Dominik Csapak [Wed, 13 Jun 2018 09:17:26 +0000 (11:17 +0200)]
use 'system_wakeup' to resume suspended vms
when a vm is suspended (e.g. autosuspend on windows)
we detect that it is not running, display the resume button,
but 'cont' does not wakeup the system from suspend
Move the locking inside worker, so that the process doing the actual
work (create or restore) holds the lock, and can call functions which
do locking without deadlocking.
This mirrors the behaviour we use for containers, and allows to add
an 'autostart' parameter which starts the VM after successful
creation. vm_start needs the lock and as not the worker but it's
parents held it, it couldn't know that it was actually save to
continue...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominik Csapak [Mon, 14 May 2018 12:03:04 +0000 (14:03 +0200)]
fix logic of deleting balloon
Deleting the balloon config entry means resetting it to its
default. This means having a balloon device but not actually
doing any ballooning with it (iow. resetting the VM's
'balloon' value to its specified memory.).
Hotplugging a balloon device (coming from explicit '0' to
any other value (including deleting it)) is not possible.
To avoid potential cleanup & post-start actions to cause
unwanted processes (such as gpg-agent) to be started as part
of the scope, as the enter_systemd_scope() function causes
the current process to enter the scope.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Dominik Csapak [Wed, 2 May 2018 09:23:59 +0000 (11:23 +0200)]
fix #1749: do not copy pending changes when cloning a vm
cloning a vm means copying the current state, not the
state of 'some time in the future, when the vm is started again'
we should not copy the pending changes, which also fixes the
issue that we got a wrong pending change on the disks,net,smbios,etc.
Add pci.3 to pve-q35.cfg required by virtio-scsi-single
(commit message reworked from original[1])
As a temporary workaround add always a pci.3 bridge so that if
virtio-scsi-single is used, either directly or indirectly if SCSI and
iothread is selected, the respective bridge is available:
> The case where we do miss the pci.3 bridge is when using
> virtio-scsi-single, regardless of whether io threads are enabled,
> because we always put those controllers on pci bus 3 (see
> QemuServer/PCI.pm)
-- [2]
A long term solution would be to always add those bridges dynamically
and just filter out the ones which are already inside the pve-q35.cfg
file .
when using q35 as machine type, there are nested pci-bridges,
but we only checked the first layer
this resulted in not being able to hotplug scsi devices,
because scsihw0 was deeper in the pci-bridge construct, we did not see
it and tried to add it (which fails of course)
this patch checks all bridges, regardless how deeply nested they are
disk: serial no must now be passed to device not drive
With QEMU 2.10 the serial parameter of the -drive command line option
was deprecated [1], so move the logic which adds this parameter now
to the -drive analogue -device CLI option.
Features marked deprecated will continue to work for two releases[2],
so we need to switch over before 2.12, AFAICT.
Thomas Lamprecht [Tue, 20 Mar 2018 13:26:43 +0000 (14:26 +0100)]
stop passing default '-k' QEMU option from datacenter.cfg
Modern noVNC does not needs this anymore, actually things may get
worse if it's used. E.g., when one sets 'de' and the VM locale is
'de' you may get a 'ĸ' (unicode kra) if you want to send an ampersand
character through pressing SHIFT + 6.
Qemus manual pages confirms that this is most times not needed
anymore:
> -k language
> Use keyboard layout language (for example "fr" for
> French). This option is only needed where it is not
> easy to get raw PC keycodes (e.g. on Macs, with some
> X11 servers or with a VNC or curses display). You don't
> normally need to use it on PC/Linux or PC/Windows
> hosts.
-- man kvm
An user can always set it per VM, wew simply remove the implict
default derived from the cluster wide datacenter.cfg
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
The git history of this is not immediately obvious due to
the date of the cloud init patches, but the removal of this
line was basically reverted by them later at merge-time.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
But reverted that to allow migration of VMs still using the old
montior to ones which already switched over to the new QMP one,
in commit dab36e1ee924be0efab3f85937c23910b456f4b9 (17.08.2012)
see bug #242 for reference
This was all done and released in PVE 2.2, as no migration through
nodes differing more than one major version is possible we can
finally remove this code for good.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Checking for the cgroup directory is a kind of time-of-check
time-of-use race condition stop-mode backups seem to
occasionally run into on some systems.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Leaving files in /tmp was mostly useful for debugging
purposes initially. Also /tmp is a rather insecure option
for this for a final version, so use
/run/pve/cloudinit/$vmid, and move the file writing into
commit_cloudinit_disk() which now takes a hash mapping file
paths to contents, to not duplicate the temp-file logic for
the different citypes.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
With configdrives we end up with the /etc/network/interfaces
file containing the interface names we use on the disk, ie.
eth0/eth1/..., which doesn't work on systems which do not
use this name.
