[pve-devel] [PATCH cluster/manager/storage/docs 0/9] fix #4886: improve SSH handling

this series replaces the old mechanism that used a cluster-wide merged known hosts file with distributing of each node's host key via pmxcfs, and pinning the distributed key explicitly for internal SSH connections. the main changes in pve-cluster somewhat break the old manager and storage versions

[pve-devel] [PATCH docs 2/2] ssh: document PVE-specific setup

such as adapted configs and managed files. Signed-off-by: Fabian Grünbichler --- Notes: actual version needs to be inserted! pvecm.adoc | 18 ++ 1 file changed, 18 insertions(+) diff --git a/pvecm.adoc b/pvecm.adoc index 5b5b27b..3a32cfb 100644 --- a/pvecm.adoc +++ b/pvecm.adoc

[pve-devel] [PATCH docs 1/2] ssh: make pitfalls a regular section instead of block

because we'll add another one before it, and formatting is off otherwise. Signed-off-by: Fabian Grünbichler --- pvecm.adoc | 8 +++- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/pvecm.adoc b/pvecm.adoc index 1f78585..5b5b27b 100644 --- a/pvecm.adoc +++ b/pvecm.adoc @@ -918,9

[pve-devel] [PATCH cluster 2/4] fix #4886: SSH: pin node's host key if available

if the target node has already stored their SSH host key on pmxcfs, pin it and ignore the global known hosts information. Signed-off-by: Fabian Grünbichler --- src/PVE/SSHInfo.pm | 15 ++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/src/PVE/SSHInfo.pm b/src/PVE/SSHI

[pve-devel] [PATCH cluster 1/4] fix #4886: write node SSH hostkey to pmxcfs

so that we can explicitly pin just this key when doing intra-cluster SSH connections. this works similar to the certificate cache we use for API proxying, but without automatic invalidation, since node A doesn't have access to node B's host key.. Signed-off-by: Fabian Grünbichler --- Notes:

[pve-devel] [PATCH cluster 3/4] ssh: expose SSH options on their own

for example, to re-use with an scp command. Signed-off-by: Fabian Grünbichler --- this is used by pve-storage, versioned dependency needed accordingly. src/PVE/SSHInfo.pm | 16 +--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/src/PVE/SSHInfo.pm b/src/PVE/SSHInfo.p

[pve-devel] [PATCH cluster 4/4] pvecm: stop merging SSH known hosts by default

and allow explicitly unmerging to remove the symlink altogether. Signed-off-by: Fabian Grünbichler --- src/PVE/CLI/pvecm.pm | 10 -- src/PVE/Cluster/Setup.pm | 9 ++--- 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/src/PVE/CLI/pvecm.pm b/src/PVE/CLI/pvecm.pm in

[pve-devel] [PATCH manager 2/2] pvesh: use SSH command helper

to benefit from future improvements like known host key pinning. Signed-off-by: Fabian Grünbichler --- PVE/CLI/pvesh.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/PVE/CLI/pvesh.pm b/PVE/CLI/pvesh.pm index 44a65213c..d373ae29f 100755 --- a/PVE/CLI/pvesh.pm +++ b/PVE/C

[pve-devel] [PATCH manager 1/2] vnc: use SSH command helper

to benefit from future improvements there, like pinning the known host key. Signed-off-by: Fabian Grünbichler --- PVE/API2/Nodes.pm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm index 3619190de..39139d8a9 100644 --- a/PVE/API2/Nodes.p

[pve-devel] [PATCH storage 1/1] upload: use SSH helper to get ssh/scp options

Signed-off-by: Fabian Grünbichler --- requires versioned dependency on libpve-cluster-perl with the new helper src/PVE/API2/Storage/Status.pm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/PVE/API2/Storage/Status.pm b/src/PVE/API2/Storage/Status.pm index b2336e6..d

Re: [pve-devel] [RFC cluster 0/2] fix #4886: improve SSH handling

--- Begin Message --- On Tue, Jan 09, 2024 at 09:57:30AM +0100, Fabian Grünbichler wrote: > > Esi Y via pve-devel hat am 09.01.2024 06:01 > > CET geschrieben: > > On Thu, Dec 21, 2023 at 10:53:11AM +0100, Fabian Grünbichler wrote: > > > RFC since this would be a bigger change in how we approach i

[pve-devel] [PATCH storage 1/2] lvm: ignore "activation skip" LV flag during LV activation

LVs with the "activation skip" flag (can be set via `lvchange -ky`) are only activated if `-K` is passed to the activation command. In the next major release, we intend to set the "activation skip" flag for newly created LVs. The goal is to prevent LVs from being auto-activated after boot, and thus

[pve-devel] [PATCH storage 2/2] fix #4997: lvm: set "activation skip" flag for newly created LVs

Activating an LV creates a device-mapper device. In a cluster with a shared LVM VG (e.g. on top of iSCSI) where an LV is active on nodes 1 and 2, deleting the LV on node 1 will not clean up the device-mapper device on node 2. If an LV with the same name is recreated later, the leftover device-mappe

[pve-devel] [PATCH storage 0/2] fix #4997: lvm: avoid autoactivating (new) LVs after boot

By default, LVM autoactivates LVs after boot. In a cluster with VM disks on a shared LVM VG (e.g. on top of iSCSI), this can indirectly cause guest creation or VM live-migration to fail. See bug #4997 [1] and patch #2 for details. The goal of this series is to avoid autoactivating LVs after boot.

[pve-devel] [PATCH storage] lvm: avoid warning due to human-readable text in vgs output

If the metadata archive under /etc/lvm/archive for a particular VG has a lot of files or is overly large, `vgs` occasionally prints a message to stdout [1]. The LVM plugin tries to parse this message and thus produces the following confusing warnings in the output of `pvesm status` or the journal (