Commit Graph

98 Commits

Author SHA1 Message Date
Thomas Lamprecht
88e18f9c5d d/control: bump versioned dependency for guest-common
To ensure schema is correct for being validated properly.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-05-15 19:26:59 +02:00
Thomas Lamprecht
21e3a39e48 d/control: bump versioned pve-firewall dependency
to ensure the is_nftables helper is available

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-04-19 20:11:56 +02:00
Thomas Lamprecht
63eda17045 d/control: bump versioned dependencies for libpve-guest-common-perl
to ensure that the new abort_guest_tasks helper is available

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-04-17 20:42:51 +02:00
Wolfgang Bumiller
219540e6e4 d/control: recommend libpve-network-perl >= 0.8.3
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-11-21 14:52:17 +01:00
Thomas Lamprecht
011e9ffdbd d/control: wrap-and-sort -tkn
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-11-20 16:19:35 +01:00
Thomas Lamprecht
90341c0d7e d/control: depend on split-out edk2-firmware packages
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-11-20 16:19:23 +01:00
Thomas Lamprecht
1dcbfc4661 d/control: record break of with older ha-manager
As the ha-manager accessed rather internal details before that
version, and the memory property changing to a format-string with sub
properties in 7f8c808 ("add memory parser") breaks that access, so
ensure the installed ha-manager is using the newer
get_derived_property method to access that information cleanly.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-11-06 10:28:55 +01:00
Thomas Lamprecht
2a93450466 d/control: bump versioned dependency for libpve-access-control-perl
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-06-09 10:24:05 +02:00
Thomas Lamprecht
3f9c3a04d1 d/control: bump versioned dependency for libpve-guest-common-perl
to ensure we got the vnet access check helper available for us, and
also that the get_derived_property interface is available for our
users

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-06-08 17:50:50 +02:00
Thomas Lamprecht
a6f14ef49b d/control: bump minimal QEMU version to 7.1
just to be safe and have this on a more recent one, as we def. do not
support 3.0 anymore

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-06-07 19:23:15 +02:00
Wolfgang Bumiller
d6d4e2675f bump common dep to 8.0.2, guest-common to 5.0.1
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-06-07 13:47:52 +02:00
Fiona Ebner
816a55c198 d/control: fix build-depends-on-1-revision lintian warning
It's sufficient to depend on the version without the revision, because
4.1-1 is the first version of the package satisfying >= 4.1.

Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-05-19 15:06:46 +02:00
Fiona Ebner
7fcfcd1002 d/control: define compat level via build-depends and raise to 13
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-05-19 15:06:46 +02:00
Thomas Lamprecht
28768fc317 d/control: depend on newer libpve-guest-common-perl 4.2-3
for new unique tag helper

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-11-21 08:21:42 +01:00
Fabian Grünbichler
06fedff675 api: add remote migrate endpoint
entry point for the remote migration on the source side, mainly
preparing the API client that gets passed to the actual migration code
and doing some parameter parsing.

querying of the remote sides resources (like available storages, free
VMIDs, lookup of endpoint details for specific nodes, ...) should be
done by the client - see next commit with CLI example.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-11-17 15:21:39 +01:00
Fabian Grünbichler
eef93bc590 migrate: add remote migration handling
remote migration uses a websocket connection to a task worker running on
the target node instead of commands via SSH to control the migration.
this websocket tunnel is started earlier than the SSH tunnel, and allows
adding UNIX-socket forwarding over additional websocket connections
on-demand.

the main differences to regular intra-cluster migration are:
- source VM config and disks are only removed upon request via --delete
- shared storages are treated like local storages, since we can't
assume they are shared across clusters (with potentical to extend this
by marking storages as shared)
- NBD migrated disks are explicitly pre-allocated on the target node via
tunnel command before starting the target VM instance
- in addition to storages, network bridges and the VMID itself is
transformed via a user defined mapping
- all commands and migration data streams are sent via a WS tunnel proxy
- pending changes and snapshots are discarded on the target side (for
  the time being)

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-11-17 15:21:39 +01:00
Fabian Grünbichler
347dc13650 mtunnel: add API endpoints
the following two endpoints are used for migration on the remote side

POST /nodes/NODE/qemu/VMID/mtunnel

which creates and locks an empty VM config, and spawns the main qmtunnel
worker which binds to a VM-specific UNIX socket.

this worker handles JSON-encoded migration commands coming in via this
UNIX socket:
- config (set target VM config)
-- checks permissions for updating config
-- strips pending changes and snapshots
-- sets (optional) firewall config
- disk (allocate disk for NBD migration)
-- checks permission for target storage
-- returns drive string for allocated volume
- disk-import, query-disk-import, bwlimit
-- handled by PVE::StorageTunnel
- start (returning migration info)
- fstrim (via agent)
- ticket (creates a ticket for a WS connection to a specific socket)
- resume
- stop
- nbdstop
- unlock
- quit (+ cleanup)

this worker serves as a replacement for both 'qm mtunnel' and various
manual calls via SSH. the API call will return a ticket valid for
connecting to the worker's UNIX socket via a websocket connection.

GET+WebSocket upgrade /nodes/NODE/qemu/VMID/mtunnelwebsocket

gets called for connecting to a UNIX socket via websocket forwarding,
i.e. once for the main command mtunnel, and once each for the memory
migration and each NBD drive-mirror/storage migration.

access is guarded by a short-lived ticket binding the authenticated user
to the socket path. such tickets can be requested over the main mtunnel,
which keeps track of socket paths currently used by that
mtunnel/migration instance.

each command handler should check privileges for the requested action if
necessary.

both mtunnel and mtunnelwebsocket endpoints are not proxied, the
client/caller is responsible for ensuring the passed 'node' parameter
and the endpoint handling the call are matching.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-11-17 15:21:39 +01:00
Thomas Lamprecht
7e554ab102 d/control: bump versioned dependency for guest-common
to ensure the tag helper is available

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-11-17 13:19:16 +01:00
Thomas Lamprecht
4c1d2d98c4 d/control: make pve-qemu-kvm build-dependency versioned to >= 7.1
as we use the current version for in the test bed, e.g., cfg2cmd, so
it would fail on older ones.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-11-13 16:46:30 +01:00
Thomas Lamprecht
c0d75d2a29 d/control: bump versioned dependency of libpve-common-perl
for moved pve-targetstorage schema

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-11-07 16:26:23 +01:00
Thomas Lamprecht
69200d4534 d/control: bump versioned dependecy for libpve-common-perl
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-09-26 11:44:27 +02:00
Thomas Lamprecht
d41511259f d/control: add versioned recommends on proxmox-backup-file-restore
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-05-12 15:12:25 +02:00
Thomas Lamprecht
e0981f8b8b d/control: bump versioned (build-)dependency of libpve-common-perl
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-02-09 18:47:03 +01:00
Thomas Lamprecht
b6d59e3efb d/control: bump (build-)dependency of libpve-guest-common-perl
to get new helpers for snapshot

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-02-09 18:45:50 +01:00
Thomas Lamprecht
3b43845ad1 d/control: bump versioned dependency on libpve-common-perl
to ensure the renamed 'storage-pair' is handled correctly..

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2021-11-11 12:40:21 +01:00
Fabian Grünbichler
e52415c15b d/control: add pve-ha-manager to B-D
it's needed for tests to succeed.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Reviewed-by: Fabian Ebner <f.ebner@proxmox.com>
2021-11-11 10:47:26 +01:00
Thomas Lamprecht
6881de41a4 d/control: bump versioned dependency on pve-edk2-firmware 3.20210831-1
to ensure the newer OVMF 4MB builds with secureboot/SMM-enforcement
are available.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2021-10-05 18:09:48 +02:00
Thomas Lamprecht
6b8c4311bf d/control: add dependency for swtpm and swtpm-tools
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2021-10-05 07:09:24 +02:00
Thomas Lamprecht
16b7bc2659 d/control: wrap-and-sort -tkn
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2021-10-05 07:08:32 +02:00
Thomas Lamprecht
a799cf5b64 d/control: bump versioned dependency for pve-common
to ensure the newer systemd properties required for KillMode=none
replacement can be used

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2021-06-23 12:16:36 +02:00
Thomas Lamprecht
b818a0504c debian: update compat, copyright, ..
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2021-05-13 19:09:29 +02:00
Thomas Lamprecht
41ab78c626 d/control: bump pve-storage dependency for new vdisk param
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2021-04-18 18:04:29 +02:00
Thomas Lamprecht
8bf0fc5350 d/control: bump versioned dependency of libpve-common-perl to 6.3-3
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2021-02-08 16:35:24 +01:00
Thomas Lamprecht
eabd73492a d/control: bump versioned dependency on libpve-guest-common-perl (>= 3.1-3)
for new move VM config helper

