { | |
76 | node => get_standard_option('pve-node'), | |
77 | vmid => get_standard_option('pve-vmid'), | |
78 | }), | |
79 | }, | |
5fdbe4f0 DM |
80 | returns => { |
81 | type => 'string', | |
82 | }, | |
1e3baf05 DM |
83 | code => sub { |
84 | my ($param) = @_; | |
85 | ||
5fdbe4f0 DM |
86 | my $rpcenv = PVE::RPCEnvironment::get(); |
87 | ||
88 | my $user = $rpcenv->get_user(); | |
89 | ||
1e3baf05 DM |
90 | my $node = extract_param($param, 'node'); |
91 | ||
1e3baf05 DM |
92 | my $vmid = extract_param($param, 'vmid'); |
93 | ||
94 | my $filename = PVE::QemuServer::config_file($vmid); | |
95 | # first test (befor locking) | |
96 | die "unable to create vm $vmid: config file already exists\n" | |
97 | if -f $filename; | |
98 | ||
99 | my $storecfg = PVE::Storage::config(); | |
100 | ||
101 | &$resolve_cdrom_alias($param); | |
102 | ||
103 | foreach my $opt (keys %$param) { | |
104 | if (PVE::QemuServer::valid_drivename($opt)) { | |
105 | my $drive = PVE::QemuServer::parse_drive($opt, $param->{$opt}); | |
106 | raise_param_exc({ $opt => "unable to parse drive options" }) if !$drive; | |
107 | ||
108 | PVE::QemuServer::cleanup_drive_path($opt, $storecfg, $drive); | |
109 | $param->{$opt} = PVE::QemuServer::print_drive($vmid, $drive); | |
110 | } | |
111 | } | |
112 | ||
113 | PVE::QemuServer::add_random_macs($param); | |
114 | ||
1e3baf05 DM |
115 | my $createfn = sub { |
116 | ||
117 | # second test (after locking test is accurate) | |
118 | die "unable to create vm $vmid: config file already exists\n" | |
119 | if -f $filename; | |
120 | ||
5fdbe4f0 | 121 | my $realcmd = sub { |
1e3baf05 | 122 | |
5fdbe4f0 | 123 | my $vollist = []; |
1e3baf05 | 124 | |
5fdbe4f0 DM |
125 | eval { |
126 | $vollist = PVE::QemuServer::create_disks($storecfg, $vmid, $param); | |
1e3baf05 | 127 | |
5fdbe4f0 DM |
128 | # try to be smart about bootdisk |
129 | my @disks = PVE::QemuServer::disknames(); | |
130 | my $firstdisk; | |
131 | foreach my $ds (reverse @disks) { | |
132 | next if !$param->{$ds}; | |
133 | my $disk = PVE::QemuServer::parse_drive($ds, $param->{$ds}); | |
134 | next if PVE::QemuServer::drive_is_cdrom($disk); | |
135 | $firstdisk = $ds; | |
136 | } | |
1e3baf05 | 137 | |
5fdbe4f0 DM |
138 | if (!$param->{bootdisk} && $firstdisk) { |
139 | $param->{bootdisk} = $firstdisk; | |
140 | } | |
1e3baf05 | 141 | |
5fdbe4f0 DM |
142 | PVE::QemuServer::create_conf_nolock($vmid, $param); |
143 | }; | |
144 | my $err = $@; | |
1e3baf05 | 145 | |
5fdbe4f0 DM |
146 | if ($err) { |
147 | foreach my $volid (@$vollist) { | |
148 | eval { PVE::Storage::vdisk_free($storecfg, $volid); }; | |
149 | warn $@ if $@; | |
150 | } | |
151 | die "create failed - $err"; | |
152 | } | |
153 | }; | |
154 | ||
155 | return $rpcenv->fork_worker('qmcreate', $vmid, $user, $realcmd); | |
156 | }; | |
157 | ||
158 | return PVE::QemuServer::lock_config($vmid, $createfn); | |
1e3baf05 DM |
159 | }}); |
160 | ||
161 | __PACKAGE__->register_method({ | |
162 | name => 'vmdiridx', | |
163 | path => '{vmid}', | |
164 | method => 'GET', | |
165 | proxyto => 'node', | |
166 | description => "Directory index", | |
167 | parameters => { | |
168 | additionalProperties => 0, | |
169 | properties => { | |
170 | node => get_standard_option('pve-node'), | |
171 | vmid => get_standard_option('pve-vmid'), | |
172 | }, | |
173 | }, | |
174 | returns => { | |
175 | type => 'array', | |
176 | items => { | |
177 | type => "object", | |
178 | properties => { | |
179 | subdir => { type => 'string' }, | |
180 | }, | |
181 | }, | |
182 | links => [ { rel => 'child', href => "{subdir}" } ], | |
183 | }, | |
184 | code => sub { | |
185 | my ($param) = @_; | |
186 | ||
187 | my $res = [ | |
188 | { subdir => 'config' }, | |
189 | { subdir => 'status' }, | |
190 | { subdir => 'unlink' }, | |
191 | { subdir => 'vncproxy' }, | |
3ea94c60 | 192 | { subdir => 'migrate' }, |
1e3baf05 DM |
193 | { subdir => 'rrd' }, |
194 | { subdir => 'rrddata' }, | |
195 | ]; | |
196 | ||
197 | return $res; | |
198 | }}); | |
199 | ||
200 | __PACKAGE__->register_method({ | |
201 | name => 'rrd', | |
202 | path => '{vmid}/rrd', | |
203 | method => 'GET', | |
204 | protected => 1, # fixme: can we avoid that? | |
205 | permissions => { | |
206 | path => '/vms/{vmid}', | |
207 | privs => [ 'VM.Audit' ], | |
208 | }, | |
209 | description => "Read VM RRD statistics (returns PNG)", | |
210 | parameters => { | |
211 | additionalProperties => 0, | |
212 | properties => { | |
213 | node => get_standard_option('pve-node'), | |
214 | vmid => get_standard_option('pve-vmid'), | |
215 | timeframe => { | |
216 | description => "Specify the time frame you are interested in.", | |
217 | type => 'string', | |
218 | enum => [ 'hour', 'day', 'week', 'month', 'year' ], | |
219 | }, | |
220 | ds => { | |
221 | description => "The list of datasources you want to display.", | |
222 | type => 'string', format => 'pve-configid-list', | |
223 | }, | |
224 | cf => { | |
225 | description => "The RRD consolidation function", | |
226 | type => 'string', | |
227 | enum => [ 'AVERAGE', 'MAX' ], | |
228 | optional => 1, | |
229 | }, | |
230 | }, | |
231 | }, | |
232 | returns => { | |
233 | type => "object", | |
234 | properties => { | |
235 | filename => { type => 'string' }, | |
236 | }, | |
237 | }, | |
238 | code => sub { | |
239 | my ($param) = @_; | |
240 | ||
241 | return PVE::Cluster::create_rrd_graph( | |
242 | "pve2-vm/$param->{vmid}", $param->{timeframe}, | |
243 | $param->{ds}, $param->{cf}); | |
244 | ||
245 | }}); | |
246 | ||
247 | __PACKAGE__->register_method({ | |
248 | name => 'rrddata', | |
249 | path => '{vmid}/rrddata', | |
250 | method => 'GET', | |
251 | protected => 1, # fixme: can we avoid that? | |
252 | permissions => { | |
253 | path => '/vms/{vmid}', | |
254 | privs => [ 'VM.Audit' ], | |
255 | }, | |
256 | description => "Read VM RRD statistics", | |
257 | parameters => { | |
258 | additionalProperties => 0, | |
259 | properties => { | |
260 | node => get_standard_option('pve-node'), | |
261 | vmid => get_standard_option('pve-vmid'), | |
262 | timeframe => { | |
263 | description => "Specify the time frame you are interested in.", | |
264 | type => 'string', | |
265 | enum => [ 'hour', 'day', 'week', 'month', 'year' ], | |
266 | }, | |
267 | cf => { | |
268 | description => "The RRD consolidation function", | |
269 | type => 'string', | |
270 | enum => [ 'AVERAGE', 'MAX' ], | |
271 | optional => 1, | |
272 | }, | |
273 | }, | |
274 | }, | |
275 | returns => { | |
276 | type => "array", | |
277 | items => { | |
278 | type => "object", | |
279 | properties => {}, | |
280 | }, | |
281 | }, | |
282 | code => sub { | |
283 | my ($param) = @_; | |
284 | ||
285 | return PVE::Cluster::create_rrd_data( | |
286 | "pve2-vm/$param->{vmid}", $param->{timeframe}, $param->{cf}); | |
287 | }}); | |
288 | ||
289 | ||
290 | __PACKAGE__->register_method({ | |
291 | name => 'vm_config', | |
292 | path => '{vmid}/config', | |
293 | method => 'GET', | |
294 | proxyto => 'node', | |
295 | description => "Get virtual machine configuration.", | |
296 | parameters => { | |
297 | additionalProperties => 0, | |
298 | properties => { | |
299 | node => get_standard_option('pve-node'), | |
300 | vmid => get_standard_option('pve-vmid'), | |
301 | }, | |
302 | }, | |
303 | returns => { | |
304 | type => "object", | |
554ac7e7 DM |
305 | properties => { |
306 | digest => { | |
307 | type => 'string', | |
308 | description => 'SHA1 digest of configuration file. This can be used to prevent concurrent modifications.', | |
309 | } | |
310 | }, | |
1e3baf05 DM |
311 | }, |
312 | code => sub { | |
313 | my ($param) = @_; | |
314 | ||
315 | my $conf = PVE::QemuServer::load_config($param->{vmid}); | |
316 | ||
317 | return $conf; | |
318 | }}); | |
319 | ||
320 | __PACKAGE__->register_method({ | |
321 | name => 'update_vm', | |
322 | path => '{vmid}/config', | |
323 | method => 'PUT', | |
324 | protected => 1, | |
325 | proxyto => 'node', | |
326 | description => "Set virtual machine options.", | |
327 | parameters => { | |
328 | additionalProperties => 0, | |
329 | properties => PVE::QemuServer::json_config_properties( | |
330 | { | |
331 | node => get_standard_option('pve-node'), | |
332 | vmid => get_standard_option('pve-vmid'), | |
3ea94c60 | 333 | skiplock => get_standard_option('skiplock'), |
1e3baf05 DM |
334 | delete => { |
335 | type => 'string', format => 'pve-configid-list', | |
336 | description => "A list of settings you want to delete.", | |
337 | optional => 1, | |
338 | }, | |
339 | force => { | |
340 | type => 'boolean', | |
341 | description => $opt_force_description, | |
342 | optional => 1, | |
343 | requires => 'delete', | |
344 | }, | |
554ac7e7 DM |
345 | digest => { |
346 | type => 'string', | |
347 | description => 'Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.', | |
348 | maxLength => 40, | |
349 | optional => 1, | |
350 | } | |
1e3baf05 DM |
351 | }), |
352 | }, | |
353 | returns => { type => 'null'}, | |
354 | code => sub { | |
355 | my ($param) = @_; | |
356 | ||
357 | my $rpcenv = PVE::RPCEnvironment::get(); | |
358 | ||
359 | my $user = $rpcenv->get_user(); | |
360 | ||
361 | my $node = extract_param($param, 'node'); | |
362 | ||
1e3baf05 DM |
363 | my $vmid = extract_param($param, 'vmid'); |
364 | ||
5fdbe4f0 DM |
365 | my $digest = extract_param($param, 'digest'); |
366 | ||
367 | my @paramarr = (); # used for log message | |
368 | foreach my $key (keys %$param) { | |
369 | push @paramarr, "-$key", $param->{$key}; | |
370 | } | |
371 | ||
1e3baf05 | 372 | my $skiplock = extract_param($param, 'skiplock'); |
3ea94c60 DM |
373 | raise_param_exc({ skiplock => "Only root may use this option." }) |
374 | if $skiplock && $user ne 'root@pam'; | |
1e3baf05 DM |
375 | |
376 | my $delete = extract_param($param, 'delete'); | |
377 | my $force = extract_param($param, 'force'); | |
378 | ||
379 | die "no options specified\n" if !$delete && !scalar(keys %$param); | |
380 | ||
381 | my $storecfg = PVE::Storage::config(); | |
382 | ||
383 | &$resolve_cdrom_alias($param); | |
384 | ||
385 | my $eject = {}; | |
386 | my $cdchange = {}; | |
387 | ||
388 | foreach my $opt (keys %$param) { | |
389 | if (PVE::QemuServer::valid_drivename($opt)) { | |
390 | my $drive = PVE::QemuServer::parse_drive($opt, $param->{$opt}); | |
391 | raise_param_exc({ $opt => "unable to parse drive options" }) if !$drive; | |
392 | if ($drive->{file} eq 'eject') { | |
393 | $eject->{$opt} = 1; | |
394 | delete $param->{$opt}; | |
395 | next; | |
396 | } | |
397 | ||
398 | PVE::QemuServer::cleanup_drive_path($opt, $storecfg, $drive); | |
399 | $param->{$opt} = PVE::QemuServer::print_drive($vmid, $drive); | |
400 | ||
401 | if (PVE::QemuServer::drive_is_cdrom($drive)) { | |
402 | $cdchange->{$opt} = PVE::QemuServer::get_iso_path($storecfg, $vmid, $drive->{file}); | |
403 | } | |
404 | } | |
405 | } | |
406 | ||
407 | foreach my $opt (PVE::Tools::split_list($delete)) { | |
408 | $opt = 'ide2' if $opt eq 'cdrom'; | |
409 | die "you can't use '-$opt' and '-delete $opt' at the same time\n" | |
410 | if defined($param->{$opt}); | |
411 | } | |
412 | ||
413 | PVE::QemuServer::add_random_macs($param); | |
414 | ||
415 | my $vollist = []; | |
416 | ||
417 | my $updatefn = sub { | |
418 | ||
419 | my $conf = PVE::QemuServer::load_config($vmid); | |
420 | ||
554ac7e7 DM |
421 | die "checksum missmatch (file change by other user?)\n" |
422 | if $digest && $digest ne $conf->{digest}; | |
423 | ||
1e3baf05 DM |
424 | PVE::QemuServer::check_lock($conf) if !$skiplock; |
425 | ||
5fdbe4f0 DM |
426 | PVE::Cluster::log_msg('info', $user, "update VM $vmid: " . join (' ', @paramarr)); |
427 | ||
1e3baf05 DM |
428 | foreach my $opt (keys %$eject) { |
429 | if ($conf->{$opt}) { | |
430 | my $drive = PVE::QemuServer::parse_drive($opt, $conf->{$opt}); | |
431 | $cdchange->{$opt} = undef if PVE::QemuServer::drive_is_cdrom($drive); | |
432 | } else { | |
433 | raise_param_exc({ $opt => "eject failed - drive does not exist." }); | |
434 | } | |
435 | } | |
436 | ||
437 | foreach my $opt (keys %$param) { | |
438 | next if !PVE::QemuServer::valid_drivename($opt); | |
439 | next if !$conf->{$opt}; | |
440 | my $old_drive = PVE::QemuServer::parse_drive($opt, $conf->{$opt}); | |
441 | next if PVE::QemuServer::drive_is_cdrom($old_drive); | |
442 | my $new_drive = PVE::QemuServer::parse_drive($opt, $param->{$opt}); | |
443 | if ($new_drive->{file} ne $old_drive->{file}) { | |
444 | my ($path, $owner); | |
445 | eval { ($path, $owner) = PVE::Storage::path($storecfg, $old_drive->{file}); }; | |
446 | if ($owner && ($owner == $vmid)) { | |
447 | PVE::QemuServer::add_unused_volume($conf, $param, $old_drive->{file}); | |
448 | } | |
449 | } | |
450 | } | |
451 | ||
452 | my $unset = {}; | |
453 | ||
454 | foreach my $opt (PVE::Tools::split_list($delete)) { | |
455 | $opt = 'ide2' if $opt eq 'cdrom'; | |
456 | if (!PVE::QemuServer::option_exists($opt)) { | |
457 | raise_param_exc({ delete => "unknown option '$opt'" }); | |
458 | } | |
459 | next if !defined($conf->{$opt}); | |
460 | if (PVE::QemuServer::valid_drivename($opt)) { | |
f19d1c47 | 461 | PVE::QemuServer::vm_devicedel($vmid, $conf, $opt); |
1e3baf05 DM |
462 | my $drive = PVE::QemuServer::parse_drive($opt, $conf->{$opt}); |
463 | if (PVE::QemuServer::drive_is_cdrom($drive)) { | |
464 | $cdchange->{$opt} = undef; | |
465 | } else { | |
466 | my $volid = $drive->{file}; | |
467 | ||
468 | if ($volid !~ m|^/|) { | |
469 | my ($path, $owner); | |
470 | eval { ($path, $owner) = PVE::Storage::path($storecfg, $volid); }; | |
471 | if ($owner && ($owner == $vmid)) { | |
472 | if ($force) { | |
473 | push @$vollist, $volid; | |
474 | } else { | |
475 | PVE::QemuServer::add_unused_volume($conf, $param, $volid); | |
476 | } | |
477 | } | |
478 | } | |
479 | } | |
480 | } elsif ($opt =~ m/^unused/) { | |
481 | push @$vollist, $conf->{$opt}; | |
482 | } | |
483 | ||
484 | $unset->{$opt} = 1; | |
485 | } | |
486 | ||
f19d1c47 | 487 | PVE::QemuServer::create_disks($storecfg, $vmid, $param, $conf); |
1e3baf05 DM |
488 | |
489 | PVE::QemuServer::change_config_nolock($vmid, $param, $unset, 1); | |
490 | ||
491 | return if !PVE::QemuServer::check_running($vmid); | |
492 | ||
493 | foreach my $opt (keys %$cdchange) { | |
494 | my $qdn = PVE::QemuServer::qemu_drive_name($opt, 'cdrom'); | |
495 | my $path = $cdchange->{$opt}; | |
496 | PVE::QemuServer::vm_monitor_command($vmid, "eject $qdn", 0); | |
497 | PVE::QemuServer::vm_monitor_command($vmid, "change $qdn \"$path\"", 0) if $path; | |
498 | } | |
499 | }; | |
500 | ||
501 | PVE::QemuServer::lock_config($vmid, $updatefn); | |
502 | ||
503 | foreach my $volid (@$vollist) { | |
504 | eval { PVE::Storage::vdisk_free($storecfg, $volid); }; | |
505 | # fixme: log ? | |
506 | warn $@ if $@; | |
507 | } | |
508 | ||
509 | return undef; | |
510 | }}); | |
511 | ||
512 | ||
513 | __PACKAGE__->register_method({ | |
514 | name => 'destroy_vm', | |
515 | path => '{vmid}', | |
516 | method => 'DELETE', | |
517 | protected => 1, | |
518 | proxyto => 'node', | |
519 | description => "Destroy the vm (also delete all used/owned volumes).", | |
520 | parameters => { | |
521 | additionalProperties => 0, | |
522 | properties => { | |
523 | node => get_standard_option('pve-node'), | |
524 | vmid => get_standard_option('pve-vmid'), | |
3ea94c60 | 525 | skiplock => get_standard_option('skiplock'), |
1e3baf05 DM |
526 | }, |
527 | }, | |
5fdbe4f0 DM |
528 | returns => { |
529 | type => 'string', | |
530 | }, | |
1e3baf05 DM |
531 | code => sub { |
532 | my ($param) = @_; | |
533 | ||
534 | my $rpcenv = PVE::RPCEnvironment::get(); | |
535 | ||
536 | my $user = $rpcenv->get_user(); | |
537 | ||
538 | my $vmid = $param->{vmid}; | |
539 | ||
540 | my $skiplock = $param->{skiplock}; | |
541 | raise_param_exc({ skiplock => "Only root may use this option." }) | |
3ea94c60 | 542 | if $skiplock && $user ne 'root@pam'; |
1e3baf05 | 543 | |
5fdbe4f0 DM |
544 | # test if VM exists |
545 | my $conf = PVE::QemuServer::load_config($vmid); | |
546 | ||
1e3baf05 DM |
547 | my $storecfg = PVE::Storage::config(); |
548 | ||
5fdbe4f0 DM |
549 | my $realcmd = sub { |
550 | PVE::QemuServer::vm_destroy($storecfg, $vmid, $skiplock); | |
551 | }; | |
1e3baf05 | 552 | |
5fdbe4f0 | 553 | return $rpcenv->fork_worker('qmdestroy', $vmid, $user, $realcmd); |
1e3baf05 DM |
554 | }}); |
555 | ||
556 | __PACKAGE__->register_method({ | |
557 | name => 'unlink', | |
558 | path => '{vmid}/unlink', | |
559 | method => 'PUT', | |
560 | protected => 1, | |
561 | proxyto => 'node', | |
562 | description => "Unlink/delete disk images.", | |
563 | parameters => { | |
564 | additionalProperties => 0, | |
565 | properties => { | |
566 | node => get_standard_option('pve-node'), | |
567 | vmid => get_standard_option('pve-vmid'), | |
568 | idlist => { | |
569 | type => 'string', format => 'pve-configid-list', | |
570 | description => "A list of disk IDs you want to delete.", | |
571 | }, | |
572 | force => { | |
573 | type => 'boolean', | |
574 | description => $opt_force_description, | |
575 | optional => 1, | |
576 | }, | |
577 | }, | |
578 | }, | |
579 | returns => { type => 'null'}, | |
580 | code => sub { | |
581 | my ($param) = @_; | |
582 | ||
583 | $param->{delete} = extract_param($param, 'idlist'); | |
584 | ||
585 | __PACKAGE__->update_vm($param); | |
586 | ||
587 | return undef; | |
588 | }}); | |
589 | ||
590 | my $sslcert; | |
591 | ||
592 | __PACKAGE__->register_method({ | |
593 | name => 'vncproxy', | |
594 | path => '{vmid}/vncproxy', | |
595 | method => 'POST', | |
596 | protected => 1, | |
597 | permissions => { | |
598 | path => '/vms/{vmid}', | |
599 | privs => [ 'VM.Console' ], | |
600 | }, | |
601 | description => "Creates a TCP VNC proxy connections.", | |
602 | parameters => { | |
603 | additionalProperties => 0, | |
604 | properties => { | |
605 | node => get_standard_option('pve-node'), | |
606 | vmid => get_standard_option('pve-vmid'), | |
607 | }, | |
608 | }, | |
609 | returns => { | |
610 | additionalProperties => 0, | |
611 | properties => { | |
612 | user => { type => 'string' }, | |
613 | ticket => { type => 'string' }, | |
614 | cert => { type => 'string' }, | |
615 | port => { type => 'integer' }, | |
616 | upid => { type => 'string' }, | |
617 | }, | |
618 | }, | |
619 | code => sub { | |
620 | my ($param) = @_; | |
621 | ||
622 | my $rpcenv = PVE::RPCEnvironment::get(); | |
623 | ||
624 | my $user = $rpcenv->get_user(); | |
625 | my $ticket = PVE::AccessControl::assemble_ticket($user); | |
626 | ||
627 | my $vmid = $param->{vmid}; | |
628 | my $node = $param->{node}; | |
629 | ||
630 | $sslcert = PVE::Tools::file_get_contents("/etc/pve/pve-root-ca.pem", 8192) | |
631 | if !$sslcert; | |
632 | ||
633 | my $port = PVE::Tools::next_vnc_port(); | |
634 | ||
635 | my $remip; | |
636 | ||
637 | if ($node ne PVE::INotify::nodename()) { | |
638 | $remip = PVE::Cluster::remote_node_ip($node); | |
639 | } | |
640 | ||
641 | # NOTE: kvm VNC traffic is already TLS encrypted, | |
642 | # so we select the fastest chipher here (or 'none'?) | |
643 | my $remcmd = $remip ? ['/usr/bin/ssh', '-T', '-o', 'BatchMode=yes', | |
644 | '-c', 'blowfish-cbc', $remip] : []; | |
645 | ||
646 | my $timeout = 10; | |
647 | ||
648 | my $realcmd = sub { | |
649 | my $upid = shift; | |
650 | ||
651 | syslog('info', "starting vnc proxy $upid\n"); | |
652 | ||
653 | my $qmcmd = [@$remcmd, "/usr/sbin/qm", 'vncproxy', $vmid]; | |
654 | ||
655 | my $qmstr = join(' ', @$qmcmd); | |
656 | ||
657 | # also redirect stderr (else we get RFB protocol errors) | |
be62c45c | 658 | my $cmd = ['/bin/nc', '-l', '-p', $port, '-w', $timeout, '-c', "$qmstr 2>/dev/null"]; |
1e3baf05 | 659 | |
be62c45c | 660 | PVE::Tools::run_command($cmd); |
1e3baf05 DM |
661 | |
662 | return; | |
663 | }; | |
664 | ||
665 | my $upid = $rpcenv->fork_worker('vncproxy', $vmid, $user, $realcmd); | |
666 | ||
667 | return { | |
668 | user => $user, | |
669 | ticket => $ticket, | |
670 | port => $port, | |
671 | upid => $upid, | |
672 | cert => $sslcert, | |
673 | }; | |
674 | }}); | |
675 | ||
5fdbe4f0 DM |
676 | __PACKAGE__->register_method({ |
677 | name => 'vmcmdidx', | |
678 | path => '{vmid}/status', | |
679 | method => 'GET', | |
680 | proxyto => 'node', | |
681 | description => "Directory index", | |
682 | parameters => { | |
683 | additionalProperties => 0, | |
684 | properties => { | |
685 | node => get_standard_option('pve-node'), | |
686 | vmid => get_standard_option('pve-vmid'), | |
687 | }, | |
688 | }, | |
689 | returns => { | |
690 | type => 'array', | |
691 | items => { | |
692 | type => "object", | |
693 | properties => { | |
694 | subdir => { type => 'string' }, | |
695 | }, | |
696 | }, | |
697 | links => [ { rel => 'child', href => "{subdir}" } ], | |
698 | }, | |
699 | code => sub { | |
700 | my ($param) = @_; | |
701 | ||
702 | # test if VM exists | |
703 | my $conf = PVE::QemuServer::load_config($param->{vmid}); | |
704 | ||
705 | my $res = [ | |
706 | { subdir => 'current' }, | |
707 | { subdir => 'start' }, | |
708 | { subdir => 'stop' }, | |
709 | ]; | |
710 | ||
711 | return $res; | |
712 | }}); | |
713 | ||
1e3baf05 DM |
714 | __PACKAGE__->register_method({ |
715 | name => 'vm_status', | |
5fdbe4f0 | 716 | path => '{vmid}/status/current', |
1e3baf05 DM |
717 | method => 'GET', |
718 | proxyto => 'node', | |
719 | protected => 1, # qemu pid files are only readable by root | |
720 | description => "Get virtual machine status.", | |
721 | parameters => { | |
722 | additionalProperties => 0, | |
723 | properties => { | |
724 | node => get_standard_option('pve-node'), | |
725 | vmid => get_standard_option('pve-vmid'), | |
726 | }, | |
727 | }, | |
728 | returns => { type => 'object' }, | |
729 | code => sub { | |
730 | my ($param) = @_; | |
731 | ||
732 | # test if VM exists | |
733 | my $conf = PVE::QemuServer::load_config($param->{vmid}); | |
734 | ||
735 | my $vmstatus = PVE::QemuServer::vmstatus($param->{vmid}); | |
736 | ||
737 | return $vmstatus->{$param->{vmid}}; | |
738 | }}); | |
739 | ||
740 | __PACKAGE__->register_method({ | |
5fdbe4f0 DM |
741 | name => 'vm_start', |
742 | path => '{vmid}/status/start', | |
743 | method => 'POST', | |
1e3baf05 DM |
744 | protected => 1, |
745 | proxyto => 'node', | |
5fdbe4f0 | 746 | description => "Start virtual machine.", |
1e3baf05 DM |
747 | parameters => { |
748 | additionalProperties => 0, | |
749 | properties => { | |
750 | node => get_standard_option('pve-node'), | |
751 | vmid => get_standard_option('pve-vmid'), | |
3ea94c60 DM |
752 | skiplock => get_standard_option('skiplock'), |
753 | stateuri => get_standard_option('pve-qm-stateuri'), | |
1e3baf05 DM |
754 | }, |
755 | }, | |
5fdbe4f0 DM |
756 | returns => { |
757 | type => 'string', | |
758 | }, | |
1e3baf05 DM |
759 | code => sub { |
760 | my ($param) = @_; | |
761 | ||
762 | my $rpcenv = PVE::RPCEnvironment::get(); | |
763 | ||
764 | my $user = $rpcenv->get_user(); | |
765 | ||
766 | my $node = extract_param($param, 'node'); | |
767 | ||
1e3baf05 DM |
768 | my $vmid = extract_param($param, 'vmid'); |
769 | ||
3ea94c60 DM |
770 | my $stateuri = extract_param($param, 'stateuri'); |
771 | raise_param_exc({ stateuri => "Only root may use this option." }) | |
772 | if $stateuri && $user ne 'root@pam'; | |
773 | ||
1e3baf05 DM |
774 | my $skiplock = extract_param($param, 'skiplock'); |
775 | raise_param_exc({ skiplock => "Only root may use this option." }) | |
3ea94c60 | 776 | if $skiplock && $user ne 'root@pam'; |
1e3baf05 | 777 | |
1e3baf05 | 778 | my $storecfg = PVE::Storage::config(); |
5fdbe4f0 DM |
779 | |
780 | my $realcmd = sub { | |
781 | my $upid = shift; | |
782 | ||
783 | syslog('info', "start VM $vmid: $upid\n"); | |
784 | ||
3ea94c60 | 785 | PVE::QemuServer::vm_start($storecfg, $vmid, $stateuri, $skiplock); |
5fdbe4f0 DM |
786 | |
787 | return; | |
788 | }; | |
789 | ||
790 | return $rpcenv->fork_worker('qmstart', $vmid, $user, $realcmd); | |
791 | }}); | |
792 | ||
793 | __PACKAGE__->register_method({ | |
794 | name => 'vm_stop', | |
795 | path => '{vmid}/status/stop', | |
796 | method => 'POST', | |
797 | protected => 1, | |
798 | proxyto => 'node', | |
799 | description => "Stop virtual machine.", | |
800 | parameters => { | |
801 | additionalProperties => 0, | |
802 | properties => { | |
803 | node => get_standard_option('pve-node'), | |
804 | vmid => get_standard_option('pve-vmid'), | |
805 | skiplock => get_standard_option('skiplock'), | |
c6bb9502 DM |
806 | timeout => { |
807 | description => "Wait maximal timeout seconds.", | |
808 | type => 'integer', | |
809 | minimum => 0, | |
810 | optional => 1, | |
811 | } | |
5fdbe4f0 DM |
812 | }, |
813 | }, | |
814 | returns => { | |
815 | type => 'string', | |
816 | }, | |
817 | code => sub { | |
818 | my ($param) = @_; | |
819 | ||
820 | my $rpcenv = PVE::RPCEnvironment::get(); | |
821 | ||
822 | my $user = $rpcenv->get_user(); | |
823 | ||
824 | my $node = extract_param($param, 'node'); | |
825 | ||
826 | my $vmid = extract_param($param, 'vmid'); | |
827 | ||
828 | my $skiplock = extract_param($param, 'skiplock'); | |
829 | raise_param_exc({ skiplock => "Only root may use this option." }) | |
830 | if $skiplock && $user ne 'root@pam'; | |
831 | ||
832 | my $realcmd = sub { | |
833 | my $upid = shift; | |
834 | ||
835 | syslog('info', "stop VM $vmid: $upid\n"); | |
836 | ||
1e3baf05 | 837 | PVE::QemuServer::vm_stop($vmid, $skiplock); |
5fdbe4f0 | 838 | |
c6bb9502 DM |
839 | my $pid = PVE::QemuServer::check_running ($vmid); |
840 | ||
841 | if ($pid && $param->{timeout}) { | |
842 | print "waiting until VM $vmid stopps (PID $pid)\n"; | |
843 | ||
844 | my $count = 0; | |
845 | while (($count < $param->{timeout}) && | |
846 | PVE::QemuServer::check_running($vmid)) { | |
847 | $count++; | |
848 | sleep 1; | |
849 | } | |
850 | ||
851 | die "wait failed - got timeout\n" if PVE::QemuServer::check_running($vmid); | |
852 | } | |
853 | ||
5fdbe4f0 DM |
854 | return; |
855 | }; | |
856 | ||
857 | return $rpcenv->fork_worker('qmstop', $vmid, $user, $realcmd); | |
858 | }}); | |
859 | ||
860 | __PACKAGE__->register_method({ | |
861 | name => 'vm_reset', | |
862 | path => '{vmid}/status/reset', | |
863 | method => 'POST', | |
864 | protected => 1, | |
865 | proxyto => 'node', | |
866 | description => "Reset virtual machine.", | |
867 | parameters => { | |
868 | additionalProperties => 0, | |
869 | properties => { | |
870 | node => get_standard_option('pve-node'), | |
871 | vmid => get_standard_option('pve-vmid'), | |
872 | skiplock => get_standard_option('skiplock'), | |
873 | }, | |
874 | }, | |
875 | returns => { | |
876 | type => 'string', | |
877 | }, | |
878 | code => sub { | |
879 | my ($param) = @_; | |
880 | ||
881 | my $rpcenv = PVE::RPCEnvironment::get(); | |
882 | ||
883 | my $user = $rpcenv->get_user(); | |
884 | ||
885 | my $node = extract_param($param, 'node'); | |
886 | ||
887 | my $vmid = extract_param($param, 'vmid'); | |
888 | ||
889 | my $skiplock = extract_param($param, 'skiplock'); | |
890 | raise_param_exc({ skiplock => "Only root may use this option." }) | |
891 | if $skiplock && $user ne 'root@pam'; | |
892 | ||
893 | my $realcmd = sub { | |
894 | my $upid = shift; | |
895 | ||
896 | syslog('info', "reset VM $vmid: $upid\n"); | |
897 | ||
1e3baf05 | 898 | PVE::QemuServer::vm_reset($vmid, $skiplock); |
5fdbe4f0 DM |
899 | |
900 | return; | |
901 | }; | |
902 | ||
903 | return $rpcenv->fork_worker('qmreset', $vmid, $user, $realcmd); | |
904 | }}); | |
905 | ||
906 | __PACKAGE__->register_method({ | |
907 | name => 'vm_shutdown', | |
908 | path => '{vmid}/status/shutdown', | |
909 | method => 'POST', | |
910 | protected => 1, | |
911 | proxyto => 'node', | |
912 | description => "Shutdown virtual machine.", | |
913 | parameters => { | |
914 | additionalProperties => 0, | |
915 | properties => { | |
916 | node => get_standard_option('pve-node'), | |
917 | vmid => get_standard_option('pve-vmid'), | |
918 | skiplock => get_standard_option('skiplock'), | |
c6bb9502 DM |
919 | timeout => { |
920 | description => "Wait maximal timeout seconds.", | |
921 | type => 'integer', | |
922 | minimum => 0, | |
923 | optional => 1, | |
924 | } | |
5fdbe4f0 DM |
925 | }, |
926 | }, | |
927 | returns => { | |
928 | type => 'string', | |
929 | }, | |
930 | code => sub { | |
931 | my ($param) = @_; | |
932 | ||
933 | my $rpcenv = PVE::RPCEnvironment::get(); | |
934 | ||
935 | my $user = $rpcenv->get_user(); | |
936 | ||
937 | my $node = extract_param($param, 'node'); | |
938 | ||
939 | my $vmid = extract_param($param, 'vmid'); | |
940 | ||
941 | my $skiplock = extract_param($param, 'skiplock'); | |
942 | raise_param_exc({ skiplock => "Only root may use this option." }) | |
943 | if $skiplock && $user ne 'root@pam'; | |
944 | ||
945 | my $realcmd = sub { | |
946 | my $upid = shift; | |
947 | ||
948 | syslog('info', "shutdown VM $vmid: $upid\n"); | |
949 | ||
1e3baf05 | 950 | PVE::QemuServer::vm_shutdown($vmid, $skiplock); |
5fdbe4f0 | 951 | |
c6bb9502 DM |
952 | my $pid = PVE::QemuServer::check_running ($vmid); |
953 | ||
954 | if ($pid && $param->{timeout}) { | |
955 | print "waiting until VM $vmid stopps (PID $pid)\n"; | |
956 | ||
957 | my $count = 0; | |
958 | while (($count < $param->{timeout}) && | |
959 | PVE::QemuServer::check_running($vmid)) { | |
960 | $count++; | |
961 | sleep 1; | |
962 | } | |
963 | ||
964 | die "wait failed - got timeout\n" if PVE::QemuServer::check_running($vmid); | |
965 | } | |
966 | ||
5fdbe4f0 DM |
967 | return; |
968 | }; | |
969 | ||
970 | return $rpcenv->fork_worker('qmshutdown', $vmid, $user, $realcmd); | |
971 | }}); | |
972 | ||
973 | __PACKAGE__->register_method({ | |
974 | name => 'vm_suspend', | |
975 | path => '{vmid}/status/suspend', | |
976 | method => 'POST', | |
977 | protected => 1, | |
978 | proxyto => 'node', | |
979 | description => "Suspend virtual machine.", | |
980 | parameters => { | |
981 | additionalProperties => 0, | |
982 | properties => { | |
983 | node => get_standard_option('pve-node'), | |
984 | vmid => get_standard_option('pve-vmid'), | |
985 | skiplock => get_standard_option('skiplock'), | |
986 | }, | |
987 | }, | |
988 | returns => { | |
989 | type => 'string', | |
990 | }, | |
991 | code => sub { | |
992 | my ($param) = @_; | |
993 | ||
994 | my $rpcenv = PVE::RPCEnvironment::get(); | |
995 | ||
996 | my $user = $rpcenv->get_user(); | |
997 | ||
998 | my $node = extract_param($param, 'node'); | |
999 | ||
1000 | my $vmid = extract_param($param, 'vmid'); | |
1001 | ||
1002 | my $skiplock = extract_param($param, 'skiplock'); | |
1003 | raise_param_exc({ skiplock => "Only root may use this option." }) | |
1004 | if $skiplock && $user ne 'root@pam'; | |
1005 | ||
1006 | my $realcmd = sub { | |
1007 | my $upid = shift; | |
1008 | ||
1009 | syslog('info', "suspend VM $vmid: $upid\n"); | |
1010 | ||
1e3baf05 | 1011 | PVE::QemuServer::vm_suspend($vmid, $skiplock); |
5fdbe4f0 DM |
1012 | |
1013 | return; | |
1014 | }; | |
1015 | ||
1016 | return $rpcenv->fork_worker('qmsuspend', $vmid, $user, $realcmd); | |
1017 | }}); | |
1018 | ||
1019 | __PACKAGE__->register_method({ | |
1020 | name => 'vm_resume', | |
1021 | path => '{vmid}/status/resume', | |
1022 | method => 'POST', | |
1023 | protected => 1, | |
1024 | proxyto => 'node', | |
1025 | description => "Resume virtual machine.", | |
1026 | parameters => { | |
1027 | additionalProperties => 0, | |
1028 | properties => { | |
1029 | node => get_standard_option('pve-node'), | |
1030 | vmid => get_standard_option('pve-vmid'), | |
1031 | skiplock => get_standard_option('skiplock'), | |
1032 | }, | |
1033 | }, | |
1034 | returns => { | |
1035 | type => 'string', | |
1036 | }, | |
1037 | code => sub { | |
1038 | my ($param) = @_; | |
1039 | ||
1040 | my $rpcenv = PVE::RPCEnvironment::get(); | |
1041 | ||
1042 | my $user = $rpcenv->get_user(); | |
1043 | ||
1044 | my $node = extract_param($param, 'node'); | |
1045 | ||
1046 | my $vmid = extract_param($param, 'vmid'); | |
1047 | ||
1048 | my $skiplock = extract_param($param, 'skiplock'); | |
1049 | raise_param_exc({ skiplock => "Only root may use this option." }) | |
1050 | if $skiplock && $user ne 'root@pam'; | |
1051 | ||
1052 | my $realcmd = sub { | |
1053 | my $upid = shift; | |
1054 | ||
1055 | syslog('info', "resume VM $vmid: $upid\n"); | |
1056 | ||
1e3baf05 | 1057 | PVE::QemuServer::vm_resume($vmid, $skiplock); |
1e3baf05 | 1058 | |
5fdbe4f0 DM |
1059 | return; |
1060 | }; | |
1061 | ||
1062 | return $rpcenv->fork_worker('qmresume', $vmid, $user, $realcmd); | |
1063 | }}); | |
1064 | ||
1065 | __PACKAGE__->register_method({ | |
1066 | name => 'vm_sendkey', | |
1067 | path => '{vmid}/sendkey', | |
1068 | method => 'PUT', | |
1069 | protected => 1, | |
1070 | proxyto => 'node', | |
1071 | description => "Send key event to virtual machine.", | |
1072 | parameters => { | |
1073 | additionalProperties => 0, | |
1074 | properties => { | |
1075 | node => get_standard_option('pve-node'), | |
1076 | vmid => get_standard_option('pve-vmid'), | |
1077 | skiplock => get_standard_option('skiplock'), | |
1078 | key => { | |
1079 | description => "The key (qemu monitor encoding).", | |
1080 | type => 'string' | |
1081 | } | |
1082 | }, | |
1083 | }, | |
1084 | returns => { type => 'null'}, | |
1085 | code => sub { | |
1086 | my ($param) = @_; | |
1087 | ||
1088 | my $rpcenv = PVE::RPCEnvironment::get(); | |
1089 | ||
1090 | my $user = $rpcenv->get_user(); | |
1091 | ||
1092 | my $node = extract_param($param, 'node'); | |
1093 | ||
1094 | my $vmid = extract_param($param, 'vmid'); | |
1095 | ||
1096 | my $skiplock = extract_param($param, 'skiplock'); | |
1097 | raise_param_exc({ skiplock => "Only root may use this option." }) | |
1098 | if $skiplock && $user ne 'root@pam'; | |
1099 | ||
1100 | PVE::QemuServer::vm_sendkey($vmid, $skiplock, $param->{key}); | |
1101 | ||
1102 | return; | |
1e3baf05 DM |
1103 | }}); |
1104 | ||
3ea94c60 DM |
1105 | __PACKAGE__->register_method({ |
1106 | name => 'migrate_vm', | |
1107 | path => '{vmid}/migrate', | |
1108 | method => 'POST', | |
1109 | protected => 1, | |
1110 | proxyto => 'node', | |
1111 | description => "Migrate virtual machine. Creates a new migration task.", | |
1112 | parameters => { | |
1113 | additionalProperties => 0, | |
1114 | properties => { | |
1115 | node => get_standard_option('pve-node'), | |
1116 | vmid => get_standard_option('pve-vmid'), | |
1117 | target => get_standard_option('pve-node', { description => "Target node." }), | |
1118 | online => { | |
1119 | type => 'boolean', | |
1120 | description => "Use online/live migration.", | |
1121 | optional => 1, | |
1122 | }, | |
1123 | force => { | |
1124 | type => 'boolean', | |
1125 | description => "Allow to migrate VMs which use local devices. Only root may use this option.", | |
1126 | optional => 1, | |
1127 | }, | |
1128 | }, | |
1129 | }, | |
1130 | returns => { | |
1131 | type => 'string', | |
1132 | description => "the task ID.", | |
1133 | }, | |
1134 | code => sub { | |
1135 | my ($param) = @_; | |
1136 | ||
1137 | my $rpcenv = PVE::RPCEnvironment::get(); | |
1138 | ||
1139 | my $user = $rpcenv->get_user(); | |
1140 | ||
1141 | my $target = extract_param($param, 'target'); | |
1142 | ||
1143 | my $localnode = PVE::INotify::nodename(); | |
1144 | raise_param_exc({ target => "target is local node."}) if $target eq $localnode; | |
1145 | ||
1146 | PVE::Cluster::check_cfs_quorum(); | |
1147 | ||
1148 | PVE::Cluster::check_node_exists($target); | |
1149 | ||
1150 | my $targetip = PVE::Cluster::remote_node_ip($target); | |
1151 | ||
1152 | my $vmid = extract_param($param, 'vmid'); | |
1153 | ||
1154 | raise_param_exc({ force => "Only root may use this option." }) if $user ne 'root@pam'; | |
1155 | ||
1156 | # test if VM exists | |
1157 | PVE::QemuServer::load_config($vmid); | |
1158 | ||
1159 | # try to detect errors early | |
1160 | if (PVE::QemuServer::check_running($vmid)) { | |
1161 | die "cant migrate running VM without --online\n" | |
1162 | if !$param->{online}; | |
1163 | } | |
1164 | ||
1165 | my $realcmd = sub { | |
1166 | my $upid = shift; | |
1167 | ||
1168 | PVE::QemuMigrate::migrate($target, $targetip, $vmid, $param->{online}, $param->{force}); | |
1169 | }; | |
1170 | ||
1171 | my $upid = $rpcenv->fork_worker('qmigrate', $vmid, $user, $realcmd); | |
1172 | ||
1173 | return $upid; | |
1174 | }}); | |
1e3baf05 DM |
1175 | |
1176 | 1; |