[pve-devel] [PATCH 1/2] add firewall option to qemu network interface
this allow to disable firewall for a specific interface Signed-off-by: Alexandre Derumier aderum...@odiso.com --- PVE/API2/Qemu.pm |6 +++--- PVE/QemuServer.pm |5 - pve-bridge|2 +- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm index c06e5c7..829f07f 100644 --- a/PVE/API2/Qemu.pm +++ b/PVE/API2/Qemu.pm @@ -831,9 +831,9 @@ my $vmconfig_update_net = sub { PVE::Network::tap_rate_limit($iface, $newnet-{rate}); } - if(($newnet-{bridge} ne $oldnet-{bridge}) || ($newnet-{tag} ne $oldnet-{tag})){ - eval{PVE::Network::tap_unplug($iface, $oldnet-{bridge}, $oldnet-{tag});}; - PVE::Network::tap_plug($iface, $newnet-{bridge}, $newnet-{tag}); + if(($newnet-{bridge} ne $oldnet-{bridge}) || ($newnet-{tag} ne $oldnet-{tag}) || ($newnet-{firewall} ne $oldnet-{firewall})){ + eval{PVE::Network::tap_unplug($iface, $oldnet-{bridge}, $oldnet-{tag}, $oldnet-{firewall});}; + PVE::Network::tap_plug($iface, $newnet-{bridge}, $newnet-{tag}, $newnet-{firewall}); } }else{ diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm index 43b02ee..5489751 100644 --- a/PVE/QemuServer.pm +++ b/PVE/QemuServer.pm @@ -478,7 +478,7 @@ my $nic_model_list_txt = join(' ', sort @$nic_model_list); my $netdesc = { optional = 1, type = 'string', format = 'pve-qm-net', -typetext = MODEL=XX:XX:XX:XX:XX:XX [,bridge=dev][,rate=mbps][,tag=vlanid], +typetext = MODEL=XX:XX:XX:XX:XX:XX [,bridge=dev][,rate=mbps][,tag=vlanid][,firewall=1|0], description = EODESCR, Specify network devices. @@ -1249,6 +1249,7 @@ sub parse_net { my ($data) = @_; my $res = {}; +$res-{firewall} = 1; foreach my $kvp (split(/,/, $data)) { @@ -1263,6 +1264,8 @@ sub parse_net { $res-{rate} = $1; } elsif ($kvp =~ m/^tag=(\d+)$/) { $res-{tag} = $1; +} elsif ($kvp =~ m/^firewall=(\d+)$/) { + $res-{firewall} = undef if $1 == 0; } else { return undef; } diff --git a/pve-bridge b/pve-bridge index 81ad5f4..d6c5eb8 100755 --- a/pve-bridge +++ b/pve-bridge @@ -30,6 +30,6 @@ PVE::Network::tap_create($iface, $net-{bridge}); PVE::Network::tap_rate_limit($iface, $net-{rate}) if $net-{rate}; -PVE::Network::tap_plug($iface, $net-{bridge}, $net-{tag}); +PVE::Network::tap_plug($iface, $net-{bridge}, $net-{tag}, $net-{firewall}); exit 0; -- 1.7.10.4 ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] qemu-server : firewall network option and pve-bridgedown script
details in commit ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug)
I'll look for openvz down script today. (I have sent a patch for qemu) - Mail original - De: Dietmar Maurer diet...@proxmox.com À: Alexandre DERUMIER aderum...@odiso.com Cc: pve-devel pve-devel@pve.proxmox.com Envoyé: Vendredi 2 Mai 2014 16:25:23 Objet: RE: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug) There is also /usr/sbin/vznetcfg, but seems this is only called for init. from vzctl/include/types.h: #define VPS_NET_ADD SCRIPTDIR /vps-net_add #define VPS_NET_DEL SCRIPTDIR /vps-net_del #define VPS_NETNS_DEV_ADD SCRIPTDIR /vps-netns_dev_add #define VPS_NETNS_DEV_DEL SCRIPTDIR /vps-netns_dev_del so we need to check which script in /usr/lib/vzctl/scripts/ is best. for openvz veth, I don't known if it's possible to use a script at shutdown ? Maybe we can use an action script for that: http://openvz.org/Man/vzctl.8#ACTION_SCRIPTS Maybe vps.umount? ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH 1/3] adapt patches to qemu 2.0.0
I'll test it today. Thanks! - Mail original - De: Dietmar Maurer diet...@proxmox.com À: Stefan Priebe s.pri...@profihost.ag, pve-devel@pve.proxmox.com Envoyé: Lundi 5 Mai 2014 11:48:25 Objet: Re: [pve-devel] [PATCH 1/3] adapt patches to qemu 2.0.0 No problem. Might be that one file does not apply as i have two more patches in the series one than your git repo. Just skip them. I just updated the patches for 2.0. I made the updates myself and split the patch into smaller parts. But your patch was of great help to find out what changed - many thanks! I also updated the keymap.diff patch - hope that works. ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug)
