so that we can assign privileges on hardware level
this will generate a new role (PVEHardwareAdmin)
Signed-off-by: Dominik Csapak
---
src/PVE/AccessControl.pm | 13 +
src/PVE/RPCEnvironment.pm | 3 ++-
2 files changed, 15 insertions(+), 1 deletion(-)
diff --git a/src/PVE/AccessCo
mdevs must have a host-unique uuid, and they appear in
/sys/bus/mdev/devices/, so there is no need to reference the pciid
with it
Signed-off-by: Dominik Csapak
---
PVE/QemuServer/PCI.pm | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/PVE/QemuServer/PCI.pm b/PVE/QemuServer/P
and get the correct pci device during parsing
Signed-off-by: Dominik Csapak
---
PVE/QemuServer/PCI.pm | 20 ++--
1 file changed, 18 insertions(+), 2 deletions(-)
diff --git a/PVE/QemuServer/PCI.pm b/PVE/QemuServer/PCI.pm
index b5284ef..8c171f3 100644
--- a/PVE/QemuServer/PCI.pm
into a private sub. This makes the 'print_hostpci_devices' function more
easier to read
Signed-off-by: Dominik Csapak
---
PVE/QemuServer/PCI.pm | 57 +--
1 file changed, 33 insertions(+), 24 deletions(-)
diff --git a/PVE/QemuServer/PCI.pm b/PVE/QemuServer
restrict the nodes also for mapped devices, and return them in their
own property
Signed-off-by: Dominik Csapak
---
PVE/API2/Qemu.pm | 15 +++
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index f22c601..f570fc2 100644
--- a/PVE/AP
Signed-off-by: Dominik Csapak
---
PVE/API2/Qemu.pm | 40 +---
PVE/QemuServer.pm | 2 ++
2 files changed, 39 insertions(+), 3 deletions(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 99b426e..08e5104 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qem
this series aims to add a cluster-wide device mapping for pci and usb devices.
so that an admin can configure a device to be availble for migration and
configuring for uses that are non-root
built-in are some additional safety checks in contrast to current
passthrough, e.g. if pci addresses shift,
if the migration is an offline migration and when the mapping on
the target node exists, otherwise not
this does not change the behaviour for 'raw' devices in the config
those can still be forced to be migrated, like before
Signed-off-by: Dominik Csapak
---
www/manager6/window/Migrate.js | 37 +
this is a cluster wide api call that returns the list of mappings
in a manner that is easy to consume by the ui (as a tree)
it also automatically includes the validity of mappings on the node
where it is called.
for a consumer of this api call to get a complete picture, it is
necessary to do an a
this adds functionality for the hardwaremap config (as json)
the format of the config is like this:
{
usb => {
name => {
nodename1 => { /* mapping object */ },
nodename2 => { /* mapping object */ }
}
},
pci => {
/* same as above */
},
allows to add a single host mapping for pci entries
Signed-off-by: Dominik Csapak
---
www/manager6/Makefile| 1 +
www/manager6/form/PCISelector.js | 17 +-
www/manager6/window/PCIEdit.js | 287 +++
3 files changed, 304 insertions(+), 1 deletion(-)
cr
adds the basic api calls to list/get/create/update/delete device
mappings
these api calls are only per node, so it only affects
the node specific mapping (thought consistency checks are
done for the whole config, e.g if an id exists already on another
node with a different type)
Signed-off-by: Do
this is a grid field for selecting multiple pci devices at once, like we
need for the mapped pci ui. There we want to be able to select multiple
devices such that one gets selected automatically
we can select a whole slot here, but that disables selecting the
individual functions of that device. w
mediated devices also appear under /sys/bus/mdev/devices with their
uuid, independent of the pci device, so we can use that instead
Signed-off-by: Dominik Csapak
---
src/PVE/SysFSTools.pm | 6 ++
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/src/PVE/SysFSTools.pm b/src/PVE/Sy
to PVE/Cluster.pm
and status.c
Signed-off-by: Dominik Csapak
---
data/PVE/Cluster.pm | 1 +
data/src/status.c | 1 +
2 files changed, 2 insertions(+)
diff --git a/data/PVE/Cluster.pm b/data/PVE/Cluster.pm
index abcc46d..5dfc6b2 100644
--- a/data/PVE/Cluster.pm
+++ b/data/PVE/Cluster.pm
@@ -76
Signed-off-by: Dominik Csapak
---
PVE/QemuServer.pm | 2 ++
PVE/QemuServer/USB.pm | 21 -
2 files changed, 22 insertions(+), 1 deletion(-)
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index 050e5c2..68e1366 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@
if the preparing of pci devices or the start of the vm fails, we need
to cleanup the pci devices (reservations *and* mdevs), or else
it might happen that there are leftovers which must be manually removed.
to include also mdevs now, refactor the cleanup code from 'vm_stop_cleanup'
into it's own fu
With this, we can now tell qemu-server to choose the first avaiable
devices, which makes using vGPUs and SR-IOV capable devices much easier
to use, since the user does not have to hardcode the device, but can
give a list of identical ones, and qemu-server chooses dynamically.
note that we require
they can only be migrated to nodes where there exists a mapping and if
the migration is done offline
Signed-off-by: Dominik Csapak
---
PVE/QemuMigrate.pm | 13 -
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/PVE/QemuMigrate.pm b/PVE/QemuMigrate.pm
index d52dc8d..d40be
by adding them to their own list, saving the nodes where
they are not allowed, and return those on 'wantarray'
Signed-off-by: Dominik Csapak
---
PVE/QemuServer.pm| 36 ++--
test/MigrationTest/Shared.pm | 7 +++
2 files changed, 41 insertions(+), 2
similar to the pciselector, make it accept a plain nodename,
or no node at all and provide a setNodename function
to keep backwards compatibility, also check pveSelNode for the nodename
Signed-off-by: Dominik Csapak
---
www/manager6/form/USBSelector.js | 32
1 f
instead of parsing the config again when trying to reserver/prepare the
pci devices. also split the preparing into non-mdev devices and mdev
devices, this will come in handy later.
Signed-off-by: Dominik Csapak
---
PVE/QemuServer.pm | 20 +---
PVE/QemuServer/PCI.pm | 8 +
similar to PCIMapSelector
Signed-off-by: Dominik Csapak
---
www/manager6/Makefile | 1 +
www/manager6/form/USBMapSelector.js | 73 +
2 files changed, 74 insertions(+)
create mode 100644 www/manager6/form/USBMapSelector.js
diff --git a/www/manager6/Mak
to be able to select 'mapped' usb devices
Signed-off-by: Dominik Csapak
---
www/manager6/qemu/USBEdit.js | 36 +++-
1 file changed, 35 insertions(+), 1 deletion(-)
diff --git a/www/manager6/qemu/USBEdit.js b/www/manager6/qemu/USBEdit.js
index a2204584..1b017bc9 1
allows to add a single host mapping for usb entries
Signed-off-by: Dominik Csapak
---
www/manager6/Makefile | 1 +
www/manager6/window/USBEdit.js | 248 +
2 files changed, 249 insertions(+)
create mode 100644 www/manager6/window/USBEdit.js
diff --git
The hardware config now supports multiple devices as a semicolon
seperated list. With this, instead of only having one device in a pci mapping,
we now have a list of which we can choose from on vm start. This way one can
dynamically start vms with a pool of (identical) pci devices without
having to
changelog v2:
- rebase on last git
changelog v3:
- rebase on last git
a forum user have reported strange bug with ovs + mtu9000 when
switching between 2 ovs bridge with different mtu. (1500 vs 9000)
https://forum.proxmox.com/threads/ovs-problem-with-mtu-9000-on-vms-assigned-to-vmbr0.105172/
(user
- ovsint port mtu need to be set with ""ovs-vsctl set mtu-request"
- update mtu on already existing interfaces (fwbr,fwln,tap,veth)
if existing tap|veth interface is replugged on a different mtu bridge
Signed-off-by: Alexandre Derumier
---
src/PVE/Network.pm | 31 +-
qemu/HardwareView:
with the new Hardware privileges, we want to adapt a few places where
we now allow to show the add/edit window with those permissions.
form/{PCI,USB}Selector:
increase the minHeight property of the PCI/USBSelector, so that
the user can see the error message if he has not enoug
Signed-off-by: Dominik Csapak
---
test/cfg2cmd/q35-linux-hostpci-mapping.conf | 17 +
.../q35-linux-hostpci-mapping.conf.cmd| 36 +
test/run_config2command_tests.pl | 76 +++
3 files changed, 129 insertions(+)
create mode 100644 test/cfg2cmd/q35
it's possible to add/edit/remove mappings here, with a cluster
wide view on the mappings and validity.
to do that, we have to to an api call for each node, since
we don't have the pci status synced across them.
Signed-off-by: Dominik Csapak
---
www/manager6/Makefile | 1 +
www/manag
reworks the panel to use a controller, so that we can easily
add the selector for mapped pci devices
shows now a selection between 'raw' and 'mapped' devices, where
'raw' ones work like before, and 'mapped' ones take the values
form the hardware map config
Signed-off-by: Dominik Csapak
---
www/
Signed-off-by: Dominik Csapak
---
PVE/API2/Qemu.pm | 54 ++--
1 file changed, 52 insertions(+), 2 deletions(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 08e5104..f22c601 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -26,6 +26,7 @
akin to the PCISelector, but uses the api for mapped devices
Signed-off-by: Dominik Csapak
---
www/manager6/Makefile | 1 +
www/manager6/form/PCIMapSelector.js | 102
2 files changed, 103 insertions(+)
create mode 100644 www/manager6/form/PCIMapSelec
I'm currently testing your patches,
I have an uninitialized value warning with no hardware map file
Le 25/08/22 à 11:24, Dominik Csapak a écrit :
> +sub read_hardware_map {
> +my ($filename, $raw) = @_;
> +
> +my $digest = Digest::SHA::sha1_hex($raw);
> +
Use of uninitialized value in
I can't get mdev device working, it don't create the mdev device
> +# ignore mdev for multiple devices, except when from mapping
> +if ($res->{mdev} && $ignore_mdev) {
> + warn "ignoring mediated device with multifunction device\n";
> + delete $res->{mdev};
> }
> return
Am 24/08/2022 um 14:24 schrieb Mira Limbeck:
> MAC filter was enabled as long as the VM firewall config existed even
> with an invalid config.
>
> With this change the check now matches the one for CTs.
>
> Signed-off-by: Mira Limbeck
> ---
> src/PVE/Firewall.pm | 2 +-
> 1 file changed, 1 inse
> root@pve2:~# qm start 101
> ignoring mediated device with multifunction device
ok, it's simply that indeed I have specify a multifunction path ":02".
I think it should better/safe to die here, instead to simply warn and
continue.
Le 25/08/22 à 16:21, DERUMIER, Alexandre a écrit :
> I c
I don't known if it's a bug in the gui, or the api.
But, if you update an existing mapping,with currently,a simple function
pci with mdev=1, and you change it to a pci multifunction with mdev=0,
the mdev value is not updated.
(This occur in the other direction too)
original singly function wi
Le 25/08/22 à 11:24, Dominik Csapak a écrit :
> they can only be migrated to nodes where there exists a mapping and if
> the migration is done offline
>
> Signed-off-by: Dominik Csapak
> ---
> PVE/QemuMigrate.pm | 13 -
> 1 file changed, 12 insertions(+), 1 deletion(-)
>
> diff --
On 8/25/22 20:00, DERUMIER, Alexandre wrote:
Le 25/08/22 à 11:24, Dominik Csapak a écrit :
they can only be migrated to nodes where there exists a mapping and if
the migration is done offline
Signed-off-by: Dominik Csapak
---
PVE/QemuMigrate.pm | 13 -
1 file changed, 12 inser
On 8/25/22 16:53, DERUMIER, Alexandre wrote:
> root@pve2:~# qm start 101
> ignoring mediated device with multifunction device
ok, it's simply that indeed I have specify a multifunction path ":02".
I think it should better/safe to die here, instead to simply warn and
continue.
i agree d
On 8/25/22 17:37, DERUMIER, Alexandre wrote:
I don't known if it's a bug in the gui, or the api.
But, if you update an existing mapping,with currently,a simple function
pci with mdev=1, and you change it to a pci multifunction with mdev=0,
the mdev value is not updated.
(This occur in the othe
43 matches
Mail list logo
