Search results

  1. M

    ACL for Bulk Migrate

    Hum you are right, the user reported us that the bulk option are not available. I'll check with the sys.PowerMgmt, but it seems to be a dangerous option only for bulk migration. I think UI should aligned to the backend and allow migration with the VM.migrate /
  2. M

    ACL for Bulk Migrate

    Hello, I'd like to authorize some of our users to bulk migrate theirs VMs, but I can't find the appropriate ACLs ! Regarding to the code (/usr/share/perl5/PVE/API2/Nodes.pm) it seems that migrateall is tided to check VM.migrate on / but even with this authorization, it seems not to be...
  3. M

    Hook script and VM configuration

    I've not changed this patch since the beginning, it is still applied to pve 7.2.11 cat dynamic_configuration.patch --- /root/QemuServer.pm 2021-03-22 15:29:28.955293274 +0100 +++ /usr/share/perl5/PVE/QemuServer.pm 2021-03-22 15:30:53.795779826 +0100 @@ -5029,6 +5029,12 @@...
  4. M

    ACL on firewall

    Of course I am aware of acl, I am currently using them intensively, but it seems not to be available for some API path (ex: /cluster/firewall/upset)
  5. M

    ACL on firewall

    Hello, is there any way to put ACL on the datacenter firewall ? My goal is to permit the audit of security groups, ipset and alias. Maybe the management of ipset and alias. An alternative could be the possibility to handle ipset /alias /secgroups by pools.
  6. M

    proxmox 7.0 sdn beta test

    First of all thanks for all this amazing job on SDN ! I've tried to make some test on IPAMs, but am I missing something or this not implemented at the VM/CT level ? I didn't find where to inform CT / VM to check for IP with the IPAM I've also check the IPAM code and I'll dev a plugin for...
  7. M

    Hardware compatibility with DELL server

    As I said, our storages relies on externals Ceph clusters, so we doesn't use RAID cards with proxmox. However, all our Ceph clusters are also Debians + DELL [R/M]7[2-4]0(xd) based with H7X0p or for some of theme H7X5. We use lot's of DELL hardware and it's a very relyable stuffs !
  8. M

    Hardware compatibility with DELL server

    no we doesn't use any RAID controller for proxmox , as we have a 100 % Ceph storage for VMs and datas.
  9. M

    Hardware compatibility with DELL server

    Hi, We have a lots of R740 servers running without any issues (Intel and ADM based) . In in more global way, we have been running lots of DELL servers from different generation with proxmox without any hardware issues.
  10. M

    Hook script and VM configuration

    I reply to myself, I juste need to add PVE::Cluster::cfs_update() before re-loading the config !
  11. M

    Hook script and VM configuration

    I've looked at the QemuServer.pm code to check how the hook script is launch and found that is is simply run on the vm_start_nolock function. I've added $conf = PVE::QemuConfig->load_config($vmid); at line 4964 of QemuServer.pm Naively I thought that triggering a conf reload juste after that...
  12. M

    Hook script and VM configuration

    Hi, We are setting up a brand new PVE instance dedicated to our firewalls stacks. All those FWs rely on VFs for there network interfaces. The old solution was based on libvirt, and VFs could be dynamically attributed to VMs. To mimick this behaviour I've setup an pre-start hook script that get...
  13. M

    Sequential backup for VMs/CTs

    I can't agree more about a server-side solution, PBS is really great but it miss a scheduling system for backups. For now I splitted the job in 24 parts and it seems that issue is gone ! However, jobs length was around 2 hours, and now it take 8 hours as there are a lot's of idle time between...
  14. M

    Sequential backup for VMs/CTs

    We are trying to backup our whole cluster to a PBS server. This was working quite well, but since last 2 months, some backup started to failed ( qemu guest agent timeout, qmp command timeout ....), It seems that for an known reason, the storage below the PBS datastore that is not fast enough...
  15. M

    Using raw iptables rules

    Ok, I'll try to deal with hooks and see what's is doable. By the way, Is there any plan to handle custom meta in the VM config ? This could be a place to save those rules and to handle backup :) something like meta.rule: iptables -A $I -p tcp --syn --dport ssh -m recent --name sshattack --set...
  16. M

    Using raw iptables rules

    Hello, This could be a solution, but this will break migration. Pushing rules outside the vm definition is also a issue with the backups, as those rules won't be saved
  17. M

    Using raw iptables rules

    Hi, Is there any way to use raw iptables rules for the VM ? We are doing mass migration to PVE and for some of our VM we have some "special" rules that are not supported by the pve firewall. For most of the VM we translate iptable to pve-firewall and it's working as intended but we still...
  18. M

    proxmox 7.0 sdn beta test

    Hi, is there any news on the SDN side ? Is there something I can do to help ?
  19. M

    proxmox 7.0 sdn beta test

    Yes EfficientIP is also handling DNSrecords. In fact this can be done in a single operation : Unfortunately no perl native support but see python example :https://www.efficientip.com/python-library/
  20. M

    proxmox 7.0 sdn beta test

    Unfortunately EfficientIP it's not opensource. I've checked your code and it should be rather easy to add EfficientIP support as they have a REST API. Event for DNS support this should not be difficult. My idea is : when creating a VM, IPam should provide an IP within the correct subnet and...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!