Re: [pve-devel] [RFC PATCH cluster/guest-common/qemu-server/container/manager] add backend profile support

[Thomas Lamprecht <t.lamprecht@proxmox.com>]

On 03/11/2023 12:53, Dominik Csapak wrote:
> This series aims to provide profile support when creating guests (ct/vm)
> so that users can reuse options without having to specify them every
> time.
> 
> Sending as RFC because I don't quite like some things with the current
> implementation and I'm not quite sure in which direction I should take
> this. Also the GUI part isn't done yet and i wanted to see if the
> direction is OK. (Sorry for the wall of text)
> 
> The major issues:
> 
> Using a single section config for both VMs and CTs make handling the
> properties a bit weird. For now i prefix the options with "$type_"
> so vm options are e.g. 'vm_ostype', 'vm_name', and so on while container
> options are 'ct_ostype', 'ct_hostname', etc.

That properties are shared by different sections by default is IMO not
really ideal in general, it's also making the storage API and its docs
rather hard to understand & work with.

One option could be to opt-into a newer behavior, e.g., via some
property, or getter, that the section config implementation needs to
set, or override and return true, which makes then all properties
isolated if not explicitly marked as shared (via another new property),
that way we could use it now, and move over existing ones where it
makes sense, without risking wide breakage.

> 
> Using the same config/plugin system also makes using it a bit weird.
> We have to register/init them in the api where they're used, but for the
> cli we have to register only the available type and then init. This
> makes it necessary to always set 'allow_unknown' while parsing the
> config so that 'qm' doesn't trip over the container profiles...
> 
> A fix for both could be to separate the ct/vm configs into two files
> (similar to how we did pci/usb mapping configs), that would fix the
> prefixing, as well as the register/init issue (We have to have
> separate APIs then ofc).
> 
> Another fix would be to extend the section config to allow different
> properties of the same name for different types. Should be possible,
> although we have to be careful to not break existing ones, and also
> the API interface has to be separate for each type then (cannot really
> have confiflicting api parameter schemas for the same name?)
> 
> We could also go in a completely different direction and create a config
> per profile? (like we handle vm configs). Downside of that is, that the
> current guest config handling part is partly in pmxcfs, so we'd have to
> make that either more generic, or duplicate it for profiles.

I don't see how this would have anything to do with pmxcfs and VMIDs,
that map to an actual guest instance and thus needs special treatment
compared to just some profile that can, e.g., live in a
/etc/pve/guest-profiles/  as <id>.profile (the extension just an
example), and be handled only via perl – profiles are only used in
the profile management API, where it's ok to fully parse one, and
in guest creation POST calls, so even cfs_register* would be probably
overkill.

Having a file per profile makes some things relatively easy, but doesn't
fits the commonly used section config, let's see if others have input
(i.e., actively ask one/some of fabian/wolfgang/fiona.

> (I don't quite like this one, since i think a single config for all
> profiles should be enough?  We could still do that later if we want
> and the current way is impractical)

We can always go from this to the other, or vice versa, if *really*
needed, we should try hard to avoid either such move, though..

> 
> The minor issues:
> 
> * Is the priv path ok? /mapping/profiles/<id> feels a bit weird

What feels weird? s/profile/guest-profile/ might be a bit more telling
though.

> * We should probably introduce a 'meta' property for ct like we have for
>   vms? we could record the profile there and also e.g. the template used
>   to set the container up.

I assume you mean in the CT config, IIRC there is even an older patch
floating around for adding that for recording the ctime.

But it shouldn't be needed, as meta stuff should be only informational,
profile names can change (delete/re-add) or get modified, so saving the
ID has no use, logging it to the task-log is enough for starters, I think.

> * I did not restrict to any options of the config and i don't believe
>   this should make any issues (the critical ones are filtered out anyway)
>   but should we maybe have some kind of whitelist? if yes, which one
>   should be on there?

I didn't do any evaluation of all properties, but things like force-machine
and running-state properties make no sense,  so at least disallowing those
would be good.

> * there is still an issue with the docs generation, i'll have to look
>   into it
> * I'm not quite sure how the UI for creating/editing profiles should
>   look like. For creating i could imagine a 'create profile from guest'
>   type of thing (thanks @mira for the idea), but for editing or creating
>   from scratch I'm a bit conflicted. We could simply show the profiles
>   in the tree, and reuse the vm hw/options panels for that, but does
>   that seem overkill? We could also leave that API only for now, and
>   make the gui later? (Using it in the wizard would also not be trivial,
>   but there the constraints are rather straight forward)

- view: simple grid with profile ID, profile type and the (unavoidable)
  profile comment as the tree columns (for starters). The admins can
  set a descriptive ID and comment to know what a profile is intended
  for. Showing all profile values is IMO bad UX, as it becomes crowded
  super fast for more than a few trivial profiles.

- profile create & edit:
  - a per-type add, i.e., "Add VM Profile" and "Add CT Profile"
  - each provides the id and comment at the top and then has a
    panel with an add button to add a new property.
  - Most properties are simple single-fields, for storage we can add
    more complex widgets too, idealy recycling (parts of) the forms
    and/or panels we already use other where
  - I'd start out with defining good widgets for the most sensible
    properties first, that is naturally a bit subjective, but e.g.,
    memory, max memory, cpu cores, cpu model, storage (mpX, scsiX,
    virtioX), network, including (host)name, DNS (for CTs).
    Anything else can then be a "raw" field for now, and we can add
    further "first-class" widgets for properties that are deemed
    relevant due to feedback from other devs and users.

IMO a create wizard is relatively much work, but not necessarily better,
as seeing all in one view has it's advantage.