[SOLVED] Locking and unlocking containers

W

Waterfin

New Member
Feb 11, 2021
6
1
1
32
Can somebody please explain the details about the pct set <vmid> --lock and the pct unlock commands?

The man pages say nothing about this config setting other than "Lock/unlock the VM.". There is a list of possible lock types (backup, create, destroyed, disk, fstrim, migrate, mounted, rollback, snapshot, snapshot-delete), but no description about what these lock types mean or what they do. What does each one of these locks do, and when should you use each type?

The pct unlock command doesn't take any arguments and appears to just remove any lock that is currently on the VM. Does this mean that there can be only one lock type applied to a VM at any one time? The only description for this command is "Unlock the VM." - quite unhelpful and redundant considering the subcommand is called "unlock".

Also, why does the description for pct set <vmid> --lock say "Lock/unlock the VM."? As far as I can tell, you cannot use this command to unlock a VM, only to add a lock to it.
 
for several actions in pve (the listed ones, e.g. backup/create/etc.) pve locks the vm config so that no two operations interfere with each other
since that lock itself is part of the config file it shows up in the autogenerated man page/docs

'unlock' is a special implemented command, so that a leftover lock (e.g. after a host crash during such a lock) can be removed again by an admin

generally you do not need/want to lock a vm/ct, nor should you normally need to unlock a vm/ct
 
  • Like
Reactions: iprowell
I was hoping to use the locks to help prevent accidental deletion of a vm/ct.

After doing some testing, it would appear that if the vm has any lock on it at all, you just can't change any config settings on it or even start/stop it. For example if I add a "backup" lock on a ct, I cannot destroy it, start it, stop it, or do anything with it until I remove the lock. Why have all of these different types of locks when any one being active means preventing doing any action on the vm entirely?
 
Waterfin said:
I was hoping to use the locks to help prevent accidental deletion of a vm/ct.

After doing some testing, it would appear that if the vm has any lock on it at all, you just can't change any config settings on it or even start/stop it. For example if I add a "backup" lock on a ct, I cannot destroy it, start it, stop it, or do anything with it until I remove the lock. Why have all of these different types of locks when any one being active means preventing doing any action on the vm entirely?
Click to expand...

because those locks are used internally to block other operations WHILE a task is running that needs exclusive access. that task will then release the lock at the end.

what you are looking for is "protection" - it exactly and only prevents deletion, and is entirely unrelated to locks ;)
 
Yes, the "protection" config flag is what I want.

I was going down the wrong path after seeing the "lock" config. Perhaps it should say in the man page that pct set <vmid> --lock is meant for internal use only and should not be used by the end user. If it had said that it would have saved me a lot of trouble here.
 
  • Like
Reactions: jobine23
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back