Events are reported via POLLPRI and POLLERR (priority and
exception flags), not POLLIN (which causes a busy-loop).
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC/CGroup.pm | 12 +---
1 file changed, 5 insertions(+), 7 deletions(-)
diff --git a/src/PVE/LXC/CGroup.pm b/src/PVE/LXC
Signed-off-by: Wolfgang Bumiller
---
New in this version, used later on.
src/PVE/LXC/CGroup.pm | 19 +--
1 file changed, 13 insertions(+), 6 deletions(-)
diff --git a/src/PVE/LXC/CGroup.pm b/src/PVE/LXC/CGroup.pm
index 780b0e5..7936576 100644
--- a/src/PVE/LXC/CGroup.pm
+++ b
Fix cpu quota/shares using the wrong controller path, and
use the outer path to apply hotplugged changes.
Signed-off-by: Wolfgang Bumiller
---
New in this version, fixes hotplug of cpu quota/share values and makes sure
hotplugging uses outer cgroup path.
src/PVE/LXC/CGroup.pm | 22
Signed-off-by: Wolfgang Bumiller
---
Moved from LXC.pm to here, makes more sense. This controls the freezer
cgroup. With lxc4 `lxc-freeze` queries the limiting cgroup path for
containers, which lxc-3 containers don't understand. And while in PVE
they did have namespace separation, the API
Signed-off-by: Wolfgang Bumiller
---
No changes since v1.
src/PVE/LXC/Command.pm | 22 ++
1 file changed, 22 insertions(+)
diff --git a/src/PVE/LXC/Command.pm b/src/PVE/LXC/Command.pm
index 0a52d47..bcc481d 100644
--- a/src/PVE/LXC/Command.pm
+++ b/src/PVE/LXC/Command.pm
Fixes some hotplug issues with containers still running
lxc 3.
Signed-off-by: Wolfgang Bumiller
---
New in this version. This was previously part of the freeze code but is
actually required in general for hotplugging (which previously used the
old non-limiting path and therefore still mostly
Signed-off-by: Wolfgang Bumiller
---
Implementation of this was moved to the CGroup module, this sub is mostly for
convenience so that external users don't need to use the CGroup module (no
users of this have an instance ready yet) (also makes mocking in the
test suite easier)
src/PVE/LXC.pm
Signed-off-by: Wolfgang Bumiller
---
No change to v1
src/PVE/LXC/Config.pm | 4 ++--
src/PVE/VZDump/LXC.pm | 6 ++
src/test/snapshot-test.pm | 11 +++
3 files changed, 11 insertions(+), 10 deletions(-)
diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
index
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC/Command.pm | 22 ++
1 file changed, 22 insertions(+)
diff --git a/src/PVE/LXC/Command.pm b/src/PVE/LXC/Command.pm
index 0a52d47..bcc481d 100644
--- a/src/PVE/LXC/Command.pm
+++ b/src/PVE/LXC/Command.pm
@@ -16,6 +16,8 @@ use
lxc-freeze from lxc 4 fails with lxc 3 containers, and our
lxc 3 has an api extension to get the namespaced/inner
cgroup path
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 51 ++
1 file changed, 51 insertions(+)
diff --git a/src/PVE
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC/Config.pm | 4 ++--
src/PVE/VZDump/LXC.pm | 6 ++
src/test/snapshot-test.pm | 11 +++
3 files changed, 11 insertions(+), 10 deletions(-)
diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
index dcc8755..51470cf
and use 4M for our savevm-async buffer size
Signed-off-by: Wolfgang Bumiller
---
Changes to v1: add missing call to free() in qemu_fclose.
...add-optional-buffer-size-to-QEMUFile.patch | 183 ++
debian/patches/series | 1 +
2 files changed, 184
@@
+From Mon Sep 17 00:00:00 2001
+From: Wolfgang Bumiller
+Date: Thu, 30 Apr 2020 15:55:37 +0200
+Subject: [PATCH] move savevm-async back into a coroutine
+
+Move qemu_savevm_state_{header,setup} into the main loop and
+the rest of the iteration
il/async: make bh_aio_poll() O(1)"), i.e. it only
> breaks after this commit. Might be an upstream bug too somewhere? But I
> don't see an issue with doing this in a coroutine either.
