Re: [PVE-User] Recovering cluster after shutdown

[Dietmar Maurer]

What bug number do you talk about exactly?


> Hello, in the past (proxmox v4 and v5) we've used Proxmox's clustering 
> features and found problems when the whole cluster would shut down, when 
> we turned it back on it wouldn't synchronize. Has this problem been 
> fixed yet?

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] permissions: allowing users to create their own VMs but do not let other users see the VMs

[Dietmar Maurer]

You need to create a pool for each such user, and give them permissions
to create an use VM on that pool only.

see 
https://pve.proxmox.com/pve-docs/pve-admin-guide.html#chapter_user_management

section: 13.8.5. Pools


> I'd like to have individual users who can clone VMs.  These cloned VMs
> should only show up for user who cloned it and not anyone else.  Is there
> any way to do this without having to go in and add NoAccess rules to a new
> VM every time?
> 
> User 1 would only see VMs created and cloned by user 1, nothing from user
> 2.
> User 2 would only see VMs created and cloned by user 2, nothing from user
> 1.
> 
> Thanks!
> --

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] UIDs > 65535 not valid in container

[Dietmar Maurer]

> Does anyone have an assessment of the risk we would run?  I still don't 
> understand the security implications of the mapping of higher UIDs. 
> However this is quickly becoming a major issue for us.

The risk is that it is not supported by us. Thus, we do not
test that and I do not know what problems this may trigger...

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] UIDs > 65535 not valid in container

[Dietmar Maurer]

> I fear 
> this might be a container-related issue but I don't understand it and I 
> don't know if there is a solution or a workaround.
> 
> Any help or hint is highly appreciated

Yes, we only map 65535 IDs for a single container. We cannot allow
the full range for security reasons.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] bmc-watchdog curiosity

[Dietmar Maurer]

> Just we are here... 'pve-ha-manager' is an alternative to 'watchdog',
> right?

You cannot use the debian watchdog package with proxmox.

> Also, 'watchdog' deaemon do other things, like reboot if load go over a
> theresold and so on, all things that probably are BAD in a virtualized
> environment.
> But probably sysadmin are used to configure it, so... i think it worth a
> note.

Packages already conflicts, so that prevents accidental installation.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] bmc-watchdog curiosity

[Dietmar Maurer]

> Here: https://pve.proxmox.com/wiki/High_Availability_Cluster_4.x we can 
> read about IPMI watchdog, and to configure it like this:
> options ipmi_watchdog action=power_cycle panic_wdt_timeout=10
> 
> The question is: would it give us anything, if we also configured that? 
> As we have seen the bmc-watchdog in action, we know that it works and 
> does the job.
> 
> What added value would module "ipmi_watchdog" bring?

In theory, a HW watchdog is considered more reliable than softdog.

In practice, softdog works extremely well, and HW watchdogs fail because
of miss-configuration or IPMI bios bugs...

So IMHO you do not get much added value using ipmi_watchdog.

But this is more a feeling - I do not have numbers.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Starting number of VMs and containers

[Dietmar Maurer]

> is there a specific reason, why PROXMOX VMs and containers are numbered 
> from 100 and not from - e.g. - 001?  Can the starting number be changed? 

This has historical reasons (IDs 0-99 were reserved by OpenVZ for internal use).

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Proxmox VE 6.0 released!

[Dietmar Maurer]

> I would like to know if qemu 4.X bring the Vm fault tolerance, like COLO ou
> microcheckpoint and if Proxmox will incorporeted that features in the next
> future!

Those things are not stable yet ...

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] cloud-init drive prevents offline migration

[Dietmar Maurer]

Please can you file a bug at bugzilla.proxmox.com, including the VM
config and the steps to reproduce the issue?

> On February 15, 2019 at 5:37 PM Zhuoyun Wei  wrote:
> 
> 
> Yes there were local disks. I was doing offline migration. It supports local 
> disks.
> 
> The steps to re-produce:
> 
> 1. Create a VM with 1 HDD and 1 cloud-init drive;
> 2. Try migrate the VM - fails;
> 3. Remove the cloud-init drive, but leave the HDD untouched;
> 4. Try migrate the VM - a copying process starts, and a few minutes later, 
> succeeds.
> 
> 
> -- 
> Zhuoyun Wei
> 
> On Sat, Feb 16, 2019, at 00:34, Dietmar Maurer wrote:
> > Version lookss OK. But seems there is another local disks:
> > 
> > 2019-02-15 04:41:01 found local disk 'local-lvm:vm-115-disk-0' (in 
> > current VM config)
> > 
> >
>

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] cloud-init drive prevents offline migration

[Dietmar Maurer]

Version lookss OK. But seems there is another local disks:

2019-02-15 04:41:01 found local disk 'local-lvm:vm-115-disk-0' (in current VM 
config)

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] cloud-init drive prevents offline migration

[Dietmar Maurer]

> It seems that PVE considers the cloud-init drive as a local resource that 
> cannot be moved. After removing the cloud-init drive from the VM, the 
> migration succeeded.
> 
> IMHO, the cloud-init drive could be treated just like a normal disk image 
> that could be dd'ed and copied to another node.
> 
> Is this a bug or by design? If so, I could file a report at Bugzilla.

AFAIK this bug is already fixed - maybe you run an old version? What is the 
output of

# pveversion -v

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Is there a way to permit to start up VMs when no quorum?

[Dietmar Maurer]

> I don't know the idea behind keeping a VM from starting up when no 
> quorum. It has been maybe, since my point of view, the worst of managing 
> Proxmox cluster, because the stability of services (VM up and running) 
> had to be first (before the sync of information, for instance).
> 
> Is there a way to bypass this and permit to start up a VM even on no quorum?

No. This is required to avoid split brain ...

