Am 14/05/2024 um 16:11 schrieb Fiona Ebner:
> The savevm-end command also fails when no snapshot operation was
> started before. In particular, this is the case when savevm-start
> failed early, because of unmigratable devices.
>
> Avoid potentially leaving an orphaned volume and snasphot-related
In order to be able to send outgoing ARP packets when the default
policy is set to drop or reject, we need to explicitly allow ARP
traffic in the outgoing chain of guests. We need to do this in the
guest chain itself in order to be able to filter spoofed packets via
the MAC filter.
Contrary to the
The output chain did not have any conntrack rules, which lead to
issues when the default output policy is not accept. Also, move the
conntrack rules to the beginning of all chains.
Signed-off-by: Stefan Hanreich
Originally-by: Laurent Guerby
---
Based this on the earlier patch in order to avoid
because otherwise the SSH calls to other nodes in the cluster will fail
on newer clusters that only have the ssh known host keys located in the
pmxcfs.
By utilizing SSHInfo::ssh_info_to_ssh_opts we can add the needed options
to the SSH call to have the node name aliased correctly and pointing SSH
The first instance had the line break mid array. It now is a bit over
the limit, but follows the style guide closely: putting each argument to
the function in a newline.
Signed-off-by: Aaron Lauterer
---
src/PVE/CLI/pvecm.pm | 18 --
1 file changed, 12 insertions(+), 6 deletions(
on clusters where the ssh known hosts info is only stored in the pmxcfs,
it broke the mgmt of the qdevice. By adding the necessary ssh options on
each intra cluster ssh call, we can fix this.
The second patch is optional and adjusts the touched code to fit better
into the max line lenghts.
I put i