[pve-devel] [PATCH storage/qemu-server/manager v6] implement ova/ovf import for file based storages
Dominik Csapak
d.csapak at proxmox.com
Fri Nov 15 16:17:22 CET 2024
This series enables importing ova/ovf from directory based storages,
inclusive upload/download via the webui (ova only).
It also improves the ovf importer by parsing the ostype, nics, bootorder
(and firmware from vmware exported files).
I opted to move the OVF.pm to pve-storage, since there is no
real other place where we could put it. I put it in a new module
'GuestImport'
We now extract the images into either a given target storage or in the
import storage in the 'images' dir so accidentally left over images
are discoverable by the ui/cli.
This version is half rebased on fabians hardening series:
https://lore.proxmox.com/pve-devel/20241104104221.228730-1-f.gruenbichler@proxmox.com/
I sent the qemu-server patch from fabian again but omitted some
problematic checks. I add them later with a check
against the import vtype again (last patch in qemu-server)
changes from v5:
* removed leftover hunks in makefile
* moved ova checks to correct patch
* split up error messages for unexpected format
* remove unnecessary untaint
* reword error message
* reintroduce symlink check in ova/ovf check
* added sanity check for ovas after uploading/downloading
* added new patch for checking import vtypes
* fixed issue with files with absolute path
changes from v4:
* rebased on master/fabians series
* added the file_size_info check for untrusted images after extracting
changes from v3:
* fixed dependencies in control file
* removed unnecessary use statements
* removed unnecessary remove helper
* moved 'needs_extract' helper to qemu-server
* removed import storage param from PUT call
* check down/uploaded ova filename more strictly (same as listing)
* improved filepath checking in ovf
* forbid importing when extracted image references a base/backing file
* instead of trying to manually create a proper filename, use 'alloc' to
create a small (1M) file with the same format and overwrite it with
renaming. this also solves the cluster locking issue
* prefer using PVE::Storage functions instead of plugin methods in
ova extraction code
* use $vollist for cleaning up extracted images in qemu-server and
add manual cleanup for the success case
changes from v2:
* use better 'format' values for embedded images (e.g. ova+vmdk)
* use this format to decide if images should be extracted
* consistent use of the 'safe character' classes when listing
and parsing
* also list vmdk/qcow2/raw images in content listing
(this will be useful when we have a gui for the 'import-from'
in the wizard/disk edit for vms)
* a few gui adaptions
changes from v1:
* move ovf code to GuestImport
* move extract/checking code to GuestImport
* don't return 'image' types from import volumes
* use allow 'safe' characters for filenames of ova/ovfs and inside
* check for non-regular files (e.g. symlinks) after extraction
* add new 'import-extraction-storage' for import
* rename panel in gui for directory storages
* typo fixes
* and probably more, see the individual patches for details
pve-storage:
Dominik Csapak (12):
copy OVF.pm from qemu-server
plugin: dir: implement import content type
plugin: dir: handle ova files for import
ovf: improve and simplify path checking code
ovf: implement parsing the ostype
ovf: implement parsing out firmware type
ovf: implement rudimentary boot order
ovf: implement parsing nics
api: allow ova upload/download
plugin: enable import for nfs/btrfs/cifs/cephfs/glusterfs
add 'import' content type to 'check_volume_access'
plugin: file_size_info: don't ignore base path with whitespace
debian/control | 2 +
src/PVE/API2/Storage/Status.pm | 70 +++-
src/PVE/GuestImport.pm | 79 ++++
src/PVE/GuestImport/Makefile | 3 +
src/PVE/GuestImport/OVF.pm | 386 ++++++++++++++++++
src/PVE/Makefile | 2 +
src/PVE/Storage.pm | 23 +-
src/PVE/Storage/BTRFSPlugin.pm | 5 +
src/PVE/Storage/CIFSPlugin.pm | 6 +-
src/PVE/Storage/CephFSPlugin.pm | 6 +-
src/PVE/Storage/DirPlugin.pm | 52 ++-
src/PVE/Storage/GlusterfsPlugin.pm | 6 +-
src/PVE/Storage/NFSPlugin.pm | 6 +-
src/PVE/Storage/Plugin.pm | 17 +-
src/test/Makefile | 5 +-
src/test/ovf_manifests/Win10-Liz-disk1.vmdk | Bin 0 -> 65536 bytes
src/test/ovf_manifests/Win10-Liz.ovf | 142 +++++++
.../ovf_manifests/Win10-Liz_no_default_ns.ovf | 143 +++++++
.../ovf_manifests/Win_2008_R2_two-disks.ovf | 145 +++++++
src/test/ovf_manifests/disk1.vmdk | Bin 0 -> 65536 bytes
src/test/ovf_manifests/disk2.vmdk | Bin 0 -> 65536 bytes
src/test/parse_volname_test.pm | 33 ++
src/test/path_to_volume_id_test.pm | 21 +
src/test/run_ovf_tests.pl | 85 ++++
24 files changed, 1223 insertions(+), 14 deletions(-)
create mode 100644 src/PVE/GuestImport.pm
create mode 100644 src/PVE/GuestImport/Makefile
create mode 100644 src/PVE/GuestImport/OVF.pm
create mode 100644 src/test/ovf_manifests/Win10-Liz-disk1.vmdk
create mode 100755 src/test/ovf_manifests/Win10-Liz.ovf
create mode 100755 src/test/ovf_manifests/Win10-Liz_no_default_ns.ovf
create mode 100755 src/test/ovf_manifests/Win_2008_R2_two-disks.ovf
create mode 100644 src/test/ovf_manifests/disk1.vmdk
create mode 100644 src/test/ovf_manifests/disk2.vmdk
create mode 100755 src/test/run_ovf_tests.pl
qemu-server:
Dominik Csapak (5):
api: delete unused OVF.pm
use OVF from Storage
api: create: implement extracting disks when needed for import-from
api: create: add 'import-extraction-storage' parameter
api: check untrusted image files for import content type
Fabian Grünbichler (1):
disk import: add additional safeguards for imported image files
PVE/API2/Qemu.pm | 106 ++++++--
PVE/API2/Qemu/Makefile | 2 +-
PVE/API2/Qemu/OVF.pm | 53 ----
PVE/CLI/qm.pm | 4 +-
PVE/QemuServer.pm | 12 +
PVE/QemuServer/Helpers.pm | 5 +
PVE/QemuServer/Makefile | 1 -
PVE/QemuServer/OVF.pm | 242 ------------------
debian/control | 2 -
test/Makefile | 5 +-
test/ovf_manifests/Win10-Liz-disk1.vmdk | Bin 65536 -> 0 bytes
test/ovf_manifests/Win10-Liz.ovf | 142 ----------
.../ovf_manifests/Win10-Liz_no_default_ns.ovf | 142 ----------
test/ovf_manifests/Win_2008_R2_two-disks.ovf | 145 -----------
test/ovf_manifests/disk1.vmdk | Bin 65536 -> 0 bytes
test/ovf_manifests/disk2.vmdk | Bin 65536 -> 0 bytes
test/run_ovf_tests.pl | 71 -----
17 files changed, 112 insertions(+), 820 deletions(-)
delete mode 100644 PVE/API2/Qemu/OVF.pm
delete mode 100644 PVE/QemuServer/OVF.pm
delete mode 100644 test/ovf_manifests/Win10-Liz-disk1.vmdk
delete mode 100755 test/ovf_manifests/Win10-Liz.ovf
delete mode 100755 test/ovf_manifests/Win10-Liz_no_default_ns.ovf
delete mode 100755 test/ovf_manifests/Win_2008_R2_two-disks.ovf
delete mode 100644 test/ovf_manifests/disk1.vmdk
delete mode 100644 test/ovf_manifests/disk2.vmdk
delete mode 100755 test/run_ovf_tests.pl
pve-manager:
Dominik Csapak (9):
ui: fix special 'import' icon for non-esxi storages
ui: guest import: add ova-needs-extracting warning text
ui: enable import content type for relevant storages
ui: enable upload/download/remove buttons for 'import' type storages
ui: disable 'import' button for non importable formats
ui: import: improve rendering of volume names
ui: guest import: add storage selector for ova extraction storage
ui: guest import: change icon/text for non-esxi import storage
ui: import: show size for dir-based storages
www/manager6/Utils.js | 11 +++++++++--
www/manager6/form/ContentTypeSelector.js | 2 +-
www/manager6/storage/Browser.js | 25 ++++++++++++++++++------
www/manager6/storage/CephFSEdit.js | 2 +-
www/manager6/storage/GlusterFsEdit.js | 2 +-
www/manager6/window/GuestImport.js | 24 +++++++++++++++++++++++
www/manager6/window/UploadToStorage.js | 1 +
7 files changed, 56 insertions(+), 11 deletions(-)
--
2.39.5
More information about the pve-devel
mailing list