[pve-devel] applied: [PATCH manager] metric server: improve flush on big data updates
Signed-off-by: Thomas Lamprecht --- PVE/ExtMetric.pm | 39 --- PVE/Status/Graphite.pm | 14 +++--- PVE/Status/InfluxDB.pm | 21 - PVE/Status/Plugin.pm | 36 4 files changed, 63 insertions(+), 47 deletions(-) diff --git a/PVE/ExtMetric.pm b/PVE/ExtMetric.pm index 14d98317..448d3925 100644 --- a/PVE/ExtMetric.pm +++ b/PVE/ExtMetric.pm @@ -28,17 +28,10 @@ sub update_all($$@) { my $method = "update_${subsystem}_status"; -my (undef, $fn, $line, $subr) = caller(1); for my $txn (@$transactions) { my $plugin = PVE::Status::Plugin->lookup($txn->{cfg}->{type}); $plugin->$method($txn, @params); - - if (length($txn->{data}) > 48000) { - # UDP stack cannot handle messages > 65k, if we've alot of data we - # do smaller batch sends then, but keep the connection alive - transaction_flush($txn, 1); - } } } @@ -69,36 +62,20 @@ sub transactions_start { return $transactions; } -sub transaction_flush { -my ($txn, $keepconnected) = @_; +sub transactions_finish { +my ($transactions) = @_; -if (!$txn->{connection}) { - return if !$txn->{data}; # OK, if data was already sent/flushed - die "cannot flush metric data, no connection available!\n"; -} -return if !defined($txn->{data}) || $txn->{data} eq ''; +for my $txn (@$transactions) { + my $plugin = PVE::Status::Plugin->lookup($txn->{cfg}->{type}); -my $plugin = PVE::Status::Plugin->lookup($txn->{cfg}->{type}); + eval { $plugin->flush_data($txn) }; + my $flush_err = $@; + warn "$flush_err" if $flush_err; -my $data = delete $txn->{data}; -eval { $plugin->send($txn->{connection}, $data) }; -my $senderr = $@; - -if (!$keepconnected) { $plugin->_disconnect($txn->{connection}); $txn->{connection} = undef; # avoid log spam, already got a send error; disconnect would fail too - warn "disconnect failed: $@" if $@ && !$senderr; -} -die "metrics send error '$txn->{id}': $senderr" if $senderr; -}; - -sub transactions_finish { -my ($transactions) = @_; - -for my $txn (@$transactions) { - eval { transaction_flush($txn) }; - warn "$@" if $@; + warn "disconnect failed: $@" if $@ && !$flush_err; } } diff --git a/PVE/Status/Graphite.pm b/PVE/Status/Graphite.pm index 28fa65fd..ecab5583 100644 --- a/PVE/Status/Graphite.pm +++ b/PVE/Status/Graphite.pm @@ -61,25 +61,26 @@ sub options { sub update_node_status { my ($class, $txn, $node, $data, $ctime) = @_; -assemble($txn, $data, $ctime, "nodes.$node"); +return assemble($class, $txn, $data, $ctime, "nodes.$node"); } sub update_qemu_status { my ($class, $txn, $vmid, $data, $ctime, $nodename) = @_; -assemble($txn, $data, $ctime, "qemu.$vmid"); + +return assemble($class, $txn, $data, $ctime, "qemu.$vmid"); } sub update_lxc_status { my ($class, $txn, $vmid, $data, $ctime, $nodename) = @_; -assemble($txn, $data, $ctime, "lxc.$vmid"); +return assemble($class, $txn, $data, $ctime, "lxc.$vmid"); } sub update_storage_status { my ($class, $txn, $nodename, $storeid, $data, $ctime) = @_; -assemble($txn, $data, $ctime, "storages.$nodename.$storeid"); +return assemble($class, $txn, $data, $ctime, "storages.$nodename.$storeid"); } sub _connect { @@ -108,7 +109,7 @@ sub _connect { } sub assemble { -my ($txn, $data, $ctime, $object) = @_; +my ($class, $txn, $data, $ctime, $object) = @_; my $path = $txn->{cfg}->{path} // 'proxmox'; $path .= ".$object"; @@ -121,7 +122,6 @@ sub assemble { 'serial' => 1, }; -$txn->{data} //= ''; my $assemble_graphite_data; $assemble_graphite_data = sub { my ($metric, $path) = @_; @@ -136,7 +136,7 @@ sub assemble { if (ref($value) eq 'HASH') { $assemble_graphite_data->($value, $metricpath); } elsif ($value =~ m/^[+-]?