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] View firewall rule with pvesh

[Dietmar Maurer]

> I thought that I could view a particular rule but I can't have more
> information than:
>pvesh get /nodes/toto/qemu/107/firewall/rules/5
>┌─┬───┐
>│ key │ value │
>├─┼───┤
>│ pos │ 5 │
>└─┴───┘
> 
> The API viewer describes "Get single rule data" still.
> Is there a way to view the settings for a particular rule?

The default formatter does not show all values (bug), but you can
get the full information with: 

# pvesh get /nodes/toto/qemu/107/firewall/rules/5  --output-format json

(you can use output format 'json', 'yaml', or 'json-pretty')

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] How to change .members file??

[Dietmar Maurer]

> Is there a way to change the .members fils locate in /etc/pve ??
> This file is read-only!

no, you cannot change that file. But you can add/remove cluster members - the 
file is changed accordingly.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] HA Timing question

[Dietmar Maurer]

> Am 07.09.2018 um 10:35 schrieb Dietmar Maurer:
> >> But what is the timing for starting VM100 on another node? Is it
> >> guaranteed that this only happens after 60 seconds? 
> > 
> > yes, that is the idea.
> 
> I miss the point how this is achieved. Is there somewhere a timer of 60s
> before starting a VM on some other node? 

I short, there is a distributed locking mechanism based on corosync.

> Where exactly in case I need to
> tune this? 

You cannot tune this.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] HA Timing question

[Dietmar Maurer]

> What happens now exactly when HA is configured for VM100?
> 
> According to https://pve.proxmox.com/wiki/High_Availability node 3 will
> reboot after 60 seconds ("When a cluster member determines that it is no
> longer in the cluster quorum, the LRM waits for a new quorum to form. As
> long as there is no quorum the node cannot reset the watchdog. This will
> trigger a reboot after the watchdog then times out, this happens after
> 60 seconds.")

exactly
 
> But what is the timing for starting VM100 on another node? Is it
> guaranteed that this only happens after 60 seconds? 

yes, that is the idea.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Confusing about Bond 802.3ad

[Dietmar Maurer]

> This 802.3ad do no suppose to agrengate the speed of all available NIC??

No, not really. One connection is limited to 1GB. If you start more 
parallel connections you can gain more speed.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Proxmox and DRBD

[Dietmar Maurer]

> IMO it is a real pitty that DRBD is not supported anymore. 

You can get DRBD support from Linbit.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] How to use lvm on zfs ?

[Dietmar Maurer]

> Why does Proxmox team have not incorporated a software Raid in the 
> install process ? 

Because we consider mdraid unreliable and dangerous.

> So that we could include redundancy and lvm advantages 
> when using local disks.

Sorry, but we have software raid included - ZFS provides that.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Add runcmd and custom parameters in Cloudinit

[Dietmar Maurer]

> On June 23, 2018 at 6:21 PM José Manuel Giner  wrote:
> 
> 
> Hello Dietmar,
> 
> thanks for answering. If I understand correctly, you propose to make a 
> customized installation of the operating system and then install 
> cloudinit and convert it to template.
> 
> But this approach is much more complicated to manage over the time. If 
> we want to provide more specific software, you must create a template 
> for each of them.
> 
> It does not make much sense to have 10 or 20 templates of Ubuntu 18.04, 

I also does not make much sense to change ssh port to  ...

Anyways, the current approach does not allow you to configure such values.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Add runcmd and custom parameters in Cloudinit

[Dietmar Maurer]

> What would be the way to do it?

You can customize the template instead.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Bug when removing a VM

[Dietmar Maurer]

> could still ping it did I discover this.  I did not think it would let 
> me do it if would screw something up. It kind of backed me off of HA. 
> Sure this is all better now, right?

If you reported a bug, you can few the status in the bug tracker.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Bug when removing a VM

[Dietmar Maurer]

> > All volume belongs to a VM, indicated by the encoded VMID. If you 
> > remove a VM, we remove all volumes belonging to that VM.
> > 
> 
> You remove anything containing the VMID, even volumes that the VM config
> aren't refering to. That's really, really strange and should be warned

This is not strange if you use the system in the recommended way. You do
really dangerous things, so a warning would not help anyways. With your setup,
you will lose data anyways (sooner or later).

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Bug when removing a VM

[Dietmar Maurer]

> On June 21, 2018 at 3:48 PM Simone Piccardi  wrote:
> 
> 
> Il 21/06/2018 10:43, Dietmar Maurer ha scritto:
> > In general, you should never mount storage on different clusters at the same
> > time. This is always dangerous - mostly because there is no locking and
> > because of VMID conflicts. If you do, mount at least read-only.
> > 
> 
> Yes, that's dangerous (I was hurt by this).
> 
> But still I do not understand why, if you remove a VM that has a disk 
> hosted in a specific storage, it will removed also on all other storage 
> (they ), or, like it happened to me, all the logical volumes with the 
> same VMID number in the name.
> 
> We was using different Proxmox server (as independent standalone server, 
> as they must stay in totally separated networks) using shared LVM over a 
> FC connected SAN.

I do repeat myself, but you should never do that (never). Locking does
not work, and it is likely that you will lose data.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Bug when removing a VM

[Dietmar Maurer]

> Il 21/06/2018 10:43, Dietmar Maurer ha scritto:
> > In general, you should never mount storage on different clusters at the same
> > time. This is always dangerous - mostly because there is no locking and
> > because of VMID conflicts. If you do, mount at least read-only.
> > 
> 
> Yes, that's dangerous (I was hurt by this).
> 
> But still I do not understand why, if you remove a VM that has a disk 
> hosted in a specific storage, it will removed also on all other storage 
> (they ), or, like it happened to me, all the logical volumes with the 
> same VMID number in the name.

