It's possible for two simultaneous VM starts to try to
create vlan bridges on non-vlan-aware bridges
simultaneously, which causes one of them to fail with the
error "can't add bridge ...".
This essentially performas the task of systemd-run while
also waiting for the job to finish.
With the systemd-run version in jessie we run into a race
condition where the executed process can start forking child
processes before the systemd daemon is done setting up the
scope's cgroups, causing the children to NOT be included in
the cgroups. This means the child processes (in our case
qemu) will not adhere to the limits we want to apply to it
via cgroups.
enter_systemd_scope() performs the setup task of systemd-run
and waits for the job to finish, after this we can spawn the
qemu process without systemd-run.
This avoids a circular dependency between PVE::INotify and
PVE::Network.
Also renamed to get_active_network_interfaces since the
package name now doesn't hint at this anymore.
Since we already allow this for container IP addresses it is
reasonable to assume the host might be using such a setup as
well. (You can use an additional route to reach the gateway
and then simply have no "LAN".) Some people seem to want
this...
This can be used if a CLIHandler child class does not needs or wants
RPCEnv. E.g. this is the case with pve-cluster, as it's a dependency
of the package where RPCEnv resides (access-control), so this can be
set to avoid a implicit circular build dependency.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This fixes the problem that debug options for daemons were ignored and sets
the following behaviour for the daemons when -debug 1 is given
* start on foreground with debug ouput on the console
* do not start a sytemd unit
Starting the systemd unit in debug mode makes less sense because:
* systemd will put the daemon in the background
* systemd ignores environment variables so the only way to start
the daemon with options would be through reading a config file
tested with pveproxy, pve-ha-lrm, pve-ha-crm
this would previously convert properties that matched
'^([a-z]+)(\d+)$' even if they were not part of an indexed
properties series (which always start with 0).
This fixes previously wrongly converted properties:
-smbios1
-server2
this would previously skip (i.e., ignore) properties that
matched '^([a-z]+)(\d+)$' even if they were not part of an
indexed properties series (which always start with 0).
This fixes previously missing API dump occurrences of:
-smbios1
-comments6
-netmask6
-gateway6
-address6
-dns1
-dns2
-dns3
-server1
-server2
tap_unplug() is only called in hotplugging functions which
perform a tap_plug() afterwards, and and in qemu-server's
bridge-down script.
The OVS port cleanup for non-firewall ports was done only in
tap_plug(), which means that in the case when qemu exits and
the tap device disappears, the OVS port for it stays.
With this patch the cleanup happens in both tap_unplug() and
tap_plug() to avoid problems with upgrades on systems
where there have already been ports leaked.