There is also /usr/sbin/vznetcfg, but seems this is only called for init. indeed, in veth.c static int veth_ctl(vps_handler *h, envid_t veid, int op, veth_param *list, int rollback) list_for_each(tmp, dev_h, list) { if (op == ADD) { if ((ret = h-veth_ctl(h, veid, ADD, tmp))) break; if ((ret = run_vznetcfg(veid, tmp))) break; } else if ((ret = h-veth_ctl(h, veid, DEL, tmp))) { break; } } maybe can we add something like else if ((ret = h-veth_ctl(h, veid, DEL, tmp))) { if ((ret = run_vznetcfgdown(veid, tmp))) break; } De: Dietmar Maurer diet...@proxmox.com À: Alexandre DERUMIER aderum...@odiso.com Cc: pve-devel pve-devel@pve.proxmox.com Envoyé: Vendredi 2 Mai 2014 16:25:23 Objet: RE: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug) There is also /usr/sbin/vznetcfg, but seems this is only called for init. from vzctl/include/types.h: #define VPS_NET_ADD SCRIPTDIR /vps-net_add #define VPS_NET_DEL SCRIPTDIR /vps-net_del #define VPS_NETNS_DEV_ADD SCRIPTDIR /vps-netns_dev_add #define VPS_NETNS_DEV_DEL SCRIPTDIR /vps-netns_dev_del so we need to check which script in /usr/lib/vzctl/scripts/ is best. for openvz veth, I don't known if it's possible to use a script at shutdown ? Maybe we can use an action script for that: http://openvz.org/Man/vzctl.8#ACTION_SCRIPTS Maybe vps.umount? ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug)
maybe better, reuse run_vznetcfg, and pass ADD|DEL , then we just need to add a new section in vznetcfg init script. list_for_each(tmp, dev_h, list) { if (op == ADD) { if ((ret = h-veth_ctl(h, veid, ADD, tmp))) break; if ((ret = run_vznetcfg(veid, tmp, ADD))) break; } else if ((ret = h-veth_ctl(h, veid, DEL, tmp))) { run_vznetcfg(veid, tmp, DEL); break; } } static int run_vznetcfg(envid_t veid, veth_dev *dev, int op) { int ret; char buf[16]; char *argv[] = {VZNETCFG, op == ADD ? init : del, veth, NULL, NULL}; char *env[2]; if (stat_file(VZNETCFG) != 1) return 0; argv[3] = dev-dev_name; snprintf(buf, sizeof(buf), VEID=%d, veid); env[0] = buf; env[1] = NULL; if ((ret = run_script(VZNETCFG, argv, env, 0))) { logger(-1, 0, VZNETCFG exited with error); ret = VZ_VETH_ERROR; } return ret; } - Mail original - De: Alexandre DERUMIER aderum...@odiso.com À: Dietmar Maurer diet...@proxmox.com Cc: pve-devel pve-devel@pve.proxmox.com Envoyé: Lundi 5 Mai 2014 14:32:20 Objet: Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug) There is also /usr/sbin/vznetcfg, but seems this is only called for init. indeed, in veth.c static int veth_ctl(vps_handler *h, envid_t veid, int op, veth_param *list, int rollback) list_for_each(tmp, dev_h, list) { if (op == ADD) { if ((ret = h-veth_ctl(h, veid, ADD, tmp))) break; if ((ret = run_vznetcfg(veid, tmp))) break; } else if ((ret = h-veth_ctl(h, veid, DEL, tmp))) { break; } } maybe can we add something like else if ((ret = h-veth_ctl(h, veid, DEL, tmp))) { if ((ret = run_vznetcfgdown(veid, tmp))) break; } De: Dietmar Maurer diet...@proxmox.com À: Alexandre DERUMIER aderum...@odiso.com Cc: pve-devel pve-devel@pve.proxmox.com Envoyé: Vendredi 2 Mai 2014 16:25:23 Objet: RE: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug) There is also /usr/sbin/vznetcfg, but seems this is only called for init. from vzctl/include/types.h: #define VPS_NET_ADD SCRIPTDIR /vps-net_add #define VPS_NET_DEL SCRIPTDIR /vps-net_del #define VPS_NETNS_DEV_ADD SCRIPTDIR /vps-netns_dev_add #define VPS_NETNS_DEV_DEL SCRIPTDIR /vps-netns_dev_del so we need to check which script in /usr/lib/vzctl/scripts/ is best. for openvz veth, I don't known if it's possible to use a script at shutdown ? Maybe we can use an action script for that: http://openvz.org/Man/vzctl.8#ACTION_SCRIPTS Maybe vps.umount? ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug)