All volume belongs to a VM, indicated by the encoded VMID. If you 
remove a VM, we remove all volumes belonging to that VM.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Bug when removing a VM

[Dietmar Maurer]

In general, you should never mount storage on different clusters at the same
time. This is always dangerous - mostly because there is no locking and
because of VMID conflicts. If you do, mount at least read-only.

> Not sure this is a bug, but if it's not there should be a huge red
> warning in the VM removal box, I think.
> 
> We've been migrating some VMs between clusters, and for that I mounted
> the old storage on the new cluster,

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] issue cloud-Init CDROM drive

[Dietmar Maurer]

> Hi, I find a problem when restoring a backup of a VPS with Cloud-init.
> 
> The problem is that the VPS does not start because the Cloudinit CDROM 
> drive has not been included in the backup.
> 
> Should I report it in the buzilla?

Yes, please do.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] issue cloud-Init CDROM drive

[Dietmar Maurer]

Please can you test with latest version?

> On June 9, 2018 at 12:22 PM José Manuel Giner  wrote:
> 
> 
> Hello,
> 
> looking on this guide:
> 
> https://pve.proxmox.com/wiki/Cloud-Init_Support
> 
> I get error on this step: Add Cloud-Init CDROM drive
> 
> # qm set 9000 --ide2 local-lvm:cloudinit
> unable to parse lvm volume name 'cloudinit'
> 
> what is wrong?
> 
> Thanks.
> 
> 
> # pveversion -v
> proxmox-ve: 5.1-32 (running kernel: 4.13.13-2-pve)

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] pvesh get current status and cpu value

[Dietmar Maurer]

> Its complicated why this is 0, in short cpu usage is a counter its hard
> to calculate actual usage in % without history data.
> 
> /cluster/resources uses pvestatd which calculates that,
> /nodes/{node}/(qemu|lxc)/status/current doesn't.

Yes, this is probably the best workaround. Please note that
pvesh is mostly a debugging tool. But we are working on a
full feature API client tool, which provides about the same
functionality, but queries the API daemon instead. This will
then compute such values correctly.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Increase disk size of a VM on ZFS

[Dietmar Maurer]

> I want to increase vm-100-disk-1.
> 
> How do I proceed? Shut down VM and run:
> 
> qm resize 100 virtio0 +5G ?
> 
> I am not sure which driver I should use

Please post you VM config (the driver is set there).

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] vzdump taking long time

[Dietmar Maurer]

> This is still a test machine, the backup disk is a single external USB
> drive - but even that should give ~ 1GB/minute. What could explain the
> slow backup of the first container?

many small files, or fragmented file system?

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Custom storage in ProxMox 5

[Dietmar Maurer]

Hi all,

I think there are many opinions when it comes up to storage technologies, and
that is the reason why there are so many different storage projects out there.

And for that reason, we have a plugin system for different storage types :-)
 

> On April 4, 2018 at 9:50 AM Eneko Lacunza  wrote:
> 
> 
> Hi,
> 
> El 30/03/18 a las 05:05, Lindsay Mathieson escribió:
> > Ceph has rather larger overheads, much bigger PITA to admin, does not
> > perform as well on whitebox hardware – in fact the Ceph crowd std reply to
> > issues is to spend big on enterprise hardware and is far less flexible.
> Nonsense. We  use whiteboxes, desktop HDD, no RAID cards, etc. with 
> Ceph/Proxmox and works really well. Effort to maintain it is... near 
> zero. Effort to deploy just 15 minutes, thanks to Proxmox integration.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] pmbalance

[Dietmar Maurer]

> Now, since 4.4 I have the issue that I can no longer get info or
> commands from other nodes than the node I'm running this script on. I
> get "500 proxy not allowed" as soon as I get to 'get_vm_description()'.
> 
> What am I doing wrong? Thanks!

Maybe you connect to the wrong port (what api port do you use)?

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] How to fence w/o iTCO_wdt watchdog (AMD platform)

[Dietmar Maurer]

Yes

 Ursprüngliche Nachricht 
Von: Frank Thommen  
Datum: 19.03.18  11:04  (GMT+01:00) 
An: PVE User List  
Betreff: Re: [PVE-User] How to fence w/o iTCO_wdt watchdog (AMD platform) 

Thanks.  That means, that if I don't configure any watchdog, then it 
should work find out of the box
___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] How to fence w/o iTCO_wdt watchdog (AMD platform)

[Dietmar Maurer]

We use the software watchdog by default, and that work really good (reliable).

> I'm thinking about setting up a HA PVE Cluster.  However 
> https://pve.proxmox.com/wiki/High_Availability suggests to use the 
> iTCO_wdt hardware watchdog.  As far as I understand, this watchdog is 
> only available on the Intel platform.  Our servers would be AMD servers 
> and I cannot find the /dev/watchdog device on these hosts (currently 
> running openSuSE 13.2).

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Preparing Linux Debian VM template

[Dietmar Maurer]

> Or maybe there is other approach ? Has anyone succeeded in cloud-init 
> with Proxmox ?

We will support cloud-init soon. Patches are already included...

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Problems with LVM over DRBD.

[Dietmar Maurer]

> We don't understand why the reinstaled second node is not able to see
> the LVM virtual disks over the DRBD unit.
> May someone help us with this problem?

This looks like a DRBD specific problem, so I would ask on the DRBD list
instead.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Snapshots not showing in interface

[Dietmar Maurer]

> On December 30, 2017 at 2:27 AM Lindsay Mathieson
>  wrote:
> 
> 
> On 30/12/2017 5:48 AM, Gerald Brandt wrote:
> > I have a VM with 2 snapshots. The display of snapsots for the VM is 
> > blank, so I can't delete the snapshot from there.
> >
> > This is a conf file: 
> 
> update and update2 both have each other as a parent - circular reference.

I wonder how that can happen - did you manually edit the config file?

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Failure to install latest PVE on Debian Stretch

[Dietmar Maurer]

> I'm having problem with new server. It is running clean install of
> Debian Stretch and I'm trying to put Proxmox using PVE packages install
> as described in wiki. I'm not sure whether the problem is related to
> something misconfigured on Stretch itself, or the problem is somewhere
> with PVE packages, but my installation fails on the following:
> 
> Setting up pve-firewall (3.0-5) ...
> Created symlink
> /etc/systemd/system/multi-user.target.wants/pve-firewall.service →
> /lib/systemd/system/pve-firewall.service.
> insserv: Service pve-cluster has to be enabled to start service pvefw-logger
> insserv: exiting now!

We do not support insserv based systems anymore - please use systemd instead.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] HTTPS for download.proxmox.com

[Dietmar Maurer]

> On 11/30/2017 02:21 PM, Dietmar Maurer wrote:
> >> I greatly respect the work you do on Proxmox but this specific response
> >> is under your habitual standards from a security standpoint.
> >
> > Exactly. That is why we provide the enterprise repository.
> 
> IMHO the times where security and confidentiality (https) are limited to 
> enterprise/paid services are long gone.  As the OP noted, https comes at 
> no cost and there is no reason not to have it configured.  I'd even say, 
> that https is mandatory for every site publishing more than just 
> personal statements.

Again, please use the enterprise repository if you want https.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] HTTPS for download.proxmox.com

[Dietmar Maurer]

> I greatly respect the work you do on Proxmox but this specific response
> is under your habitual standards from a security standpoint.

Exactly. That is why we provide the enterprise repository.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] HTTPS for download.proxmox.com

[Dietmar Maurer]

This is why we have an enterprise repository! Please use the enterprise
repository 
if you want SSL.

> On November 30, 2017 at 12:22 PM Florent B  wrote:
> 
> 
> Up !
> 
> 
> On 30/05/2017 15:21, Florent B wrote:
> > Hi PVE team,
> >
> > Would it be possible to include "download.proxmox.com" in SSL
> > certificate for accessing downloads with HTTPS.
> >
> > Current certificate is only valid for proxmox.com & enterprise.proxmox.com.
> >
> > Thank you.
> >
> > Florent
> >
> > ___
> > pve-user mailing list
> > pve-user@pve.proxmox.com
> > https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
> 
> ___
> pve-user mailing list
> pve-user@pve.proxmox.com
> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Backup process starts VM??

[Dietmar Maurer]

> > Could someone with insight into the backup process explain why kvm is
> > started?
> 
> It uses the qemu copy-on-write feature to make sure the state is consistent.
> You can immediately work with that VM, while qemu make sure that everything
> is consistent.

In your case (you stopped the VM before backup) only the KVM process 
gets started, but not the VM! 

Note: The KVM process does the backup.

Hope this is more clear now.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Backup process starts VM??

[Dietmar Maurer]

> Could someone with insight into the backup process explain why kvm is started?

It uses the qemu copy-on-write feature to make sure the state is consistent.
You can immediately work with that VM, while qemu make sure that everything
is consistent.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] PVE 5.1 pveperf not working correctly

[Dietmar Maurer]

> Please take this than as bug report for the subcommand (or a "-h" help option)
> and as a request to update the wiki
> article to include the info, that a PATH argument can be given.

OK ;-) Will try to improve things ...

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] PVE 5.1 pveperf not working correctly

[Dietmar Maurer]

> pveperf as described in [1] doesn't work anymore. Even as root I get:
> 
> root@pxmx-02:~# pveperf help
> CPU BOGOMIPS:  89368.48
> REGEX/SECOND:  1505926
> df: help: No such file or directory
> DNS EXT:   13.68 ms
> DNS INT:   19.98 ms (localdomain)

see "man pveperf"

The syntax is: pveperf [PATH]

You run "pveperf help", and I am quite sure that path "help" does
not exist. So I cant see whats wrong?

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Prox 5.1 NoVNC Console popout obscures screen

[Dietmar Maurer]

> What was really frustrating, whether in a window or full screen, the
> flyout on the left kept obscuring stuff.
> 
> eg
> 
> http://www.zimagez.com/zimage/screenshot-261017-164001.php
> 
> Can the flyout be moved at all ?

You can simply move it to the other side (Drag and Drop).

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] ZFS manual snapshot not listed in GUI

[Dietmar Maurer]

> if a create manual snapshots via CLI for VM or CT they are not listed in
> the GUI-Webinterface (only created snapshots via GUI are listed). Via "zfs
> list -t all" I see all snapshots, regardless from where its taken. Is that
> intended? Even zfs-auto-snaps are not displayed in GUI.

That is intended. A zfs snapshot is not a VM snapshot.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Request: Update keepalived version in proxmox 4 (jessie)

[Dietmar Maurer]

> Is it possible to update the keepalived version to the latest in Proxmox 4?
> 
> 
> Current version is 1.2.13 which has a bug with keepalived grabbing 
> master on startup, even if state on all ndoes is set to BACKUP and 
> priorites the same.
> 
> 
> 1.3.x resolves the issue. I can build it from src on proxmox 4.x, but 
> packages are better :)

We do not really install or use that package, so I suggest that you report
that bug to the package maintainers.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Some question to proxmox cluster

[Dietmar Maurer]

> One first question: wenn a VM is assigned to an node an the node faile (some 
> hard case like power or an atomic bomb). Could I start the VM on one of the 
> other nodes?

You need to 'steal' the VM from that node. Please note that you need
to be absolutely sure that the node is down.

Then run

# mv /etc/pve/nodes//qemu-server/.conf
/etc/pve/nodes//qemu-server/

Note: HA manager can do that automaticaly

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] VM Quotas

[Dietmar Maurer]

> Thanks for the clarification.
> Now, which is the best way to make a Feature Request?

better send patches ...

