Feature Request: Extend REST API for 'qm create'
- Thread starter RovshanP
- Start date
Hi,
you can already create VMs via the API using the
This is also exactly
Are you missing something from there?
you can already create VMs via the API using the
POST /nodes/<nodename>/qemu endpoint. This is also exactly
qm create and the web UI use under the hood.Are you missing something from there?
I see. This is currently not possible nor trivial, as
args mean you can provide any arguments to QEMU you'd like - which has big security implications.See e.g. Bugzilla #2582 and https://forum.proxmox.com/threads/why-we-need-root-to-do-some-operation.21345/
What arguments exactly are you trying to pass to QEMU? Maybe it can be achieved some other way.
Hi,
Example:
Example:
Code:
"args": "-device 'pcie-root-port,port=5,chassis=5,id=ich9-pcie-port-5,addr=6.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=6,chassis=6,id=ich9-pcie-port-6,addr=6.1,bus=pcie.0' -device 'pcie-root-port,port=7,chassis=7,id=ich9-pcie-port-7,addr=6.2,bus=pcie.0' -device 'pcie-root-port,port=8,chassis=8,id=ich9-pcie-port-8,addr=6.3,bus=pcie.0' -device 'pcie-root-port,port=9,chassis=9,id=ich9-pcie-port-9,addr=6.4,bus=pcie.0' -device 'pcie-root-port,port=10,chassis=10,id=ich9-pcie-port-10,addr=6.5,bus=pcie.0' -device 'pcie-root-port,port=11,chassis=11,id=ich9-pcie-port-11,addr=6.6,bus=pcie.0' -device 'pcie-root-port,port=12,chassis=12,id=ich9-pcie-port-12,addr=6.7,bus=pcie.0' -device 'pcie-root-port,port=13,chassis=13,id=ich9-pcie-port-13,addr=7.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=14,chassis=14,id=ich9-pcie-port-14,addr=7.1,bus=pcie.0' -device 'pcie-root-port,port=15,chassis=15,id=ich9-pcie-port-15,addr=7.2,bus=pcie.0' -device 'pcie-root-port,port=16,chassis=16,id=ich9-pcie-port-16,addr=7.3,bus=pcie.0' -device 'pcie-root-port,port=17,chassis=17,id=ich9-pcie-port-17,addr=7.4,bus=pcie.0' -device 'pcie-root-port,port=18,chassis=18,id=ich9-pcie-port-18,addr=7.5,bus=pcie.0' -device 'pcie-root-port,port=19,chassis=19,id=ich9-pcie-port-19,addr=7.6,bus=pcie.0' -device 'pcie-root-port,port=20,chassis=20,id=ich9-pcie-port-20,addr=7.7,bus=pcie.0' -device 'pcie-root-port,port=21,chassis=21,id=ich9-pcie-port-21,addr=9.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=22,chassis=22,id=ich9-pcie-port-22,addr=9.1,bus=pcie.0' -device 'pcie-root-port,port=23,chassis=23,id=ich9-pcie-port-23,addr=9.2,bus=pcie.0' -device 'pcie-root-port,port=24,chassis=24,id=ich9-pcie-port-24,addr=9.3,bus=pcie.0' -device 'pcie-root-port,port=25,chassis=25,id=ich9-pcie-port-25,addr=9.4,bus=pcie.0' -device 'pcie-root-port,port=26,chassis=26,id=ich9-pcie-port-26,addr=9.5,bus=pcie.0' -device 'pcie-root-port,port=27,chassis=27,id=ich9-pcie-port-27,addr=9.6,bus=pcie.0' -device 'pcie-root-port,port=28,chassis=28,id=ich9-pcie-port-28,addr=9.7,bus=pcie.0' -device 'pcie-root-port,port=29,chassis=29,id=ich9-pcie-port-29,addr=b.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=30,chassis=30,id=ich9-pcie-port-30,addr=b.1,bus=pcie.0' -device 'pcie-root-port,port=31,chassis=31,id=ich9-pcie-port-31,addr=b.2,bus=pcie.0' -device 'pcie-root-port,port=32,chassis=32,id=ich9-pcie-port-32,addr=b.3,bus=pcie.0' -device 'pcie-root-port,port=33,chassis=33,id=ich9-pcie-port-33,addr=b.4,bus=pcie.0' -device 'pcie-root-port,port=34,chassis=34,id=ich9-pcie-port-34,addr=b.5,bus=pcie.0' -device 'pcie-root-port,port=35,chassis=35,id=ich9-pcie-port-35,addr=b.6,bus=pcie.0' -device 'pcie-root-port,port=36,chassis=36,id=ich9-pcie-port-36,addr=b.7,bus=pcie.0' -device 'pcie-root-port,port=37,chassis=37,id=ich9-pcie-port-37,addr=c.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=38,chassis=38,id=ich9-pcie-port-38,addr=c.1,bus=pcie.0' -device 'pcie-root-port,port=39,chassis=39,id=ich9-pcie-port-39,addr=c.2,bus=pcie.0' -device 'pcie-root-port,port=40,chassis=40,id=ich9-pcie-port-40,addr=c.3,bus=pcie.0' -device 'pcie-root-port,port=41,chassis=41,id=ich9-pcie-port-41,addr=c.4,bus=pcie.0' -device 'pcie-root-port,port=42,chassis=42,id=ich9-pcie-port-42,addr=c.5,bus=pcie.0' -device 'pcie-root-port,port=43,chassis=43,id=ich9-pcie-port-43,addr=c.6,bus=pcie.0' -device 'pcie-root-port,port=44,chassis=44,id=ich9-pcie-port-44,addr=c.7,bus=pcie.0' -device 'pcie-root-port,port=45,chassis=45,id=ich9-pcie-port-45,addr=d.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=46,chassis=46,id=ich9-pcie-port-46,addr=d.1,bus=pcie.0' -device 'pcie-root-port,port=47,chassis=47,id=ich9-pcie-port-47,addr=d.2,bus=pcie.0' -device 'pcie-root-port,port=48,chassis=48,id=ich9-pcie-port-48,addr=d.3,bus=pcie.0' -device 'pcie-root-port,port=49,chassis=49,id=ich9-pcie-port-49,addr=d.4,bus=pcie.0' -device 'pcie-root-port,port=50,chassis=50,id=ich9-pcie-port-50,addr=d.5,bus=pcie.0' -device 'pcie-root-port,port=51,chassis=51,id=ich9-pcie-port-51,addr=d.6,bus=pcie.0' -device 'pcie-root-port,port=52,chassis=52,id=ich9-pcie-port-52,addr=d.7,bus=pcie.0' -device 'pcie-root-port,port=53,chassis=53,id=ich9-pcie-port-53,addr=e.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=54,chassis=54,id=ich9-pcie-port-54,addr=e.1,bus=pcie.0' -device 'pcie-root-port,port=55,chassis=55,id=ich9-pcie-port-55,addr=e.2,bus=pcie.0' -device 'pcie-root-port,port=56,chassis=56,id=ich9-pcie-port-56,addr=e.3,bus=pcie.0' -device 'pcie-root-port,port=57,chassis=57,id=ich9-pcie-port-57,addr=e.4,bus=pcie.0' -device 'pcie-root-port,port=58,chassis=58,id=ich9-pcie-port-58,addr=e.5,bus=pcie.0' -device 'pcie-root-port,port=59,chassis=59,id=ich9-pcie-port-59,addr=e.6,bus=pcie.0' -device 'pcie-root-port,port=60,chassis=60,id=ich9-pcie-port-60,addr=e.7,bus=pcie.0' -device 'pcie-root-port,port=61,chassis=61,id=ich9-pcie-port-61,addr=f.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=62,chassis=62,id=ich9-pcie-port-62,addr=f.1,bus=pcie.0' -device 'pcie-root-port,port=63,chassis=63,id=ich9-pcie-port-63,addr=f.2,bus=pcie.0' -device 'pcie-root-port,port=64,chassis=64,id=ich9-pcie-port-64,addr=f.3,bus=pcie.0' -device 'pcie-root-port,port=65,chassis=65,id=ich9-pcie-port-65,addr=f.4,bus=pcie.0' -device 'pcie-root-port,port=66,chassis=66,id=ich9-pcie-port-66,addr=f.5,bus=pcie.0' -device 'pcie-root-port,port=67,chassis=67,id=ich9-pcie-port-67,addr=f.6,bus=pcie.0' -device 'pcie-root-port,port=68,chassis=68,id=ich9-pcie-port-68,addr=f.7,bus=pcie.0' -device 'pcie-root-port,port=69,chassis=69,id=ich9-pcie-port-69,addr=10.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=70,chassis=70,id=ich9-pcie-port-70,addr=10.1,bus=pcie.0' -device 'pcie-root-port,port=71,chassis=71,id=ich9-pcie-port-71,addr=10.2,bus=pcie.0' -device 'pcie-root-port,port=72,chassis=72,id=ich9-pcie-port-72,addr=10.3,bus=pcie.0' -device 'pcie-root-port,port=73,chassis=73,id=ich9-pcie-port-73,addr=10.4,bus=pcie.0' -device 'pcie-root-port,port=74,chassis=74,id=ich9-pcie-port-74,addr=10.5,bus=pcie.0' -device 'pcie-root-port,port=75,chassis=75,id=ich9-pcie-port-75,addr=10.6,bus=pcie.0' -device 'pcie-root-port,port=76,chassis=76,id=ich9-pcie-port-76,addr=10.7,bus=pcie.0' -device 'pcie-root-port,port=77,chassis=77,id=ich9-pcie-port-77,addr=11.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=78,chassis=78,id=ich9-pcie-port-78,addr=11.1,bus=pcie.0' -device 'pcie-root-port,port=79,chassis=79,id=ich9-pcie-port-79,addr=11.2,bus=pcie.0' -device 'pcie-root-port,port=80,chassis=80,id=ich9-pcie-port-80,addr=11.3,bus=pcie.0' -device 'pcie-root-port,port=81,chassis=81,id=ich9-pcie-port-81,addr=11.4,bus=pcie.0' -device 'pcie-root-port,port=82,chassis=82,id=ich9-pcie-port-82,addr=11.5,bus=pcie.0' -device 'pcie-root-port,port=83,chassis=83,id=ich9-pcie-port-83,addr=11.6,bus=pcie.0' -device 'pcie-root-port,port=84,chassis=84,id=ich9-pcie-port-84,addr=11.7,bus=pcie.0' -device 'pcie-root-port,port=85,chassis=85,id=ich9-pcie-port-85,addr=13.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=86,chassis=86,id=ich9-pcie-port-86,addr=13.1,bus=pcie.0' -device 'pcie-root-port,port=87,chassis=87,id=ich9-pcie-port-87,addr=13.2,bus=pcie.0' -device 'pcie-root-port,port=88,chassis=88,id=ich9-pcie-port-88,addr=13.3,bus=pcie.0' -device 'pcie-root-port,port=89,chassis=89,id=ich9-pcie-port-89,addr=13.4,bus=pcie.0' -device 'pcie-root-port,port=90,chassis=90,id=ich9-pcie-port-90,addr=13.5,bus=pcie.0' -device 'pcie-root-port,port=91,chassis=91,id=ich9-pcie-port-91,addr=13.6,bus=pcie.0' -device 'pcie-root-port,port=92,chassis=92,id=ich9-pcie-port-92,addr=13.7,bus=pcie.0' -device 'pcie-root-port,port=93,chassis=93,id=ich9-pcie-port-93,addr=14.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=94,chassis=94,id=ich9-pcie-port-94,addr=14.1,bus=pcie.0' -device 'pcie-root-port,port=95,chassis=95,id=ich9-pcie-port-95,addr=14.2,bus=pcie.0' -device 'pcie-root-port,port=96,chassis=96,id=ich9-pcie-port-96,addr=14.3,bus=pcie.0' -device 'pcie-root-port,port=97,chassis=97,id=ich9-pcie-port-97,addr=14.4,bus=pcie.0' -device 'pcie-root-port,port=98,chassis=98,id=ich9-pcie-port-98,addr=14.5,bus=pcie.0' -device 'pcie-root-port,port=99,chassis=99,id=ich9-pcie-port-99,addr=14.6,bus=pcie.0' -device 'pcie-root-port,port=100,chassis=100,id=ich9-pcie-port-100,addr=14.7,bus=pcie.0' -device 'pcie-root-port,port=101,chassis=101,id=ich9-pcie-port-101,addr=15.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=102,chassis=102,id=ich9-pcie-port-102,addr=15.1,bus=pcie.0' -device 'pcie-root-port,port=103,chassis=103,id=ich9-pcie-port-103,addr=15.2,bus=pcie.0' -device 'pcie-root-port,port=104,chassis=104,id=ich9-pcie-port-104,addr=15.3,bus=pcie.0' -device 'pcie-root-port,port=105,chassis=105,id=ich9-pcie-port-105,addr=15.4,bus=pcie.0' -device 'pcie-root-port,port=106,chassis=106,id=ich9-pcie-port-106,addr=15.5,bus=pcie.0' -device 'pcie-root-port,port=107,chassis=107,id=ich9-pcie-port-107,addr=15.6,bus=pcie.0' -device 'pcie-root-port,port=108,chassis=108,id=ich9-pcie-port-108,addr=15.7,bus=pcie.0' -device 'pcie-root-port,port=109,chassis=109,id=ich9-pcie-port-109,addr=16.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=110,chassis=110,id=ich9-pcie-port-110,addr=16.1,bus=pcie.0' -device 'pcie-root-port,port=111,chassis=111,id=ich9-pcie-port-111,addr=16.2,bus=pcie.0' -device 'pcie-root-port,port=112,chassis=112,id=ich9-pcie-port-112,addr=16.3,bus=pcie.0' -device 'pcie-root-port,port=113,chassis=113,id=ich9-pcie-port-113,addr=16.4,bus=pcie.0' -device 'pcie-root-port,port=114,chassis=114,id=ich9-pcie-port-114,addr=16.5,bus=pcie.0' -device 'pcie-root-port,port=115,chassis=115,id=ich9-pcie-port-115,addr=16.6,bus=pcie.0' -device 'pcie-root-port,port=116,chassis=116,id=ich9-pcie-port-116,addr=16.7,bus=pcie.0' -device 'pcie-root-port,port=117,chassis=117,id=ich9-pcie-port-117,addr=17.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=118,chassis=118,id=ich9-pcie-port-118,addr=17.1,bus=pcie.0' -device 'pcie-root-port,port=119,chassis=119,id=ich9-pcie-port-119,addr=17.2,bus=pcie.0' -device 'pcie-root-port,port=120,chassis=120,id=ich9-pcie-port-120,addr=17.3,bus=pcie.0' -device 'pcie-root-port,port=121,chassis=121,id=ich9-pcie-port-121,addr=17.4,bus=pcie.0' -device 'pcie-root-port,port=122,chassis=122,id=ich9-pcie-port-122,addr=17.5,bus=pcie.0' -device 'pcie-root-port,port=123,chassis=123,id=ich9-pcie-port-123,addr=17.6,bus=pcie.0' -device 'pcie-root-port,port=124,chassis=124,id=ich9-pcie-port-124,addr=17.7,bus=pcie.0' -device 'pcie-root-port,port=125,chassis=125,id=ich9-pcie-port-125,addr=18.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=126,chassis=126,id=ich9-pcie-port-126,addr=18.1,bus=pcie.0' -device 'pcie-root-port,port=127,chassis=127,id=ich9-pcie-port-127,addr=18.2,bus=pcie.0' -device 'pcie-root-port,port=128,chassis=128,id=ich9-pcie-port-128,addr=18.3,bus=pcie.0' -device 'pcie-root-port,port=129,chassis=129,id=ich9-pcie-port-129,addr=18.4,bus=pcie.0' -device 'pcie-root-port,port=130,chassis=130,id=ich9-pcie-port-130,addr=18.5,bus=pcie.0' -device 'pcie-root-port,port=131,chassis=131,id=ich9-pcie-port-131,addr=18.6,bus=pcie.0' -device 'pcie-root-port,port=132,chassis=132,id=ich9-pcie-port-132,addr=18.7,bus=pcie.0' -device 'pcie-root-port,port=133,chassis=133,id=ich9-pcie-port-133,addr=19.0,multifunction=on,bus=pcie.0' -device 'pcie-root-port,port=134,chassis=134,id=ich9-pcie-port-134,addr=19.1,bus=pcie.0' -device 'pcie-root-port,port=135,chassis=135,id=ich9-pcie-port-135,addr=19.2,bus=pcie.0' -device 'pcie-root-port,port=136,chassis=136,id=ich9-pcie-port-136,addr=19.3,bus=pcie.0' -device 'pcie-root-port,port=137,chassis=137,id=ich9-pcie-port-137,addr=19.4,bus=pcie.0' -device 'pcie-root-port,port=138,chassis=138,id=ich9-pcie-port-138,addr=19.5,bus=pcie.0' -device 'pcie-root-port,port=139,chassis=139,id=ich9-pcie-port-139,addr=19.6,bus=pcie.0' -device 'pcie-root-port,port=140,chassis=140,id=ich9-pcie-port-140,addr=19.7,bus=pcie.0'"So you are just adding a lot of PCIe root port devices?
What's the reason behind that? On its own it really doesn't make a lot of sense.
What's the reason behind that? On its own it really doesn't make a lot of sense.
Hi,
Sounds like there is no way to delegate VM restoration tasks to a dedicated user without granting them full root access on the system.
Or am I missing something?
Thanks!
Sounds like there is no way to delegate VM restoration tasks to a dedicated user without granting them full root access on the system.
Or am I missing something?
Thanks!
just to chime in here:
the reason that the 'args' part is root only is because it can contain arbitrary qemu commandline options, which would be a massive security issue if anybody could do that (e.g. one could passthrought the root disk or other sensible files to a vm)
most of the time the desired outcome can be achieved differently though (with our regular api), but we'd have to know what it is you that you want to add, otherwise we cannot really tell you an alternative
just adding root ports to a vm does not do anything useful by itself, so it is not possible via our config