[pve-devel] [PATCH docs] pveproxy: improve LISTEN_IP doc

Thomas Lamprecht t.lamprecht at proxmox.com
Wed Apr 28 13:35:40 CEST 2021

On 28.04.21 13:16, Oguz Bektas wrote:
> * fix small typo
> * add details for link-local addresses
> * mention that pveproxy needs to be restarted
> Signed-off-by: Oguz Bektas <o.bektas at proxmox.com>
> ---
>  pveproxy.adoc | 10 +++++++++-
>  1 file changed, 9 insertions(+), 1 deletion(-)
> diff --git a/pveproxy.adoc b/pveproxy.adoc
> index 08c5f63..b9f8ade 100644
> --- a/pveproxy.adoc
> +++ b/pveproxy.adoc
> @@ -71,10 +71,18 @@ exposure to the public internet:
>   LISTEN_IP=""
> -Similarly you can also set a n IPv6 address:
> +Similarly you can also set an IPv6 address:
>   LISTEN_IP="2001:db8:85a3::1"
> +And for a link-local IPv6 address on vmbr0 (interface name is necessary in this case):

Does not reads like an actual sentence... I'd write something a long the lines of:

"Note, if you want to specify a link-local IPv6 address, you need to provide the interface name itself:"

> +
> + LISTEN_IP="fe80::d8ee:34ff:fe37:4579%vmbr0"
> +
> +After the change you have to restart `pveproxy` for it to take effect:

I'd specifically state that a reload is not enough and then add a small warning that
a restart can stop some existing workers (not all, but e.g., shell connection is stopped
and reconnected which may loose info on CTs without a screen/tmux instance running).
Also, there's a short time window where no new connections are accepted IIRC (albeit
I was the one fixing that for reload it's been to long since then, so not sure anymore)

> +
> + systemctl restart pveproxy

and spiceproxy?

> +
>  WARNING: The nodes in a cluster need access to `pveproxy` for communication,
>  possibly on different sub-nets. It is **not recommended** to set `LISTEN_IP` on
>  clustered systems.

More information about the pve-devel mailing list