maybe better, reuse run_vznetcfg, and pass ADD|DEL , then we just need to add a new section in vznetcfg init script. would you mind to post that one the openvz list? ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH 1/3] adapt patches to qemu 2.0.0
firsts tests seem to works fine - booting linux/windows guests - snasphot/rollback/del snapshot - move disk (online|offline) - live migration I'll do more tests tommorow - Mail original - De: Alexandre DERUMIER aderum...@odiso.com À: Dietmar Maurer diet...@proxmox.com Cc: pve-devel@pve.proxmox.com Envoyé: Lundi 5 Mai 2014 13:33:32 Objet: Re: [pve-devel] [PATCH 1/3] adapt patches to qemu 2.0.0 I'll test it today. Thanks! - Mail original - De: Dietmar Maurer diet...@proxmox.com À: Stefan Priebe s.pri...@profihost.ag, pve-devel@pve.proxmox.com Envoyé: Lundi 5 Mai 2014 11:48:25 Objet: Re: [pve-devel] [PATCH 1/3] adapt patches to qemu 2.0.0 No problem. Might be that one file does not apply as i have two more patches in the series one than your git repo. Just skip them. I just updated the patches for 2.0. I made the updates myself and split the patch into smaller parts. But your patch was of great help to find out what changed - many thanks! I also updated the keymap.diff patch - hope that works. ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] KVM guest hangs with SCSI drive (ZFS)
I have send 2 patchs, to update libiscsi and after qemu-kvm. can you test them ? I can confirm that using the 2 packages (libiscsi and qemu-kvm) solves the guest kernel hanging when loading modules problem. The SeaBIOS problem that doesn't recognize the disks with the following drivers still remains: scsihw: lsi scsihw: lsi53c810 scsihw: pvscsi using scsihw: virtio-scsi-pci or megasas SeaBIOS detects the drive and can start grub from it. Maybe we need an updated SeaBIOS as well? Best regards, Adrian Costin ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug)
would you mind to post that one the openvz list? don't seem to work, the code don't seem to be called on vm shutdown. I think that DEL is only use for rollback, if the ADD fail. I'll look for another way. - Mail original - De: Dietmar Maurer diet...@proxmox.com À: Alexandre DERUMIER aderum...@odiso.com Cc: pve-devel pve-devel@pve.proxmox.com Envoyé: Lundi 5 Mai 2014 15:34:25 Objet: RE: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug) maybe better, reuse run_vznetcfg, and pass ADD|DEL , then we just need to add a new section in vznetcfg init script. would you mind to post that one the openvz list? ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] zfs plugin improvements
Hi, I would like to make the following improvements to the zfs plugin. I would appreciate any comments: 1. add a parameter to storage.cfg called sparse which would create sparse zvols if set to true. This can default to false for compatibility with the current version 2. add SRP support. I was thinking SRP could be added as a separate iscsiprovider even though the protocol is not actually iSCSI. SRP is SCSI RDMA Protocol which is supported by Infiniband hardware (and some 10G Ethernet adapters). We're currently running an Infiniband network for storage and using iSCSI over IP over Infiniband which degrades performance. I've tested SRP on our network and it has at least 100% improvement over the current solution. Best regards, Adrian Costin ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] zfs plugin improvements
