If we need to add other types or increases the min size this makes it
easier as it's just a schematic definition.
Also just do a pass/fail on each cert, so drop the last "summary
pass".
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Debian Buster raised the default security level (1 -> 2) for TLS
connections.
This moves from the 80 bit security level to the 112 bit security level
and will require 2048 bit or larger RSA and DHE keys, 224 bit or larger
ECC keys, and SHA-2.
Signed-off-by: Alwin Antreich <a.antreich@proxmox.com>
do not warn in case there exist nautilus osds
since the upgrade has to be done by the time a user should add new
osds, it does not make sense to warn in that case
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
in nautilus there is no ceph-disk anymore and osd activation
does not use udev anymore so this service is not needed anymore
remove it and do not copy it when installing a new ceph cluster
in pve-storage.target we replace ceph.service with ceph.target
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
handle expected votes set to non-standard value, and try to adjust
calculations for qdevice setups.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
having ipv6 enabled while not disabling ipv4 prevents
nautilus osds to start if no ipv4 network is given (because they
are trying to bind to both ip families and die if one of them
is not found)
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
this already works on luminous, so it does not harm to add it already,
and is recommended when both msgr1 and msgr2 is activated in nautilus
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
mainly because it looks strange to get a warning after the upgrade is
finished and noout has been removed again
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
do not suggest that we ever supported it as first class storage, it
was always just a experimental support and upstream is
EOL/unmaintained now.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
list all vms with either max/host cputype or vmx/svm explicitely set
(this can only happen in the args)
give a general message if none is found at the moment (and do not warn)
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
this is a short running script, so the version list can be re-used,
the chance that there where updates in between are slim and racy
anyway. IF getting the versions did not succeeded, we still retry on
every call though, simpler and ensures a warning is printed in the
caller check vicinity.
Makes script noticeable faster.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
only as a warning, since this will also trigger a Ceph health warning
and is easily recoverable.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
