mirror of
https://git.proxmox.com/git/qemu-server
synced 2025-08-02 21:49:42 +00:00
347dc13650
the following two endpoints are used for migration on the remote side POST /nodes/NODE/qemu/VMID/mtunnel which creates and locks an empty VM config, and spawns the main qmtunnel worker which binds to a VM-specific UNIX socket. this worker handles JSON-encoded migration commands coming in via this UNIX socket: - config (set target VM config) -- checks permissions for updating config -- strips pending changes and snapshots -- sets (optional) firewall config - disk (allocate disk for NBD migration) -- checks permission for target storage -- returns drive string for allocated volume - disk-import, query-disk-import, bwlimit -- handled by PVE::StorageTunnel - start (returning migration info) - fstrim (via agent) - ticket (creates a ticket for a WS connection to a specific socket) - resume - stop - nbdstop - unlock - quit (+ cleanup) this worker serves as a replacement for both 'qm mtunnel' and various manual calls via SSH. the API call will return a ticket valid for connecting to the worker's UNIX socket via a websocket connection. GET+WebSocket upgrade /nodes/NODE/qemu/VMID/mtunnelwebsocket gets called for connecting to a UNIX socket via websocket forwarding, i.e. once for the main command mtunnel, and once each for the memory migration and each NBD drive-mirror/storage migration. access is guarded by a short-lived ticket binding the authenticated user to the socket path. such tickets can be requested over the main mtunnel, which keeps track of socket paths currently used by that mtunnel/migration instance. each command handler should check privileges for the requested action if necessary. both mtunnel and mtunnelwebsocket endpoints are not proxied, the client/caller is responsible for ensuring the passed 'node' parameter and the endpoint handling the call are matching. Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> |
||
|---|---|---|
| .. | ||
| Qemu | ||
| Makefile | ||
| Qemu.pm | ||