On Mon, 5 May 2014 20:56:32 +0300 Adrian Costin adrian.cos...@gmail.com wrote: 1. add a parameter to storage.cfg called sparse which would create sparse zvols if set to true. This can default to false for compatibility with the current version Already in git: commit 082e79f35b2f7b75862dc3014fb7de8e65fa76c6 Author: Chris Allen ca.al...@gmail.com Date: Fri Feb 28 23:56:02 2014 -0800 Added sparse zvol support to ZFS. To enable, add sparse to the ZFS storage section, you wish to use it on, in /etc/pve/storage. Signed-off-by: Chris Allen Chris Allen 2. add SRP support. I don't have such hardware so others must step in here. -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael at rasmussen dot cc http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xD3C9A00E mir at datanom dot net http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xE501F51C mir at miras dot org http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xE3E80917 -- /usr/games/fortune -es says: The optimum committee has no members. -- Norman Augustine signature.asc Description: PGP signature ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] zfs plugin improvements
Already in git: commit 082e79f35b2f7b75862dc3014fb7de8e65fa76c6 Sorry, I didn't see if. It's not visible here: https://git.proxmox.com/?p=pve-storage.git;a=summary Best regards, Adrian Costin ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] zfs plugin improvements
On Mon, 5 May 2014 21:26:41 +0300 Adrian Costin adrian.cos...@gmail.com wrote: Sorry, I didn't see if. It's not visible here: https://git.proxmox.com/?p=pve-storage.git;a=summary Strange. Seems al these are missing? git log commit b3a716fa613391dc54244f7a894088de36b6a303 Author: Chris Allen Chris Allen Date: Tue Mar 11 17:32:17 2014 -0700 Added code to abort a snapshot rollback in ZFS if the snapshot selected is not the most recent. This is to avoid lu deletion when trying to rollback to a snapshot that isn't the newest. Signed-off-by: Chris Allen Chris Allen commit b006779d458cd48a2eca94313689aab29fd96cc7 Author: Chris Allen Chris Allen Date: Tue Mar 11 15:07:53 2014 -0700 Added target-group and host-group options for ZFS comstar views. Use comstar_tg and comstar_hg in /etc/pve/storage.pm. Signed-off-by: Chris Allen Chris Allen commit 85783ec48967e2fbf2c027b3af5da104a70f Author: Chris Allen Chris Allen Date: Tue Mar 11 10:46:24 2014 -0700 Fixed Istgt LUN Options handling. Signed-off-by: Chris Allen Chris Allen commit e9dcc3be6896c6673c3d8733f4f7ea1e5091d7a7 Author: Chris Allen Chris Allen Date: Mon Mar 10 13:06:09 2014 -0700 Fixed command substitution and output redirection in Istgt module to work in csh - the default shell in FreeBSD. Changed Istgt restart to onerestart. This way a running istgt daemon will always restart whether or not it is enabled Signed-off-by: Chris Allen Chris Allen commit 5da23bad9844adfb61d3c093d08bf89eef86aadc Author: Chris Allen Chris Allen Date: Mon Mar 10 12:07:35 2014 -0700 Added nowritecache option to ZFS storage plugin. Turns off write caching on Comstar and Istgt LUNs created by the plugin. Has no effect on IET, as IET always uses write-through caching for blockio volumes not in read-only mode. Signed-off-by: Chris Allen Chris Allen commit 082e79f35b2f7b75862dc3014fb7de8e65fa76c6 Author: Chris Allen ca.al...@gmail.com Date: Fri Feb 28 23:56:02 2014 -0800 Added sparse zvol support to ZFS. To enable, add sparse to the ZFS storage section, you wish to use it on, in /etc/pve/storage.pm Signed-off-by: Chris Allen Chris Allen -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael at rasmussen dot cc http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xD3C9A00E mir at datanom dot net http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xE501F51C mir at miras dot org http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xE3E80917 -- /usr/games/fortune -es says: Ok, I'm just uploading the new version of the kernel, v1.3.33, also known as the buggiest kernel ever. -- Linus Torvalds signature.asc Description: PGP signature ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH 1/3] adapt patches to qemu 2.0.0
