Space or newline after ':' is recognized as a mapping and as a result an
ipv6 ending in ':' is not parsed as a string. The solution is to quote
the address. For consistency all other addresses (including mac) are
quoted.
Signed-off-by: David Limbeck <d.limbeck@proxmox.com>
when no numaX config options were present we returned the
hash as a list instead of a hash reference...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Currently Proxmox VE always deallocates HugePagesTLB
when starting a new machine and it makes it impossible
to preconfigure kernel /proc/cmdline with persistent allocation.
This change makes deallocation to prefer defaults set by /proc/cmdline,
by parsing the cmdline and respecting hugepages= and hugepagesz=.
Signed-off-by: Kamil Trzciński <ayufan@ayufan.eu>
commit 3c23aa808c tried to fix a issue
where after a stop mode backup a scope could still linger around, but
it actually removed the wrong check. If we want to remove a
lingering, not yet cleaned up, scope we need to check if said scope
exists not if a VM process is still running. While they are corelated
the scope will always get cleaned up _after_ it's processes are gone.
Should fix#2043, but as this is seemingly not that easy to fix one
for all I'll put the should as disclaimer here.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Cc: Wolfgang Bumiller <w.bumiller@proxmox.com>
this adds a new config option for it, and executes it on four
points in time:
'pre-start'
'post-start'
'pre-stop'
'post-stop'
on pre-start we abort if the script fails
and pre-stop will not be called if the vm crashes or if
the vm gets powered off from inside the guest
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
The qm CLI command offer the config and showcmd functions. Both of those
outputs may vary with respect to a given snapshot. This adds a switch
that shows the corresponding snapshot's config and command line.
The code needs a newer libpve-guest-common-perl, thus bumping the
dependency.
Signed-off-by: Rhonda D'Vine <rhonda@proxmox.com>
this patch allows the user to explicitely set a virtual vga,
even when using the 'x-vga' flag, this is sometimes necessary,
as some users need the 'x-vga' flag on the pci device,
but still want to use a virtual vga
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
with this, a user can set the hv_vendor_id independently of
any 'x-vga=on' setting he may or may not have configured.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
commit 4530494bf9 introduced an
regression with local disk migrations if the VM is online and thus
needs to live migrated and no target storage was passed as parameter.
We made the hack to write "1" to the targetstorage option in this
case obsolete, but it was still used on deciding if there are any
drives to mirror at all. Here it is enough to check if there are any
'online_local_volumes' because that hash gets only filled if we can
and are told to live mirror local disk on migrations anyway. Also,
we abort early if local disks are found and the 'with-local-disks'
option is not set.
This was reported at:
https://forum.proxmox.com/threads/livemigration-with-localdisk-doesnt-coppy-and-data-from-the-hdds-anymore.50744/
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
the check for targetstorage in:
if ($self->{running} && $self->{opts}->{targetstorage} && $local_volumes->{$volid}->{ref} eq 'config') {
was obsolete, as we always set the tragetstorage opts variable to '1'
in a broader "use same sid for remote local" check above.
So removing it leads to the same if truthtable but fixes the
check if we should fallback to the volume's SID if targetstorage is
not set, as else it seemed to be always set, and '1' is naturally not
a correct stroage ID.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
targetsid was not used, for disk unused (offline copy)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Acked-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Win7 is very picky about pcie assignments and fails with
'error 12' the way we add hospci devices.
To combat that, we simply give the hostpci device a normal port
instead.
Start with address 0x10, so that we have space before those devices,
and between them and the ones configured in pve-q35.cfg should we
need it in the future.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
When not setting 'vga' we would get a warning:
Use of uninitialized value $type in string eq at
/usr/share/perl5/PVE/QemuServer.pm line 2026.
This patch changes the order of the conditions and checks if $type is set
before using it, so that we do not get the warning anymore.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
so that one can explicitly disable the vga without having to specify
a serial port as display, this is mostly useful for very special
and custom gpu passthrough setups which have to be specified with
'args' and for setups which do not care about any display (not even serial)
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
there is nothing that should be really affected by this, but
even then, this option is only for experts and people using this
should know what they are doing
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
if we migrate a vm we call cleanup but the logging looks like:
Starting cleanup for 101
trying to acquire lock...