>
> See also inline.
>
> On 5/4/20 12:02 PM, Wolfgang Bumiller wrote:
> > Move qemu_sa
and use 4M for our savevm-async buffer size
Signed-off-by: Wolfgang Bumiller
---
...add-optional-buffer-size-to-QEMUFile.patch | 173 ++
debian/patches/series | 1 +
2 files changed, 174 insertions(+)
create mode 100644
debian/patches/pve/0044-add
> On April 23, 2020 7:56 AM Thomas Lamprecht wrote:
>
>
> On 4/9/20 4:10 PM, Dominik Csapak wrote:
> > we use this format for all 'delete' options but we have some options
> > that have a '-' in the name (e.g. 'sync-defaults-options') that cannot
> > be deleted if it is not included
> >
> >
applied
On Wed, Apr 22, 2020 at 11:24:27AM +0200, Stoiko Ivanov wrote:
> When creating an unprivileged container with CentOS 6 (which will be EOL in
> Nov 2020 [0]) the console does not work.
can't wait
>
> The problem is mitigated by adding the --nohangup argument to the mingetty
>
On Wed, Apr 22, 2020 at 11:28:36AM +0200, Thomas Lamprecht wrote:
> On 4/22/20 10:30 AM, Fabian Ebner wrote:
> > Turns out that this alone doesn't make starting containers with an
> > unmounted zfs subvolume working. But "pct clone" and "pct mount" can still
> > benefit from this patch. The
On Thu, Apr 09, 2020 at 01:28:37PM +0200, Wolfgang Bumiller wrote:
> Signed-off-by: Wolfgang Bumiller
> ---
> Changes to v1:
> * Add a convenience method for querying a set of multiple possible
> controllers.
>
> src/PVE/LXC.pm| 14 +
> src
`-w`, because a lot of it is
indentation.
Wolfgang Bumiller (5):
config: whitelist lxc.cgroup2 raw keys
consider lxc.cgroup2.cpuset.cpus as explicit cpuset
cgroup: more generic get_cgroup_controllers function
support cpuset cgroupv2 controller
cgroup: use version returned from get_path()
Signed-off-by: Wolfgang Bumiller
---
Same as v1
src/PVE/LXC/Config.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
index 1aab6d4..77642d8 100644
--- a/src/PVE/LXC/Config.pm
+++ b/src/PVE/LXC/Config.pm
@@ -606,7 +606,7 @@ sub
Signed-off-by: Wolfgang Bumiller
---
Changes to v1:
* Add a convenience method for querying a set of multiple possible
controllers.
src/PVE/LXC.pm| 14 +
src/PVE/LXC/CGroup.pm | 139 ++
2 files changed, 116 insertions(+), 37 deletions
We should not override it in either case.
Signed-off-by: Wolfgang Bumiller
---
Same as v1
src/PVE/LXC.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 9adb366..914dc2a 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -711,7 +711,7
Signed-off-by: Wolfgang Bumiller
---
Same as v1
src/PVE/LXC.pm | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 711ddd9..e26a7b8 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -707,7 +707,7 @@ sub update_lxc_config
Instead of deciding via `cgroup_mode()` use the version we
get from get_path().
Signed-off-by: Wolfgang Bumiller
---
Changes to v1:
* Removed the `(get_path() || get_path())` statements, perl puts that
into a scalar context of course, leaving out the returned version, so
I'm using
Just noticed some warnings from pvestatd, will send a v2.
> On April 9, 2020 12:55 PM Wolfgang Bumiller wrote:
>
>
> There's probably more to come, and not all our settings are yet
> automatically converted to cgroupv2 in `update_lxc_config`, but the one
> most p
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 711ddd9..e26a7b8 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -707,7 +707,7 @@ sub update_lxc_config {
}
my
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm| 14 +
src/PVE/LXC/CGroup.pm | 125 +-
2 files changed, 102 insertions(+), 37 deletions(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 914dc2a..711ddd9 100644
--- a/src/PVE/LXC.pm
in
theory the hybrid layout allows you to choose which controllers are
in which cgroup. So this now contains a combined "fetch path & version
of controller X" helper method.