I already tested last week. Same to me. STefan Am 05.05.2014 18:53, schrieb Alexandre DERUMIER: firsts tests seem to works fine - booting linux/windows guests - snasphot/rollback/del snapshot - move disk (online|offline) - live migration I'll do more tests tommorow - Mail original - De: Alexandre DERUMIER aderum...@odiso.com À: Dietmar Maurer diet...@proxmox.com Cc: pve-devel@pve.proxmox.com Envoyé: Lundi 5 Mai 2014 13:33:32 Objet: Re: [pve-devel] [PATCH 1/3] adapt patches to qemu 2.0.0 I'll test it today. Thanks! - Mail original - De: Dietmar Maurer diet...@proxmox.com À: Stefan Priebe s.pri...@profihost.ag, pve-devel@pve.proxmox.com Envoyé: Lundi 5 Mai 2014 11:48:25 Objet: Re: [pve-devel] [PATCH 1/3] adapt patches to qemu 2.0.0 No problem. Might be that one file does not apply as i have two more patches in the series one than your git repo. Just skip them. I just updated the patches for 2.0. I made the updates myself and split the patch into smaller parts. But your patch was of great help to find out what changed - many thanks! I also updated the keymap.diff patch - hope that works. ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] KVM guest hangs with SCSI drive (ZFS)
maybe can you try with qemu 2.0 ? (I can built it for you if you want). Also, I known that booting is not available for all controllers types. booting from old lsi is a pain, and don't known well since some years known. (depend on multiple parameters) But the lsi seabios implementation is more a trick lsi53c810 is a variant, same crap, only for nt4 compatibility. pvscsi boot has been added in this commit: http://git.qemu.org/?p=qemu.git;a=commit;h=11938d7863203d5ca523865761cac6130783c858 so qemu 2.0 I think. But I think you shoulg go to virtio-scsi for best performance anyway. - Mail original - De: Adrian Costin adrian.cos...@gmail.com À: pve-devel@pve.proxmox.com Envoyé: Lundi 5 Mai 2014 18:54:50 Objet: Re: [pve-devel] KVM guest hangs with SCSI drive (ZFS) I have send 2 patchs, to update libiscsi and after qemu-kvm. can you test them ? I can confirm that using the 2 packages (libiscsi and qemu-kvm) solves the guest kernel hanging when loading modules problem. The SeaBIOS problem that doesn't recognize the disks with the following drivers still remains: scsihw: lsi scsihw: lsi53c810 scsihw: pvscsi using scsihw: virtio-scsi-pci or megasas SeaBIOS detects the drive and can start grub from it. Maybe we need an updated SeaBIOS as well? Best regards, Adrian Costin ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] KVM guest hangs with SCSI drive (ZFS)
On Sun, 04 May 2014 18:47:28 +0200 (CEST) Alexandre DERUMIER aderum...@odiso.com wrote: can you test them ? Have tested with CentOS-6.5 and I can confirm that it works with virtio and megaraid. No speed monster though;-) -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael at rasmussen dot cc http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xD3C9A00E mir at datanom dot net http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xE501F51C mir at miras dot org http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xE3E80917 -- /usr/games/fortune -es says: 1st graffitiist: QUESTION AUTHORITY! 2nd graffitiist: Why? signature.asc Description: PGP signature ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH 2/2] add vps.postumount script
