From: Daniel Kral <d.kral@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH ha-manager v2 25/26] api: groups, services: assert use-location-rules feature flag
Date: Fri, 20 Jun 2025 16:31:37 +0200 [thread overview]
Message-ID: <20250620143148.218469-30-d.kral@proxmox.com> (raw)
In-Reply-To: <20250620143148.218469-1-d.kral@proxmox.com>
Assert whether certain properties are allowed to be passed for the HA
groups and HA services API endpoints depending on whether the
use-location-rules feature flag is enabled or disabled.
Signed-off-by: Daniel Kral <d.kral@proxmox.com>
---
changes since v1:
- NEW!
src/PVE/API2/HA/Groups.pm | 20 ++++++++++++++++++++
src/PVE/API2/HA/Resources.pm | 30 ++++++++++++++++++++++++++----
src/PVE/API2/HA/Status.pm | 6 +++++-
3 files changed, 51 insertions(+), 5 deletions(-)
diff --git a/src/PVE/API2/HA/Groups.pm b/src/PVE/API2/HA/Groups.pm
index 32350df..4dcb458 100644
--- a/src/PVE/API2/HA/Groups.pm
+++ b/src/PVE/API2/HA/Groups.pm
@@ -32,6 +32,15 @@ my $api_copy_config = sub {
return $group_cfg;
};
+my $verify_group_api_call_is_allowed = sub {
+ my ($noerr) = @_;
+
+ return 1 if !PVE::HA::Config::is_ha_location_enabled();
+
+ die "ha groups are not allowed because location rules are enabled\n" if !$noerr;
+ return 0;
+};
+
__PACKAGE__->register_method({
name => 'index',
path => '',
@@ -55,6 +64,9 @@ __PACKAGE__->register_method({
code => sub {
my ($param) = @_;
+ # return empty list instead of errors
+ return [] if !$verify_group_api_call_is_allowed->(1);
+
my $cfg = PVE::HA::Config::read_group_config();
my $res = [];
@@ -89,6 +101,8 @@ __PACKAGE__->register_method({
code => sub {
my ($param) = @_;
+ $verify_group_api_call_is_allowed->();
+
my $cfg = PVE::HA::Config::read_group_config();
return &$api_copy_config($cfg, $param->{group});
@@ -109,6 +123,8 @@ __PACKAGE__->register_method({
code => sub {
my ($param) = @_;
+ $verify_group_api_call_is_allowed->();
+
# create /etc/pve/ha directory
PVE::Cluster::check_cfs_quorum();
mkdir("/etc/pve/ha");
@@ -160,6 +176,8 @@ __PACKAGE__->register_method({
code => sub {
my ($param) = @_;
+ $verify_group_api_call_is_allowed->();
+
my $digest = extract_param($param, 'digest');
my $delete = extract_param($param, 'delete');
@@ -233,6 +251,8 @@ __PACKAGE__->register_method({
code => sub {
my ($param) = @_;
+ $verify_group_api_call_is_allowed->();
+
my $group = extract_param($param, 'group');
PVE::HA::Config::lock_ha_domain(
diff --git a/src/PVE/API2/HA/Resources.pm b/src/PVE/API2/HA/Resources.pm
index 5916204..f41fa2f 100644
--- a/src/PVE/API2/HA/Resources.pm
+++ b/src/PVE/API2/HA/Resources.pm
@@ -5,7 +5,7 @@ use warnings;
use PVE::SafeSyslog;
use PVE::Tools qw(extract_param);
-use PVE::Cluster;
+use PVE::Cluster qw(cfs_read_file);
use PVE::HA::Config;
use PVE::HA::Resources;
use HTTP::Status qw(:constants);
@@ -22,7 +22,7 @@ use base qw(PVE::RESTHandler);
my $resource_type_enum = PVE::HA::Resources->lookup_types();
my $api_copy_config = sub {
- my ($cfg, $sid) = @_;
+ my ($cfg, $sid, $remove_group) = @_;
die "no such resource '$sid'\n" if !$cfg->{ids}->{$sid};
@@ -30,9 +30,23 @@ my $api_copy_config = sub {
$scfg->{sid} = $sid;
$scfg->{digest} = $cfg->{digest};
+ delete $scfg->{group} if $remove_group;
+
return $scfg;
};
+my $assert_service_params_are_allowed = sub {
+ my ($param) = @_;
+
+ my $use_location_rules = PVE::HA::Config::is_ha_location_enabled();
+
+ die "'group' is not allowed because location rules are enabled in datacenter config\n"
+ if defined($param->{group}) && $use_location_rules;
+
+ die "'failback' is not allowed because location rules are disabled in datacenter config\n",
+ if defined($param->{failback}) && !$use_location_rules;
+};
+
sub check_service_state {
my ($sid, $req_state) = @_;
@@ -78,9 +92,11 @@ __PACKAGE__->register_method({
my $cfg = PVE::HA::Config::read_resources_config();
my $groups = PVE::HA::Config::read_group_config();
+ my $use_location_rules = PVE::HA::Config::is_ha_location_enabled();
+
my $res = [];
foreach my $sid (keys %{ $cfg->{ids} }) {
- my $scfg = &$api_copy_config($cfg, $sid);
+ my $scfg = &$api_copy_config($cfg, $sid, $use_location_rules);
next if $param->{type} && $param->{type} ne $scfg->{type};
if ($scfg->{group} && !$groups->{ids}->{ $scfg->{group} }) {
$scfg->{errors}->{group} = "group '$scfg->{group}' does not exist";
@@ -154,7 +170,9 @@ __PACKAGE__->register_method({
my $sid = PVE::HA::Config::parse_sid($param->{sid});
- return &$api_copy_config($cfg, $sid);
+ my $use_location_rules = PVE::HA::Config::is_ha_location_enabled();
+
+ return &$api_copy_config($cfg, $sid, $use_location_rules);
},
});
@@ -188,6 +206,8 @@ __PACKAGE__->register_method({
$plugin->exists($name);
+ $assert_service_params_are_allowed->($param);
+
my $opts = $plugin->check_config($sid, $param, 1, 1);
PVE::HA::Config::lock_ha_domain(
@@ -235,6 +255,8 @@ __PACKAGE__->register_method({
die "types does not match\n" if $param_type ne $type;
}
+ $assert_service_params_are_allowed->($param);
+
if (my $group = $param->{group}) {
my $group_cfg = PVE::HA::Config::read_group_config();
diff --git a/src/PVE/API2/HA/Status.pm b/src/PVE/API2/HA/Status.pm
index 1547e0e..eba3876 100644
--- a/src/PVE/API2/HA/Status.pm
+++ b/src/PVE/API2/HA/Status.pm
@@ -241,6 +241,8 @@ __PACKAGE__->register_method({
}
}
+ my $use_location_rules = PVE::HA::Config::is_ha_location_enabled();
+
my $add_service = sub {
my ($sid, $sc, $ss) = @_;
@@ -260,7 +262,9 @@ __PACKAGE__->register_method({
# also return common resource attributes
if (defined($sc)) {
$data->{request_state} = $sc->{state};
- foreach my $key (qw(group max_restart max_relocate comment)) {
+ my @attributes = qw(max_restart max_relocate comment);
+ push @attributes, 'group' if !$use_location_rules;
+ foreach my $key (@attributes) {
$data->{$key} = $sc->{$key} if defined($sc->{$key});
}
}
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-06-20 14:35 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-20 14:31 [pve-devel] [RFC common/cluster/ha-manager/docs/manager v2 00/40] HA colocation rules Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH common v2 1/1] introduce HashTools module Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH cluster v2 1/3] cfs: add 'ha/rules.cfg' to observed files Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH cluster v2 2/3] datacenter config: make pve-ha-shutdown-policy optional Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH cluster v2 3/3] datacenter config: introduce feature flag for location rules Daniel Kral
2025-06-23 15:58 ` Thomas Lamprecht
2025-06-24 7:29 ` Daniel Kral
2025-06-24 7:51 ` Thomas Lamprecht
2025-06-24 8:19 ` Daniel Kral
2025-06-24 8:25 ` Thomas Lamprecht
2025-06-24 8:52 ` Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 01/26] tree-wide: make arguments for select_service_node explicit Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 02/26] manager: improve signature of select_service_node Daniel Kral
2025-06-23 16:21 ` Thomas Lamprecht
2025-06-24 8:06 ` Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 03/26] introduce rules base plugin Daniel Kral
2025-07-04 14:18 ` Michael Köppl
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 04/26] rules: introduce location rule plugin Daniel Kral
2025-06-20 16:17 ` Jillian Morgan
2025-06-20 16:30 ` Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 05/26] rules: introduce colocation " Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 06/26] rules: add global checks between location and colocation rules Daniel Kral
2025-07-01 11:02 ` Daniel Kral
2025-07-04 14:43 ` Michael Köppl
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 07/26] config, env, hw: add rules read and parse methods Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 08/26] manager: read and update rules config Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 09/26] test: ha tester: add test cases for future location rules Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 10/26] resources: introduce failback property in service config Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 11/26] manager: migrate ha groups to location rules in-memory Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 12/26] manager: apply location rules when selecting service nodes Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 13/26] usage: add information about a service's assigned nodes Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 14/26] manager: apply colocation rules when selecting service nodes Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 15/26] manager: handle migrations for colocated services Daniel Kral
2025-06-27 9:10 ` Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 16/26] sim: resources: add option to limit start and migrate tries to node Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 17/26] test: ha tester: add test cases for strict negative colocation rules Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 18/26] test: ha tester: add test cases for strict positive " Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 19/26] test: ha tester: add test cases in more complex scenarios Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 20/26] test: add test cases for rules config Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 21/26] manager: handle negative colocations with too many services Daniel Kral
2025-07-01 12:11 ` Michael Köppl
2025-07-01 12:23 ` Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 22/26] config: prune services from rules if services are deleted from config Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 23/26] api: introduce ha rules api endpoints Daniel Kral
2025-07-04 14:16 ` Michael Köppl
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 24/26] cli: expose ha rules api endpoints to ha-manager cli Daniel Kral
2025-06-20 14:31 ` Daniel Kral [this message]
2025-06-20 14:31 ` [pve-devel] [PATCH ha-manager v2 26/26] api: services: check for colocations for service motions Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH docs v2 1/5] ha: config: add section about ha rules Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH docs v2 2/5] update static files to include ha rules api endpoints Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH docs v2 3/5] update static files to include use-location-rules feature flag Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH docs v2 4/5] update static files to include ha resources failback flag Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH docs v2 5/5] update static files to include ha service motion return value schema Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH manager v2 1/5] api: ha: add ha rules api endpoints Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH manager v2 2/5] ui: add use-location-rules feature flag Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH manager v2 3/5] ui: ha: hide ha groups if use-location-rules is enabled Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH manager v2 4/5] ui: ha: adapt resources components " Daniel Kral
2025-06-20 14:31 ` [pve-devel] [PATCH manager v2 5/5] ui: ha: add ha rules components and menu entry Daniel Kral
2025-06-30 15:09 ` Michael Köppl
2025-07-01 14:38 ` Michael Köppl
2025-06-20 15:43 ` [pve-devel] [RFC common/cluster/ha-manager/docs/manager v2 00/40] HA colocation rules Daniel Kral
2025-06-20 17:11 ` Jillian Morgan
2025-06-20 17:45 ` DERUMIER, Alexandre via pve-devel
[not found] ` <476c41123dced9d560dfbf27640ef8705fd90f11.camel@groupe-cyllene.com>
2025-06-23 15:36 ` Thomas Lamprecht
2025-06-24 8:48 ` Daniel Kral
2025-06-27 12:23 ` Friedrich Weber
2025-06-27 12:41 ` Daniel Kral
2025-06-23 8:11 ` DERUMIER, Alexandre via pve-devel
[not found] ` <bf973ec4e8c52a10535ed35ad64bf0ec8d1ad37d.camel@groupe-cyllene.com>
2025-06-23 15:28 ` Thomas Lamprecht
2025-06-23 23:21 ` DERUMIER, Alexandre via pve-devel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250620143148.218469-30-d.kral@proxmox.com \
--to=d.kral@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal