Hi,
since buster, openssl client is forced to minimum tls 1.2,
in /etc/ssl/openssl.cnf
"
[default_conf]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_default_sect]
MinProtocol = TLSv1.2
CipherString = DEFAULT@SECLEVEL=2
"
This is breaking ldaps on activedirector
default to tls1.2
Signed-off-by: Alexandre Derumier
---
PVE/Auth/AD.pm | 11 +++
PVE/Auth/LDAP.pm | 5 +
2 files changed, 16 insertions(+)
diff --git a/PVE/Auth/AD.pm b/PVE/Auth/AD.pm
index b924b02..a877a76 100755
--- a/PVE/Auth/AD.pm
+++ b/PVE/Auth/AD.pm
@@ -33,6 +33,12 @@ sub p
El 16/5/19 a las 8:57, Alexandre DERUMIER escribió:
>>> but all Windows >= 8 or >= 2012 support it for sure, so we could enable it
>>> for
>>> those.
> yes indeed.
>
>>> If I read the table correctly then 512e is even "more" supported (older
>>> ones with service pack or KB) as 4K native.
>
On 10/31/19 10:19 AM, Thomas Lamprecht wrote:
On 10/30/19 10:54 AM, Fabian Ebner wrote:
Doing an online migration with --targetstorage and two unused disks with the
same name on different storages failed, because they would collide on the
target storage. This patch makes sure that we don't use t
Sorry,
I have totally forgot this.
as far I remember, it was improving performance for some workload.
I'll try to do more test again this week.
- Mail original -
De: "Jorge Boncompte"
À: "pve-devel"
Envoyé: Lundi 4 Novembre 2019 10:44:44
Objet: Re: [pve-devel] qemu : add disk option fo
Put the previous added sections into subsection for a better outline of
the TOC.
With the rearrangement of the first level titles to second level, the
general descriptions of a service needs to move into the new first level
titles. And add/corrects some statements of those descriptions.
Signed-of
Signed-off-by: Alwin Antreich
---
pveceph.adoc | 54
1 file changed, 54 insertions(+)
diff --git a/pveceph.adoc b/pveceph.adoc
index 087c4d0..127e3bb 100644
--- a/pveceph.adoc
+++ b/pveceph.adoc
@@ -331,6 +331,7 @@ network. In a Ceph cluster,
In patch 11 I have added an attribute to asciidoc-pve.conf to replace
Ceph's codename. I hope this is the right location for this.
Review and suggestions are very welcome. Thanks. :)
Alwin Antreich (11):
pveceph: old style commands to subcommands
pveceph: add section - Destroying Ceph OSDs
to reflect the same active voice style as the other subtitles in pveceph
Signed-off-by: Alwin Antreich
---
pveceph.adoc | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pveceph.adoc b/pveceph.adoc
index 2972a68..087c4d0 100644
--- a/pveceph.adoc
+++ b/pveceph.adoc
@@ -66
to be more consistent with other sections, the note for creating the
Ceph Manager was moved below the command.
Signed-off-by: Alwin Antreich
---
pveceph.adoc | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pveceph.adoc b/pveceph.adoc
index a4f2e4e..9806401 100644
--- a/
Replace remaining old style single commands with current subcommands
Signed-off-by: Alwin Antreich
---
pveceph.adoc | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/pveceph.adoc b/pveceph.adoc
index ebf9ef7..cfb86a8 100644
--- a/pveceph.adoc
+++ b/pveceph.adoc
@@
To change the codename for Ceph in one place, the patch adds the
asciidoc attribute 'ceph_codename'. Replaces the outdated references to
luminous and the http -> https on the links in pveceph.adoc.
Signed-off-by: Alwin Antreich
---
pveceph.adoc | 26 +-
asci
...PVE::QemuServer::Machine.
qemu_machine_feature_enabled is exported since it has a *lot* of users
in PVE::QemuServer and a long enough name as it is.
Signed-off-by: Stefan Reiter
---
I left the code exporting qemu_machine_feature_enabled from v2 and only remove
it in the next patch, just to m
...into:
* PVE::QemuServer::Helpers::min_version: check a major.minor version
string with a given major/minor version (this is equivalent to calling
the old qemu_machine_feature_enabled with only $kvmver)
* PVE::QemuServer::Machine::extract_version: get major.minor version
string from arbitr
vm_exists_on_node in PVE::QemuConfig checks if a config file for a vmid
exists
vm_running_locally in PVE::QemuServer::Helpers checks if a VM is running
on the local machine by probing its pidfile and checking /proc/.../cmdline
check_running is left in QemuServer for compatibility, but changed to
Signed-off-by: Stefan Reiter
---
PVE/Service/pvestatd.pm | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/PVE/Service/pvestatd.pm b/PVE/Service/pvestatd.pm
index bad1b73d..ad651a34 100755
--- a/PVE/Service/pvestatd.pm
+++ b/PVE/Service/pvestatd.pm
@@ -18,6 +18,7 @@ use PVE::N
parse_cmdline is required for upcoming changes related to custom CPU
types and live migration, and this way we can re-use existing code.
Provides the necessary infrastructure to parse QEMU /proc/.../cmdline.
Changing the single user (check_running) is trivial too.
Signed-off-by: Stefan Reiter
--
Also merge the 'mkdir's from QemuServer and QemuConfig to reduce
duplication (both modules depend on Helpers anyway).
nodename() is still called in multiple places, but since it's cached by
INotify it doesn't really matter.
Signed-off-by: Stefan Reiter
---
PVE/CLI/qm.pm | 3 ++-
PV
QMP and monitor helpers are moved from QemuServer.pm.
By using only vm_running_locally instead of check_running, a cyclic
dependency to QemuConfig is avoided. This also means that the $nocheck
parameter serves no more purpose, and has thus been removed along with
vm_mon_cmd_nocheck.
Care has been
This series refactors QemuServer and creates three new packages:
* 'PVE::QemuServer::Helpers' for general purpose helpers
* 'PVE::QemuServer::Monitor' for higher-level QMP functions
* 'PVE::QemuServer::Machine' for QEMU machine-type related helpers
This refactoring came along because qemu_machine_
Also change to mon_cmd helper, avoid calling qmp_cmd directly.
Signed-off-by: Stefan Reiter
---
src/PVE/HA/Resources/PVEVM.pm | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/PVE/HA/Resources/PVEVM.pm b/src/PVE/HA/Resources/PVEVM.pm
index 0a37cf6..70bf8ad 100644
--- a/s
Previous behaviour was bugged and displayed "Node is offline" for all
non-selected nodes (only 1 can be selected at a time).
Also fix progress window to show correct number of nodes in backup job.
Signed-off-by: Stefan Reiter
---
I cannot remember my past reasoning for that conditional, but I d
This change allows sending statistics to graphite over TCP.
So far only UDP is possible, which is not available in some environments, like
behind a loadbalancer.
Configuration example:
~ $ cat /etc/pve/status.cfg
graphite:
server 10.20.30.40
port 2003
path proxmox
proto tcp
Sig
23 matches
Mail list logo