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] VM Quotas

[Dietmar Maurer]

No, that is currently not implemented.

> On September 6, 2017 at 6:10 PM Christian Jacobsen
>  wrote:
> 
> 
> Is there a way to allocate quota (cpu, memory, or disk) for users or 
> groups to restrict the editing or creation of VMs?
> 
> The idea is to allocate limited resources and give the user the freedom 
> to assign them to existing or new VMs.
> 
> ___
> pve-user mailing list
> pve-user@pve.proxmox.com
> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Proxmox not allow me create VM

[Dietmar Maurer]

> If, for some reason I need to deactive 2 node, from my 3 nodes cluster, the
> 1 remain node could not turns the /etc/pve into read-only state!
> I cannot understand why this happen!

You simply lose quorum.

> Could Proxmox just allow me to write into /etc/pve and after the others
> nodes are on line, just sync the content!

If you are sure the other 2 nodes are offline, you can set expected votes:

# pvecm expected 1

After that you can write into /etc/pve, and after the others nodes are 
online the will sync the content.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Shared storage on NAS speed - LVM(over iSCSI) vs NFS

[Dietmar Maurer]

> So I cannot figure out why LVM-over-iSCSI is so slow. 

I guess your benchmark is simply wrong. You are testing the
local cache, because you do not sync the data back to the storage.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] [pve-devel] corosync unicast : does somebody use it in production with 10-16 nodes ?

[Dietmar Maurer]

> >>how many running VMs/Containers? 
> 
> on 20 cluster nodes, around 1000 vm
> 
> on a 10 cluster nodes, 800vm + 800ct
> 
> on a 9 cluster nodes, 400vm

Interesting. So far I did not know anybody using that with more than 6 nodes ...

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] [pve-devel] corosync unicast : does somebody use it in production with 10-16 nodes ?

[Dietmar Maurer]

> just for the record,
> 
> I have migrate all my clusters with unicast, also big clusters with 16-20
> nodes, and It's working fine.
> 
> 
> "pvedaemon: ipcc_send_rec failed: Transport endpoint is not connected " seem
> to be gone.
> 
> don't see any error on the cluster.
> 
> traffic is around 3-4mbit/s on each node.

how many running VMs/Containers?

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Proxmox 5.0 storage replication failure

[Dietmar Maurer]

> the new storage replication feature is really great! But there is an issue:
> Unfortunately the replication breaks completely if somebody do a rollback to
> an older snapshot than the last sync of a container and destroys that snapshot
> before the next sync.

AFAIK it simply syncs from rollbacked snapshot instead. Please can you post the
replication log with the error?

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] prox storage replication <> iscsi multipath problem

[Dietmar Maurer]

> Everything is VLAN-separated ... all three multipath links have its own 
> subnets and the link between zfs local storages uses its own 
> VLAN-separated link (actually vmbr1 -> intranet link )

Usually VLAN separation does not help to prevent network overload. Or do you
have some special switches which can guarantee minimum transfer rates?

Besides, I cannot see why replication (ssh/zfs) can disturb an iscsi connection.

What error do you get exactly on the iscsi connection?

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Proxmox VE 5.0 released!

[Dietmar Maurer]

> Did you have any clue when???

All information is available on the developer list (pve-devel).

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Proxmox VE 5.0 released!

[Dietmar Maurer]

> I don't see any reference about Cloud Init... Is it in this release??

No, it is not.

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Unable to install docker image inside LXC

[Dietmar Maurer]

I don't think docker works inside LXC.

> On June 27, 2017 at 2:28 PM Gilberto Nunes  wrote:
> 
> 
> Hi list
> 
> I am trying install collabora code inside LXC with Ubuntu 16.04, but no
> matter I run the command inside or outside the container, I get the errot
> bellow:
> 
> lxc-attach -n 103 -- docker pull collabora/code
> Using default tag: latest
> latest: Pulling from collabora/code
> bd97b43c27e3: Extracting
> [==>] 46.93 MB/46.93 MB
> 6960dc1aba18: Download complete
> 2b61829b0db5: Download complete
> 1f88dc826b14: Download complete
> 73b3859b1e43: Download complete
> 2cb7a8fe8de9: Download complete
> 2458b914d686: Download complete
> 9e1750234528: Download complete
> failed to register layer: ApplyLayer exit status 1 stdout:  stderr:
> permission denied
> 
> Somebody can help me, please???
> 
> Thanks a lot
> 
> -- 
> 
> Gilberto Ferreira
> about.me/gilbertof
> 
> ___
> pve-user mailing list
> pve-user@pve.proxmox.com
> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Quota user or group

[Dietmar Maurer]

> I am looking for a KVM/Container hypervision solution. Proxmox seems to me to
> be the better solution for my needs. However, I have a question, is that
> proxmox is able to manage quotas for different users/groups

no

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] [pve-devel] Proxmox VE 5.0 beta2 released!

[Dietmar Maurer]

> pvedaemon[3237036]: Can't locate PVE/ReplicationConfig.pm 

This file is in pve-guest-common package... Maybe you need to update from git

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] pve-sheepdog

[Dietmar Maurer]

> On June 2, 2017 at 4:26 PM Thomas Naumann  wrote:
> 
> 
> hi,
> 
> in proxmox 4.4 repo there is a package "pve-sheepdog".
> i couldn´t find that package in test-repo for proxmox 5.

I can find it without problems:

http://download.proxmox.com/debian/dists/stretch/pvetest/binary-amd64/pve-sheepdog_1.0.2-1.changelog
http://download.proxmox.com/debian/dists/stretch/pvetest/binary-amd64/pve-sheepdog_1.0.2-1_amd64.deb

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Proxmox DRBD9 primary/secondary setup?

[Dietmar Maurer]

> So please give additional details about future DRBD support in Proxmox.
> Proxmox should clarify whether we should give up using DRBD on Proxmox 
> and switch to Ceph for example...

DRBD9 is supported by LINBIT directly. Proxmox will ship the default 
upstream kernel module for drbd (whatever version that is).

___
pve-user mailing list
pve-user@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Expected fencing behavior on a bifurcated 4-node HA cluster

[Dietmar Maurer]

> Alternatively, is there a way exclude one of my 6 nodes from the HA
> quorum voting? 

Hint: The number of votes per node is configurable.

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] pve-firewall question

[Dietmar Maurer]

> On April 25, 2017 at 10:40 AM Mark Schouten  wrote:
> 
> 
> On Tue, 2017-04-25 at 06:01 +0200, Dietmar Maurer wrote:
> > > We are thinking about deploying the firewall in order to limit
> > > traffic to
> > > certain virtual machines.
> > 
> > AFAIK there is no traffic shaping functionality.
> 
> You can just enter the max amount of traffic in the interface settings
> of the VM?

yes, sure.

(After reading the original mail again, I think he is not talking 
about traffic shaping at all...)

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] pve-firewall question

[Dietmar Maurer]

> We are thinking about deploying the firewall in order to limit traffic to
> certain virtual machines.

AFAIK there is no traffic shaping functionality.

> One question I have is if enabling the firewall at the datacenter level is a
> requirement 

Yes, that is the global firewall on/off flag.

>or is that only used to limit traffic to the web GUI etc.
> 
> For example can we just enable the firewall on the host and/or the virtual
> machine level and not enable it in the datacenter tab?

No, that flag is to enable the firewall on all host and the virtual machine
level.

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] cluster numbers

[Dietmar Maurer]

> Should the cluster always be composed by an odd number of hosts?

That is not really necessary, because we use quorum (majority decides).
Cluster switch to read only mode I no partition has quorum, so
there is no danger.

> I'm not using HA so if I move some VM from one host to the other I'm
> aware of what the current situation is.
> 
> In case of a split brain am I able to say which cluster part has quorum?

You should fix the cluster and bring other nodes up again. 
But you can also force quorum on one partition by setting expected 
votes ("pvecm expected ..." - see "man pvecm").

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] pve-firewall and pptp

[Dietmar Maurer]

> On March 2, 2017 at 10:15 PM Pavel Kolchanov 
> wrote:
> 
> 
> Hello.
> 
> I have enabled GRE and PPtP macro in firewall:
> 
> cat /etc/pve/firewall/cluster.fw 
> [OPTIONS]
> 
> policy_in: REJECT
> enable: 1
> 
> [RULES]
> 
> GROUP vpn
> GROUP basic-node
> 
> [group basic-node]
> 
> IN Ping(ACCEPT)
> IN ACCEPT -p tcp -dport 8006 # Proxmox Web Interface
> IN ACCEPT -p tcp -dport 22444 # SSH
> 
> [group vpn]
> 
> OUT GRE(ACCEPT)
> IN GRE(ACCEPT)
> IN PPtP(ACCEPT)
> 
> But still cannot connect to pptpd until executed following commands:
> 
> iptables -I INPUT -p gre -j ACCEPT
> iptables -I OUTPUT -p gre -j ACCEPT

I tested here, and pve-firewall adds similar rules when you use the GRE macro.
Please test with:

# iptable-save|grep gre

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Using OpenVswitch without ethX-named devices

[Dietmar Maurer]

> If I may add another question: how are you planning to handle those dynamic
> interface names that was introduced a few
> years ago? See https://en.wikipedia.org/wiki/Consistent_Network_Device_Naming

The plan is to support systemd predictable network interface names:

https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Using OpenVswitch without ethX-named devices

[Dietmar Maurer]

> Can it be overwritten somehow or should I stick to only eth* devices? Or 
> do you accept some prefixes as well?

we also support the "enXXX" prefix.

> 
> Is it Proxmox "functionality" or OVS'?

Proxmox

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Using OpenVswitch without ethX-named devices

[Dietmar Maurer]

> GUI says that "g10" is not a OVSPort. If I type in "eth2" - it magically 
> works.

We use the device name to find out the device type. g10 does not look
like an ethernet device, so this does not work.

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] One cluster at two sites with an even number of nodes

[Dietmar Maurer]

> In case of a split between the datacenters, none of both sites would have a
> quorum and HA would not work. I could fiddle with the number of votes on
> one site, but then HA would only work on one site if there is a connection
> loss.

I would not use such setup because of above problem. Instead, simply use
a separate cluster on each site.

Note: Most times it makes no sense to share resources/storage between different
datacenters.

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Adding non-proxmox corosync nodes

[Dietmar Maurer]

> Can a non proxmox box (Ubuntu 16.04) be added to a proxmox corosync cluster?

I would not mix different corosync versions - that is untested.

> Am wanting to trial multiple sheepdog nodes with out proxmox cluster
> and they need to be part of it for that.

sheepdog can also use zookeeper, so maybe that is an option?

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Cluster is functioning properly but showing all nodes as OFFLINE on web GUI

[Dietmar Maurer]

What is the output of

# pveversion -v


> On December 18, 2016 at 3:10 PM Tom  wrote:
> 
> 
> Change reverted.
> 
> A friend pointed this out to me: Dec 18 13:53:53 kappa corosync[7047]:
> [VOTEQ ] flags: quorate: Yes Leaving: No WFA Status: No First: No Qdevice:
> No QdeviceAlive: No QdeviceCastVote: No QdeviceMasterWins: No

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Cluster is functioning properly but showing all nodes as OFFLINE on web GUI

[Dietmar Maurer]

> Tried adding the token thing to the config, no change.

Please revert that change. It makes no sense to fix things which are
already working ;-)

Is there any hint in /var/log/syslog?

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Cluster is functioning properly but showing all nodes as OFFLINE on web GUI

[Dietmar Maurer]

> I've had a similar issue. Someone kindly suggested me to set the 'token'
> value to 4000 in the corosync.cnf.

Tom already told us that the corosync cluster status is OK, so why do you 
think this would help? The cluster works already.

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Cluster is functioning properly but showing all nodes as OFFLINE on web GUI

[Dietmar Maurer]

> On December 18, 2016 at 10:04 AM Tom  wrote:
> 
> 
> pvecm status runs fine showing everything is okay, and only storage thats
> there is the local /var/lib/vz

I asked for the output of

# pvesm status

Also, please make sure the system time is correct on all hosts.

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Cluster is functioning properly but showing all nodes as OFFLINE on web GUI

[Dietmar Maurer]

> Does anyone have any solutions/pointers?

And "pvesm status" runs without any delay?

# pvesm status

Or is there a storage which hangs?

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] fast way to get all vm names via pvesh?

[Dietmar Maurer]

> Thats my current script to get all vm names from the cluster. Afterwards I
> check the new name against the list to prevent errors.
> 
> #!/usr/bin/env bash
> nodes=$(pvesh get  /nodes/ 2>/dev/null  | sed -n -E '/\"id\"/
> s/.*:\s\"(.*)\".*/\1/p' | sed -n -E 's/node/nodes/p' )
> vms=$(for i in $nodes ; do vms=$(pvesh get $i/qemu/ 2>/dev/null | sed -n -E
> '/vmid/ s/.*:\s(.*[^\s]).*/\/qemu\/\1/p') ; for q in $vms ; do echo $i$q ;
> done  ; done )
> for i in $vms ; do pvesh get $i/config 2>/dev/null | sed -n -E '/\"name\"/
> s/.*:\s\"(.*[^\"])\".*/\1/p' | xargs echo "vm $i has name"  ; done
> 
> But its so SLOW
> 
> Any better ideas ?

Maybe the following helps?

# pvesh get /cluster/resources --type vm

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Hide the 200 OK from pvesh

[Dietmar Maurer]

pvesh prints that to stderr, so you just need to redirect stderr.

> That's also on the forum, if I get an answer here I'll update there.
> 
> Is there a simple way to prevent pvesh from outputting 200 OK to the tty ?
> Redirecting 1 and 2 doesn't seem to do anything so I assume it writes directly
> to the tty, which is very annoying in a script.
> Currently the script just shows a bunch of 200 OK in between my actual output
> lines, it's very ugly.
> 
> Thanks
> -- 
> Kevin Lemonnier
> PGP Fingerprint : 89A5 2283 04A0 E6E9 0111
> ___
> pve-user mailing list
> pve-user@pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] how to check own acces rights ?

[Dietmar Maurer]

> Background. I want to prevent errors if functions called I don't have the
> right to do.

Oh, the call just return the access control list, but it is not trivial to
do the actual check. We have no real API for that currently.

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] how to check own acces rights ?

[Dietmar Maurer]

# pvesh get access/acl

> On December 2, 2016 at 11:49 AM IMMO WETZEL  wrote:
> 
> 
> Hi,
> 
> how can I check my own access rights on a specific node/qemu instance ?
> Is there any api function existing I coulnd found ?
> 
> Background. I want to prevent errors if functions called I don't have the
> right to do.
> 
> With kind regards
> 
> Immo
> ___
> pve-user mailing list
> pve-user@pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] drbdmanage License change

[Dietmar Maurer]

> How does this affect existing Proxmox VE 4.x / DRBD9 setups?
> 
> Does "removing the storage driver" mean, that there is no DRBD kernel
> module available from next release oder is it just the manageability due to
> removal of drbdmanage?

We will keep the kernel module for now, unless Linbit 
wants that we remove it.

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] License issue

[Dietmar Maurer]

Please note that our software license is AGPL.

You talk about subscriptions here - and this is something very different.

> What if the license is renewed after a year? Then you have 3 installs again?

Sure. Also, you can simply contact our support if you need more than 3
installs. We usually find a solution ...

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] License issue

[Dietmar Maurer]

> For now I’ve add the pve-no-subscripition repository.
> 
> What’s the difference between the pve-enterprise and the pve-no-subscription
> repository? Are update just beter tested in the pve-enterprise repo? 

Basically yes. 

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] License issue

[Dietmar Maurer]

> I subscribed for a license to support the project and of course to get
> updates. Now I’m in a testing phase so I installed my license a couple of
> times. I think I hit a maximum cause I can reactivate my license at the
> moment. I raised a ticket over at Maurer IT. I was not aware of this
> limitation. How do I prevent this from happening again? Just not install the
> license or not re-install ProxmoxVE?

It is usually not required to do re-installs (what for?). And I guess 
it is not necessary to activate the subscription for a test system 
when you know you will reinstall soon (use pve-no-subscription for updates).

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] how to get the processstate via API

[Dietmar Maurer]

HTTP:   GET /api2/json/nodes/{node}/tasks/{upid}
CLI:pvesh get /nodes/{node}/tasks/{upid}


> On November 17, 2016 at 6:49 PM IMMO WETZEL  wrote:
> 
> 
> Hi,
> Every task started by API gets a unique task id.
> How can I check the state of this task via API?
> 
> Immo
> ___
> pve-user mailing list
> pve-user@pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

[PVE-User] drbdmanage License change

[Dietmar Maurer]

Hi all,

We just want to inform you that Linbit changed the License
for their 'drbdmanage' toolkit.

The commit messages says ("Philipp Reisner"):
--
basically we do not want that others (who have not contributed to the
development) act as parasites in our support business
--

The commit is here:

http://git.drbd.org/drbdmanage.git/commitdiff/441dc6a96b0bc6a08d2469fa5a82d97fc08e8ec1


The new License contains the following clause (3.4b):

--
3.4) Without prior written consent of LICENSOR or an authorized partner,
 LICENSEE is not allowed to:

b) provide commercial turn-key solutions based on the LICENSED SOFTWARE or
 commercial services for the LICENSED SOFTWARE or its modifications to any
 third party (e.g. software support or trainings).
--

So we are basically forced to remove the package from our repository. We will
also remove the included storage driver to make sure that we and our
customers do not violate that license.

Please contact Linbit if you want to use drbdmanage in future. They may 
provide all necessary packages.

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Slow speeds when KVM guest is on NFS

[Dietmar Maurer]

> So something is not good with QCOW2 disk format.

I guess this is just because it changes a sequential write
order to something more random. You will get different
results if you use other benchmark tools ...

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Slow speeds when KVM guest is on NFS

[Dietmar Maurer]

> 1) First guest inside qcow2 image, located on NFS share (via 10gbit

What values do you get with raw images?

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] weird memory stats in GUI graphs

[Dietmar Maurer]

> On November 15, 2016 at 7:49 PM Dietmar Maurer  wrote:
> 
> 
> 
> 
> > On November 15, 2016 at 7:48 PM Dietmar Maurer  wrote:
> > 
> > 
> > > I just noticed two different values on the node Summary tab :
> > > 
> > > Numbers : RAM usage 92.83% (467.65 GiB of 503.79 GiB)
> > > 
> > > And graphs : Total RAM : 540.94GB and Usage : 504.53GB
> > 
> > Indeed, that looks strange. Please note that the units are
> > different (GiB vs. GB), but values are still wrong.
> 
> No, values are correct - it is just the different unit.

Also see: https://en.wikipedia.org/wiki/Gibibyte

And yes, I know it is not ideal to display values with different base unit,
but this has technical reasons...

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] weird memory stats in GUI graphs

[Dietmar Maurer]

> On November 15, 2016 at 7:48 PM Dietmar Maurer  wrote:
> 
> 
> > I just noticed two different values on the node Summary tab :
> > 
> > Numbers : RAM usage 92.83% (467.65 GiB of 503.79 GiB)
> > 
> > And graphs : Total RAM : 540.94GB and Usage : 504.53GB
> 
> Indeed, that looks strange. Please note that the units are
> different (GiB vs. GB), but values are still wrong.

No, values are correct - it is just the different unit.

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] weird memory stats in GUI graphs

[Dietmar Maurer]

> I just noticed two different values on the node Summary tab :
> 
> Numbers : RAM usage 92.83% (467.65 GiB of 503.79 GiB)
> 
> And graphs : Total RAM : 540.94GB and Usage : 504.53GB

Indeed, that looks strange. Please note that the units are
different (GiB vs. GB), but values are still wrong.

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Cluster disaster

[Dietmar Maurer]

> What i understand so far, is that every state/service change from LRM 
> must be acknowledged (cluster-wise) by CRM master.
> So if a multicast disruption occurs, and i assume LRM wouldn't be able 
> talk to the CRM MASTER, then it also couldn't reset the watchdog, am i 
> right ?

Nothing happens as long as you have quorum. And if I understand you
correctly, you never lost quorum on those nodes?

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Cluster disaster

[Dietmar Maurer]

> On November 11, 2016 at 6:41 PM Dhaussy Alexandre 
> wrote:
> 
> 
> > you lost quorum, and the watchdog expired - that is how the watchdog
> > based fencing works.
> 
> I don't expect to loose quorum when _one_ node joins or leave the cluster.

This was probably a long time before - but I have not read through the whole
logs ...

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Cluster disaster

[Dietmar Maurer]

> Responding to myself, i find this interesting :
> 
> Nov  8 10:39:01 proxmoxt35 corosync[35250]:  [TOTEM ] A new membership
> (10.xx.xx.11:684) was formed. Members joined: 13
> Nov  8 10:39:58 proxmoxt35 watchdog-mux[28239]: client watchdog expired -
> disable watchdog updates

you lost quorum, and the watchdog expired - that is how the watchdog based
fencing works.

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Cluster disaster

[Dietmar Maurer]

> I wanted to remove vms from HA and start the vms locally, but I can’t even do
> that (nothing happens.)

How do you do that exactly (on the GUI)? You should be able to start them
manually afterwards.

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Extracting Ubuntu 16.10 Template

[Dietmar Maurer]

> timedatectl and localectl do not communicate correct with DBUS in my
> Debian 8 and Ubuntu 16.04 containers, where timedatectl works in Ubuntu
> 16.04 but localectl does not. The commands run into a timeout in DBUS.

works for me. I tested with this template:

http://download1.proxmox.com/images/system/ubuntu-16.10-standard_16.10-1_amd64.tar.gz


> 
> To verify that the problem is fixed or not fixed in recent versions, I
> debootstrapped an Ubuntu 16.10 Template but i can't create a CT with it,
> because I get the "TASK ERROR: unsupported ubunt version '16.10'" message.
> 
> After adding
> "'16.10' => 1, # yakkety"
> to /usr/share/perl5/PVE/LXC/Setup/Ubuntu.pm and/or uncommenting the line
> "die "unsupported ubunt version '$version'\n" if
> !$known_versions->{$version};"
> I still get this message.
> 
> I tried to restart the pveproxy and pve-manager services after the
> changes, but without any success.
> 
> Do you have any ideas how I can make Ubuntu 16.10 a supported version to
> PVE? Any advice how to further debug the issue would also be appreciated.

I just added support for that:

https://git.proxmox.com/?p=pve-container.git;a=summary

___
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user