[pve-devel] [PATCH pve-docs 2/2] pmxcfs: add more config files and discuss symlinks

Dylan Whyte d.whyte at proxmox.com
Mon Sep 13 18:00:36 CEST 2021 

adds an entry for some config files found in /etc/pve, which were
missing.
alphabetize the list, for better readability and add some minor fixes
also adds an introduction section to the symbolic links section, to
clarify that they're specific to each host

Signed-off-by: Dylan Whyte <d.whyte at proxmox.com>
---
 pmxcfs.adoc | 52 ++++++++++++++++++++++++++++++++++++----------------
 1 file changed, 36 insertions(+), 16 deletions(-)

diff --git a/pmxcfs.adoc b/pmxcfs.adoc
index c0327a2..1dc1c0d 100644
--- a/pmxcfs.adoc
+++ b/pmxcfs.adoc
@@ -93,32 +93,52 @@ Files
 
 [width="100%",cols="m,d"]
 |=======
-|`corosync.conf`                        | Corosync cluster configuration file (previous to {pve} 4.x this file was called cluster.conf)
-|`storage.cfg`                          | {pve} storage configuration
-|`datacenter.cfg`                       | {pve} datacenter wide configuration (keyboard layout, proxy, ...)
-|`user.cfg`                             | {pve} access control configuration (users/groups/...)
+|`authkey.pub`                          | Public key used by the ticket system
+|`ceph.conf`                            | Ceph configuration file (note: /etc/ceph/ceph.conf is a symbolic link to this)
+|`corosync.conf`                        | Corosync cluster configuration file (prior to {pve} 4.x, this file was called cluster.conf)
+|`datacenter.cfg`                       | {pve} data center-wide configuration (keyboard layout, proxy, ...)
 |`domains.cfg`                          | {pve} authentication domains
-|`status.cfg`                           | {pve} external metrics server configuration
-|`authkey.pub`                          | Public key used by ticket system
-|`pve-root-ca.pem`                      | Public certificate of cluster CA
-|`priv/shadow.cfg`                      | Shadow password file
-|`priv/authkey.key`                     | Private key used by ticket system
-|`priv/pve-root-ca.key`                 | Private key of cluster CA
-|`nodes/<NAME>/pve-ssl.pem`             | Public SSL certificate for web server (signed by cluster CA)
+|`firewall/cluster.fw`                  | Firewall configuration applied to all nodes
+|`firewall/<NAME>.fw`                   | Firewall configuration for individual nodes
+|`firewall/<VMID>.fw`                   | Firewall configuration for VMs and containers
+|`ha/crm_commands`                      | Displays HA operations that are currently being carried out by the CRM
+|`ha/manager_status`                    | JSON-formatted information regarding HA services on the cluster
+|`ha/resources.cfg`                     | Resources managed by high availability, and their current state
+|`nodes/<NAME>/config`                  | Node-specific configuration
+|`nodes/<NAME>/lxc/<VMID>.conf`         | VM configuration data for LXC containers
 |`nodes/<NAME>/pve-ssl.key`             | Private SSL key for `pve-ssl.pem`
-|`nodes/<NAME>/pveproxy-ssl.pem`        | Public SSL certificate (chain) for web server (optional override for `pve-ssl.pem`)
+|`nodes/<NAME>/pve-ssl.pem`             | Public SSL certificate for web server (signed by cluster CA)
 |`nodes/<NAME>/pveproxy-ssl.key`        | Private SSL key for `pveproxy-ssl.pem` (optional)
+|`nodes/<NAME>/pveproxy-ssl.pem`        | Public SSL certificate (chain) for web server (optional override for `pve-ssl.pem`)
 |`nodes/<NAME>/qemu-server/<VMID>.conf` | VM configuration data for KVM VMs
-|`nodes/<NAME>/lxc/<VMID>.conf`         | VM configuration data for LXC containers
-|`firewall/cluster.fw`                  | Firewall configuration applied to all nodes
-|`firewall/<NAME>.fw`                   | Firewall configuration for individual nodes
-|`firewall/<VMID>.fw`                   | Firewall configuration for VMs and Containers
+|`priv/authkey.key`                     | Private key used by ticket system
+|`priv/authorized_keys`                 | SSH keys of cluster members for authentication
+|`priv/ceph*`                           | Ceph authentication keys and associated capabilities
+|`priv/known_hosts`                     | SSH keys of the cluster members for verification
+|`priv/lock/*`                          | Lock files used by various services to ensure safe cluster-wide operations
+|`priv/pve-root-ca.key`                 | Private key of cluster CA
+|`priv/shadow.cfg`                      | Shadow password file for PVE Realm users
+|`priv/storage/<STORAGE-ID>.pw`         | Contains the password of a storage in plain text
+|`priv/tfa.cfg`                         | Base64-encoded two-factor authentication configuration
+|`priv/token.cfg`                       | API token secrets of all tokens
+|`pve-root-ca.pem`                      | Public certificate of cluster CA
+|`pve-www.key`                          | Private key used for generating CSRF tokens
+|`sdn/*`                                | Shared configuration files for Software Defined Networking (SDN)
+|`status.cfg`                           | {pve} external metrics server configuration
+|`storage.cfg`                          | {pve} storage configuration
+|`user.cfg`                             | {pve} access control configuration (users/groups/...)
+|`virtual-guest/cpu-models.conf`        | For storing custom CPU models
+|`vzdump.cron`                          | Cluster-wide vzdump backup-job schedule
 |=======
 
 
 Symbolic links
 ~~~~~~~~~~~~~~
 
+Certain directories within the cluster file system use symbolic links, in order
+to point to a node's own configuration files. Thus, the files pointed to in the
+table below refer to different files on each node of the cluster.
+
 [width="100%",cols="m,m"]
 |=======
 |`local`         | `nodes/<LOCAL_HOST_NAME>`
-- 
2.30.2

More information about the pve-devel mailing list