The last patch should be viewed with `-w`, because a lot of it is
indentation.
Wolfgang Bumiller (5):
con
Instead of deciding via `cgroup_mode()` use the version we
get from get_path().
Signed-off-by: Wolfgang Bumiller
---
NOTE: View with `-w`, a lot of this is just indentation!
(And yes, the cgv2 fixme is still there.)
src/PVE/LXC/CGroup.pm | 183 ++
1 file
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC/Config.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
index 1aab6d4..77642d8 100644
--- a/src/PVE/LXC/Config.pm
+++ b/src/PVE/LXC/Config.pm
@@ -606,7 +606,7 @@ sub
We should not override it in either case.
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 9adb366..914dc2a 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -711,7 +711,7 @@ sub
On Sat, Apr 04, 2020 at 08:09:58PM +0200, Thomas Lamprecht wrote:
> On 4/3/20 4:37 PM, w.bumil...@proxmox.com wrote:
> > ...
> > +# Change the cpu "shares" for a container.
> > +#
> > +# In cgroupv1 we used a value in `[0..50]` with a default of 1024.
> > +#
> > +# In cgroupv2 we do not have
On Sat, Apr 04, 2020 at 08:13:10PM +0200, Thomas Lamprecht wrote:
> On 4/3/20 4:37 PM, w.bumil...@proxmox.com wrote:
> > ...
> > +# Parse some memory data from `memory.stat`
> > +sub get_memory_stat {
> > +my ($self) = @_;
> > +
> > +my $res = {
> > + mem => 0,
> > + swap => 0,
> > +
Signed-off-by: Wolfgang Bumiller
---
src/lxc-pve-prestart-hook | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/lxc-pve-prestart-hook b/src/lxc-pve-prestart-hook
index be0063d..66569f9 100755
--- a/src/lxc-pve-prestart-hook
+++ b/src/lxc-pve-prestart-hook
@@ -158,8
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC/Command.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/PVE/LXC/Command.pm b/src/PVE/LXC/Command.pm
index 825c354..0a52d47 100644
--- a/src/PVE/LXC/Command.pm
+++ b/src/PVE/LXC/Command.pm
@@ -165,7 +165,7 @@ sub
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC/Command.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/PVE/LXC/Command.pm b/src/PVE/LXC/Command.pm
index a09b2be..825c354 100644
--- a/src/PVE/LXC/Command.pm
+++ b/src/PVE/LXC/Command.pm
@@ -128,7 +128,7 @@ sub
We used a $limiting parameter instead.
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC/Command.pm | 20
1 file changed, 20 deletions(-)
diff --git a/src/PVE/LXC/Command.pm b/src/PVE/LXC/Command.pm
index b361c7d..a09b2be 100644
--- a/src/PVE/LXC/Command.pm
+++ b/src/PVE
See: https://github.com/lxc/lxc/pull/3353
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 1c27a86..b4ffc9b 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -596,8 +596,8 @@ sub
On Tue, Mar 31, 2020 at 12:08:38PM +0200, Wolfgang Link wrote:
> acme.sh DNS plugins expect a configuration in which the login information
> is stored.
> We pass the credentials with the command.
> This function supports the expected behavior of the plugins.
>
> Signed-off-by: Wolfgang Link
>
Pure removals, my favorite kind of patch.
But... with which version did it get support for this? If it's not the
first one we shipped with buster, do we want to add a version check here
instead of simply removing this?
On 3/20/20 11:44 AM, Alexandre Derumier wrote:
ifupdown2 support it now
On 3/22/20 7:53 PM, Alexandre DERUMIER wrote:
Hi,
as I'll work at home for the next weeks because of covid-19,
I think I'm going to learn a new language.
What do you think about rust vs golang vs raku, coming from perl/python/php.
