Explaining snippets feature

[timota]

Hi all,

recently i discovered that Proxmox now supports great feature - snippets, aka hookscript. Also, it has special content storage type - snippets to hold snippets.

But im curious how they can be used from Web GUI.

Do i need to create hookscript and store it on storage type "snippets" with a special name (vm name) ?
Or do i need to directly edit "vm.conf" files to include hookscript as i could not find any options in GUI.

If this option only supported from CLI and during manually invoking "start" - it useles for daily usage, only for automation/scripting. I mean useles - that if something happens with node and VM has to migrate to another one but we need to prepare ENV before (start some tools, fw, etc) - cluster cant run hook script automatically - admin intervention needed.


Can you please explain more on this feature: how it can be configured ?

Regards.

 

[mira]

Currently it's only possible to add a hookscript via CLI. hookscripts have to be on a 'snippets'-capable storage. All you have to do is create a script in the snippets directory (for the default 'local' storage it is /var/lib/vz/snippets), but subdirectories are not supported. Choose whatever name fits the file and add it via 'qm set --hookscript <storage>:snippets/<file>'. The same applies to containers and 'pct'.
The actions defined in the script are always executed, no matter if started automatically or manually. You have to make sure the script is executable.
If you want to migrate the VM, make sure the hookscript is available on the target node as well. (<storage>:snippets/<file> as configured for the VM/CT has to be available on all nodes you want to migrate to)

In addition snippets can be used to replace the generated cloud-init files ('network', 'user', 'meta', this is undocumented for now). This allows workarounds such as adding a route to a gateway that is not in the subnet on Ubuntu VMs (requires options not supported by cloud-init, but the yaml file is just passed through to netplan because the cloud-init network config is a subset of the netplan config).
You can do this with the following command: 'qm set --cicustom "network=<storage>:snippets/<file>"' where 'network' can be replaced with 'user' or 'meta' and they can be mixed by separating them with a comma. ("user=...,meta=..." or "network=...,user=...,meta=...")

 

[timota]

Great, thanks.

Any plans to add support for subdirs and gui ?

It will be awesome to choose which script to run from gui.

Regards.

 

[wchv]

What is the status of and is there documentation available on using snippets with cloud-init?

 

[PSz]

Proxmox Team: Please, update documentation.

 

[mira]

Proxmox Team: Please, update documentation.

There's https://pve.proxmox.com/pve-docs/pve-admin-guide.html#_custom_cloud_init_configuration for using cloud-init with snippets.
Is there anything you're missing/would like to see added?

 

[PSz]

Some examples could be useful.

There is no information about custom config and used hookscripts in VM info/options page (via web interface).
View is essential, edit is very desirable.

 

[Gabgobie]

Hi,

currently my favourite usecase for snippets is supplying my CI VMs with a vendorconfig. As for the documentation on how, you pretty much just need to read the CI docs. Until I came across this thread, I didn't know the snippets could be used as hookscripts and I'd agree that some more documentation on that would be great, although I don't really see myself using them for anything besides CI anytime soon.

View is essential, edit is very desirable.

I 100% agree. Subfolders would also be nice.

Best,

 

[mira]

At the moment snippets can only be modified by root. There's no permission system in place for snippets.

There's a reason this hasn't happened yet: https://bugzilla.proxmox.com/show_bug.cgi?id=2208#c11
Although for cloud-init, since snippets are passed to the guests with no execution on the host (other than reading the contents), it may be possible if we can handle them separately from hookscript snippets in the future.

As far as I know, no one is actively working on this at the moment though.

 

[Gabgobie]

Hi mira,

thanks for the quick answer and the link. It was an interesting read.

Best,

 

[Vorl]

2 things:

1 it would be nice if you could add snippets with arguments in the gui
2 it would be very nice if snippets was by default replicated.

I can see a need for snippets-local or something as well for those scripts that are only for something local, but in my use case, since there isn't a way to delay a vm boot until network storage is availible, and when I migrate vms having the snippets on the rest of the cluster is important.

 

[UdoB]

2 it would be very nice if snippets was by default replicated.

What I do is to misuse /etc/pve by creating a directory /etc/pve/mysnippets and putting some small(!!!) files there. These files are immediately available on all nodes

Note that you can not put executables there. To execute a bash script I need to run ". /etc/pve/mysnippets/myscript".

Disclaimer: I should not recommend to do this, but... it works very well for me

 

[Vorl]

What I do is to misuse /etc/pve by creating a directory /etc/pve/mysnippets and putting some small(!!!) files there. These files are immediately available on all nodes

Note that you can not put executables there. To execute a bash script I need to run ". /etc/pve/mysnippets/myscript".

Disclaimer: I should not recommend to do this, but... it works very well for me

I saw this, and while it's a nice work around I don't think it's the answer.

Snippets that are hooks for vm's should be on all systems that they can move too. Also, people really shouldn't be mucking around in /etc/pve I don't think.
Snippets are a nice feature but not really complete. Heck for some reason 4 of my 6 nodes didn't even have a snippets directory. I had to create it. It seems a little inconsistent in being created along with private (haven't looked into what private is for).