From: Dylan Whyte <d.whyte@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH v2 pve-docs 2/2] pmxcfs: add more config files and discuss symlinks
Date: Tue, 14 Sep 2021 18:14:34 +0200 [thread overview]
Message-ID: <20210914161434.176937-2-d.whyte@proxmox.com> (raw)
In-Reply-To: <20210914161434.176937-1-d.whyte@proxmox.com>
- adds an entry for some config files found in /etc/pve, which were
missing.
- alphabetize the lists, for better readability and add some minor fixes
- also adds an introduction section to the symbolic links section, to
clarify that they're specific to each host
Signed-off-by: Dylan Whyte <d.whyte@proxmox.com>
---
Thanks for the feedback @lorenz!
changes v2:
- alphabetize symlink list (forget this in v1)
- as suggested by @lorenz, made mention of the openvz symlink/dir
@thomas, while i also left the openvz dir out in the original patch due
to the fact that it's pretty ancient, i guess it makes sense to mention
it, as long as the directory exists. worst case scenario, it helps a
curious user :)
pmxcfs.adoc | 56 +++++++++++++++++++++++++++++++++++++----------------
1 file changed, 39 insertions(+), 17 deletions(-)
diff --git a/pmxcfs.adoc b/pmxcfs.adoc
index 1fdf9cb..ea15559 100644
--- a/pmxcfs.adoc
+++ b/pmxcfs.adoc
@@ -93,37 +93,59 @@ Files
[width="100%",cols="m,d"]
|=======
-|`corosync.conf` | Corosync cluster configuration file (previous to {pve} 4.x this file was called cluster.conf)
-|`storage.cfg` | {pve} storage configuration
-|`datacenter.cfg` | {pve} datacenter wide configuration (keyboard layout, proxy, ...)
-|`user.cfg` | {pve} access control configuration (users/groups/...)
+|`authkey.pub` | Public key used by the ticket system
+|`ceph.conf` | Ceph configuration file (note: /etc/ceph/ceph.conf is a symbolic link to this)
+|`corosync.conf` | Corosync cluster configuration file (prior to {pve} 4.x, this file was called cluster.conf)
+|`datacenter.cfg` | {pve} data center-wide configuration (keyboard layout, proxy, ...)
|`domains.cfg` | {pve} authentication domains
-|`status.cfg` | {pve} external metrics server configuration
-|`authkey.pub` | Public key used by ticket system
-|`pve-root-ca.pem` | Public certificate of cluster CA
-|`priv/shadow.cfg` | Shadow password file
-|`priv/authkey.key` | Private key used by ticket system
-|`priv/pve-root-ca.key` | Private key of cluster CA
-|`nodes/<NAME>/pve-ssl.pem` | Public SSL certificate for web server (signed by cluster CA)
+|`firewall/cluster.fw` | Firewall configuration applied to all nodes
+|`firewall/<NAME>.fw` | Firewall configuration for individual nodes
+|`firewall/<VMID>.fw` | Firewall configuration for VMs and containers
+|`ha/crm_commands` | Displays HA operations that are currently being carried out by the CRM
+|`ha/manager_status` | JSON-formatted information regarding HA services on the cluster
+|`ha/resources.cfg` | Resources managed by high availability, and their current state
+|`nodes/<NAME>/config` | Node-specific configuration
+|`nodes/<NAME>/lxc/<VMID>.conf` | VM configuration data for LXC containers
+|`nodes/<NAME>/openvz/` | Prior to PVE 4.0, used for container configuration data (deprecated, removed soon)
|`nodes/<NAME>/pve-ssl.key` | Private SSL key for `pve-ssl.pem`
-|`nodes/<NAME>/pveproxy-ssl.pem` | Public SSL certificate (chain) for web server (optional override for `pve-ssl.pem`)
+|`nodes/<NAME>/pve-ssl.pem` | Public SSL certificate for web server (signed by cluster CA)
|`nodes/<NAME>/pveproxy-ssl.key` | Private SSL key for `pveproxy-ssl.pem` (optional)
+|`nodes/<NAME>/pveproxy-ssl.pem` | Public SSL certificate (chain) for web server (optional override for `pve-ssl.pem`)
|`nodes/<NAME>/qemu-server/<VMID>.conf` | VM configuration data for KVM VMs
-|`nodes/<NAME>/lxc/<VMID>.conf` | VM configuration data for LXC containers
-|`firewall/cluster.fw` | Firewall configuration applied to all nodes
-|`firewall/<NAME>.fw` | Firewall configuration for individual nodes
-|`firewall/<VMID>.fw` | Firewall configuration for VMs and Containers
+|`priv/authkey.key` | Private key used by ticket system
+|`priv/authorized_keys` | SSH keys of cluster members for authentication
+|`priv/ceph*` | Ceph authentication keys and associated capabilities
+|`priv/known_hosts` | SSH keys of the cluster members for verification
+|`priv/lock/*` | Lock files used by various services to ensure safe cluster-wide operations
+|`priv/pve-root-ca.key` | Private key of cluster CA
+|`priv/shadow.cfg` | Shadow password file for PVE Realm users
+|`priv/storage/<STORAGE-ID>.pw` | Contains the password of a storage in plain text
+|`priv/tfa.cfg` | Base64-encoded two-factor authentication configuration
+|`priv/token.cfg` | API token secrets of all tokens
+|`pve-root-ca.pem` | Public certificate of cluster CA
+|`pve-www.key` | Private key used for generating CSRF tokens
+|`sdn/*` | Shared configuration files for Software Defined Networking (SDN)
+|`status.cfg` | {pve} external metrics server configuration
+|`storage.cfg` | {pve} storage configuration
+|`user.cfg` | {pve} access control configuration (users/groups/...)
+|`virtual-guest/cpu-models.conf` | For storing custom CPU models
+|`vzdump.cron` | Cluster-wide vzdump backup-job schedule
|=======
Symbolic links
~~~~~~~~~~~~~~
+Certain directories within the cluster file system use symbolic links, in order
+to point to a node's own configuration files. Thus, the files pointed to in the
+table below refer to different files on each node of the cluster.
+
[width="100%",cols="m,m"]
|=======
|`local` | `nodes/<LOCAL_HOST_NAME>`
-|`qemu-server` | `nodes/<LOCAL_HOST_NAME>/qemu-server/`
|`lxc` | `nodes/<LOCAL_HOST_NAME>/lxc/`
+|`openvz` | `nodes/<LOCAL_HOST_NAME>/openvz/` (deprecated, removed soon)
+|`qemu-server` | `nodes/<LOCAL_HOST_NAME>/qemu-server/`
|=======
--
2.30.2
next prev parent reply other threads:[~2021-09-14 16:15 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-14 16:14 [pve-devel] [PATCH v2 pve-docs 1/2] pmxcfs: language and style fixup Dylan Whyte
2021-09-14 16:14 ` Dylan Whyte [this message]
2021-09-15 14:57 ` [pve-devel] applied-series: " Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210914161434.176937-2-d.whyte@proxmox.com \
--to=d.whyte@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.