OK
Configuration file 'nodes/pve-ceph-01/qemu-server/101.conf' does not exist
with this patch, we omit any logging in the case we do not have the config,
since we cannot know what to clean up
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
When live migrating, with a q35 machine will get the qemu version
encoded in the machine type, for example,'pc-q35-2.12', so we need to
allow this too and cannot expect that all q35 machine have
q35' in verbatim as their type.
So, when migrating such a machine live, we missed to include the q35
cfg because we didn't allowed versioned q35 machine types, which then
failed the migration.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
since lspci does not split between id and function anymore,
there is no need to plug id + function together
also we can remove the capture groups from PCIRE
since parse_property_string does this check for us
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
with this, we are able to create and use mediated devices,
which include Intel GVT-g (aka KVMGT) and Nvidia vGPUs, and probably more
types of devices in the future
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
we reverse the direction of the event socket (this does not
prevent live migration) and point it to wher qmeventd listens
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
this is intended to be used with qmeventd, to do
the necessary cleanups when qemu crashes or is being
shut down from within the guest
this can also be the point where we could introduce
shutdown/stop/reboot hooks
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
On arm we start off with a pcie bridge pcie.0. We need a
keyboard in addition to the tablet device, and we need to
connect both to an 'ehci' controller.
To do all this, we also pass the $arch variable through a
whole lot of function calls to ultimately also adapt the
hotplug code to take care of the new keyboard device.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
This was never actually used, but we want to use it as
alternative to checking /proc/cpuinfo for 'hvm' on ARM.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
SLAAC previously set 'auto' which is not supported by nocloud network
config. On an up-to-date Ubuntu this should work as it uses 'dhcp' for
both dhcp and SLAAC. For others it was invalid anyway.
Signed-off-by: David Limbeck <d.limbeck@proxmox.com>
with commit 55655ebc32
we changed $vga to a parsed hash instead of a string
and forgot to check the property type in one place
this fixes an issue where a vm with a gpu passed through
with x-vga=on could not start
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
we change 'vga' to a property string and add a 'memory' property
with this, the user can better control the memory given to the virtual
gpu, this is especially useful for spice/qxl since high resolutions need
more memory
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
When enabled, the `ssd` property exposes drives as SSDs (rather than
rotational hard disks) by setting QEMU's `rotation_rate` property [1,
2] on `ide-hd`, `scsi-block`, and `scsi-hd` devices. This is required
to enable support for TRIM and SSD-specific optimizations in certain
guest operating systems that are limited to emulated controller types
(IDE, AHCI, and non-VirtIO SCSI).
This change also unifies the diverging IDE and SATA code paths in
QemuServer::print_drivedevice_full(), which suffered from:
* Code duplication: The only differences between IDE and SATA were in
bus-unit specification and maximum device counts.
* Inconsistent implementation: The IDE code used the new `ide-hd`
and `ide-cd` device types, whereas SATA still relied on the deprecated
`ide-drive` [3, 4] (which doesn't support `rotation_rate`).
* Different feature sets: The IDE code exposed a `model` property that
the SATA code didn't, even though QEMU supports it for both.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1498042
[2] https://lists.gnu.org/archive/html/qemu-devel/2017-10/msg00698.html
[3] https://www.redhat.com/archives/libvir-list/2012-March/msg00684.html
[4] https://lists.gnu.org/archive/html/qemu-devel/2017-05/msg02024.html
Signed-off-by: Nick Chevsky <nchevsky@gmail.com>
we will use this for the qmeventd, but we have to limit this
to qemu 2.12, because we cannot add this during a live migration
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Instead of our own. The code is almost the same, but the
upstream implementation uses qemu's transactional system and
performs a drain() on the block device first. This seems to
help avoid some issues we run into with qcow2 files when
creating snapshots.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
do not use $1 do write out config, if code gets added this may easily
get overwritten, as vmgenid is a fixed key just hardcode it.
also move the comment to where it actually belongs
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This caused a few hiccups with qemu 3.0...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Acked-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
instead of overwriting the 'machine' config in the snapshot,
use its own 'runningmachine' config only for the snapshot
this way, we do not lose the machine type if it was
explicitely set during the snapshot, but deleted afterwards
we also have to adapt the tests for this
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
$newconf->{pending} is a reference to an empty hash, which is not falsy,
thus we always printed the warning
so check if there are actual values there and if yes,
give the names of the properties for which pending changes are found
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
> The following are important CPU features that should be used on
> Intel x86 hosts, when available in the host CPU. Some of them
> require explicit configuration to enable, as they are not included
> by default in some, or all, of the named CPU models listed above.
> In general all of these features are included if using “Host
> passthrough” or “Host model”.
>
> pcid: Recommended to mitigate the cost of the Meltdown
> (CVE-2017-5754) fix. Included by default in Haswell, Broadwell &
> Skylake Intel CPU models. Should be explicitly turned on for
> Westmere, SandyBridge, and IvyBridge Intel CPU models. Note that
> some desktop/mobile Westmere CPUs cannot support this feature.
>
> spec-ctrl: Required to enable the Spectre (CVE-2017-5753 and
> CVE-2017-5715) fix, in cases where retpolines are not sufficient.
> Included by default in Intel CPU models with -IBRS suffix. Must be
> explicitly turned on for Intel CPU models without -IBRS suffix.
> Requires the host CPU microcode to support this feature before it
> can be used for guest CPUs.
>
> ssbd: Required to enable the CVE-2018-3639 fix. Not included by
> default in any Intel CPU model. Must be explicitly turned on for
> all Intel CPU models. Requires the host CPU microcode to support
> this feature before it can be used for guest CPUs.
>
> pdpe1gbr: Recommended to allow guest OS to use 1GB size pages.Not
> included by default in any Intel CPU model. Should be explicitly
> turned on for all Intel CPU models. Note that not all CPU hardware
> will support this feature.
-- https://www.berrange.com/posts/2018/06/29/cpu-model-configuration-for-qemu-kvm-on-x86-hosts/
Some storage like rbd or lvm can't keep thin-provising after a qemu-mirror.
Call qga guest-fstrim if qga is available and fstrim_cloned_disks is enabled
after move_disk and migrate.
Co-Authored-By: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
changelog v2:
- remove hash
- remove check if cdrom
if we try to delete a snapshot, and that is disk from the snapshot
is not attached anymore (unused), we can't delete the snapshot
with qemu snapshot delete command (for storage which use it (qcow2,rbd,...))
example:
...
unused0: rbd:vm-107-disk-3
[snap1]
...
scsi2: rbd:vm-107-disk-3,size=1G
-> die
qmp command 'delete-drive-snapshot' failed - Device 'drive-scsi2' not found
If drive is not attached, we need to use the storage snapshot delete command
writes the given content to the file
the size is at the moment limited by the max post size of the
pveproxy/daemon, so we set the maxLength to 60k
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
this api call reads a file via the guest agent,
(in 1MB chunks) but is limited to 16MiB (for now)
if the file is bigger, the output gets truncated and a
'truncated' flag is set in the return object
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
on the commandline the implementation for exec is a bit different
because there we want (by default) to wait for the result,
as opposed to the api, where it is enough to return the pid and
let the client handle the polling
this behaviour is optional and can be turned off, as well as the
timeout of 30 seconds
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
this imitates the qemu-guest-agent interface
with an 'exec' api call which returns a pid
and an 'exec-status' api call which takes a pid
the command for the exec call is given as an 'alist'
which means that when using we have to give the 'command'
parameter multiple times e.g.
pvesh create <...>/exec --command ls --command '-lha' --command '/home/user'
so that we avoid having to deal with shell escaping etc.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
this executes the guest agent command 'set-user-password'
with which one can change the password of an existing user in the vm
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
tells an user what would get touched, so he has a chance to fix
unwanted things before changes are actually made.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Else an user has no idea what, or if something happened.
Gets printed to tty when using qm rescan or to tasklog for the case
where we do a rescan after restoring a backup.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Unused disk(s) appeared after a rescan of storages. Especially shown
with ceph pools, where two storage entries are made, <storage>_ct and
<storage>_vm. The rescan method did include images from both storages.
This patch filters any storage not containing the content type 'images'.
Signed-off-by: Alwin Antreich <a.antreich@proxmox.com>
when a vm is suspended (e.g. autosuspend on windows)
we detect that it is not running, display the resume button,
but 'cont' does not wakeup the system from suspend
with this we can wake up suspended vms
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Move the locking inside worker, so that the process doing the actual
work (create or restore) holds the lock, and can call functions which
do locking without deadlocking.
This mirrors the behaviour we use for containers, and allows to add
an 'autostart' parameter which starts the VM after successful
creation. vm_start needs the lock and as not the worker but it's
parents held it, it couldn't know that it was actually save to
continue...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
the not definedness check is unecessary here, since it does not
do anything then, and to check balloon twice is also not necessary
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Deleting the balloon config entry means resetting it to its
default. This means having a balloon device but not actually
doing any ballooning with it (iow. resetting the VM's
'balloon' value to its specified memory.).
Hotplugging a balloon device (coming from explicit '0' to
any other value (including deleting it)) is not possible.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
To avoid potential cleanup & post-start actions to cause
unwanted processes (such as gpg-agent) to be started as part
of the scope, as the enter_systemd_scope() function causes
the current process to enter the scope.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
cloning a vm means copying the current state, not the
state of 'some time in the future, when the vm is started again'
we should not copy the pending changes, which also fixes the
issue that we got a wrong pending change on the disks,net,smbios,etc.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
when using q35 as machine type, there are nested pci-bridges,
but we only checked the first layer
this resulted in not being able to hotplug scsi devices,
because scsihw0 was deeper in the pci-bridge construct, we did not see
it and tried to add it (which fails of course)
this patch checks all bridges, regardless how deeply nested they are
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
it is not necessary to check the romfile of the running vm
for .pxe machine types, since the machine type itself is not
hot-pluggable
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
we accidentally moved nbd_stop to CloudInit.pm in
commit 0c9a7596f6
and removed it in
commit 3db6e4ab70
without realizing that live local storage migration still depends on it
readd it
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
With QEMU 2.10 the serial parameter of the -drive command line option
was deprecated [1], so move the logic which adds this parameter now
to the -drive analogue -device CLI option.
Features marked deprecated will continue to work for two releases[2],
so we need to switch over before 2.12, AFAICT.
[1]: https://wiki.qemu.org/ChangeLog/2.10#Deprecated_options
[2]: https://qemu.weilnetz.de/doc/qemu-doc.html#Deprecated-features
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
since this requires O_DIRECT support by the underlying storage, which
might not be available.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
this fixes an issue with zvols, which require cache=none and eat up all
free memory as buffered pages otherwise
https://github.com/zfsonlinux/zfs/issues/7235
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Modern noVNC does not needs this anymore, actually things may get
worse if it's used. E.g., when one sets 'de' and the VM locale is
'de' you may get a 'ĸ' (unicode kra) if you want to send an ampersand
character through pressing SHIFT + 6.
Qemus manual pages confirms that this is most times not needed
anymore:
> -k language
> Use keyboard layout language (for example "fr" for
> French). This option is only needed where it is not
> easy to get raw PC keycodes (e.g. on Macs, with some
> X11 servers or with a VNC or curses display). You don't
> normally need to use it on PC/Linux or PC/Windows
> hosts.
-- man kvm
An user can always set it per VM, wew simply remove the implict
default derived from the cluster wide datacenter.cfg
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
The git history of this is not immediately obvious due to
the date of the cloud init patches, but the removal of this
line was basically reverted by them later at merge-time.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
since password is easily decrypted, hide it on the api
if someone needs it, they can get it directly from the
config
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
We introduced our QMP socket with commit
c971c4f221 (29.05.2012)
Already tried to remove this with commit
7b7c6d1b5d (13.07.2012)
But reverted that to allow migration of VMs still using the old
montior to ones which already switched over to the new QMP one,
in commit dab36e1ee9 (17.08.2012)
see bug #242 for reference
This was all done and released in PVE 2.2, as no migration through
nodes differing more than one major version is possible we can
finally remove this code for good.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
we have '$conf, $vmid' elsewhere for cloudinit, this was the only
function which had them in reverse
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Checking for the cgroup directory is a kind of time-of-check
time-of-use race condition stop-mode backups seem to
occasionally run into on some systems.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
We don't leave this up to cloud-init as we don't want
un-hashed values at all in our configs.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
