Hi @DevFlint,
tasks are now correctly visible in the swagger documentation
administrators
Private
Posts
-
RE: REST API create_vm returns task URL that doesn't exist?
-
RE: How to revert VM to snapshot
Hi @slavavrn,
FYI, its now possible to revert a snapshot via the REST API.
POST /vms/:id/actions/revert_snapshot
And the body of the endpoint:{ "snapshotId": <snapshot-id> "snapshotBefore": boolean (optional) } -
RE: Tag-Based Automation Plugin: Tag-Based VM Performance & Permission Management via assigned tag(s)
Hi @johnnezero and thanks for the post!
Just wanted to talk about
PERMISSION SYNC.In the REST API the "permission sync" pattern is actually handled natively by the RBAC system using selectors.
For example, if you want a role that allows a user to manage VM power state only for VMs tagged
dev:- Start from the built-in role template โVMs power state managerโ (just to speed up role creation, but totally optional)
- Create or customize a role with the required VM power privileges (read, start, stop, reboot, etc.)
- Scope each privileges using a selector like:
tags:dev - Then assign the role to your user or group
Once done, the access is fully dynamic:
- Any VM with the
devtag is included in the scope - Removing the tag immediately revokes access
- Adding the tag grants access instantly
- No need to maintain per-VM ACL entries
The key point is that RBAC evaluates privileges at request time based on selectors.
You can also base selectors on other VM properties, not only tags (for example power state, name patterns ...).You can find the doc here
and a dedicated forum thread herePS: For the moment the XO6 UI does not support the RBAC system, but we are working on it
-
RE: Tag-Based Automation Plugin: Tag-Based VM Performance & Permission Management via assigned tag(s)
Thanks a lot. I voted for it.
-
RE: (kubernetes) Add 'xcp-ng' provider to clusterapi
@pszelestey Hi, yes, we've pushed an initial commit and a few more here https://github.com/vatesfr/cluster-api-provider-vates/ it is moging every day. Ping us in Matrix/Discord devops if you want to chat live while trying
-
RE: Slow boot on rocky linux 10 latest kernel
2 paths we are doing in parallel:
- We are doing our best to make it upstream in Linux, it's a regression after all. We know how to fix it, so hopefully this will be fixed quickly. Then, we'll have to wait for a Linux kernel update in main distros.
- Invariant TSC in Xen is also a way to fix it, because we want to improve that anyway. But as Teddy said, it's more work and it will take more time.
-
RE: (kubernetes) Add 'xcp-ng' provider to clusterapi
Expect news in the next XO release
-
RE: Tag-Based Automation Plugin: Tag-Based VM Performance & Permission Management via assigned tag(s)
This is a really nice bit of work, thanks for building it and writing it up.
I'm not deep enough inxo-serverplugin internals to give you useful feedback on the implementation, but the tag-driven approach to CPU weight and IO priority is clever; XO exposes those knobs manually in the VM advanced view, so automating them off tags is a neat layer on top.
The one-ACL-per-VM limitation you mention is interesting; I think that's a genuine gap rather than something you're missing, though I could be wrong.
If multiple ACL assignments per VM would help others too, it might be worth a short entry on https://feedback.vates.tech so the XO folks can see the demand, and @Team-XO-Backend might find the plugin itself interesting.
