Dear proxmox community,
I'm Johannes, old (well above 30, so yes, old...
) and my first post regards to an improvement of the webinterface. It's easy to implement, extremely useful for admins like me it will (at some point in future) save your soul.
What happened to me a few hours ago:
Came to the office, not perfectly awake, saw that one VM hogs 100% of one core, wanted to restart this particular VM. Well, I restarted the VM, sort of...
Instead I restarted the whole host, dual Xeon E3 64GB RAM. What a nightmare! A few seconds later I had a subtle feeling "well, something looked different". Another few seconds later I realized that I restarted the host and another few seconds later the colleagues realized.
Good thing, if any, was that it's been early in the morning and not everybody was already working. Nevertheless, this should not have happened at all!
It was definitely my mistake due to early morning, things on my mind and so forth. But, as with every catastrophe, small problems aggregate into that final catastrophe. I think that the "reset" and "restart" buttons shouldn't be mistaken for one another. They're about at the same place within the WebGUI, they have the same confirmation dialogue but they so much have different impact!
My advice to the dev team:
1. Hide the restart button (for the host), maybe somewhere bottom right.
2. Change the confirmation popup, so that the admin has to type "Yes, I'm 100% sure" or something the likes (the debian way).
3. Remove the restart button completely from the WebGUI and only allow host restarts from the CLI.
4. Instead of the confirmation popup, which again can easily be mistaken for the VM reset popup, implement a password confirmation.
From the above mentioned list I recommend no 4. Additionally to being unique looking it has a security component built in. Imagine a scenario where you leave your PC and someone, maybe a fired coworker, wants to payback the company. Or imagine my misclick scenario.
Any host, esp. a proxmox host is mostly dedicated to run 24/7. Therefore a restart/reboot of the whole host is an uncommon event and I believe this uncommon and potentially disastrous event should not be triggered with two clicks that, again, have a lookalike.
The current implementation so much triggers the brains' pattern recognition, and that's something we absolutely want to avoid.
Long story short: I don't want anybody to experience the pain, the embarrasment and, to be blunt, the money down the drain that I have to go through now!
Cheers,
Jo
I'm Johannes, old (well above 30, so yes, old...
) and my first post regards to an improvement of the webinterface. It's easy to implement, extremely useful for admins like me it will (at some point in future) save your soul.What happened to me a few hours ago:
Came to the office, not perfectly awake, saw that one VM hogs 100% of one core, wanted to restart this particular VM. Well, I restarted the VM, sort of...
Instead I restarted the whole host, dual Xeon E3 64GB RAM. What a nightmare! A few seconds later I had a subtle feeling "well, something looked different". Another few seconds later I realized that I restarted the host and another few seconds later the colleagues realized.
Good thing, if any, was that it's been early in the morning and not everybody was already working. Nevertheless, this should not have happened at all!
It was definitely my mistake due to early morning, things on my mind and so forth. But, as with every catastrophe, small problems aggregate into that final catastrophe. I think that the "reset" and "restart" buttons shouldn't be mistaken for one another. They're about at the same place within the WebGUI, they have the same confirmation dialogue but they so much have different impact!
My advice to the dev team:
1. Hide the restart button (for the host), maybe somewhere bottom right.
2. Change the confirmation popup, so that the admin has to type "Yes, I'm 100% sure" or something the likes (the debian way).
3. Remove the restart button completely from the WebGUI and only allow host restarts from the CLI.
4. Instead of the confirmation popup, which again can easily be mistaken for the VM reset popup, implement a password confirmation.
From the above mentioned list I recommend no 4. Additionally to being unique looking it has a security component built in. Imagine a scenario where you leave your PC and someone, maybe a fired coworker, wants to payback the company. Or imagine my misclick scenario.
Any host, esp. a proxmox host is mostly dedicated to run 24/7. Therefore a restart/reboot of the whole host is an uncommon event and I believe this uncommon and potentially disastrous event should not be triggered with two clicks that, again, have a lookalike.
The current implementation so much triggers the brains' pattern recognition, and that's something we absolutely want to avoid.
Long story short: I don't want anybody to experience the pain, the embarrasment and, to be blunt, the money down the drain that I have to go through now!
Cheers,
Jo