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-12-15 15:56:49 +01:00
Thomas Lamprecht
82d30d5acf d/control: bump versioned dependency for libpve-common-perl
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-12-03 17:26:24 +01:00
Fabian Grünbichler
1b535ca9f9 d/control: bump versioned dependency on pve-storage
for 'activate_volumes in storage_migrate', which we now rely on in
migration code

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2020-11-24 16:28:08 +01:00
Stefan Reiter
3ff8500175 qmeventd: add handling for -no-shutdown QEMU instances
We take care of killing QEMU processes when a guest shuts down manually.
QEMU will not exit itself, if started with -no-shutdown, but it will
still emit a "SHUTDOWN" event, which we await and then send SIGTERM.

This additionally allows us to handle backups in such situations. A
vzdump instance will connect to our socket and identify itself as such
in the handshake, sending along a VMID which will be marked as backing
up until the file handle is closed.

When a SHUTDOWN event is received while the VM is backing up, we do not
kill the VM. And when the vzdump handle is closed, we check if the
guest has started up since, and only if it's determined to still be
turned off, we then finally kill QEMU.

We cannot wait for QEMU directly to finish the backup (i.e. with
query-backup), as that would kill the VM too fast for vzdump to send the
last 'query-backup' to mark the backup as successful and done.

For handling 'query-status' messages sent to QEMU, a state-machine-esque
protocol is implemented into the Client struct (ClientState). This is
necessary, since QMP works asynchronously, and results arrive on the
same channel as events and even the handshake.

For referencing QEMU Clients from vzdump messages, they are kept in a
hash table. This requires linking against glib.

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2020-11-05 11:22:47 +01:00
Thomas Lamprecht
460e50689f d/control: update
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-09-08 19:12:36 +02:00
Fabian Grünbichler
2673ee0b16 d/control: bump versioned dep on pve-storage
needed for PBS plugin methods that are called in backup/restore.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2020-08-06 09:49:20 +02:00
Thomas Lamprecht
871deaa557 d/control: update build-dependency of pve-doc-generator
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-07-13 12:25:33 +02:00
Fabian Grünbichler
b6f8076eb6 d/control: bump versioned dependency on pve-common
for PVE::JSONSchema with additional validator support

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2020-07-08 10:28:20 +02:00
Fabian Grünbichler
946cb0fe9f d/control: depend on new libpve-guest-common-perl
with lock_config_shared

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2020-05-05 11:41:55 +02:00
Fabian Grünbichler
1e68f42199 d/control: bump build-depend on pve-storage
with refactored archive/compressor info and RE

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2020-05-04 14:09:36 +02:00
Fabian Grünbichler
4fcfd15d52 d/control: depend on updated guest-common/pve-storage
pve-storage: new storage_migrate with allow_rename
guest-common: update_volume_ids

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2020-04-09 09:36:41 +02:00
Thomas Lamprecht
da75afe5c0 d/control: bump versioned to libpve-common-perl
mainly for the new idmap and storage map format

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-04-08 17:13:18 +02:00
Fabian Grünbichler
20c1b5f0e5 bump version to 6.1-12
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2020-03-30 10:00:21 +02:00
Thomas Lamprecht
7c4351f7d4 fix #2580: api/delete: drop VM from HA resources if purge is set
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-03-12 13:39:00 +01:00
Thomas Lamprecht
7ed8e940f1 d/control: bump versioned dependency for libpve-guest-common-perl (>= 3.0-5)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-03-12 11:11:58 +01:00
Thomas Lamprecht
37e9b2d031 d/control: bump versioned dependency for libpve-guest-common-perl (>= 3.0-4)
for the moved definedness-safe comparison methods

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-03-10 14:28:29 +01:00
Thomas Lamprecht
ae200950d4 grammar fix: s/does not exists/does not exist/g
bump versioned build-dependency, as qemu-server has tests checking
for errors, and we fixed an grammar error in pve-storage, so we need
the newer version to ensure our test go through

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-12-13 12:20:56 +01:00