[0-9]*\.?[0-9]+$/ && !$key_blacklist->{$key}) { - $txn->{data} .= "$metricpath $value $ctime\n"; + $class->add_metric_data($txn, "$metricpath $value $ctime\n"); } } }; diff --git a/PVE/Status/InfluxDB.pm b/PVE/Status/InfluxDB.pm index 21949400..c7bc15a9 100644 --- a/PVE/Status/InfluxDB.pm +++ b/PVE/Status/InfluxDB.pm @@ -5,6 +5,7 @@ use warnings; use POSIX qw(isnan isinf); use Scalar::Util 'looks_like_number'; +use IO::Socket::IP; use PVE::SafeSyslog; @@ -37,7 +38,7 @@ sub update_node_status { $ctime *= 10; -build_influxdb_payload(\$txn->{data}, $data, $ctime, "object=nodes,host=$node"); +build_influxdb_payload($class, $txn, $data, $ctime, "object=nodes,host=$node"); } sub update_qemu_status { @@ -51,7 +52,7 @@ sub update_qemu_status { } $object =~ s/\s/\\ /g; -build_influxdb_payload(\$txn
[pve-devel] applied: [PATCH aab] add vi and nano to base template
On 5/8/20 4:40 PM, Oguz Bektas wrote: > Signed-off-by: Oguz Bektas > --- > PVE/AAB.pm | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/PVE/AAB.pm b/PVE/AAB.pm > index 405841b..6620ac8 100644 > --- a/PVE/AAB.pm > +++ b/PVE/AAB.pm > @@ -11,8 +11,7 @@ use IPC::Open2; > use IPC::Open3; > use UUID; > use Cwd; > - > -my @BASE_PACKAGES = qw(base openssh); > +my @BASE_PACKAGES = qw(base openssh vi nano); > my @BASE_EXCLUDES = qw(e2fsprogs > jfsutils > linux > applied, thanks! ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH aab] add vi and nano to base template
Signed-off-by: Oguz Bektas --- PVE/AAB.pm | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/PVE/AAB.pm b/PVE/AAB.pm index 405841b..6620ac8 100644 --- a/PVE/AAB.pm +++ b/PVE/AAB.pm @@ -11,8 +11,7 @@ use IPC::Open2; use IPC::Open3; use UUID; use Cwd; - -my @BASE_PACKAGES = qw(base openssh); +my @BASE_PACKAGES = qw(base openssh vi nano); my @BASE_EXCLUDES = qw(e2fsprogs jfsutils linux -- 2.20.1 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH i18n] update German translation
Signed-off-by: Alwin Antreich --- de.po | 80 +-- 1 file changed, 39 insertions(+), 41 deletions(-) diff --git a/de.po b/de.po index babde6d..82722fc 100644 --- a/de.po +++ b/de.po @@ -460,7 +460,7 @@ msgstr "Base DN für Gruppen" #: pve-manager/www/manager6/dc/AuthEditLDAP.js:16 msgid "Base Domain Name" -msgstr "Base Domain Name" +msgstr "Basis Domänen Name" #: pve-manager/www/manager6/storage/LVMEdit.js:125 msgid "Base storage" @@ -479,14 +479,12 @@ msgid "Before Queue Filtering" msgstr "" #: pve-manager/www/manager6/dc/AuthEditLDAP.js:137 -#, fuzzy msgid "Bind Password" -msgstr "Kennwort" +msgstr "Bind Kennwort" #: pve-manager/www/manager6/dc/AuthEditLDAP.js:130 -#, fuzzy msgid "Bind User" -msgstr "Benutzer" +msgstr "Bind Benutzer" #: pmg-gui/js/QuarantineView.js:29 pmg-gui/js/SpamContextMenu.js:37 #: pmg-gui/js/SpamQuarantine.js:339 pmg-gui/js/UserBlackWhiteList.js:55 @@ -1054,7 +1052,7 @@ msgstr "Kopiere Information" #: pve-manager/www/manager6/dc/TokenEdit.js:162 msgid "Copy Secret Value" -msgstr "" +msgstr "Kopiere geheimen Wert" #: proxmox-widget-toolkit/Utils.js:535 msgid "Copy data" @@ -1298,11 +1296,13 @@ msgstr "Default Relay" #: pve-manager/www/manager6/dc/AuthEditLDAP.js:152 msgid "Default Sync Options" -msgstr "" +msgstr "Standard-Sync Optionen" #: pve-manager/www/manager6/dc/SyncWindow.js:138 msgid "Default sync options can be set by editing the realm." msgstr "" +"Standard-Synchronisierungsoptionen können durch Bearbeiten des Realm " +"festgelegt werden" #: pve-manager/www/manager6/dc/OptionView.js:152 msgid "Defaults to origin" @@ -1557,7 +1557,7 @@ msgstr "Keine gültige Cluster Information!" #: pve-manager/www/manager6/node/ACME.js:699 #: pve-manager/www/manager6/storage/CIFSEdit.js:180 msgid "Domain" -msgstr "Domain" +msgstr "Domäne" #: pve-manager/www/manager6/ceph/StatusDetail.js:52 msgid "Down" @@ -1578,7 +1578,7 @@ msgstr "Nur Unicast Adressen erlaubt" #: pve-manager/www/manager6/dc/CorosyncLinkEdit.js:230 msgid "Duplicate link number not allowed." -msgstr "" +msgstr "Doppelt vergebene Link Nummern nicht erlaubt." #: pve-manager/www/manager6/grid/Replication.js:382 msgid "Duration" @@ -1609,9 +1609,8 @@ msgid "E-Mail addresses of '{0}'" msgstr "E-Mail Adressen von '{0}'" #: pve-manager/www/manager6/dc/AuthEditLDAP.js:142 -#, fuzzy msgid "E-Mail attribute" -msgstr "EMail Attribut Name(n)" +msgstr "EMail Attribut" #: pve-manager/www/manager6/qemu/HDEfi.js:64 #: pve-manager/www/manager6/qemu/HardwareView.js:253 @@ -1732,7 +1731,7 @@ msgstr "Aktivieren" #: pve-manager/www/manager6/dc/AuthEditLDAP.js:231 msgid "Enable new users" -msgstr "" +msgstr "Neue Benutzer aktivieren" #: pve-manager/www/manager6/lxc/MPEdit.js:269 msgid "Enable quota" @@ -2097,7 +2096,7 @@ msgstr "Ceph Cluster Konfiguration" #: pve-manager/www/manager6/dc/AuthEditLDAP.js:178 #: pve-manager/www/manager6/dc/SyncWindow.js:102 msgid "Full" -msgstr "" +msgstr "Voll" #: pve-manager/www/manager6/window/Clone.js:179 msgid "Full Clone" @@ -2158,9 +2157,8 @@ msgid "Group" msgstr "Gruppe" #: pve-manager/www/manager6/dc/AuthEditLDAP.js:206 -#, fuzzy msgid "Group Filter" -msgstr "Virenfilter" +msgstr "Gruppenfilter" #: pve-manager/www/manager6/dc/ACLView.js:24 #: pve-manager/www/manager6/dc/ACLView.js:209 @@ -2168,9 +2166,8 @@ msgid "Group Permission" msgstr "Gruppenrechte" #: pve-manager/www/manager6/dc/AuthEditLDAP.js:193 -#, fuzzy msgid "Group classes" -msgstr "Gruppen Objektklasse" +msgstr "Gruppenklassen" #: pmg-gui/js/LDAPGroupEditor.js:69 msgid "Group member" @@ -2182,7 +2179,7 @@ msgstr "Gruppen Objektklasse" #: pve-manager/www/manager6/dc/AuthEditLDAP.js:148 msgid "Groupname attr." -msgstr "" +msgstr "Gruppenname Attr." #: pmg-gui/js/LDAPConfig.js:610 pve-manager/www/manager6/dc/AuthEditLDAP.js:164 #: pve-manager/www/manager6/dc/Config.js:101 @@ -2316,7 +2313,7 @@ msgstr "Interne Hosts verstecken" #: pve-manager/www/manager6/dc/ACMEPluginEdit.js:198 msgid "Hint" -msgstr "" +msgstr "Hinweis" #: pve-manager/www/manager6/lxc/Options.js:145 #: pve-manager/www/manager6/qemu/Options.js:322 @@ -2498,7 +2495,7 @@ msgstr "Eingehende Mails" #: pmg-gui/js/ClamAVDatabase.js:18 msgid "Incremental Download" -msgstr "" +msgstr "Inkrementeller Download" #: pmg-gui/js/Utils.js:761 pmg-gui/js/mobile/app.js:48 #: pve-manager/www/manager6/ceph/CephInstallWizard.js:46 @@ -3187,6 +3184,8 @@ msgstr "Mehrere E-Mail Adressen ausgewählt" msgid "" "Multiple links are used as failover, lower numbers have higher priority." msgstr "" +"Mehrere Links werden als Failover verwendet, niedrigere Nummern haben eine " +"höhere Priorität." #: proxmox-widget-toolkit/Toolkit.js:115 msgid "Must end with" @@ -3648,7 +3647,7 @@ msgstr "Online" #: pve-manager/www/manager6/node/ACME.js:273 msgid "Only 5 Domains with type DNS can be configured" -msgstr "" +msgstr "Es können nu
Re: [pve-devel] [PATCH docs] pveum.adoc: use correct cli command for realm sync
On 5/8/20 1:29 PM, Dominik Csapak wrote: > Signed-off-by: Dominik Csapak > --- > pveum.adoc | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/pveum.adoc b/pveum.adoc > index 8f229a6..0057564 100644 > --- a/pveum.adoc > +++ b/pveum.adoc > @@ -178,7 +178,7 @@ It is possible to sync users and groups for LDAP based > realms. You can use the > CLI command > > > - pveum sync > + pveum realm sync > > or in the `Authentication` panel of the GUI. Users and groups are synced to > the > cluster-wide user configuration file `/etc/pve/user.cfg`. > applied, thanks! ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH manager] ui: clusterjoin: fix cluster network field visibility
On 5/8/20 12:30 PM, Tim Marx wrote: > Signed-off-by: Tim Marx > --- > www/manager6/dc/ClusterEdit.js | 9 - > 1 file changed, 8 insertions(+), 1 deletion(-) > applied, but superseeded by a more general viewModel approach hiding all fields for this mode. But it worked as advertised and was good code, so thanks nonetheless. ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH access-control] LDAP: skip anonymous bind when clientcert/key is given
On 5/8/20 1:16 PM, Dominik Csapak wrote: > It seems that servers associate the client-cert/key with an account, so > doing an explicit anonymous bind then 'logs out' the already verified > user, limiting the search results in some cases > > before refactoring to PVE::LDAP, we did not do '$ldap->bind' at all when > there was no bind_dn, but it is not really clear if Net::LDAP does this > automatically when searching (other libraries do this), so leave the > anonymous bind (for compatibility with PMG) but skip it when a client > certificate and key is given. > > Signed-off-by: Dominik Csapak > --- > PVE/Auth/LDAP.pm | 14 +++--- > 1 file changed, 7 insertions(+), 7 deletions(-) > > diff --git a/PVE/Auth/LDAP.pm b/PVE/Auth/LDAP.pm > index 9fa9095..09b2202 100755 > --- a/PVE/Auth/LDAP.pm > +++ b/PVE/Auth/LDAP.pm > @@ -203,17 +203,17 @@ sub connect_and_bind { > > my $ldap = PVE::LDAP::ldap_connect($servers, $scheme, $port, > \%ldap_args); > > -my $bind_dn; > -my $bind_pass; > - > if ($config->{bind_dn}) { > - $bind_dn = $config->{bind_dn}; > - $bind_pass = ldap_get_credentials($realm); > + my $bind_dn = $config->{bind_dn}; > + my $bind_pass = ldap_get_credentials($realm); > die "missing password for realm $realm\n" if !defined($bind_pass); > + PVE::LDAP::ldap_bind($ldap, $bind_dn, $bind_pass); > +} elsif ($config->{cert} && $config->{certkey}) { > + warn "skipping anonymous bind with clientcert\n"; > +} else { > + PVE::LDAP::ldap_bind($ldap); > } > > -PVE::LDAP::ldap_bind($ldap, $bind_dn, $bind_pass); > - > if (!$config->{base_dn}) { > my $root = $ldap->root_dse(attrs => [ 'defaultNamingContext' ]); > $config->{base_dn} = $root->get_value('defaultNamingContext'); > applied, thanks! ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH docs] pveum.adoc: use correct cli command for realm sync
Signed-off-by: Dominik Csapak --- pveum.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pveum.adoc b/pveum.adoc index 8f229a6..0057564 100644 --- a/pveum.adoc +++ b/pveum.adoc @@ -178,7 +178,7 @@ It is possible to sync users and groups for LDAP based realms. You can use the CLI command - pveum sync + pveum realm sync or in the `Authentication` panel of the GUI. Users and groups are synced to the cluster-wide user configuration file `/etc/pve/user.cfg`. -- 2.20.1 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH access-control] LDAP: skip anonymous bind when clientcert/key is given
It seems that servers associate the client-cert/key with an account, so doing an explicit anonymous bind then 'logs out' the already verified user, limiting the search results in some cases before refactoring to PVE::LDAP, we did not do '$ldap->bind' at all when there was no bind_dn, but it is not really clear if Net::LDAP does this automatically when searching (other libraries do this), so leave the anonymous bind (for compatibility with PMG) but skip it when a client certificate and key is given. Signed-off-by: Dominik Csapak --- PVE/Auth/LDAP.pm | 14 +++--- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/PVE/Auth/LDAP.pm b/PVE/Auth/LDAP.pm index 9fa9095..09b2202 100755 --- a/PVE/Auth/LDAP.pm +++ b/PVE/Auth/LDAP.pm @@ -203,17 +203,17 @@ sub connect_and_bind { my $ldap = PVE::LDAP::ldap_connect($servers, $scheme, $port, \%ldap_args); -my $bind_dn; -my $bind_pass; - if ($config->{bind_dn}) { - $bind_dn = $config->{bind_dn}; - $bind_pass = ldap_get_credentials($realm); + my $bind_dn = $config->{bind_dn}; + my $bind_pass = ldap_get_credentials($realm); die "missing password for realm $realm\n" if !defined($bind_pass); + PVE::LDAP::ldap_bind($ldap, $bind_dn, $bind_pass); +} elsif ($config->{cert} && $config->{certkey}) { + warn "skipping anonymous bind with clientcert\n"; +} else { + PVE::LDAP::ldap_bind($ldap); } -PVE::LDAP::ldap_bind($ldap, $bind_dn, $bind_pass); - if (!$config->{base_dn}) { my $root = $ldap->root_dse(attrs => [ 'defaultNamingContext' ]); $config->{base_dn} = $root->get_value('defaultNamingContext'); -- 2.20.1 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH qemu-server] fix #2697: map netdev_add options to correct json types
On 4/21/20 4:01 PM, Dominik Csapak wrote: > netdev_add is now a proper qmp command, which means that it verifies > the parameter types properly > > instead of sending strings, we now have to choose the correct > types for the parameters > > bool for vhost > and uint64 for queues > > Signed-off-by: Dominik Csapak > --- > i checked and i found no other parameter or qmp call that needs > changing, but maybe someone else can also check this, just to be sure > > PVE/QemuServer.pm | 8 > 1 file changed, 8 insertions(+) > > diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm > index 37c7320..030e04b 100644 > --- a/PVE/QemuServer.pm > +++ b/PVE/QemuServer.pm > @@ -4047,6 +4047,14 @@ sub qemu_netdevadd { > my $netdev = print_netdev_full($vmid, $conf, $arch, $device, $deviceid, > 1); > my %options = split(/[=,]/, $netdev); > > +if (defined(my $vhost = $options{vhost})) { > + $options{vhost} = JSON::boolean(PVE::JSONSchema::parse_boolean($vhost)); > +} > + > +if (defined(my $queues = $options{queues})) { > + $options{queues} = $queues + 0; > +} > + > mon_cmd($vmid, "netdev_add", %options); > return 1; > } > applied thanks! ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager] ui: clusterjoin: fix cluster network field visibility
Signed-off-by: Tim Marx --- www/manager6/dc/ClusterEdit.js | 9 - 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/www/manager6/dc/ClusterEdit.js b/www/manager6/dc/ClusterEdit.js index 227812d3..b4603291 100644 --- a/www/manager6/dc/ClusterEdit.js +++ b/www/manager6/dc/ClusterEdit.js @@ -191,6 +191,8 @@ Ext.define('PVE.ClusterJoinNodeWindow', { let vm = this.getViewModel(); let assistedEntryBox = this.lookup('assistedEntry'); + let linkEditorContainer = this.lookup('linkEditorContainer'); + if (!assistedEntryBox.getValue()) { // not in assisted entry mode, nothing to do return; @@ -211,6 +213,7 @@ Ext.define('PVE.ClusterJoinNodeWindow', { field.valid = false; linkEditor.setLinks([]); linkEditor.setInfoText(); + linkEditorContainer.setVisible(false); } else { let interfaces = joinInfo.totem.interface; let links = Object.values(interfaces).map(iface => { @@ -243,8 +246,8 @@ Ext.define('PVE.ClusterJoinNodeWindow', { clusterName: joinInfo.totem.cluster_name }; field.valid = true; + linkEditorContainer.setVisible(true); } - vm.set('info', info); } }, @@ -349,6 +352,10 @@ Ext.define('PVE.ClusterJoinNodeWindow', { { xtype: 'fieldcontainer', fieldLabel: gettext("Cluster Network"), + bind: { + hidden: '{assistedEntry.checked}' + }, + reference: 'linkEditorContainer', items: [ { xtype: 'pveCorosyncLinkEditor', -- 2.20.1 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [pve-network] vlan plugin: add support for no vlan-aware bridge
On 5/8/20 11:00 AM, Alexandre Derumier wrote: > Some users could have problem with vlan-aware and some nics. > > Signed-off-by: Alexandre Derumier > --- > PVE/Network/SDN/Zones/Plugin.pm | 6 +++-- > PVE/Network/SDN/Zones/VlanPlugin.pm | 39 +++-- > 2 files changed, 41 insertions(+), 4 deletions(-) > > diff --git a/PVE/Network/SDN/Zones/Plugin.pm b/PVE/Network/SDN/Zones/Plugin.pm > index aa53cce..2335d9e 100644 > --- a/PVE/Network/SDN/Zones/Plugin.pm > +++ b/PVE/Network/SDN/Zones/Plugin.pm > @@ -219,7 +219,8 @@ sub get_bridge_vlan { > sub tap_create { > my ($class, $plugin_config, $vnet, $iface, $vnetid) = @_; > > -my ($bridge, undef) = $class->get_bridge_vlan($plugin_config, $vnetid); > +my $tag = $vnet->{tag}; > +my ($bridge, undef) = $class->get_bridge_vlan($plugin_config, $vnetid, > $tag); > die "unable to get bridge setting\n" if !$bridge; > > PVE::Network::tap_create($iface, $bridge); > @@ -228,7 +229,8 @@ sub tap_create { > sub veth_create { > my ($class, $plugin_config, $vnet, $veth, $vethpeer, $vnetid, $hwaddr) = > @_; > > -my ($bridge, undef) = $class->get_bridge_vlan($plugin_config, $vnetid); > +my $tag = $vnet->{tag}; > +my ($bridge, undef) = $class->get_bridge_vlan($plugin_config, $vnetid, > $tag); > die "unable to get bridge setting\n" if !$bridge; > > PVE::Network::veth_create($veth, $vethpeer, $bridge, $hwaddr); > diff --git a/PVE/Network/SDN/Zones/VlanPlugin.pm > b/PVE/Network/SDN/Zones/VlanPlugin.pm > index 28d6a00..b0d3784 100644 > --- a/PVE/Network/SDN/Zones/VlanPlugin.pm > +++ b/PVE/Network/SDN/Zones/VlanPlugin.pm > @@ -32,13 +32,47 @@ sub options { > return { > nodes => { optional => 1}, > 'bridge' => { optional => 0 }, > + mtu => { optional => 1 } > }; > } > > # Plugin implementation > sub generate_sdn_config { > my ($class, $plugin_config, $zoneid, $vnetid, $vnet, $controller, > $interfaces_config, $config) = @_; > -return ""; > + > +my $bridge = $plugin_config->{bridge}; > +my $vlan_aware = > PVE::Tools::file_read_firstline("/sys/class/net/$bridge/bridge/vlan_filtering"); > +my $is_ovs = 1 if !-d "/sys/class/net/$bridge/brif"; > +return if $vlan_aware || $is_ovs; this was changed from return "" to return undef, is that OK? > + > +my $tag = $vnet->{tag}; > +my $alias = $vnet->{alias}; > +my $mtu = $plugin_config->{mtu} if $plugin_config->{mtu}; > +my $bridgevlan = $bridge."v".$tag; > + > +my @bridge_ifaces = (); > +my $dir = "/sys/class/net/$bridge/brif"; > +PVE::Tools::dir_glob_foreach($dir, '(((eth|bond)\d+|en[^.]+)(\.\d+)?)', > sub { > +push @bridge_ifaces, $_[0]; > +}); > + > +my $bridge_ports = ""; > +$bridge_ports = "none" if scalar(@bridge_ifaces) == 0; > + > +foreach my $bridge_iface (@bridge_ifaces) { > + $bridge_ports .= " $bridge_iface.$tag"; > +} > + > +#vnet bridge (keep vmbrXvY for compatibility) > +my @iface_config = (); > +push @iface_config, "bridge_ports $bridge_ports"; > +push @iface_config, "bridge_stp off"; > +push @iface_config, "bridge_fd 0"; > +push @iface_config, "mtu $mtu" if $mtu; > +push @iface_config, "alias $alias" if $alias; > +push(@{$config->{$bridgevlan}}, @iface_config) if !$config->{$vnetid}; > + > +return $config; > } > > sub status { > @@ -71,7 +105,8 @@ sub get_bridge_vlan { > my $vlan_aware = > PVE::Tools::file_read_firstline("/sys/class/net/$bridge/bridge/vlan_filtering"); > my $is_ovs = 1 if !-d "/sys/class/net/$bridge/brif"; > > -die "bridge $bridge is not vlan aware" if !$is_ovs && !$vlan_aware; > + > +return ($bridge."v".$tag, undef) if !$is_ovs && !$vlan_aware; > > return ($bridge, $tag); > } > ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [pve-network] vlan plugin: add support for no vlan-aware bridge
Some users could have problem with vlan-aware and some nics. Signed-off-by: Alexandre Derumier --- PVE/Network/SDN/Zones/Plugin.pm | 6 +++-- PVE/Network/SDN/Zones/VlanPlugin.pm | 39 +++-- 2 files changed, 41 insertions(+), 4 deletions(-) diff --git a/PVE/Network/SDN/Zones/Plugin.pm b/PVE/Network/SDN/Zones/Plugin.pm index aa53cce..2335d9e 100644 --- a/PVE/Network/SDN/Zones/Plugin.pm +++ b/PVE/Network/SDN/Zones/Plugin.pm @@ -219,7 +219,8 @@ sub get_bridge_vlan { sub tap_create { my ($class, $plugin_config, $vnet, $iface, $vnetid) = @_; -my ($bridge, undef) = $class->get_bridge_vlan($plugin_config, $vnetid); +my $tag = $vnet->{tag}; +my ($bridge, undef) = $class->get_bridge_vlan($plugin_config, $vnetid, $tag); die "unable to get bridge setting\n" if !$bridge; PVE::Network::tap_create($iface, $bridge); @@ -228,7 +229,8 @@ sub tap_create { sub veth_create { my ($class, $plugin_config, $vnet, $veth, $vethpeer, $vnetid, $hwaddr) = @_; -my ($bridge, undef) = $class->get_bridge_vlan($plugin_config, $vnetid); +my $tag = $vnet->{tag}; +my ($bridge, undef) = $class->get_bridge_vlan($plugin_config, $vnetid, $tag); die "unable to get bridge setting\n" if !$bridge; PVE::Network::veth_create($veth, $vethpeer, $bridge, $hwaddr); diff --git a/PVE/Network/SDN/Zones/VlanPlugin.pm b/PVE/Network/SDN/Zones/VlanPlugin.pm index 28d6a00..b0d3784 100644 --- a/PVE/Network/SDN/Zones/VlanPlugin.pm +++ b/PVE/Network/SDN/Zones/VlanPlugin.pm @@ -32,13 +32,47 @@ sub options { return { nodes => { optional => 1}, 'bridge' => { optional => 0 }, + mtu => { optional => 1 } }; } # Plugin implementation sub generate_sdn_config { my ($class, $plugin_config, $zoneid, $vnetid, $vnet, $controller, $interfaces_config, $config) = @_; -return ""; + +my $bridge = $plugin_config->{bridge}; +my $vlan_aware = PVE::Tools::file_read_firstline("/sys/class/net/$bridge/bridge/vlan_filtering"); +my $is_ovs = 1 if !-d "/sys/class/net/$bridge/brif"; +return if $vlan_aware || $is_ovs; + +my $tag = $vnet->{tag}; +my $alias = $vnet->{alias}; +my $mtu = $plugin_config->{mtu} if $plugin_config->{mtu}; +my $bridgevlan = $bridge."v".$tag; + +my @bridge_ifaces = (); +my $dir = "/sys/class/net/$bridge/brif"; +PVE::Tools::dir_glob_foreach($dir, '(((eth|bond)\d+|en[^.]+)(\.\d+)?)', sub { +push @bridge_ifaces, $_[0]; +}); + +my $bridge_ports = ""; +$bridge_ports = "none" if scalar(@bridge_ifaces) == 0; + +foreach my $bridge_iface (@bridge_ifaces) { + $bridge_ports .= " $bridge_iface.$tag"; +} + +#vnet bridge (keep vmbrXvY for compatibility) +my @iface_config = (); +push @iface_config, "bridge_ports $bridge_ports"; +push @iface_config, "bridge_stp off"; +push @iface_config, "bridge_fd 0"; +push @iface_config, "mtu $mtu" if $mtu; +push @iface_config, "alias $alias" if $alias; +push(@{$config->{$bridgevlan}}, @iface_config) if !$config->{$vnetid}; + +return $config; } sub status { @@ -71,7 +105,8 @@ sub get_bridge_vlan { my $vlan_aware = PVE::Tools::file_read_firstline("/sys/class/net/$bridge/bridge/vlan_filtering"); my $is_ovs = 1 if !-d "/sys/class/net/$bridge/brif"; -die "bridge $bridge is not vlan aware" if !$is_ovs && !$vlan_aware; + +return ($bridge."v".$tag, undef) if !$is_ovs && !$vlan_aware; return ($bridge, $tag); } -- 2.20.1 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH manager] ui: dc/SyncWindow: add help button
On 4/30/20 1:16 PM, Dominik Csapak wrote: > with link to the LDAP Syncing section of the documentation > > Signed-off-by: Dominik Csapak > --- > www/manager6/dc/SyncWindow.js | 8 > 1 file changed, 8 insertions(+) > applied, thanks! ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH access-control] ldap_delete_credentials: don't complain if already deleted
Signed-off-by: Thomas Lamprecht --- it's just for style, a realm was deleted nonetheless PVE/Auth/LDAP.pm | 1 + 1 file changed, 1 insertion(+) diff --git a/PVE/Auth/LDAP.pm b/PVE/Auth/LDAP.pm index 64250cb..9fa9095 100755 --- a/PVE/Auth/LDAP.pm +++ b/PVE/Auth/LDAP.pm @@ -411,6 +411,7 @@ sub ldap_delete_credentials { my ($realmid) = @_; if (my $cred_file = get_cred_file($realmid)) { + return if ! -e $cred_file; # nothing to do unlink($cred_file) or warn "removing LDAP credentials '$cred_file' failed: $!\n"; } } -- 2.20.1 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH manager] dc/Realms: fix adding of new ldap realm
On 5/8/20 9:53 AM, Dominik Csapak wrote: > we cannot pass 'delete' on create api call, and we have to make > sure that 'default_opts' and 'sync_attributes' are alwyas available, > since they are used in onGetValues > (they were only created during setValues, which is not called > when adding a new realm) > > Signed-off-by: Dominik Csapak > --- > www/manager6/dc/AuthEditLDAP.js | 8 ++-- > 1 file changed, 6 insertions(+), 2 deletions(-) > applied, thanks! ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager] dc/Realms: fix adding of new ldap realm
we cannot pass 'delete' on create api call, and we have to make sure that 'default_opts' and 'sync_attributes' are alwyas available, since they are used in onGetValues (they were only created during setValues, which is not called when adding a new realm) Signed-off-by: Dominik Csapak --- www/manager6/dc/AuthEditLDAP.js | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/www/manager6/dc/AuthEditLDAP.js b/www/manager6/dc/AuthEditLDAP.js index 0ca6f6ac..c5976769 100644 --- a/www/manager6/dc/AuthEditLDAP.js +++ b/www/manager6/dc/AuthEditLDAP.js @@ -66,6 +66,8 @@ Ext.define('PVE.panel.LDAPSyncInputPanel', { editableAttributes: ['email'], editableDefaults: ['scope', 'full', 'enable-new', 'purge'], +default_opts: {}, +sync_attributes: {}, // (de)construct the sync-attributes from the list above, // not touching all others @@ -93,12 +95,15 @@ Ext.define('PVE.panel.LDAPSyncInputPanel', { PVE.Utils.delete_if_default(values, 'sync-defaults-options'); PVE.Utils.delete_if_default(values, 'sync_attributes'); + if (me.isCreate) { + delete values.delete; // on create we cannot delete values + } + return values; }, setValues: function(values) { let me = this; - me.sync_attributes = {}; if (values.sync_attributes) { me.sync_attributes = PVE.Parser.parsePropertyString(values.sync_attributes); delete values.sync_attributes; @@ -108,7 +113,6 @@ Ext.define('PVE.panel.LDAPSyncInputPanel', { } }); } - me.default_opts = {}; if (values['sync-defaults-options']) { me.default_opts = PVE.Parser.parsePropertyString(values['sync-defaults-options']); delete values.default_opts; -- 2.20.1 ___ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel