[SOLVED] Custom files in /etc/pve

W

whataboutpereira

Member
Oct 6, 2019
41
4
13
46
I realized it's possible to store custom files in /etc/pve so they will be replicated (unfortunately no executables (hook scripts)).

Is that a bad idea for some reason or is it fine to have a few custom files there?

Any danger of them being wiped when updating or similar?
 
whataboutpereira said:
I realized it's possible to store custom files in /etc/pve so they will be replicated (unfortunately no executables (hook scripts)).
Click to expand...
Yes, file permissions are quite limited by design:
https://pve.proxmox.com/pve-docs/chapter-pmxcfs.html#_posix_compatibility

whataboutpereira said:
Is that a bad idea for some reason or is it fine to have a few custom files there?
Click to expand...
It really depends on:
  • how big each file is
  • how many you plan to add
  • how often those get updated
With 6.4 you still have 512 KiB per-file, 30 MiB total and 10k inodes.
With Proxmox VE 7.0 the limits got a bit increased, 1 MiB per-file, 128 MiB total and 256k inodes, see:
https://git.proxmox.com/?p=pve-cluster.git;a=commit;h=a8df0863b5851dacb4f76ae6364ac1a02fbd56db

Also remember that due to the replication any write will also replicate to all other nodes and thus increase cluster traffic, so frequent updates may cause issues depending on the size of the cluster and the network you're primary using for corosync traffic.

whataboutpereira said:
Any danger of them being wiped when updating or similar?
Click to expand...
No, we do not wipe anything not under the explicit control of the API (VM configs, API auth keys, ...) and that naturally only if there's an API call that destroys the related resource.

So it can be fine for some use cases (ideal a combination of infrequent modifications & relatively small file size), and it really should be avoided, or is impossible, for others.
 
  • Like
Reactions: UdoB
Thanks, that's good news.

Currently I'm only storing a Fedora CoreOS ignition file there, so I can have the same reference to it should I migrate it to another node.

I also tried to put my MySQL container backup hook scripts there, but it seems that's a no-go, because I can't use executable permissions and hook scripts didn't want to work with "/usr/bin/bash /etc/pve/custom/vzdump-hook-script.sh" either.
 
whataboutpereira said:
I also tried to put my MySQL container backup hook scripts there, but it seems that's a no-go, because I can't use executable permissions and hook scripts didn't want to work with "/usr/bin/bash /etc/pve/custom/vzdump-hook-script.sh" either.
Click to expand...

While the executable permission cannot be added it still works just fine to execute a script there explicitly:

Bash: 
root@prod1:~$ cat /etc/pve/test.sh
#!/bin/bash

echo "executing $0 works"
root@prod1:~$ bash /etc/pve/test.sh
executing /etc/pve/test.sh works
 
t.lamprecht said:
While the executable permission cannot be added it still works just fine to execute a script there explicitly:

Bash: 
root@prod1:~$ cat /etc/pve/test.sh
#!/bin/bash

echo "executing $0 works"
root@prod1:~$ bash /etc/pve/test.sh
executing /etc/pve/test.sh works
Click to expand...

From command like it's fine indeed, but I couldn't get it working in a vzdump backup hook. I might have another look sometime, but it didn't seem to matter for vzdump if I used "/etc/pve/test.sh" or "bash /etc/pve/test.sh" as the script.
 
whataboutpereira said:
From command like it's fine indeed, but I couldn't get it working in a vzdump backup hook. I might have another look sometime, but it didn't seem to matter for vzdump if I used "/etc/pve/test.sh" or "bash /etc/pve/test.sh" as the script.
Click to expand...
Ah yes, those are executed directly and thus need the executable permission. What you could do as workaround is setting up an intermediate local script that just executes the one at /etc/pve.

Example local "jump" script that is copied to all nodes at the same path:
Bash: 
#!/bin/bash
bash /etc/pve/custom/vzdump-hook-script.sh
 
t.lamprecht said:
Ah yes, those are executed directly and thus need the executable permission. What you could do as workaround is setting up an intermediate local script that just executes the one at /etc/pve.

Example local "jump" script that is copied to all nodes at the same path:
Bash: 
#!/bin/bash
bash /etc/pve/custom/vzdump-hook-script.sh
Click to expand...

That would work, but I was hoping to get away with having PVE sync the scripts. :D It would have been (too) convenient! :)
 
I ended up installing the backup hook scripts on each node with ansible.

Also realized I can test with 'pct exec 120 pidof mysqld' if there's a running mysql or redis server in any container and flush/save, so I don't have to hardcode container ids in the scripts.

Just to mention another thing for posterity, if anyone is having trouble with extremely slow backup speed of a MySQL container with datasets using primarycache=metadata, I solved it by setting primarycache=all on the container datasets in backup pre-hook and back to metadata in post-hook.
 
  • Like
Reactions: t.lamprecht
Thanks for asking this question - I was going to ask the same. For me, it's snmpd.conf which is the same for all nodes in the cluster - saves time. Thanks again!
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back