to cleanup bridges after openvz container umount Signed-off-by: Alexandre Derumier aderum...@odiso.com --- debian/rules |2 ++ debian/vps.postumount | 28 debian/vzctl.postinst |6 ++ 3 files changed, 36 insertions(+) create mode 100755 debian/vps.postumount diff --git a/debian/rules b/debian/rules index c9805fd..0504db1 100644 --- a/debian/rules +++ b/debian/rules @@ -98,6 +98,8 @@ install: build # install perl vznetaddbr version install -m 644 $(CURDIR)/debian/vznetaddbr $(CURDIR)/debian/vzctl/usr/sbin/vznetaddbr + install -m 644 $(CURDIR)/debian/vps.postumount $(CURDIR)/debian/vzctl/etc/vz/vps.postumount + # Build architecture-independent files here. diff --git a/debian/vps.postumount b/debian/vps.postumount new file mode 100755 index 000..d568d4f --- /dev/null +++ b/debian/vps.postumount @@ -0,0 +1,28 @@ +#!/usr/bin/perl +use strict; +use warnings; +use PVE::OpenVZ; +use PVE::Tools qw(run_command); +use PVE::Network; +use PVE::ProcFSTools; +use Data::Dumper; + +my $vmid = $ENV{VEID}; +die missing vmid parameter if !$vmid; + +my $conf = PVE::OpenVZ::load_config($vmid); + +my $ifaces = {}; +if (defined ($conf-{netif}) $conf-{netif}-{value}) { + $ifaces = PVE::OpenVZ::parse_netif($conf-{netif}-{value}, $vmid); +} + +foreach my $ifname (sort keys %$ifaces) { + +my $iface = $ifaces-{$ifname}-{host_ifname}; +PVE::Network::tap_unplug($iface); +} + +exit 0; + + diff --git a/debian/vzctl.postinst b/debian/vzctl.postinst index 60f0e2c..d08e1aa 100644 --- a/debian/vzctl.postinst +++ b/debian/vzctl.postinst @@ -60,6 +60,12 @@ case $1 in rm -f /etc/cron.d/vz rm -rf /etc/vz/cron fi + +if [ -r /etc/vz/vps.postumount ]; then +echo move vps.postumount to config directory; +cp /etc/vz/vps.postumount /etc/pve/openvz/vps.postumount +#rm /etc/vz/vps.postumount +fi ;; abort-upgrade|abort-remove|abort-deconfigure) ;; -- 1.7.10.4 ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH 1/2] vznetaddbr perl version
this replace the default vznetaddbr script, using perl code. This allow to use vlan tag, firewall bridge and openvswitch bridge like for qemu Signed-off-by: Alexandre Derumier aderum...@odiso.com --- debian/patches/fix-config-path.diff | 13 - debian/patches/series |2 +- debian/rules|3 +++ 3 files changed, 4 insertions(+), 14 deletions(-) diff --git a/debian/patches/fix-config-path.diff b/debian/patches/fix-config-path.diff index 8a17ad9..fa50f56 100644 --- a/debian/patches/fix-config-path.diff +++ b/debian/patches/fix-config-path.diff @@ -24,19 +24,6 @@ Index: new/paths.am distconfdir = $(pkgconfdir)/dists namesdir= $(pkgconfdir)/names -Index: new/bin/vznetaddbr.in -=== new.orig/bin/vznetaddbr.in 2012-09-28 09:05:45.0 +0200 -+++ new/bin/vznetaddbr.in 2012-09-28 09:39:27.0 +0200 -@@ -2,7 +2,7 @@ - # - # Add virtual network interfaces (veth's) in a container to a bridge on CT0 - --CONFIGFILE=@PKGCONFDIR@/conf/$VEID.conf -+CONFIGFILE=@VPSCONFDIR@/$VEID.conf - . $CONFIGFILE - - NETIFLIST=$(printf %s $NETIF |tr ';' '\n') Index: new/etc/init.d/vz-redhat.in === --- new.orig/etc/init.d/vz-redhat.in 2012-09-28 09:05:45.0 +0200 diff --git a/debian/patches/series b/debian/patches/series index 483ec4c..ed86721 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -7,5 +7,5 @@ no-backup-on-destroy.diff fix-init.d-depends.diff allow-abs-ostemplate-path.diff always-create-dev-console.patch -keep-bridge-MTU.patch +#keep-bridge-MTU.patch fix-vzifup-post-error.patch diff --git a/debian/rules b/debian/rules index 1a4bc81..c9805fd 100644 --- a/debian/rules +++ b/debian/rules @@ -95,6 +95,9 @@ install: build rm -rf $(CURDIR)/debian/vzctl/etc/vz/conf # we create the symlink to /etc/pve/openvz inside the preinst script + # install perl vznetaddbr version + install -m 644 $(CURDIR)/debian/vznetaddbr $(CURDIR)/debian/vzctl/usr/sbin/vznetaddbr + # Build architecture-independent files here. -- 1.7.10.4 ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] vzctl : vznetaddbr vps.postumount perl scripts
allow fw bridges create/delete on container start/stop ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug)
I have sent a patch using vps.postumount hook script, works perfectly ! Good. The only problem I see is that users already use that file already for other things. ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug)
Good. The only problem I see is that users already use that file already for other things. Good point. I'll look if we can add a proxmox specific script, hacking the code to add a second postumount script - Mail original - De: Dietmar Maurer diet...@proxmox.com À: Alexandre DERUMIER aderum...@odiso.com Cc: pve-devel pve-devel@pve.proxmox.com Envoyé: Mardi 6 Mai 2014 06:19:59 Objet: RE: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug) I have sent a patch using vps.postumount hook script, works perfectly ! Good. The only problem I see is that users already use that file already for other things. ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug)
I'll look if we can add a proxmox specific script, hacking the code to add a second postumount script Ok, thanks! ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug)
I think in src/lib/fs.c if (!(skip SKIP_ACTION_SCRIPT)) { snprintf(buf, sizeof(buf), %s%d.%s, VPS_CONF_DIR, veid, POST_UMOUNT_PREFIX); for (i = 0; i 2; i++) { if (run_pre_script(veid, buf)) { logger(-1, 0, Error executing umount script %s, buf); return VZ_ACTIONSCRIPT_ERROR; } snprintf(buf, sizeof(buf), %svps.%s, VPS_CONF_DIR, POST_UMOUNT_PREFIX); ++snprintf(buf, sizeof(buf), %sproxmox.%s, VPS_CONF_DIR, ++POST_UMOUNT_PREFIX); } } should call /etc/vz/conf/proxmox.postumount (maybe putting the script is /usr/sbin/ is better ?) - Mail original - De: Dietmar Maurer diet...@proxmox.com À: Alexandre DERUMIER aderum...@odiso.com Cc: pve-devel pve-devel@pve.proxmox.com Envoyé: Mardi 6 Mai 2014 06:29:35 Objet: RE: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug) I'll look if we can add a proxmox specific script, hacking the code to add a second postumount script Ok, thanks! ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] KVM guest hangs with SCSI drive (ZFS)
Will these patched packages (for qemu 1.7.1) make it in to the PVE3.2 repos ? On Tue, May 6, 2014 at 1:00 PM, Michael Rasmussen m...@datanom.net wrote: On Sun, 04 May 2014 18:47:28 +0200 (CEST) Alexandre DERUMIER aderum...@odiso.com wrote: can you test them ? Have tested with CentOS-6.5 and I can confirm that it works with virtio and megaraid. No speed monster though;-) -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael at rasmussen dot cc http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xD3C9A00E mir at datanom dot net http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xE501F51C mir at miras dot org http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xE3E80917 -- /usr/games/fortune -es says: 1st graffitiist: QUESTION AUTHORITY! 2nd graffitiist: Why? ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug)
++snprintf(buf, sizeof(buf), %sproxmox.%s, VPS_CONF_DIR, ++POST_UMOUNT_PREFIX); } } should call /etc/vz/conf/proxmox.postumount (maybe putting the script is /usr/sbin/ is better ?) Please use SCRIPTDIR (see include/types.h) ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug)
Just a side note that it might be a good idea to hack in the other script types as well while you're in there anyway. That way if/when something should end up in, say, a premount script, you only need to write the script itself. Something to consider, anyway. On May 5, 2014 11:12 PM, Dietmar Maurer diet...@proxmox.com wrote: ++snprintf(buf, sizeof(buf), %sproxmox.%s, VPS_CONF_DIR, ++POST_UMOUNT_PREFIX); } } should call /etc/vz/conf/proxmox.postumount (maybe putting the script is /usr/sbin/ is better ?) Please use SCRIPTDIR (see include/types.h) ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug)