With the 'nocloud' image type we can provide a
network-config in yaml which matches mac addresses. Ideally
we'd use version 2, but debian stretch ships with a too old
cloud-init for this, so for now we're writing version 1.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
move: don't error out with "you can't move a cdrom"
clone: always full-clone cloud-init images
They get completely replaced anyway at the next start, so
there's no point in keeping them.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
*) always replace old cloudinit images
*) apply pending cloudinit changes when generating a new
image
For cloudinit we now always use vdisk_free before
vdisk_alloc in order to always replace old images, this
allows us to hotplug a new drive by setting it to
`none,media=cdrom` first (to eject the disk), then setting
it back to 'storage:cloudinit' to have a new image generated
after applying the currently pending changes.
We now have a patch on top of qemu to allow 'qemu-img dd'
to read from stdin when specifying input and output sizes,
as well as a way to tell it that the size of the source is
not known.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Thomas Lamprecht [Thu, 22 Feb 2018 09:55:39 +0000 (10:55 +0100)]
d/control: control: on newer pve-qemu-kvm 2.9.1-9
The NBD drive mirror workaround requires this, also the new -IBRS
machine types, and EPYC cpu models are only available in the newer
qemu versions
Also ensures that we can now allow to hot-unplug virtio-scsi disk
with iothread active, as the fix for it is also in v2.9.1
(virtio-scsi: Unset hotplug handler when unrealize)
Dominik Csapak [Tue, 20 Feb 2018 08:43:44 +0000 (09:43 +0100)]
return error from guest-agent
in case of e.g. a non-existant guest-agent command, it would return
{ error: {someerrorobject} }
but we did only include the 'return' property
in case we do not get any and the error property is set,
return that
i looked at all the paths were we use the QMPClient, and either
we have our own callback for the result,
or we do not rely on the result being empty upon an error, so this
should not break anything
Dominik Csapak [Fri, 16 Feb 2018 11:06:36 +0000 (12:06 +0100)]
make an api call for each guest agent command
with a 'register_command' sub, which generates an api call
we call it for each command in the list, and one time for
the old general {vmid}/agent endpoint (for compatibility)
permissions/methods are the same as previously, but can
be overriden
socat tunnel for nbd mirror was introduce here
https://pve.proxmox.com/pipermail/pve-devel/2017-January/024777.html
to workaround when nbd client was hanging on non responding nbd server.
We have added a 30s timeout on socat tunnel, but when we migrate
multiple disks, it can break migration if for example first disk
is already finished and don't send any new datas in the tunnel.
The connect timeout bug has been fixed in qemu 2.9,
so we can remove the socat tunnel now.
With shared=1, (live) migration ignores the disk and assumes it is
present on all target nodes. This works similar to shared=1 on LXC
mountpoints.
Signed-off-by: Chris Hofstaedtler <chris.hofstaedtler@deduktiva.com> Reviewed-by: Thomas Lamprecht <t.lamprecht@proxmox.com> Tested-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Mon, 22 Jan 2018 09:52:11 +0000 (10:52 +0100)]
avoid harmful '<>' pattern, explicitly read from STDIN
Fixes problems in CLIHandler using the code pattern:
while (my $line = <>) {
...
}
For why this causes only _now_ problems lets first look how <>
behaves:
"The null filehandle <> is special: [...] Input from <> comes either
from standard input, or from each file listed on the command line.
Here's how it works: the first time <> is evaluated, the @ARGV array
is checked, and if it is empty, $ARGV[0] is set to "-" , which when
opened gives you standard input. The @ARGV array is then processed
as a list of filenames." - 'perldoc perlop'
Recent changes in the CLIHandler code changed how we modfiied @ARGV
Earlier we assumed that the first argument must be the command and
thus shifted it out of @ARGV, now we can have multiple levels of
(sub)commands. This change also changed how we handle @ARGV, we do
not unshift anything but go through the arguments until we got to
the final command and copy the rest of @ARGV as we know that this
must be the commandos arguments.
For '<>' this means that ARGV was still fully populated and perl
tried to open element as a file, which naturally failed.
Thus the change in pve-common only exposed this 'dangerous' code
pattern.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
projects / qemu-server.git / log