(I don't have touch C too much since school in 99 ;)
My very
applied
On 3/18/20 10:46 AM, Thomas Lamprecht wrote:
CONTAINER_INTERFACE[0] is something systemd people call their API and
we need to adapt to it a bit, even if it means doing stupid
unnecessary things, as else systemd decides to regress and suddenly
break network stack in CT after an
On 3/17/20 2:40 PM, Thomas Lamprecht wrote:
On 3/17/20 2:33 PM, Wolfgang Bumiller wrote:
On 3/17/20 2:24 PM, Thomas Lamprecht wrote:
On 3/17/20 2:10 PM, Wolfgang Bumiller wrote:
On 3/17/20 12:31 PM, Thomas Lamprecht wrote:
On 3/17/20 10:27 AM, Wolfgang Bumiller wrote:
On 3/17/20 7:35 AM
On 3/17/20 2:24 PM, Thomas Lamprecht wrote:
On 3/17/20 2:10 PM, Wolfgang Bumiller wrote:
On 3/17/20 12:31 PM, Thomas Lamprecht wrote:
On 3/17/20 10:27 AM, Wolfgang Bumiller wrote:
On 3/17/20 7:35 AM, Thomas Lamprecht wrote:
CONTAINER_INTERFACE[0] is omething systemd people call their API
On 3/17/20 12:31 PM, Thomas Lamprecht wrote:
On 3/17/20 10:27 AM, Wolfgang Bumiller wrote:
On 3/17/20 7:35 AM, Thomas Lamprecht wrote:
CONTAINER_INTERFACE[0] is omething systemd people call their API and
we need to adapt to it a bit, even if it means doing stupid
unnecessary things, as else
On 3/17/20 7:35 AM, Thomas Lamprecht wrote:
Else some newer system do not see the interface as up and refuse to
manage it..
Where do you run into that actually? I can get my arch container to
behave normally with just adding `lxc.mount.auto = sys:mixed` to
/etc/pve/lxc/$vmid.conf atm.
On 3/17/20 10:27 AM, Wolfgang Bumiller wrote:
On 3/17/20 7:35 AM, Thomas Lamprecht wrote:
CONTAINER_INTERFACE[0] is omething systemd people call their API and
we need to adapt to it a bit, even if it means doing stupid
unnecessary things, as else systemd decides to regress and suddenly
break
On 3/17/20 7:35 AM, Thomas Lamprecht wrote:
CONTAINER_INTERFACE[0] is omething systemd people call their API and
we need to adapt to it a bit, even if it means doing stupid
unnecessary things, as else systemd decides to regress and suddenly
break network stack in CT after an upgrade[1].
This
ue.
>
> Signed-off-by: Oguz Bektas
Acked-by: Wolfgang Bumiller
> ---
> src/PVE/VZDump/LXC.pm | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/src/PVE/VZDump/LXC.pm b/src/PVE/VZDump/LXC.pm
> index 0260184..ed6daa2 100644
> --- a/src/PVE/VZDump/LXC.pm
> +
applied both patches
On Mon, Feb 03, 2020 at 06:30:27AM +0100, Alexandre Derumier wrote:
> - 1 fix for ovs not having ip address setup on start
> - 1 fix for new state_dir feature, where directory need to be on tmpfs
>
> Alexandre Derumier (2):
> patch: execute addons scripts before modules
>
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 5 +
1 file changed, 5 insertions(+)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 9e25ad4..b4d3b7d 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -534,6 +534,11 @@ sub make_seccomp_config {
# leave up to the kernel. We
Should this go to pve-common?
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 24
1 file changed, 24 insertions(+)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index c590fc8..9e25ad4 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -464,6 +464,30 @@ sub
art partially
handling some syscalls (eg. mount, but that'll only be feasable with
the old mount api), and send cases we don't want to handle "back to the
kernel".
Wolfgang Bumiller (4):
add mknod feature flag
add a check_kernel_release helper
mask 'mknod' feature
in pve 7.
Signed-off-by: Wolfgang Bumiller
---
src/Makefile | 1 -
src/PVE/LXC.pm| 88 +++
src/PVE/LXC/Config.pm | 8
3 files changed, 80 insertions(+), 17 deletions(-)
diff --git a/src/Makefile b/src/Makefile
index 5e32d38..7166708
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index b4d3b7d..cb2531f 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -496,7 +496,7 @@ sub check_kernel_release {
#
# This returns
applied
On Thu, Jan 16, 2020 at 02:35:58PM +0100, Aaron Lauterer wrote:
> VMs have a space in between VM and the VMID.
>
> Signed-off-by: Aaron Lauterer
> ---
>
> While this is a small optical nit pick we could also think about
> replacing the whitespace between CT/VM and the ID with a dash.
applied
On Fri, Jan 17, 2020 at 01:43:45PM +0100, Oguz Bektas wrote:
> [0]:
> https://forum.proxmox.com/threads/centos-8-1-lxc-unsupported-centos-release.63530/
>
> Signed-off-by: Oguz Bektas
> ---
> src/PVE/LXC/Setup/CentOS.pm | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 73e54ca..34949c6 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -1481,6 +1481,9 @@ sub mountpoint_stage {
die "failed to mount subv
cleanups.
Signed-off-by: Wolfgang Bumiller
---
src/lxc-pve-poststop-hook | 15 +--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/src/lxc-pve-poststop-hook b/src/lxc-pve-poststop-hook
index 2a83872..1dba48c 100755
--- a/src/lxc-pve-poststop-hook
+++ b/src/lxc-pve-poststop
Signed-off-by: Wolfgang Bumiller
---
src/lxc-pve-poststop-hook | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/lxc-pve-poststop-hook b/src/lxc-pve-poststop-hook
index 438836c..2a83872 100755
--- a/src/lxc-pve-poststop-hook
+++ b/src/lxc-pve-poststop-hook
@@ -23,10
We still passed the target mount path to bindmount() causing
bindmount_verify() to fail. Fix this by assuming '/' as the
in-container target mount path when staging, as we mount
onto the $rootdir instead.
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 6 +-
1 file changed, 5
for reuse in hotplug code
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC/Config.pm | 65 ++-
1 file changed, 39 insertions(+), 26 deletions(-)
diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
index 6203c42..573eaff 100644
--- a/src/PVE/LXC
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 20 ++--
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 61f9bae..866b456 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -1262,13 +1262,21 @@ sub run_with_loopdev
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm| 38 ++
src/PVE/LXC/Config.pm | 31 ++-
2 files changed, 68 insertions(+), 1 deletion(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 26c03f7..431f6cd 100644
This way we operate on defined paths in the monitor
namespace (/run/pve/mountpoint/{rootfs,mp0,mp1,...}) while
performing the mount, and can use `move_mount()` without
passing the MOVE_MOUNT_T_SYMLINKS flag when putting the
hierarchy in place.
Signed-off-by: Wolfgang Bumiller
---
src/lxc-pve
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 25 ++---
1 file changed, 22 insertions(+), 3 deletions(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 431f6cd..d27140f 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -10,7 +10,7 @@ use Socket;
use File::Path
This takes care of creating the directories on the fly
before issuing the move_mount() syscall.
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 19 +++
1 file changed, 19 insertions(+)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 77679fa..d747039 100644
--- a/src
heck to the mount hotplug code to not attempt to perform
hotplugging on older kernels.
Wolfgang Bumiller (12):
tools: add can_use_new_mount_api helper
split walk_tree_nofollow to allow a start fd
implement "staged mountpoints"
add mountpoint_insert_staged helper
add open_pid_fd
Getting a pid and acting on it is always a race, so add
safer helpers for this.
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 38 ++
1 file changed, 38 insertions(+)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index d747039..e5b765a 100644
--- a/src
Signed-off-by: Wolfgang Bumiller
---
Changes to v3:
Changed the staging path from /run/pve/mountpoints to
/var/lib/lxc/.pve-staged-mounts due to the lxc-start apparmor profile.
src/PVE/LXC.pm | 30 +-
1 file changed, 29 insertions(+), 1 deletion(-)
diff --git
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC/Tools.pm | 18 ++
1 file changed, 18 insertions(+)
diff --git a/src/PVE/LXC/Tools.pm b/src/PVE/LXC/Tools.pm
index bebd7d8..ce37cee 100644
--- a/src/PVE/LXC/Tools.pm
+++ b/src/PVE/LXC/Tools.pm
@@ -2,6 +2,8 @@
package PVE::LXC
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index e5b765a..2a79327 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -1029,12 +1029,18 @@ sub update_ipconfig {
}
+my
h the open file descriptor we can move into the
container's namespace and issue a `move_mount()` to put the
mount point in place in the running container.
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 42 +++---
1 file changed, 39 insertions(+), 3
Signed-off-by: Wolfgang Bumiller
---
src/PVE/LXC.pm | 13 +
1 file changed, 13 insertions(+)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 2a79327..3ad807d 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -1044,6 +1044,19 @@ my $enter_namespace = sub {
close $fd
On Tue, Nov 19, 2019 at 04:56:55PM +0100, Oguz Bektas wrote:
> hi,
>
> this breaks mounting with mountopts. (hotplug and normal mount)
>
> reproduce:
> - install new kernel
> - make a CT
> - run it
> - try to hotplug a mp with any mountoption (ro, noatime, nosuid, noexec,
> nodev)
I was a bit
Signed-off-by: Wolfgang Bumiller
---
Changes to v2:
use mountpoint_insert_staged() helper
src/PVE/LXC.pm| 38 ++
src/PVE/LXC/Config.pm | 31 ++-
2 files changed, 68 insertions(+), 1 deletion(-)
diff --git a/src/PVE
for reuse in hotplug code
Signed-off-by: Wolfgang Bumiller
---
Changes to v2:
rename vmconfig_apply_pending_mountpoint to just apply_pending_mountpoint
src/PVE/LXC/Config.pm | 65 ++-
1 file changed, 39 insertions(+), 26 deletions(-)
diff --git a/src
Signed-off-by: Wolfgang Bumiller
---
New in v3
src/PVE/LXC.pm | 25 ++---
1 file changed, 22 insertions(+), 3 deletions(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index a7a9817..e055c26 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -10,7 +10,7 @@ use Socket;
use
Getting a pid and acting on it is always a race, so add
safer helpers for this.
Signed-off-by: Wolfgang Bumiller
---
No changes to v2.
src/PVE/LXC.pm | 38 ++
1 file changed, 38 insertions(+)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index d747039
h the open file descriptor we can move into the
container's namespace and issue a `move_mount()` to put the
mount point in place in the running container.
Signed-off-by: Wolfgang Bumiller
---
Changes to v2: removed accidentally inserted ',' in a comment.
src/PVE/L
Signed-off-by: Wolfgang Bumiller
---
No changes to v2.
src/PVE/LXC.pm | 13 +
1 file changed, 13 insertions(+)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 2a79327..3ad807d 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -1044,6 +1044,19 @@ my $enter_namespace = sub
This takes care of creating the directories on the fly
before issuing the move_mount() syscall.
Signed-off-by: Wolfgang Bumiller
---
New in v3:
To make sure both users of this also create the destination directories.
src/PVE/LXC.pm | 19 +++
1 file changed, 19 insertions
Signed-off-by: Wolfgang Bumiller
---
No changes to v2.
src/PVE/LXC.pm | 29 -
1 file changed, 28 insertions(+), 1 deletion(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 3ad807d..70a3b0a 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -11,7 +11,7 @@ use
hook and mount
functions.
* Add a check to the mount hotplug code to not attempt to perform
hotplugging on older kernels.
Wolfgang Bumiller (12):
tools: add can_use_new_mount_api helper
split walk_tree_nofollow to allow a start fd
implement "staged mountpoints"
add mountpoint_insert
Signed-off-by: Wolfgang Bumiller
---
New in v3
src/PVE/LXC.pm | 20 ++--
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 61f9bae..866b456 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -1262,13 +1262,21 @@ sub
Signed-off-by: Wolfgang Bumiller
---
Changes to v2: use move_mount() instead of fsopen()
src/PVE/LXC/Tools.pm | 18 ++
1 file changed, 18 insertions(+)
diff --git a/src/PVE/LXC/Tools.pm b/src/PVE/LXC/Tools.pm
index bebd7d8..ce37cee 100644
--- a/src/PVE/LXC/Tools.pm
+++ b/src
applied, thanks
On Tue, Nov 12, 2019 at 01:59:02PM +0100, Alexandre Derumier wrote:
> Currently, a virtio-net + vhost-net can handle between 200-300 kpps for each
> vm (with 1core/queue=1).
> That mean than a vm can easily overloaded with a simple synflood (hping3
> --flood -p 80 -S targetip).
On Wed, Nov 13, 2019 at 02:46:57PM +0100, Thomas Lamprecht wrote:
> On 11/13/19 1:30 PM, Oguz Bektas wrote:
> > hi,
> >
> > On Wed, Nov 13, 2019 at 10:33:11AM +0100, Wolfgang Bumiller wrote:
> >> Signed-off-by: Wolfgang Bumiller
> >> ---
> >>
Changes:
Add a helper to LXC::PVE::Tools to check for availability of the new
mount api (new patch 1), and use that in the prestart hook and mount
functions.
Add a check to the mount hotplug code to not attempt to perform
hotplugging on older kernels.
Wolfgang Bumiller (9):
tools: add
Signed-off-by: Wolfgang Bumiller
---
New patch
src/PVE/LXC/Tools.pm | 18 ++
1 file changed, 18 insertions(+)
diff --git a/src/PVE/LXC/Tools.pm b/src/PVE/LXC/Tools.pm
index bebd7d8..0256b6a 100644
--- a/src/PVE/LXC/Tools.pm
+++ b/src/PVE/LXC/Tools.pm
@@ -2,6 +2,8 @@
package
for reuse in hotplug code
Signed-off-by: Wolfgang Bumiller
---
No changes.
src/PVE/LXC/Config.pm | 65 ++-
1 file changed, 39 insertions(+), 26 deletions(-)
diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
index 39de691..44d7f93 100644
Signed-off-by: Wolfgang Bumiller
---
Changes to v1:
Use the new can_use_new_mount_api() to prevent mp hotplug attempts on
older kernels.
src/PVE/LXC.pm| 44 +++
src/PVE/LXC/Config.pm | 28 ++-
2 files changed, 71
Signed-off-by: Wolfgang Bumiller
---
No changes.
src/PVE/LXC.pm | 13 +
1 file changed, 13 insertions(+)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index c07a597..6bea0b7 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -1048,6 +1048,19 @@ my $enter_namespace = sub
This way we operate on defined paths in the monitor
namespace (/run/pve/mountpoint/{rootfs,mp0,mp1,...}) while
performing the mount, and can use `move_mount()` without
passing the MOVE_MOUNT_T_SYMLINKS flag when putting the
hierarchy in place.
Signed-off-by: Wolfgang Bumiller
---
Changes to v1
Signed-off-by: Wolfgang Bumiller
---
No changes.
src/PVE/LXC.pm | 29 -
1 file changed, 28 insertions(+), 1 deletion(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 6bea0b7..77b1a43 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -11,7 +11,7 @@ use File
Getting a pid and acting on it is always a race, so add
safer helpers for this.
Signed-off-by: Wolfgang Bumiller
---
No changes.
src/PVE/LXC.pm | 38 ++
1 file changed, 38 insertions(+)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index ea54518..c51e59e
h the open file descriptor we can move into the
container's namespace and issue a `move_mount()` to put the
mount point in place in the running container.
Signed-off-by: Wolfgang Bumiller
---
Changes to v1:
Use the new can_use_new_mount_api() helper
src/PVE/L
Signed-off-by: Wolfgang Bumiller
---
No changes.
src/PVE/LXC.pm | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index c51e59e..c07a597 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -1033,12 +1033,18 @@ sub update_ipconfig
On Tue, Nov 12, 2019 at 03:09:27PM +0100, Oguz Bektas wrote:
> hi,
>
> built the latest git version of pve-common and pve-container with
> wolfgang's patches.
>
> with running kernel: 5.0.21-4-pve
> and the latest pve-kernel-5.3
>
> found a small issue while testing.
>
> when one has an older
1 - 100 of 2544 matches
Mail list logo