but wait, maybe vzeventd is the solution. ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug)
Ok, we need to modify /usr/lib/vzctl/scripts/vzevent-stop That script is even called when container is stopped from inside (poweroff). -Original Message- From: pve-devel [mailto:pve-devel-boun...@pve.proxmox.com] On Behalf Of Dietmar Maurer Sent: Dienstag, 06. Mai 2014 07:23 To: Alexandre DERUMIER Cc: pve-devel Subject: Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug) but wait, maybe vzeventd is the solution. ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] KVM guest hangs with SCSI drive (ZFS)
Will these patched packages (for qemu 1.7.1) make it in to the PVE3.2 repos ? No, my plan was to release them with qemu 2.0 ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug)
Ok, we need to modify /usr/lib/vzctl/scripts/vzevent-stop That script is even called when container is stopped from inside (poweroff). Sigh, I guess we need both things (modify vzctl and add cleanup actions in /usr/lib/vzctl/scripts/vzevent-stop), because vzevent-stop is run asynchronous and simply exit it there is a running 'vzctl stop' (for safety if guess). ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] KVM guest hangs with SCSI drive (ZFS)
But I think you shoulg go to virtio-scsi for best performance anyway. That's exactly what I intend to do. In the meantime I've successfully tested Windows 7 and Windows 2008 which all work fine. Have tested with CentOS-6.5 and I can confirm that it works with virtio and megaraid. No speed monster though;-) It's not as fast as VirtIO, but it's definitely better the IDE. maybe can you try with qemu 2.0 ? (I can built it for you if you want). I can definitely test with qemu 2.0. Are there packages available? Best regards, Adrian Costin ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] zfs plugin improvements
On Tue, 6 May 2014 04:25:11 + Dietmar Maurer diet...@proxmox.com wrote: Did you already test those patches? No (I might have forgotten about there existents;-). I intend to do it the coming days. -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael at rasmussen dot cc http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xD3C9A00E mir at datanom dot net http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xE501F51C mir at miras dot org http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xE3E80917 -- /usr/games/fortune -es says: The only intuitive interface is the nipple. After that, it's all learned. (Bruce Ediger, bedi...@teal.csn.org, in comp.os.linux.misc, on X interfaces.) signature.asc Description: PGP signature ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] zfs plugin improvements
Did you already test those patches? No (I might have forgotten about there existents;-). I intend to do it the coming days. Thanks, that would be great. I don't really want to commit things to the ZFS plugin without prior acknowledge from you or Alexandre. ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug)
Ok, I'll check that. thanks for help. - Mail original - De: Dietmar Maurer diet...@proxmox.com À: Alexandre DERUMIER aderum...@odiso.com Cc: pve-devel pve-devel@pve.proxmox.com Envoyé: Mardi 6 Mai 2014 07:38:29 Objet: RE: [pve-devel] pve-firewall : masquerade results (+veth vlan tag bug) Ok, we need to modify /usr/lib/vzctl/scripts/vzevent-stop That script is even called when container is stopped from inside (poweroff). Sigh, I guess we need both things (modify vzctl and add cleanup actions in /usr/lib/vzctl/scripts/vzevent-stop), because vzevent-stop is run asynchronous and simply exit it there is a running 'vzctl stop' (for safety if guess). ___ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel